[PATCH] crypto: ccp: Fix double add when creating new DMA command
Eliminate a double-add by creating a new list to manage command descriptors when created; move the descriptor to the pending list when the command is submitted. This Signed-off-by: Gary R Hook --- drivers/crypto/ccp/ccp-dev.h |1 + drivers/crypto/ccp/ccp-dmaengine.c |6 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h index 830f35e..649e561 100644 --- a/drivers/crypto/ccp/ccp-dev.h +++ b/drivers/crypto/ccp/ccp-dev.h @@ -238,6 +238,7 @@ struct ccp_dma_chan { struct ccp_device *ccp; spinlock_t lock; + struct list_head created; struct list_head pending; struct list_head active; struct list_head complete; diff --git a/drivers/crypto/ccp/ccp-dmaengine.c b/drivers/crypto/ccp/ccp-dmaengine.c index 6553912..e5d9278 100644 --- a/drivers/crypto/ccp/ccp-dmaengine.c +++ b/drivers/crypto/ccp/ccp-dmaengine.c @@ -63,6 +63,7 @@ static void ccp_free_chan_resources(struct dma_chan *dma_chan) ccp_free_desc_resources(chan->ccp, &chan->complete); ccp_free_desc_resources(chan->ccp, &chan->active); ccp_free_desc_resources(chan->ccp, &chan->pending); + ccp_free_desc_resources(chan->ccp, &chan->created); spin_unlock_irqrestore(&chan->lock, flags); } @@ -273,6 +274,7 @@ static dma_cookie_t ccp_tx_submit(struct dma_async_tx_descriptor *tx_desc) spin_lock_irqsave(&chan->lock, flags); cookie = dma_cookie_assign(tx_desc); + list_del(&desc->entry); list_add_tail(&desc->entry, &chan->pending); spin_unlock_irqrestore(&chan->lock, flags); @@ -426,7 +428,7 @@ static struct ccp_dma_desc *ccp_create_desc(struct dma_chan *dma_chan, spin_lock_irqsave(&chan->lock, sflags); - list_add_tail(&desc->entry, &chan->pending); + list_add_tail(&desc->entry, &chan->created); spin_unlock_irqrestore(&chan->lock, sflags); @@ -610,6 +612,7 @@ static int ccp_terminate_all(struct dma_chan *dma_chan) /*TODO: Purge the complete list? */ ccp_free_desc_resources(chan->ccp, &chan->active); ccp_free_desc_resources(chan->ccp, &chan->pending); + ccp_free_desc_resources(chan->ccp, &chan->created); spin_unlock_irqrestore(&chan->lock, flags); @@ -679,6 +682,7 @@ int ccp_dmaengine_register(struct ccp_device *ccp) chan->ccp = ccp; spin_lock_init(&chan->lock); + INIT_LIST_HEAD(&chan->created); INIT_LIST_HEAD(&chan->pending); INIT_LIST_HEAD(&chan->active); INIT_LIST_HEAD(&chan->complete); -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v6 4/5] fs/pstore: fs/squashfs: Change usage of LZ4 to work with new LZ4 version
This patch updates fs/pstore and fs/squashfs to use the updated functions from the new LZ4 module. Signed-off-by: Sven Schmidt <4ssch...@informatik.uni-hamburg.de> --- fs/pstore/platform.c | 22 +- fs/squashfs/lz4_wrapper.c | 12 ++-- 2 files changed, 19 insertions(+), 15 deletions(-) diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 729677e..efab7b6 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -342,31 +342,35 @@ static int compress_lz4(const void *in, void *out, size_t inlen, size_t outlen) { int ret; - ret = lz4_compress(in, inlen, out, &outlen, workspace); - if (ret) { - pr_err("lz4_compress error, ret = %d!\n", ret); + ret = LZ4_compress_default(in, out, inlen, outlen, workspace); + if (!ret) { + pr_err("LZ4_compress_default error; compression failed!\n"); return -EIO; } - return outlen; + return ret; } static int decompress_lz4(void *in, void *out, size_t inlen, size_t outlen) { int ret; - ret = lz4_decompress_unknownoutputsize(in, inlen, out, &outlen); - if (ret) { - pr_err("lz4_decompress error, ret = %d!\n", ret); + ret = LZ4_decompress_safe(in, out, inlen, outlen); + if (ret < 0) { + /* +* LZ4_decompress_safe will return an error code +* (< 0) if decompression failed +*/ + pr_err("LZ4_decompress_safe error, ret = %d!\n", ret); return -EIO; } - return outlen; + return ret; } static void allocate_lz4(void) { - big_oops_buf_sz = lz4_compressbound(psinfo->bufsize); + big_oops_buf_sz = LZ4_compressBound(psinfo->bufsize); big_oops_buf = kmalloc(big_oops_buf_sz, GFP_KERNEL); if (big_oops_buf) { workspace = kmalloc(LZ4_MEM_COMPRESS, GFP_KERNEL); diff --git a/fs/squashfs/lz4_wrapper.c b/fs/squashfs/lz4_wrapper.c index ff4468b..95da653 100644 --- a/fs/squashfs/lz4_wrapper.c +++ b/fs/squashfs/lz4_wrapper.c @@ -97,7 +97,6 @@ static int lz4_uncompress(struct squashfs_sb_info *msblk, void *strm, struct squashfs_lz4 *stream = strm; void *buff = stream->input, *data; int avail, i, bytes = length, res; - size_t dest_len = output->length; for (i = 0; i < b; i++) { avail = min(bytes, msblk->devblksize - offset); @@ -108,12 +107,13 @@ static int lz4_uncompress(struct squashfs_sb_info *msblk, void *strm, put_bh(bh[i]); } - res = lz4_decompress_unknownoutputsize(stream->input, length, - stream->output, &dest_len); - if (res) + res = LZ4_decompress_safe(stream->input, stream->output, + length, output->length); + + if (res < 0) return -EIO; - bytes = dest_len; + bytes = res; data = squashfs_first_page(output); buff = stream->output; while (data) { @@ -128,7 +128,7 @@ static int lz4_uncompress(struct squashfs_sb_info *msblk, void *strm, } squashfs_finish_page(output); - return dest_len; + return res; } const struct squashfs_decompressor squashfs_lz4_comp_ops = { -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v6 2/5] lib/decompress_unlz4: Change module to work with new LZ4 module version
This patch updates the unlz4 wrapper to work with the updated LZ4 kernel module version. Signed-off-by: Sven Schmidt <4ssch...@informatik.uni-hamburg.de> --- lib/decompress_unlz4.c | 13 - 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/lib/decompress_unlz4.c b/lib/decompress_unlz4.c index 036fc88..1b0baf3 100644 --- a/lib/decompress_unlz4.c +++ b/lib/decompress_unlz4.c @@ -72,7 +72,7 @@ STATIC inline int INIT unlz4(u8 *input, long in_len, error("NULL input pointer and missing fill function"); goto exit_1; } else { - inp = large_malloc(lz4_compressbound(uncomp_chunksize)); + inp = large_malloc(LZ4_compressBound(uncomp_chunksize)); if (!inp) { error("Could not allocate input buffer"); goto exit_1; @@ -136,7 +136,7 @@ STATIC inline int INIT unlz4(u8 *input, long in_len, inp += 4; size -= 4; } else { - if (chunksize > lz4_compressbound(uncomp_chunksize)) { + if (chunksize > LZ4_compressBound(uncomp_chunksize)) { error("chunk length is longer than allocated"); goto exit_2; } @@ -152,11 +152,14 @@ STATIC inline int INIT unlz4(u8 *input, long in_len, out_len -= dest_len; } else dest_len = out_len; - ret = lz4_decompress(inp, &chunksize, outp, dest_len); + + ret = LZ4_decompress_fast(inp, outp, dest_len); + chunksize = ret; #else dest_len = uncomp_chunksize; - ret = lz4_decompress_unknownoutputsize(inp, chunksize, outp, - &dest_len); + + ret = LZ4_decompress_safe(inp, outp, chunksize, dest_len); + dest_len = ret; #endif if (ret < 0) { error("Decoding failed"); -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v6 3/5] crypto: Change LZ4 modules to work with new LZ4 module version
This patch updates the crypto modules using LZ4 compression to work with the new LZ4 module version. Signed-off-by: Sven Schmidt <4ssch...@informatik.uni-hamburg.de> --- crypto/lz4.c | 21 - crypto/lz4hc.c | 21 - 2 files changed, 16 insertions(+), 26 deletions(-) diff --git a/crypto/lz4.c b/crypto/lz4.c index 99c1b2c..40fd2c2 100644 --- a/crypto/lz4.c +++ b/crypto/lz4.c @@ -66,15 +66,13 @@ static void lz4_exit(struct crypto_tfm *tfm) static int __lz4_compress_crypto(const u8 *src, unsigned int slen, u8 *dst, unsigned int *dlen, void *ctx) { - size_t tmp_len = *dlen; - int err; + int out_len = LZ4_compress_default(src, dst, + slen, (int)((size_t)dlen), ctx); - err = lz4_compress(src, slen, dst, &tmp_len, ctx); - - if (err < 0) + if (!out_len) return -EINVAL; - *dlen = tmp_len; + *dlen = out_len; return 0; } @@ -96,16 +94,13 @@ static int lz4_compress_crypto(struct crypto_tfm *tfm, const u8 *src, static int __lz4_decompress_crypto(const u8 *src, unsigned int slen, u8 *dst, unsigned int *dlen, void *ctx) { - int err; - size_t tmp_len = *dlen; - size_t __slen = slen; + int out_len = LZ4_decompress_safe(src, dst, slen, (int)((size_t)dlen)); - err = lz4_decompress_unknownoutputsize(src, __slen, dst, &tmp_len); - if (err < 0) + if (out_len < 0) return -EINVAL; - *dlen = tmp_len; - return err; + *dlen = out_len; + return out_len; } static int lz4_sdecompress(struct crypto_scomp *tfm, const u8 *src, diff --git a/crypto/lz4hc.c b/crypto/lz4hc.c index 75ffc4a..6f16f96 100644 --- a/crypto/lz4hc.c +++ b/crypto/lz4hc.c @@ -65,15 +65,13 @@ static void lz4hc_exit(struct crypto_tfm *tfm) static int __lz4hc_compress_crypto(const u8 *src, unsigned int slen, u8 *dst, unsigned int *dlen, void *ctx) { - size_t tmp_len = *dlen; - int err; + int out_len = LZ4_compress_HC(src, dst, slen, + (int)((size_t)dlen), LZ4HC_DEFAULT_CLEVEL, ctx); - err = lz4hc_compress(src, slen, dst, &tmp_len, ctx); - - if (err < 0) + if (out_len == 0) return -EINVAL; - *dlen = tmp_len; + *dlen = out_len; return 0; } @@ -97,16 +95,13 @@ static int lz4hc_compress_crypto(struct crypto_tfm *tfm, const u8 *src, static int __lz4hc_decompress_crypto(const u8 *src, unsigned int slen, u8 *dst, unsigned int *dlen, void *ctx) { - int err; - size_t tmp_len = *dlen; - size_t __slen = slen; + int out_len = LZ4_decompress_safe(src, dst, slen, (int)((size_t)dlen)); - err = lz4_decompress_unknownoutputsize(src, __slen, dst, &tmp_len); - if (err < 0) + if (out_len < 0) return -EINVAL; - *dlen = tmp_len; - return err; + *dlen = out_len; + return out_len; } static int lz4hc_sdecompress(struct crypto_scomp *tfm, const u8 *src, -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v6 5/5] lib/lz4: Remove back-compat wrappers
This patch removes the functions introduced as wrappers for providing backwards compatibility to the prior LZ4 version. They're not needed anymore since there's no callers left. Signed-off-by: Sven Schmidt <4ssch...@informatik.uni-hamburg.de> --- include/linux/lz4.h | 73 lib/lz4/lz4_compress.c | 22 --- lib/lz4/lz4_decompress.c | 42 lib/lz4/lz4hc_compress.c | 23 --- 4 files changed, 160 deletions(-) diff --git a/include/linux/lz4.h b/include/linux/lz4.h index ed59cb9..2844e6f 100644 --- a/include/linux/lz4.h +++ b/include/linux/lz4.h @@ -173,14 +173,6 @@ static inline int LZ4_compressBound(size_t isize) } /* - * For backward compatibility - */ -static inline int lz4_compressbound(size_t isize) -{ - return LZ4_COMPRESSBOUND(isize); -} - -/* * LZ4_compress_default() * Compresses 'sourceSize' bytes from buffer 'source' * into already allocated 'dest' buffer of size 'maxOutputSize'. @@ -249,23 +241,6 @@ int LZ4_compress_fast(const char *source, char *dest, int inputSize, int LZ4_compress_destSize(const char *source, char *dest, int *sourceSizePtr, int targetDestSize, void *wrkmem); -/* - * lz4_compress() - * src: source address of the original data - * src_len: size of the original data - * dst: output buffer address of the compressed data - * This requires 'dst' of size LZ4_COMPRESSBOUND. - * dst_len: is the output size, which is returned after compress done - * workmem: address of the working memory. - * This requires 'workmem' of size LZ4_MEM_COMPRESS. - * return : Success if return 0 - *Error if return (< 0) - * note : Destination buffer and workmem must be already allocated with - * the defined size. - */ -int lz4_compress(const unsigned char *src, size_t src_len, unsigned char *dst, - size_t *dst_len, void *wrkmem); - /*- * Decompression Functions **/ @@ -340,37 +315,6 @@ int LZ4_decompress_safe(const char *source, char *dest, int compressedSize, int LZ4_decompress_safe_partial(const char *source, char *dest, int compressedSize, int targetOutputSize, int maxDecompressedSize); - -/* - * lz4_decompress_unknownoutputsize() : - * src : source address of the compressed data - * src_len : is the input size, therefore the compressed size - * dest: output buffer address of the decompressed data - * dest_len: is the max size of the destination buffer, which is - *returned with actual size of decompressed data after - *decompress done - * return: Success if return 0 - * Error if return (< 0) - * note: Destination buffer must be already allocated. - */ -int lz4_decompress_unknownoutputsize(const unsigned char *src, size_t src_len, - unsigned char *dest, size_t *dest_len); - -/* - * lz4_decompress() : - * src: source address of the compressed data - * src_len: is the input size, - * which is returned after decompress done - * dest : output buffer address of the decompressed data - * actual_dest_len: is the size of uncompressed data, supposing it's known - * return: Success if return 0 - * Error if return (< 0) - * note : Destination buffer must be already allocated. - * slightly faster than lz4_decompress_unknownoutputsize() - */ -int lz4_decompress(const unsigned char *src, size_t *src_len, - unsigned char *dest, size_t actual_dest_len); - /*- * LZ4 HC Compression **/ @@ -399,23 +343,6 @@ int LZ4_compress_HC(const char *src, char *dst, int srcSize, int dstCapacity, int compressionLevel, void *wrkmem); /* - * lz4hc_compress() - * src: source address of the original data - * src_len: size of the original data - * dst: output buffer address of the compressed data - * This requires 'dst' of size LZ4_COMPRESSBOUND. - * dst_len: is the output size, which is returned after compress done - * workmem: address of the working memory. - * This requires 'workmem' of size LZ4HC_MEM_COMPRESS. - * return : Success if return 0 - * Error if return (< 0) - * note : Destination buffer and workmem must be already allocated with - * the defined size. - */ -int lz4hc_compress(const unsigned char *src, size_t src_len, unsigned char *dst, - size_t *dst_len, void *wrkmem); - -/* * These functions compress data in successive blocks of any size, * using previous blocks as dictionary. One key assumption is that previous * blocks (u
[PATCH v6 0/5] Update LZ4 compressor module
This patchset is for updating the LZ4 compression module to a version based on LZ4 v1.7.3 allowing to use the fast compression algorithm aka LZ4 fast which provides an "acceleration" parameter as a tradeoff between high compression ratio and high compression speed. We want to use LZ4 fast in order to support compression in lustre and (mostly, based on that) investigate data reduction techniques in behalf of storage systems. Also, it will be useful for other users of LZ4 compression, as with LZ4 fast it is possible to enable applications to use fast and/or high compression depending on the usecase. For instance, ZRAM is offering a LZ4 backend and could benefit from an updated LZ4 in the kernel. LZ4 homepage: http://www.lz4.org/ LZ4 source repository: https://github.com/lz4/lz4 Source version: 1.7.3 Benchmark (taken from [1], Core i5-4300U @1.9GHz): |--||-- Compressor | Compression | Decompression | Ratio |--||-- memcpy | 4200 MB/s | 4200 MB/s | 1.000 LZ4 fast 50 | 1080 MB/s | 2650 MB/s | 1.375 LZ4 fast 17 | 680 MB/s | 2220 MB/s | 1.607 LZ4 fast 5 | 475 MB/s | 1920 MB/s | 1.886 LZ4 default | 385 MB/s | 1850 MB/s | 2.101 [1] http://fastcompression.blogspot.de/2015/04/sampling-or-faster-lz4.html fs/pstore: fs/squashfs: Change usage of LZ4 to work with new LZ4 version [PATCH 1/5] lib: Update LZ4 compressor module [PATCH 2/5] lib/decompress_unlz4: Change module to work with new LZ4 module version [PATCH 3/5] crypto: Change LZ4 modules to work with new LZ4 module version [PATCH 4/5] fs/pstore: fs/squashfs: Change usage of LZ4 to work with new LZ4 version [PATCH 5/5] lib/lz4: Remove back-compat wrappers v2: - Changed order of the patches since in the initial patchset the lz4.h was in the last patch but was referenced by the other ones - Split lib/decompress_unlz4.c in an own patch - Fixed errors reported by the buildbot - Further refactorings - Added more appropriate copyright note to include/linux/lz4.h v3: - Adjusted the code to satisfy kernel coding style (checkpatch.pl) - Made sure the changes to LZ4 in Kernel (overflow checks etc.) are included in the new module (they are) - Removed the second LZ4_compressBound function with related name but different return type - Corrected version number (was LZ4 1.7.3) - Added missing LZ4 streaming functions v4: - Fixed kbuild errors - Re-added lz4_compressbound as alias for LZ4_compressBound to ensure backwards compatibility - Wrapped LZ4_hash5 with check for LZ4_ARCH64 since it is only used there and triggers an unused function warning when false v5: - Added a fifth patch to remove the back-compat wrappers introduced to ensure bisectibility between the patches (the functions are no longer needed since there's no callers left) v6: - Fixed LZ4_NBCOMMONBYTES() for 64-bit little endian - Reset LZ4_MEMORY_USAGE to 14 (which is the value used in upstream LZ4 as well as the previous kernel module) - Fixed that weird double-indentation in lz4defs.h and lz4.h - Adjusted general styling issues in lz4defs.h (e.g. lines consisting of more than one instruction) - Removed the architecture-dependent typedef to reg_t since upstream LZ4 is just using size_t and that works fine - Changed error messages in pstore/platform.c: * LZ4_compress_default always returns 0 in case of an error (no need to print the return value) * LZ4_decompress_safe returns a negative error message (return value _does_ matter) -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] crypto: ccp: Fix DMA operations when IOMMU is enabled
An I/O page fault occurs when the IOMMU is enabled on a system that supports the v5 CCP. DMA operations use a Request ID value that does not match what is expected by the IOMMU, resulting in the I/O page fault. Setting the Request ID value to 0 corrects this issue. Signed-off-by: Gary R Hook --- drivers/crypto/ccp/ccp-dev-v5.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c index e2ce819..612898b 100644 --- a/drivers/crypto/ccp/ccp-dev-v5.c +++ b/drivers/crypto/ccp/ccp-dev-v5.c @@ -959,7 +959,7 @@ static irqreturn_t ccp5_irq_handler(int irq, void *data) static void ccp5_config(struct ccp_device *ccp) { /* Public side */ - iowrite32(0x1249, ccp->io_regs + CMD5_REQID_CONFIG_OFFSET); + iowrite32(0x0, ccp->io_regs + CMD5_REQID_CONFIG_OFFSET); } static void ccp5other_config(struct ccp_device *ccp) -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] crypto: arm64/crc32 - detect crc32 support in assembler
On Fri, Jan 27, 2017 at 10:43:16AM +, Ard Biesheuvel wrote: > On 27 January 2017 at 10:40, Matthias Brugger wrote: > > Older compilers may not be able to detect the crc32 extended cpu type. > > What do you mean 'detect'? Could you describe the failure in more detail > please? > > > Anyway only inline assembler code is used, which gets passed to the > > assembler. This patch moves the crc detection to the assembler. > > > > Suggested-by: Alexander Graf > > Signed-off-by: Matthias Brugger > > --- > > arch/arm64/crypto/Makefile | 2 -- > > arch/arm64/crypto/crc32-arm64.c | 3 +++ > > 2 files changed, 3 insertions(+), 2 deletions(-) > > > > diff --git a/arch/arm64/crypto/Makefile b/arch/arm64/crypto/Makefile > > index aad7b744..0d779dac75cd 100644 > > --- a/arch/arm64/crypto/Makefile > > +++ b/arch/arm64/crypto/Makefile > > @@ -48,8 +48,6 @@ CFLAGS_aes-glue-ce.o := -DUSE_V8_CRYPTO_EXTENSIONS > > > > obj-$(CONFIG_CRYPTO_CRC32_ARM64) += crc32-arm64.o > > > > -CFLAGS_crc32-arm64.o := -mcpu=generic+crc > > - > > $(obj)/aes-glue-%.o: $(src)/aes-glue.c FORCE > > $(call if_changed_rule,cc_o_c) > > > > diff --git a/arch/arm64/crypto/crc32-arm64.c > > b/arch/arm64/crypto/crc32-arm64.c > > index 6a37c3c6b11d..10f5dd075323 100644 > > --- a/arch/arm64/crypto/crc32-arm64.c > > +++ b/arch/arm64/crypto/crc32-arm64.c > > @@ -29,6 +29,9 @@ MODULE_AUTHOR("Yazen Ghannam "); > > MODULE_DESCRIPTION("CRC32 and CRC32C using optional ARMv8 instructions"); > > MODULE_LICENSE("GPL v2"); > > > > +/* Request crc extension capabilities from the assembler */ > > +asm(".arch_extension crc"); > > + > > Will should confirm, but I think this is a recent feature in GAS for > AArch64, so this may break older toolchains as well. Yes, the .arch_extension directive isn't universally supported by AArch64 gas so we can't rely on it unconditionally. The best bet is to check for the support and, if it's not present, then disable whatever feature relies on it. See the lseinstr variable in Makefile. Will -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] crypto: arm64/crc32 - detect crc32 support in assembler
Hi Mathias, On 27 January 2017 at 10:40, Matthias Brugger wrote: > Older compilers may not be able to detect the crc32 extended cpu type. What do you mean 'detect'? Could you describe the failure in more detail please? > Anyway only inline assembler code is used, which gets passed to the > assembler. This patch moves the crc detection to the assembler. > > Suggested-by: Alexander Graf > Signed-off-by: Matthias Brugger > --- > arch/arm64/crypto/Makefile | 2 -- > arch/arm64/crypto/crc32-arm64.c | 3 +++ > 2 files changed, 3 insertions(+), 2 deletions(-) > > diff --git a/arch/arm64/crypto/Makefile b/arch/arm64/crypto/Makefile > index aad7b744..0d779dac75cd 100644 > --- a/arch/arm64/crypto/Makefile > +++ b/arch/arm64/crypto/Makefile > @@ -48,8 +48,6 @@ CFLAGS_aes-glue-ce.o := -DUSE_V8_CRYPTO_EXTENSIONS > > obj-$(CONFIG_CRYPTO_CRC32_ARM64) += crc32-arm64.o > > -CFLAGS_crc32-arm64.o := -mcpu=generic+crc > - > $(obj)/aes-glue-%.o: $(src)/aes-glue.c FORCE > $(call if_changed_rule,cc_o_c) > > diff --git a/arch/arm64/crypto/crc32-arm64.c b/arch/arm64/crypto/crc32-arm64.c > index 6a37c3c6b11d..10f5dd075323 100644 > --- a/arch/arm64/crypto/crc32-arm64.c > +++ b/arch/arm64/crypto/crc32-arm64.c > @@ -29,6 +29,9 @@ MODULE_AUTHOR("Yazen Ghannam "); > MODULE_DESCRIPTION("CRC32 and CRC32C using optional ARMv8 instructions"); > MODULE_LICENSE("GPL v2"); > > +/* Request crc extension capabilities from the assembler */ > +asm(".arch_extension crc"); > + Will should confirm, but I think this is a recent feature in GAS for AArch64, so this may break older toolchains as well. > #define CRC32X(crc, value) __asm__("crc32x %w[c], %w[c], > %x[v]":[c]"+r"(crc):[v]"r"(value)) > #define CRC32W(crc, value) __asm__("crc32w %w[c], %w[c], > %w[v]":[c]"+r"(crc):[v]"r"(value)) > #define CRC32H(crc, value) __asm__("crc32h %w[c], %w[c], > %w[v]":[c]"+r"(crc):[v]"r"(value)) > -- > 2.11.0 > -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 1/8] crypto:chcr-Change flow IDs
Change assign flowc id to each outgoing request.Firmware use flowc id to schedule each request onto HW. FW reply may miss without this change. Reviewed-by: Hariprasad Shenai Signed-off-by: Atul Gupta --- drivers/crypto/chelsio/chcr_algo.c| 18 ++ drivers/crypto/chelsio/chcr_algo.h| 9 + drivers/crypto/chelsio/chcr_core.h| 1 + drivers/net/ethernet/chelsio/cxgb4/t4fw_api.h | 8 4 files changed, 24 insertions(+), 12 deletions(-) diff --git a/drivers/crypto/chelsio/chcr_algo.c b/drivers/crypto/chelsio/chcr_algo.c index d29c2b4..deec7c0 100644 --- a/drivers/crypto/chelsio/chcr_algo.c +++ b/drivers/crypto/chelsio/chcr_algo.c @@ -542,10 +542,11 @@ static inline void create_wreq(struct chcr_context *ctx, (calc_tx_flits_ofld(skb) * 8), 16))); chcr_req->wreq.cookie = cpu_to_be64((uintptr_t)req); chcr_req->wreq.rx_chid_to_rx_q_id = - FILL_WR_RX_Q_ID(ctx->dev->tx_channel_id, qid, - is_iv ? iv_loc : IV_NOP); + FILL_WR_RX_Q_ID(ctx->dev->rx_channel_id, qid, + is_iv ? iv_loc : IV_NOP, ctx->tx_channel_id); - chcr_req->ulptx.cmd_dest = FILL_ULPTX_CMD_DEST(ctx->dev->tx_channel_id); + chcr_req->ulptx.cmd_dest = FILL_ULPTX_CMD_DEST(ctx->dev->tx_channel_id, + qid); chcr_req->ulptx.len = htonl((DIV_ROUND_UP((calc_tx_flits_ofld(skb) * 8), 16) - ((sizeof(chcr_req->wreq)) >> 4))); @@ -606,7 +607,7 @@ static inline void create_wreq(struct chcr_context *ctx, chcr_req = (struct chcr_wr *)__skb_put(skb, transhdr_len); memset(chcr_req, 0, transhdr_len); chcr_req->sec_cpl.op_ivinsrtofst = - FILL_SEC_CPL_OP_IVINSR(ctx->dev->tx_channel_id, 2, 1); + FILL_SEC_CPL_OP_IVINSR(ctx->dev->rx_channel_id, 2, 1); chcr_req->sec_cpl.pldlen = htonl(ivsize + req->nbytes); chcr_req->sec_cpl.aadstart_cipherstop_hi = @@ -782,6 +783,7 @@ static int chcr_device_init(struct chcr_context *ctx) spin_lock(&ctx->dev->lock_chcr_dev); ctx->tx_channel_id = rxq_idx; ctx->dev->tx_channel_id = !ctx->dev->tx_channel_id; + ctx->dev->rx_channel_id = 0; spin_unlock(&ctx->dev->lock_chcr_dev); } out: @@ -874,7 +876,7 @@ static struct sk_buff *create_hash_wr(struct ahash_request *req, memset(chcr_req, 0, transhdr_len); chcr_req->sec_cpl.op_ivinsrtofst = - FILL_SEC_CPL_OP_IVINSR(ctx->dev->tx_channel_id, 2, 0); + FILL_SEC_CPL_OP_IVINSR(ctx->dev->rx_channel_id, 2, 0); chcr_req->sec_cpl.pldlen = htonl(param->bfr_len + param->sg_len); chcr_req->sec_cpl.aadstart_cipherstop_hi = @@ -1425,7 +1427,7 @@ static struct sk_buff *create_authenc_wr(struct aead_request *req, * to the hardware spec */ chcr_req->sec_cpl.op_ivinsrtofst = - FILL_SEC_CPL_OP_IVINSR(ctx->dev->tx_channel_id, 2, + FILL_SEC_CPL_OP_IVINSR(ctx->dev->rx_channel_id, 2, (ivsize ? (assoclen + 1) : 0)); chcr_req->sec_cpl.pldlen = htonl(assoclen + ivsize + req->cryptlen); chcr_req->sec_cpl.aadstart_cipherstop_hi = FILL_SEC_CPL_CIPHERSTOP_HI( @@ -1601,7 +1603,7 @@ static void fill_sec_cpl_for_aead(struct cpl_tx_sec_pdu *sec_cpl, unsigned int ivsize = AES_BLOCK_SIZE; unsigned int cipher_mode = CHCR_SCMD_CIPHER_MODE_AES_CCM; unsigned int mac_mode = CHCR_SCMD_AUTH_MODE_CBCMAC; - unsigned int c_id = chcrctx->dev->tx_channel_id; + unsigned int c_id = chcrctx->dev->rx_channel_id; unsigned int ccm_xtra; unsigned char tag_offset = 0, auth_offset = 0; unsigned char hmac_ctrl = get_hmac(crypto_aead_authsize(tfm)); @@ -1877,7 +1879,7 @@ static struct sk_buff *create_gcm_wr(struct aead_request *req, tag_offset = (op_type == CHCR_ENCRYPT_OP) ? 0 : authsize; chcr_req->sec_cpl.op_ivinsrtofst = FILL_SEC_CPL_OP_IVINSR( - ctx->dev->tx_channel_id, 2, (ivsize ? + ctx->dev->rx_channel_id, 2, (ivsize ? (req->assoclen + 1) : 0)); chcr_req->sec_cpl.pldlen = htonl(req->assoclen + ivsize + crypt_len); chcr_req->sec_cpl.aadstart_cipherstop_hi = FILL_SEC_CPL_CIPHERSTOP_HI( diff --git a/drivers/crypto/chelsio/chcr_algo.h b/drivers/crypto/chelsio/chcr_algo.h index 3c7c51f..ba38bae 100644 --- a/drivers/crypto/chelsio/chcr_algo.h +++ b/drivers/crypto/chelsio/chcr_algo.h @@ -185,20 +185,21 @@ FW_CRYPTO_LOOKASIDE_WR_CCTX_LOC_V(1) | \ FW_CRYPTO_LOOKASIDE_WR_CCTX_SIZE_V((ctx_len))) -#define FILL_WR_RX_Q_ID(cid, qid, wr_iv) \ +#define FILL_WR_RX_Q_ID(
[PATCH 4/8] crypto:chcr- Use cipher instead of Block Cipher in gcm setkey
1 Block of encrption can be done with aes-generic. no need of cbc(aes). This patch replaces cbc(aes-generic) with aes-generic. Signed-off-by: Harsh Jain --- drivers/crypto/chelsio/chcr_algo.c | 20 +--- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/drivers/crypto/chelsio/chcr_algo.c b/drivers/crypto/chelsio/chcr_algo.c index 6c2dea3..d335943 100644 --- a/drivers/crypto/chelsio/chcr_algo.c +++ b/drivers/crypto/chelsio/chcr_algo.c @@ -2189,8 +2189,7 @@ static int chcr_gcm_setkey(struct crypto_aead *aead, const u8 *key, struct chcr_context *ctx = crypto_aead_ctx(aead); struct chcr_aead_ctx *aeadctx = AEAD_CTX(ctx); struct chcr_gcm_ctx *gctx = GCM_CTX(aeadctx); - struct blkcipher_desc h_desc; - struct scatterlist src[1]; + struct crypto_cipher *cipher; unsigned int ck_size; int ret = 0, key_ctx_size = 0; @@ -2223,27 +,26 @@ static int chcr_gcm_setkey(struct crypto_aead *aead, const u8 *key, CHCR_KEYCTX_MAC_KEY_SIZE_128, 0, 0, key_ctx_size >> 4); - /* Calculate the H = CIPH(K, 0 repeated 16 times) using sync aes -* blkcipher It will go on key context + /* Calculate the H = CIPH(K, 0 repeated 16 times). +* It will go in key context */ - h_desc.tfm = crypto_alloc_blkcipher("cbc(aes-generic)", 0, 0); - if (IS_ERR(h_desc.tfm)) { + cipher = crypto_alloc_cipher("aes-generic", 0, 0); + if (IS_ERR(cipher)) { aeadctx->enckey_len = 0; ret = -ENOMEM; goto out; } - h_desc.flags = 0; - ret = crypto_blkcipher_setkey(h_desc.tfm, key, keylen); + + ret = crypto_cipher_setkey(cipher, key, keylen); if (ret) { aeadctx->enckey_len = 0; goto out1; } memset(gctx->ghash_h, 0, AEAD_H_SIZE); - sg_init_one(&src[0], gctx->ghash_h, AEAD_H_SIZE); - ret = crypto_blkcipher_encrypt(&h_desc, &src[0], &src[0], AEAD_H_SIZE); + crypto_cipher_encrypt_one(cipher, gctx->ghash_h, gctx->ghash_h); out1: - crypto_free_blkcipher(h_desc.tfm); + crypto_free_cipher(cipher); out: return ret; } -- 1.8.2.3 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 8/8] crypto:chcr-Fix Smatch Complaint
Initialise variable after null check. Reported-by: Dan Carpenter Signed-off-by: Harsh Jain --- drivers/crypto/chelsio/chcr_algo.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) mode change 100644 => 100755 drivers/crypto/chelsio/chcr_algo.c diff --git a/drivers/crypto/chelsio/chcr_algo.c b/drivers/crypto/chelsio/chcr_algo.c old mode 100644 new mode 100755 index 21fc04c..41bc7f4 --- a/drivers/crypto/chelsio/chcr_algo.c +++ b/drivers/crypto/chelsio/chcr_algo.c @@ -2456,13 +2456,14 @@ static int chcr_aead_op(struct aead_request *req, { struct crypto_aead *tfm = crypto_aead_reqtfm(req); struct chcr_context *ctx = crypto_aead_ctx(tfm); - struct uld_ctx *u_ctx = ULD_CTX(ctx); + struct uld_ctx *u_ctx; struct sk_buff *skb; - if (ctx && !ctx->dev) { + if (!ctx->dev) { pr_err("chcr : %s : No crypto device.\n", __func__); return -ENXIO; } + u_ctx = ULD_CTX(ctx); if (cxgb4_is_crypto_q_full(u_ctx->lldi.ports[0], ctx->tx_channel_id)) { if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) -- 1.8.2.3 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 7/8] crypto:chcr- Fix wrong typecasting
Typecast the pointer with correct structure. Signed-off-by: Atul Gupta --- drivers/crypto/chelsio/chcr_core.c | 9 - 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/chelsio/chcr_core.c b/drivers/crypto/chelsio/chcr_core.c index 2bfd61a..c28e018 100644 --- a/drivers/crypto/chelsio/chcr_core.c +++ b/drivers/crypto/chelsio/chcr_core.c @@ -151,18 +151,17 @@ int chcr_uld_rx_handler(void *handle, const __be64 *rsp, { struct uld_ctx *u_ctx = (struct uld_ctx *)handle; struct chcr_dev *dev = u_ctx->dev; - const struct cpl_act_establish *rpl = (struct cpl_act_establish - *)rsp; + const struct cpl_fw6_pld *rpl = (struct cpl_fw6_pld *)rsp; - if (rpl->ot.opcode != CPL_FW6_PLD) { + if (rpl->opcode != CPL_FW6_PLD) { pr_err("Unsupported opcode\n"); return 0; } if (!pgl) - work_handlers[rpl->ot.opcode](dev, (unsigned char *)&rsp[1]); + work_handlers[rpl->opcode](dev, (unsigned char *)&rsp[1]); else - work_handlers[rpl->ot.opcode](dev, pgl->va); + work_handlers[rpl->opcode](dev, pgl->va); return 0; } -- 1.8.2.3 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 3/8] crypto:chcr-fix itnull.cocci warnings
The first argument to list_for_each_entry cannot be NULL. Generated by: scripts/coccinelle/iterators/itnull.cocci Signed-off-by: Julia Lawall Signed-off-by: Fengguang Wu Signed-off-by: Harsh Jain --- drivers/crypto/chelsio/chcr_core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/chelsio/chcr_core.c b/drivers/crypto/chelsio/chcr_core.c index 1c65f07..2bfd61a 100644 --- a/drivers/crypto/chelsio/chcr_core.c +++ b/drivers/crypto/chelsio/chcr_core.c @@ -61,7 +61,7 @@ int assign_chcr_device(struct chcr_dev **dev) */ mutex_lock(&dev_mutex); /* TODO ? */ list_for_each_entry(u_ctx, &uld_ctx_list, entry) - if (u_ctx && u_ctx->dev) { + if (u_ctx->dev) { *dev = u_ctx->dev; ret = 0; break; -- 1.8.2.3 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 0/8] Bug fixes
This patch series is based on Herbert's cryptodev-2.6 tree and depends on patch series "Bug Fixes for 4.10". It includes Bug Fixes. Atul Gupta (2) crypto:chcr-Change flow IDs crypto:chcr- Fix wrong typecasting Harsh Jain (8): crypto:chcr- Fix key length for RFC4106 crypto:chcr-fix itnull.cocci warnings crypto:chcr- Use cipher instead of Block Cipher in gcm setkey crypto:chcr: Change cra_flags for cipher algos crypto:chcr- Change algo priority crypto:chcr-Fix Smatch Complaint drivers/crypto/chelsio/chcr_algo.c| 53 ++- drivers/crypto/chelsio/chcr_algo.h| 9 +++-- drivers/crypto/chelsio/chcr_core.c| 11 +++--- drivers/crypto/chelsio/chcr_core.h| 1 + drivers/crypto/chelsio/chcr_crypto.h | 2 +- drivers/net/ethernet/chelsio/cxgb4/t4fw_api.h | 8 6 files changed, 47 insertions(+), 37 deletions(-) mode change 100644 => 100755 drivers/crypto/chelsio/chcr_algo.c -- 1.8.2.3 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 6/8] crypto:chcr- Change algo priority
Update priorities to 3000 Signed-off-by: Harsh Jain --- drivers/crypto/chelsio/chcr_crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/chelsio/chcr_crypto.h b/drivers/crypto/chelsio/chcr_crypto.h index 7ec0a8f..81cfd0b 100644 --- a/drivers/crypto/chelsio/chcr_crypto.h +++ b/drivers/crypto/chelsio/chcr_crypto.h @@ -48,7 +48,7 @@ * giving the processed data */ -#define CHCR_CRA_PRIORITY 300 +#define CHCR_CRA_PRIORITY 3000 #define CHCR_AES_MAX_KEY_LEN (2 * (AES_MAX_KEY_SIZE)) /* consider xts */ #define CHCR_MAX_CRYPTO_IV_LEN 16 /* AES IV len */ -- 1.8.2.3 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 2/8] crypto:chcr- Fix key length for RFC4106
Check keylen before copying salt to avoid wrap around of Integer. Signed-off-by: Harsh Jain --- drivers/crypto/chelsio/chcr_algo.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/chelsio/chcr_algo.c b/drivers/crypto/chelsio/chcr_algo.c index deec7c0..6c2dea3 100644 --- a/drivers/crypto/chelsio/chcr_algo.c +++ b/drivers/crypto/chelsio/chcr_algo.c @@ -2194,8 +2194,8 @@ static int chcr_gcm_setkey(struct crypto_aead *aead, const u8 *key, unsigned int ck_size; int ret = 0, key_ctx_size = 0; - if (get_aead_subtype(aead) == - CRYPTO_ALG_SUB_TYPE_AEAD_RFC4106) { + if (get_aead_subtype(aead) == CRYPTO_ALG_SUB_TYPE_AEAD_RFC4106 && + keylen > 3) { keylen -= 4; /* nonce/salt is present in the last 4 bytes */ memcpy(aeadctx->salt, key + keylen, 4); } -- 1.8.2.3 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 5/8] crypto:chcr: Change cra_flags for cipher algos
Change cipher algos flags to CRYPTO_ALG_TYPE_ABLKCIPHER. Signed-off-by: Harsh Jain --- drivers/crypto/chelsio/chcr_algo.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/crypto/chelsio/chcr_algo.c b/drivers/crypto/chelsio/chcr_algo.c index d335943..21fc04c 100644 --- a/drivers/crypto/chelsio/chcr_algo.c +++ b/drivers/crypto/chelsio/chcr_algo.c @@ -171,7 +171,7 @@ int chcr_handle_resp(struct crypto_async_request *req, unsigned char *input, } break; - case CRYPTO_ALG_TYPE_BLKCIPHER: + case CRYPTO_ALG_TYPE_ABLKCIPHER: ctx_req.req.ablk_req = (struct ablkcipher_request *)req; ctx_req.ctx.ablk_ctx = ablkcipher_request_ctx(ctx_req.req.ablk_req); @@ -2492,7 +2492,7 @@ static int chcr_aead_op(struct aead_request *req, .cra_name = "cbc(aes)", .cra_driver_name= "cbc-aes-chcr", .cra_priority = CHCR_CRA_PRIORITY, - .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER | + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize= sizeof(struct chcr_context) @@ -2519,7 +2519,7 @@ static int chcr_aead_op(struct aead_request *req, .cra_name = "xts(aes)", .cra_driver_name= "xts-aes-chcr", .cra_priority = CHCR_CRA_PRIORITY, - .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER | + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize= sizeof(struct chcr_context) + -- 1.8.2.3 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] crypto: camellia: add missing declarations
On Mon, Jan 23, 2017 at 10:02:37PM +0800, Herbert Xu wrote: > On Mon, Jan 16, 2017 at 05:06:51PM +0100, Nicholas Mc Guire wrote: > > Add declarations for the camellia substitution box to allow a clean build. > > > > Signed-off-by: Nicholas Mc Guire > > --- > > Problem reported by sparse > > arch/x86/crypto/camellia_glue.c:65:21: warning: symbol > > 'camellia_sp1000' was not declared. Should it be static? > > arch/x86/crypto/camellia_glue.c:154:21: warning: symbol > > 'camellia_sp22000222' was not declared. Should it be static? > > arch/x86/crypto/camellia_glue.c:243:21: warning: symbol > > 'camellia_sp03303033' was not declared. Should it be static? > > arch/x86/crypto/camellia_glue.c:332:21: warning: symbol > > 'camellia_sp0004' was not declared. Should it be static? > > arch/x86/crypto/camellia_glue.c:421:21: warning: symbol > > 'camellia_sp02220222' was not declared. Should it be static? > > arch/x86/crypto/camellia_glue.c:510:21: warning: symbol > > 'camellia_sp30333033' was not declared. Should it be static? > > arch/x86/crypto/camellia_glue.c:599:21: warning: symbol > > 'camellia_sp44044404' was not declared. Should it be static? > > arch/x86/crypto/camellia_glue.c:688:21: warning: symbol > > 'camellia_sp11101110' was not declared. Should it be static? > > > > Patch was compile tested with: x86_64_defconfig + > > CONFIG_CRYPTO_CAMELLIA_X86_64=m > > > > Patch is against 4.10-rc3 (localversion-next is next-20170116) > > This is arguably a sparse bug. These variables are only referenced > by assembly code and already carries the __visible tag. So sparse > should learn to suppress this warning when __visible is present. I had assumed that __visible only would apply to LTO not to non-LTO builds so the externally_visible attributed would not resolve this and thus this warning seems correct. Is this interpretation incorect ? thx! hofrat -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 2/4] crypto: ccm - switch to separate cbcmac driver
On 26 January 2017 at 17:17, Ard Biesheuvel wrote: > Update the generic CCM driver to defer CBC-MAC processing to a > dedicated CBC-MAC ahash transform rather than open coding this > transform (and much of the associated scatterwalk plumbing) in > the CCM driver itself. > > This cleans up the code considerably, but more importantly, it allows > the use of alternative CBC-MAC implementations that don't suffer from > performance degradation due to significant setup time (e.g., the NEON > based AES code needs to load the entire S-box into SIMD registers, which > cannot be amortized over the entire input when using the AES cipher > directly) > > Signed-off-by: Ard Biesheuvel > --- > crypto/Kconfig | 1 + > crypto/ccm.c | 373 +--- > 2 files changed, 238 insertions(+), 136 deletions(-) > > diff --git a/crypto/Kconfig b/crypto/Kconfig > index 160f08e721cc..e8269d1b0282 100644 > --- a/crypto/Kconfig > +++ b/crypto/Kconfig > @@ -263,6 +263,7 @@ comment "Authenticated Encryption with Associated Data" > config CRYPTO_CCM > tristate "CCM support" > select CRYPTO_CTR > + select CRYPTO_HASH > select CRYPTO_AEAD > help > Support for Counter with CBC MAC. Required for IPsec. > diff --git a/crypto/ccm.c b/crypto/ccm.c > index 26b924d1e582..635f11fc52e7 100644 > --- a/crypto/ccm.c > +++ b/crypto/ccm.c > @@ -11,6 +11,7 @@ > */ > > #include > +#include > #include > #include > #include > @@ -23,11 +24,11 @@ > > struct ccm_instance_ctx { > struct crypto_skcipher_spawn ctr; > - struct crypto_spawn cipher; > + struct crypto_ahash_spawn mac; > }; > > struct crypto_ccm_ctx { > - struct crypto_cipher *cipher; > + struct crypto_ahash *mac; > struct crypto_skcipher *ctr; > }; > > @@ -44,7 +45,6 @@ struct crypto_rfc4309_req_ctx { > > struct crypto_ccm_req_priv_ctx { > u8 odata[16]; > - u8 idata[16]; > u8 auth_tag[16]; > u32 ilen; This is unused now. > u32 flags; > @@ -53,6 +53,15 @@ struct crypto_ccm_req_priv_ctx { > struct skcipher_request skreq; > }; > > +struct cbcmac_tfm_ctx { > + struct crypto_cipher *child; > +}; > + > +struct cbcmac_desc_ctx { > + unsigned int len; > + u8 dg[]; > +}; > + > static inline struct crypto_ccm_req_priv_ctx *crypto_ccm_reqctx( > struct aead_request *req) > { > @@ -84,7 +93,7 @@ static int crypto_ccm_setkey(struct crypto_aead *aead, > const u8 *key, > { > struct crypto_ccm_ctx *ctx = crypto_aead_ctx(aead); > struct crypto_skcipher *ctr = ctx->ctr; > - struct crypto_cipher *tfm = ctx->cipher; > + struct crypto_ahash *mac = ctx->mac; > int err = 0; > > crypto_skcipher_clear_flags(ctr, CRYPTO_TFM_REQ_MASK); > @@ -96,11 +105,11 @@ static int crypto_ccm_setkey(struct crypto_aead *aead, > const u8 *key, > if (err) > goto out; > > - crypto_cipher_clear_flags(tfm, CRYPTO_TFM_REQ_MASK); > - crypto_cipher_set_flags(tfm, crypto_aead_get_flags(aead) & > + crypto_ahash_clear_flags(mac, CRYPTO_TFM_REQ_MASK); > + crypto_ahash_set_flags(mac, crypto_aead_get_flags(aead) & > CRYPTO_TFM_REQ_MASK); > - err = crypto_cipher_setkey(tfm, key, keylen); > - crypto_aead_set_flags(aead, crypto_cipher_get_flags(tfm) & > + err = crypto_ahash_setkey(mac, key, keylen); > + crypto_aead_set_flags(aead, crypto_ahash_get_flags(mac) & > CRYPTO_TFM_RES_MASK); > > out: > @@ -167,119 +176,59 @@ static int format_adata(u8 *adata, unsigned int a) > return len; > } > > -static void compute_mac(struct crypto_cipher *tfm, u8 *data, int n, > - struct crypto_ccm_req_priv_ctx *pctx) > -{ > - unsigned int bs = 16; > - u8 *odata = pctx->odata; > - u8 *idata = pctx->idata; > - int datalen, getlen; > - > - datalen = n; > - > - /* first time in here, block may be partially filled. */ > - getlen = bs - pctx->ilen; > - if (datalen >= getlen) { > - memcpy(idata + pctx->ilen, data, getlen); > - crypto_xor(odata, idata, bs); > - crypto_cipher_encrypt_one(tfm, odata, odata); > - datalen -= getlen; > - data += getlen; > - pctx->ilen = 0; > - } > - > - /* now encrypt rest of data */ > - while (datalen >= bs) { > - crypto_xor(odata, data, bs); > - crypto_cipher_encrypt_one(tfm, odata, odata); > - > - datalen -= bs; > - data += bs; > - } > - > - /* check and see if there's leftover data that wasn't > -* enough to fill a block. > -*/ > - if (datalen) { > - memcpy(idata + pctx->ilen, data, datalen); > - pctx->ilen += datalen; > - } > -} > - > -static void get_data_to_compute(struct cr