Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp1016506pxf; Thu, 8 Apr 2021 20:05:28 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzFiHkfZxF893qLJTB6znX9BdDTMdwkYyA557RcMYmE8Lm3hr1QWlpRwiXA7PmfmFlqtWAU X-Received: by 2002:a63:d755:: with SMTP id w21mr11247836pgi.400.1617937528470; Thu, 08 Apr 2021 20:05:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617937528; cv=none; d=google.com; s=arc-20160816; b=Tks2VenRjNygiIZuebnmcJgT5cnifNNdT/CcpoBBiA2Z8ksHdULCbEjc7p1Kd0z8Mz 1dOhpqgGhmXD3FY4FY8rL5/es9ZKNWj/jwSAPTNOHRwIpbcSBV2uw5Cb2tzjSrRBHnXl a3WsgkL0xA2Y5CSrr9X7GE1AzGIpXTrhXDxtxHuf4sPLle2Lnz4q65uXIaIP/Kesu4cD aX6ldnpPwyDq5dePpMd3RyX4kvyFoxmFFxl9HPwP/sqMDcmjCW1aEkHHRki0CinTo7S4 Iu5HuWcYqkUm9BA4YQmeZpJlMCVznItz6ffnH3NgZOufCmpRipxeO4JKGSYJ10FBvw/R j/Jg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=7dh6luOjZQLh1aBy5+G8C9A6OrurtWSDGVgjtVnLptQ=; b=CokKQ+ot9O4zknXSGaT+B7UOlk+K3gnDrAmeeMiJ87crEerSrMEPF8fbvcezv3Wv40 xNiAxPIcup63d1SAaycPA23A5GIQ14gr+Ura9WyA71McNfKxER5rwnivSCZqCZOD/MmN CjFGXO3kR+GUjczNSjqCTQTOdUd3bzEDtNQZnrZQIUjfapzzJKvEoEZZr6+9O8qXyE1v WtEYCiRn6LPxNR4fDrafG9+IdzIJkDWqgfQ80bqm0HymzA97+I9T4gGHKXiIFV/s+D1D xvfTsGqjCAJvIFcVEV4quciybxhKwgbGdONbOyZ/8+jSha5Az4axec7jODarhL4gqa9o 5TuQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=cLLBUvMl; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id mz4si1436426pjb.26.2021.04.08.20.05.11; Thu, 08 Apr 2021 20:05:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=cLLBUvMl; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233032AbhDIDDu (ORCPT + 99 others); Thu, 8 Apr 2021 23:03:50 -0400 Received: from mail.zx2c4.com ([104.131.123.232]:49234 "EHLO mail.zx2c4.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233109AbhDIDDt (ORCPT ); Thu, 8 Apr 2021 23:03:49 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1617937411; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=7dh6luOjZQLh1aBy5+G8C9A6OrurtWSDGVgjtVnLptQ=; b=cLLBUvMl0IOmHBQKnlo7YKRTbmOvO00u7fgKLpQnaKgB+xYM/T8FVjtZi3ywrm3wa044tw 1JQhs0jDiq1c2E1n6s7o2bKVFWpVANLVfBJAX/VsmsI4hKoqKiJ4qcg/5yelcK4Eshm9f0 xs6FDlX5rPSg8gANvb1dE5Cz0us88SY= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 78f4a530 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO); Fri, 9 Apr 2021 03:03:31 +0000 (UTC) Date: Thu, 8 Apr 2021 21:03:29 -0600 From: "Jason A. Donenfeld" To: Hangbin Liu Cc: Simo Sorce , Netdev , Toke =?utf-8?Q?H=C3=B8iland-J=C3=B8rgensen?= , Jakub Kicinski , Ondrej Mosnacek , Linux Crypto Mailing List Subject: Re: [PATCH net-next] [RESEND] wireguard: disable in FIPS mode Message-ID: References: <20210407113920.3735505-1-liuhangbin@gmail.com> <20210409024143.GL2900@Leo-laptop-t470s> <20210409024907.GN2900@Leo-laptop-t470s> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20210409024907.GN2900@Leo-laptop-t470s> Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, Apr 09, 2021 at 10:49:07AM +0800, Hangbin Liu wrote: > On Thu, Apr 08, 2021 at 08:44:35PM -0600, Jason A. Donenfeld wrote: > > Since it's just a normal module library, you can simply do this in the > > module_init function, rather than deep within registration > > abstractions. > > I did a try but looks it's not that simple. Not sure if it's because wireguard > calls the library directly. Need to check more... Something like the below should work... diff --git a/arch/arm/crypto/chacha-glue.c b/arch/arm/crypto/chacha-glue.c index a408f4bcfd62..47212f9421c1 100644 --- a/arch/arm/crypto/chacha-glue.c +++ b/arch/arm/crypto/chacha-glue.c @@ -14,6 +14,7 @@ #include #include #include +#include #include #include @@ -297,6 +298,9 @@ static int __init chacha_simd_mod_init(void) { int err = 0; + if (fips_enabled) + return -EOPNOTSUPP; + if (IS_REACHABLE(CONFIG_CRYPTO_BLKCIPHER)) { err = crypto_register_skciphers(arm_algs, ARRAY_SIZE(arm_algs)); if (err) diff --git a/arch/arm/crypto/curve25519-glue.c b/arch/arm/crypto/curve25519-glue.c index 31eb75b6002f..d03f810fdaf3 100644 --- a/arch/arm/crypto/curve25519-glue.c +++ b/arch/arm/crypto/curve25519-glue.c @@ -14,6 +14,7 @@ #include #include #include +#include #include #include #include @@ -114,6 +115,9 @@ static struct kpp_alg curve25519_alg = { static int __init mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + if (elf_hwcap & HWCAP_NEON) { static_branch_enable(&have_neon); return IS_REACHABLE(CONFIG_CRYPTO_KPP) ? diff --git a/arch/arm/crypto/poly1305-glue.c b/arch/arm/crypto/poly1305-glue.c index 3023c1acfa19..30d6c6de7a27 100644 --- a/arch/arm/crypto/poly1305-glue.c +++ b/arch/arm/crypto/poly1305-glue.c @@ -17,6 +17,7 @@ #include #include #include +#include void poly1305_init_arm(void *state, const u8 *key); void poly1305_blocks_arm(void *state, const u8 *src, u32 len, u32 hibit); @@ -240,6 +241,9 @@ static struct shash_alg arm_poly1305_algs[] = {{ static int __init arm_poly1305_mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + if (IS_ENABLED(CONFIG_KERNEL_MODE_NEON) && (elf_hwcap & HWCAP_NEON)) static_branch_enable(&have_neon); diff --git a/arch/arm64/crypto/chacha-neon-glue.c b/arch/arm64/crypto/chacha-neon-glue.c index 1d9824c4ae43..1696993326b5 100644 --- a/arch/arm64/crypto/chacha-neon-glue.c +++ b/arch/arm64/crypto/chacha-neon-glue.c @@ -26,6 +26,7 @@ #include #include #include +#include #include #include @@ -214,6 +215,9 @@ static struct skcipher_alg algs[] = { static int __init chacha_simd_mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + if (!cpu_have_named_feature(ASIMD)) return 0; diff --git a/arch/arm64/crypto/poly1305-glue.c b/arch/arm64/crypto/poly1305-glue.c index f33ada70c4ed..ac257a52be4d 100644 --- a/arch/arm64/crypto/poly1305-glue.c +++ b/arch/arm64/crypto/poly1305-glue.c @@ -17,6 +17,7 @@ #include #include #include +#include asmlinkage void poly1305_init_arm64(void *state, const u8 *key); asmlinkage void poly1305_blocks(void *state, const u8 *src, u32 len, u32 hibit); @@ -208,6 +209,9 @@ static struct shash_alg neon_poly1305_alg = { static int __init neon_poly1305_mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + if (!cpu_have_named_feature(ASIMD)) return 0; diff --git a/arch/mips/crypto/chacha-glue.c b/arch/mips/crypto/chacha-glue.c index 90896029d0cd..31f8294f2a31 100644 --- a/arch/mips/crypto/chacha-glue.c +++ b/arch/mips/crypto/chacha-glue.c @@ -12,6 +12,7 @@ #include #include #include +#include asmlinkage void chacha_crypt_arch(u32 *state, u8 *dst, const u8 *src, unsigned int bytes, int nrounds); @@ -128,6 +129,9 @@ static struct skcipher_alg algs[] = { static int __init chacha_simd_mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + return IS_REACHABLE(CONFIG_CRYPTO_BLKCIPHER) ? crypto_register_skciphers(algs, ARRAY_SIZE(algs)) : 0; } diff --git a/arch/mips/crypto/poly1305-glue.c b/arch/mips/crypto/poly1305-glue.c index fc881b46d911..f5edec10cef8 100644 --- a/arch/mips/crypto/poly1305-glue.c +++ b/arch/mips/crypto/poly1305-glue.c @@ -12,6 +12,7 @@ #include #include #include +#include asmlinkage void poly1305_init_mips(void *state, const u8 *key); asmlinkage void poly1305_blocks_mips(void *state, const u8 *src, u32 len, u32 hibit); @@ -173,6 +174,9 @@ static struct shash_alg mips_poly1305_alg = { static int __init mips_poly1305_mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + return IS_REACHABLE(CONFIG_CRYPTO_HASH) ? crypto_register_shash(&mips_poly1305_alg) : 0; } diff --git a/arch/x86/crypto/blake2s-glue.c b/arch/x86/crypto/blake2s-glue.c index 94ac5bdd9f6f..968762fcc8b2 100644 --- a/arch/x86/crypto/blake2s-glue.c +++ b/arch/x86/crypto/blake2s-glue.c @@ -11,6 +11,7 @@ #include #include #include +#include #include #include @@ -194,6 +195,9 @@ static struct shash_alg blake2s_algs[] = {{ static int __init blake2s_mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + if (!boot_cpu_has(X86_FEATURE_SSSE3)) return 0; diff --git a/arch/x86/crypto/chacha_glue.c b/arch/x86/crypto/chacha_glue.c index 4c4dc64398cb..15e6cd084598 100644 --- a/arch/x86/crypto/chacha_glue.c +++ b/arch/x86/crypto/chacha_glue.c @@ -12,6 +12,7 @@ #include #include #include +#include #include asmlinkage void chacha_block_xor_ssse3(u32 *state, u8 *dst, const u8 *src, @@ -278,6 +279,9 @@ static struct skcipher_alg algs[] = { static int __init chacha_simd_mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + if (!boot_cpu_has(X86_FEATURE_SSSE3)) return 0; diff --git a/arch/x86/crypto/curve25519-x86_64.c b/arch/x86/crypto/curve25519-x86_64.c index a9edb6f8a0ba..b840c7e49aa1 100644 --- a/arch/x86/crypto/curve25519-x86_64.c +++ b/arch/x86/crypto/curve25519-x86_64.c @@ -11,6 +11,7 @@ #include #include #include +#include #include #include @@ -1488,6 +1489,9 @@ static struct kpp_alg curve25519_alg = { static int __init curve25519_mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + if (boot_cpu_has(X86_FEATURE_BMI2) && boot_cpu_has(X86_FEATURE_ADX)) static_branch_enable(&curve25519_use_bmi2_adx); else diff --git a/arch/x86/crypto/poly1305_glue.c b/arch/x86/crypto/poly1305_glue.c index b69e362730d0..eb1940c74c7b 100644 --- a/arch/x86/crypto/poly1305_glue.c +++ b/arch/x86/crypto/poly1305_glue.c @@ -11,6 +11,7 @@ #include #include #include +#include #include #include @@ -258,6 +259,9 @@ static struct shash_alg alg = { static int __init poly1305_simd_mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + if (IS_ENABLED(CONFIG_AS_AVX) && boot_cpu_has(X86_FEATURE_AVX) && cpu_has_xfeatures(XFEATURE_MASK_SSE | XFEATURE_MASK_YMM, NULL)) static_branch_enable(&poly1305_use_avx); diff --git a/lib/crypto/blake2s.c b/lib/crypto/blake2s.c index 41025a30c524..8d244eeb277e 100644 --- a/lib/crypto/blake2s.c +++ b/lib/crypto/blake2s.c @@ -15,6 +15,7 @@ #include #include #include +#include #include bool blake2s_selftest(void); @@ -109,6 +110,9 @@ EXPORT_SYMBOL(blake2s256_hmac); static int __init mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS) && WARN_ON(!blake2s_selftest())) return -ENODEV; diff --git a/lib/crypto/chacha.c b/lib/crypto/chacha.c index 65ead6b0c7e0..4f0087717faf 100644 --- a/lib/crypto/chacha.c +++ b/lib/crypto/chacha.c @@ -11,6 +11,9 @@ #include #include #include +#include +#include +#include #include #include @@ -113,3 +116,12 @@ void hchacha_block_generic(const u32 *state, u32 *stream, int nrounds) memcpy(&stream[4], &x[12], 16); } EXPORT_SYMBOL(hchacha_block_generic); + +static int __init mod_init(void) +{ + if (fips_enabled) + return -EOPNOTSUPP; + return 0; +} + +module_init(mod_init); diff --git a/lib/crypto/chacha20poly1305.c b/lib/crypto/chacha20poly1305.c index 1fec56e5dd51..d19278c5813d 100644 --- a/lib/crypto/chacha20poly1305.c +++ b/lib/crypto/chacha20poly1305.c @@ -18,6 +18,7 @@ #include #include #include +#include #define CHACHA_KEY_WORDS (CHACHA_KEY_SIZE / sizeof(u32)) @@ -358,6 +359,9 @@ EXPORT_SYMBOL(chacha20poly1305_decrypt_sg_inplace); static int __init mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS) && WARN_ON(!chacha20poly1305_selftest())) return -ENODEV; diff --git a/lib/crypto/curve25519.c b/lib/crypto/curve25519.c index 288a62cd29b2..f759d49b0b57 100644 --- a/lib/crypto/curve25519.c +++ b/lib/crypto/curve25519.c @@ -12,11 +12,15 @@ #include #include #include +#include bool curve25519_selftest(void); static int __init mod_init(void) { + if (fips_enabled) + return -EOPNOTSUPP; + if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS) && WARN_ON(!curve25519_selftest())) return -ENODEV; diff --git a/lib/crypto/poly1305.c b/lib/crypto/poly1305.c index 9d2d14df0fee..ae4255957d31 100644 --- a/lib/crypto/poly1305.c +++ b/lib/crypto/poly1305.c @@ -10,6 +10,7 @@ #include #include #include +#include #include void poly1305_init_generic(struct poly1305_desc_ctx *desc, const u8 *key) @@ -73,5 +74,14 @@ void poly1305_final_generic(struct poly1305_desc_ctx *desc, u8 *dst) } EXPORT_SYMBOL_GPL(poly1305_final_generic); +static int __init mod_init(void) +{ + if (fips_enabled) + return -EOPNOTSUPP; + return 0; +} + +module_init(mod_init); + MODULE_LICENSE("GPL"); MODULE_AUTHOR("Martin Willi ");