Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp224998pxj; Thu, 17 Jun 2021 01:01:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJydd1bU9H1Lv/oVfQ3dHD7D7dNzHJXbsVXgCcklK7Wca9cuyrQUeZTA//0aMlOs7A4fFlkC X-Received: by 2002:a05:6602:2143:: with SMTP id y3mr2796998ioy.89.1623916897597; Thu, 17 Jun 2021 01:01:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623916897; cv=none; d=google.com; s=arc-20160816; b=xSb+3hAB3tTNvME5LfBjdDveNa17pZi4guOigVdM6qHT0AnhhiJpwFc0HlCH2wa1ZR IbM7HSIxgyPe18SZOmgZpge5eJ+HF2HdMlt6zCaQmNoOcClDNget4EGA+OvAq+duh41F 0NgESRBiXTmZeEaTsh3zdMLY/PdW5XcYqy3ZjzJAeN1o3OQugpyF7qmlEJL4wauklSOS yPFpfM+zkMUoJ/8suTY4K/FirG7tghNO3QizBqUpEzDSSHy3xoC0U2NWieAeo5QMLL4v a8HQJAItWFJ+/iQIX72z7vWhLaR0DvO0FsAw13+TCvgPgV7E8dpw2LiiRWF8hk5T0GCI JAWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=UXLOJzBmMV/oIPOawMoyiHNpYnRHT3M9+EIV0TPMZd4=; b=QMtVdAWqFf1H8YTi/kmSDTyCcZ4xM3Z/Lf3eyuTlMmnUMkND0WHsgPZe8B/f6XeXxk YKVi4+Ybw7lM5P4C6QDn5IwNq1m5PdaTBEEC5K3CAD5ELUTsY3iqlLZyIDPBlYCV8Pwu 7Pnu2VHwdi1viEnAWz5P0K84JmujD3VD38YSF3zdiMOsq1oKSRy86KTedUkyT323U4u1 V2WJ6R0pIQmqK/WL6OwbHibeHUgDqybXLsR+fhhqrknTPnethZWMdi9a9ZpgNsMZL/6b iyZVwHNgJaee18IUAAykz+Rtu13LzW5sShZwBWAPWPSK6a/Z/wpv52Xr8DIzIPOWfwWU uCyA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r24si4755095iog.39.2021.06.17.01.01.25; Thu, 17 Jun 2021 01:01:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229834AbhFQIDM (ORCPT + 99 others); Thu, 17 Jun 2021 04:03:12 -0400 Received: from helcar.hmeau.com ([216.24.177.18]:50726 "EHLO deadmen.hmeau.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229783AbhFQIDL (ORCPT ); Thu, 17 Jun 2021 04:03:11 -0400 Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar) by deadmen.hmeau.com with esmtp (Exim 4.92 #5 (Debian)) id 1ltmxT-0003ht-FX; Thu, 17 Jun 2021 16:01:03 +0800 Received: from herbert by gondobar with local (Exim 4.92) (envelope-from ) id 1ltmxT-0002n5-63; Thu, 17 Jun 2021 16:01:03 +0800 Date: Thu, 17 Jun 2021 16:01:03 +0800 From: Herbert Xu To: Ard Biesheuvel Cc: linux-crypto@vger.kernel.org, Sami Tolvanen , Eric Biggers Subject: Re: [PATCH v3] crypto: shash - avoid comparing pointers to exported functions under CFI Message-ID: <20210617080103.GC10662@gondor.apana.org.au> References: <20210610062150.212779-1-ardb@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210610062150.212779-1-ardb@kernel.org> User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, Jun 10, 2021 at 08:21:50AM +0200, Ard Biesheuvel wrote: > crypto_shash_alg_has_setkey() is implemented by testing whether the > .setkey() member of a struct shash_alg points to the default version, > called shash_no_setkey(). As crypto_shash_alg_has_setkey() is a static > inline, this requires shash_no_setkey() to be exported to modules. > > Unfortunately, when building with CFI, function pointers are routed > via CFI stubs which are private to each module (or to the kernel proper) > and so this function pointer comparison may fail spuriously. > > Let's fix this by turning crypto_shash_alg_has_setkey() into an out of > line function. > > Cc: Sami Tolvanen > Cc: Eric Biggers > Signed-off-by: Ard Biesheuvel > --- > v3: improve comment as per Eric's suggestion > v2: add code comment to explain why the function needs to remain out of > line > > crypto/shash.c | 18 +++++++++++++++--- > include/crypto/internal/hash.h | 8 +------- > 2 files changed, 16 insertions(+), 10 deletions(-) Patch applied. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt