From ada44271d12f753741a542d7462eeb5ceecf3b14 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Tue, 2 Apr 2024 18:10:10 +0000 Subject: [PATCH] ANDROID: crypto: lib/sha256 - add vendor hook for sha256() routine Add a vendor hook that will allow the FIPS140 kernel module to override the implementation of the sha256() library routine. The FIPS 140 version is identical to the normal one, but its code and rodata will have been integrity checked at module load time. Original commits: android12-5.10: 1e351b98e7c7 ("ANDROID: crypto: lib/sha256 - add vendor hook for sha256() routine") android14-5.15: 0ef21e1c1ae5 ("ANDROID: vendor_hooks: Reduce pointless modversions CRC churn") d4966a820397 ("ANDROID: fips140: remove CONFIG_CRYPTO_FIPS140 option") Bug: 153614920 Bug: 188620248 Change-Id: I8ccc4f0cc8206af39fa922134b438dacac2a614a Signed-off-by: Ard Biesheuvel Signed-off-by: Eric Biggers --- drivers/android/vendor_hooks.c | 2 ++ include/trace/hooks/fips140.h | 26 ++++++++++++++++++++++++++ lib/crypto/sha256.c | 9 +++++++++ 3 files changed, 37 insertions(+) create mode 100644 include/trace/hooks/fips140.h diff --git a/drivers/android/vendor_hooks.c b/drivers/android/vendor_hooks.c index 69f07c0f64fe..1a14e7caf785 100644 --- a/drivers/android/vendor_hooks.c +++ b/drivers/android/vendor_hooks.c @@ -20,6 +20,7 @@ #include #include #include +#include #include #include #include @@ -138,6 +139,7 @@ EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_ftrace_oops_exit); EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_ftrace_size_check); EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_ftrace_format_check); EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_ftrace_dump_buffer); +EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_sha256); EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_mem_cgroup_free); EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_mem_cgroup_alloc); EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_cma_alloc_bypass); diff --git a/include/trace/hooks/fips140.h b/include/trace/hooks/fips140.h new file mode 100644 index 000000000000..bfadf5122b1c --- /dev/null +++ b/include/trace/hooks/fips140.h @@ -0,0 +1,26 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#undef TRACE_SYSTEM +#define TRACE_SYSTEM fips140 +#define TRACE_INCLUDE_PATH trace/hooks + +#if !defined(_TRACE_HOOK_FIPS140_H) || defined(TRACE_HEADER_MULTI_READ) +#define _TRACE_HOOK_FIPS140_H +#include + +/* + * These hooks exist only for the benefit of the FIPS140 crypto module, which + * uses them to swap out the underlying implementation with one that is integrity + * checked as per FIPS 140 requirements. No other uses are allowed or supported. + */ + +DECLARE_HOOK(android_vh_sha256, + TP_PROTO(const u8 *data, + unsigned int len, + u8 *out, + int *hook_inuse), + TP_ARGS(data, len, out, hook_inuse)); + +#endif /* _TRACE_HOOK_FIPS140_H */ + +/* This part must be outside protection */ +#include diff --git a/lib/crypto/sha256.c b/lib/crypto/sha256.c index 04c1f2557e6c..d4194fff1d4b 100644 --- a/lib/crypto/sha256.c +++ b/lib/crypto/sha256.c @@ -16,6 +16,7 @@ #include #include #include +#include static const u32 SHA256_K[] = { 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, @@ -159,6 +160,14 @@ void sha256(const u8 *data, unsigned int len, u8 *out) { struct sha256_state sctx; +#ifndef __DISABLE_EXPORTS + int hook_inuse = 0; + + trace_android_vh_sha256(data, len, out, &hook_inuse); + if (hook_inuse) + return; +#endif + sha256_init(&sctx); sha256_update(&sctx, data, len); sha256_final(&sctx, out);