Re: [PATCH] crypto: vmx - convert to skcipher API

2019-05-30 Thread Herbert Xu
On Mon, May 20, 2019 at 09:44:48AM -0700, Eric Biggers wrote:
> From: Eric Biggers 
> 
> Convert the VMX implementations of AES-CBC, AES-CTR, and AES-XTS from
> the deprecated "blkcipher" API to the "skcipher" API.
> 
> As part of this, I moved the skcipher_request for the fallback algorithm
> off the stack and into the request context of the parent algorithm.
> 
> I tested this in a PowerPC VM with CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y.
> 
> Signed-off-by: Eric Biggers 
> ---
>  drivers/crypto/vmx/aes_cbc.c   | 183 -
>  drivers/crypto/vmx/aes_ctr.c   | 165 +
>  drivers/crypto/vmx/aes_xts.c   | 175 ++-
>  drivers/crypto/vmx/aesp8-ppc.h |   2 -
>  drivers/crypto/vmx/vmx.c   |  72 +++--
>  5 files changed, 252 insertions(+), 345 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt


Re: [PATCH] crypto: vmx - convert to skcipher API

2019-05-20 Thread Michael Ellerman
Eric Biggers  writes:
> From: Eric Biggers 
>
> Convert the VMX implementations of AES-CBC, AES-CTR, and AES-XTS from
> the deprecated "blkcipher" API to the "skcipher" API.
>
> As part of this, I moved the skcipher_request for the fallback algorithm
> off the stack and into the request context of the parent algorithm.
>
> I tested this in a PowerPC VM with CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y.

I booted it a few times on a Power9 bare metal machine with
panic_on_fail=1 and fuzz_iterations=400, no issues.

Tested-by: Michael Ellerman 

cheers

> Signed-off-by: Eric Biggers 
> ---
>  drivers/crypto/vmx/aes_cbc.c   | 183 -
>  drivers/crypto/vmx/aes_ctr.c   | 165 +
>  drivers/crypto/vmx/aes_xts.c   | 175 ++-
>  drivers/crypto/vmx/aesp8-ppc.h |   2 -
>  drivers/crypto/vmx/vmx.c   |  72 +++--
>  5 files changed, 252 insertions(+), 345 deletions(-)
>
> diff --git a/drivers/crypto/vmx/aes_cbc.c b/drivers/crypto/vmx/aes_cbc.c
> index dae8af3c46dce..92e75a05d6a9e 100644
> --- a/drivers/crypto/vmx/aes_cbc.c
> +++ b/drivers/crypto/vmx/aes_cbc.c
> @@ -7,64 +7,52 @@
>   * Author: Marcelo Henrique Cerri 
>   */
>  
> -#include 
> -#include 
> -#include 
> -#include 
>  #include 
>  #include 
>  #include 
>  #include 
> -#include 
> -#include 
> +#include 
>  
>  #include "aesp8-ppc.h"
>  
>  struct p8_aes_cbc_ctx {
> - struct crypto_sync_skcipher *fallback;
> + struct crypto_skcipher *fallback;
>   struct aes_key enc_key;
>   struct aes_key dec_key;
>  };
>  
> -static int p8_aes_cbc_init(struct crypto_tfm *tfm)
> +static int p8_aes_cbc_init(struct crypto_skcipher *tfm)
>  {
> - const char *alg = crypto_tfm_alg_name(tfm);
> - struct crypto_sync_skcipher *fallback;
> - struct p8_aes_cbc_ctx *ctx = crypto_tfm_ctx(tfm);
> -
> - fallback = crypto_alloc_sync_skcipher(alg, 0,
> -   CRYPTO_ALG_NEED_FALLBACK);
> + struct p8_aes_cbc_ctx *ctx = crypto_skcipher_ctx(tfm);
> + struct crypto_skcipher *fallback;
>  
> + fallback = crypto_alloc_skcipher("cbc(aes)", 0,
> +  CRYPTO_ALG_NEED_FALLBACK |
> +  CRYPTO_ALG_ASYNC);
>   if (IS_ERR(fallback)) {
> - printk(KERN_ERR
> -"Failed to allocate transformation for '%s': %ld\n",
> -alg, PTR_ERR(fallback));
> + pr_err("Failed to allocate cbc(aes) fallback: %ld\n",
> +PTR_ERR(fallback));
>   return PTR_ERR(fallback);
>   }
>  
> - crypto_sync_skcipher_set_flags(
> - fallback,
> - crypto_skcipher_get_flags((struct crypto_skcipher *)tfm));
> + crypto_skcipher_set_reqsize(tfm, sizeof(struct skcipher_request) +
> + crypto_skcipher_reqsize(fallback));
>   ctx->fallback = fallback;
> -
>   return 0;
>  }
>  
> -static void p8_aes_cbc_exit(struct crypto_tfm *tfm)
> +static void p8_aes_cbc_exit(struct crypto_skcipher *tfm)
>  {
> - struct p8_aes_cbc_ctx *ctx = crypto_tfm_ctx(tfm);
> + struct p8_aes_cbc_ctx *ctx = crypto_skcipher_ctx(tfm);
>  
> - if (ctx->fallback) {
> - crypto_free_sync_skcipher(ctx->fallback);
> - ctx->fallback = NULL;
> - }
> + crypto_free_skcipher(ctx->fallback);
>  }
>  
> -static int p8_aes_cbc_setkey(struct crypto_tfm *tfm, const u8 *key,
> +static int p8_aes_cbc_setkey(struct crypto_skcipher *tfm, const u8 *key,
>unsigned int keylen)
>  {
> + struct p8_aes_cbc_ctx *ctx = crypto_skcipher_ctx(tfm);
>   int ret;
> - struct p8_aes_cbc_ctx *ctx = crypto_tfm_ctx(tfm);
>  
>   preempt_disable();
>   pagefault_disable();
> @@ -75,108 +63,71 @@ static int p8_aes_cbc_setkey(struct crypto_tfm *tfm, 
> const u8 *key,
>   pagefault_enable();
>   preempt_enable();
>  
> - ret |= crypto_sync_skcipher_setkey(ctx->fallback, key, keylen);
> + ret |= crypto_skcipher_setkey(ctx->fallback, key, keylen);
>  
>   return ret ? -EINVAL : 0;
>  }
>  
> -static int p8_aes_cbc_encrypt(struct blkcipher_desc *desc,
> -   struct scatterlist *dst,
> -   struct scatterlist *src, unsigned int nbytes)
> +static int p8_aes_cbc_crypt(struct skcipher_request *req, int enc)
>  {
> + struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
> + const struct p8_aes_cbc_ctx *ctx = crypto_skcipher_ctx(tfm);
> + struct skcipher_walk walk;
> + unsigned int nbytes;
>   int ret;
> - struct blkcipher_walk walk;
> - struct p8_aes_cbc_ctx *ctx =
> - crypto_tfm_ctx(crypto_blkcipher_tfm(desc->tfm));
>  
>   if (!crypto_simd_usable()) {
> - SYNC_SKCIPHER_REQUEST_ON_STACK(req, ctx->fallback);
> - skcipher_request_set_sync_tfm(req, ctx->fallback);
> - skcipher_request_s

[PATCH] crypto: vmx - convert to skcipher API

2019-05-20 Thread Eric Biggers
From: Eric Biggers 

Convert the VMX implementations of AES-CBC, AES-CTR, and AES-XTS from
the deprecated "blkcipher" API to the "skcipher" API.

As part of this, I moved the skcipher_request for the fallback algorithm
off the stack and into the request context of the parent algorithm.

I tested this in a PowerPC VM with CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y.

Signed-off-by: Eric Biggers 
---
 drivers/crypto/vmx/aes_cbc.c   | 183 -
 drivers/crypto/vmx/aes_ctr.c   | 165 +
 drivers/crypto/vmx/aes_xts.c   | 175 ++-
 drivers/crypto/vmx/aesp8-ppc.h |   2 -
 drivers/crypto/vmx/vmx.c   |  72 +++--
 5 files changed, 252 insertions(+), 345 deletions(-)

diff --git a/drivers/crypto/vmx/aes_cbc.c b/drivers/crypto/vmx/aes_cbc.c
index dae8af3c46dce..92e75a05d6a9e 100644
--- a/drivers/crypto/vmx/aes_cbc.c
+++ b/drivers/crypto/vmx/aes_cbc.c
@@ -7,64 +7,52 @@
  * Author: Marcelo Henrique Cerri 
  */
 
-#include 
-#include 
-#include 
-#include 
 #include 
 #include 
 #include 
 #include 
-#include 
-#include 
+#include 
 
 #include "aesp8-ppc.h"
 
 struct p8_aes_cbc_ctx {
-   struct crypto_sync_skcipher *fallback;
+   struct crypto_skcipher *fallback;
struct aes_key enc_key;
struct aes_key dec_key;
 };
 
-static int p8_aes_cbc_init(struct crypto_tfm *tfm)
+static int p8_aes_cbc_init(struct crypto_skcipher *tfm)
 {
-   const char *alg = crypto_tfm_alg_name(tfm);
-   struct crypto_sync_skcipher *fallback;
-   struct p8_aes_cbc_ctx *ctx = crypto_tfm_ctx(tfm);
-
-   fallback = crypto_alloc_sync_skcipher(alg, 0,
- CRYPTO_ALG_NEED_FALLBACK);
+   struct p8_aes_cbc_ctx *ctx = crypto_skcipher_ctx(tfm);
+   struct crypto_skcipher *fallback;
 
+   fallback = crypto_alloc_skcipher("cbc(aes)", 0,
+CRYPTO_ALG_NEED_FALLBACK |
+CRYPTO_ALG_ASYNC);
if (IS_ERR(fallback)) {
-   printk(KERN_ERR
-  "Failed to allocate transformation for '%s': %ld\n",
-  alg, PTR_ERR(fallback));
+   pr_err("Failed to allocate cbc(aes) fallback: %ld\n",
+  PTR_ERR(fallback));
return PTR_ERR(fallback);
}
 
-   crypto_sync_skcipher_set_flags(
-   fallback,
-   crypto_skcipher_get_flags((struct crypto_skcipher *)tfm));
+   crypto_skcipher_set_reqsize(tfm, sizeof(struct skcipher_request) +
+   crypto_skcipher_reqsize(fallback));
ctx->fallback = fallback;
-
return 0;
 }
 
-static void p8_aes_cbc_exit(struct crypto_tfm *tfm)
+static void p8_aes_cbc_exit(struct crypto_skcipher *tfm)
 {
-   struct p8_aes_cbc_ctx *ctx = crypto_tfm_ctx(tfm);
+   struct p8_aes_cbc_ctx *ctx = crypto_skcipher_ctx(tfm);
 
-   if (ctx->fallback) {
-   crypto_free_sync_skcipher(ctx->fallback);
-   ctx->fallback = NULL;
-   }
+   crypto_free_skcipher(ctx->fallback);
 }
 
-static int p8_aes_cbc_setkey(struct crypto_tfm *tfm, const u8 *key,
+static int p8_aes_cbc_setkey(struct crypto_skcipher *tfm, const u8 *key,
 unsigned int keylen)
 {
+   struct p8_aes_cbc_ctx *ctx = crypto_skcipher_ctx(tfm);
int ret;
-   struct p8_aes_cbc_ctx *ctx = crypto_tfm_ctx(tfm);
 
preempt_disable();
pagefault_disable();
@@ -75,108 +63,71 @@ static int p8_aes_cbc_setkey(struct crypto_tfm *tfm, const 
u8 *key,
pagefault_enable();
preempt_enable();
 
-   ret |= crypto_sync_skcipher_setkey(ctx->fallback, key, keylen);
+   ret |= crypto_skcipher_setkey(ctx->fallback, key, keylen);
 
return ret ? -EINVAL : 0;
 }
 
-static int p8_aes_cbc_encrypt(struct blkcipher_desc *desc,
- struct scatterlist *dst,
- struct scatterlist *src, unsigned int nbytes)
+static int p8_aes_cbc_crypt(struct skcipher_request *req, int enc)
 {
+   struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
+   const struct p8_aes_cbc_ctx *ctx = crypto_skcipher_ctx(tfm);
+   struct skcipher_walk walk;
+   unsigned int nbytes;
int ret;
-   struct blkcipher_walk walk;
-   struct p8_aes_cbc_ctx *ctx =
-   crypto_tfm_ctx(crypto_blkcipher_tfm(desc->tfm));
 
if (!crypto_simd_usable()) {
-   SYNC_SKCIPHER_REQUEST_ON_STACK(req, ctx->fallback);
-   skcipher_request_set_sync_tfm(req, ctx->fallback);
-   skcipher_request_set_callback(req, desc->flags, NULL, NULL);
-   skcipher_request_set_crypt(req, src, dst, nbytes, desc->info);
-   ret = crypto_skcipher_encrypt(req);
-   skcipher_request_zero(req);
-   } else {
-   blkcipher_walk_init(&walk, dst, src, nbytes);
-