From patchwork Tue May 7 16:13:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10933257 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 31592912 for ; Tue, 7 May 2019 16:14:10 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 23D44287DE for ; Tue, 7 May 2019 16:14:10 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 179AB28892; Tue, 7 May 2019 16:14:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 34C06287DE for ; Tue, 7 May 2019 16:14:09 +0000 (UTC) Received: (qmail 15535 invoked by uid 550); 7 May 2019 16:13:46 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 14319 invoked from network); 7 May 2019 16:13:45 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=EzKHhVoz8ac5WrBJUOYPI48ana8bRIkhRTi7PVVgpfQ=; b=KS3gLbgNHZtVY2jdTyUeEPPPP1WbGcW/eiR/QF4P3Uaucmox7wXfYTJUnFpbgpTsfQ hw9ztmgKmDgsTnGvw1rlV57ARKRv7m6f1D2DJOnMw49h/5KUiE+yV7/LRiCjRjVAQBPd e4EocfVeor+V1AfwH5yXaMbsyIY1EoffJ5ek0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=EzKHhVoz8ac5WrBJUOYPI48ana8bRIkhRTi7PVVgpfQ=; b=NE+Fa3jEUP+1JfkwTVRyIwmi66n5SskK5Usl71tm6TSBKf1gbx7A5tbEypwW2phiv8 zGDgcp0SQfXD4YIbQYj5YZ6WChf0QOaBx4duvYLt9AbCKq3pnVoZylfQlXt79dSfoE++ AVzJByvUSF1BLOdf7zNTP6Sf3WDwhbk2+iTRx9Ita58x59bTiI0ZR5aaMnpqnYqiG78s NUnhUq3tD5cKfqLRpRsgRGZNSjw/8rHFUZuZu570R2GUH40T094QVOx4GW3SfzJScp0T O/4qrpVN8OESGa4nyHo+KM3XdpPn8ry4IqGCUTdldL9Q/tSE+TyyQ9zu4dkMtLAwYnwl kIAA== X-Gm-Message-State: APjAAAWjr3yGjEFqSEfW2yUXTU9otBPueWRc3hL+s6fpL6CYAPuzFtHl NGyO3FMZbReEXeE6meCYmDrvOg== X-Google-Smtp-Source: APXvYqyGSe2J5kp+fbpzmqO4DRburwBMLORv3hWRJlVcfNP+lmtRv5nKbU9VeJO1al5k21nBvJDiPA== X-Received: by 2002:a17:902:d892:: with SMTP id b18mr25932914plz.209.1557245613269; Tue, 07 May 2019 09:13:33 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Joao Moreira , Eric Biggers , Ingo Molnar , Thomas Gleixner , Borislav Petkov , x86@kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCH v3 1/7] crypto: x86/glue_helper: Add static inline function glue macros Date: Tue, 7 May 2019 09:13:15 -0700 Message-Id: <20190507161321.34611-2-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190507161321.34611-1-keescook@chromium.org> References: <20190507161321.34611-1-keescook@chromium.org> X-Virus-Scanned: ClamAV using ClamSMTP It is possible to indirectly invoke functions with prototypes that do not match those of the respectively used function pointers by using void types or casts. This feature is frequently used as a way of relaxing function invocation, making it possible that different data structures are passed to different functions through the same pointer. Despite the benefits, this can lead to a situation where functions with a given prototype are invoked by pointers with a different prototype. This is undesirable as it may prevent the use of heuristics such as prototype matching-based Control-Flow Integrity, which can be used to prevent ROP-based attacks. One way of fixing this situation is through the use of inline helper functions with prototypes that match the one in the respective invoking pointer. Given the above, the current efforts to improve the Linux security, and the upcoming kernel support to compilers with CFI features, this creates macros to be used to build the needed function definitions, to be used in later patches to camellia, cast6, serpent, twofish, and aesni. Co-developed-by: Joao Moreira Signed-off-by: Kees Cook --- arch/x86/include/asm/crypto/glue_helper.h | 32 +++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/arch/x86/include/asm/crypto/glue_helper.h b/arch/x86/include/asm/crypto/glue_helper.h index d1818634ae7e..3b039d563809 100644 --- a/arch/x86/include/asm/crypto/glue_helper.h +++ b/arch/x86/include/asm/crypto/glue_helper.h @@ -23,6 +23,38 @@ typedef void (*common_glue_xts_func_t)(void *ctx, u128 *dst, const u128 *src, #define GLUE_CTR_FUNC_CAST(fn) ((common_glue_ctr_func_t)(fn)) #define GLUE_XTS_FUNC_CAST(fn) ((common_glue_xts_func_t)(fn)) + +#define GLUE_CAST(func, context) \ +asmlinkage void func(struct context *ctx, u8 *dst, const u8 *src); \ +asmlinkage static inline \ +void func ## _glue(void *ctx, u8 *dst, const u8 *src) \ +{ func((struct context *) ctx, dst, src); } + +#define GLUE_CAST_XOR(func, context) \ +asmlinkage void __ ## func(struct context *ctx, u8 *dst, const u8 *src, \ + bool y); \ +asmlinkage static inline \ +void func(void *ctx, u8 *dst, const u8 *src) \ +{ __ ## func((struct context *) ctx, dst, src, false); } \ +asmlinkage static inline \ +void func ## _xor(void *ctx, u8 *dst, const u8 *src) \ +{ __ ## func((struct context *) ctx, dst, src, true); } + +#define GLUE_CAST_CBC(func, context) \ +asmlinkage void func(struct context *ctx, u8 *dst, const u8 *src); \ +asmlinkage static inline \ +void func ## _cbc_glue(void *ctx, u128 *dst, const u128 *src) \ +{ func((struct context *) ctx, (u8 *) dst, (u8 *) src); } + +#define GLUE_CAST_CTR(func, context) \ +asmlinkage void func(struct context *ctx, u128 *dst, \ + const u128 *src, le128 *iv); \ +asmlinkage static inline \ +void func ## _glue(void *ctx, u128 *dst, const u128 *src, le128 *iv) \ +{ func((struct context *) ctx, dst, src, iv); } + +#define GLUE_CAST_XTS(func, context) GLUE_CAST_CTR(func, context) + struct common_glue_func_entry { unsigned int num_blocks; /* number of blocks that @fn will process */ union { From patchwork Tue May 7 16:13:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10933249 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 93BE813AD for ; Tue, 7 May 2019 16:14:02 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 83DCA287DE for ; Tue, 7 May 2019 16:14:02 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 77055288EF; Tue, 7 May 2019 16:14:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id A1F47287DE for ; Tue, 7 May 2019 16:14:00 +0000 (UTC) Received: (qmail 15500 invoked by uid 550); 7 May 2019 16:13:45 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 14296 invoked from network); 7 May 2019 16:13:44 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=+gp43cyTmmllcaxIQ4TG+re3NYn24SQSQSiXFnheSAU=; b=YK0lHgPvBTxGaGSQqO4HFJaDEZwIv5jDD9OvEpbrQQzfYUrv66NNJMM58w+KVVE5iz wcahnB7VrQ/QonJSfuK8icnxxboPwak1Fr0voWKNXIXx3qPouF6vMsvy53L2n2GBOz68 0xTJdA3WTpSAMM/2ON6ukOFJCJ9UEzXBcYdvM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=+gp43cyTmmllcaxIQ4TG+re3NYn24SQSQSiXFnheSAU=; b=YVazSyutq7+LVOb6bda+JwNjnYWTyk5TG2Egh4jnFrclx8dRGsycV7dasS+TY8OejQ rgclbQ4bnLPh0CpX5mySqOJNhYSc8vmARc48B3mxZCfiq8XEhRo8CT9+40YUbQXekbuM B/dCWCjbILNW+BG1H77pHw3DJtzIgyIJxwUg1LcXcwMANPylUPpuGlE0fJKeqWG1v3M1 fw7d5nIrMcvjrOUTeJd2Mtf1bGcM/W6itIcXvP4Qw41DaQhWm1rfsUbwQCFXthUQYw8y kggduIr/+97OIW3Xt1wwTYuvYvxsoGdwKEepwa9bszw/4RnLETYTN/rywIk/ciSLL5gI SRPA== X-Gm-Message-State: APjAAAWFOBsWlke0XGRlrVE3Gq8AYNw/3vQO7B1NV/UzHEnnhkkIyveH rtJn1WgJAudRzkX3RnxCf+4vgg== X-Google-Smtp-Source: APXvYqyQE79jXaJB/1s0JSIR3S05BVtgFk822IDsEUqV2zTq0MIp+M48nwMFWiEW6e0RH1tlwuxUbQ== X-Received: by 2002:a63:117:: with SMTP id 23mr39965249pgb.34.1557245612506; Tue, 07 May 2019 09:13:32 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Joao Moreira , Eric Biggers , Ingo Molnar , Thomas Gleixner , Borislav Petkov , x86@kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCH v3 2/7] crypto: x86/crypto: Use new glue function macros Date: Tue, 7 May 2019 09:13:16 -0700 Message-Id: <20190507161321.34611-3-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190507161321.34611-1-keescook@chromium.org> References: <20190507161321.34611-1-keescook@chromium.org> X-Virus-Scanned: ClamAV using ClamSMTP From: Joao Moreira Convert to function declaration macros from function prototype casts to avoid trigger Control-Flow Integrity checks during indirect function calls. Signed-off-by: Joao Moreira Co-developed-by: Kees Cook Signed-off-by: Kees Cook --- arch/x86/crypto/serpent_avx2_glue.c | 65 ++++++++++------------- arch/x86/crypto/serpent_avx_glue.c | 58 +++++++------------- arch/x86/crypto/serpent_sse2_glue.c | 27 ++++++---- arch/x86/include/asm/crypto/serpent-avx.h | 28 +++++----- 4 files changed, 80 insertions(+), 98 deletions(-) diff --git a/arch/x86/crypto/serpent_avx2_glue.c b/arch/x86/crypto/serpent_avx2_glue.c index 03347b16ac9d..36a0cd694792 100644 --- a/arch/x86/crypto/serpent_avx2_glue.c +++ b/arch/x86/crypto/serpent_avx2_glue.c @@ -24,18 +24,12 @@ #define SERPENT_AVX2_PARALLEL_BLOCKS 16 /* 16-way AVX2 parallel cipher functions */ -asmlinkage void serpent_ecb_enc_16way(struct serpent_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void serpent_ecb_dec_16way(struct serpent_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void serpent_cbc_dec_16way(void *ctx, u128 *dst, const u128 *src); - -asmlinkage void serpent_ctr_16way(void *ctx, u128 *dst, const u128 *src, - le128 *iv); -asmlinkage void serpent_xts_enc_16way(struct serpent_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); -asmlinkage void serpent_xts_dec_16way(struct serpent_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); +SERPENT_GLUE(serpent_ecb_enc_16way); +SERPENT_GLUE(serpent_ecb_dec_16way); +SERPENT_GLUE_CBC(serpent_cbc_dec_16way); +SERPENT_GLUE_CTR(serpent_ctr_16way); +SERPENT_GLUE_XTS(serpent_xts_enc_16way); +SERPENT_GLUE_XTS(serpent_xts_dec_16way); static int serpent_setkey_skcipher(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) @@ -49,13 +43,13 @@ static const struct common_glue_ctx serpent_enc = { .funcs = { { .num_blocks = 16, - .fn_u = { .ecb = GLUE_FUNC_CAST(serpent_ecb_enc_16way) } + .fn_u = { .ecb = serpent_ecb_enc_16way_glue } }, { .num_blocks = 8, - .fn_u = { .ecb = GLUE_FUNC_CAST(serpent_ecb_enc_8way_avx) } + .fn_u = { .ecb = serpent_ecb_enc_8way_avx_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(__serpent_encrypt) } + .fn_u = { .ecb = __serpent_encrypt_glue } } } }; @@ -65,13 +59,13 @@ static const struct common_glue_ctx serpent_ctr = { .funcs = { { .num_blocks = 16, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(serpent_ctr_16way) } + .fn_u = { .ctr = serpent_ctr_16way_glue } }, { .num_blocks = 8, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(serpent_ctr_8way_avx) } + .fn_u = { .ctr = serpent_ctr_8way_avx_glue } }, { .num_blocks = 1, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(__serpent_crypt_ctr) } + .fn_u = { .ctr = __serpent_crypt_ctr } } } }; @@ -81,13 +75,13 @@ static const struct common_glue_ctx serpent_enc_xts = { .funcs = { { .num_blocks = 16, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(serpent_xts_enc_16way) } + .fn_u = { .xts = serpent_xts_enc_16way_glue } }, { .num_blocks = 8, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(serpent_xts_enc_8way_avx) } + .fn_u = { .xts = serpent_xts_enc_8way_avx_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(serpent_xts_enc) } + .fn_u = { .xts = serpent_xts_enc } } } }; @@ -97,13 +91,13 @@ static const struct common_glue_ctx serpent_dec = { .funcs = { { .num_blocks = 16, - .fn_u = { .ecb = GLUE_FUNC_CAST(serpent_ecb_dec_16way) } + .fn_u = { .ecb = serpent_ecb_dec_16way_glue } }, { .num_blocks = 8, - .fn_u = { .ecb = GLUE_FUNC_CAST(serpent_ecb_dec_8way_avx) } + .fn_u = { .ecb = serpent_ecb_dec_8way_avx_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(__serpent_decrypt) } + .fn_u = { .ecb = __serpent_decrypt_glue } } } }; @@ -113,13 +107,13 @@ static const struct common_glue_ctx serpent_dec_cbc = { .funcs = { { .num_blocks = 16, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(serpent_cbc_dec_16way) } + .fn_u = { .cbc = serpent_cbc_dec_16way_cbc_glue } }, { .num_blocks = 8, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(serpent_cbc_dec_8way_avx) } + .fn_u = { .cbc = serpent_cbc_dec_8way_avx_cbc_glue } }, { .num_blocks = 1, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(__serpent_decrypt) } + .fn_u = { .cbc = __serpent_decrypt_cbc_glue } } } }; @@ -129,13 +123,13 @@ static const struct common_glue_ctx serpent_dec_xts = { .funcs = { { .num_blocks = 16, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(serpent_xts_dec_16way) } + .fn_u = { .xts = serpent_xts_dec_16way_glue } }, { .num_blocks = 8, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(serpent_xts_dec_8way_avx) } + .fn_u = { .xts = serpent_xts_dec_8way_avx_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(serpent_xts_dec) } + .fn_u = { .xts = serpent_xts_dec } } } }; @@ -151,8 +145,7 @@ static int ecb_decrypt(struct skcipher_request *req) static int cbc_encrypt(struct skcipher_request *req) { - return glue_cbc_encrypt_req_128bit(GLUE_FUNC_CAST(__serpent_encrypt), - req); + return glue_cbc_encrypt_req_128bit(__serpent_encrypt_glue, req); } static int cbc_decrypt(struct skcipher_request *req) @@ -171,8 +164,8 @@ static int xts_encrypt(struct skcipher_request *req) struct serpent_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&serpent_enc_xts, req, - XTS_TWEAK_CAST(__serpent_encrypt), - &ctx->tweak_ctx, &ctx->crypt_ctx); + __serpent_encrypt_glue, &ctx->tweak_ctx, + &ctx->crypt_ctx); } static int xts_decrypt(struct skcipher_request *req) @@ -181,8 +174,8 @@ static int xts_decrypt(struct skcipher_request *req) struct serpent_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&serpent_dec_xts, req, - XTS_TWEAK_CAST(__serpent_encrypt), - &ctx->tweak_ctx, &ctx->crypt_ctx); + __serpent_encrypt_glue, &ctx->tweak_ctx, + &ctx->crypt_ctx); } static struct skcipher_alg serpent_algs[] = { diff --git a/arch/x86/crypto/serpent_avx_glue.c b/arch/x86/crypto/serpent_avx_glue.c index 458567ecf76c..897bb3f0116d 100644 --- a/arch/x86/crypto/serpent_avx_glue.c +++ b/arch/x86/crypto/serpent_avx_glue.c @@ -35,28 +35,11 @@ #include /* 8-way parallel cipher functions */ -asmlinkage void serpent_ecb_enc_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src); EXPORT_SYMBOL_GPL(serpent_ecb_enc_8way_avx); - -asmlinkage void serpent_ecb_dec_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src); EXPORT_SYMBOL_GPL(serpent_ecb_dec_8way_avx); - -asmlinkage void serpent_cbc_dec_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src); EXPORT_SYMBOL_GPL(serpent_cbc_dec_8way_avx); - -asmlinkage void serpent_ctr_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); EXPORT_SYMBOL_GPL(serpent_ctr_8way_avx); - -asmlinkage void serpent_xts_enc_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); EXPORT_SYMBOL_GPL(serpent_xts_enc_8way_avx); - -asmlinkage void serpent_xts_dec_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); EXPORT_SYMBOL_GPL(serpent_xts_dec_8way_avx); void __serpent_crypt_ctr(void *ctx, u128 *dst, const u128 *src, le128 *iv) @@ -73,15 +56,13 @@ EXPORT_SYMBOL_GPL(__serpent_crypt_ctr); void serpent_xts_enc(void *ctx, u128 *dst, const u128 *src, le128 *iv) { - glue_xts_crypt_128bit_one(ctx, dst, src, iv, - GLUE_FUNC_CAST(__serpent_encrypt)); + glue_xts_crypt_128bit_one(ctx, dst, src, iv, __serpent_encrypt_glue); } EXPORT_SYMBOL_GPL(serpent_xts_enc); void serpent_xts_dec(void *ctx, u128 *dst, const u128 *src, le128 *iv) { - glue_xts_crypt_128bit_one(ctx, dst, src, iv, - GLUE_FUNC_CAST(__serpent_decrypt)); + glue_xts_crypt_128bit_one(ctx, dst, src, iv, __serpent_decrypt_glue); } EXPORT_SYMBOL_GPL(serpent_xts_dec); @@ -117,10 +98,10 @@ static const struct common_glue_ctx serpent_enc = { .funcs = { { .num_blocks = SERPENT_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(serpent_ecb_enc_8way_avx) } + .fn_u = { .ecb = serpent_ecb_enc_8way_avx_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(__serpent_encrypt) } + .fn_u = { .ecb = __serpent_encrypt_glue } } } }; @@ -130,10 +111,10 @@ static const struct common_glue_ctx serpent_ctr = { .funcs = { { .num_blocks = SERPENT_PARALLEL_BLOCKS, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(serpent_ctr_8way_avx) } + .fn_u = { .ctr = serpent_ctr_8way_avx_glue } }, { .num_blocks = 1, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(__serpent_crypt_ctr) } + .fn_u = { .ctr = __serpent_crypt_ctr } } } }; @@ -143,10 +124,10 @@ static const struct common_glue_ctx serpent_enc_xts = { .funcs = { { .num_blocks = SERPENT_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(serpent_xts_enc_8way_avx) } + .fn_u = { .xts = serpent_xts_enc_8way_avx_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(serpent_xts_enc) } + .fn_u = { .xts = serpent_xts_enc } } } }; @@ -156,10 +137,10 @@ static const struct common_glue_ctx serpent_dec = { .funcs = { { .num_blocks = SERPENT_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(serpent_ecb_dec_8way_avx) } + .fn_u = { .ecb = serpent_ecb_dec_8way_avx_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(__serpent_decrypt) } + .fn_u = { .ecb = __serpent_decrypt_glue } } } }; @@ -169,10 +150,10 @@ static const struct common_glue_ctx serpent_dec_cbc = { .funcs = { { .num_blocks = SERPENT_PARALLEL_BLOCKS, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(serpent_cbc_dec_8way_avx) } + .fn_u = { .cbc = serpent_cbc_dec_8way_avx_cbc_glue } }, { .num_blocks = 1, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(__serpent_decrypt) } + .fn_u = { .cbc = __serpent_decrypt_cbc_glue } } } }; @@ -182,10 +163,10 @@ static const struct common_glue_ctx serpent_dec_xts = { .funcs = { { .num_blocks = SERPENT_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(serpent_xts_dec_8way_avx) } + .fn_u = { .xts = serpent_xts_dec_8way_avx_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(serpent_xts_dec) } + .fn_u = { .xts = serpent_xts_dec } } } }; @@ -201,8 +182,7 @@ static int ecb_decrypt(struct skcipher_request *req) static int cbc_encrypt(struct skcipher_request *req) { - return glue_cbc_encrypt_req_128bit(GLUE_FUNC_CAST(__serpent_encrypt), - req); + return glue_cbc_encrypt_req_128bit(__serpent_encrypt_glue, req); } static int cbc_decrypt(struct skcipher_request *req) @@ -221,8 +201,8 @@ static int xts_encrypt(struct skcipher_request *req) struct serpent_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&serpent_enc_xts, req, - XTS_TWEAK_CAST(__serpent_encrypt), - &ctx->tweak_ctx, &ctx->crypt_ctx); + __serpent_encrypt_glue, &ctx->tweak_ctx, + &ctx->crypt_ctx); } static int xts_decrypt(struct skcipher_request *req) @@ -231,8 +211,8 @@ static int xts_decrypt(struct skcipher_request *req) struct serpent_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&serpent_dec_xts, req, - XTS_TWEAK_CAST(__serpent_encrypt), - &ctx->tweak_ctx, &ctx->crypt_ctx); + __serpent_encrypt_glue, &ctx->tweak_ctx, + &ctx->crypt_ctx); } static struct skcipher_alg serpent_algs[] = { diff --git a/arch/x86/crypto/serpent_sse2_glue.c b/arch/x86/crypto/serpent_sse2_glue.c index 3dafe137596a..135f6b616bc6 100644 --- a/arch/x86/crypto/serpent_sse2_glue.c +++ b/arch/x86/crypto/serpent_sse2_glue.c @@ -40,6 +40,15 @@ #include #include +#define SERPENT_GLUE(func) GLUE_CAST(func, serpent_ctx) +#define SERPENT_GLUE_CBC(func) GLUE_CAST_CBC(func, serpent_ctx) + +SERPENT_GLUE(__serpent_encrypt); +SERPENT_GLUE(__serpent_decrypt); +SERPENT_GLUE_CBC(__serpent_decrypt); +SERPENT_GLUE(serpent_enc_blk_xway); +SERPENT_GLUE(serpent_dec_blk_xway); + static int serpent_setkey_skcipher(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { @@ -94,10 +103,10 @@ static const struct common_glue_ctx serpent_enc = { .funcs = { { .num_blocks = SERPENT_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(serpent_enc_blk_xway) } + .fn_u = { .ecb = serpent_enc_blk_xway_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(__serpent_encrypt) } + .fn_u = { .ecb = __serpent_encrypt_glue } } } }; @@ -107,10 +116,10 @@ static const struct common_glue_ctx serpent_ctr = { .funcs = { { .num_blocks = SERPENT_PARALLEL_BLOCKS, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(serpent_crypt_ctr_xway) } + .fn_u = { .ctr = serpent_crypt_ctr_xway } }, { .num_blocks = 1, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(serpent_crypt_ctr) } + .fn_u = { .ctr = serpent_crypt_ctr } } } }; @@ -120,10 +129,10 @@ static const struct common_glue_ctx serpent_dec = { .funcs = { { .num_blocks = SERPENT_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(serpent_dec_blk_xway) } + .fn_u = { .ecb = serpent_dec_blk_xway_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(__serpent_decrypt) } + .fn_u = { .ecb = __serpent_decrypt_glue } } } }; @@ -133,10 +142,10 @@ static const struct common_glue_ctx serpent_dec_cbc = { .funcs = { { .num_blocks = SERPENT_PARALLEL_BLOCKS, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(serpent_decrypt_cbc_xway) } + .fn_u = { .cbc = serpent_decrypt_cbc_xway } }, { .num_blocks = 1, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(__serpent_decrypt) } + .fn_u = { .cbc = __serpent_decrypt_cbc_glue } } } }; @@ -152,7 +161,7 @@ static int ecb_decrypt(struct skcipher_request *req) static int cbc_encrypt(struct skcipher_request *req) { - return glue_cbc_encrypt_req_128bit(GLUE_FUNC_CAST(__serpent_encrypt), + return glue_cbc_encrypt_req_128bit(__serpent_encrypt_glue, req); } diff --git a/arch/x86/include/asm/crypto/serpent-avx.h b/arch/x86/include/asm/crypto/serpent-avx.h index db7c9cc32234..c95059be3ae6 100644 --- a/arch/x86/include/asm/crypto/serpent-avx.h +++ b/arch/x86/include/asm/crypto/serpent-avx.h @@ -15,20 +15,20 @@ struct serpent_xts_ctx { struct serpent_ctx crypt_ctx; }; -asmlinkage void serpent_ecb_enc_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void serpent_ecb_dec_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src); - -asmlinkage void serpent_cbc_dec_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void serpent_ctr_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); - -asmlinkage void serpent_xts_enc_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); -asmlinkage void serpent_xts_dec_8way_avx(struct serpent_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); +#define SERPENT_GLUE(func) GLUE_CAST(func, serpent_ctx) +#define SERPENT_GLUE_CBC(func) GLUE_CAST_CBC(func, serpent_ctx) +#define SERPENT_GLUE_CTR(func) GLUE_CAST_CTR(func, serpent_ctx) +#define SERPENT_GLUE_XTS(func) GLUE_CAST_XTS(func, serpent_ctx) + +SERPENT_GLUE(__serpent_encrypt); +SERPENT_GLUE(__serpent_decrypt); +SERPENT_GLUE_CBC(__serpent_decrypt); +SERPENT_GLUE(serpent_ecb_enc_8way_avx); +SERPENT_GLUE(serpent_ecb_dec_8way_avx); +SERPENT_GLUE_CBC(serpent_cbc_dec_8way_avx); +SERPENT_GLUE_CTR(serpent_ctr_8way_avx); +SERPENT_GLUE_XTS(serpent_xts_enc_8way_avx); +SERPENT_GLUE_XTS(serpent_xts_dec_8way_avx); extern void __serpent_crypt_ctr(void *ctx, u128 *dst, const u128 *src, le128 *iv); From patchwork Tue May 7 16:13:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10933267 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4FE841390 for ; Tue, 7 May 2019 16:14:46 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 421F8287DE for ; Tue, 7 May 2019 16:14:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 35FD028892; Tue, 7 May 2019 16:14:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 2D2BE287DE for ; Tue, 7 May 2019 16:14:44 +0000 (UTC) Received: (qmail 15642 invoked by uid 550); 7 May 2019 16:13:49 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 15519 invoked from network); 7 May 2019 16:13:46 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Pdo2fDDScMJxI15GIUPVgXWJIP7ArFHUMTEq/Lf9Zv8=; b=Zz0b/LtwgZrzNFkuiEEiWHaYLP93VeTNLBgNkOCZhOS1anyRhOevXHzi7tcEJu70Dt rl9zS0AMhyK/hQTX1Dls/CjIGHL3KAlpRXJGKDwz66abAthefKlGqGr3Nc5yfhaR3kdk /21NsWLCC7lJC4bP8LBYyeyKqg9kVsLJakAa4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Pdo2fDDScMJxI15GIUPVgXWJIP7ArFHUMTEq/Lf9Zv8=; b=fRncKZidxdJPEecw7+Lg7IRfY5HFv96Vch7usG+giE+9dNH8iQDsYQRHp8hLViQD0h if1V4Zl1aaL7KUf/yTrY2aByErqvxepqbRY2kyZm9ASa5nR4Vr/fbS/nQZQe6jIUtRE6 wHR4W1GkwIy4vv/RRQec+9LAyEvJza4+gXyYLgj7gWZRmUQMvTpQ3iwt+EhFnCzScb++ dO01lsIanCJypFOz7A7C/M0Y92/dDx7M6h65q9zcgv8TAPSoqOs9NLzI4zW0uS1S7rVX PrNyroL40WZnNljSQF/dJpJshFk0uJYwN5h7IDVpR0kZrZD4K3Qm65u+wYZMtXS1FFjm nqhQ== X-Gm-Message-State: APjAAAVo/vXtGG429u3iuWmoW5gmTS5SS07YpPesVAuzoM3UemRmh7GM nmjYcaDCM4l7TTs3WALPqJnasA== X-Google-Smtp-Source: APXvYqzQFT6xa8JDTpTl0sGVkqI+BoD4/0Vgk+aIQRVcxNo0JN4QX2WqTaadN98jgYPmKbJURmesww== X-Received: by 2002:a62:e718:: with SMTP id s24mr19331776pfh.247.1557245614661; Tue, 07 May 2019 09:13:34 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Joao Moreira , Eric Biggers , Ingo Molnar , Thomas Gleixner , Borislav Petkov , x86@kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCH v3 3/7] crypto: x86/camellia: Use new glue function macros Date: Tue, 7 May 2019 09:13:17 -0700 Message-Id: <20190507161321.34611-4-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190507161321.34611-1-keescook@chromium.org> References: <20190507161321.34611-1-keescook@chromium.org> X-Virus-Scanned: ClamAV using ClamSMTP From: Joao Moreira Convert to function declaration macros from function prototype casts to avoid trigger Control-Flow Integrity checks during indirect function calls. Signed-off-by: Joao Moreira Co-developed-by: Kees Cook Signed-off-by: Kees Cook --- arch/x86/crypto/camellia_aesni_avx2_glue.c | 73 +++++++++------------- arch/x86/crypto/camellia_aesni_avx_glue.c | 63 +++++++------------ arch/x86/crypto/camellia_glue.c | 21 +++---- arch/x86/include/asm/crypto/camellia.h | 64 ++++++------------- 4 files changed, 80 insertions(+), 141 deletions(-) diff --git a/arch/x86/crypto/camellia_aesni_avx2_glue.c b/arch/x86/crypto/camellia_aesni_avx2_glue.c index d4992e458f92..863a336fd4f5 100644 --- a/arch/x86/crypto/camellia_aesni_avx2_glue.c +++ b/arch/x86/crypto/camellia_aesni_avx2_glue.c @@ -24,20 +24,12 @@ #define CAMELLIA_AESNI_AVX2_PARALLEL_BLOCKS 32 /* 32-way AVX2/AES-NI parallel cipher functions */ -asmlinkage void camellia_ecb_enc_32way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void camellia_ecb_dec_32way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src); - -asmlinkage void camellia_cbc_dec_32way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void camellia_ctr_32way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); - -asmlinkage void camellia_xts_enc_32way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); -asmlinkage void camellia_xts_dec_32way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); +CAMELLIA_GLUE(camellia_ecb_enc_32way); +CAMELLIA_GLUE(camellia_ecb_dec_32way); +CAMELLIA_GLUE_CBC(camellia_cbc_dec_32way); +CAMELLIA_GLUE_CTR(camellia_ctr_32way); +CAMELLIA_GLUE_XTS(camellia_xts_enc_32way); +CAMELLIA_GLUE_XTS(camellia_xts_dec_32way); static const struct common_glue_ctx camellia_enc = { .num_funcs = 4, @@ -45,16 +37,16 @@ static const struct common_glue_ctx camellia_enc = { .funcs = { { .num_blocks = CAMELLIA_AESNI_AVX2_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_ecb_enc_32way) } + .fn_u = { .ecb = camellia_ecb_enc_32way_glue } }, { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_ecb_enc_16way) } + .fn_u = { .ecb = camellia_ecb_enc_16way_glue } }, { .num_blocks = 2, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_enc_blk_2way) } + .fn_u = { .ecb = camellia_enc_blk_2way } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_enc_blk) } + .fn_u = { .ecb = camellia_enc_blk } } } }; @@ -64,16 +56,16 @@ static const struct common_glue_ctx camellia_ctr = { .funcs = { { .num_blocks = CAMELLIA_AESNI_AVX2_PARALLEL_BLOCKS, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(camellia_ctr_32way) } + .fn_u = { .ctr = camellia_ctr_32way_glue } }, { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(camellia_ctr_16way) } + .fn_u = { .ctr = camellia_ctr_16way_glue } }, { .num_blocks = 2, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(camellia_crypt_ctr_2way) } + .fn_u = { .ctr = camellia_crypt_ctr_2way } }, { .num_blocks = 1, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(camellia_crypt_ctr) } + .fn_u = { .ctr = camellia_crypt_ctr } } } }; @@ -83,13 +75,13 @@ static const struct common_glue_ctx camellia_enc_xts = { .funcs = { { .num_blocks = CAMELLIA_AESNI_AVX2_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(camellia_xts_enc_32way) } + .fn_u = { .xts = camellia_xts_enc_32way_glue } }, { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(camellia_xts_enc_16way) } + .fn_u = { .xts = camellia_xts_enc_16way_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(camellia_xts_enc) } + .fn_u = { .xts = camellia_xts_enc } } } }; @@ -99,16 +91,16 @@ static const struct common_glue_ctx camellia_dec = { .funcs = { { .num_blocks = CAMELLIA_AESNI_AVX2_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_ecb_dec_32way) } + .fn_u = { .ecb = camellia_ecb_dec_32way_glue } }, { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_ecb_dec_16way) } + .fn_u = { .ecb = camellia_ecb_dec_16way_glue } }, { .num_blocks = 2, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_dec_blk_2way) } + .fn_u = { .ecb = camellia_dec_blk_2way_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_dec_blk) } + .fn_u = { .ecb = camellia_dec_blk_glue } } } }; @@ -118,16 +110,16 @@ static const struct common_glue_ctx camellia_dec_cbc = { .funcs = { { .num_blocks = CAMELLIA_AESNI_AVX2_PARALLEL_BLOCKS, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(camellia_cbc_dec_32way) } + .fn_u = { .cbc = camellia_cbc_dec_32way_cbc_glue } }, { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(camellia_cbc_dec_16way) } + .fn_u = { .cbc = camellia_cbc_dec_16way_cbc_glue } }, { .num_blocks = 2, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(camellia_decrypt_cbc_2way) } + .fn_u = { .cbc = camellia_decrypt_cbc_2way } }, { .num_blocks = 1, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(camellia_dec_blk) } + .fn_u = { .cbc = camellia_dec_blk_cbc_glue } } } }; @@ -137,13 +129,13 @@ static const struct common_glue_ctx camellia_dec_xts = { .funcs = { { .num_blocks = CAMELLIA_AESNI_AVX2_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(camellia_xts_dec_32way) } + .fn_u = { .xts = camellia_xts_dec_32way_glue } }, { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(camellia_xts_dec_16way) } + .fn_u = { .xts = camellia_xts_dec_16way_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(camellia_xts_dec) } + .fn_u = { .xts = camellia_xts_dec } } } }; @@ -166,8 +158,7 @@ static int ecb_decrypt(struct skcipher_request *req) static int cbc_encrypt(struct skcipher_request *req) { - return glue_cbc_encrypt_req_128bit(GLUE_FUNC_CAST(camellia_enc_blk), - req); + return glue_cbc_encrypt_req_128bit(camellia_enc_blk, req); } static int cbc_decrypt(struct skcipher_request *req) @@ -185,8 +176,7 @@ static int xts_encrypt(struct skcipher_request *req) struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct camellia_xts_ctx *ctx = crypto_skcipher_ctx(tfm); - return glue_xts_req_128bit(&camellia_enc_xts, req, - XTS_TWEAK_CAST(camellia_enc_blk), + return glue_xts_req_128bit(&camellia_enc_xts, req, camellia_enc_blk, &ctx->tweak_ctx, &ctx->crypt_ctx); } @@ -195,8 +185,7 @@ static int xts_decrypt(struct skcipher_request *req) struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct camellia_xts_ctx *ctx = crypto_skcipher_ctx(tfm); - return glue_xts_req_128bit(&camellia_dec_xts, req, - XTS_TWEAK_CAST(camellia_enc_blk), + return glue_xts_req_128bit(&camellia_dec_xts, req, camellia_enc_blk, &ctx->tweak_ctx, &ctx->crypt_ctx); } diff --git a/arch/x86/crypto/camellia_aesni_avx_glue.c b/arch/x86/crypto/camellia_aesni_avx_glue.c index d09f6521466a..182c23180377 100644 --- a/arch/x86/crypto/camellia_aesni_avx_glue.c +++ b/arch/x86/crypto/camellia_aesni_avx_glue.c @@ -11,7 +11,6 @@ */ #include -#include #include #include #include @@ -23,41 +22,22 @@ #define CAMELLIA_AESNI_PARALLEL_BLOCKS 16 /* 16-way parallel cipher functions (avx/aes-ni) */ -asmlinkage void camellia_ecb_enc_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src); EXPORT_SYMBOL_GPL(camellia_ecb_enc_16way); - -asmlinkage void camellia_ecb_dec_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src); EXPORT_SYMBOL_GPL(camellia_ecb_dec_16way); - -asmlinkage void camellia_cbc_dec_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src); EXPORT_SYMBOL_GPL(camellia_cbc_dec_16way); - -asmlinkage void camellia_ctr_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); EXPORT_SYMBOL_GPL(camellia_ctr_16way); - -asmlinkage void camellia_xts_enc_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); EXPORT_SYMBOL_GPL(camellia_xts_enc_16way); - -asmlinkage void camellia_xts_dec_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); EXPORT_SYMBOL_GPL(camellia_xts_dec_16way); void camellia_xts_enc(void *ctx, u128 *dst, const u128 *src, le128 *iv) { - glue_xts_crypt_128bit_one(ctx, dst, src, iv, - GLUE_FUNC_CAST(camellia_enc_blk)); + glue_xts_crypt_128bit_one(ctx, dst, src, iv, camellia_enc_blk); } EXPORT_SYMBOL_GPL(camellia_xts_enc); void camellia_xts_dec(void *ctx, u128 *dst, const u128 *src, le128 *iv) { - glue_xts_crypt_128bit_one(ctx, dst, src, iv, - GLUE_FUNC_CAST(camellia_dec_blk)); + glue_xts_crypt_128bit_one(ctx, dst, src, iv, camellia_dec_blk_glue); } EXPORT_SYMBOL_GPL(camellia_xts_dec); @@ -67,13 +47,13 @@ static const struct common_glue_ctx camellia_enc = { .funcs = { { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_ecb_enc_16way) } + .fn_u = { .ecb = camellia_ecb_enc_16way_glue } }, { .num_blocks = 2, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_enc_blk_2way) } + .fn_u = { .ecb = camellia_enc_blk_2way } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_enc_blk) } + .fn_u = { .ecb = camellia_enc_blk } } } }; @@ -83,13 +63,13 @@ static const struct common_glue_ctx camellia_ctr = { .funcs = { { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(camellia_ctr_16way) } + .fn_u = { .ctr = camellia_ctr_16way_glue } }, { .num_blocks = 2, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(camellia_crypt_ctr_2way) } + .fn_u = { .ctr = camellia_crypt_ctr_2way } }, { .num_blocks = 1, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(camellia_crypt_ctr) } + .fn_u = { .ctr = camellia_crypt_ctr } } } }; @@ -99,10 +79,10 @@ static const struct common_glue_ctx camellia_enc_xts = { .funcs = { { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(camellia_xts_enc_16way) } + .fn_u = { .xts = camellia_xts_enc_16way_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(camellia_xts_enc) } + .fn_u = { .xts = camellia_xts_enc } } } }; @@ -112,13 +92,13 @@ static const struct common_glue_ctx camellia_dec = { .funcs = { { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_ecb_dec_16way) } + .fn_u = { .ecb = camellia_ecb_dec_16way_glue } }, { .num_blocks = 2, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_dec_blk_2way) } + .fn_u = { .ecb = camellia_dec_blk_2way_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_dec_blk) } + .fn_u = { .ecb = camellia_dec_blk_glue } } } }; @@ -128,13 +108,13 @@ static const struct common_glue_ctx camellia_dec_cbc = { .funcs = { { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(camellia_cbc_dec_16way) } + .fn_u = { .cbc = camellia_cbc_dec_16way_cbc_glue } }, { .num_blocks = 2, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(camellia_decrypt_cbc_2way) } + .fn_u = { .cbc = camellia_decrypt_cbc_2way } }, { .num_blocks = 1, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(camellia_dec_blk) } + .fn_u = { .cbc = camellia_dec_blk_cbc_glue } } } }; @@ -144,10 +124,10 @@ static const struct common_glue_ctx camellia_dec_xts = { .funcs = { { .num_blocks = CAMELLIA_AESNI_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(camellia_xts_dec_16way) } + .fn_u = { .xts = camellia_xts_dec_16way_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(camellia_xts_dec) } + .fn_u = { .xts = camellia_xts_dec } } } }; @@ -170,8 +150,7 @@ static int ecb_decrypt(struct skcipher_request *req) static int cbc_encrypt(struct skcipher_request *req) { - return glue_cbc_encrypt_req_128bit(GLUE_FUNC_CAST(camellia_enc_blk), - req); + return glue_cbc_encrypt_req_128bit(camellia_enc_blk, req); } static int cbc_decrypt(struct skcipher_request *req) @@ -212,7 +191,7 @@ static int xts_encrypt(struct skcipher_request *req) struct camellia_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&camellia_enc_xts, req, - XTS_TWEAK_CAST(camellia_enc_blk), + camellia_enc_blk, &ctx->tweak_ctx, &ctx->crypt_ctx); } @@ -222,7 +201,7 @@ static int xts_decrypt(struct skcipher_request *req) struct camellia_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&camellia_dec_xts, req, - XTS_TWEAK_CAST(camellia_enc_blk), + camellia_enc_blk, &ctx->tweak_ctx, &ctx->crypt_ctx); } diff --git a/arch/x86/crypto/camellia_glue.c b/arch/x86/crypto/camellia_glue.c index dcd5e0f71b00..23173046a609 100644 --- a/arch/x86/crypto/camellia_glue.c +++ b/arch/x86/crypto/camellia_glue.c @@ -1320,7 +1320,7 @@ void camellia_crypt_ctr_2way(void *ctx, u128 *dst, const u128 *src, le128 *iv) le128_to_be128(&ctrblks[1], iv); le128_inc(iv); - camellia_enc_blk_xor_2way(ctx, (u8 *)dst, (u8 *)ctrblks); + camellia_enc_blk_2way_xor(ctx, (u8 *)dst, (u8 *)ctrblks); } EXPORT_SYMBOL_GPL(camellia_crypt_ctr_2way); @@ -1330,10 +1330,10 @@ static const struct common_glue_ctx camellia_enc = { .funcs = { { .num_blocks = 2, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_enc_blk_2way) } + .fn_u = { .ecb = camellia_enc_blk_2way } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_enc_blk) } + .fn_u = { .ecb = camellia_enc_blk } } } }; @@ -1343,10 +1343,10 @@ static const struct common_glue_ctx camellia_ctr = { .funcs = { { .num_blocks = 2, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(camellia_crypt_ctr_2way) } + .fn_u = { .ctr = camellia_crypt_ctr_2way } }, { .num_blocks = 1, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(camellia_crypt_ctr) } + .fn_u = { .ctr = camellia_crypt_ctr } } } }; @@ -1356,10 +1356,10 @@ static const struct common_glue_ctx camellia_dec = { .funcs = { { .num_blocks = 2, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_dec_blk_2way) } + .fn_u = { .ecb = camellia_dec_blk_2way_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(camellia_dec_blk) } + .fn_u = { .ecb = camellia_dec_blk_glue } } } }; @@ -1369,10 +1369,10 @@ static const struct common_glue_ctx camellia_dec_cbc = { .funcs = { { .num_blocks = 2, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(camellia_decrypt_cbc_2way) } + .fn_u = { .cbc = camellia_decrypt_cbc_2way } }, { .num_blocks = 1, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(camellia_dec_blk) } + .fn_u = { .cbc = camellia_dec_blk_cbc_glue } } } }; @@ -1388,8 +1388,7 @@ static int ecb_decrypt(struct skcipher_request *req) static int cbc_encrypt(struct skcipher_request *req) { - return glue_cbc_encrypt_req_128bit(GLUE_FUNC_CAST(camellia_enc_blk), - req); + return glue_cbc_encrypt_req_128bit(camellia_enc_blk, req); } static int cbc_decrypt(struct skcipher_request *req) diff --git a/arch/x86/include/asm/crypto/camellia.h b/arch/x86/include/asm/crypto/camellia.h index a5d86fc0593f..4a55b037c422 100644 --- a/arch/x86/include/asm/crypto/camellia.h +++ b/arch/x86/include/asm/crypto/camellia.h @@ -2,6 +2,7 @@ #ifndef ASM_X86_CAMELLIA_H #define ASM_X86_CAMELLIA_H +#include #include #include #include @@ -24,6 +25,12 @@ struct camellia_xts_ctx { struct camellia_ctx crypt_ctx; }; +#define CAMELLIA_GLUE(func) GLUE_CAST(func, camellia_ctx) +#define CAMELLIA_GLUE_XOR(func) GLUE_CAST_XOR(func, camellia_ctx) +#define CAMELLIA_GLUE_CBC(func) GLUE_CAST_CBC(func, camellia_ctx) +#define CAMELLIA_GLUE_CTR(func) GLUE_CAST_CTR(func, camellia_ctx) +#define CAMELLIA_GLUE_XTS(func) GLUE_CAST_XTS(func, camellia_ctx) + extern int __camellia_setkey(struct camellia_ctx *cctx, const unsigned char *key, unsigned int key_len, u32 *flags); @@ -32,56 +39,21 @@ extern int xts_camellia_setkey(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen); /* regular block cipher functions */ -asmlinkage void __camellia_enc_blk(struct camellia_ctx *ctx, u8 *dst, - const u8 *src, bool xor); -asmlinkage void camellia_dec_blk(struct camellia_ctx *ctx, u8 *dst, - const u8 *src); +CAMELLIA_GLUE_XOR(camellia_enc_blk); +CAMELLIA_GLUE(camellia_dec_blk); +CAMELLIA_GLUE_CBC(camellia_dec_blk); /* 2-way parallel cipher functions */ -asmlinkage void __camellia_enc_blk_2way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src, bool xor); -asmlinkage void camellia_dec_blk_2way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src); +CAMELLIA_GLUE_XOR(camellia_enc_blk_2way); +CAMELLIA_GLUE(camellia_dec_blk_2way); /* 16-way parallel cipher functions (avx/aes-ni) */ -asmlinkage void camellia_ecb_enc_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void camellia_ecb_dec_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src); - -asmlinkage void camellia_cbc_dec_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void camellia_ctr_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); - -asmlinkage void camellia_xts_enc_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); -asmlinkage void camellia_xts_dec_16way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); - -static inline void camellia_enc_blk(struct camellia_ctx *ctx, u8 *dst, - const u8 *src) -{ - __camellia_enc_blk(ctx, dst, src, false); -} - -static inline void camellia_enc_blk_xor(struct camellia_ctx *ctx, u8 *dst, - const u8 *src) -{ - __camellia_enc_blk(ctx, dst, src, true); -} - -static inline void camellia_enc_blk_2way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src) -{ - __camellia_enc_blk_2way(ctx, dst, src, false); -} - -static inline void camellia_enc_blk_xor_2way(struct camellia_ctx *ctx, u8 *dst, - const u8 *src) -{ - __camellia_enc_blk_2way(ctx, dst, src, true); -} +CAMELLIA_GLUE(camellia_ecb_enc_16way); +CAMELLIA_GLUE(camellia_ecb_dec_16way); +CAMELLIA_GLUE_CBC(camellia_cbc_dec_16way); +CAMELLIA_GLUE_CTR(camellia_ctr_16way); +CAMELLIA_GLUE_XTS(camellia_xts_enc_16way); +CAMELLIA_GLUE_XTS(camellia_xts_dec_16way); /* glue helpers */ extern void camellia_decrypt_cbc_2way(void *ctx, u128 *dst, const u128 *src); From patchwork Tue May 7 16:13:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10933263 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 455F1912 for ; Tue, 7 May 2019 16:14:19 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 38858287DE for ; Tue, 7 May 2019 16:14:19 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2C85728892; Tue, 7 May 2019 16:14:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id A490E287DE for ; Tue, 7 May 2019 16:14:17 +0000 (UTC) Received: (qmail 15613 invoked by uid 550); 7 May 2019 16:13:48 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 15478 invoked from network); 7 May 2019 16:13:45 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=R0FaOgXX67vsPpGNylXmSJBLEzb27xlF4Ynp9s27mqA=; b=Xud7n7Q9alggwAt4VBpYoD3o4wy4m8k9Or1L5tHoQ4LZKS7dLbaChyM3uqu7GoTcRW y0fcgeggtMxoepN+Ggz0h85SsQKrsPuadeKwpHA3TUVgJNkiUnuK+/HJrEULJpY2bK5V qe1YeB/IJCb38WXbK53R+cOpsXZyNAOfsUXHI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=R0FaOgXX67vsPpGNylXmSJBLEzb27xlF4Ynp9s27mqA=; b=GQBZiiDpoPnX94qwfEmAUPavHMC3VqwgOMvAVzkOrVO0y9MD2aY6//97QH24Msbhjh KK5ZlODa3njrEmaTd1UyI57sRrFy+gPsTbxhk1tDDQh5KTPQ1rpf5C8RaEOD2Rskc3u0 2UP2+vvu8VtU9SdXBTqv9LU6FgLK9xFG1QbGdVPdXHwsDsEg6ad1sUG7jLP/Ha1kqUNr k1STpZNJXydkdB6G9A+cpchyj1ZAlChI1oiJbismIEjvy6UVh0orlrKZpOVjZfVK5xpG tueUAwMkRtSzCFfSBZ71iyLXHjAoXv1rrNkf7WUlDadXZXZegXoKBqEhNSL8bcq3psxc xK3w== X-Gm-Message-State: APjAAAUhbs4F51Zpib2hecoBIskJjhd4caTLKCsl8oLJHW7QptETvh87 4UgQm9ryw6V4Mds+V5vI3IODXg== X-Google-Smtp-Source: APXvYqzaSdcf158RkoW1TjrSNwSD8052ivBcfbU3MEATurInXQewFwbYZqmU1hVduRSIntFNvxyShA== X-Received: by 2002:a65:4105:: with SMTP id w5mr997687pgp.260.1557245613806; Tue, 07 May 2019 09:13:33 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Joao Moreira , Eric Biggers , Ingo Molnar , Thomas Gleixner , Borislav Petkov , x86@kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCH v3 4/7] crypto: x86/twofish: Use new glue function macros Date: Tue, 7 May 2019 09:13:18 -0700 Message-Id: <20190507161321.34611-5-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190507161321.34611-1-keescook@chromium.org> References: <20190507161321.34611-1-keescook@chromium.org> X-Virus-Scanned: ClamAV using ClamSMTP From: Joao Moreira Convert to function declaration macros from function prototype casts to avoid trigger Control-Flow Integrity checks during indirect function calls. Signed-off-by: Joao Moreira Co-developed-by: Kees Cook Signed-off-by: Kees Cook --- arch/x86/crypto/twofish_avx_glue.c | 71 ++++++++++----------------- arch/x86/crypto/twofish_glue_3way.c | 28 +++++------ arch/x86/include/asm/crypto/twofish.h | 22 +++++---- 3 files changed, 50 insertions(+), 71 deletions(-) diff --git a/arch/x86/crypto/twofish_avx_glue.c b/arch/x86/crypto/twofish_avx_glue.c index 66d989230d10..68dc52291c5d 100644 --- a/arch/x86/crypto/twofish_avx_glue.c +++ b/arch/x86/crypto/twofish_avx_glue.c @@ -37,20 +37,12 @@ #define TWOFISH_PARALLEL_BLOCKS 8 /* 8-way parallel cipher functions */ -asmlinkage void twofish_ecb_enc_8way(struct twofish_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void twofish_ecb_dec_8way(struct twofish_ctx *ctx, u8 *dst, - const u8 *src); - -asmlinkage void twofish_cbc_dec_8way(struct twofish_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void twofish_ctr_8way(struct twofish_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); - -asmlinkage void twofish_xts_enc_8way(struct twofish_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); -asmlinkage void twofish_xts_dec_8way(struct twofish_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); +TWOFISH_GLUE(twofish_ecb_enc_8way); +TWOFISH_GLUE(twofish_ecb_dec_8way); +TWOFISH_GLUE_CBC(twofish_cbc_dec_8way); +TWOFISH_GLUE_CTR(twofish_ctr_8way); +TWOFISH_GLUE_XTS(twofish_xts_enc_8way); +TWOFISH_GLUE_XTS(twofish_xts_dec_8way); static int twofish_setkey_skcipher(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) @@ -58,22 +50,14 @@ static int twofish_setkey_skcipher(struct crypto_skcipher *tfm, return twofish_setkey(&tfm->base, key, keylen); } -static inline void twofish_enc_blk_3way(struct twofish_ctx *ctx, u8 *dst, - const u8 *src) -{ - __twofish_enc_blk_3way(ctx, dst, src, false); -} - static void twofish_xts_enc(void *ctx, u128 *dst, const u128 *src, le128 *iv) { - glue_xts_crypt_128bit_one(ctx, dst, src, iv, - GLUE_FUNC_CAST(twofish_enc_blk)); + glue_xts_crypt_128bit_one(ctx, dst, src, iv, twofish_enc_blk_glue); } static void twofish_xts_dec(void *ctx, u128 *dst, const u128 *src, le128 *iv) { - glue_xts_crypt_128bit_one(ctx, dst, src, iv, - GLUE_FUNC_CAST(twofish_dec_blk)); + glue_xts_crypt_128bit_one(ctx, dst, src, iv, twofish_dec_blk_glue); } struct twofish_xts_ctx { @@ -108,13 +92,13 @@ static const struct common_glue_ctx twofish_enc = { .funcs = { { .num_blocks = TWOFISH_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_ecb_enc_8way) } + .fn_u = { .ecb = twofish_ecb_enc_8way_glue } }, { .num_blocks = 3, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_enc_blk_3way) } + .fn_u = { .ecb = twofish_enc_blk_3way } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_enc_blk) } + .fn_u = { .ecb = twofish_enc_blk_glue } } } }; @@ -124,13 +108,13 @@ static const struct common_glue_ctx twofish_ctr = { .funcs = { { .num_blocks = TWOFISH_PARALLEL_BLOCKS, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(twofish_ctr_8way) } + .fn_u = { .ctr = twofish_ctr_8way_glue } }, { .num_blocks = 3, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(twofish_enc_blk_ctr_3way) } + .fn_u = { .ctr = twofish_enc_blk_ctr_3way } }, { .num_blocks = 1, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(twofish_enc_blk_ctr) } + .fn_u = { .ctr = twofish_enc_blk_ctr_glue } } } }; @@ -140,10 +124,10 @@ static const struct common_glue_ctx twofish_enc_xts = { .funcs = { { .num_blocks = TWOFISH_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(twofish_xts_enc_8way) } + .fn_u = { .xts = twofish_xts_enc_8way_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(twofish_xts_enc) } + .fn_u = { .xts = twofish_xts_enc } } } }; @@ -153,13 +137,13 @@ static const struct common_glue_ctx twofish_dec = { .funcs = { { .num_blocks = TWOFISH_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_ecb_dec_8way) } + .fn_u = { .ecb = twofish_ecb_dec_8way_glue } }, { .num_blocks = 3, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_dec_blk_3way) } + .fn_u = { .ecb = twofish_dec_blk_3way_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_dec_blk) } + .fn_u = { .ecb = twofish_dec_blk_glue } } } }; @@ -169,13 +153,13 @@ static const struct common_glue_ctx twofish_dec_cbc = { .funcs = { { .num_blocks = TWOFISH_PARALLEL_BLOCKS, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(twofish_cbc_dec_8way) } + .fn_u = { .cbc = twofish_cbc_dec_8way_cbc_glue } }, { .num_blocks = 3, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(twofish_dec_blk_cbc_3way) } + .fn_u = { .cbc = twofish_dec_blk_cbc_3way } }, { .num_blocks = 1, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(twofish_dec_blk) } + .fn_u = { .cbc = twofish_dec_blk_cbc_glue } } } }; @@ -185,10 +169,10 @@ static const struct common_glue_ctx twofish_dec_xts = { .funcs = { { .num_blocks = TWOFISH_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(twofish_xts_dec_8way) } + .fn_u = { .xts = twofish_xts_dec_8way_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(twofish_xts_dec) } + .fn_u = { .xts = twofish_xts_dec } } } }; @@ -204,8 +188,7 @@ static int ecb_decrypt(struct skcipher_request *req) static int cbc_encrypt(struct skcipher_request *req) { - return glue_cbc_encrypt_req_128bit(GLUE_FUNC_CAST(twofish_enc_blk), - req); + return glue_cbc_encrypt_req_128bit(twofish_enc_blk_glue, req); } static int cbc_decrypt(struct skcipher_request *req) @@ -224,7 +207,7 @@ static int xts_encrypt(struct skcipher_request *req) struct twofish_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&twofish_enc_xts, req, - XTS_TWEAK_CAST(twofish_enc_blk), + twofish_enc_blk_glue, &ctx->tweak_ctx, &ctx->crypt_ctx); } @@ -234,7 +217,7 @@ static int xts_decrypt(struct skcipher_request *req) struct twofish_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&twofish_dec_xts, req, - XTS_TWEAK_CAST(twofish_enc_blk), + twofish_enc_blk_glue, &ctx->tweak_ctx, &ctx->crypt_ctx); } diff --git a/arch/x86/crypto/twofish_glue_3way.c b/arch/x86/crypto/twofish_glue_3way.c index 571485502ec8..e58236435735 100644 --- a/arch/x86/crypto/twofish_glue_3way.c +++ b/arch/x86/crypto/twofish_glue_3way.c @@ -40,12 +40,6 @@ static int twofish_setkey_skcipher(struct crypto_skcipher *tfm, return twofish_setkey(&tfm->base, key, keylen); } -static inline void twofish_enc_blk_3way(struct twofish_ctx *ctx, u8 *dst, - const u8 *src) -{ - __twofish_enc_blk_3way(ctx, dst, src, false); -} - static inline void twofish_enc_blk_xor_3way(struct twofish_ctx *ctx, u8 *dst, const u8 *src) { @@ -66,7 +60,8 @@ void twofish_dec_blk_cbc_3way(void *ctx, u128 *dst, const u128 *src) } EXPORT_SYMBOL_GPL(twofish_dec_blk_cbc_3way); -void twofish_enc_blk_ctr(void *ctx, u128 *dst, const u128 *src, le128 *iv) +void twofish_enc_blk_ctr(struct twofish_ctx *ctx, u128 *dst, const u128 *src, + le128 *iv) { be128 ctrblk; @@ -109,10 +104,10 @@ static const struct common_glue_ctx twofish_enc = { .funcs = { { .num_blocks = 3, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_enc_blk_3way) } + .fn_u = { .ecb = twofish_enc_blk_3way } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_enc_blk) } + .fn_u = { .ecb = twofish_enc_blk_glue } } } }; @@ -122,10 +117,10 @@ static const struct common_glue_ctx twofish_ctr = { .funcs = { { .num_blocks = 3, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_enc_blk_ctr_3way) } + .fn_u = { .ctr = twofish_enc_blk_ctr_3way } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_enc_blk_ctr) } + .fn_u = { .ctr = twofish_enc_blk_ctr_glue } } } }; @@ -135,10 +130,10 @@ static const struct common_glue_ctx twofish_dec = { .funcs = { { .num_blocks = 3, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_dec_blk_3way) } + .fn_u = { .ecb = twofish_dec_blk_3way_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(twofish_dec_blk) } + .fn_u = { .ecb = twofish_dec_blk_glue } } } }; @@ -148,10 +143,10 @@ static const struct common_glue_ctx twofish_dec_cbc = { .funcs = { { .num_blocks = 3, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(twofish_dec_blk_cbc_3way) } + .fn_u = { .cbc = twofish_dec_blk_cbc_3way } }, { .num_blocks = 1, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(twofish_dec_blk) } + .fn_u = { .cbc = twofish_dec_blk_cbc_glue } } } }; @@ -167,8 +162,7 @@ static int ecb_decrypt(struct skcipher_request *req) static int cbc_encrypt(struct skcipher_request *req) { - return glue_cbc_encrypt_req_128bit(GLUE_FUNC_CAST(twofish_enc_blk), - req); + return glue_cbc_encrypt_req_128bit(twofish_enc_blk_glue, req); } static int cbc_decrypt(struct skcipher_request *req) diff --git a/arch/x86/include/asm/crypto/twofish.h b/arch/x86/include/asm/crypto/twofish.h index f618bf272b90..59f3228fbc5d 100644 --- a/arch/x86/include/asm/crypto/twofish.h +++ b/arch/x86/include/asm/crypto/twofish.h @@ -6,22 +6,24 @@ #include #include +#define TWOFISH_GLUE(func) GLUE_CAST(func, twofish_ctx) +#define TWOFISH_GLUE_XOR(func) GLUE_CAST_XOR(func, twofish_ctx) +#define TWOFISH_GLUE_CBC(func) GLUE_CAST_CBC(func, twofish_ctx) +#define TWOFISH_GLUE_CTR(func) GLUE_CAST_CTR(func, twofish_ctx) +#define TWOFISH_GLUE_XTS(func) GLUE_CAST_XTS(func, twofish_ctx) + /* regular block cipher functions from twofish_x86_64 module */ -asmlinkage void twofish_enc_blk(struct twofish_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void twofish_dec_blk(struct twofish_ctx *ctx, u8 *dst, - const u8 *src); +TWOFISH_GLUE(twofish_enc_blk); +TWOFISH_GLUE(twofish_dec_blk); +TWOFISH_GLUE_CBC(twofish_dec_blk); /* 3-way parallel cipher functions */ -asmlinkage void __twofish_enc_blk_3way(struct twofish_ctx *ctx, u8 *dst, - const u8 *src, bool xor); -asmlinkage void twofish_dec_blk_3way(struct twofish_ctx *ctx, u8 *dst, - const u8 *src); +TWOFISH_GLUE_XOR(twofish_enc_blk_3way); +TWOFISH_GLUE(twofish_dec_blk_3way); /* helpers from twofish_x86_64-3way module */ extern void twofish_dec_blk_cbc_3way(void *ctx, u128 *dst, const u128 *src); -extern void twofish_enc_blk_ctr(void *ctx, u128 *dst, const u128 *src, - le128 *iv); +TWOFISH_GLUE_CTR(twofish_enc_blk_ctr); extern void twofish_enc_blk_ctr_3way(void *ctx, u128 *dst, const u128 *src, le128 *iv); From patchwork Tue May 7 16:13:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10933271 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 657D9933 for ; Tue, 7 May 2019 16:15:12 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 585C92000A for ; Tue, 7 May 2019 16:15:12 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4C7E728758; Tue, 7 May 2019 16:15:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 294B828711 for ; Tue, 7 May 2019 16:15:10 +0000 (UTC) Received: (qmail 15768 invoked by uid 550); 7 May 2019 16:13:52 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 15614 invoked from network); 7 May 2019 16:13:48 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=OLFjOKOIpgl1sQZOZV5HokWwcV9dbLiuY0v43zeEmqQ=; b=HXFTi8/HkXpDU2PFc2Mw/IOZVdlwyapj689DH54ZoPz+yO0undbmi8zJAEfB8418H+ UPifeze559M22KJpXabF8HhoZ0l0NsBloTQzNp69+H5aOtO/xkRyfk6vgtz8+nL1OJr8 T1SLlyLNAWEwfNz6f9yPvsndn30YAJba3tCQk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=OLFjOKOIpgl1sQZOZV5HokWwcV9dbLiuY0v43zeEmqQ=; b=UwvGXlkHF8exU2S8B9fM5ahGiP+wJRbIMjPVEzX5Kjh1XSaZpPOEYtv+VnKxAVn4LP dMO4UFKLhpx1TKZX/Sw0lpAkHv9Ajm58d2iZ5fuUZo74Kq9fy9iIKhSSvR+rqlEHmhtL Z3A7M1qTTpELlHGoa5R5O1jnX9Q5VuLiXxuP+KPghkdE/b68RLL5I50VjxnhGLZUST+N 2GPzXhXnWEZaKwf0yqzpvGP+J+UNaVd5NMVlaFDYtwGdBtdlDeObmQ9BUkU4Ok8OS8ZA Qo8ZRzLKgwr/7emuU07LFOP8KsdouZsdSiVgC1vQb28yG8in69tHt/ZX1UBeYTvOBYA+ 5wSg== X-Gm-Message-State: APjAAAX5ni8W9XweudG3ozX6c3W04dBfutAPiSAd3F4gEtQBMbfOZTz4 EYmz2mqd57s/Y0L+qwMdlDesjg== X-Google-Smtp-Source: APXvYqytnwDZUzLfiiZ5lHq0t5TNqV9NlHs0qSDDmEJn3fGPAQjSkryopq9cUSFH+6iFRLtvY0rKSA== X-Received: by 2002:aa7:8392:: with SMTP id u18mr43242175pfm.217.1557245616548; Tue, 07 May 2019 09:13:36 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Joao Moreira , Eric Biggers , Ingo Molnar , Thomas Gleixner , Borislav Petkov , x86@kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCH v3 5/7] crypto: x86/cast6: Use new glue function macros Date: Tue, 7 May 2019 09:13:19 -0700 Message-Id: <20190507161321.34611-6-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190507161321.34611-1-keescook@chromium.org> References: <20190507161321.34611-1-keescook@chromium.org> X-Virus-Scanned: ClamAV using ClamSMTP From: Joao Moreira Convert to function declaration macros from function prototype casts to avoid trigger Control-Flow Integrity checks during indirect function calls. Signed-off-by: Joao Moreira Co-developed-by: Kees Cook Signed-off-by: Kees Cook --- arch/x86/crypto/cast6_avx_glue.c | 65 +++++++++++++++----------------- 1 file changed, 31 insertions(+), 34 deletions(-) diff --git a/arch/x86/crypto/cast6_avx_glue.c b/arch/x86/crypto/cast6_avx_glue.c index 18965c39305e..4735cd0ef379 100644 --- a/arch/x86/crypto/cast6_avx_glue.c +++ b/arch/x86/crypto/cast6_avx_glue.c @@ -35,20 +35,20 @@ #define CAST6_PARALLEL_BLOCKS 8 -asmlinkage void cast6_ecb_enc_8way(struct cast6_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void cast6_ecb_dec_8way(struct cast6_ctx *ctx, u8 *dst, - const u8 *src); - -asmlinkage void cast6_cbc_dec_8way(struct cast6_ctx *ctx, u8 *dst, - const u8 *src); -asmlinkage void cast6_ctr_8way(struct cast6_ctx *ctx, u8 *dst, const u8 *src, - le128 *iv); - -asmlinkage void cast6_xts_enc_8way(struct cast6_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); -asmlinkage void cast6_xts_dec_8way(struct cast6_ctx *ctx, u8 *dst, - const u8 *src, le128 *iv); +#define CAST6_GLUE(func) GLUE_CAST(func, cast6_ctx) +#define CAST6_GLUE_CBC(func) GLUE_CAST_CBC(func, cast6_ctx) +#define CAST6_GLUE_CTR(func) GLUE_CAST_CTR(func, cast6_ctx) +#define CAST6_GLUE_XTS(func) GLUE_CAST_XTS(func, cast6_ctx) + +CAST6_GLUE(__cast6_encrypt); +CAST6_GLUE(__cast6_decrypt); +CAST6_GLUE(cast6_ecb_enc_8way); +CAST6_GLUE(cast6_ecb_dec_8way); +CAST6_GLUE_CBC(cast6_cbc_dec_8way); +CAST6_GLUE_CBC(__cast6_decrypt); +CAST6_GLUE_CTR(cast6_ctr_8way); +CAST6_GLUE_XTS(cast6_xts_enc_8way); +CAST6_GLUE_XTS(cast6_xts_dec_8way); static int cast6_setkey_skcipher(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) @@ -58,14 +58,12 @@ static int cast6_setkey_skcipher(struct crypto_skcipher *tfm, static void cast6_xts_enc(void *ctx, u128 *dst, const u128 *src, le128 *iv) { - glue_xts_crypt_128bit_one(ctx, dst, src, iv, - GLUE_FUNC_CAST(__cast6_encrypt)); + glue_xts_crypt_128bit_one(ctx, dst, src, iv, __cast6_encrypt_glue); } static void cast6_xts_dec(void *ctx, u128 *dst, const u128 *src, le128 *iv) { - glue_xts_crypt_128bit_one(ctx, dst, src, iv, - GLUE_FUNC_CAST(__cast6_decrypt)); + glue_xts_crypt_128bit_one(ctx, dst, src, iv, __cast6_decrypt_glue); } static void cast6_crypt_ctr(void *ctx, u128 *dst, const u128 *src, le128 *iv) @@ -85,10 +83,10 @@ static const struct common_glue_ctx cast6_enc = { .funcs = { { .num_blocks = CAST6_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(cast6_ecb_enc_8way) } + .fn_u = { .ecb = cast6_ecb_enc_8way_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(__cast6_encrypt) } + .fn_u = { .ecb = __cast6_encrypt_glue } } } }; @@ -98,10 +96,10 @@ static const struct common_glue_ctx cast6_ctr = { .funcs = { { .num_blocks = CAST6_PARALLEL_BLOCKS, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(cast6_ctr_8way) } + .fn_u = { .ctr = cast6_ctr_8way_glue } }, { .num_blocks = 1, - .fn_u = { .ctr = GLUE_CTR_FUNC_CAST(cast6_crypt_ctr) } + .fn_u = { .ctr = cast6_crypt_ctr } } } }; @@ -111,10 +109,10 @@ static const struct common_glue_ctx cast6_enc_xts = { .funcs = { { .num_blocks = CAST6_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(cast6_xts_enc_8way) } + .fn_u = { .xts = cast6_xts_enc_8way_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(cast6_xts_enc) } + .fn_u = { .xts = cast6_xts_enc } } } }; @@ -124,10 +122,10 @@ static const struct common_glue_ctx cast6_dec = { .funcs = { { .num_blocks = CAST6_PARALLEL_BLOCKS, - .fn_u = { .ecb = GLUE_FUNC_CAST(cast6_ecb_dec_8way) } + .fn_u = { .ecb = cast6_ecb_dec_8way_glue } }, { .num_blocks = 1, - .fn_u = { .ecb = GLUE_FUNC_CAST(__cast6_decrypt) } + .fn_u = { .ecb = __cast6_decrypt_glue } } } }; @@ -137,10 +135,10 @@ static const struct common_glue_ctx cast6_dec_cbc = { .funcs = { { .num_blocks = CAST6_PARALLEL_BLOCKS, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(cast6_cbc_dec_8way) } + .fn_u = { .cbc = cast6_cbc_dec_8way_cbc_glue } }, { .num_blocks = 1, - .fn_u = { .cbc = GLUE_CBC_FUNC_CAST(__cast6_decrypt) } + .fn_u = { .cbc = __cast6_decrypt_cbc_glue } } } }; @@ -150,10 +148,10 @@ static const struct common_glue_ctx cast6_dec_xts = { .funcs = { { .num_blocks = CAST6_PARALLEL_BLOCKS, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(cast6_xts_dec_8way) } + .fn_u = { .xts = cast6_xts_dec_8way_glue } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(cast6_xts_dec) } + .fn_u = { .xts = cast6_xts_dec } } } }; @@ -169,8 +167,7 @@ static int ecb_decrypt(struct skcipher_request *req) static int cbc_encrypt(struct skcipher_request *req) { - return glue_cbc_encrypt_req_128bit(GLUE_FUNC_CAST(__cast6_encrypt), - req); + return glue_cbc_encrypt_req_128bit(__cast6_encrypt_glue, req); } static int cbc_decrypt(struct skcipher_request *req) @@ -215,7 +212,7 @@ static int xts_encrypt(struct skcipher_request *req) struct cast6_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&cast6_enc_xts, req, - XTS_TWEAK_CAST(__cast6_encrypt), + __cast6_encrypt_glue, &ctx->tweak_ctx, &ctx->crypt_ctx); } @@ -225,7 +222,7 @@ static int xts_decrypt(struct skcipher_request *req) struct cast6_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&cast6_dec_xts, req, - XTS_TWEAK_CAST(__cast6_encrypt), + __cast6_encrypt_glue, &ctx->tweak_ctx, &ctx->crypt_ctx); } From patchwork Tue May 7 16:13:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10933269 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D55971390 for ; Tue, 7 May 2019 16:14:58 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C621E2000A for ; Tue, 7 May 2019 16:14:58 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B70DF28711; Tue, 7 May 2019 16:14:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id BFF7F2000A for ; Tue, 7 May 2019 16:14:57 +0000 (UTC) Received: (qmail 15724 invoked by uid 550); 7 May 2019 16:13:50 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 15590 invoked from network); 7 May 2019 16:13:47 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=GtAkXLbM5Yxh1pZTulaAY8+tvV9X/Wy+g9uQkjsyr7k=; b=LXVZp/oYVAOiLUXlPtk8Cd3zcswhBSZ8T4MmKellCTKnIjY9lef+auf5uaAO9y8TQ2 IcMYBRRSP5EleGlskUJpwWoZAYclBLaX5kC/b9hGmNAgtTFI42RmRSU2BI1I585Z6F3z Dzg5Tr4aX7O55rA0WzVImEB+YcERI34IDXOEY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=GtAkXLbM5Yxh1pZTulaAY8+tvV9X/Wy+g9uQkjsyr7k=; b=Cg3vm5PaRrRNtSYp5gO9ZHkRvYKjGcf075XiNrckx0aFyjpJLb+wAG23iOOtQyMUIy v2LSdJkVB3Ea3HU9/9AALxoGYdY6H6iitHtLk67aKgb6cX1yNLzTzrgDq6h28sh0WouO P7aG3vjyIRKCzYrUyuRsysBvNaR9UkB8udpak8imRiJKiHw+efVL0EPNHg5P7/IQwwGa Qpqq7nziDZ+Fy+ygS92w7EEx8mfg3TAt3en26jl1uElAKgR0WpNOwsVIABC8eHLaY1Zz WeBZtH6Lp6l2oG662D/lWtNwd9c6ejY1QYvEDf02n32HZ1mjO9PGTrxyVCF25zLQtkle 7peQ== X-Gm-Message-State: APjAAAUnhePeRphrg/fs6a2lRmR2N7xwEtvgQl3QQnKpwyLUOSsXB2jf cQXWKtbArtx0kd3UqBZMWZ1CFQ== X-Google-Smtp-Source: APXvYqxei5kL1Syc45BpeHUWyEYcS37yFt+oZEKx+/vNjhefreb0MA6AI8j/KaZun+Wmng/zKKaAiQ== X-Received: by 2002:a17:902:e213:: with SMTP id ce19mr15457795plb.30.1557245616006; Tue, 07 May 2019 09:13:36 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Joao Moreira , Eric Biggers , Ingo Molnar , Thomas Gleixner , Borislav Petkov , x86@kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCH v3 6/7] crypto: x86/aesni: Use new glue function macros Date: Tue, 7 May 2019 09:13:20 -0700 Message-Id: <20190507161321.34611-7-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190507161321.34611-1-keescook@chromium.org> References: <20190507161321.34611-1-keescook@chromium.org> X-Virus-Scanned: ClamAV using ClamSMTP Convert to function declaration macros from function prototype casts to avoid trigger Control-Flow Integrity checks during indirect function calls. Signed-off-by: Kees Cook --- arch/x86/crypto/aesni-intel_glue.c | 31 ++++++++++++------------------ 1 file changed, 12 insertions(+), 19 deletions(-) diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c index 1e3d2102033a..350286235a47 100644 --- a/arch/x86/crypto/aesni-intel_glue.c +++ b/arch/x86/crypto/aesni-intel_glue.c @@ -39,9 +39,7 @@ #include #include #include -#ifdef CONFIG_X86_64 #include -#endif #define AESNI_ALIGN 16 @@ -52,6 +50,8 @@ #define CRYPTO_AES_CTX_SIZE (sizeof(struct crypto_aes_ctx) + AESNI_ALIGN_EXTRA) #define XTS_AES_CTX_SIZE (sizeof(struct aesni_xts_ctx) + AESNI_ALIGN_EXTRA) +#define AESNI_GLUE(func) GLUE_CAST(func, crypto_aes_ctx) + /* This data is stored at the end of the crypto_tfm struct. * It's a type of per "session" data storage location. * This needs to be 16 byte aligned. @@ -89,10 +89,8 @@ struct gcm_context_data { asmlinkage int aesni_set_key(struct crypto_aes_ctx *ctx, const u8 *in_key, unsigned int key_len); -asmlinkage void aesni_enc(struct crypto_aes_ctx *ctx, u8 *out, - const u8 *in); -asmlinkage void aesni_dec(struct crypto_aes_ctx *ctx, u8 *out, - const u8 *in); +AESNI_GLUE(aesni_enc); +AESNI_GLUE(aesni_dec); asmlinkage void aesni_ecb_enc(struct crypto_aes_ctx *ctx, u8 *out, const u8 *in, unsigned int len); asmlinkage void aesni_ecb_dec(struct crypto_aes_ctx *ctx, u8 *out, @@ -570,19 +568,14 @@ static int xts_aesni_setkey(struct crypto_skcipher *tfm, const u8 *key, } -static void aesni_xts_tweak(void *ctx, u8 *out, const u8 *in) -{ - aesni_enc(ctx, out, in); -} - static void aesni_xts_enc(void *ctx, u128 *dst, const u128 *src, le128 *iv) { - glue_xts_crypt_128bit_one(ctx, dst, src, iv, GLUE_FUNC_CAST(aesni_enc)); + glue_xts_crypt_128bit_one(ctx, dst, src, iv, aesni_enc_glue); } static void aesni_xts_dec(void *ctx, u128 *dst, const u128 *src, le128 *iv) { - glue_xts_crypt_128bit_one(ctx, dst, src, iv, GLUE_FUNC_CAST(aesni_dec)); + glue_xts_crypt_128bit_one(ctx, dst, src, iv, aesni_dec_glue); } static void aesni_xts_enc8(void *ctx, u128 *dst, const u128 *src, le128 *iv) @@ -601,10 +594,10 @@ static const struct common_glue_ctx aesni_enc_xts = { .funcs = { { .num_blocks = 8, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(aesni_xts_enc8) } + .fn_u = { .xts = aesni_xts_enc8 } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(aesni_xts_enc) } + .fn_u = { .xts = aesni_xts_enc } } } }; @@ -614,10 +607,10 @@ static const struct common_glue_ctx aesni_dec_xts = { .funcs = { { .num_blocks = 8, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(aesni_xts_dec8) } + .fn_u = { .xts = aesni_xts_dec8 } }, { .num_blocks = 1, - .fn_u = { .xts = GLUE_XTS_FUNC_CAST(aesni_xts_dec) } + .fn_u = { .xts = aesni_xts_dec } } } }; @@ -627,7 +620,7 @@ static int xts_encrypt(struct skcipher_request *req) struct aesni_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&aesni_enc_xts, req, - XTS_TWEAK_CAST(aesni_xts_tweak), + aesni_enc_glue, aes_ctx(ctx->raw_tweak_ctx), aes_ctx(ctx->raw_crypt_ctx)); } @@ -638,7 +631,7 @@ static int xts_decrypt(struct skcipher_request *req) struct aesni_xts_ctx *ctx = crypto_skcipher_ctx(tfm); return glue_xts_req_128bit(&aesni_dec_xts, req, - XTS_TWEAK_CAST(aesni_xts_tweak), + aesni_enc_glue, aes_ctx(ctx->raw_tweak_ctx), aes_ctx(ctx->raw_crypt_ctx)); } From patchwork Tue May 7 16:13:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10933265 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 67F6F912 for ; Tue, 7 May 2019 16:14:36 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 59B5C287DE for ; Tue, 7 May 2019 16:14:36 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4C81628892; Tue, 7 May 2019 16:14:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 7673A287DE for ; Tue, 7 May 2019 16:14:35 +0000 (UTC) Received: (qmail 15686 invoked by uid 550); 7 May 2019 16:13:49 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 15565 invoked from network); 7 May 2019 16:13:47 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=QA3HzzjjvBBxLzgrZcUsI/Ka76WXbPB2jGuemOph6Xg=; b=EPXA/HhfhYmNIpyStTLIe0HkJknQfVtp7TmERucT0x6/R3/KPT7QKZ1j8HPBgPNCmH PPj6gw/Sa78McVub6La5gCIYi1dmv7wK9IsmDDQvk1p6gCHAVy3tgJaXQoomkmjGWRSe 9ZlZyEgwZMCzML51PiaHKSel0UM2lPxW9HPDo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=QA3HzzjjvBBxLzgrZcUsI/Ka76WXbPB2jGuemOph6Xg=; b=X1uQFJ2FrNSRBXRwPMeRQ9D2zGDkfJYKmqe2Zh+fwJCudIgh0OTym36W9lWez21LK0 1PwdxmAIpro3VVgkhE6TOxVYRMuaCr59voZz/fvCHOMMApf3cYcAZfktkzF3o3Joc7vB fl/+T8pSN5JT8JPzJu1pemH465nBRGj+mbWtPmQUpkbJcJswmKIyZKwITXnQ3Ta5R9fL UnK7M02wXuSHmEjcdSSKICU88aMrM2wG+h1G4m/Bnh4308yzBucdR918Vxc0vAqSAD+u ymD4NC2nBoRqOCR0jKQkOPj18TQNBldkICd4zOG5iu2VC04M6xiiN9lGoLNWeuf0Gsup Lr2g== X-Gm-Message-State: APjAAAUZkVM9fOq214BVhKPMF32sJjQjrRT7QF/MumGBnrdga8+lDEDp AKnB8hoZ09xSoMn//UYv/7PMtg== X-Google-Smtp-Source: APXvYqyeW7D+sPyiZumGQOGNkqWQIR/WsqzmD/UtQYSmmk7rzstgyo+h1xm936mPXzVcBXe1ba+o9g== X-Received: by 2002:a17:902:b614:: with SMTP id b20mr4001088pls.200.1557245615448; Tue, 07 May 2019 09:13:35 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Joao Moreira , Eric Biggers , Ingo Molnar , Thomas Gleixner , Borislav Petkov , x86@kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCH v3 7/7] crypto: x86/glue_helper: Remove function prototype cast helpers Date: Tue, 7 May 2019 09:13:21 -0700 Message-Id: <20190507161321.34611-8-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190507161321.34611-1-keescook@chromium.org> References: <20190507161321.34611-1-keescook@chromium.org> X-Virus-Scanned: ClamAV using ClamSMTP Now that all users of the function prototype casting helpers have been removed, this deletes the unused macros. Signed-off-by: Kees Cook --- arch/x86/include/asm/crypto/glue_helper.h | 6 ------ include/crypto/xts.h | 2 -- 2 files changed, 8 deletions(-) diff --git a/arch/x86/include/asm/crypto/glue_helper.h b/arch/x86/include/asm/crypto/glue_helper.h index 3b039d563809..2b2d8d4a5081 100644 --- a/arch/x86/include/asm/crypto/glue_helper.h +++ b/arch/x86/include/asm/crypto/glue_helper.h @@ -18,12 +18,6 @@ typedef void (*common_glue_ctr_func_t)(void *ctx, u128 *dst, const u128 *src, typedef void (*common_glue_xts_func_t)(void *ctx, u128 *dst, const u128 *src, le128 *iv); -#define GLUE_FUNC_CAST(fn) ((common_glue_func_t)(fn)) -#define GLUE_CBC_FUNC_CAST(fn) ((common_glue_cbc_func_t)(fn)) -#define GLUE_CTR_FUNC_CAST(fn) ((common_glue_ctr_func_t)(fn)) -#define GLUE_XTS_FUNC_CAST(fn) ((common_glue_xts_func_t)(fn)) - - #define GLUE_CAST(func, context) \ asmlinkage void func(struct context *ctx, u8 *dst, const u8 *src); \ asmlinkage static inline \ diff --git a/include/crypto/xts.h b/include/crypto/xts.h index 75fd96ff976b..15ae7fdc0478 100644 --- a/include/crypto/xts.h +++ b/include/crypto/xts.h @@ -8,8 +8,6 @@ #define XTS_BLOCK_SIZE 16 -#define XTS_TWEAK_CAST(x) ((void (*)(void *, u8*, const u8*))(x)) - static inline int xts_check_key(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) {