diff mbox

[v2] crypto: include crypto- module prefix in template

Message ID 20141124222415.GA21010@www.outflux.net (mailing list archive)
State Superseded
Delegated to: Herbert Xu
Headers show

Commit Message

Kees Cook Nov. 24, 2014, 10:24 p.m. UTC
This adds the module loading prefix "crypto-" to the template lookup
as well.

For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
includes the "crypto-" prefix at every level, correctly rejecting "vfat":

	net-pf-38
	algif-hash
	crypto-vfat(blowfish)
	crypto-vfat(blowfish)-all
	crypto-vfat

Reported-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 crypto/algapi.c     | 4 ++--
 crypto/authenc.c    | 1 +
 crypto/authencesn.c | 1 +
 crypto/cbc.c        | 1 +
 crypto/chainiv.c    | 1 +
 crypto/cmac.c       | 1 +
 crypto/cts.c        | 1 +
 crypto/ecb.c        | 1 +
 crypto/eseqiv.c     | 1 +
 crypto/hmac.c       | 1 +
 crypto/lrw.c        | 1 +
 crypto/pcbc.c       | 1 +
 crypto/seqiv.c      | 1 +
 crypto/vmac.c       | 1 +
 crypto/xcbc.c       | 1 +
 crypto/xts.c        | 1 +
 16 files changed, 17 insertions(+), 2 deletions(-)

Comments

Mathias Krause Nov. 24, 2014, 10:57 p.m. UTC | #1
On 24 November 2014 at 23:24, Kees Cook <keescook@chromium.org> wrote:
> This adds the module loading prefix "crypto-" to the template lookup
> as well.
>
> For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
> includes the "crypto-" prefix at every level, correctly rejecting "vfat":
>
>         net-pf-38
>         algif-hash
>         crypto-vfat(blowfish)
>         crypto-vfat(blowfish)-all
>         crypto-vfat
>
> Reported-by: Mathias Krause <minipli@googlemail.com>
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
>  crypto/algapi.c     | 4 ++--
>  crypto/authenc.c    | 1 +
>  crypto/authencesn.c | 1 +
>  crypto/cbc.c        | 1 +
>  crypto/chainiv.c    | 1 +
>  crypto/cmac.c       | 1 +
>  crypto/cts.c        | 1 +
>  crypto/ecb.c        | 1 +
>  crypto/eseqiv.c     | 1 +
>  crypto/hmac.c       | 1 +
>  crypto/lrw.c        | 1 +
>  crypto/pcbc.c       | 1 +
>  crypto/seqiv.c      | 1 +
>  crypto/vmac.c       | 1 +
>  crypto/xcbc.c       | 1 +
>  crypto/xts.c        | 1 +
>  16 files changed, 17 insertions(+), 2 deletions(-)

The following ones are still missing:

  arch/x86/crypto/fpu.c: needs MODULE_ALIAS_CRYPTO("fpu")
  crypto/ccm.c: needs MODULE_ALIAS_CRYPTO("ccm")
  crypto/cryptd.c: needs MODULE_ALIAS_CRYPTO("cryptd")
  crypto/ctr.c: needs MODULE_ALIAS_CRYPTO("ctr")
  crypto/gcm.c: needs MODULE_ALIAS_CRYPTO("gcm")
  crypto/mcryptd.c: needs MODULE_ALIAS_CRYPTO("mcryptd")
  crypto/pcrypt.c: needs MODULE_ALIAS_CRYPTO("pcrypt")

With that fixed,

Acked-by: Mathias Krause <minipli@googlemail.com>

>
> diff --git a/crypto/algapi.c b/crypto/algapi.c
> index e8d3a7dca8c4..71a8143e23b1 100644
> --- a/crypto/algapi.c
> +++ b/crypto/algapi.c
> @@ -509,8 +509,8 @@ static struct crypto_template *__crypto_lookup_template(const char *name)
>
>  struct crypto_template *crypto_lookup_template(const char *name)
>  {
> -       return try_then_request_module(__crypto_lookup_template(name), "%s",
> -                                      name);
> +       return try_then_request_module(__crypto_lookup_template(name),
> +                                      "crypto-%s", name);
>  }
>  EXPORT_SYMBOL_GPL(crypto_lookup_template);
>
> diff --git a/crypto/authenc.c b/crypto/authenc.c
> index e1223559d5df..78fb16cab13f 100644
> --- a/crypto/authenc.c
> +++ b/crypto/authenc.c
> @@ -721,3 +721,4 @@ module_exit(crypto_authenc_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("Simple AEAD wrapper for IPsec");
> +MODULE_ALIAS_CRYPTO("authenc");
> diff --git a/crypto/authencesn.c b/crypto/authencesn.c
> index 4be0dd4373a9..024bff2344fc 100644
> --- a/crypto/authencesn.c
> +++ b/crypto/authencesn.c
> @@ -814,3 +814,4 @@ module_exit(crypto_authenc_esn_module_exit);
>  MODULE_LICENSE("GPL");
>  MODULE_AUTHOR("Steffen Klassert <steffen.klassert@secunet.com>");
>  MODULE_DESCRIPTION("AEAD wrapper for IPsec with extended sequence numbers");
> +MODULE_ALIAS_CRYPTO("authencesn");
> diff --git a/crypto/cbc.c b/crypto/cbc.c
> index 61ac42e1e32b..780ee27b2d43 100644
> --- a/crypto/cbc.c
> +++ b/crypto/cbc.c
> @@ -289,3 +289,4 @@ module_exit(crypto_cbc_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("CBC block cipher algorithm");
> +MODULE_ALIAS_CRYPTO("cbc");
> diff --git a/crypto/chainiv.c b/crypto/chainiv.c
> index 9c294c8f9a07..63c17d5992f7 100644
> --- a/crypto/chainiv.c
> +++ b/crypto/chainiv.c
> @@ -359,3 +359,4 @@ module_exit(chainiv_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("Chain IV Generator");
> +MODULE_ALIAS_CRYPTO("chainiv");
> diff --git a/crypto/cmac.c b/crypto/cmac.c
> index 50880cf17fad..7a8bfbd548f6 100644
> --- a/crypto/cmac.c
> +++ b/crypto/cmac.c
> @@ -313,3 +313,4 @@ module_exit(crypto_cmac_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("CMAC keyed hash algorithm");
> +MODULE_ALIAS_CRYPTO("cmac");
> diff --git a/crypto/cts.c b/crypto/cts.c
> index 133f0874c95e..bd9405820e8a 100644
> --- a/crypto/cts.c
> +++ b/crypto/cts.c
> @@ -351,3 +351,4 @@ module_exit(crypto_cts_module_exit);
>
>  MODULE_LICENSE("Dual BSD/GPL");
>  MODULE_DESCRIPTION("CTS-CBC CipherText Stealing for CBC");
> +MODULE_ALIAS_CRYPTO("cts");
> diff --git a/crypto/ecb.c b/crypto/ecb.c
> index 935cfef4aa84..12011aff0971 100644
> --- a/crypto/ecb.c
> +++ b/crypto/ecb.c
> @@ -185,3 +185,4 @@ module_exit(crypto_ecb_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("ECB block cipher algorithm");
> +MODULE_ALIAS_CRYPTO("ecb");
> diff --git a/crypto/eseqiv.c b/crypto/eseqiv.c
> index bf7ab4a89493..f116fae766f8 100644
> --- a/crypto/eseqiv.c
> +++ b/crypto/eseqiv.c
> @@ -267,3 +267,4 @@ module_exit(eseqiv_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("Encrypted Sequence Number IV Generator");
> +MODULE_ALIAS_CRYPTO("eseqiv");
> diff --git a/crypto/hmac.c b/crypto/hmac.c
> index e392219ddc61..72e38c098bb3 100644
> --- a/crypto/hmac.c
> +++ b/crypto/hmac.c
> @@ -268,3 +268,4 @@ module_exit(hmac_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("HMAC hash algorithm");
> +MODULE_ALIAS_CRYPTO("hmac");
> diff --git a/crypto/lrw.c b/crypto/lrw.c
> index ba42acc4deba..6f9908a7ebcb 100644
> --- a/crypto/lrw.c
> +++ b/crypto/lrw.c
> @@ -400,3 +400,4 @@ module_exit(crypto_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("LRW block cipher mode");
> +MODULE_ALIAS_CRYPTO("lrw");
> diff --git a/crypto/pcbc.c b/crypto/pcbc.c
> index d1b8bdfb5855..f654965f0933 100644
> --- a/crypto/pcbc.c
> +++ b/crypto/pcbc.c
> @@ -295,3 +295,4 @@ module_exit(crypto_pcbc_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("PCBC block cipher algorithm");
> +MODULE_ALIAS_CRYPTO("pcbc");
> diff --git a/crypto/seqiv.c b/crypto/seqiv.c
> index ee190fcedcd2..9daa854cc485 100644
> --- a/crypto/seqiv.c
> +++ b/crypto/seqiv.c
> @@ -362,3 +362,4 @@ module_exit(seqiv_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("Sequence Number IV Generator");
> +MODULE_ALIAS_CRYPTO("seqiv");
> diff --git a/crypto/vmac.c b/crypto/vmac.c
> index d84c24bd7ff7..df76a816cfb2 100644
> --- a/crypto/vmac.c
> +++ b/crypto/vmac.c
> @@ -713,3 +713,4 @@ module_exit(vmac_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("VMAC hash algorithm");
> +MODULE_ALIAS_CRYPTO("vmac");
> diff --git a/crypto/xcbc.c b/crypto/xcbc.c
> index a5fbdf3738cf..df90b332554c 100644
> --- a/crypto/xcbc.c
> +++ b/crypto/xcbc.c
> @@ -286,3 +286,4 @@ module_exit(crypto_xcbc_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("XCBC keyed hash algorithm");
> +MODULE_ALIAS_CRYPTO("xcbc");
> diff --git a/crypto/xts.c b/crypto/xts.c
> index ca1608f44cb5..f6fd43f100c8 100644
> --- a/crypto/xts.c
> +++ b/crypto/xts.c
> @@ -362,3 +362,4 @@ module_exit(crypto_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("XTS block cipher mode");
> +MODULE_ALIAS_CRYPTO("xts");
> --

Thanks,
Mathias
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/crypto/algapi.c b/crypto/algapi.c
index e8d3a7dca8c4..71a8143e23b1 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -509,8 +509,8 @@  static struct crypto_template *__crypto_lookup_template(const char *name)
 
 struct crypto_template *crypto_lookup_template(const char *name)
 {
-	return try_then_request_module(__crypto_lookup_template(name), "%s",
-				       name);
+	return try_then_request_module(__crypto_lookup_template(name),
+				       "crypto-%s", name);
 }
 EXPORT_SYMBOL_GPL(crypto_lookup_template);
 
diff --git a/crypto/authenc.c b/crypto/authenc.c
index e1223559d5df..78fb16cab13f 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -721,3 +721,4 @@  module_exit(crypto_authenc_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("Simple AEAD wrapper for IPsec");
+MODULE_ALIAS_CRYPTO("authenc");
diff --git a/crypto/authencesn.c b/crypto/authencesn.c
index 4be0dd4373a9..024bff2344fc 100644
--- a/crypto/authencesn.c
+++ b/crypto/authencesn.c
@@ -814,3 +814,4 @@  module_exit(crypto_authenc_esn_module_exit);
 MODULE_LICENSE("GPL");
 MODULE_AUTHOR("Steffen Klassert <steffen.klassert@secunet.com>");
 MODULE_DESCRIPTION("AEAD wrapper for IPsec with extended sequence numbers");
+MODULE_ALIAS_CRYPTO("authencesn");
diff --git a/crypto/cbc.c b/crypto/cbc.c
index 61ac42e1e32b..780ee27b2d43 100644
--- a/crypto/cbc.c
+++ b/crypto/cbc.c
@@ -289,3 +289,4 @@  module_exit(crypto_cbc_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("CBC block cipher algorithm");
+MODULE_ALIAS_CRYPTO("cbc");
diff --git a/crypto/chainiv.c b/crypto/chainiv.c
index 9c294c8f9a07..63c17d5992f7 100644
--- a/crypto/chainiv.c
+++ b/crypto/chainiv.c
@@ -359,3 +359,4 @@  module_exit(chainiv_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("Chain IV Generator");
+MODULE_ALIAS_CRYPTO("chainiv");
diff --git a/crypto/cmac.c b/crypto/cmac.c
index 50880cf17fad..7a8bfbd548f6 100644
--- a/crypto/cmac.c
+++ b/crypto/cmac.c
@@ -313,3 +313,4 @@  module_exit(crypto_cmac_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("CMAC keyed hash algorithm");
+MODULE_ALIAS_CRYPTO("cmac");
diff --git a/crypto/cts.c b/crypto/cts.c
index 133f0874c95e..bd9405820e8a 100644
--- a/crypto/cts.c
+++ b/crypto/cts.c
@@ -351,3 +351,4 @@  module_exit(crypto_cts_module_exit);
 
 MODULE_LICENSE("Dual BSD/GPL");
 MODULE_DESCRIPTION("CTS-CBC CipherText Stealing for CBC");
+MODULE_ALIAS_CRYPTO("cts");
diff --git a/crypto/ecb.c b/crypto/ecb.c
index 935cfef4aa84..12011aff0971 100644
--- a/crypto/ecb.c
+++ b/crypto/ecb.c
@@ -185,3 +185,4 @@  module_exit(crypto_ecb_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("ECB block cipher algorithm");
+MODULE_ALIAS_CRYPTO("ecb");
diff --git a/crypto/eseqiv.c b/crypto/eseqiv.c
index bf7ab4a89493..f116fae766f8 100644
--- a/crypto/eseqiv.c
+++ b/crypto/eseqiv.c
@@ -267,3 +267,4 @@  module_exit(eseqiv_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("Encrypted Sequence Number IV Generator");
+MODULE_ALIAS_CRYPTO("eseqiv");
diff --git a/crypto/hmac.c b/crypto/hmac.c
index e392219ddc61..72e38c098bb3 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -268,3 +268,4 @@  module_exit(hmac_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("HMAC hash algorithm");
+MODULE_ALIAS_CRYPTO("hmac");
diff --git a/crypto/lrw.c b/crypto/lrw.c
index ba42acc4deba..6f9908a7ebcb 100644
--- a/crypto/lrw.c
+++ b/crypto/lrw.c
@@ -400,3 +400,4 @@  module_exit(crypto_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("LRW block cipher mode");
+MODULE_ALIAS_CRYPTO("lrw");
diff --git a/crypto/pcbc.c b/crypto/pcbc.c
index d1b8bdfb5855..f654965f0933 100644
--- a/crypto/pcbc.c
+++ b/crypto/pcbc.c
@@ -295,3 +295,4 @@  module_exit(crypto_pcbc_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("PCBC block cipher algorithm");
+MODULE_ALIAS_CRYPTO("pcbc");
diff --git a/crypto/seqiv.c b/crypto/seqiv.c
index ee190fcedcd2..9daa854cc485 100644
--- a/crypto/seqiv.c
+++ b/crypto/seqiv.c
@@ -362,3 +362,4 @@  module_exit(seqiv_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("Sequence Number IV Generator");
+MODULE_ALIAS_CRYPTO("seqiv");
diff --git a/crypto/vmac.c b/crypto/vmac.c
index d84c24bd7ff7..df76a816cfb2 100644
--- a/crypto/vmac.c
+++ b/crypto/vmac.c
@@ -713,3 +713,4 @@  module_exit(vmac_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("VMAC hash algorithm");
+MODULE_ALIAS_CRYPTO("vmac");
diff --git a/crypto/xcbc.c b/crypto/xcbc.c
index a5fbdf3738cf..df90b332554c 100644
--- a/crypto/xcbc.c
+++ b/crypto/xcbc.c
@@ -286,3 +286,4 @@  module_exit(crypto_xcbc_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("XCBC keyed hash algorithm");
+MODULE_ALIAS_CRYPTO("xcbc");
diff --git a/crypto/xts.c b/crypto/xts.c
index ca1608f44cb5..f6fd43f100c8 100644
--- a/crypto/xts.c
+++ b/crypto/xts.c
@@ -362,3 +362,4 @@  module_exit(crypto_module_exit);
 
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("XTS block cipher mode");
+MODULE_ALIAS_CRYPTO("xts");