[PATCH v5 3/4] crypto: akcipher: add akcipher declarations needed by templates.

2015-11-26 Thread Andrew Zaborowski 
Add a struct akcipher_instance and struct akcipher_spawn similar to
how AEAD declares them and the macros for converting to/from
crypto_instance/crypto_spawn.  Also add register functions to
avoid exposing crypto_akcipher_type.

Signed-off-by: Andrew Zaborowski 
---
v2: no changes since v1
v3: drop the new crypto_akcipher_type methods and
add struct akcipher_instance
v4: avoid exposing crypto_akcipher_type after all, add struct akcipher_spawn
and utilities
v5: add akcipher_instance.free
---
 crypto/akcipher.c  | 39 -
 include/crypto/internal/akcipher.h | 60 ++
 2 files changed, 98 insertions(+), 1 deletion(-)

diff --git a/crypto/akcipher.c b/crypto/akcipher.c
index 120ec04..eef68e8 100644
--- a/crypto/akcipher.c
+++ b/crypto/akcipher.c
@@ -21,6 +21,7 @@
 #include 
 #include 
 #include 
+#include 
 #include "internal.h"
 
 #ifdef CONFIG_NET
@@ -75,9 +76,22 @@ static int crypto_akcipher_init_tfm(struct crypto_tfm *tfm)
return 0;
 }
 
+static void crypto_akcipher_free_instance(struct crypto_instance *inst)
+{
+   struct akcipher_instance *akcipher = akcipher_instance(inst);
+
+   if (!akcipher->free) {
+   inst->tmpl->free(inst);
+   return;
+   }
+
+   akcipher->free(akcipher);
+}
+
 static const struct crypto_type crypto_akcipher_type = {
.extsize = crypto_alg_extsize,
.init_tfm = crypto_akcipher_init_tfm,
+   .free = crypto_akcipher_free_instance,
 #ifdef CONFIG_PROC_FS
.show = crypto_akcipher_show,
 #endif
@@ -88,6 +102,14 @@ static const struct crypto_type crypto_akcipher_type = {
.tfmsize = offsetof(struct crypto_akcipher, base),
 };
 
+int crypto_grab_akcipher(struct crypto_akcipher_spawn *spawn, const char *name,
+u32 type, u32 mask)
+{
+   spawn->base.frontend = _akcipher_type;
+   return crypto_grab_spawn(>base, name, type, mask);
+}
+EXPORT_SYMBOL_GPL(crypto_grab_akcipher);
+
 struct crypto_akcipher *crypto_alloc_akcipher(const char *alg_name, u32 type,
  u32 mask)
 {
@@ -95,13 +117,20 @@ struct crypto_akcipher *crypto_alloc_akcipher(const char 
*alg_name, u32 type,
 }
 EXPORT_SYMBOL_GPL(crypto_alloc_akcipher);
 
-int crypto_register_akcipher(struct akcipher_alg *alg)
+static void akcipher_prepare_alg(struct akcipher_alg *alg)
 {
struct crypto_alg *base = >base;
 
base->cra_type = _akcipher_type;
base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK;
base->cra_flags |= CRYPTO_ALG_TYPE_AKCIPHER;
+}
+
+int crypto_register_akcipher(struct akcipher_alg *alg)
+{
+   struct crypto_alg *base = >base;
+
+   akcipher_prepare_alg(alg);
return crypto_register_alg(base);
 }
 EXPORT_SYMBOL_GPL(crypto_register_akcipher);
@@ -112,5 +141,13 @@ void crypto_unregister_akcipher(struct akcipher_alg *alg)
 }
 EXPORT_SYMBOL_GPL(crypto_unregister_akcipher);
 
+int akcipher_register_instance(struct crypto_template *tmpl,
+  struct akcipher_instance *inst)
+{
+   akcipher_prepare_alg(>alg);
+   return crypto_register_instance(tmpl, akcipher_crypto_instance(inst));
+}
+EXPORT_SYMBOL_GPL(akcipher_register_instance);
+
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("Generic public key cipher type");
diff --git a/include/crypto/internal/akcipher.h 
b/include/crypto/internal/akcipher.h
index 9a2bda1..9e4103d 100644
--- a/include/crypto/internal/akcipher.h
+++ b/include/crypto/internal/akcipher.h
@@ -13,6 +13,22 @@
 #ifndef _CRYPTO_AKCIPHER_INT_H
 #define _CRYPTO_AKCIPHER_INT_H
 #include 
+#include 
+
+struct akcipher_instance {
+   void (*free)(struct akcipher_instance *inst);
+   union {
+   struct {
+   char head[offsetof(struct akcipher_alg, base)];
+   struct crypto_instance base;
+   } s;
+   struct akcipher_alg alg;
+   };
+};
+
+struct crypto_akcipher_spawn {
+   struct crypto_spawn base;
+};
 
 /*
  * Transform internal helpers.
@@ -38,6 +54,38 @@ static inline const char *akcipher_alg_name(struct 
crypto_akcipher *tfm)
return crypto_akcipher_tfm(tfm)->__crt_alg->cra_name;
 }
 
+static inline struct crypto_instance *akcipher_crypto_instance(
+   struct akcipher_instance *inst)
+{
+   return container_of(>alg.base, struct crypto_instance, alg);
+}
+
+static inline struct akcipher_instance *akcipher_instance(
+   struct crypto_instance *inst)
+{
+   return container_of(>alg, struct akcipher_instance, alg.base);
+}
+
+int crypto_grab_akcipher(struct crypto_akcipher_spawn *spawn, const char *name,
+   u32 type, u32 mask);
+
+static inline void crypto_drop_akcipher(struct crypto_akcipher_spawn *spawn)
+{
+   crypto_drop_spawn(>base);
+}
+
+static inline struct akcipher_alg *crypto_spawn_akcipher_alg(
+   struct

Re: [PATCH v3 5/5] crypto: AES CBC multi-buffer glue code

2015-11-26 Thread Herbert Xu 
On Tue, Nov 24, 2015 at 10:30:06AM -0800, Tim Chen wrote:
>
> On the decrypt path, we don't need to use multi-buffer algorithm
> as aes-cbc decrypt can be parallelized inherently on a single
> request.  So most of the time the outer layer algorithm
> cbc_mb_async_ablk_decrypt can bypass mcryptd and
> invoke mb_aes_cbc_decrypt synchronously
> to do aes_cbc_dec when fpu is available.
> This avoids the overhead of going through mcryptd.  Hence
> the use of blkcipher on the inner layer.  For the mcryptd
> path, we will complete a decrypt request in one shot so
> blkcipher usage should be fine.

I think there is a misunderstanding here.  Just because you're
using/exporting through the ablkcipher interface doesn't mean
that you are asynchrounous.  For example, all blkcipher algorithms
can be accessed through the ablkcipher interface and they of course
remain synchrounous.

So I don't see how using an ablkcipher in the inner layer changes
anything at all.  You can still return immediately and not bother
with completion functions when you are synchrounous.

Cheers,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v4 4/4] crypto: RSA padding algorithm

2015-11-26 Thread Herbert Xu 
Andrew Zaborowski  wrote:
>
> +struct crypto_template rsa_pkcs1pad_tmpl = {
> +   .name = "pkcs1pad",
> +   .create = pkcs1pad_create,
> +   .free = pkcs1pad_free,

Please use inst->free instead (crypto/gcm.c is a good example).

BTW the first two patches are fine so you don't have to post them.

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

ghash-clmulni: does not load

2015-11-26 Thread Stephan Mueller 
Hi Tadeusz,

testing the current cryptodev-2.6 tree, ghash-clmulni does not load. In the 
init function

err = crypto_register_ahash(_async_alg);

returns EINVAL.

Any ideas?

-- 
Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: ghash-clmulni: does not load

2015-11-26 Thread Stephan Mueller 
Am Donnerstag, 26. November 2015, 13:45:26 schrieb Stephan Mueller:

Hi,

>Hi Tadeusz,
>
>testing the current cryptodev-2.6 tree, ghash-clmulni does not load. In the
>init function
>
>   err = crypto_register_ahash(_async_alg);
>
>returns EINVAL.

It looks like the halg.statesize is missing. When I add that field, the insmod 
works. But I do not know which statesize is needed to provide a full patch.


Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

mxs-dcp: Failed to register sha1 hash

2015-11-26 Thread Fabio Estevam 
Hi,

On kernel 4.1.13 and also on 4.4.0-rc2-next-20151126 I see the
following error on mx28:

[2.245453] mxs-dcp 80028000.dcp: Failed to register sha1 hash!
[2.253928] mxs-dcp: probe of 80028000.dcp failed with error -22

Does anyone have any idea how to fix this?

Thanks,

Fabio Estevam
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: mxs-dcp: Failed to register sha1 hash

2015-11-26 Thread Stephan Mueller 
Am Donnerstag, 26. November 2015, 13:14:12 schrieb Fabio Estevam:

Hi Fabio,

> Hi,
> 
> On kernel 4.1.13 and also on 4.4.0-rc2-next-20151126 I see the
> following error on mx28:
> 
> [2.245453] mxs-dcp 80028000.dcp: Failed to register sha1 hash!
> [2.253928] mxs-dcp: probe of 80028000.dcp failed with error -22
> 
> Does anyone have any idea how to fix this?

Briefly looking into drivers/crypto/mxs-dcp.c, it is an ahash and does not 
contain halg.statesize in the algo definitions. Thus it looks very much like 
the same issue that I see with ghash.


-- 
Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: mxs-dcp: Failed to register sha1 hash

2015-11-26 Thread Fabio Estevam 
Hi Stephan,

On Thu, Nov 26, 2015 at 1:25 PM, Stephan Mueller  wrote:

> Briefly looking into drivers/crypto/mxs-dcp.c, it is an ahash and does not
> contain halg.statesize in the algo definitions. Thus it looks very much like
> the same issue that I see with ghash.

Thanks for your suggestion!

You are right: this makes the error goes away:

--- a/drivers/crypto/mxs-dcp.c
+++ b/drivers/crypto/mxs-dcp.c
@@ -836,6 +836,7 @@ static struct ahash_alg dcp_sha1_alg = {
.digest = dcp_sha_digest,
.halg   = {
.digestsize = SHA1_DIGEST_SIZE,
+   .statesize  = sizeof(struct sha1_state),
.base   = {
.cra_name   = "sha1",
.cra_driver_name= "sha1-dcp",
@@ -860,6 +861,7 @@ static struct ahash_alg dcp_sha256_alg = {
.digest = dcp_sha_digest,
.halg   = {
.digestsize = SHA256_DIGEST_SIZE,
+   .statesize  = sizeof(struct sha256_state),
.base   = {
.cra_name   = "sha256",
.cra_driver_name= "sha256-dcp",


Will submit it as a formal patch.

Thanks!
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

ahash and halg.statesize

2015-11-26 Thread Stephan Mueller 
Hi Herbert,

after Fabio's confirmation on the mxs-dcp ahash implementations, I briefly 
looked for the invocation of crypto_register_ahash and found numerous 
invocations. After taking two examples (sahara, n2), I did not find 
halg.statesize.

Thus, I would conclude that none of these ciphers would work currently.

I am currently not sure how to solve that issue as every ahash implementation 
must be assessed for its statesize.

Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: mxs-dcp - Initialize .statesize fields

2015-11-26 Thread Fabio Estevam 
Initialize .statesize fields in order to avoid the following error
on probe:

mxs-dcp 80028000.dcp: Failed to register sha1 hash!
mxs-dcp: probe of 80028000.dcp failed with error -22

Cc:  # 4.1+
Suggested-by: Stephan Mueller 
Signed-off-by: Fabio Estevam 
---
 drivers/crypto/mxs-dcp.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/crypto/mxs-dcp.c b/drivers/crypto/mxs-dcp.c
index 59ed54e..e65d379 100644
--- a/drivers/crypto/mxs-dcp.c
+++ b/drivers/crypto/mxs-dcp.c
@@ -836,6 +836,7 @@ static struct ahash_alg dcp_sha1_alg = {
.digest = dcp_sha_digest,
.halg   = {
.digestsize = SHA1_DIGEST_SIZE,
+   .statesize  = sizeof(struct sha1_state),
.base   = {
.cra_name   = "sha1",
.cra_driver_name= "sha1-dcp",
@@ -860,6 +861,7 @@ static struct ahash_alg dcp_sha256_alg = {
.digest = dcp_sha_digest,
.halg   = {
.digestsize = SHA256_DIGEST_SIZE,
+   .statesize  = sizeof(struct sha256_state),
.base   = {
.cra_name   = "sha256",
.cra_driver_name= "sha256-dcp",
-- 
1.9.1

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] hw_random: core, sleep interruptible in read

2015-11-26 Thread Jiri Slaby 
hwrng kthread can be waiting via hwrng_fillfn for some data from a rng
like virtio-rng:
hwrng   D 880093e17798 0   382  2 0x
...
Call Trace:
 [] wait_for_completion_killable+0x96/0x210
 [] virtio_read+0x57/0xf0 [virtio_rng]
 [] hwrng_fillfn+0x75/0x130
 [] kthread+0xf3/0x110

And when some user program tries to read the /dev node in this state,
we get:
rngdD 880093e17798 0   762  1 0x0004
...
Call Trace:
 [] mutex_lock_nested+0x15c/0x3e0
 [] rng_dev_read+0x6e/0x240
 [] __vfs_read+0x28/0xe0
 [] vfs_read+0x83/0x130

And this is indeed unkillable. So use mutex_lock_interruptible
instead of mutex_lock in rng_dev_read and exit immediatelly when
interrupted. And possibly return already read data, if any (as POSIX
allows).

Signed-off-by: Jiri Slaby 
Cc: Matt Mackall 
Cc: Herbert Xu 
Cc: 
---
 drivers/char/hw_random/core.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/char/hw_random/core.c b/drivers/char/hw_random/core.c
index a064237ff362..f003df162e09 100644
--- a/drivers/char/hw_random/core.c
+++ b/drivers/char/hw_random/core.c
@@ -238,7 +238,10 @@ static ssize_t rng_dev_read(struct file *filp, char __user 
*buf,
goto out;
}
 
-   mutex_lock(_mutex);
+   if (mutex_lock_interruptible(_mutex)) {
+   err = -EINTR;
+   goto out_put;
+   }
if (!data_avail) {
bytes_read = rng_get_data(rng, rng_buffer,
rng_buffer_size(),
@@ -288,6 +291,7 @@ out:
 
 out_unlock_reading:
mutex_unlock(_mutex);
+out_put:
put_rng(rng);
goto out;
 }
-- 
2.6.3

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html