Multitheaded tests showed that the icv buffer in the current ghash
implementation is not handled correctly. A move of this working ghash
buffer value to the descriptor context fixed this. Code is tested and
verified with an multithreaded application via af_alg interface.
Signed-off-by: Harald
Am Donnerstag, 21. Mai 2015, 05:44:08 schrieb Herbert Xu:
Hi Herbert,
On Wed, May 20, 2015 at 10:03:45PM +0200, Stephan Mueller wrote:
@@ -1487,6 +1514,7 @@ unlock:
*/
static int drbg_uninstantiate(struct drbg_state *drbg)
{
+ cancel_work_sync(drbg-seed_work);
This
On Thu, May 21, 2015 at 09:55:17AM +0200, Stephan Mueller wrote:
So, I will create a 2nd wait queue in random.c for uninterruptible waits,
change the get_blocking_random_bytes back to void and use wait_event to wait
for the initialization.
Hold your horses. You don't need a second queue,
Am Donnerstag, 21. Mai 2015, 16:19:54 schrieb Herbert Xu:
Hi Herbert,
On Thu, May 21, 2015 at 09:55:17AM +0200, Stephan Mueller wrote:
So, I will create a 2nd wait queue in random.c for uninterruptible waits,
change the get_blocking_random_bytes back to void and use wait_event to
wait
for
Am Donnerstag, 21. Mai 2015, 05:44:08 schrieb Herbert Xu:
Hi Herbert,
On Wed, May 20, 2015 at 10:03:45PM +0200, Stephan Mueller wrote:
@@ -1487,6 +1514,7 @@ unlock:
*/
static int drbg_uninstantiate(struct drbg_state *drbg)
{
+ cancel_work_sync(drbg-seed_work);
This
Hi:
This series of patches takes the opportunity of the AEAD conversion
to adjust the interface so that it is more optimal for the intended
use-cases.
As it stands, AEAD takes two separate SG lists, one containing the
asssociated data (AD) and one containing the plain/cipher text.
These two
On Thu, May 21, 2015 at 08:10:13AM +0200, Stephan Mueller wrote:
The cancel operation is needed as otherwise my drbg context handle will be
removed by the crypto API during the sleep. That is the whole reason why
wait_event_interruptible is used.
So, even when using an uninterruptible
Am Donnerstag, 21. Mai 2015, 14:36:18 schrieb Herbert Xu:
Hi Herbert,
On Thu, May 21, 2015 at 08:10:13AM +0200, Stephan Mueller wrote:
The cancel operation is needed as otherwise my drbg context handle will be
removed by the crypto API during the sleep. That is the whole reason why
On Thu, May 21, 2015 at 08:53:13AM +0200, Stephan Mueller wrote:
Thank you for pointing that out - I have seen that too. But the crux is that
when using wait_event, the cancel function to serialize the destruction code
path will *not* return at all, even when the async callback function
As AEAD has switched over to using frontend types, the function
crypto_init_spawn must not be used since it does not specify a
frontend type. Otherwise it leads to a crash when the spawn is
used.
This patch fixes it by switching over to crypto_grab_aead instead.
Fixes: 5d1d65f8bea6 (crypto:
This patch adds a default null skcipher for users such as gcm
to perform copies on SG lists.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
crypto/crypto_null.c | 39 +++
include/crypto/null.h |3 +++
2 files changed, 42 insertions(+)
diff
This patch uses the helper crypto_aead_maxauthsize instead of
directly dereferencing aead_alg.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
drivers/crypto/ixp4xx_crypto.c |4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/ixp4xx_crypto.c
As AEAD has switched over to using frontend types, the function
crypto_init_spawn must not be used since it does not specify a
frontend type. Otherwise it leads to a crash when the spawn is
used.
This patch fixes it by switching over to crypto_grab_aead instead.
Fixes: 5d1d65f8bea6 (crypto:
The crypto layer already checks maxauthsize when setauthsize is
called. So there is no need to check it again within setauthsize.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
drivers/crypto/nx/nx-aes-gcm.c |3 ---
1 file changed, 3 deletions(-)
diff --git
This patch adds a check for in scatterwalk_map_and_copy to avoid
copying from the same address to the same address. This is going
to be used for IV copying in AEAD IV generators.
There is no provision for partial overlaps.
This patch also uses the new scatterwalk_ffwd instead of doing
it by
This patch converts the seqiv IV generator to work with the new
AEAD interface where IV generators are just normal AEAD algorithms.
Full backwards compatibility is paramount at this point since
no users have yet switched over to the new interface. Nor can
they switch to the new interface until
This patch adds the basic structure of the new AEAD type. Unlike
the current version, there is no longer any concept of geniv. IV
generation will still be carried out by wrappers but they will be
normal AEAD algorithms that simply take the IPsec sequence number
as the IV.
Signed-off-by: Herbert
This patch makes gcm use the default null skcipher instead of
allocating a new one for each tfm.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
crypto/gcm.c | 23 ++-
1 file changed, 6 insertions(+), 17 deletions(-)
diff --git a/crypto/gcm.c b/crypto/gcm.c
This patch adds a new AEAD IV generator echainiv. It is intended
to replace the existing skcipher IV generator eseqiv.
If the underlying AEAD algorithm is using the old AEAD interface,
then echainiv will simply use its IV generator.
Otherwise, echainiv will encrypt a counter just like eseqiv
This patch adds a new IV generator seqniv which is identical to
seqiv except that it skips the IV when authenticating. This is
intended to be used by algorithms such as rfc4106 that does the
IV authentication implicitly.
Note that the code used for seqniv is in fact identical to the
The primary user of AEAD, IPsec includes the IV in the AD in
most cases, except where it is implicitly authenticated by the
underlying algorithm.
The way it is currently implemented is a hack because we pass
the data in piecemeal and the underlying algorithms try to stitch
them back up into one
This patch adds the helper crypto_aead_maxauthsize to remove the
need to directly dereference aead_alg internals by AEAD implementors.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
include/crypto/internal/aead.h |5 +
1 file changed, 5 insertions(+)
diff --git
This patch adds the scatterwalk_ffwd helper which can create an
SG list that starts in the middle of an existing SG list. The
new list may either be part of the existing list or be a chain
that latches onto part of the existing list.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
This patch is the first step in the introduction of a new AEAD
alg type. Unlike normal conversions this patch only renames the
existing aead_alg structure because there are external references
to it.
Those references will be removed after this patch.
Signed-off-by: Herbert Xu
Am Donnerstag, 21. Mai 2015, 18:39:39 schrieb Herbert Xu:
Hi Herbert,
Hi:
This series of patches convert all in-tree AEAD users that I
could find to the new single SG list interface. For IPsec it
also adopts the new explicit IV generator scheme.
To recap, the old AEAD interface takes an
On Thursday 26 February 2015 14:49:51 Pali Rohár wrote:
Without this patch function pm_runtime_get_sync() returns 0 even when some
omap subfunction fails. This patch properly propagate error codes from omap
functions back to caller.
This patch fix problem, when loading omap-aes driver in
On Thu, 2015-05-21 at 19:50 +0800, Herbert Xu wrote:
On Thu, May 21, 2015 at 01:20:49PM +0200, Johannes Berg wrote:
On Thu, 2015-05-21 at 18:44 +0800, Herbert Xu wrote:
This patch makes use of the new AEAD interface which uses a single
SG list instead of separate lists for the AD and
On Wed, May 20, 2015 at 02:04:02PM +0200, Arnd Bergmann wrote:
On Wednesday 20 May 2015 06:52:03 Suravee Suthikulanit wrote:
On 5/20/2015 5:01 AM, Catalin Marinas wrote:
On Fri, May 15, 2015 at 04:23:09PM -0500, Suravee Suthikulpanit wrote:
+static inline bool acpi_dma_is_supported(struct
On Thu, May 21, 2015 at 01:20:49PM +0200, Johannes Berg wrote:
On Thu, 2015-05-21 at 18:44 +0800, Herbert Xu wrote:
This patch makes use of the new AEAD interface which uses a single
SG list instead of separate lists for the AD and plain text.
Looks fine - want me to run any tests on it?
This patch makes use of the new AEAD interface which uses a single
SG list instead of separate lists for the AD and plain text. The
IV generation is also now carried out through normal AEAD methods.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
net/ipv4/esp4.c | 197
This patch makes use of the new AEAD interface which uses a single
SG list instead of separate lists for the AD and plain text. The
IV generation is also now carried out through normal AEAD methods.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
net/ipv6/esp6.c | 197
This patch makes use of the new AEAD interface which uses a single
SG list instead of separate lists for the AD and plain text.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
net/mac802154/llsec.c | 41 ++---
1 file changed, 14 insertions(+), 27
This patch makes use of the new AEAD interface which uses a single
SG list instead of separate lists for the AD and plain text.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
net/mac80211/aes_ccm.c | 30 ++
net/mac80211/aes_gcm.c | 30
On Thu, 2015-05-21 at 18:44 +0800, Herbert Xu wrote:
This patch makes use of the new AEAD interface which uses a single
SG list instead of separate lists for the AD and plain text.
Looks fine - want me to run any tests on it?
johannes
--
To unsubscribe from this list: send the line
Hi:
This series of patches convert all in-tree AEAD users that I
could find to the new single SG list interface. For IPsec it
also adopts the new explicit IV generator scheme.
To recap, the old AEAD interface takes an associated data (AD)
SG list in addition to the plain/cipher text SG list(s).
This patch makes use of the new AEAD interface which uses a single
SG list instead of separate lists for the AD and plain text.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
crypto/testmgr.c | 84 +++
1 file changed, 48
This patch adds IV generator information to xfrm_state. This
is currently obtained from our own list of algorithm descriptions.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
include/net/xfrm.h |1 +
net/key/af_key.c |1 +
net/xfrm/xfrm_user.c | 40
This patch adds IV generator information for each AEAD and block
cipher to xfrm_algo_desc. This will be used to access the new
AEAD interface.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
---
include/net/xfrm.h |2 ++
net/xfrm/xfrm_algo.c | 16
2 files
On Thursday 21 May 2015 14:01:16 Catalin Marinas wrote:
On Wed, May 20, 2015 at 02:04:02PM +0200, Arnd Bergmann wrote:
On Wednesday 20 May 2015 06:52:03 Suravee Suthikulanit wrote:
Ok. That seems to be what Arnd would prefer as well. Let's just leave
the support for _CCA=0 out until
On Thu, May 21, 2015 at 12:03:47PM -0400, David Miller wrote:
No objections on my end.
I assume since the dependencies exist in the crypto tree, you'll
want to merge this series there right?
Yes that's probably the easiest path.
Thanks,
--
Email: Herbert Xu herb...@gondor.apana.org.au
On Thu, May 21, 2015 at 02:29:10PM +0200, Stephan Mueller wrote:
Wouldn't algif_aead be also a candiate for the transition? The current
implementation of aead_recvmsg() splits the one SGL it received from user
space into two: one for AD and one for the ciphertext.
Yes of course, that's what
On Thu, May 21, 2015 at 03:17:39PM -0400, Theodore Ts'o wrote:
Yes, this should definitely be wake_up_all()
Thanks for the confirmation. Can I push this patch through the
cryptodev tree since Stephan's work is probably going to depend
on it?
Cheers,
--
Email: Herbert Xu
On Thu, May 21, 2015 at 10:01:11AM +0200, Harald Freudenberger wrote:
Multitheaded tests showed that the icv buffer in the current ghash
implementation is not handled correctly. A move of this working ghash
buffer value to the descriptor context fixed this. Code is tested and
verified with an
On Wed, May 20, 2015 at 03:21:54PM +0200, Stephan Mueller wrote:
Due to the recent update of the kernel crypto API header files,
locations of function definitions and their documentation have changed.
Signed-off-by: Stephan Mueller smuel...@chronox.de
Applied.
--
Email: Herbert Xu
Hi Linus:
This push fixes the following issues:
* Crash in the newly added algif_aead interface when it tries to
link SG lists.
* ICV corruption in s390/ghash when the same tfm is used by more
than one thread.
Please pull from
On Thu, May 21, 2015 at 02:17:44PM +0200, Johannes Berg wrote:
Do you have a branch somewhere with all of that?
OK the prerequisite patches are now in cryptodev.
Thanks,
--
Email: Herbert Xu herb...@gondor.apana.org.au
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key:
On Thu, May 21, 2015 at 04:19:54PM +0800, Herbert Xu wrote:
On Thu, May 21, 2015 at 09:55:17AM +0200, Stephan Mueller wrote:
So, I will create a 2nd wait queue in random.c for uninterruptible waits,
change the get_blocking_random_bytes back to void and use wait_event to
wait
for the
Signed-off-by: Harald Freudenberger fre...@linux.vnet.ibm.com
---
crypto/testmgr.h | 59 +-
1 file changed, 58 insertions(+), 1 deletion(-)
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 90f43b9..6003143 100644
--- a/crypto/testmgr.h
From: Herbert Xu herb...@gondor.apana.org.au
Date: Thu, 21 May 2015 18:39:39 +0800
This series of patches convert all in-tree AEAD users that I
could find to the new single SG list interface. For IPsec it
also adopts the new explicit IV generator scheme.
No objections on my end.
I assume
49 matches
Mail list logo