Re: [PATCH v3] mac80211: aead api to reduce redundancy

2017-10-11 Thread Xiang Gao 
Great ! Thanks !
Xiang Gao


2017-10-11 3:48 GMT-04:00 Johannes Berg <johan...@sipsolutions.net>:
> On Tue, 2017-10-10 at 22:31 -0400, Xiang Gao wrote:
>> Currently, the aes_ccm.c and aes_gcm.c are almost line by line copy
>> of
>> each other. This patch reduce code redundancy by moving the code in
>> these
>> two files to crypto/aead_api.c to make it a higher level aead api.
>> The
>> file aes_ccm.c and aes_gcm.c are removed and all the functions there
>> are
>> now implemented in their headers using the newly added aead api.
>
> Applied. FWIW, the sta_dynamic_down_up test that the robot complained
> about, and the PSK tests that heavily use CCMP all pass.
>
> johannes

[PATCH v3] mac80211: aead api to reduce redundancy

2017-10-10 Thread Xiang Gao 
Currently, the aes_ccm.c and aes_gcm.c are almost line by line copy of
each other. This patch reduce code redundancy by moving the code in these
two files to crypto/aead_api.c to make it a higher level aead api. The
file aes_ccm.c and aes_gcm.c are removed and all the functions there are
now implemented in their headers using the newly added aead api.

Signed-off-by: Xiang Gao <qasdfgtyu...@gmail.com>
---
 net/mac80211/Makefile  |   3 +-
 net/mac80211/{aes_ccm.c => aead_api.c} |  40 ++--
 net/mac80211/aead_api.h|  27 
 net/mac80211/aes_ccm.h |  42 +
 net/mac80211/aes_gcm.c | 109 -
 net/mac80211/aes_gcm.h |  38 +---
 net/mac80211/wpa.c |   4 +-
 7 files changed, 111 insertions(+), 152 deletions(-)
 rename net/mac80211/{aes_ccm.c => aead_api.c} (67%)
 create mode 100644 net/mac80211/aead_api.h
 delete mode 100644 net/mac80211/aes_gcm.c

diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index 282912245938..80f25ff2f24b 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -6,6 +6,7 @@ mac80211-y := \
driver-ops.o \
sta_info.o \
wep.o \
+   aead_api.o \
wpa.o \
scan.o offchannel.o \
ht.o agg-tx.o agg-rx.o \
@@ -15,8 +16,6 @@ mac80211-y := \
rate.o \
michael.o \
tkip.o \
-   aes_ccm.o \
-   aes_gcm.o \
aes_cmac.o \
aes_gmac.o \
fils_aead.o \
diff --git a/net/mac80211/aes_ccm.c b/net/mac80211/aead_api.c
similarity index 67%
rename from net/mac80211/aes_ccm.c
rename to net/mac80211/aead_api.c
index a4e0d59a40dd..cc48675ba742 100644
--- a/net/mac80211/aes_ccm.c
+++ b/net/mac80211/aead_api.c
@@ -1,4 +1,5 @@
 /*
+ * Copyright 2014-2015, Qualcomm Atheros, Inc.
  * Copyright 2003-2004, Instant802 Networks, Inc.
  * Copyright 2005-2006, Devicescape Software, Inc.
  *
@@ -12,30 +13,29 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 
-#include 
-#include "key.h"
-#include "aes_ccm.h"
+#include "aead_api.h"
 
-int ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
- u8 *data, size_t data_len, u8 *mic,
- size_t mic_len)
+int aead_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
+u8 *data, size_t data_len, u8 *mic)
 {
+   size_t mic_len = tfm->authsize;
struct scatterlist sg[3];
struct aead_request *aead_req;
int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm);
u8 *__aad;
 
-   aead_req = kzalloc(reqsize + CCM_AAD_LEN, GFP_ATOMIC);
+   aead_req = kzalloc(reqsize + aad_len, GFP_ATOMIC);
if (!aead_req)
return -ENOMEM;
 
__aad = (u8 *)aead_req + reqsize;
-   memcpy(__aad, aad, CCM_AAD_LEN);
+   memcpy(__aad, aad, aad_len);
 
sg_init_table(sg, 3);
-   sg_set_buf([0], &__aad[2], be16_to_cpup((__be16 *)__aad));
+   sg_set_buf([0], __aad, aad_len);
sg_set_buf([1], data, data_len);
sg_set_buf([2], mic, mic_len);
 
@@ -49,10 +49,10 @@ int ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 
*b_0, u8 *aad,
return 0;
 }
 
-int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
- u8 *data, size_t data_len, u8 *mic,
- size_t mic_len)
+int aead_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
+u8 *data, size_t data_len, u8 *mic)
 {
+   size_t mic_len = tfm->authsize;
struct scatterlist sg[3];
struct aead_request *aead_req;
int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm);
@@ -62,15 +62,15 @@ int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 
*b_0, u8 *aad,
if (data_len == 0)
return -EINVAL;
 
-   aead_req = kzalloc(reqsize + CCM_AAD_LEN, GFP_ATOMIC);
+   aead_req = kzalloc(reqsize + aad_len, GFP_ATOMIC);
if (!aead_req)
return -ENOMEM;
 
__aad = (u8 *)aead_req + reqsize;
-   memcpy(__aad, aad, CCM_AAD_LEN);
+   memcpy(__aad, aad, aad_len);
 
sg_init_table(sg, 3);
-   sg_set_buf([0], &__aad[2], be16_to_cpup((__be16 *)__aad));
+   sg_set_buf([0], __aad, aad_len);
sg_set_buf([1], data, data_len);
sg_set_buf([2], mic, mic_len);
 
@@ -84,14 +84,14 @@ int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 
*b_0, u8 *aad,
return err;
 }
 
-struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[],
-   size_t key_len,
-   size_t mic_len)
+struct crypto_aead *
+aead_key_setup_encrypt(const char *alg, const u8 key[],
+  size_t key_len, size_t mic_len)
 {

Re: [PATCH] mac80211: aead api to reduce redundancy

2017-10-10 Thread Xiang Gao 
2017-10-09 3:09 GMT-04:00 Johannes Berg <johan...@sipsolutions.net>:
> On Sun, 2017-10-08 at 01:43 -0400, Xiang Gao wrote:
>>
>> By the way, I'm still struggling on how to run unit tests. It might
>> take time for me to make it run on my machine.
>
> I can run it easily, so don't worry about it too much. Running it is of
> course much appreciated, but I don't really want to go and require that
> right now, it takes a long time to run.
>
> If you do want to set it up, I suggest the vm scripts (hostap
> repository in tests/hwsim/vm/ - you can use the kernel .config there as
> a base to compile a kernel and then just kick it off from there, but it
> can take a while to run.

Thanks for your help on this. This information is actually very helpful to me.

Since the unit test is not required, I will put working on this patch
higher priority than unit tests. I will send out patches without
running unit tests for now before I can make it run on my computer.
But I'm still interested in trying to run it on my computer after I
finish this patch.

I will send PATCH v3 soon.

Thanks

>
>> Hmm... good question. The reason is, aes_ccm.c and aes_gcm.c was
>> almost exact copy of each other. But they have different copyright
>> information.
>> The copyright of aes_ccm.c was:
>>
>> Copyright 2006, Devicescape Software, Inc.
>> Copyright 2003-2004, Instant802 Networks, Inc.
>>
>> and the copyright of aes_gcm.c was:
>>
>> Copyright 2014-2015, Qualcomm Atheros, Inc.
>>
>> I just don't know how to write the copyright for the new aead_api.c,
>> so I does not put anything there.
>
> Heh, good point. Well, I guess we can pretend it wasn't already copied
> before and just "keep" both.
>
> johannes

Re: [PATCH] mac80211: aead api to reduce redundancy

2017-10-07 Thread Xiang Gao 
Hi Johannes,

Thanks for your time on reviewing this. I will make changes following
your review. See details below.
By the way, I'm still struggling on how to run unit tests. It might
take time for me to make it run on my machine.

2017-10-02 8:04 GMT-04:00 Johannes Berg :
> Please use "v2" tag or so in the subject line, having the same patch
> again is really not helpful.
>
> The next should be v3, obviously.

Thanks for your patience to point this out. I will follow your instruction.

>
>> +++ b/net/mac80211/aead_api.c
>> @@ -1,7 +1,4 @@
>> -/*
>> - * Copyright 2014-2015, Qualcomm Atheros, Inc.
>> - *
>> - * This program is free software; you can redistribute it and/or
>> modify
>> +/* This program is free software; you can redistribute it and/or
>> modify
>
> I see no reason to make this change, why remove copyright?

Hmm... good question. The reason is, aes_ccm.c and aes_gcm.c was
almost exact copy of each other. But they have different copyright
information.
The copyright of aes_ccm.c was:

Copyright 2006, Devicescape Software, Inc.
Copyright 2003-2004, Instant802 Networks, Inc.

and the copyright of aes_gcm.c was:

Copyright 2014-2015, Qualcomm Atheros, Inc.

I just don't know how to write the copyright for the new aead_api.c,
so I does not put anything there.

These copyright information are still at aes_ccm.h and aes_gcm.h

What's your opinion on writing these copyright information? Do I write
all of them? like:

Copyright 2014-2015, Qualcomm Atheros, Inc.
Copyright 2006, Devicescape Software, Inc.
Copyright 2003-2004, Instant802 Networks, Inc.

>
>> +++ b/net/mac80211/wpa.c
>> @@ -464,7 +464,8 @@ static int ccmp_encrypt_skb(struct
>> ieee80211_tx_data *tx, struct sk_buff *skb,
>>   pos += IEEE80211_CCMP_HDR_LEN;
>>   ccmp_special_blocks(skb, pn, b_0, aad);
>>   return ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, b_0, aad,
>> pos, len,
>> -  skb_put(skb, mic_len),
>> mic_len);
>> +  skb_put(skb,
>> +  key->u.ccmp.tfm-
>> >authsize));
>>  }
>
> I see no reason for the change from mic_len to authsize here?

This was because I was planning to put it to crypto directory, then I
changed it to the same name as in other crypto api. Now that it will
goes to the mac80211, I think it is time to revert this change.

>
>> @@ -540,10 +541,11 @@ ieee80211_crypto_ccmp_decrypt(struct
>> ieee80211_rx_data *rx,
>>   ccmp_special_blocks(skb, pn, b_0, aad);
>>
>>   if (ieee80211_aes_ccm_decrypt(
>> - key->u.ccmp.tfm, b_0, aad,
>> - skb->data + hdrlen + 
>> IEEE80211_CCMP_HDR_LEN,
>> - data_len,
>> - skb->data + skb->len - mic_len, mic_len))
>> + key->u.ccmp.tfm, b_0, aad,
>> + skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN,
>> + data_len,
>> + skb->data + skb->len - 
>> key->u.ccmp.tfm->authsize
>> + ))
>>   return RX_DROP_UNUSABLE;
>
> That's a really really strange way of writing this ...
>
> Please reformat.

OK, I will reformat it.

>
> johannes

Re: [lkp-robot] [mac80211] 31e9170bde: hwsim.sta_dynamic_down_up.fail

2017-09-28 Thread Xiang Gao 
Thanks, I will look into it.
Xiang Gao


2017-09-28 4:06 GMT-04:00 kernel test robot <xiaolong...@intel.com>:
>
> FYI, we noticed the following commit:
>
> commit: 31e9170bdeb6ebe66426337b4e2b9924683a412b ("mac80211: aead api to 
> reduce redundancy")
> url: 
> https://github.com/0day-ci/linux/commits/Xiang-Gao/mac80211-aead-api-to-reduce-redundancy/20170926-053110
> base: https://git.kernel.org/cgit/linux/kernel/git/jberg/mac80211-next.git 
> master
>
> in testcase: hwsim
> with following parameters:
>
> group: hwsim-10
>
>
>
> on test machine: qemu-system-x86_64 -enable-kvm -cpu host -smp 2 -m 2G
>
> caused below changes (please refer to attached dmesg/kmsg for entire 
> log/backtrace):
>
>
> 2017-09-27 16:04:27 ./run-tests.py sta_dynamic_down_up
> DEV: wlan0: 02:00:00:00:00:00
> DEV: wlan1: 02:00:00:00:01:00
> DEV: wlan2: 02:00:00:00:02:00
> APDEV: wlan3
> APDEV: wlan4
> START sta_dynamic_down_up 1/1
> Test: Dynamically added wpa_supplicant interface down/up
> Starting AP wlan3
> Create a dynamic wpa_supplicant interface and connect
> Connect STA wlan5 to AP
> dev1->dev2 unicast data delivery failed
> Traceback (most recent call last):
>   File "./run-tests.py", line 453, in main
> t(dev, apdev)
>   File "/lkp/benchmarks/hwsim/tests/hwsim/test_sta_dynamic.py", line 122, in 
> test_sta_dynamic_down_up
> hwsim_utils.test_connectivity(wpas, hapd)
>   File "/lkp/benchmarks/hwsim/tests/hwsim/hwsim_utils.py", line 165, in 
> test_connectivity
> raise Exception(last_err)
> Exception: dev1->dev2 unicast data delivery failed
> FAIL sta_dynamic_down_up 5.397413 2017-09-27 16:04:32.540689
> passed 0 test case(s)
> skipped 0 test case(s)
> failed tests: sta_dynamic_down_up
>
>
>
> To reproduce:
>
> git clone https://github.com/intel/lkp-tests.git
> cd lkp-tests
> bin/lkp qemu -k  job-script  # job-script is attached in 
> this email
>
>
>
> Thanks,
> Xiaolong

[PATCH] mac80211: aead api to reduce redundancy

2017-09-26 Thread Xiang Gao 
Currently, the aes_ccm.c and aes_gcm.c are almost line by line copy of
each other. This patch reduce code redundancy by moving the code in these
two files to crypto/aead_api.c to make it a higher level aead api. The
file aes_ccm.c and aes_gcm.c are removed and all the functions there are
now implemented in their headers using the newly added aead api.

Signed-off-by: Xiang Gao <qasdfgtyu...@gmail.com>
---
 net/mac80211/Makefile  |   3 +-
 net/mac80211/{aes_gcm.c => aead_api.c} |  49 +++---
 net/mac80211/aead_api.h|  26 
 net/mac80211/aes_ccm.c | 115 -
 net/mac80211/aes_ccm.h |  42 
 net/mac80211/aes_gcm.h |  38 ---
 net/mac80211/wpa.c |  12 ++--
 7 files changed, 118 insertions(+), 167 deletions(-)
 rename net/mac80211/{aes_gcm.c => aead_api.c} (55%)
 create mode 100644 net/mac80211/aead_api.h
 delete mode 100644 net/mac80211/aes_ccm.c

diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index 282912245938..80f25ff2f24b 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -6,6 +6,7 @@ mac80211-y := \
driver-ops.o \
sta_info.o \
wep.o \
+   aead_api.o \
wpa.o \
scan.o offchannel.o \
ht.o agg-tx.o agg-rx.o \
@@ -15,8 +16,6 @@ mac80211-y := \
rate.o \
michael.o \
tkip.o \
-   aes_ccm.o \
-   aes_gcm.o \
aes_cmac.o \
aes_gmac.o \
fils_aead.o \
diff --git a/net/mac80211/aes_gcm.c b/net/mac80211/aead_api.c
similarity index 55%
rename from net/mac80211/aes_gcm.c
rename to net/mac80211/aead_api.c
index 8a4397cc1b08..6ac53d0c6977 100644
--- a/net/mac80211/aes_gcm.c
+++ b/net/mac80211/aead_api.c
@@ -1,7 +1,4 @@
-/*
- * Copyright 2014-2015, Qualcomm Atheros, Inc.
- *
- * This program is free software; you can redistribute it and/or modify
+/* This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
  * published by the Free Software Foundation.
  */
@@ -9,43 +6,43 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 
-#include 
-#include "key.h"
-#include "aes_gcm.h"
+#include "aead_api.h"
 
-int ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
- u8 *data, size_t data_len, u8 *mic)
+int aead_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
+u8 *data, size_t data_len, u8 *auth)
 {
struct scatterlist sg[3];
struct aead_request *aead_req;
int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm);
u8 *__aad;
 
-   aead_req = kzalloc(reqsize + GCM_AAD_LEN, GFP_ATOMIC);
+   aead_req = kzalloc(reqsize + aad_len, GFP_ATOMIC);
if (!aead_req)
return -ENOMEM;
 
__aad = (u8 *)aead_req + reqsize;
-   memcpy(__aad, aad, GCM_AAD_LEN);
+   memcpy(__aad, aad, aad_len);
 
sg_init_table(sg, 3);
-   sg_set_buf([0], &__aad[2], be16_to_cpup((__be16 *)__aad));
+   sg_set_buf([0], __aad, aad_len);
sg_set_buf([1], data, data_len);
-   sg_set_buf([2], mic, IEEE80211_GCMP_MIC_LEN);
+   sg_set_buf([2], auth, tfm->authsize);
 
aead_request_set_tfm(aead_req, tfm);
-   aead_request_set_crypt(aead_req, sg, sg, data_len, j_0);
+   aead_request_set_crypt(aead_req, sg, sg, data_len, b_0);
aead_request_set_ad(aead_req, sg[0].length);
 
crypto_aead_encrypt(aead_req);
kzfree(aead_req);
+
return 0;
 }
 
-int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
- u8 *data, size_t data_len, u8 *mic)
+int aead_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
+u8 *data, size_t data_len, u8 *auth)
 {
struct scatterlist sg[3];
struct aead_request *aead_req;
@@ -56,21 +53,20 @@ int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 
*j_0, u8 *aad,
if (data_len == 0)
return -EINVAL;
 
-   aead_req = kzalloc(reqsize + GCM_AAD_LEN, GFP_ATOMIC);
+   aead_req = kzalloc(reqsize + aad_len, GFP_ATOMIC);
if (!aead_req)
return -ENOMEM;
 
__aad = (u8 *)aead_req + reqsize;
-   memcpy(__aad, aad, GCM_AAD_LEN);
+   memcpy(__aad, aad, aad_len);
 
sg_init_table(sg, 3);
sg_set_buf([0], &__aad[2], be16_to_cpup((__be16 *)__aad));
sg_set_buf([1], data, data_len);
-   sg_set_buf([2], mic, IEEE80211_GCMP_MIC_LEN);
+   sg_set_buf([2], auth, tfm->authsize);
 
aead_request_set_tfm(aead_req, tfm);
-   aead_request_set_crypt(aead_req, sg, sg,
-  data_len + IEEE80211_GCMP_MIC_LEN, j_0);
+   aead_request_set_crypt(aead_req, sg, sg, data_len + tfm->authsize, b_0);

Re: [PATCH] mac80211: aead api to reduce redundancy

2017-09-24 Thread Xiang Gao 
2017-09-24 13:42 GMT-04:00 Johannes Berg <johan...@sipsolutions.net>:
> On Sun, 2017-09-24 at 13:21 -0400, Xiang Gao wrote:
>>
>> Do you mean to put more characters each line in the description
>>
> Huh, sorry, no - my bad. I was thinking of the code, not the
> description at all.

Oh yes, these indentation do looks ugly. Thank you for figuring this
out. The tab
width of my editor was set to 4. It should be 8... I will fix these
problems and resend
the patch soon, maybe after receiving a bit more feedback.

>
> For example here:
>
>> -int ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
>> - u8 *data, size_t data_len, u8 *mic)
>> +int aead_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
>> +u8 *data, size_t data_len, u8 *auth)
>>
>
> I think you should adjust the indentation to match - or did it just get
> mangled in my mail? It looks *further* indented now, when it should be
> less (to after the opening parenthesis). Similarly in various other
> places.
>
> And perhaps for long things like
>
>> +static inline struct crypto_aead *ieee80211_aes_key_setup_encrypt(
>> +   const u8 key[], size_t key_len,
>> size_t mic_len)
>
>> +struct crypto_aead *aead_key_setup_encrypt(const char *alg,
>> +   const u8 key[], size_t key_len, size_t authsize);
>
> it might be better to write
>
> static inline struct crypto_aead *
> ieee80211_aes_key_setup_encrypt(const u8 key[], ...)
>
> and
>
> struct crypto_aead *
> aead_key_setup_encrypt(const char *alg, ...)
>
>
> respectively, depending on how far you have to indent to break lines
> etc.
>
> Anyway, I'm nitpicking.
>
> Unrelated to this, I'm not sure whose tree this should go through -
> probably Herbert's (or DaveM's with his ACK? not sure if there's a
> crypto tree?) or so?

Yes, there is one at
https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git/
I'm not sure which tree to go either. I'm also not sure about the
beginning of the patch title,
should it be "mac80211:" or "crypto:"?

Options are:
1. This whole patch goes to either mac80211 tree or crypto tree. I
don't know which is better.
2. Make the higher level api only for internal usage in mac80211, i.e.
move the aead_api.c and aead_api.h to net/mac80211, does not export
the symbol. And of course, this will go to the mac80211 tree. I
personally don't want this to be the final solution because I happen
to be writing a loadable kernel module that uses these higher level
api.
3. Maybe split this patch, one for changes in crypto, which will go to
crypto tree, and the other for mac80211 part, which goes to the
mac80211 tree?

>
> johannes

Re: [PATCH] mac80211: aead api to reduce redundancy

2017-09-24 Thread Xiang Gao 
2017-09-24 11:05 GMT-04:00 Johannes Berg <johan...@sipsolutions.net>:
> On Sun, 2017-09-24 at 01:40 -0400, Xiang Gao wrote:
>> Currently, the aes_ccm.c and aes_gcm.c are almost line by line
>> copy of each other. This patch reduce code redundancy by moving
>> the code in these two files to crypto/aead_api.c to make it a
>> higher level aead api. The aes_ccm.c and aes_gcm.c are removed
>> and all the functions are now implemented in their headers using
>> the newly added aead api.
>>
> No objection from me, though I'd ask you to respin with the indentation
> fixed up a bit.

Hi Johannes,

Thank you for you time for the suggestion. I'm not sure if I correctly
understand you point.
Do you mean to put more characters each line in the description? Something like:

> Currently, the aes_ccm.c and aes_gcm.c are almost line by line copy of
> each other. This patch reduce code redundancy by moving the code in these
> two files to crypto/aead_api.c to make it a higher level aead api. The
> file aes_ccm.c and aes_gcm.c are removed and all the functions there are
> now implemented in their headers using the newly added aead api.

instead of

> Currently, the aes_ccm.c and aes_gcm.c are almost line by line
> copy of each other. This patch reduce code redundancy by moving
> the code in these two files to crypto/aead_api.c to make it a
> higher level aead api. The aes_ccm.c and aes_gcm.c are removed
> and all the functions are now implemented in their headers using
> the newly added aead api.

Xiang Gao

>
> johannes

[PATCH] mac80211: aead api to reduce redundancy

2017-09-23 Thread Xiang Gao 
Currently, the aes_ccm.c and aes_gcm.c are almost line by line
copy of each other. This patch reduce code redundancy by moving
the code in these two files to crypto/aead_api.c to make it a
higher level aead api. The aes_ccm.c and aes_gcm.c are removed
and all the functions are now implemented in their headers using
the newly added aead api.

Signed-off-by: Xiang Gao <qasdfgtyu...@gmail.com>
---
 crypto/Makefile |   2 +-
 net/mac80211/aes_gcm.c => crypto/aead_api.c |  53 +++--
 include/crypto/aead_api.h   |  21 +
 net/mac80211/Makefile   |   2 -
 net/mac80211/aes_ccm.c  | 115 
 net/mac80211/aes_ccm.h  |  42 +++---
 net/mac80211/aes_gcm.h  |  40 --
 net/mac80211/key.c  |   1 +
 net/mac80211/wpa.c  |  11 +--
 9 files changed, 118 insertions(+), 169 deletions(-)
 rename net/mac80211/aes_gcm.c => crypto/aead_api.c (54%)
 create mode 100644 include/crypto/aead_api.h
 delete mode 100644 net/mac80211/aes_ccm.c

diff --git a/crypto/Makefile b/crypto/Makefile
index d41f0331b085..541316db5841 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -14,7 +14,7 @@ crypto_algapi-$(CONFIG_PROC_FS) += proc.o
 crypto_algapi-y := algapi.o scatterwalk.o $(crypto_algapi-y)
 obj-$(CONFIG_CRYPTO_ALGAPI2) += crypto_algapi.o
 
-obj-$(CONFIG_CRYPTO_AEAD2) += aead.o
+obj-$(CONFIG_CRYPTO_AEAD2) += aead.o aead_api.o
 
 crypto_blkcipher-y := ablkcipher.o
 crypto_blkcipher-y += blkcipher.o
diff --git a/net/mac80211/aes_gcm.c b/crypto/aead_api.c
similarity index 54%
rename from net/mac80211/aes_gcm.c
rename to crypto/aead_api.c
index 8a4397cc1b08..9585ee400b2e 100644
--- a/net/mac80211/aes_gcm.c
+++ b/crypto/aead_api.c
@@ -1,7 +1,4 @@
-/*
- * Copyright 2014-2015, Qualcomm Atheros, Inc.
- *
- * This program is free software; you can redistribute it and/or modify
+/* This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
  * published by the Free Software Foundation.
  */
@@ -9,43 +6,43 @@
 #include 
 #include 
 #include 
-#include 
+#include 
 
-#include 
-#include "key.h"
-#include "aes_gcm.h"
+#include 
 
-int ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
- u8 *data, size_t data_len, u8 *mic)
+int aead_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
+u8 *data, size_t data_len, u8 *auth)
 {
struct scatterlist sg[3];
struct aead_request *aead_req;
int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm);
u8 *__aad;
 
-   aead_req = kzalloc(reqsize + GCM_AAD_LEN, GFP_ATOMIC);
+   aead_req = kzalloc(reqsize + aad_len, GFP_ATOMIC);
if (!aead_req)
return -ENOMEM;
 
__aad = (u8 *)aead_req + reqsize;
-   memcpy(__aad, aad, GCM_AAD_LEN);
+   memcpy(__aad, aad, aad_len);
 
sg_init_table(sg, 3);
-   sg_set_buf([0], &__aad[2], be16_to_cpup((__be16 *)__aad));
+   sg_set_buf([0], __aad, aad_len);
sg_set_buf([1], data, data_len);
-   sg_set_buf([2], mic, IEEE80211_GCMP_MIC_LEN);
+   sg_set_buf([2], auth, tfm->authsize);
 
aead_request_set_tfm(aead_req, tfm);
-   aead_request_set_crypt(aead_req, sg, sg, data_len, j_0);
+   aead_request_set_crypt(aead_req, sg, sg, data_len, b_0);
aead_request_set_ad(aead_req, sg[0].length);
 
crypto_aead_encrypt(aead_req);
kzfree(aead_req);
+
return 0;
 }
+EXPORT_SYMBOL_GPL(aead_encrypt);
 
-int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
- u8 *data, size_t data_len, u8 *mic)
+int aead_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len,
+u8 *data, size_t data_len, u8 *auth)
 {
struct scatterlist sg[3];
struct aead_request *aead_req;
@@ -56,21 +53,20 @@ int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 
*j_0, u8 *aad,
if (data_len == 0)
return -EINVAL;
 
-   aead_req = kzalloc(reqsize + GCM_AAD_LEN, GFP_ATOMIC);
+   aead_req = kzalloc(reqsize + aad_len, GFP_ATOMIC);
if (!aead_req)
return -ENOMEM;
 
__aad = (u8 *)aead_req + reqsize;
-   memcpy(__aad, aad, GCM_AAD_LEN);
+   memcpy(__aad, aad, aad_len);
 
sg_init_table(sg, 3);
sg_set_buf([0], &__aad[2], be16_to_cpup((__be16 *)__aad));
sg_set_buf([1], data, data_len);
-   sg_set_buf([2], mic, IEEE80211_GCMP_MIC_LEN);
+   sg_set_buf([2], auth, tfm->authsize);
 
aead_request_set_tfm(aead_req, tfm);
-   aead_request_set_crypt(aead_req, sg, sg,
-  data_len + IEEE80211_GCMP_MIC_LEN, j_0);
+   aead_requ

[PATCH] ipv6: Use ipv6_authlen for len in ipv6_skip_exthdr

2017-09-20 Thread Xiang Gao 
In ipv6_skip_exthdr, the lengh of AH header is computed manually
as (hp->hdrlen+2)<<2. However, in include/linux/ipv6.h, a macro
named ipv6_authlen is already defined for exactly the same job. This
commit replaces the manual computation code with the macro.

Signed-off-by: Xiang Gao <qasdfgtyu...@gmail.com>
---
 net/ipv6/exthdrs_core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv6/exthdrs_core.c b/net/ipv6/exthdrs_core.c
index 305e2ed730bf..115d60919f72 100644
--- a/net/ipv6/exthdrs_core.c
+++ b/net/ipv6/exthdrs_core.c
@@ -99,7 +99,7 @@ int ipv6_skip_exthdr(const struct sk_buff *skb, int start, u8 
*nexthdrp,
break;
hdrlen = 8;
} else if (nexthdr == NEXTHDR_AUTH)
-   hdrlen = (hp->hdrlen+2)<<2;
+   hdrlen = ipv6_authlen(hp);
else
hdrlen = ipv6_optlen(hp);
 
-- 
2.14.1

Re: [PATCH] ipv6_skip_exthdr: use ipv6_authlen for AH hdrlen

2017-09-20 Thread Xiang Gao 
Hi David,

Thanks for your time and all your suggestions. I will resend a new patch soon.

Xiang Gao
Xiang Gao


2017-09-19 18:32 GMT-04:00 David Miller <da...@davemloft.net>:
> From: Xiang Gao <qasdfgtyu...@gmail.com>
> Date: Tue, 19 Sep 2017 08:59:50 -0400
>
>> In ipv6_skip_exthdr, the lengh of AH header is computed manually
>> as (hp->hdrlen+2)<<2. However, in include/linux/ipv6.h, a macro
>> named ipv6_authlen is already defined for exactly the same job. This
>> commit replaces the manual computation code with the macro.
>
> All patch submissions must have a proper signoff.
>
> Also, please use a proper subsystem prefix in your Subject
> line "[PATCH] ipv6: Use ipv6_authlen for AH hdrlen in ipv6_skip_exthdr()"
> would have been much better as "ipv6: " is the appropriate
> subsystem prefix to use here.
>
> Thanks.

[PATCH] ipv6_skip_exthdr: use ipv6_authlen for AH hdrlen

2017-09-19 Thread Xiang Gao 
In ipv6_skip_exthdr, the lengh of AH header is computed manually
as (hp->hdrlen+2)<<2. However, in include/linux/ipv6.h, a macro
named ipv6_authlen is already defined for exactly the same job. This
commit replaces the manual computation code with the macro.
---
 net/ipv6/exthdrs_core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv6/exthdrs_core.c b/net/ipv6/exthdrs_core.c
index 305e2ed730bf..115d60919f72 100644
--- a/net/ipv6/exthdrs_core.c
+++ b/net/ipv6/exthdrs_core.c
@@ -99,7 +99,7 @@ int ipv6_skip_exthdr(const struct sk_buff *skb, int start, u8 
*nexthdrp,
break;
hdrlen = 8;
} else if (nexthdr == NEXTHDR_AUTH)
-   hdrlen = (hp->hdrlen+2)<<2;
+   hdrlen = ipv6_authlen(hp);
else
hdrlen = ipv6_optlen(hp);
 
-- 
2.14.1

[PATCH 1/1] ipv6_skip_exthdr: use ipv6_authlen for AH header length computation

2017-09-14 Thread Xiang Gao 
>From 09cf2e3cf09cf591283785aaa8159baf39ac2e08 Mon Sep 17 00:00:00 2001
From: Xiang Gao <qasdfgtyu...@gmail.com>
Date: Fri, 15 Sep 2017 00:44:12 -0400
Subject: [PATCH] ipv6_skip_exthdr: use ipv6_authlen for AH hdrlen

In ipv6_skip_exthdr, the lengh of AH header is computed manually
as (hp->hdrlen+2)<<2. However, in include/linux/ipv6.h, a macro
named ipv6_authlen is already defined for exactly the same job. This
commit replaces the manual computation code with the macro.
---
 net/ipv6/exthdrs_core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv6/exthdrs_core.c b/net/ipv6/exthdrs_core.c
index 305e2ed730bf..115d60919f72 100644
--- a/net/ipv6/exthdrs_core.c
+++ b/net/ipv6/exthdrs_core.c
@@ -99,7 +99,7 @@ int ipv6_skip_exthdr(const struct sk_buff *skb, int
start, u8 *nexthdrp,
  break;
  hdrlen = 8;
  } else if (nexthdr == NEXTHDR_AUTH)
- hdrlen = (hp->hdrlen+2)<<2;
+ hdrlen = ipv6_authlen(hp);
  else
  hdrlen = ipv6_optlen(hp);

-- 
2.14.1


Signed-off-by: Xiang Gao <qasdfgtyu...@gmail.com>