thunderbolt: Use HMAC-SHA256 library instead of crypto_shash

Use the hmac_sha256_usingrawkey() library function instead of the "hmac(sha256)" crypto_shash. This is simpler and faster. As a cleanup, change the input data parameters from "challenge, sizeof(hmac)" to "challenge, sizeof(challenge)", so that the size is being taken of the correct buffer. This is not a functional change, since it happens that sizeof(hmac) == sizeof(challenge). Replace the selection of CRYPTO and CRYPTO_HASH with CRYPTO_LIB_SHA256 and CRYPTO_LIB_UTILS. The latter is needed for crypto_memneq() which was previously being pulled in via CRYPTO. Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
2026-03-13 22:36:17 +01:00 · 2025-07-31 12:25:45 -07:00 · 2025-07-31 12:25:45 -07:00 · 0eff12ce88
commit 0eff12ce88
parent dced755df3
2 changed files with 8 additions and 40 deletions
--- a/drivers/thunderbolt/Kconfig
+++ b/drivers/thunderbolt/Kconfig
@ -4,8 +4,8 @@ menuconfig USB4
 	depends on PCI
 	select APPLE_PROPERTIES if EFI_STUB && X86
 	select CRC32
-	select CRYPTO
-	select CRYPTO_HASH
+	select CRYPTO_LIB_SHA256
+	select CRYPTO_LIB_UTILS
 	select NVMEM
 	help
 	  USB4 and Thunderbolt driver. USB4 is the public specification
--- a/drivers/thunderbolt/domain.c
+++ b/drivers/thunderbolt/domain.c
@ -12,7 +12,7 @@
 #include <linux/pm_runtime.h>
 #include <linux/slab.h>
 #include <linux/random.h>
-#include <crypto/hash.h>
+#include <crypto/sha2.h>
 #include <crypto/utils.h>

 #include "tb.h"
@ -709,8 +709,6 @@ int tb_domain_challenge_switch_key(struct tb *tb, struct tb_switch *sw)
 	u8 response[TB_SWITCH_KEY_SIZE];
 	u8 hmac[TB_SWITCH_KEY_SIZE];
 	struct tb_switch *parent_sw;
-	struct crypto_shash *tfm;
-	struct shash_desc *shash;
 	int ret;

 	if (!tb->cm_ops->approve_switch || !tb->cm_ops->challenge_switch_key)
@ -726,45 +724,15 @@ int tb_domain_challenge_switch_key(struct tb *tb, struct tb_switch *sw)
 	if (ret)
 		return ret;

-	tfm = crypto_alloc_shash("hmac(sha256)", 0, 0);
-	if (IS_ERR(tfm))
-		return PTR_ERR(tfm);
-
-	ret = crypto_shash_setkey(tfm, sw->key, TB_SWITCH_KEY_SIZE);
-	if (ret)
-		goto err_free_tfm;
-
-	shash = kzalloc(sizeof(*shash) + crypto_shash_descsize(tfm),
-			GFP_KERNEL);
-	if (!shash) {
-		ret = -ENOMEM;
-		goto err_free_tfm;
-	}
-
-	shash->tfm = tfm;
-
-	memset(hmac, 0, sizeof(hmac));
-	ret = crypto_shash_digest(shash, challenge, sizeof(hmac), hmac);
-	if (ret)
-		goto err_free_shash;
+	static_assert(sizeof(hmac) == SHA256_DIGEST_SIZE);
+	hmac_sha256_usingrawkey(sw->key, TB_SWITCH_KEY_SIZE,
+				challenge, sizeof(challenge), hmac);

 	/* The returned HMAC must match the one we calculated */
-	if (crypto_memneq(response, hmac, sizeof(hmac))) {
-		ret = -EKEYREJECTED;
-		goto err_free_shash;
-	}
-
-	crypto_free_shash(tfm);
-	kfree(shash);
+	if (crypto_memneq(response, hmac, sizeof(hmac)))
+		return -EKEYREJECTED;

 	return tb->cm_ops->approve_switch(tb, sw);
-
-err_free_shash:
-	kfree(shash);
-err_free_tfm:
-	crypto_free_shash(tfm);
-
-	return ret;
 }

 /**