diff options
| author | Eric Biggers <ebiggers@kernel.org> | 2026-03-18 09:42:33 -0700 |
|---|---|---|
| committer | Eric Biggers <ebiggers@kernel.org> | 2026-03-19 10:57:15 -0700 |
| commit | 645e64136b93e431a48f3b178fe7cf13737b10f6 (patch) | |
| tree | dcf9fd84627cc82386fb9c71a5d8874696c59b2f /samples | |
| parent | c2db2288b8c3e2878cc37962375419cca8dfe3b6 (diff) | |
| download | linux-next-history-645e64136b93e431a48f3b178fe7cf13737b10f6.tar.gz | |
sample/tsm-mr: Use SHA-2 library APIs
Given that tsm_mr_sample has a particular set of algorithms that it
wants, just use the library APIs for those algorithms rather than
crypto_shash. This is more straightforward and more efficient.
This also fixes a bug where this module failed to build if it was
enabled without CRYPTO_HASH happening to be set elsewhere in the
kconfig. (With the concurrent change to make TSM_MEASUREMENTS stop
selecting CRYPTO, this existing build error would have become easier to
encounter, as well.) Also, even if it built, crypto_alloc_shash() could
fail at runtime due to the needed algorithms not being available.
The library functions simply use direct linking. So if it builds, which
it will due to the kconfig options being selected, they are available.
Fixes: f6953f1f9ec4 ("tsm-mr: Add tsm-mr sample code")
Acked-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Dan Williams <dan.j.williams@intel.com>
Link: https://lore.kernel.org/r/20260318164233.19800-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Diffstat (limited to 'samples')
| -rw-r--r-- | samples/Kconfig | 2 | ||||
| -rw-r--r-- | samples/tsm-mr/tsm_mr_sample.c | 66 |
2 files changed, 34 insertions, 34 deletions
diff --git a/samples/Kconfig b/samples/Kconfig index 5bc7c9e5a59e0..a75e8e78330da 100644 --- a/samples/Kconfig +++ b/samples/Kconfig @@ -186,6 +186,8 @@ config SAMPLE_TIMER config SAMPLE_TSM_MR tristate "TSM measurement sample" + select CRYPTO_LIB_SHA256 + select CRYPTO_LIB_SHA512 select TSM_MEASUREMENTS select VIRT_DRIVERS help diff --git a/samples/tsm-mr/tsm_mr_sample.c b/samples/tsm-mr/tsm_mr_sample.c index a2c6521486394..c79dbc1e04564 100644 --- a/samples/tsm-mr/tsm_mr_sample.c +++ b/samples/tsm-mr/tsm_mr_sample.c @@ -6,7 +6,7 @@ #include <linux/module.h> #include <linux/tsm-mr.h> #include <linux/miscdevice.h> -#include <crypto/hash.h> +#include <crypto/sha2.h> static struct { u8 static_mr[SHA384_DIGEST_SIZE]; @@ -23,47 +23,45 @@ static struct { static int sample_report_refresh(const struct tsm_measurements *tm) { - struct crypto_shash *tfm; - int rc; - - tfm = crypto_alloc_shash(hash_algo_name[HASH_ALGO_SHA512], 0, 0); - if (IS_ERR(tfm)) { - pr_err("crypto_alloc_shash failed: %ld\n", PTR_ERR(tfm)); - return PTR_ERR(tfm); - } - - rc = crypto_shash_tfm_digest(tfm, (u8 *)&sample_report, - offsetof(typeof(sample_report), - report_digest), - sample_report.report_digest); - crypto_free_shash(tfm); - if (rc) - pr_err("crypto_shash_tfm_digest failed: %d\n", rc); - return rc; + sha512((const u8 *)&sample_report, + offsetof(typeof(sample_report), report_digest), + sample_report.report_digest); + return 0; } static int sample_report_extend_mr(const struct tsm_measurements *tm, const struct tsm_measurement_register *mr, const u8 *data) { - SHASH_DESC_ON_STACK(desc, 0); - int rc; + union { + struct sha256_ctx sha256; + struct sha384_ctx sha384; + struct sha512_ctx sha512; + } ctx; - desc->tfm = crypto_alloc_shash(hash_algo_name[mr->mr_hash], 0, 0); - if (IS_ERR(desc->tfm)) { - pr_err("crypto_alloc_shash failed: %ld\n", PTR_ERR(desc->tfm)); - return PTR_ERR(desc->tfm); + switch (mr->mr_hash) { + case HASH_ALGO_SHA256: + sha256_init(&ctx.sha256); + sha256_update(&ctx.sha256, mr->mr_value, mr->mr_size); + sha256_update(&ctx.sha256, data, mr->mr_size); + sha256_final(&ctx.sha256, mr->mr_value); + return 0; + case HASH_ALGO_SHA384: + sha384_init(&ctx.sha384); + sha384_update(&ctx.sha384, mr->mr_value, mr->mr_size); + sha384_update(&ctx.sha384, data, mr->mr_size); + sha384_final(&ctx.sha384, mr->mr_value); + return 0; + case HASH_ALGO_SHA512: + sha512_init(&ctx.sha512); + sha512_update(&ctx.sha512, mr->mr_value, mr->mr_size); + sha512_update(&ctx.sha512, data, mr->mr_size); + sha512_final(&ctx.sha512, mr->mr_value); + return 0; + default: + pr_err("Unsupported hash algorithm: %d\n", mr->mr_hash); + return -EOPNOTSUPP; } - - rc = crypto_shash_init(desc); - if (!rc) - rc = crypto_shash_update(desc, mr->mr_value, mr->mr_size); - if (!rc) - rc = crypto_shash_finup(desc, data, mr->mr_size, mr->mr_value); - crypto_free_shash(desc->tfm); - if (rc) - pr_err("SHA calculation failed: %d\n", rc); - return rc; } #define MR_(mr, hash) .mr_value = &sample_report.mr, TSM_MR_(mr, hash) |