[4.4] Broken GIV crypto

CIP-dev archive mirror
 help / color / mirror / Atom feed

From: Alex Grund <flamefire89@gmail.com>
To: cip-dev@lists.cip-project.org
Subject: [4.4] Broken GIV crypto
Date: Tue, 26 Mar 2024 19:38:57 +0100	[thread overview]
Message-ID: <CAFm405kQcpwwY9i52V0CHtOem84ze_MOLfTxVJVUbG6MKt6zjQ@mail.gmail.com> (raw)

[-- Attachment #1: Type: text/plain, Size: 1207 bytes --]

Hi,
I need to report a bug against the linux-4.4.y-st branch caused by commit
24a1889c (crypto: api - Disallow identical driver names)

The upstream commit on which this is based is applied to a kernel tree that
removed the GIV ciphers and the CRYPTO_ALG_TYPE_GIVCIPHER in upstream
commit c79b411eaa (crypto: skcipher - remove remnants of internal IV
generators)

However in 4.4 this is still present and after "something" registered a
"cts(cbc(aes))" alg on the "cts(cbc(aes-ce))" driver the code in
crypto_lookup_skcipher will dismiss it because of the missing GIVCIPHER
flag (type is BLKCIPHER)
It will then add a fitting alg through crypto_givcipher_default which ends
up calling "__crypto_register_alg" which then fails (returns EEXISTS)
because it is adding it with the same name and driver name, although the
flag is different (GIVCIPHER instead of BLKCIPHER) which is actually fine:
__crypto_alg_lookup checks for a matching type before checking the name.

Hence duplicate names are OK if the flags are different.

I hence argue that the commit should be reverted as it causes regressions.
In my case the device doesn't boot at all anymore as it relies on that
crypto alg.

Regards,
Alexander Grund

[-- Attachment #2: Type: text/html, Size: 1411 bytes --]

next             reply	other threads:[~2024-03-26 18:43 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-03-26 18:38 Alex Grund [this message]
2024-04-04 12:46 ` [cip-dev] [4.4] Broken GIV crypto Ulrich Hecht

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAFm405kQcpwwY9i52V0CHtOem84ze_MOLfTxVJVUbG6MKt6zjQ@mail.gmail.com \
    --to=flamefire89@gmail.com \
    --cc=cip-dev@lists.cip-project.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).