#
7d6899a5 |
|
02-Oct-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Only access common skcipher fields on spawn As skcipher spawns may be of the type lskcipher, only the common fields may be accessed. This was already the case but use the correct helpers to make this more obvious. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
31865c4c |
|
14-Sep-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: skcipher - Add lskcipher Add a new API type lskcipher designed for taking straight kernel pointers instead of SG lists. Its relationship to skcipher will be analogous to that between shash and ahash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
cfbda734 |
|
13-Apr-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Add support for cloning hashes Allow cryptd hashes to be cloned. The underlying hash will be cloned. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
0303b7f5 |
|
13-Apr-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Convert hash to use modern init_tfm/exit_tfm The cryptd hash template was still using the obsolete cra_init/cra_exit interface. Make it use the modern ahash init_tfm/exit_tfm instead. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: Simon Horman <simon.horman@corigine.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
255e48eb |
|
07-Feb-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: api - Use data directly in completion function This patch does the final flag day conversion of all completion functions which are now all contained in the Crypto API. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f27c94aa |
|
07-Feb-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Use request_complete helpers Use the request_complete helpers instead of calling the completion function directly. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
256f9e53 |
|
07-Feb-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Use subreq for AEAD AEAD reuses the existing request object for its child. This is error-prone and unnecessary. This patch adds a subrequest object just like we do for skcipher and hash. This patch also restores the original completion function as we do for skcipher/hash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
e16dda2b |
|
19-Jan-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Remove unnecessary skcipher_request_zero Previously the child skcipher request was stored on the stack and therefore needed to be zeroed. As it is now dynamically allocated we no longer need to do so. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
3a58c231 |
|
11-Nov-2022 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Use request context instead of stack for sub-request cryptd is buggy as it tries to use sync_skcipher without going through the proper sync_skcipher interface. In fact it doesn't even need sync_skcipher since it's already a proper skcipher and can easily access the request context instead of using something off the stack. Fixes: 36b3875a97b8 ("crypto: cryptd - Remove VLA usage of skcipher") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
91e8bcd7 |
|
04-May-2022 |
Sebastian Andrzej Siewior <bigeasy@linutronix.de> |
crypto: cryptd - Protect per-CPU resource by disabling BH. The access to cryptd_queue::cpu_queue is synchronized by disabling preemption in cryptd_enqueue_request() and disabling BH in cryptd_queue_worker(). This implies that access is allowed from BH. If cryptd_enqueue_request() is invoked from preemptible context _and_ soft interrupt then this can lead to list corruption since cryptd_enqueue_request() is not protected against access from soft interrupt. Replace get_cpu() in cryptd_enqueue_request() with local_bh_disable() to ensure BH is always disabled. Remove preempt_disable() from cryptd_queue_worker() since it is not needed because local_bh_disable() ensures synchronisation. Fixes: 254eff771441 ("crypto: cryptd - Per-CPU thread implementation...") Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
7bcb2c99 |
|
10-Jul-2020 |
Eric Biggers <ebiggers@google.com> |
crypto: algapi - use common mechanism for inheriting flags The flag CRYPTO_ALG_ASYNC is "inherited" in the sense that when a template is instantiated, the template will have CRYPTO_ALG_ASYNC set if any of the algorithms it uses has CRYPTO_ALG_ASYNC set. We'd like to add a second flag (CRYPTO_ALG_ALLOCATES_MEMORY) that gets "inherited" in the same way. This is difficult because the handling of CRYPTO_ALG_ASYNC is hardcoded everywhere. Address this by: - Add CRYPTO_ALG_INHERITED_FLAGS, which contains the set of flags that have these inheritance semantics. - Add crypto_algt_inherited_mask(), for use by template ->create() methods. It returns any of these flags that the user asked to be unset and thus must be passed in the 'mask' to crypto_grab_*(). - Also modify crypto_check_attr_type() to handle computing the 'mask' so that most templates can just use this. - Make crypto_grab_*() propagate these flags to the template instance being created so that templates don't have to do this themselves. Make crypto/simd.c propagate these flags too, since it "wraps" another algorithm, similar to a template. Based on a patch by Mikulas Patocka <mpatocka@redhat.com> (https://lore.kernel.org/r/alpine.LRH.2.02.2006301414580.30526@file01.intranet.prod.int.rdu2.redhat.com). Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b8c0d74a |
|
25-Feb-2020 |
Eric Biggers <ebiggers@google.com> |
crypto: cryptd - simplify error handling in cryptd_create_*() Simplify the error handling in the various cryptd_create_*() functions by taking advantage of crypto_grab_*() now handling an ERR_PTR() name and by taking advantage of crypto_drop_*() now accepting (as a no-op) a spawn that hasn't been grabbed yet. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
758ec5ac |
|
02-Jan-2020 |
Eric Biggers <ebiggers@google.com> |
crypto: cryptd - convert to new way of freeing instances Convert the "cryptd" template to the new way of freeing instances, where a ->free() method is installed to the instance struct itself. This replaces the weakly-typed method crypto_template::free(). This will allow removing support for the old way of freeing instances. Note that the 'default' case in cryptd_free() was already unreachable. So, we aren't missing anything by keeping only the ahash and aead parts. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
218c5035 |
|
02-Jan-2020 |
Eric Biggers <ebiggers@google.com> |
crypto: cryptd - use crypto_grab_shash() and simplify error paths Make the cryptd template (in the hash case) use the new function crypto_grab_shash() to initialize its shash spawn. This is needed to make all spawns be initialized in a consistent way. This required making cryptd_create_hash() allocate the instance directly rather than use cryptd_alloc_instance(). Also simplify the error handling by taking advantage of crypto_drop_*() now accepting (as a no-op) spawns that haven't been initialized yet, and by taking advantage of crypto_grab_*() now handling ERR_PTR() names. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
cd900f0c |
|
02-Jan-2020 |
Eric Biggers <ebiggers@google.com> |
crypto: aead - pass instance to crypto_grab_aead() Initializing a crypto_aead_spawn currently requires: 1. Set spawn->base.inst to point to the instance. 2. Call crypto_grab_aead(). But there's no reason for these steps to be separate, and in fact this unneeded complication has caused at least one bug, the one fixed by commit 6db43410179b ("crypto: adiantum - initialize crypto_spawn::inst") So just make crypto_grab_aead() take the instance as an argument. To keep the function calls from getting too unwieldy due to this extra argument, also introduce a 'mask' variable into the affected places which weren't already using one. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b9f76ddd |
|
02-Jan-2020 |
Eric Biggers <ebiggers@google.com> |
crypto: skcipher - pass instance to crypto_grab_skcipher() Initializing a crypto_skcipher_spawn currently requires: 1. Set spawn->base.inst to point to the instance. 2. Call crypto_grab_skcipher(). But there's no reason for these steps to be separate, and in fact this unneeded complication has caused at least one bug, the one fixed by commit 6db43410179b ("crypto: adiantum - initialize crypto_spawn::inst") So just make crypto_grab_skcipher() take the instance as an argument. To keep the function calls from getting too unwieldy due to this extra argument, also introduce a 'mask' variable into the affected places which weren't already using one. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
af5034e8 |
|
30-Dec-2019 |
Eric Biggers <ebiggers@google.com> |
crypto: remove propagation of CRYPTO_TFM_RES_* flags The CRYPTO_TFM_RES_* flags were apparently meant as a way to make the ->setkey() functions provide more information about errors. But these flags weren't actually being used or tested, and in many cases they weren't being set correctly anyway. So they've now been removed. Also, if someone ever actually needs to start better distinguishing ->setkey() errors (which is somewhat unlikely, as this has been unneeded for a long time), we'd be much better off just defining different return values, like -EINVAL if the key is invalid for the algorithm vs. -EKEYREJECTED if the key was rejected by a policy like "no weak keys". That would be much simpler, less error-prone, and easier to test. So just remove CRYPTO_TFM_RES_MASK and all the unneeded logic that propagates these flags around. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c65058b7 |
|
25-Oct-2019 |
Eric Biggers <ebiggers@google.com> |
crypto: skcipher - remove the "blkcipher" algorithm type Now that all "blkcipher" algorithms have been converted to "skcipher", remove the blkcipher algorithm type. The skcipher (symmetric key cipher) algorithm type was introduced a few years ago to replace both blkcipher and ablkcipher (synchronous and asynchronous block cipher). The advantages of skcipher include: - A much less confusing name, since none of these algorithm types have ever actually been for raw block ciphers, but rather for all length-preserving encryption modes including block cipher modes of operation, stream ciphers, and other length-preserving modes. - It unified blkcipher and ablkcipher into a single algorithm type which supports both synchronous and asynchronous implementations. Note, blkcipher already operated only on scatterlists, so the fact that skcipher does too isn't a regression in functionality. - Better type safety by using struct skcipher_alg, struct crypto_skcipher, etc. instead of crypto_alg, crypto_tfm, etc. - It sometimes simplifies the implementations of algorithms. Also, the blkcipher API was no longer being tested. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
43b970fa |
|
08-Aug-2019 |
Chuhong Yuan <hslester96@gmail.com> |
crypto: cryptd - Use refcount_t for refcount Reference counters are preferred to use refcount_t instead of atomic_t. This is because the implementation of refcount_t can prevent overflows and detect possible use-after-free. So convert atomic_t ref counters to refcount_t. Signed-off-by: Chuhong Yuan <hslester96@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
1a0fad63 |
|
02-Jul-2019 |
Vincent Whitchurch <vincent.whitchurch@axis.com> |
crypto: cryptd - Fix skcipher instance memory leak cryptd_skcipher_free() fails to free the struct skcipher_instance allocated in cryptd_create_skcipher(), leading to a memory leak. This is detected by kmemleak on bootup on ARM64 platforms: unreferenced object 0xffff80003377b180 (size 1024): comm "cryptomgr_probe", pid 822, jiffies 4294894830 (age 52.760s) backtrace: kmem_cache_alloc_trace+0x270/0x2d0 cryptd_create+0x990/0x124c cryptomgr_probe+0x5c/0x1e8 kthread+0x258/0x318 ret_from_fork+0x10/0x1c Fixes: 4e0958d19bd8 ("crypto: cryptd - Add support for skcipher") Cc: <stable@vger.kernel.org> Signed-off-by: Vincent Whitchurch <vincent.whitchurch@axis.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
2874c5fd |
|
27-May-2019 |
Thomas Gleixner <tglx@linutronix.de> |
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 Based on 1 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license as published by the free software foundation either version 2 of the license or at your option any later version extracted by the scancode license scanner the SPDX license identifier GPL-2.0-or-later has been chosen to replace the boilerplate/reference in 3029 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Allison Randal <allison@lohutok.net> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190527070032.746973796@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
#
84ede58d |
|
20-May-2019 |
Eric Biggers <ebiggers@google.com> |
crypto: hash - remove CRYPTO_ALG_TYPE_DIGEST Remove the unnecessary constant CRYPTO_ALG_TYPE_DIGEST, which has the same value as CRYPTO_ALG_TYPE_HASH. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
3e56e168 |
|
20-May-2019 |
Eric Biggers <ebiggers@google.com> |
crypto: cryptd - move kcrypto_wq into cryptd kcrypto_wq is only used by cryptd, so move it into cryptd.c and change the workqueue name from "crypto" to "cryptd". Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
877b5691 |
|
14-Apr-2019 |
Eric Biggers <ebiggers@google.com> |
crypto: shash - remove shash_desc::flags The flags field in 'struct shash_desc' never actually does anything. The only ostensibly supported flag is CRYPTO_TFM_REQ_MAY_SLEEP. However, no shash algorithm ever sleeps, making this flag a no-op. With this being the case, inevitably some users who can't sleep wrongly pass MAY_SLEEP. These would all need to be fixed if any shash algorithm actually started sleeping. For example, the shash_ahash_*() functions, which wrap a shash algorithm with the ahash API, pass through MAY_SLEEP from the ahash API to the shash API. However, the shash functions are called under kmap_atomic(), so actually they're assumed to never sleep. Even if it turns out that some users do need preemption points while hashing large buffers, we could easily provide a helper function crypto_shash_update_large() which divides the data into smaller chunks and calls crypto_shash_update() and cond_resched() for each chunk. It's not necessary to have a flag in 'struct shash_desc', nor is it necessary to make individual shash algorithms aware of this at all. Therefore, remove shash_desc::flags, and document that the crypto_shash_*() functions can be called from any context. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
0a877e35 |
|
12-Apr-2019 |
Eric Biggers <ebiggers@google.com> |
crypto: cryptd - remove ability to instantiate ablkciphers Remove cryptd_alloc_ablkcipher() and the ability of cryptd to create algorithms with the deprecated "ablkcipher" type. This has been unused since commit 0e145b477dea ("crypto: ablk_helper - remove ablk_helper"). Instead, cryptd_alloc_skcipher() is used. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c79b411e |
|
16-Dec-2018 |
Eric Biggers <ebiggers@google.com> |
crypto: skcipher - remove remnants of internal IV generators Remove dead code related to internal IV generators, which are no longer used since they've been replaced with the "seqiv" and "echainiv" templates. The removed code includes: - The "givcipher" (GIVCIPHER) algorithm type. No algorithms are registered with this type anymore, so it's unneeded. - The "const char *geniv" member of aead_alg, ablkcipher_alg, and blkcipher_alg. A few algorithms still set this, but it isn't used anymore except to show via /proc/crypto and CRYPTO_MSG_GETALG. Just hardcode "<default>" or "<none>" in those cases. - The 'skcipher_givcrypt_request' structure, which is never used. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
36b3875a |
|
18-Sep-2018 |
Kees Cook <keescook@chromium.org> |
crypto: cryptd - Remove VLA usage of skcipher In the quest to remove all stack VLA usage from the kernel[1], this replaces struct crypto_skcipher and SKCIPHER_REQUEST_ON_STACK() usage with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(), which uses a fixed stack size. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a208fa8f |
|
03-Jan-2018 |
Eric Biggers <ebiggers@google.com> |
crypto: hash - annotate algorithms taking optional key We need to consistently enforce that keyed hashes cannot be used without setting the key. To do this we need a reliable way to determine whether a given hash algorithm is keyed or not. AF_ALG currently does this by checking for the presence of a ->setkey() method. However, this is actually slightly broken because the CRC-32 algorithms implement ->setkey() but can also be used without a key. (The CRC-32 "key" is not actually a cryptographic key but rather represents the initial state. If not overridden, then a default initial state is used.) Prepare to fix this by introducing a flag CRYPTO_ALG_OPTIONAL_KEY which indicates that the algorithm has a ->setkey() method, but it is not required to be called. Then set it on all the CRC-32 algorithms. The same also applies to the Adler-32 implementation in Lustre. Also, the cryptd and mcryptd templates have to pass through the flag from their underlying algorithm. Cc: stable@vger.kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
841a3ff3 |
|
03-Jan-2018 |
Eric Biggers <ebiggers@google.com> |
crypto: cryptd - pass through absence of ->setkey() When the cryptd template is used to wrap an unkeyed hash algorithm, don't install a ->setkey() method to the cryptd instance. This change is necessary for cryptd to keep working with unkeyed hash algorithms once we start enforcing that ->setkey() is called when present. Cc: stable@vger.kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
eaf356e4 |
|
30-Nov-2017 |
Colin Ian King <colin.king@canonical.com> |
crypto: cryptd - make cryptd_max_cpu_qlen module parameter static The cryptd_max_cpu_qlen module parameter is local to the source and does not need to be in global scope, so make it static. Cleans up sparse warning: crypto/cryptd.c:35:14: warning: symbol 'cryptd_max_cpu_qlen' was not declared. Should it be static? Signed-off-by: Colin Ian King <colin.king@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c3a53605 |
|
21-Nov-2017 |
Jon Maxwell <jmaxwell37@gmail.com> |
crypto: cryptd - Add cryptd_max_cpu_qlen module parameter Make the cryptd queue length configurable. We recently had customer where this needed to be tuned to accommodate the aesni_intel module and prevent packet drop. Signed-off-by: Jon Maxwell <jmaxwell37@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
6b80ea38 |
|
18-Oct-2017 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: change transient busy return code to -ENOSPC The crypto API was using the -EBUSY return value to indicate both a hard failure to submit a crypto operation into a transformation provider when the latter was busy and the backlog mechanism was not enabled as well as a notification that the operation was queued into the backlog when the backlog mechanism was enabled. Having the same return code indicate two very different conditions depending on a flag is both error prone and requires extra runtime check like the following to discern between the cases: if (err == -EINPROGRESS || (err == -EBUSY && (ahash_request_flags(req) & CRYPTO_TFM_REQ_MAY_BACKLOG))) This patch changes the return code used to indicate a crypto op failed due to the transformation provider being transiently busy to -ENOSPC. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
4e0958d1 |
|
22-Nov-2016 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Add support for skcipher This patch adds skcipher support to cryptd alongside ablkcipher. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
89277a7d |
|
31-Oct-2016 |
Tobias Klauser <tklauser@distanz.ch> |
crypto: cryptd - Remove unused but set variable 'tfm' Remove the unused but set variable tfm in cryptd_enqueue_request to fix the following warning when building with 'W=1': crypto/cryptd.c:125:21: warning: variable 'tfm' set but not used [-Wunused-but-set-variable] Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
0bd22235 |
|
01-Sep-2016 |
Ard Biesheuvel <ardb@kernel.org> |
crypto: cryptd - initialize child shash_desc on import When calling .import() on a cryptd ahash_request, the structure members that describe the child transform in the shash_desc need to be initialized like they are when calling .init() Cc: stable@vger.kernel.org Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
31bd44e7 |
|
25-Aug-2016 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Use correct tfm object for AEAD tracking The AEAD code path incorrectly uses the child tfm to track the cryptd refcnt, and then potentially frees the child tfm. Fixes: 81760ea6a95a ("crypto: cryptd - Add helpers to check...") Reported-by: Sowmini Varadhan <sowmini.varadhan@oracle.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
81760ea6 |
|
21-Jun-2016 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Add helpers to check whether a tfm is queued This patch adds helpers to check whether a given tfm is currently queued. This is meant to be used by ablk_helper and similar entities to ensure that no reordering is introduced because of requests queued in cryptd with respect to requests being processed in softirq context. The per-cpu queue length limit is also increased to 1000 in line with network limits. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
1a078340 |
|
29-Nov-2015 |
Wang, Rui Y <rui.y.wang@intel.com> |
crypto: cryptd - Assign statesize properly cryptd_create_hash() fails by returning -EINVAL. It is because after 8996eafdc ("crypto: ahash - ensure statesize is non-zero") all ahash drivers must have a non-zero statesize. This patch fixes the problem by properly assigning the statesize. Signed-off-by: Rui Wang <rui.y.wang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c012a79d |
|
25-Nov-2015 |
Alexander Kuleshov <kuleshovmail@gmail.com> |
crypto: cryptod - use crypto_skcipher_type() for getting skcipher type The <linux/crypto.h> provides inline function - crypto_skcipher_type(). Let's use it in the cryptd_alloc_ablkcipher() instead of direct calculation. Signed-off-by: Alexander Kuleshov <kuleshovmail@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
5e4b8c1f |
|
13-Aug-2015 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag This patch removes the CRYPTO_ALG_AEAD_NEW flag now that everyone has been converted. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
ba3749a7 |
|
13-Aug-2015 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Remove reference to crypto_aead_crt Pretty soon the crypto_aead encrypt/decrypt hooks will disappear as they are now always identical to those in struct aead_alg. This patch replaces the references to these hooks with the ones from aead_alg instead. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f6da3205 |
|
08-Jul-2015 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Propagate new AEAD implementation flag This patch allows the CRYPTO_ALG_AEAD_NEW flag to be propagated. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
ec9f2006 |
|
06-Jul-2015 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Fix AEAD request context corruption The AEAD version of cryptd uses the same context for its own state as well as that of the child. In doing so it did not maintain the proper ordering, thus resulting in potential state corruption where the child will overwrite the state stored by cryptd. This patch fixes and also sets the request size properly. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f614e546 |
|
28-May-2015 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Convert to new AEAD interface This patch converts cryptd to the new AEAD interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
92b9876b |
|
28-May-2015 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Add setkey/setauthsize functions for AEAD This patch adds setkey and setauthsize for cryptd AEAD. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
9b8c456e |
|
21-May-2015 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Use crypto_grab_aead As AEAD has switched over to using frontend types, the function crypto_init_spawn must not be used since it does not specify a frontend type. Otherwise it leads to a crash when the spawn is used. This patch fixes it by switching over to crypto_grab_aead instead. Fixes: 5d1d65f8bea6 ("crypto: aead - Convert top level interface to new style") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
529a0b62 |
|
11-May-2015 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Use crypto_aead_set_reqsize helper This patch uses the crypto_aead_set_reqsize helper to avoid directly touching the internals of aead. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
466a7b9e |
|
30-Mar-2015 |
Stephan Mueller <smueller@chronox.de> |
crypto: cryptd - process CRYPTO_ALG_INTERNAL The cryptd is used as a wrapper around internal ciphers. Therefore, the cryptd must process the internal cipher by marking cryptd as internal if the underlying cipher is an internal cipher. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
4943ba16 |
|
24-Nov-2014 |
Kees Cook <keescook@chromium.org> |
crypto: include crypto- module prefix in template This adds the module loading prefix "crypto-" to the template lookup as well. For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly includes the "crypto-" prefix at every level, correctly rejecting "vfat": net-pf-38 algif-hash crypto-vfat(blowfish) crypto-vfat(blowfish)-all crypto-vfat Reported-by: Mathias Krause <minipli@googlemail.com> Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Mathias Krause <minipli@googlemail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
3e3dc25f |
|
25-Jul-2014 |
Mark Rustad <mark.d.rustad@intel.com> |
crypto: Resolve shadow warnings Change formal parameters to not clash with global names to eliminate many W=2 warnings. Signed-off-by: Mark Rustad <mark.d.rustad@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
9efade1b |
|
21-Oct-2012 |
Jussi Kivilinna <jussi.kivilinna@mbnet.fi> |
crypto: cryptd - disable softirqs in cryptd_queue_worker to prevent data corruption cryptd_queue_worker attempts to prevent simultaneous accesses to crypto workqueue by cryptd_enqueue_request using preempt_disable/preempt_enable. However cryptd_enqueue_request might be called from softirq context, so add local_bh_disable/local_bh_enable to prevent data corruption and panics. Bug report at http://marc.info/?l=linux-crypto-vger&m=134858649616319&w=2 v2: - Disable software interrupts instead of hardware interrupts Cc: stable@vger.kernel.org Reported-by: Gurucharan Shetty <gurucharan.shetty@gmail.com> Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b2bac6ac |
|
19-Aug-2011 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Use subsys_initcall to prevent races with aesni As cryptd is depeneded on by other algorithms such as aesni-intel, it needs to be registered before them. When everything is built as modules, this occurs naturally. However, for this to work when they are built-in, we need to use subsys_initcall in cryptd. Tested-by: Josh Boyer <jwboyer@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
298c926c |
|
20-Sep-2010 |
Adrian Hoban <adrian.hoban@intel.com> |
crypto: cryptd - Adding the AEAD interface type support to cryptd This patch adds AEAD support into the cryptd framework. Having AEAD support in cryptd enables crypto drivers that use the AEAD interface type (such as the patch for AEAD based RFC4106 AES-GCM implementation using Intel New Instructions) to leverage cryptd for asynchronous processing. Signed-off-by: Adrian Hoban <adrian.hoban@intel.com> Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Gabriele Paoloni <gabriele.paoloni@intel.com> Signed-off-by: Aidan O'Mahony <aidan.o.mahony@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a29d8b8e |
|
01-Feb-2010 |
Tejun Heo <tj@kernel.org> |
percpu: add __percpu sparse annotations to what's left Add __percpu sparse annotations to places which didn't make it in one of the previous patches. All converions are trivial. These annotations are to make sparse consider percpu variables to be in a different address space and warn if accessed without going through percpu accessors. This patch doesn't affect normal builds. Signed-off-by: Tejun Heo <tj@kernel.org> Acked-by: Borislav Petkov <borislav.petkov@amd.com> Cc: Dan Williams <dan.j.williams@intel.com> Cc: Huang Ying <ying.huang@intel.com> Cc: Len Brown <lenb@kernel.org> Cc: Neil Brown <neilb@suse.de>
|
#
0e1227d3 |
|
18-Oct-2009 |
Huang Ying <ying.huang@intel.com> |
crypto: ghash - Add PCLMULQDQ accelerated implementation PCLMULQDQ is used to accelerate the most time-consuming part of GHASH, carry-less multiplication. More information about PCLMULQDQ can be found at: http://software.intel.com/en-us/articles/carry-less-multiplication-and-its-usage-for-computing-the-gcm-mode/ Because PCLMULQDQ changes XMM state, its usage must be enclosed with kernel_fpu_begin/end, which can be used only in process context, the acceleration is implemented as crypto_ahash. That is, request in soft IRQ context will be defered to the cryptd kernel thread. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
0b44f486 |
|
03-Oct-2009 |
Christoph Lameter <cl@linux-foundation.org> |
this_cpu: Use this_cpu_ptr in crypto subsystem Just a slight optimization that removes one array lookup. The processor number is needed for other things as well so the get/put_cpu cannot be removed. Acked-by: Tejun Heo <tj@kernel.org> Cc: Huang Ying <ying.huang@intel.com> Signed-off-by: Christoph Lameter <cl@linux-foundation.org> Signed-off-by: Tejun Heo <tj@kernel.org>
|
#
ace13663 |
|
05-Aug-2009 |
Huang Ying <ying.huang@intel.com> |
crypto: cryptd - Add support to access underlaying shash cryptd_alloc_ahash() will allocate a cryptd-ed ahash for specified algorithm name. The new allocated one is guaranteed to be cryptd-ed ahash, so the shash underlying can be gotten via cryptd_ahash_child(). Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
6fba00d1 |
|
21-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Add finup/export/import for hash This patch adds the finup/export/import functions to the cryptd ahash implementation. We simply invoke the underlying shash operations. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
05ed8758 |
|
15-Jul-2009 |
Steffen Klassert <steffen.klassert@secunet.com> |
crypto: cryptd - Fix uninitialized return value If cryptd_alloc_instance() fails, the return value is uninitialized. This patch fixes this by setting the return value. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
0b535adf |
|
14-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Switch to new style ahash This patch changes cryptd to use the new style ahash type. In particular, the instance is enlarged to encapsulate the new ahash_alg structure. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
9cd899a3 |
|
14-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Switch to template create API This patch changes cryptd to use the template->create function instead of alloc in anticipation for the switch to new style ahash algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
0d6669e2 |
|
12-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Use crypto_ahash_set_reqsize This patch makes cryptd use crypto_ahash_set_reqsize to avoid accessing crypto_ahash directly. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
46309d89 |
|
12-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: cryptd - Use shash algorithms This patch changes cryptd to use shash algorithms instead of the legacy hash interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
505fd21d |
|
29-Mar-2009 |
Huang Ying <ying.huang@intel.com> |
crypto: cryptd - Use nivcipher in cryptd_alloc_ablkcipher Use crypto_alloc_base() instead of crypto_alloc_ablkcipher() to allocate underlying tfm in cryptd_alloc_ablkcipher. Because crypto_alloc_ablkcipher() prefer GENIV encapsulated crypto instead of raw one, while cryptd_alloc_ablkcipher needed the raw one. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
254eff77 |
|
18-Feb-2009 |
Huang Ying <ying.huang@intel.com> |
crypto: cryptd - Per-CPU thread implementation based on kcrypto_wq Original cryptd thread implementation has scalability issue, this patch solve the issue with a per-CPU thread implementation. struct cryptd_queue is defined to be a per-CPU queue, which holds one struct cryptd_cpu_queue for each CPU. In struct cryptd_cpu_queue, a struct crypto_queue holds all requests for the CPU, a struct work_struct is used to run all requests for the CPU. Testing based on dm-crypt on an Intel Core 2 E6400 (two cores) machine shows 19.2% performance gain. The testing script is as follow: -------------------- script begin --------------------------- #!/bin/sh dmc_create() { # Create a crypt device using dmsetup dmsetup create $2 --table "0 `blockdev --getsize $1` crypt cbc(aes-asm)?cryptd?plain:plain babebabebabebabebabebabebabebabe 0 $1 0" } dmsetup remove crypt0 dmsetup remove crypt1 dd if=/dev/zero of=/dev/ram0 bs=1M count=4 >& /dev/null dd if=/dev/zero of=/dev/ram1 bs=1M count=4 >& /dev/null dmc_create /dev/ram0 crypt0 dmc_create /dev/ram1 crypt1 cat >tr.sh <<EOF #!/bin/sh for n in \$(seq 10); do dd if=/dev/dm-0 of=/dev/null >& /dev/null & dd if=/dev/dm-1 of=/dev/null >& /dev/null & done wait EOF for n in $(seq 10); do /usr/bin/time sh tr.sh done rm tr.sh -------------------- script end --------------------------- The separator of dm-crypt parameter is changed from "-" to "?", because "-" is used in some cipher driver name too, and cryptds need to specify cipher driver name instead of cipher name. The test result on an Intel Core2 E6400 (two cores) is as follow: without patch: -----------------wo begin -------------------------- 0.04user 0.38system 0:00.39elapsed 107%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6566minor)pagefaults 0swaps 0.07user 0.35system 0:00.35elapsed 121%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6567minor)pagefaults 0swaps 0.06user 0.34system 0:00.30elapsed 135%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6562minor)pagefaults 0swaps 0.05user 0.37system 0:00.36elapsed 119%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6607minor)pagefaults 0swaps 0.06user 0.36system 0:00.35elapsed 120%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6562minor)pagefaults 0swaps 0.05user 0.37system 0:00.31elapsed 136%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6594minor)pagefaults 0swaps 0.04user 0.34system 0:00.30elapsed 126%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6597minor)pagefaults 0swaps 0.06user 0.32system 0:00.31elapsed 125%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6571minor)pagefaults 0swaps 0.06user 0.34system 0:00.31elapsed 134%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6581minor)pagefaults 0swaps 0.05user 0.38system 0:00.31elapsed 138%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6600minor)pagefaults 0swaps -----------------wo end -------------------------- with patch: ------------------w begin -------------------------- 0.02user 0.31system 0:00.24elapsed 141%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6554minor)pagefaults 0swaps 0.05user 0.34system 0:00.31elapsed 127%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6606minor)pagefaults 0swaps 0.07user 0.33system 0:00.26elapsed 155%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6559minor)pagefaults 0swaps 0.07user 0.32system 0:00.26elapsed 151%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6562minor)pagefaults 0swaps 0.05user 0.34system 0:00.26elapsed 150%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6603minor)pagefaults 0swaps 0.03user 0.36system 0:00.31elapsed 124%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6562minor)pagefaults 0swaps 0.04user 0.35system 0:00.26elapsed 147%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6586minor)pagefaults 0swaps 0.03user 0.37system 0:00.27elapsed 146%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6562minor)pagefaults 0swaps 0.04user 0.36system 0:00.26elapsed 154%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6594minor)pagefaults 0swaps 0.04user 0.35system 0:00.26elapsed 154%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (0major+6557minor)pagefaults 0swaps ------------------w end -------------------------- The middle value of elapsed time is: wo cryptwq: 0.31 w cryptwq: 0.26 The performance gain is about (0.31-0.26)/0.26 = 0.192. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
1cac2cbc |
|
17-Jan-2009 |
Huang Ying <ying.huang@intel.com> |
crypto: cryptd - Add support to access underlying blkcipher cryptd_alloc_ablkcipher() will allocate a cryptd-ed ablkcipher for specified algorithm name. The new allocated one is guaranteed to be cryptd-ed ablkcipher, so the blkcipher underlying can be gotten via cryptd_ablkcipher_child(). Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
18e33e6d |
|
10-Jul-2008 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: hash - Move ahash functions into crypto/hash.h All new crypto interfaces should go into individual files as much as possible in order to ensure that crypto.h does not collapse under its own weight. This patch moves the ahash code into crypto/hash.h and crypto/internal/hash.h respectively. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b8a28251 |
|
14-May-2008 |
Loc Ho <lho@amcc.com> |
[CRYPTO] cryptd: Add asynchronous hash support This patch adds asynchronous hash support to crypto daemon. Signed-off-by: Loc Ho <lho@amcc.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
93aa7f8a |
|
07-May-2008 |
Herbert Xu <herbert@gondor.apana.org.au> |
[CRYPTO] cryptd: Fix EINPROGRESS notification context The EINPROGRESS notifications should be done just like the final call-backs, i.e., with BH off. This patch fixes the call in cryptd since previously it was called with BH on. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b1145ce3 |
|
29-Apr-2008 |
Julia Lawall <julia@diku.dk> |
[CRYPTO] cryptd: Correct kzalloc error test Normally, kzalloc returns NULL or a valid pointer value, not a value to be tested using IS_ERR. Signed-off-by: Julia Lawall <julia@diku.dk> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
e231c2ee |
|
07-Feb-2008 |
David Howells <dhowells@redhat.com> |
Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p) Convert instances of ERR_PTR(PTR_ERR(p)) to ERR_CAST(p) using: perl -spi -e 's/ERR_PTR[(]PTR_ERR[(](.*)[)][)]/ERR_CAST(\1)/' `grep -rl 'ERR_PTR[(]*PTR_ERR' fs crypto net security` Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
#
927eead5 |
|
27-Nov-2007 |
Herbert Xu <herbert@gondor.apana.org.au> |
[CRYPTO] cryptd: Use geniv of the underlying algorithm If the underlying algorithm specifies a specific geniv algorithm then we should use it for the cryptd version as well. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
332f8840 |
|
15-Nov-2007 |
Herbert Xu <herbert@gondor.apana.org.au> |
[CRYPTO] ablkcipher: Add distinct ABLKCIPHER type Up until now we have ablkcipher algorithms have been identified as type BLKCIPHER with the ASYNC bit set. This is suboptimal because ablkcipher refers to two things. On the one hand it refers to the top-level ablkcipher interface with requests. On the other hand it refers to and algorithm type underneath. As it is you cannot request a synchronous block cipher algorithm with the ablkcipher interface on top. This is a problem because we want to be able to eventually phase out the blkcipher top-level interface. This patch fixes this by making ABLKCIPHER its own type, just as we have distinct types for HASH and DIGEST. The type it associated with the algorithm implementation only. Which top-level interface is used for synchronous block ciphers is then determined by the mask that's used. If it's a specific mask then the old blkcipher interface is given, otherwise we go with the new ablkcipher interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
2de98e75 |
|
26-Aug-2007 |
Herbert Xu <herbert@gondor.apana.org.au> |
[CRYPTO] ablkcipher: Remove queue pointer from common alg object Since not everyone needs a queue pointer and those who need it can always get it from the context anyway the queue pointer in the common alg object is redundant. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
189fe317 |
|
31-May-2007 |
Rafael J. Wysocki <rjw@rjwysocki.net> |
[CRYPTO] cryptd: Fix problem with cryptd and the freezer Make sure that cryptd is marked as nonfreezable and does not hold up the freezer. Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
124b53d0 |
|
16-Apr-2007 |
Herbert Xu <herbert@gondor.apana.org.au> |
[CRYPTO] cryptd: Add software async crypto daemon This patch adds the cryptd module which is a template that takes a synchronous software crypto algorithm and converts it to an asynchronous one by executing it in a kernel thread. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|