Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp2835466pxv;
        Mon, 12 Jul 2021 03:07:41 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyfSja4UNGya9eBFPmFEUPkLYWtBdeDqgq2f+lSL+aJv3bQDImzF2A8ZU9MXbM8orwzrg+J
X-Received: by 2002:a05:6402:10c7:: with SMTP id p7mr47068640edu.159.1626084363413;
        Mon, 12 Jul 2021 03:06:03 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1626084363; cv=none;
        d=google.com; s=arc-20160816;
        b=by6le98WAyfQ0tbmnxtBpxjsM2gNM9l7fvLrMuyeIJ+vF15k2bSH6ViXHd7gfMnY2v
         XyJuh/xOZPvlsJ9QHvLt3BeyaCyMkbpUMlvBmbKXNYVq3a6V4Q9go21aWSIsXOOxRYIq
         n/ld60wPHXxeswx+Q25qT4ZaZIV53p/1CGQdeHgh6u6yLZ4Zgzm/u9PBu5xGd3P8ANqf
         E5OrZKoB8/5ghDc4RqBouwAuHOtYZWLd4BKMZqSYUpyunlrMGvORQ+cPZuCrxYxgami0
         5lv7k/eTzmuVrkrSShZ1/RZMVabfcoVDshfAr5K/djOy7ZJUk5rNnmpS6kaoK52RFhzE
         0Ydg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=pLORxw8jNxcsWGjfCHKiVv0rhLg0qk+EGSj6U2+2GZI=;
        b=Qu/xO6GpjQnp1hSFxsKz8g25AoZ7sL2YNniauVyVpFNWmO5CEK/4ABTBZThBQV+c4s
         sMnNQ6zczBlFMi4QGSmLfMrmSjFyCGzo4okEqU2meeS6kd+ir727mMCWuP80WfKyh3PB
         yEgUpdzUbNbTVAL/wm3ku9uZaxcZM3CYZRmZSKnQ+t6XgVRVMNe9GDRazqB1E8SkM83Z
         x+jvyBHQCad3JNnNf6I98ZsYJ4l7dI9SFpsHT8lqWvnEvu+AxKiKECYPePpuJNAZzrJS
         UEjMeBavR84ZtAHUNgWj8/u7IM3if2T6kxqyGnqek7D1sDRgF0fVWLStfkUCblcFWwIo
         CCvg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=G7nNZCMQ;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id v3si1537322edr.244.2021.07.12.03.05.41;
        Mon, 12 Jul 2021 03:06:03 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=G7nNZCMQ;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S243401AbhGLHdl (ORCPT <rfc822;maloy021189ju@gmail.com>
        + 99 others); Mon, 12 Jul 2021 03:33:41 -0400
Received: from mail.kernel.org ([198.145.29.99]:40564 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S243898AbhGLHGC (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 12 Jul 2021 03:06:02 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 349D761152;
        Mon, 12 Jul 2021 07:02:37 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1626073357;
        bh=wDNvjMGxrpeAQg0xXJVXW97Rx7+AUJ9+PX7Q1PWNhRI=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=G7nNZCMQrSJ4+DpOBdNIwWpL1OBU536eiWkhgblKBQi//dipYSmzkWND50eXvdM2J
         u7cdL1TyLXs0DiGWyv5obBFOSws9vh2Sy1zvrZftSnxU7DP5J/lxaMCcaieTuV9uf6
         J42/KqzgKFHf4H4SRRGNg4Da9hqtvRtpTaTLOHU4=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Sami Tolvanen <samitolvanen@google.com>,
        Eric Biggers <ebiggers@kernel.org>,
        Ard Biesheuvel <ardb@kernel.org>,
        Eric Biggers <ebiggers@google.com>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.12 172/700] crypto: shash - avoid comparing pointers to exported functions under CFI
Date:   Mon, 12 Jul 2021 08:04:15 +0200
Message-Id: <20210712060950.489526727@linuxfoundation.org>
X-Mailer: git-send-email 2.32.0
In-Reply-To: <20210712060924.797321836@linuxfoundation.org>
References: <20210712060924.797321836@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Ard Biesheuvel <ardb@kernel.org>

[ Upstream commit 22ca9f4aaf431a9413dcc115dd590123307f274f ]

crypto_shash_alg_has_setkey() is implemented by testing whether the
.setkey() member of a struct shash_alg points to the default version,
called shash_no_setkey(). As crypto_shash_alg_has_setkey() is a static
inline, this requires shash_no_setkey() to be exported to modules.

Unfortunately, when building with CFI, function pointers are routed
via CFI stubs which are private to each module (or to the kernel proper)
and so this function pointer comparison may fail spuriously.

Let's fix this by turning crypto_shash_alg_has_setkey() into an out of
line function.

Cc: Sami Tolvanen <samitolvanen@google.com>
Cc: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 crypto/shash.c                 | 18 +++++++++++++++---
 include/crypto/internal/hash.h |  8 +-------
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/crypto/shash.c b/crypto/shash.c
index 2e3433ad9762..0a0a50cb694f 100644
--- a/crypto/shash.c
+++ b/crypto/shash.c
@@ -20,12 +20,24 @@
 
 static const struct crypto_type crypto_shash_type;
 
-int shash_no_setkey(struct crypto_shash *tfm, const u8 *key,
-		    unsigned int keylen)
+static int shash_no_setkey(struct crypto_shash *tfm, const u8 *key,
+			   unsigned int keylen)
 {
 	return -ENOSYS;
 }
-EXPORT_SYMBOL_GPL(shash_no_setkey);
+
+/*
+ * Check whether an shash algorithm has a setkey function.
+ *
+ * For CFI compatibility, this must not be an inline function.  This is because
+ * when CFI is enabled, modules won't get the same address for shash_no_setkey
+ * (if it were exported, which inlining would require) as the core kernel will.
+ */
+bool crypto_shash_alg_has_setkey(struct shash_alg *alg)
+{
+	return alg->setkey != shash_no_setkey;
+}
+EXPORT_SYMBOL_GPL(crypto_shash_alg_has_setkey);
 
 static int shash_setkey_unaligned(struct crypto_shash *tfm, const u8 *key,
 				  unsigned int keylen)
diff --git a/include/crypto/internal/hash.h b/include/crypto/internal/hash.h
index 0a288dddcf5b..25806141db59 100644
--- a/include/crypto/internal/hash.h
+++ b/include/crypto/internal/hash.h
@@ -75,13 +75,7 @@ void crypto_unregister_ahashes(struct ahash_alg *algs, int count);
 int ahash_register_instance(struct crypto_template *tmpl,
 			    struct ahash_instance *inst);
 
-int shash_no_setkey(struct crypto_shash *tfm, const u8 *key,
-		    unsigned int keylen);
-
-static inline bool crypto_shash_alg_has_setkey(struct shash_alg *alg)
-{
-	return alg->setkey != shash_no_setkey;
-}
+bool crypto_shash_alg_has_setkey(struct shash_alg *alg);
 
 static inline bool crypto_shash_alg_needs_key(struct shash_alg *alg)
 {
-- 
2.30.2