tree: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master
head: b335f258e8ddafec0e8ae2201ca78d29ed8f85eb
commit: e5221fa6a355112ddcc29dc82a94f7c3a1aacc0b [76/81] KEYS: asymmetric: Move sm2 code into x509_public_key
config: nios2-randconfig-r031-20230622 (https://download.01.org/0day-ci/archive/20230623/[email protected]/config)
compiler: nios2-linux-gcc (GCC) 12.3.0
reproduce: (https://download.01.org/0day-ci/archive/20230623/[email protected]/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <[email protected]>
| Closes: https://lore.kernel.org/oe-kbuild-all/[email protected]/
All errors (new ones prefixed by >>):
nios2-linux-ld: crypto/asymmetric_keys/x509_public_key.o: in function `x509_get_sig_params':
>> crypto/asymmetric_keys/x509_public_key.c:70: undefined reference to `sm2_compute_z_digest'
crypto/asymmetric_keys/x509_public_key.c:70:(.text+0x34c): relocation truncated to fit: R_NIOS2_CALL26 against `sm2_compute_z_digest'
vim +70 crypto/asymmetric_keys/x509_public_key.c
20
21 /*
22 * Set up the signature parameters in an X.509 certificate. This involves
23 * digesting the signed data and extracting the signature.
24 */
25 int x509_get_sig_params(struct x509_certificate *cert)
26 {
27 struct public_key_signature *sig = cert->sig;
28 struct crypto_shash *tfm;
29 struct shash_desc *desc;
30 size_t desc_size;
31 int ret;
32
33 pr_devel("==>%s()\n", __func__);
34
35 sig->s = kmemdup(cert->raw_sig, cert->raw_sig_size, GFP_KERNEL);
36 if (!sig->s)
37 return -ENOMEM;
38
39 sig->s_size = cert->raw_sig_size;
40
41 /* Allocate the hashing algorithm we're going to need and find out how
42 * big the hash operational data will be.
43 */
44 tfm = crypto_alloc_shash(sig->hash_algo, 0, 0);
45 if (IS_ERR(tfm)) {
46 if (PTR_ERR(tfm) == -ENOENT) {
47 cert->unsupported_sig = true;
48 return 0;
49 }
50 return PTR_ERR(tfm);
51 }
52
53 desc_size = crypto_shash_descsize(tfm) + sizeof(*desc);
54 sig->digest_size = crypto_shash_digestsize(tfm);
55
56 ret = -ENOMEM;
57 sig->digest = kmalloc(sig->digest_size, GFP_KERNEL);
58 if (!sig->digest)
59 goto error;
60
61 desc = kzalloc(desc_size, GFP_KERNEL);
62 if (!desc)
63 goto error;
64
65 desc->tfm = tfm;
66
67 if (strcmp(cert->pub->pkey_algo, "sm2") == 0) {
68 ret = strcmp(sig->hash_algo, "sm3") != 0 ? -EINVAL :
69 crypto_shash_init(desc) ?:
> 70 sm2_compute_z_digest(desc, cert->pub->key,
71 cert->pub->keylen, sig->digest) ?:
72 crypto_shash_init(desc) ?:
73 crypto_shash_update(desc, sig->digest,
74 sig->digest_size) ?:
75 crypto_shash_finup(desc, cert->tbs, cert->tbs_size,
76 sig->digest);
77 } else {
78 ret = crypto_shash_digest(desc, cert->tbs, cert->tbs_size,
79 sig->digest);
80 }
81
82 if (ret < 0)
83 goto error_2;
84
85 ret = is_hash_blacklisted(sig->digest, sig->digest_size,
86 BLACKLIST_HASH_X509_TBS);
87 if (ret == -EKEYREJECTED) {
88 pr_err("Cert %*phN is blacklisted\n",
89 sig->digest_size, sig->digest);
90 cert->blacklisted = true;
91 ret = 0;
92 }
93
94 error_2:
95 kfree(desc);
96 error:
97 crypto_free_shash(tfm);
98 pr_devel("<==%s() = %d\n", __func__, ret);
99 return ret;
100 }
101
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
On Fri, Jun 23, 2023 at 07:22:29PM +0800, kernel test robot wrote:
> tree: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master
> head: b335f258e8ddafec0e8ae2201ca78d29ed8f85eb
> commit: e5221fa6a355112ddcc29dc82a94f7c3a1aacc0b [76/81] KEYS: asymmetric: Move sm2 code into x509_public_key
> config: nios2-randconfig-r031-20230622 (https://download.01.org/0day-ci/archive/20230623/[email protected]/config)
> compiler: nios2-linux-gcc (GCC) 12.3.0
> reproduce: (https://download.01.org/0day-ci/archive/20230623/[email protected]/reproduce)
---8<---
When sm2 is disabled we need to provide an implementation of
sm2_compute_z_digest.
Fixes: e5221fa6a355 ("KEYS: asymmetric: Move sm2 code into x509_public_key")
Reported-by: kernel test robot <[email protected]>
Closes: https://lore.kernel.org/oe-kbuild-all/[email protected]/
Signed-off-by: Herbert Xu <[email protected]>
diff --git a/include/crypto/sm2.h b/include/crypto/sm2.h
index 7094d75ed54c..04a92c1013c8 100644
--- a/include/crypto/sm2.h
+++ b/include/crypto/sm2.h
@@ -13,7 +13,16 @@
struct shash_desc;
+#if IS_REACHABLE(CONFIG_CRYPTO_SM2)
int sm2_compute_z_digest(struct shash_desc *desc,
const void *key, unsigned int keylen, void *dgst);
+#else
+static inline int sm2_compute_z_digest(struct shash_desc *desc,
+ const void *key, unsigned int keylen,
+ void *dgst)
+{
+ return -ENOTSUPP;
+}
+#endif
#endif /* _CRYPTO_SM2_H */
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Sat, 24 Jun 2023 at 07:20, Herbert Xu <[email protected]> wrote:
>
> On Fri, Jun 23, 2023 at 07:22:29PM +0800, kernel test robot wrote:
> > tree: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master
> > head: b335f258e8ddafec0e8ae2201ca78d29ed8f85eb
> > commit: e5221fa6a355112ddcc29dc82a94f7c3a1aacc0b [76/81] KEYS: asymmetric: Move sm2 code into x509_public_key
> > config: nios2-randconfig-r031-20230622 (https://download.01.org/0day-ci/archive/20230623/[email protected]/config)
> > compiler: nios2-linux-gcc (GCC) 12.3.0
> > reproduce: (https://download.01.org/0day-ci/archive/20230623/[email protected]/reproduce)
>
> ---8<---
> When sm2 is disabled we need to provide an implementation of
> sm2_compute_z_digest.
>
> Fixes: e5221fa6a355 ("KEYS: asymmetric: Move sm2 code into x509_public_key")
> Reported-by: kernel test robot <[email protected]>
> Closes: https://lore.kernel.org/oe-kbuild-all/[email protected]/
> Signed-off-by: Herbert Xu <[email protected]>
>
> diff --git a/include/crypto/sm2.h b/include/crypto/sm2.h
> index 7094d75ed54c..04a92c1013c8 100644
> --- a/include/crypto/sm2.h
> +++ b/include/crypto/sm2.h
> @@ -13,7 +13,16 @@
>
> struct shash_desc;
>
> +#if IS_REACHABLE(CONFIG_CRYPTO_SM2)
> int sm2_compute_z_digest(struct shash_desc *desc,
> const void *key, unsigned int keylen, void *dgst);
> +#else
> +static inline int sm2_compute_z_digest(struct shash_desc *desc,
> + const void *key, unsigned int keylen,
> + void *dgst)
> +{
> + return -ENOTSUPP;
> +}
> +#endif
>
> #endif /* _CRYPTO_SM2_H */
How is this supposed to work when
CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y but SM2 is configured as a
module?
On Sat, Jun 24, 2023 at 09:40:59AM +0200, Ard Biesheuvel wrote:
>
> How is this supposed to work when
> CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y but SM2 is configured as a
> module?
It will fail as it did previously. I'm just rearranging the code.
Perhaps when another algorithm that requires a non-standard digest
comes up we can think up of a proper abstraction.
Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Sat, 24 Jun 2023 at 09:47, Herbert Xu <[email protected]> wrote:
>
> On Sat, Jun 24, 2023 at 09:40:59AM +0200, Ard Biesheuvel wrote:
> >
> > How is this supposed to work when
> > CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y but SM2 is configured as a
> > module?
>
> It will fail as it did previously. I'm just rearranging the code.
> Perhaps when another algorithm that requires a non-standard digest
> comes up we can think up of a proper abstraction.
>
Fair enough.