CHROMIUM: verity: do all hashing in dm-bht.c

drivers/md/dm-verity.c

 /*
  * Originally based on dm-crypt.c,
  * Copyright (C) 2003 Christophe Saout <christophe@saout.de>
  * Copyright (C) 2004 Clemens Fruhwirth <clemens@endorphin.org>
  * Copyright (C) 2006-2008 Red Hat, Inc. All rights reserved.
  * Copyright (C) 2010 The Chromium OS Authors <chromium-os-dev@chromium.org>
  *                    All Rights Reserved.
  *
  * This file is released under the GPL.
  *
  * Implements a verifying transparent block device.
  * See Documentation/device-mapper/dm-verity.txt
  */
 #include <linux/async.h>
 #include <linux/backing-dev.h>
 #include <linux/bio.h>
 #include <linux/blkdev.h>
 #include <linux/completion.h>
-#include <linux/crypto.h>
 #include <linux/delay.h>
 #include <linux/device.h>
 #include <linux/err.h>
 #include <linux/genhd.h>
 #include <linux/init.h>
 #include <linux/jiffies.h>
 #include <linux/kernel.h>
 #include <linux/mempool.h>
 #include <linux/module.h>
 #include <linux/slab.h>
 #include <linux/workqueue.h>
 #include <linux/reboot.h>
 #include <asm/atomic.h>
-#include <linux/scatterlist.h>
 #include <asm/page.h>
 #include <asm/unaligned.h>
-#include <crypto/hash.h>
-#include <crypto/sha.h>
 
 /* #define CONFIG_DM_DEBUG 1 */
 #define CONFIG_DM_VERITY_TRACE 1
 #include <linux/device-mapper.h>
 #include <linux/dm-bht.h>
 
 #include "dm-verity.h"
 
 #define DM_MSG_PREFIX "verity"
 
@@ skipping 123 matching lines @@
          * in PAGE_SIZE increments.
          */
         struct bio_set *bs;
 
         /* Single threaded I/O submitter */
         struct workqueue_struct *io_queue;
         /* Multithreaded verifier queue */
         struct workqueue_struct *verify_queue;
 
         char hash_alg[CRYPTO_MAX_ALG_NAME];
-        struct hash_desc *hash;  /* one per cpu */
 
         int error_behavior;
 
         struct verity_stats stats;
 };
 
 static struct kmem_cache *_verity_io_pool;
 
 static void kverityd_queue_verify(struct dm_verity_io *io);
 static void kverityd_queue_io(struct dm_verity_io *io, bool delayed);
@@ skipping 143 matching lines @@
         __bio_clone(clone, bio);
         clone->bi_private = io;
         clone->bi_end_io  = kverityd_src_io_read_end;
         clone->bi_bdev    = vc->dev->bdev;
         clone->bi_sector  = vc->start + io->sector;
         clone->bi_destructor = dm_verity_bio_destructor;
 
         return clone;
 }
 
-static int verity_hash_block(struct verity_config *vc,
-                             struct page *page,
-                             u8 *digest)
-{
-        struct hash_desc *hash_desc = &vc->hash[smp_processor_id()];
-        struct scatterlist sg;
-
-        sg_init_table(&sg, 1);
-        sg_set_page(&sg, page, VERITY_BLOCK_SIZE, 0);
-
-        if (crypto_hash_init(hash_desc)) {
-                DMCRIT("Failed to initialize the crypto hash");
-                return -EFAULT;
-        }
-
-        if (crypto_hash_digest(hash_desc, &sg, VERITY_BLOCK_SIZE, digest)) {
-                DMCRIT("crypto_hash_digest failed");
-                return -EFAULT;
-        }
-
-        return 0;
-}
-
 /* If the request is not successful, this handler takes action.
  * TODO make this call a registered handler.
  */
 static void verity_error(struct verity_config *vc, struct dm_verity_io *io,
                          int error)
 {
         const char *message;
         int error_behavior = DM_VERITY_ERROR_BEHAVIOR_PANIC;
         dev_t devt = 0;
         sector_t block = -1;
@@ skipping 289 matching lines @@
         verity_return_bio_to_caller(io);
 }
 
 /* Walks the data set and computes the hash of the data read from the
  * untrusted source device.  The computed hash is then passed to dm-bht
  * for verification.
  */
 static int verity_verify(struct verity_config *vc,
                          struct bio *bio)
 {
-        u8 digest[VERITY_MAX_DIGEST_SIZE];
         int r;
         unsigned int idx, block;
-        unsigned int digest_size =
-                crypto_hash_digestsize(vc->hash[smp_processor_id()].tfm);
 
         VERITY_BUG_ON(bio == NULL);
 
         block = to_bytes(bio->bi_sector) >> VERITY_BLOCK_SHIFT;
 
         for (idx = bio->bi_idx; idx < bio->bi_vcnt; idx++) {
                 struct bio_vec *bv = bio_iovec_idx(bio, idx);
 
                 VERITY_BUG_ON(bv->bv_offset % VERITY_BLOCK_SIZE);
                 VERITY_BUG_ON(bv->bv_len % VERITY_BLOCK_SIZE);
 
                 DMDEBUG("Updating hash for block %u", block);
 
                 /* TODO(msb) handle case where multiple blocks fit in a page */
-                r = verity_hash_block(vc, bv->bv_page, digest);
-                if (r < 0)
-                        goto bad_hash;
-
-                r = dm_bht_verify_block(&vc->bht, block, digest, digest_size);
+                r = dm_bht_verify_block(&vc->bht, block,
+                                        page_address(bv->bv_page));
                 /* dm_bht functions aren't expected to return errno friendly
                  * values.  They are converted here for uniformity.
                  */
                 if (r > 0) {
                         DMERR("Pending data for block %u seen at verify",
                               block);
                         r = -EBUSY;
                         goto bad_state;
                 }
                 if (r < 0) {
                         DMERR_LIMIT("Block hash does not match!");
                         r = -EACCES;
                         goto bad_match;
                 }
                 REQTRACE("Block %u verified", block);
 
                 block++;
                 /* After completing a block, allow a reschedule.
                  * TODO(wad) determine if this is truly needed.
                  */
                 cond_resched();
         }
 
         return 0;
 
-bad_hash:
 bad_state:
 bad_match:
         return r;
 }
 
 /* Services the verify workqueue */
 static void kverityd_verify(struct work_struct *work)
 {
         struct delayed_work *dwork = container_of(work, struct delayed_work,
                                                   work);
@@ skipping 388 matching lines @@
  * - Improperly sized underlying devices
  * - Out of memory conditions (make sure this isn't too flaky under high load!)
  * - Incorrect superhash
  * - Incorrect block hashes
  * - Incorrect bundle hashes
  * - Boot-up read speed; sustained read speeds
  */
 static int verity_ctr(struct dm_target *ti, unsigned int argc, char **argv)
 {
         struct verity_config *vc;
-        int cpu = 0;
         int ret = 0;
         int depth;
         unsigned long long tmpull = 0;
         sector_t blocks;
         struct request_queue *dev_queue;
         struct mapped_device *md;
         struct request_queue *md_queue;
 
         /* Support expanding after the root hash for optional args */
         if (argc < 6) {
@@ skipping 79 matching lines @@
          * the hash offset was wrong.
          */
 
 
         /* arg4: cryptographic digest algorithm */
         if (snprintf(vc->hash_alg, CRYPTO_MAX_ALG_NAME, "%s", argv[4]) >=
             CRYPTO_MAX_ALG_NAME) {
                 ti->error = "Hash algorithm name is too long";
                 goto bad_hash;
         }
-        /* Allocate enough crypto contexts to be able to perform verifies
-         * on all available CPUs.
-         */
-        ALLOCTRACE("hash_desc array");
-        vc->hash = (struct hash_desc *)
-                      kcalloc(nr_cpu_ids, sizeof(struct hash_desc), GFP_KERNEL);
-        if (!vc->hash) {
-                DMERR("failed to allocate crypto hash contexts");
-                return -ENOMEM;
-        }
-
-        /* Setup the hash first. Its length determines much of the bht layout */
-        for (cpu = 0; cpu < nr_cpu_ids; ++cpu) {
-                ALLOCTRACE("hash_tfm (per-cpu)");
-                vc->hash[cpu].tfm = crypto_alloc_hash(vc->hash_alg, 0, 0);
-                if (IS_ERR(vc->hash[cpu].tfm)) {
-                        DMERR("failed to allocate crypto hash '%s'",
-                              vc->hash_alg);
-                        vc->hash[cpu].tfm = NULL;
-                        goto bad_hash_alg;
-                }
-        }
 
         /* arg6: override with optional device-specific error behavior */
         if (argc >= 7) {
                 vc->error_behavior = verity_parse_error_behavior(argv[6]);
         } else {
                 /* Inherit the current global default. */
                 vc->error_behavior =
                         verity_parse_error_behavior(error_behavior);
         }
         if (vc->error_behavior == -1) {
@@ skipping 72 matching lines @@
         return 0;
 
 bad_verify_queue:
         destroy_workqueue(vc->io_queue);
 bad_io_queue:
         bioset_free(vc->bs);
 bad_bs:
         mempool_destroy(vc->io_pool);
 bad_slab_pool:
 bad_err_behavior:
-        for (cpu = 0; cpu < nr_cpu_ids; ++cpu)
-                if (vc->hash[cpu].tfm)
-                        crypto_free_hash(vc->hash[cpu].tfm);
-bad_hash_alg:
 bad_hash:
-        kfree(vc->hash);
         dm_put_device(ti, vc->hash_dev);
 bad_hash_dev:
 bad_hash_start:
         dm_put_device(ti, vc->dev);
 bad_depth:
 bad_bht:
 bad_root_hexdigest:
 bad_verity_dev:
         kfree(vc);   /* hash is not secret so no need to zero */
         return -EINVAL;
 }
 
 static void verity_dtr(struct dm_target *ti)
 {
         struct verity_config *vc = (struct verity_config *) ti->private;
-        int cpu;
 
         DMDEBUG("Destroying io_queue");
         destroy_workqueue(vc->io_queue);
         DMDEBUG("Destroying verify_queue");
         destroy_workqueue(vc->verify_queue);
 
         DMDEBUG("Destroying bs");
         bioset_free(vc->bs);
         DMDEBUG("Destroying io_pool");
         mempool_destroy(vc->io_pool);
-        DMDEBUG("Destroying crypto hash");
-        for (cpu = 0; cpu < nr_cpu_ids; ++cpu)
-                if (vc->hash[cpu].tfm)
-                        crypto_free_hash(vc->hash[cpu].tfm);
-        kfree(vc->hash);
 
         DMDEBUG("Destroying block hash tree");
         dm_bht_destroy(&vc->bht);
 
         DMDEBUG("Putting hash_dev");
         dm_put_device(ti, vc->hash_dev);
 
         DMDEBUG("Putting dev");
         dm_put_device(ti, vc->dev);
         DMDEBUG("Destroying config");
@@ skipping 104 matching lines @@
         dm_unregister_target(&verity_target);
         kmem_cache_destroy(_verity_io_pool);
 }
 
 module_init(dm_verity_init);
 module_exit(dm_verity_exit);
 
 MODULE_AUTHOR("The Chromium OS Authors <chromium-os-dev@chromium.org>");
 MODULE_DESCRIPTION(DM_NAME " target for transparent disk integrity checking");
 MODULE_LICENSE("GPL");