This patch introduced SNAPSHOT_SIG_HASH config for user to select which
hash algorithm will be used during signature generation of snapshot.
v2:
Add define check of oCONFIG_SNAPSHOT_VERIFICATION in snapshot.c before
declare pkey_hash().
Reviewed-by: Jiri Kosina <[email protected]>
Signed-off-by: Lee, Chun-Yi <jlee-IBi9RG/[email protected]>
---
kernel/power/Kconfig | 46 ++++++++++++++++++++++++++++++++++++++++++++++
kernel/power/snapshot.c | 25 ++++++++++++++++++++-----
2 files changed, 66 insertions(+), 5 deletions(-)
diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig
index b592d88..79b34fa 100644
--- a/kernel/power/Kconfig
+++ b/kernel/power/Kconfig
@@ -78,6 +78,52 @@ config SNAPSHOT_VERIFICATION
dependent on UEFI environment. EFI bootloader should generate the
key-pair.
+choice
+ prompt "Which hash algorithm should snapshot be signed with?"
+ depends on SNAPSHOT_VERIFICATION
+ help
+ This determines which sort of hashing algorithm will be used during
+ signature generation of snapshot. This algorithm _must_ be built into
+ the kernel directly so that signature verification can take place.
+ It is not possible to load a signed snapshot containing the algorithm
+ to check the signature on that module.
+
+config SNAPSHOT_SIG_SHA1
+ bool "Sign modules with SHA-1"
+ select CRYPTO_SHA1
+ select CRYPTO_SHA1_SSSE3 if X86_64
+
+config SNAPSHOT_SIG_SHA224
+ bool "Sign modules with SHA-224"
+ select CRYPTO_SHA256
+ select CRYPTO_SHA256_SSSE3 if X86_64
+
+config SNAPSHOT_SIG_SHA256
+ bool "Sign modules with SHA-256"
+ select CRYPTO_SHA256
+ select CRYPTO_SHA256_SSSE3 if X86_64
+
+config SNAPSHOT_SIG_SHA384
+ bool "Sign modules with SHA-384"
+ select CRYPTO_SHA512
+ select CRYPTO_SHA512_SSSE3 if X86_64
+
+config SNAPSHOT_SIG_SHA512
+ bool "Sign modules with SHA-512"
+ select CRYPTO_SHA512
+ select CRYPTO_SHA512_SSSE3 if X86_64
+
+endchoice
+
+config SNAPSHOT_SIG_HASH
+ string
+ depends on SNAPSHOT_VERIFICATION
+ default "sha1" if SNAPSHOT_SIG_SHA1
+ default "sha224" if SNAPSHOT_SIG_SHA224
+ default "sha256" if SNAPSHOT_SIG_SHA256
+ default "sha384" if SNAPSHOT_SIG_SHA384
+ default "sha512" if SNAPSHOT_SIG_SHA512
+
config PM_STD_PARTITION
string "Default resume partition"
depends on HIBERNATION
diff --git a/kernel/power/snapshot.c b/kernel/power/snapshot.c
index 804feb6..896f11d 100644
--- a/kernel/power/snapshot.c
+++ b/kernel/power/snapshot.c
@@ -1041,7 +1041,22 @@ static inline void copy_data_page(unsigned long dst_pfn, unsigned long src_pfn)
#endif /* CONFIG_HIGHMEM */
#ifdef CONFIG_SNAPSHOT_VERIFICATION
-#define SNAPSHOT_HASH "sha256"
+static const char *snapshot_hash = CONFIG_SNAPSHOT_SIG_HASH;
+
+static int pkey_hash(void)
+{
+ int i, ret;
+
+ ret = -1;
+ for (i = 0; i < PKEY_HASH__LAST; i++) {
+ if (!strcmp(pkey_hash_algo[i], snapshot_hash)) {
+ ret = i;
+ break;
+ }
+ }
+
+ return ret;
+}
#endif
/*
@@ -1074,7 +1089,7 @@ swsusp_generate_signature(struct memory_bitmap *copy_bm, unsigned int nr_pages)
int ret, i;
ret = -ENOMEM;
- tfm = crypto_alloc_shash(SNAPSHOT_HASH, 0, 0);
+ tfm = crypto_alloc_shash(snapshot_hash, 0, 0);
if (IS_ERR(tfm)) {
pr_err("IS_ERR(tfm): %ld", PTR_ERR(tfm));
return PTR_ERR(tfm);
@@ -1127,7 +1142,7 @@ swsusp_generate_signature(struct memory_bitmap *copy_bm, unsigned int nr_pages)
goto error_key;
}
- pks = generate_signature(s4_sign_key, digest, PKEY_HASH_SHA256, false);
+ pks = generate_signature(s4_sign_key, digest, pkey_hash(), false);
if (IS_ERR(pks)) {
pr_err("Generate signature fail: %lx", PTR_ERR(pks));
ret = PTR_ERR(pks);
@@ -2491,7 +2506,7 @@ int snapshot_verify_signature(u8 *digest, size_t digest_size)
pr_err("PM: Allocate public key signature fail!");
return -ENOMEM;
}
- pks->pkey_hash_algo = PKEY_HASH_SHA256;
+ pks->pkey_hash_algo = pkey_hash();
pks->digest = digest;
pks->digest_size = digest_size;
@@ -2544,7 +2559,7 @@ int snapshot_image_verify(void)
if (ret)
goto forward_ret;
- tfm = crypto_alloc_shash(SNAPSHOT_HASH, 0, 0);
+ tfm = crypto_alloc_shash(snapshot_hash, 0, 0);
if (IS_ERR(tfm)) {
pr_err("IS_ERR(tfm): %ld", PTR_ERR(tfm));
return PTR_ERR(tfm);
--
1.6.0.2
On Sun 2013-09-15 08:56:59, Lee, Chun-Yi wrote:
> This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> hash algorithm will be used during signature generation of snapshot.
This series is big enough already... and who is going to test it?
There's no need to make hash configurable. Just select one that works.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
於 三,2013-09-18 於 15:45 +0200,Pavel Machek 提到:
> On Sun 2013-09-15 08:56:59, Lee, Chun-Yi wrote:
> > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > hash algorithm will be used during signature generation of snapshot.
>
> This series is big enough already... and who is going to test it?
The hash config not just for testing, it's relate to the performance and
secure between different hash algorithms.
There have person raised in LPC say he don't like SHA algorithm.
> There's no need to make hash configurable. Just select one that works.
>
> Pavel
>
SHA1 has good performance, and SHA512 has better security, which one you
like it?
Thanks a lot!
Joey Lee
於 三,2013-09-18 於 15:45 +0200,Pavel Machek 提到:
> On Sun 2013-09-15 08:56:59, Lee, Chun-Yi wrote:
> > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > hash algorithm will be used during signature generation of snapshot.
>
> This series is big enough already... and who is going to test it?
The hash config not just for testing, it's relate to the performance and
secure between different hash algorithms.
There have person raised in LPC say he don't like SHA algorithm.
> There's no need to make hash configurable. Just select one that works.
>
> Pavel
>
SHA1 has good performance, and SHA512 has better security, which one you
like it?
Thanks a lot!
Joey Lee
於 三,2013-09-18 於 15:45 +0200,Pavel Machek 提到:
> On Sun 2013-09-15 08:56:59, Lee, Chun-Yi wrote:
> > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > hash algorithm will be used during signature generation of snapshot.
>
> This series is big enough already... and who is going to test it?
The hash config not just for testing, it's relate to the performance and
secure between different hash algorithms.
There have person raised in LPC say he don't like SHA algorithm.
> There's no need to make hash configurable. Just select one that works.
>
> Pavel
>
SHA1 has good performance, and SHA512 has better security, which one you
like it?
Thanks a lot!
Joey Lee
於 三,2013-09-18 於 15:45 +0200,Pavel Machek 提到:
> On Sun 2013-09-15 08:56:59, Lee, Chun-Yi wrote:
> > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > hash algorithm will be used during signature generation of snapshot.
>
> This series is big enough already... and who is going to test it?
The hash config not just for testing, it's relate to the performance and
secure between different hash algorithms.
There have person raised in LPC say he don't like SHA algorithm.
> There's no need to make hash configurable. Just select one that works.
>
> Pavel
>
SHA1 has good performance, and SHA512 has better security, which one you
like it?
Thanks a lot!
Joey Lee
於 三,2013-09-18 於 15:45 +0200,Pavel Machek 提到:
> On Sun 2013-09-15 08:56:59, Lee, Chun-Yi wrote:
> > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > hash algorithm will be used during signature generation of snapshot.
>
> This series is big enough already... and who is going to test it?
The hash config not just for testing, it's relate to the performance and
secure between different hash algorithms.
There have person raised in LPC say he don't like SHA algorithm.
> There's no need to make hash configurable. Just select one that works.
>
> Pavel
>
SHA1 has good performance, and SHA512 has better security, which one you
like it?
Thanks a lot!
Joey Lee
Hi!
> > On Sun 2013-09-15 08:56:59, Lee, Chun-Yi wrote:
> > > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > > hash algorithm will be used during signature generation of snapshot.
> >
> > This series is big enough already... and who is going to test it?
>
> The hash config not just for testing, it's relate to the performance and
> secure between different hash algorithms.
I'm not saying it is for testing. I'm saying that selection makes
testing harder.
> There have person raised in LPC say he don't like SHA algorithm.
Well, I don't like the config option.
> > There's no need to make hash configurable. Just select one that works.
>
> SHA1 has good performance, and SHA512 has better security, which one you
> like it?
Use SHA1. It is completely adequate for what you are trying to do.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html