ANDROID: crypto: lib/sha256 - add vendor hook for sha256() routine

Add a vendor hook that will allow the FIPS140 kernel module to override the implementation of the sha256() library routine. The FIPS 140 version is identical to the normal one, but its code and rodata will have been integrity checked at module load time. Original commits: android12-5.10: 1e351b98e7c7 ("ANDROID: crypto: lib/sha256 - add vendor hook for sha256() routine") android14-5.15: 0ef21e1c1ae5 ("ANDROID: vendor_hooks: Reduce pointless modversions CRC churn") d4966a820397 ("ANDROID: fips140: remove CONFIG_CRYPTO_FIPS140 option") Bug: 153614920 Bug: 188620248 Change-Id: I8ccc4f0cc8206af39fa922134b438dacac2a614a Signed-off-by: Ard Biesheuvel <ardb@google.com> Signed-off-by: Eric Biggers <ebiggers@google.com>
2021-04-12 12:51:16 +02:00 · 2021-04-12 12:51:16 +02:00 · 1984e62b10
commit 1984e62b10
parent 3a49c6f70d
3 changed files with 37 additions and 0 deletions
--- a/drivers/android/vendor_hooks.c
+++ b/drivers/android/vendor_hooks.c
@ -40,6 +40,7 @@
 #include <trace/hooks/remoteproc.h>
 #include <trace/hooks/rwsem.h>
 #include <trace/hooks/futex.h>
+#include <trace/hooks/fips140.h>

 /*
 * Export tracepoints that act as a bare tracehook (ie: have no trace event
@ -119,3 +120,4 @@ EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_rwsem_wake);
 EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_rwsem_write_finished);
 EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_alter_rwsem_list_add);
 EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_alter_futex_plist_add);
+EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_sha256);
--- a/include/trace/hooks/fips140.h
+++ b/include/trace/hooks/fips140.h
@ -0,0 +1,26 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#undef TRACE_SYSTEM
+#define TRACE_SYSTEM fips140
+#define TRACE_INCLUDE_PATH trace/hooks
+
+#if !defined(_TRACE_HOOK_FIPS140_H) || defined(TRACE_HEADER_MULTI_READ)
+#define _TRACE_HOOK_FIPS140_H
+#include <trace/hooks/vendor_hooks.h>
+
+/*
+ * This hook exists only for the benefit of the FIPS140 crypto module, which
+ * uses it to swap out the underlying implementation with one that is integrity
+ * checked as per FIPS 140 requirements. No other uses are allowed or
+ * supported.
+ */
+DECLARE_HOOK(android_vh_sha256,
+	     TP_PROTO(const u8 *data,
+		      unsigned int len,
+		      u8 *out,
+		      int *hook_inuse),
+	     TP_ARGS(data, len, out, hook_inuse));
+
+#endif /* _TRACE_HOOK_FIPS140_H */
+
+/* This part must be outside protection */
+#include <trace/define_trace.h>
--- a/lib/crypto/sha256.c
+++ b/lib/crypto/sha256.c
@ -17,6 +17,7 @@
 #include <linux/string.h>
 #include <crypto/sha2.h>
 #include <asm/unaligned.h>
+#include <trace/hooks/fips140.h>

 static const u32 SHA256_K[] = {
 	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
@ -200,6 +201,14 @@ void sha256(const u8 *data, unsigned int len, u8 *out)
 {
 	struct sha256_state sctx;

+#ifndef __DISABLE_EXPORTS
+	int hook_inuse = 0;
+
+	trace_android_vh_sha256(data, len, out, &hook_inuse);
+	if (hook_inuse)
+		return;
+#endif
+
 	sha256_init(&sctx);
 	sha256_update(&sctx, data, len);
 	sha256_final(&sctx, out);