[Bug 1189034] New: config: re-modularize crypto algorithms used by fs encryption
https://bugzilla.suse.com/show_bug.cgi?id=1189034 Bug ID: 1189034 Summary: config: re-modularize crypto algorithms used by fs encryption Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Kernel Assignee: jeffm@suse.com Reporter: jeffm@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- When ext4 was built in, it pulled in FS_ENCRYPTION_ALGS=y, which in turn pulled in: CRYPTO_AES CRYPTO_CBC CRYPTO_CTS CRYPTO_ECB CRYPTO_HMAC CRYPTO_SHA512 CRYPTO_XTS Of these, only CRYPTO_AES and CRYPTO_CBC have reason to continue to be builtins. ENCRYPTED_KEYS=y selects them. The others can be made modular again. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1189034 Jeff Mahoney <jeffm@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1189072 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1189034 https://bugzilla.suse.com/show_bug.cgi?id=1189034#c1 Jeff Mahoney <jeffm@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |IN_PROGRESS --- Comment #1 from Jeff Mahoney <jeffm@suse.com> --- A kernel built with these changes results in a WARN_ON during boot: DRBG: could not allocate digest TFM handle: hmac(sha512) alg: drbg: Failed to reset rng alg: drbg: Test 0 failed for drbg_nopr_hmac_sha512 ------------[ cut here ]------------ alg: self-tests for drbg_nopr_hmac_sha512 (stdrng) failed (rc=-22) WARNING: CPU: 0 PID: 108 at /home/jeffm/src/scratch/trees/linux-5.14-rc5-master/crypto/testmgr.c:5653 alg_test+0x1a5/0x460 Modules linked in: CPU: 0 PID: 108 Comm: cryptomgr_test Not tainted 5.14.0-rc5-kvmsmall #3 openSUSE Tumbleweed (unreleased) 993b80969ad5a497b63b6beba04e1a2f265d60d9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015 RIP: 0010:alg_test+0x1a5/0x460 Code: 00 85 c0 0f 85 a3 02 00 00 80 3d 25 48 d4 01 00 0f 85 96 02 00 00 89 d9 4c 89 f2 4c 89 e6 48 c7 c7 c0 a6 d3 b3 e8 1b cf c3 ff <0f> 0b e9 aa fe ff ff 48 8d 74 24 08 48 c7 c7 60 68 d8 b4 e8 f3 0b RSP: 0000:ffffb3944069be38 EFLAGS: 00010282 RAX: 0000000000000000 RBX: 00000000ffffffea RCX: 00000000ffffbfff RDX: ffffb3944069bc50 RSI: 00000000ffffbfff RDI: 0000000000000003 RBP: 000000000000000c R08: 0000000000000000 R09: 0000000000000001 R10: ffffffffb4403d40 R11: ffffb3944069bc48 R12: ffff8f04408b5000 R13: 0000000000000400 R14: ffff8f04408b5080 R15: 0000000000000001 FS: 0000000000000000(0000) GS:ffff8f047fc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000007de10001 CR4: 00000000003706f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? __schedule+0x2fe/0x13b0 ? try_to_wake_up+0x445/0x500 ? crypto_acomp_scomp_free_ctx+0x30/0x30 cryptomgr_test+0x40/0x50 kthread+0x118/0x140 ? set_kthread_struct+0x40/0x40 ret_from_fork+0x1f/0x30 ---[ end trace be35ccf94d2991d3 ]--- This is a regression introduced with 5.14-rc1: commit 8833272d876eb5320e4c7c31cc455542510dc4c3 Author: Stephan M�ller <smueller@chronox.de> Date: Thu Jun 24 17:44:35 2021 +0200 crypto: drbg - self test for HMAC(SHA-512) Considering that the HMAC(SHA-512) DRBG is the default DRBG now, a self test is to be provided. The test vector is obtained from a successful NIST ACVP test run. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> alg_test_drbg now runs for drbg_nopr_hmac_sha512. This happens prior to the initramfs being loaded, so the module is unavailable and the test fails. There is already a fix for this queued in Herbert's cryptodev repo: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git/pa... I'll pull this into our kernel and update the configs accordingly. The end result is that CRYPTO_SHA512 must be built-in. The patch enforces that. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1189034 https://bugzilla.suse.com/show_bug.cgi?id=1189034#c2 Jeff Mahoney <jeffm@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED --- Comment #2 from Jeff Mahoney <jeffm@suse.com> --- commit 5f8b9147019f9af45e43be6140e1130687857b47 Author: Jeff Mahoney <jeffm@jeffm.io> Date: Tue Aug 3 16:50:55 2021 -0400 config: re-modularize CRYPTO_{CTS,ECB,HMAC,SHA512,XTS} (bsc#1189034). Now that FS_ENCRYPTION_ALGS is modular, the crypto modules it utilizes can be modular as well. CRYPTO_AES and CRYPTO_CBC are used by ENCRYPTED_KEYS and must remain built-in. commit dbb9dbc0ce4f433303dad793d1e4ca99dd664ef2 Author: Jeff Mahoney <jeffm@suse.com> Date: Mon Aug 23 13:27:23 2021 -0400 config: re-modularize CRYPTO_{CTS,ECB,XTS} on arm* (bsc#1189034). Now that FS_ENCRYPTION_ALGS is modular, the crypto modules it utilizes can be modular as well. CRYPTO_AES and CRYPTO_CBC are used by ENCRYPTED_KEYS and must remain built-in. CRYPTO_SHA512 and CRYPTO_HMAC are used by module signature validation and must also remain built-in. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com