| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <fodxwl5yluc62ezyyrj2af4bv5rindnqrueaei4gvmoogqq2fq@5jti3sqfqsi7>
Date: Tue, 16 Dec 2025 18:35:09 -0500
From: Daniel Hodges <daniel@...ielhodges.dev>
To: Song Liu <song@...nel.org>
Cc: Daniel Hodges <git@...ielhodges.dev>, bpf@...r.kernel.org,
ast@...nel.org, andrii@...nel.org, daniel@...earbox.net,
vadim.fedorenko@...ux.dev, yatsenko@...a.com, martin.lau@...ux.dev, eddyz87@...il.com,
haoluo@...gle.com, jolsa@...nel.org, john.fastabend@...il.com, kpsingh@...nel.org,
sdf@...ichev.me, yonghong.song@...ux.dev, herbert@...dor.apana.org.au,
davem@...emloft.net, linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-kselftest@...r.kernel.org
Subject: Re: [PATCH bpf-next v3 2/6] crypto: Add BPF hash algorithm type
registration module
On Wed, Dec 17, 2025 at 06:45:14AM +0900, Song Liu wrote:
> On Sun, Dec 7, 2025 at 7:01 PM Daniel Hodges <git@...ielhodges.dev> wrote:
> >
> > Add bpf_crypto_shash module that registers a hash type with the BPF
> > crypto infrastructure, enabling BPF programs to access kernel hash
> > algorithms through a unified interface.
> >
> > Update the bpf_crypto_type interface with hash-specific callbacks:
> > - alloc_tfm: Allocates crypto_shash context with proper descriptor size
> > - free_tfm: Releases hash transform and context memory
> > - has_algo: Checks algorithm availability via crypto_has_shash()
> > - hash: Performs single-shot hashing via crypto_shash_digest()
> > - digestsize: Returns the output size for the hash algorithm
> > - get_flags: Exposes transform flags to BPF programs
> >
> > Update bpf_shash_ctx to contain crypto_shash transform and shash_desc
> > descriptor to accommodate algorithm-specific descriptor requirements.
> >
> > Signed-off-by: Daniel Hodges <git@...ielhodges.dev>
> > ---
> > crypto/Makefile | 3 ++
> > crypto/bpf_crypto_shash.c | 95 +++++++++++++++++++++++++++++++++++++++
> > 2 files changed, 98 insertions(+)
> > create mode 100644 crypto/bpf_crypto_shash.c
> >
> > diff --git a/crypto/Makefile b/crypto/Makefile
> > index 16a35649dd91..853dff375906 100644
> > --- a/crypto/Makefile
> > +++ b/crypto/Makefile
> > @@ -30,6 +30,9 @@ obj-$(CONFIG_CRYPTO_ECHAINIV) += echainiv.o
> > crypto_hash-y += ahash.o
> > crypto_hash-y += shash.o
> > obj-$(CONFIG_CRYPTO_HASH2) += crypto_hash.o
> > +ifeq ($(CONFIG_BPF_SYSCALL),y)
> > +obj-$(CONFIG_CRYPTO_HASH2) += bpf_crypto_shash.o
> > +endif
> >
> > obj-$(CONFIG_CRYPTO_AKCIPHER2) += akcipher.o
> > obj-$(CONFIG_CRYPTO_SIG2) += sig.o
> > diff --git a/crypto/bpf_crypto_shash.c b/crypto/bpf_crypto_shash.c
> > new file mode 100644
> > index 000000000000..95c178ec0ce8
> > --- /dev/null
> > +++ b/crypto/bpf_crypto_shash.c
> > @@ -0,0 +1,95 @@
> > +// SPDX-License-Identifier: GPL-2.0-only
> > +/* Copyright (c) 2025 Meta Platforms, Inc. and affiliates. */
> > +#include <linux/types.h>
> > +#include <linux/module.h>
> > +#include <linux/bpf_crypto.h>
> > +#include <crypto/hash.h>
> > +
> > +struct bpf_shash_ctx {
> > + struct crypto_shash *tfm;
> > + struct shash_desc desc;
> > +};
> > +
> > +static void *bpf_crypto_shash_alloc_tfm(const char *algo)
> > +{
> > + struct bpf_shash_ctx *ctx;
> > + struct crypto_shash *tfm;
> > +
> > + tfm = crypto_alloc_shash(algo, 0, 0);
> > + if (IS_ERR(tfm))
> > + return tfm;
> > +
> > + ctx = kzalloc(sizeof(*ctx) + crypto_shash_descsize(tfm), GFP_KERNEL);
> > + if (!ctx) {
> > + crypto_free_shash(tfm);
> > + return ERR_PTR(-ENOMEM);
> > + }
> > +
> > + ctx->tfm = tfm;
> > + ctx->desc.tfm = tfm;
> > +
> > + return ctx;
> > +}
>
> What if we let bpf_crypto_shash_alloc_tfm() return a "struct shash_desc"?
> shash_desc->tfm is already struct crypto_shash. This way, we don't need
> bpf_shash_ctx any more. Would this work?
>
> Thanks,
> Song
Yeah, that's much cleaner than the void * return.
-Daniel
Powered by blists - more mailing lists