Commit 877ccce7 authored by Ondrej Mosnacek's avatar Ondrej Mosnacek Committed by Herbert Xu

crypto: x86/aegis,morus - Fix and simplify CPUID checks

It turns out I had misunderstood how the x86_match_cpu() function works.
It evaluates a logical OR of the matching conditions, not logical AND.
This caused the CPU feature checks for AEGIS to pass even if only SSE2
(but not AES-NI) was supported (or vice versa), leading to potential
crashes if something tried to use the registered algs.

This patch switches the checks to a simpler method that is used e.g. in
the Camellia x86 code.

The patch also removes the MODULE_DEVICE_TABLE declarations which
actually seem to cause the modules to be auto-loaded at boot, which is
not desired. The crypto API on-demand module loading is sufficient.

Fixes: 1d373d4e ("crypto: x86 - Add optimized AEGIS implementations")
Fixes: 6ecc9d9f ("crypto: x86 - Add optimized MORUS implementations")
Signed-off-by: default avatarOndrej Mosnacek <omosnace@redhat.com>
Tested-by: default avatarMilan Broz <gmazyland@gmail.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent f10dc56c
...@@ -375,16 +375,12 @@ static struct aead_alg crypto_aegis128_aesni_alg[] = { ...@@ -375,16 +375,12 @@ static struct aead_alg crypto_aegis128_aesni_alg[] = {
} }
}; };
static const struct x86_cpu_id aesni_cpu_id[] = {
X86_FEATURE_MATCH(X86_FEATURE_AES),
X86_FEATURE_MATCH(X86_FEATURE_XMM2),
{}
};
MODULE_DEVICE_TABLE(x86cpu, aesni_cpu_id);
static int __init crypto_aegis128_aesni_module_init(void) static int __init crypto_aegis128_aesni_module_init(void)
{ {
if (!x86_match_cpu(aesni_cpu_id)) if (!boot_cpu_has(X86_FEATURE_XMM2) ||
!boot_cpu_has(X86_FEATURE_AES) ||
!boot_cpu_has(X86_FEATURE_OSXSAVE) ||
!cpu_has_xfeatures(XFEATURE_MASK_SSE, NULL))
return -ENODEV; return -ENODEV;
return crypto_register_aeads(crypto_aegis128_aesni_alg, return crypto_register_aeads(crypto_aegis128_aesni_alg,
......
...@@ -375,16 +375,12 @@ static struct aead_alg crypto_aegis128l_aesni_alg[] = { ...@@ -375,16 +375,12 @@ static struct aead_alg crypto_aegis128l_aesni_alg[] = {
} }
}; };
static const struct x86_cpu_id aesni_cpu_id[] = {
X86_FEATURE_MATCH(X86_FEATURE_AES),
X86_FEATURE_MATCH(X86_FEATURE_XMM2),
{}
};
MODULE_DEVICE_TABLE(x86cpu, aesni_cpu_id);
static int __init crypto_aegis128l_aesni_module_init(void) static int __init crypto_aegis128l_aesni_module_init(void)
{ {
if (!x86_match_cpu(aesni_cpu_id)) if (!boot_cpu_has(X86_FEATURE_XMM2) ||
!boot_cpu_has(X86_FEATURE_AES) ||
!boot_cpu_has(X86_FEATURE_OSXSAVE) ||
!cpu_has_xfeatures(XFEATURE_MASK_SSE, NULL))
return -ENODEV; return -ENODEV;
return crypto_register_aeads(crypto_aegis128l_aesni_alg, return crypto_register_aeads(crypto_aegis128l_aesni_alg,
......
...@@ -375,16 +375,12 @@ static struct aead_alg crypto_aegis256_aesni_alg[] = { ...@@ -375,16 +375,12 @@ static struct aead_alg crypto_aegis256_aesni_alg[] = {
} }
}; };
static const struct x86_cpu_id aesni_cpu_id[] = {
X86_FEATURE_MATCH(X86_FEATURE_AES),
X86_FEATURE_MATCH(X86_FEATURE_XMM2),
{}
};
MODULE_DEVICE_TABLE(x86cpu, aesni_cpu_id);
static int __init crypto_aegis256_aesni_module_init(void) static int __init crypto_aegis256_aesni_module_init(void)
{ {
if (!x86_match_cpu(aesni_cpu_id)) if (!boot_cpu_has(X86_FEATURE_XMM2) ||
!boot_cpu_has(X86_FEATURE_AES) ||
!boot_cpu_has(X86_FEATURE_OSXSAVE) ||
!cpu_has_xfeatures(XFEATURE_MASK_SSE, NULL))
return -ENODEV; return -ENODEV;
return crypto_register_aeads(crypto_aegis256_aesni_alg, return crypto_register_aeads(crypto_aegis256_aesni_alg,
......
...@@ -37,15 +37,11 @@ asmlinkage void crypto_morus1280_avx2_final(void *state, void *tag_xor, ...@@ -37,15 +37,11 @@ asmlinkage void crypto_morus1280_avx2_final(void *state, void *tag_xor,
MORUS1280_DECLARE_ALGS(avx2, "morus1280-avx2", 400); MORUS1280_DECLARE_ALGS(avx2, "morus1280-avx2", 400);
static const struct x86_cpu_id avx2_cpu_id[] = {
X86_FEATURE_MATCH(X86_FEATURE_AVX2),
{}
};
MODULE_DEVICE_TABLE(x86cpu, avx2_cpu_id);
static int __init crypto_morus1280_avx2_module_init(void) static int __init crypto_morus1280_avx2_module_init(void)
{ {
if (!x86_match_cpu(avx2_cpu_id)) if (!boot_cpu_has(X86_FEATURE_AVX2) ||
!boot_cpu_has(X86_FEATURE_OSXSAVE) ||
!cpu_has_xfeatures(XFEATURE_MASK_SSE | XFEATURE_MASK_YMM, NULL))
return -ENODEV; return -ENODEV;
return crypto_register_aeads(crypto_morus1280_avx2_algs, return crypto_register_aeads(crypto_morus1280_avx2_algs,
......
...@@ -37,15 +37,11 @@ asmlinkage void crypto_morus1280_sse2_final(void *state, void *tag_xor, ...@@ -37,15 +37,11 @@ asmlinkage void crypto_morus1280_sse2_final(void *state, void *tag_xor,
MORUS1280_DECLARE_ALGS(sse2, "morus1280-sse2", 350); MORUS1280_DECLARE_ALGS(sse2, "morus1280-sse2", 350);
static const struct x86_cpu_id sse2_cpu_id[] = {
X86_FEATURE_MATCH(X86_FEATURE_XMM2),
{}
};
MODULE_DEVICE_TABLE(x86cpu, sse2_cpu_id);
static int __init crypto_morus1280_sse2_module_init(void) static int __init crypto_morus1280_sse2_module_init(void)
{ {
if (!x86_match_cpu(sse2_cpu_id)) if (!boot_cpu_has(X86_FEATURE_XMM2) ||
!boot_cpu_has(X86_FEATURE_OSXSAVE) ||
!cpu_has_xfeatures(XFEATURE_MASK_SSE, NULL))
return -ENODEV; return -ENODEV;
return crypto_register_aeads(crypto_morus1280_sse2_algs, return crypto_register_aeads(crypto_morus1280_sse2_algs,
......
...@@ -37,15 +37,11 @@ asmlinkage void crypto_morus640_sse2_final(void *state, void *tag_xor, ...@@ -37,15 +37,11 @@ asmlinkage void crypto_morus640_sse2_final(void *state, void *tag_xor,
MORUS640_DECLARE_ALGS(sse2, "morus640-sse2", 400); MORUS640_DECLARE_ALGS(sse2, "morus640-sse2", 400);
static const struct x86_cpu_id sse2_cpu_id[] = {
X86_FEATURE_MATCH(X86_FEATURE_XMM2),
{}
};
MODULE_DEVICE_TABLE(x86cpu, sse2_cpu_id);
static int __init crypto_morus640_sse2_module_init(void) static int __init crypto_morus640_sse2_module_init(void)
{ {
if (!x86_match_cpu(sse2_cpu_id)) if (!boot_cpu_has(X86_FEATURE_XMM2) ||
!boot_cpu_has(X86_FEATURE_OSXSAVE) ||
!cpu_has_xfeatures(XFEATURE_MASK_SSE, NULL))
return -ENODEV; return -ENODEV;
return crypto_register_aeads(crypto_morus640_sse2_algs, return crypto_register_aeads(crypto_morus640_sse2_algs,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment