[PATCH 2/2] crypto: CRYPTO_DEV_MEDIATEK should depend on HAS_DMA

[Geert Uytterhoeven]

If NO_DMA=y:

ERROR: "bad_dma_ops" [drivers/crypto/mediatek/mtk-crypto.ko] undefined!

Add a dependency on HAS_DMA to fix this.

Fixes: 7dee9f618790d0b7 ("crypto: mediatek - remove ARM dependencies")
Signed-off-by: Geert Uytterhoeven 
---
 drivers/crypto/Kconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index 69f7fc0dc84dc3b9..a7ff6e5d0ba92cb7 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -571,6 +571,7 @@ config CRYPTO_DEV_ROCKCHIP
 
 config CRYPTO_DEV_MEDIATEK
tristate "MediaTek's EIP97 Cryptographic Engine driver"
+   depends on HAS_DMA
depends on (ARM && ARCH_MEDIATEK) || COMPILE_TEST
select CRYPTO_AES
select CRYPTO_AEAD
-- 
2.7.4

[PATCH 1/2] crypto: CRYPTO_DEV_ATMEL_TDES and CRYPTO_DEV_ATMEL_SHA should depend on HAS_DMA

[Geert Uytterhoeven]

If NO_DMA=y:

ERROR: "bad_dma_ops" [drivers/crypto/atmel-tdes.ko] undefined!
ERROR: "bad_dma_ops" [drivers/crypto/atmel-sha.ko] undefined!

Add dependencies on HAS_DMA to fix this.

Fixes: ceb4afb3086ab08f ("crypto: atmel - refine Kconfig dependencies")
Signed-off-by: Geert Uytterhoeven 
---
 drivers/crypto/Kconfig | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index 2cac445b02fde0f6..69f7fc0dc84dc3b9 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -445,6 +445,7 @@ config CRYPTO_DEV_ATMEL_AES
 
 config CRYPTO_DEV_ATMEL_TDES
tristate "Support for Atmel DES/TDES hw accelerator"
+   depends on HAS_DMA
depends on ARCH_AT91 || COMPILE_TEST
select CRYPTO_DES
select CRYPTO_BLKCIPHER
@@ -458,6 +459,7 @@ config CRYPTO_DEV_ATMEL_TDES
 
 config CRYPTO_DEV_ATMEL_SHA
tristate "Support for Atmel SHA hw accelerator"
+   depends on HAS_DMA
depends on ARCH_AT91 || COMPILE_TEST
select CRYPTO_HASH
help
-- 
2.7.4

Re: [PATCH] crypto: brcm: fix spelling mistake: "genereate" -> "generate"

[Steve Lin]

Looks good, thanks!

Acked-by: Steve Lin 

On Wed, Feb 22, 2017 at 6:51 PM, Colin King  wrote:
> From: Colin Ian King 
>
> trivial fix to spelling mistake in pr_err message
>
> Signed-off-by: Colin Ian King 
> ---
>  drivers/crypto/bcm/util.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/bcm/util.c b/drivers/crypto/bcm/util.c
> index 0502f46..430c557 100644
> --- a/drivers/crypto/bcm/util.c
> +++ b/drivers/crypto/bcm/util.c
> @@ -312,7 +312,7 @@ int do_shash(unsigned char *name, unsigned char *result,
> }
> rc = crypto_shash_final(>shash, result);
> if (rc)
> -   pr_err("%s: Could not genereate %s hash", __func__, name);
> +   pr_err("%s: Could not generate %s hash", __func__, name);
>
>  do_shash_err:
> crypto_free_shash(hash);
> --
> 2.10.2
>

Re: crypto: hang in crypto_larval_lookup

[Harald Freudenberger]

On 02/24/2017 11:32 AM, Harald Freudenberger wrote:
> On 02/24/2017 09:42 AM, Harald Freudenberger wrote:
...
>> ...
>> Feb 24 09:28:10 r35lp49 kernel: 
>> ->crypto_larval_lookup(name=aes,type=0x0405,mask=0x248c)
>> Feb 24 09:28:10 r35lp49 kernel:   crypto_larval_lookup calling 
>> crypto_alg_lookup(aes,0x0405,0x248c)
>> Feb 24 09:28:10 r35lp49 kernel: ->__crypto_alg_lookup(name=aes)
>> Feb 24 09:28:10 r35lp49 kernel: <-__crypto_alg_lookup(name=aes) alg= 
>>  (null)
>> Feb 24 09:28:10 r35lp49 kernel:   crypto_larval_lookup calling 
>> request_module(crypto-aes)
>> Feb 24 09:28:10 r35lp49 kernel:   crypto_larval_lookup calling 
>> request_module(crypto-aes-all)
>>
>> type=0x0405 = CRYPTO_ALG_TESTED, CRYPTO_ALG_TYPE_SKCIPHER
>> mask=0x248c = CRYPTO_ALG_INTERNAL, CRYPTO_ALG_TESTED, CRYPTO_ALG_ASYNC, 
>> CRYPTO_ALG_TYPE_BLKCIPHER_MASK
>>
> I catched it: Thanks Herbert for your hint. The aes algorith registers with:
>   .cra_flags = CRYPTO_ALG_TYPE_CIPHER |CRYPTO_ALG_NEED_FALLBACK
> so later at __crypto_alg_lookup(aes, 0x0405, 0x248c)
> this alg is not choosen because the check
>   if ((q->cra_flags ^ type) & mask)
> is true q->cra_flags = 0x0501 ^ 0x0405 & 0x248x => 0x0004
>
> @Martin, I'll commit a patch asap.
>
> Thanks for your help :-)
>
> regards, H.Freudenberger
>
rollback. Changing the cra_flag CRYPTO_ALG_TYPE_SKCIPHER in the crypto_alg
registration struct is not the right way.
continuing evaluation ...

[RFC] how to handle AAD copy operation for algif_aead

[Stephan Müller]

Hi Herbert et al,

attached are two patches where each patch has a different approach to copy the 
AAD in the algif_aead operation. I would like to hear your opinion which 
approach should be taken.

The patch 0001-crypto-algif_aead-copy-AAD-from-src-to-dst_separate.patch 
simply copies the AAD over from TX SGL to RX SGL. The pro is that the patch is 
small. The con is that this approach does *not* provide an in-place crypto 
operation.

The patch 0001-crypto-algif_aead-copy-AAD-from-src-to-dst_inplace.patch copies 
the AAD and the PT/CT from TX SGL into the RX SGL. In addition, this patch 
chains the SGL with the tag value part present in the TX SGL to the RX SGL in 
case of decryption. This implies that we have an in-place cipher operation 
operating in the RX SGL. Though, the patch is significantly larger.

(note: the patches are NOT meant for inclusion, but only for discussion -- yet 
both code parts are fully tested with by test framework in libkcapi).

Ciao
Stephan>From 2135854799e3c8b2b6ea395941a21a6ab6b72823 Mon Sep 17 00:00:00 2001
From: Stephan Mueller 
Date: Fri, 24 Feb 2017 14:09:47 +0100
Subject: [PATCH] crypto: algif_aead - copy AAD from src to dst

Use the NULL cipher to copy the AAD and PT/CT from the TX SGL
to the RX SGL. This allows an in-place crypto operation on the
RX SGL for encryption, because the TX data is always smaller or
equal to the RX data (the RX data will hold the tag).

For decryption, a per-request TX SGL is created which will only hold
the tag value. As the RX SGL will have no space for the tag value and
an in-place operation will not write the tag buffer, the TX SGL with the
tag value is chained to the RX SGL. This now allows an in-place
crypto operation.

Signed-off-by: Stephan Mueller 
---
 crypto/Kconfig  |   2 +
 crypto/algif_aead.c | 106 ++--
 2 files changed, 88 insertions(+), 20 deletions(-)

diff --git a/crypto/Kconfig b/crypto/Kconfig
index 5a51b87..bfa531d 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -1735,6 +1735,8 @@ config CRYPTO_USER_API_AEAD
 	tristate "User-space interface for AEAD cipher algorithms"
 	depends on NET
 	select CRYPTO_AEAD
+	select CRYPTO_BLKCIPHER
+	select CRYPTO_NULL
 	select CRYPTO_USER_API
 	help
 	  This option enables the user-spaces interface for AEAD
diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c
index 050a866..cdf7c10 100644
--- a/crypto/algif_aead.c
+++ b/crypto/algif_aead.c
@@ -30,6 +30,8 @@
 #include 
 #include 
 #include 
+#include 
+#include 
 #include 
 #include 
 #include 
@@ -82,6 +84,7 @@ struct aead_ctx {
 
 	unsigned int len;	/* Length of allocated memory for this struct */
 	struct crypto_aead *aead_tfm;
+	struct crypto_skcipher *null;
 };
 
 static DECLARE_WAIT_QUEUE_HEAD(aead_aio_finish_wait);
@@ -171,7 +174,7 @@ static unsigned int aead_count_tsgl(struct sock *sk, size_t bytes)
 }
 
 static void aead_pull_tsgl(struct sock *sk, size_t used,
-			   struct scatterlist *dst)
+			   struct scatterlist *dst, size_t dst_offset)
 {
 	struct alg_sock *ask = alg_sk(sk);
 	struct aead_ctx *ctx = ask->private;
@@ -195,8 +198,16 @@ static void aead_pull_tsgl(struct sock *sk, size_t used,
 			 * Assumption: caller created aead_count_tsgl(len)
 			 * SG entries in dst.
 			 */
-			if (dst)
-sg_set_page(dst + i, page, plen, sg[i].offset);
+			if (dst) {
+if (dst_offset > plen)
+	dst_offset -= plen;
+else {
+	sg_set_page(dst + i, page,
+		plen - dst_offset,
+		sg[i].offset + dst_offset);
+	dst_offset = 0;
+}
+			}
 
 			sg[i].length -= plen;
 			sg[i].offset += plen;
@@ -207,7 +218,7 @@ static void aead_pull_tsgl(struct sock *sk, size_t used,
 			if (sg[i].length)
 return;
 
-			if (!dst)
+			if (!dst || dst_offset)
 put_page(page);
 			sg_assign_page(sg + i, NULL);
 		}
@@ -559,6 +570,20 @@ static void aead_async_cb(struct crypto_async_request *_req, int err)
 	wake_up_interruptible(_aio_finish_wait);
 }
 
+static int crypto_aead_copy_sgl(struct crypto_skcipher *null,
+struct scatterlist *src,
+struct scatterlist *dst, unsigned int len)
+{
+	SKCIPHER_REQUEST_ON_STACK(skreq, null);
+
+	skcipher_request_set_tfm(skreq, null);
+	skcipher_request_set_callback(skreq, CRYPTO_TFM_REQ_MAY_BACKLOG,
+  NULL, NULL);
+	skcipher_request_set_crypt(skreq, src, dst, len, NULL);
+
+	return crypto_skcipher_encrypt(skreq);
+}
+
 static int aead_recvmsg(struct socket *sock, struct msghdr *msg, size_t ignored,
 			int flags)
 {
@@ -571,6 +596,7 @@ static int aead_recvmsg(struct socket *sock, struct msghdr *msg, size_t ignored,
 		sizeof(struct aead_async_req) + crypto_aead_reqsize(tfm);
 	struct aead_async_req *areq;
 	struct aead_rsgl *last_rsgl = NULL;
+	struct aead_tsgl *tsgl;
 	int err = -EINVAL;
 	size_t used = 0;		/* [in]  TX bufs to be en/decrypted */
 	size_t outlen = 0;		/* [out] RX bufs produced by kernel */
@@ -687,25 +713,55 @@ static int aead_recvmsg(struct socket 

[PATCH v2 1/2] crypto: vmx - Use skcipher for cbc fallback

[Paulo Flabiano Smorigo]

Signed-off-by: Paulo Flabiano Smorigo 
---
 drivers/crypto/vmx/aes_cbc.c | 44 ++--
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/drivers/crypto/vmx/aes_cbc.c b/drivers/crypto/vmx/aes_cbc.c
index 94ad5c0..2bb5910 100644
--- a/drivers/crypto/vmx/aes_cbc.c
+++ b/drivers/crypto/vmx/aes_cbc.c
@@ -27,11 +27,12 @@
 #include 
 #include 
 #include 
+#include 
 
 #include "aesp8-ppc.h"
 
 struct p8_aes_cbc_ctx {
-   struct crypto_blkcipher *fallback;
+   struct crypto_skcipher *fallback;
struct aes_key enc_key;
struct aes_key dec_key;
 };
@@ -39,7 +40,7 @@ struct p8_aes_cbc_ctx {
 static int p8_aes_cbc_init(struct crypto_tfm *tfm)
 {
const char *alg;
-   struct crypto_blkcipher *fallback;
+   struct crypto_skcipher *fallback;
struct p8_aes_cbc_ctx *ctx = crypto_tfm_ctx(tfm);
 
if (!(alg = crypto_tfm_alg_name(tfm))) {
@@ -47,8 +48,9 @@ static int p8_aes_cbc_init(struct crypto_tfm *tfm)
return -ENOENT;
}
 
-   fallback =
-   crypto_alloc_blkcipher(alg, 0, CRYPTO_ALG_NEED_FALLBACK);
+   fallback = crypto_alloc_skcipher(alg, 0,
+   CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK);
+
if (IS_ERR(fallback)) {
printk(KERN_ERR
   "Failed to allocate transformation for '%s': %ld\n",
@@ -58,9 +60,9 @@ static int p8_aes_cbc_init(struct crypto_tfm *tfm)
printk(KERN_INFO "Using '%s' as fallback implementation.\n",
   crypto_tfm_alg_driver_name((struct crypto_tfm *) fallback));
 
-   crypto_blkcipher_set_flags(
+   crypto_skcipher_set_flags(
fallback,
-   crypto_blkcipher_get_flags((struct crypto_blkcipher *)tfm));
+   crypto_skcipher_get_flags((struct crypto_skcipher *)tfm));
ctx->fallback = fallback;
 
return 0;
@@ -71,7 +73,7 @@ static void p8_aes_cbc_exit(struct crypto_tfm *tfm)
struct p8_aes_cbc_ctx *ctx = crypto_tfm_ctx(tfm);
 
if (ctx->fallback) {
-   crypto_free_blkcipher(ctx->fallback);
+   crypto_free_skcipher(ctx->fallback);
ctx->fallback = NULL;
}
 }
@@ -91,7 +93,7 @@ static int p8_aes_cbc_setkey(struct crypto_tfm *tfm, const u8 
*key,
pagefault_enable();
preempt_enable();
 
-   ret += crypto_blkcipher_setkey(ctx->fallback, key, keylen);
+   ret += crypto_skcipher_setkey(ctx->fallback, key, keylen);
return ret;
 }
 
@@ -103,15 +105,14 @@ static int p8_aes_cbc_encrypt(struct blkcipher_desc *desc,
struct blkcipher_walk walk;
struct p8_aes_cbc_ctx *ctx =
crypto_tfm_ctx(crypto_blkcipher_tfm(desc->tfm));
-   struct blkcipher_desc fallback_desc = {
-   .tfm = ctx->fallback,
-   .info = desc->info,
-   .flags = desc->flags
-   };
 
if (in_interrupt()) {
-   ret = crypto_blkcipher_encrypt(_desc, dst, src,
-  nbytes);
+   SKCIPHER_REQUEST_ON_STACK(req, ctx->fallback);
+   skcipher_request_set_tfm(req, ctx->fallback);
+   skcipher_request_set_callback(req, desc->flags, NULL, NULL);
+   skcipher_request_set_crypt(req, src, dst, nbytes, desc->info);
+   ret = crypto_skcipher_encrypt(req);
+   skcipher_request_zero(req);
} else {
preempt_disable();
pagefault_disable();
@@ -144,15 +145,14 @@ static int p8_aes_cbc_decrypt(struct blkcipher_desc *desc,
struct blkcipher_walk walk;
struct p8_aes_cbc_ctx *ctx =
crypto_tfm_ctx(crypto_blkcipher_tfm(desc->tfm));
-   struct blkcipher_desc fallback_desc = {
-   .tfm = ctx->fallback,
-   .info = desc->info,
-   .flags = desc->flags
-   };
 
if (in_interrupt()) {
-   ret = crypto_blkcipher_decrypt(_desc, dst, src,
-  nbytes);
+   SKCIPHER_REQUEST_ON_STACK(req, ctx->fallback);
+   skcipher_request_set_tfm(req, ctx->fallback);
+   skcipher_request_set_callback(req, desc->flags, NULL, NULL);
+   skcipher_request_set_crypt(req, src, dst, nbytes, desc->info);
+   ret = crypto_skcipher_decrypt(req);
+   skcipher_request_zero(req);
} else {
preempt_disable();
pagefault_disable();
-- 
2.7.4

[PATCH v2 2/2] crypto: vmx - Use skcipher for xts fallback

[Paulo Flabiano Smorigo]

Signed-off-by: Paulo Flabiano Smorigo 
---
 drivers/crypto/vmx/aes_xts.c | 30 +++---
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/drivers/crypto/vmx/aes_xts.c b/drivers/crypto/vmx/aes_xts.c
index 24353ec3..a1e653a 100644
--- a/drivers/crypto/vmx/aes_xts.c
+++ b/drivers/crypto/vmx/aes_xts.c
@@ -28,11 +28,12 @@
 #include 
 #include 
 #include 
+#include 
 
 #include "aesp8-ppc.h"
 
 struct p8_aes_xts_ctx {
-   struct crypto_blkcipher *fallback;
+   struct crypto_skcipher *fallback;
struct aes_key enc_key;
struct aes_key dec_key;
struct aes_key tweak_key;
@@ -41,7 +42,7 @@ struct p8_aes_xts_ctx {
 static int p8_aes_xts_init(struct crypto_tfm *tfm)
 {
const char *alg;
-   struct crypto_blkcipher *fallback;
+   struct crypto_skcipher *fallback;
struct p8_aes_xts_ctx *ctx = crypto_tfm_ctx(tfm);
 
if (!(alg = crypto_tfm_alg_name(tfm))) {
@@ -49,8 +50,8 @@ static int p8_aes_xts_init(struct crypto_tfm *tfm)
return -ENOENT;
}
 
-   fallback =
-   crypto_alloc_blkcipher(alg, 0, CRYPTO_ALG_NEED_FALLBACK);
+   fallback = crypto_alloc_skcipher(alg, 0,
+   CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK);
if (IS_ERR(fallback)) {
printk(KERN_ERR
"Failed to allocate transformation for '%s': %ld\n",
@@ -60,9 +61,9 @@ static int p8_aes_xts_init(struct crypto_tfm *tfm)
printk(KERN_INFO "Using '%s' as fallback implementation.\n",
crypto_tfm_alg_driver_name((struct crypto_tfm *) fallback));
 
-   crypto_blkcipher_set_flags(
+   crypto_skcipher_set_flags(
fallback,
-   crypto_blkcipher_get_flags((struct crypto_blkcipher *)tfm));
+   crypto_skcipher_get_flags((struct crypto_skcipher *)tfm));
ctx->fallback = fallback;
 
return 0;
@@ -73,7 +74,7 @@ static void p8_aes_xts_exit(struct crypto_tfm *tfm)
struct p8_aes_xts_ctx *ctx = crypto_tfm_ctx(tfm);
 
if (ctx->fallback) {
-   crypto_free_blkcipher(ctx->fallback);
+   crypto_free_skcipher(ctx->fallback);
ctx->fallback = NULL;
}
 }
@@ -98,7 +99,7 @@ static int p8_aes_xts_setkey(struct crypto_tfm *tfm, const u8 
*key,
pagefault_enable();
preempt_enable();
 
-   ret += crypto_blkcipher_setkey(ctx->fallback, key, keylen);
+   ret += crypto_skcipher_setkey(ctx->fallback, key, keylen);
return ret;
 }
 
@@ -113,15 +114,14 @@ static int p8_aes_xts_crypt(struct blkcipher_desc *desc,
struct blkcipher_walk walk;
struct p8_aes_xts_ctx *ctx =
crypto_tfm_ctx(crypto_blkcipher_tfm(desc->tfm));
-   struct blkcipher_desc fallback_desc = {
-   .tfm = ctx->fallback,
-   .info = desc->info,
-   .flags = desc->flags
-   };
 
if (in_interrupt()) {
-   ret = enc ? crypto_blkcipher_encrypt(_desc, dst, src, 
nbytes) :
-crypto_blkcipher_decrypt(_desc, dst, src, 
nbytes);
+   SKCIPHER_REQUEST_ON_STACK(req, ctx->fallback);
+   skcipher_request_set_tfm(req, ctx->fallback);
+   skcipher_request_set_callback(req, desc->flags, NULL, NULL);
+   skcipher_request_set_crypt(req, src, dst, nbytes, desc->info);
+   ret = enc? crypto_skcipher_encrypt(req) : 
crypto_skcipher_decrypt(req);
+   skcipher_request_zero(req);
} else {
preempt_disable();
pagefault_disable();
-- 
2.7.4

[PATCH 1/2] crypto: kpp - constify buffer passed to crypto_kpp_set_secret()

[Eric Biggers]

From: Eric Biggers 

Constify the buffer passed to crypto_kpp_set_secret() and
kpp_alg.set_secret, since it is never modified.

Signed-off-by: Eric Biggers 
---
 crypto/dh.c   | 3 ++-
 crypto/ecdh.c | 3 ++-
 drivers/crypto/qat/qat_common/qat_asym_algs.c | 2 +-
 include/crypto/kpp.h  | 6 +++---
 4 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/crypto/dh.c b/crypto/dh.c
index ddcb528ab2cc..87e3542cf1b8 100644
--- a/crypto/dh.c
+++ b/crypto/dh.c
@@ -79,7 +79,8 @@ static int dh_set_params(struct dh_ctx *ctx, struct dh 
*params)
return 0;
 }
 
-static int dh_set_secret(struct crypto_kpp *tfm, void *buf, unsigned int len)
+static int dh_set_secret(struct crypto_kpp *tfm, const void *buf,
+unsigned int len)
 {
struct dh_ctx *ctx = dh_get_ctx(tfm);
struct dh params;
diff --git a/crypto/ecdh.c b/crypto/ecdh.c
index 3de289806d67..63ca33771e4e 100644
--- a/crypto/ecdh.c
+++ b/crypto/ecdh.c
@@ -38,7 +38,8 @@ static unsigned int ecdh_supported_curve(unsigned int 
curve_id)
}
 }
 
-static int ecdh_set_secret(struct crypto_kpp *tfm, void *buf, unsigned int len)
+static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf,
+  unsigned int len)
 {
struct ecdh_ctx *ctx = ecdh_get_ctx(tfm);
struct ecdh params;
diff --git a/drivers/crypto/qat/qat_common/qat_asym_algs.c 
b/drivers/crypto/qat/qat_common/qat_asym_algs.c
index 0d35dca2e925..2aab80bc241f 100644
--- a/drivers/crypto/qat/qat_common/qat_asym_algs.c
+++ b/drivers/crypto/qat/qat_common/qat_asym_algs.c
@@ -491,7 +491,7 @@ static void qat_dh_clear_ctx(struct device *dev, struct 
qat_dh_ctx *ctx)
ctx->g2 = false;
 }
 
-static int qat_dh_set_secret(struct crypto_kpp *tfm, void *buf,
+static int qat_dh_set_secret(struct crypto_kpp *tfm, const void *buf,
 unsigned int len)
 {
struct qat_dh_ctx *ctx = kpp_tfm_ctx(tfm);
diff --git a/include/crypto/kpp.h b/include/crypto/kpp.h
index 4307a2f2365f..ce8e1f79374b 100644
--- a/include/crypto/kpp.h
+++ b/include/crypto/kpp.h
@@ -74,7 +74,7 @@ struct crypto_kpp {
  * @base:  Common crypto API algorithm data structure
  */
 struct kpp_alg {
-   int (*set_secret)(struct crypto_kpp *tfm, void *buffer,
+   int (*set_secret)(struct crypto_kpp *tfm, const void *buffer,
  unsigned int len);
int (*generate_public_key)(struct kpp_request *req);
int (*compute_shared_secret)(struct kpp_request *req);
@@ -273,8 +273,8 @@ struct kpp_secret {
  *
  * Return: zero on success; error code in case of error
  */
-static inline int crypto_kpp_set_secret(struct crypto_kpp *tfm, void *buffer,
-   unsigned int len)
+static inline int crypto_kpp_set_secret(struct crypto_kpp *tfm,
+   const void *buffer, unsigned int len)
 {
struct kpp_alg *alg = crypto_kpp_alg(tfm);
 
-- 
2.11.0.483.g087da7b7c-goog

[PATCH 2/2] crypto: testmgr - constify all test vectors

[Eric Biggers]

From: Eric Biggers 

Cryptographic test vectors should never be modified, so constify them to
enforce this at both compile-time and run-time.  This moves a significant
amount of data from .data to .rodata when the crypto tests are enabled.

Signed-off-by: Eric Biggers 
---
 crypto/testmgr.c |  71 
 crypto/testmgr.h | 512 +++
 2 files changed, 297 insertions(+), 286 deletions(-)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index f9c378af3907..89f1dd1f4b13 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -83,47 +83,47 @@ struct tcrypt_result {
 
 struct aead_test_suite {
struct {
-   struct aead_testvec *vecs;
+   const struct aead_testvec *vecs;
unsigned int count;
} enc, dec;
 };
 
 struct cipher_test_suite {
struct {
-   struct cipher_testvec *vecs;
+   const struct cipher_testvec *vecs;
unsigned int count;
} enc, dec;
 };
 
 struct comp_test_suite {
struct {
-   struct comp_testvec *vecs;
+   const struct comp_testvec *vecs;
unsigned int count;
} comp, decomp;
 };
 
 struct hash_test_suite {
-   struct hash_testvec *vecs;
+   const struct hash_testvec *vecs;
unsigned int count;
 };
 
 struct cprng_test_suite {
-   struct cprng_testvec *vecs;
+   const struct cprng_testvec *vecs;
unsigned int count;
 };
 
 struct drbg_test_suite {
-   struct drbg_testvec *vecs;
+   const struct drbg_testvec *vecs;
unsigned int count;
 };
 
 struct akcipher_test_suite {
-   struct akcipher_testvec *vecs;
+   const struct akcipher_testvec *vecs;
unsigned int count;
 };
 
 struct kpp_test_suite {
-   struct kpp_testvec *vecs;
+   const struct kpp_testvec *vecs;
unsigned int count;
 };
 
@@ -145,7 +145,8 @@ struct alg_test_desc {
} suite;
 };
 
-static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 
};
+static const unsigned int IDX[8] = {
+   IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 };
 
 static void hexdump(unsigned char *buf, unsigned int len)
 {
@@ -203,7 +204,7 @@ static int wait_async_op(struct tcrypt_result *tr, int ret)
 }
 
 static int ahash_partial_update(struct ahash_request **preq,
-   struct crypto_ahash *tfm, struct hash_testvec *template,
+   struct crypto_ahash *tfm, const struct hash_testvec *template,
void *hash_buff, int k, int temp, struct scatterlist *sg,
const char *algo, char *result, struct tcrypt_result *tresult)
 {
@@ -260,9 +261,9 @@ static int ahash_partial_update(struct ahash_request **preq,
return ret;
 }
 
-static int __test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
-  unsigned int tcount, bool use_digest,
-  const int align_offset)
+static int __test_hash(struct crypto_ahash *tfm,
+  const struct hash_testvec *template, unsigned int tcount,
+  bool use_digest, const int align_offset)
 {
const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm));
size_t digest_size = crypto_ahash_digestsize(tfm);
@@ -538,7 +539,8 @@ static int __test_hash(struct crypto_ahash *tfm, struct 
hash_testvec *template,
return ret;
 }
 
-static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
+static int test_hash(struct crypto_ahash *tfm,
+const struct hash_testvec *template,
 unsigned int tcount, bool use_digest)
 {
unsigned int alignmask;
@@ -566,7 +568,7 @@ static int test_hash(struct crypto_ahash *tfm, struct 
hash_testvec *template,
 }
 
 static int __test_aead(struct crypto_aead *tfm, int enc,
-  struct aead_testvec *template, unsigned int tcount,
+  const struct aead_testvec *template, unsigned int tcount,
   const bool diff_dst, const int align_offset)
 {
const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
@@ -957,7 +959,7 @@ static int __test_aead(struct crypto_aead *tfm, int enc,
 }
 
 static int test_aead(struct crypto_aead *tfm, int enc,
-struct aead_testvec *template, unsigned int tcount)
+const struct aead_testvec *template, unsigned int tcount)
 {
unsigned int alignmask;
int ret;
@@ -990,7 +992,8 @@ static int test_aead(struct crypto_aead *tfm, int enc,
 }
 
 static int test_cipher(struct crypto_cipher *tfm, int enc,
-  struct cipher_testvec *template, unsigned int tcount)
+  const struct cipher_testvec *template,
+  unsigned int tcount)
 {
const char *algo = crypto_tfm_alg_driver_name(crypto_cipher_tfm(tfm));
unsigned int i, j, k;
@@ -1068,7 +1071,8 @@ static 

[PATCH 0/2] crypto: constify test vectors

[Eric Biggers]

From: Eric Biggers 

These two patches mark all the cryptographic test vectors as 'const'.
This has several potential advantages and moves a large amount of data
from .data to .rodata when the tests are enabled.  The second patch does
the real work; the first just prepares for it by updating a function to
take a const buffer argument.

Eric Biggers (2):
  crypto: kpp - constify buffer passed to crypto_kpp_set_secret()
  crypto: testmgr - constify all test vectors

 crypto/dh.c   |   3 +-
 crypto/ecdh.c |   3 +-
 crypto/testmgr.c  |  71 ++--
 crypto/testmgr.h  | 512 +-
 drivers/crypto/qat/qat_common/qat_asym_algs.c |   2 +-
 include/crypto/kpp.h  |   6 +-
 6 files changed, 305 insertions(+), 292 deletions(-)

-- 
2.11.0.483.g087da7b7c-goog