Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4823055pxj; Wed, 12 May 2021 14:10:23 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz42W8XqDKGI1ayEm9CQFFsxSovDvmAOsgzMk4GMl51i5yY+YYXzvzWSYf5bJZYI7xloHlW X-Received: by 2002:a05:6402:12c4:: with SMTP id k4mr20946654edx.282.1620853823270; Wed, 12 May 2021 14:10:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620853823; cv=none; d=google.com; s=arc-20160816; b=zDroGignvzPbodbkePWl4sE7sqmwXpZVrOy+PGS4mNCzUu/zThUpwsVaELklrK16D1 J87OeT8/wuWiJiWHzU74ejZvsjvsA/PaAyJgvQ+cRYHtr9Xbl2OoyXmJUdAOyGCTdKjZ XK6r4/SiVGeuSTuwnoDSNiubm68H3t5bPLwo5W2q6I3GIW9Zj6r/IXQRTlFLm0b4E62a t1mLODeAtWff/FwCTAffKTRROFRQHOWe1ierM6P73KsuT4R7dBaJYu0Na1Zvpw3USV7m UTGgFmlyY948NYZg8G/C+kJOaL4TGR69ryeiRI2ZBcejirLETnK/e1jQS8SpXVMh2hB8 pg9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=kOdgZQd+Pb7zxHsvXbSeS5mKDSGq0alPQyzrOlxQdtU=; b=VUKB/T4Itp7FQIWuGF8FujoBFkcFmn28n/rFnE+21+Nkv9BEqP1HSoUDLP7nZydk60 UNGuRppUaoWD5tLgn5SXKLBNGy4wih7P9HsRXdXSz4oPtU4pVUX+yWBQQEtQzE+1JBzl yN2sgGCbYIEUq+Q7ynoBYWeoEq4W0dFSp9tvRRdwNloactvmuAdeSyxPLqbfQ2uqk6ow /7im/MjRDRXkKK8saP9tD49tIXejkO5JQylqtAEE3aC6WKRI6LBYxji51Fwl/fA/4f4h qksjpTrXuw96b+W+f1xVK6rgB1Erz+5O8srRL9wsL+i3X2ROVlQ4C2A+FBQp7PSIsgOi aIEw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=GXHvPcUM; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id qp24si863055ejb.718.2021.05.12.14.09.50; Wed, 12 May 2021 14:10:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=GXHvPcUM; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233130AbhELVHv (ORCPT + 99 others); Wed, 12 May 2021 17:07:51 -0400 Received: from mail.kernel.org ([198.145.29.99]:56230 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S245259AbhELSqO (ORCPT ); Wed, 12 May 2021 14:46:14 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 6572F6142D; Wed, 12 May 2021 18:44:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1620845092; bh=SmBuw5/my1vcoFAJsK9Niemsp+zYVD3mIjyRu1+S350=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=GXHvPcUMlEhYbcijXWwlUHQgce2c9Ib9yTDzmBL4YG7dnOovASp0AjESwfNexi3QE USE/L1kR0UTx8lM3Jtp1NXrWqfv6DAsUPxwUpe198I8lhPrPo0nzOk/B1r7J330X3l n2WCj86XfHHqndgPDjzSanXjYetPIDpRg3TXSpgvN6OXXRGejRyYvO4//TwOfO0eBO NCuO+BD1cVikdBMVEXgaiFI62j0AxqbWu13dOzhtabaj/jPGHQ87oW5Qu89lVkla6a FCIWhp2EFhbXAL6LcJTvpT4L80eqrLB6kxzmRQvZLbQM0HhzRrt8aLSHAY6rxARqUl /NwdIq++nIMRQ== From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, ebiggers@kernel.org, herbert@gondor.apana.org.au, will@kernel.org, kernel-team@android.com, Ard Biesheuvel Subject: [PATCH v3 3/7] crypto: skcipher - disallow en/decrypt for non-task or non-softirq context Date: Wed, 12 May 2021 20:44:35 +0200 Message-Id: <20210512184439.8778-4-ardb@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210512184439.8778-1-ardb@kernel.org> References: <20210512184439.8778-1-ardb@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org In order to ensure that kernel mode SIMD routines will not need a scalar fallback if they run with softirqs disabled, disallow any use of the skcipher encrypt and decrypt routines from outside of task or softirq context. Signed-off-by: Ard Biesheuvel --- crypto/skcipher.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/crypto/skcipher.c b/crypto/skcipher.c index 93fdacf49697..9bce5350008b 100644 --- a/crypto/skcipher.c +++ b/crypto/skcipher.c @@ -625,6 +625,11 @@ int crypto_skcipher_encrypt(struct skcipher_request *req) unsigned int cryptlen = req->cryptlen; int ret; + if (!(alg->cra_flags & CRYPTO_ALG_ASYNC) && + WARN_ONCE(!in_task() && !in_serving_softirq(), + "synchronous call from invalid context\n")) + return -EBUSY; + crypto_stats_get(alg); if (crypto_skcipher_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) ret = -ENOKEY; @@ -642,6 +647,11 @@ int crypto_skcipher_decrypt(struct skcipher_request *req) unsigned int cryptlen = req->cryptlen; int ret; + if (!(alg->cra_flags & CRYPTO_ALG_ASYNC) && + WARN_ONCE(!in_task() && !in_serving_softirq(), + "synchronous call from invalid context\n")) + return -EBUSY; + crypto_stats_get(alg); if (crypto_skcipher_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) ret = -ENOKEY; -- 2.20.1