Re: [PATCH] crypto: reorder paes test lexicographically

[Corentin Labbe]

On Fri, May 11, 2018 at 09:04:06AM +0100, Gilad Ben-Yossef wrote:
> Due to a snafu "paes" testmgr tests were not ordered
> lexicographically, which led to boot time warnings.
> Reorder the tests as needed.
> 
> Fixes: a794d8d ("crypto: ccree - enable support for hardware keys")
> Reported-by: Abdul Haleem <abdha...@linux.vnet.ibm.com>
> Signed-off-by: Gilad Ben-Yossef <gi...@benyossef.com>

Tested-by: Corentin Labbe <clabbe.montj...@gmail.com>

Thanks

Re: [PATCH] crypto: caam: - Use kmemdup() function

[Corentin Labbe]

On Mon, Apr 16, 2018 at 11:05:14AM -0300, Fabio Estevam wrote:
> From: Fabio Estevam 
> 
> Use kmemdup() rather than duplicating its implementation.
> 
> Detected with Coccinelle script.
> 
> Signed-off-by: Fabio Estevam 
> ---
>  drivers/crypto/caam/caampkc.c | 4 +---
>  1 file changed, 1 insertion(+), 3 deletions(-)
> 
> diff --git a/drivers/crypto/caam/caampkc.c b/drivers/crypto/caam/caampkc.c
> index 979072b..c3518ce 100644
> --- a/drivers/crypto/caam/caampkc.c
> +++ b/drivers/crypto/caam/caampkc.c
> @@ -789,12 +789,10 @@ static inline u8 *caam_read_raw_data(const u8 *buf, 
> size_t *nbytes)
>   if (!*nbytes)
>   return NULL;
>  
> - val = kzalloc(*nbytes, GFP_DMA | GFP_KERNEL);
> + val = kmemdup(buf, *nbytes, GFP_DMA | GFP_KERNEL);
>   if (!val)
>   return NULL;
>  
> - memcpy(val, buf, *nbytes);
> -
>   return val;
>  }
>  

Hello

You could drop also the if (!val) return NULL

Regards

Re: [PATCH v2 0/6] crypto: engine - Permit to enqueue all async requests

[Corentin Labbe]

On Thu, Feb 15, 2018 at 11:51:00PM +0800, Herbert Xu wrote:
> On Fri, Jan 26, 2018 at 08:15:28PM +0100, Corentin Labbe wrote:
> > Hello
> > 
> > The current crypto_engine support only ahash and ablkcipher request.
> > My first patch which try to add skcipher was Nacked, it will add too many 
> > functions
> > and adding other algs(aead, asymetric_key) will make the situation worst.
> > 
> > This patchset remove all algs specific stuff and now only process generic 
> > crypto_async_request.
> > 
> > The requests handler function pointer are now moved out of struct engine and
> > are now stored directly in a crypto_engine_reqctx.
> > 
> > The original proposal of Herbert [1] cannot be done completly since the 
> > crypto_engine
> > could only dequeue crypto_async_request and it is impossible to access any 
> > request_ctx
> > without knowing the underlying request type.
> > 
> > So I do something near that was requested: adding crypto_engine_reqctx in 
> > TFM context.
> > Note that the current implementation expect that crypto_engine_reqctx
> > is the first member of the context.
> > 
> > The first patch is a try to document the crypto engine API.
> > The second patch convert the crypto engine with the new way,
> > while the following patchs convert the 4 existing users of crypto_engine.
> > Note that this split break bisection, so probably the final commit will be 
> > all merged.
> > 
> > Appart from virtio, all 4 latest patch were compile tested only.
> > But the crypto engine is tested with my new sun8i-ce driver.
> > 
> > Regards
> > 
> > [1] 
> > https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1474434.html
> > 
> > Changes since V1:
> > - renamed crypto_engine_reqctx to crypto_engine_ctx
> > - indentation fix in function parameter
> > - do not export crypto_transfer_request
> > - Add aead support
> > - crypto_finalize_request is now static
> > 
> > Changes since RFC:
> > - Added a documentation patch
> > - Added patch for stm32-cryp
> > - Changed parameter of all crypto_engine_op functions from
> > crypto_async_request to void*
> > - Reintroduced crypto_transfer_xxx_request_to_engine functions
> > 
> > Corentin Labbe (6):
> >   Documentation: crypto: document crypto engine API
> >   crypto: engine - Permit to enqueue all async requests
> >   crypto: omap: convert to new crypto engine API
> >   crypto: virtio: convert to new crypto engine API
> >   crypto: stm32-hash: convert to the new crypto engine API
> >   crypto: stm32-cryp: convert to the new crypto engine API
> 
> All applied.  Thanks.

Hello

As mentionned in the cover letter, all patchs (except documentation one) should 
be squashed.
A kbuild robot reported a build error on cryptodev due to this.

Regards

Re: [PATCH 1/2] sun4i_ss_prng: fix return value of sun4i_ss_prng_generate

[Corentin Labbe]

On Wed, Feb 07, 2018 at 11:52:01AM +0100, Artem Savkov wrote:
> On Wed, Feb 07, 2018 at 10:56:59AM +0100, Corentin Labbe wrote:
> > On Tue, Feb 06, 2018 at 10:20:21PM +0100, Artem Savkov wrote:
> > > According to crypto/rng.h generate function should return 0 on success
> > > and < 0 on error.
> > > 
> > > Fixes: b8ae5c7387ad ("crypto: sun4i-ss - support the Security System 
> > > PRNG")
> > > Signed-off-by: Artem Savkov <artem.sav...@gmail.com>
> > > ---
> > >  drivers/crypto/sunxi-ss/sun4i-ss-prng.c | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-prng.c 
> > > b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
> > > index 0d01d1624252..5754e0b92fb0 100644
> > > --- a/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
> > > +++ b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
> > > @@ -52,5 +52,5 @@ int sun4i_ss_prng_generate(struct crypto_rng *tfm, 
> > > const u8 *src,
> > >  
> > >   writel(0, ss->base + SS_CTL);
> > >   spin_unlock(>slock);
> > > - return dlen;
> > > + return 0;
> > >  }
> > > -- 
> > > 2.15.1
> > > 
> > 
> > According to Documentation/crypto/api-samples.rst ("Code Example For Random 
> > Number Generator Usage")
> > you must return the length of data generated.
> 
> I don't think that example is the same as rng_alg.generate, it has a
> different protottype.

crypto_rng_get_bytes() use crypto_rng_generate() which work on crypto_rng

> 
> > So crypto_rng_generate/crypto_rng_get_bytes documentation in crypto/rng.h 
> > must be fixed.
> 
> It's not just documentation, every other rng driver returns it this way
> and it gets aead_init_geniv() (and subsequently crypto_create_tfm())
> really confused because they expect the return value to be 0 or < 0.
> 

Perhaps the example is wrong because "copied from/inspirated by" hwrng API 
which have this behavior.

After checking, other crypto_rng driver, you are probably right, so you can add:
Acked-by: Corentin Labbe <clabbe.montj...@gmail.com>

Thanks
Regards

Re: [PATCH 1/2] sun4i_ss_prng: fix return value of sun4i_ss_prng_generate

[Corentin Labbe]

On Tue, Feb 06, 2018 at 10:20:21PM +0100, Artem Savkov wrote:
> According to crypto/rng.h generate function should return 0 on success
> and < 0 on error.
> 
> Fixes: b8ae5c7387ad ("crypto: sun4i-ss - support the Security System PRNG")
> Signed-off-by: Artem Savkov 
> ---
>  drivers/crypto/sunxi-ss/sun4i-ss-prng.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-prng.c 
> b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
> index 0d01d1624252..5754e0b92fb0 100644
> --- a/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
> +++ b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
> @@ -52,5 +52,5 @@ int sun4i_ss_prng_generate(struct crypto_rng *tfm, const u8 
> *src,
>  
>   writel(0, ss->base + SS_CTL);
>   spin_unlock(>slock);
> - return dlen;
> + return 0;
>  }
> -- 
> 2.15.1
> 

According to Documentation/crypto/api-samples.rst ("Code Example For Random 
Number Generator Usage")
you must return the length of data generated.

So crypto_rng_generate/crypto_rng_get_bytes documentation in crypto/rng.h must 
be fixed.

Herbert could you confirm ?

Regards

[PATCH v2 1/6] Documentation: crypto: document crypto engine API

[Corentin Labbe]

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 Documentation/crypto/crypto_engine.rst | 48 ++
 1 file changed, 48 insertions(+)
 create mode 100644 Documentation/crypto/crypto_engine.rst

diff --git a/Documentation/crypto/crypto_engine.rst 
b/Documentation/crypto/crypto_engine.rst
new file mode 100644
index ..8272ac92a14f
--- /dev/null
+++ b/Documentation/crypto/crypto_engine.rst
@@ -0,0 +1,48 @@
+=
+CRYPTO ENGINE
+=
+
+Overview
+
+The crypto engine API (CE), is a crypto queue manager.
+
+Requirement
+---
+You have to put at start of your tfm_ctx the struct crypto_engine_ctx
+struct your_tfm_ctx {
+struct crypto_engine_ctx enginectx;
+...
+};
+Why: Since CE manage only crypto_async_request, it cannot know the underlying
+request_type and so have access only on the TFM.
+So using container_of for accessing __ctx is impossible.
+Furthermore, the crypto engine cannot know the "struct your_tfm_ctx",
+so it must assume that crypto_engine_ctx is at start of it.
+
+Order of operations
+---
+You have to obtain a struct crypto_engine via crypto_engine_alloc_init().
+And start it via crypto_engine_start().
+
+Before transferring any request, you have to fill the enginectx.
+- prepare_request: (taking a function pointer) If you need to do some 
processing before doing the request
+- unprepare_request: (taking a function pointer) Undoing what's done in 
prepare_request
+- do_one_request: (taking a function pointer) Do encryption for current request
+
+Note: that those three functions get the crypto_async_request associated with 
the received request.
+So your need to get the original request via container_of(areq, struct 
yourrequesttype_request, base);
+
+When your driver receive a crypto_request, you have to transfer it to
+the cryptoengine via one of:
+- crypto_transfer_ablkcipher_request_to_engine()
+- crypto_transfer_aead_request_to_engine()
+- crypto_transfer_akcipher_request_to_engine()
+- crypto_transfer_hash_request_to_engine()
+- crypto_transfer_skcipher_request_to_engine()
+
+At the end of the request process, a call to one of the following function is 
needed:
+- crypto_finalize_ablkcipher_request
+- crypto_finalize_aead_request
+- crypto_finalize_akcipher_request
+- crypto_finalize_hash_request
+- crypto_finalize_skcipher_request
-- 
2.13.6

[PATCH v2 6/6] crypto: stm32-cryp: convert to the new crypto engine API

[Corentin Labbe]

This patch convert the stm32-cryp driver to the new crypto engine API.
Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
Tested-by: Fabien Dessenne <fabien.desse...@st.com>
---
 drivers/crypto/stm32/stm32-cryp.c | 29 +
 1 file changed, 21 insertions(+), 8 deletions(-)

diff --git a/drivers/crypto/stm32/stm32-cryp.c 
b/drivers/crypto/stm32/stm32-cryp.c
index cf1dddbeaa2c..a816b2ffcaad 100644
--- a/drivers/crypto/stm32/stm32-cryp.c
+++ b/drivers/crypto/stm32/stm32-cryp.c
@@ -91,6 +91,7 @@
 #define _walked_out (cryp->out_walk.offset - cryp->out_sg->offset)
 
 struct stm32_cryp_ctx {
+   struct crypto_engine_ctx enginectx;
struct stm32_cryp   *cryp;
int keylen;
u32 key[AES_KEYSIZE_256 / sizeof(u32)];
@@ -478,7 +479,7 @@ static void stm32_cryp_finish_req(struct stm32_cryp *cryp)
free_pages((unsigned long)buf_out, pages);
}
 
-   crypto_finalize_cipher_request(cryp->engine, cryp->req, err);
+   crypto_finalize_ablkcipher_request(cryp->engine, cryp->req, err);
cryp->req = NULL;
 
memset(cryp->ctx->key, 0, cryp->ctx->keylen);
@@ -494,10 +495,19 @@ static int stm32_cryp_cpu_start(struct stm32_cryp *cryp)
return 0;
 }
 
+static int stm32_cryp_cipher_one_req(struct crypto_engine *engine, void *areq);
+static int stm32_cryp_prepare_cipher_req(struct crypto_engine *engine,
+void *areq);
+
 static int stm32_cryp_cra_init(struct crypto_tfm *tfm)
 {
+   struct stm32_cryp_ctx *ctx = crypto_tfm_ctx(tfm);
+
tfm->crt_ablkcipher.reqsize = sizeof(struct stm32_cryp_reqctx);
 
+   ctx->enginectx.op.do_one_request = stm32_cryp_cipher_one_req;
+   ctx->enginectx.op.prepare_request = stm32_cryp_prepare_cipher_req;
+   ctx->enginectx.op.unprepare_request = NULL;
return 0;
 }
 
@@ -513,7 +523,7 @@ static int stm32_cryp_crypt(struct ablkcipher_request *req, 
unsigned long mode)
 
rctx->mode = mode;
 
-   return crypto_transfer_cipher_request_to_engine(cryp->engine, req);
+   return crypto_transfer_ablkcipher_request_to_engine(cryp->engine, req);
 }
 
 static int stm32_cryp_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
@@ -695,14 +705,20 @@ static int stm32_cryp_prepare_req(struct crypto_engine 
*engine,
 }
 
 static int stm32_cryp_prepare_cipher_req(struct crypto_engine *engine,
-struct ablkcipher_request *req)
+void *areq)
 {
+   struct ablkcipher_request *req = container_of(areq,
+ struct ablkcipher_request,
+ base);
+
return stm32_cryp_prepare_req(engine, req);
 }
 
-static int stm32_cryp_cipher_one_req(struct crypto_engine *engine,
-struct ablkcipher_request *req)
+static int stm32_cryp_cipher_one_req(struct crypto_engine *engine, void *areq)
 {
+   struct ablkcipher_request *req = container_of(areq,
+ struct ablkcipher_request,
+ base);
struct stm32_cryp_ctx *ctx = crypto_ablkcipher_ctx(
crypto_ablkcipher_reqtfm(req));
struct stm32_cryp *cryp = ctx->cryp;
@@ -1104,9 +1120,6 @@ static int stm32_cryp_probe(struct platform_device *pdev)
goto err_engine1;
}
 
-   cryp->engine->prepare_cipher_request = stm32_cryp_prepare_cipher_req;
-   cryp->engine->cipher_one_request = stm32_cryp_cipher_one_req;
-
ret = crypto_engine_start(cryp->engine);
if (ret) {
dev_err(dev, "Could not start crypto engine\n");
-- 
2.13.6

[PATCH v2 4/6] crypto: virtio: convert to new crypto engine API

[Corentin Labbe]

This patch convert the driver to the new crypto engine API.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/virtio/virtio_crypto_algs.c   | 16 ++--
 drivers/crypto/virtio/virtio_crypto_common.h |  3 +--
 drivers/crypto/virtio/virtio_crypto_core.c   |  3 ---
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/drivers/crypto/virtio/virtio_crypto_algs.c 
b/drivers/crypto/virtio/virtio_crypto_algs.c
index abe8c15450df..ba190cfa7aa1 100644
--- a/drivers/crypto/virtio/virtio_crypto_algs.c
+++ b/drivers/crypto/virtio/virtio_crypto_algs.c
@@ -29,6 +29,7 @@
 
 
 struct virtio_crypto_ablkcipher_ctx {
+   struct crypto_engine_ctx enginectx;
struct virtio_crypto *vcrypto;
struct crypto_tfm *tfm;
 
@@ -491,7 +492,7 @@ static int virtio_crypto_ablkcipher_encrypt(struct 
ablkcipher_request *req)
vc_sym_req->ablkcipher_req = req;
vc_sym_req->encrypt = true;
 
-   return crypto_transfer_cipher_request_to_engine(data_vq->engine, req);
+   return crypto_transfer_ablkcipher_request_to_engine(data_vq->engine, 
req);
 }
 
 static int virtio_crypto_ablkcipher_decrypt(struct ablkcipher_request *req)
@@ -511,7 +512,7 @@ static int virtio_crypto_ablkcipher_decrypt(struct 
ablkcipher_request *req)
vc_sym_req->ablkcipher_req = req;
vc_sym_req->encrypt = false;
 
-   return crypto_transfer_cipher_request_to_engine(data_vq->engine, req);
+   return crypto_transfer_ablkcipher_request_to_engine(data_vq->engine, 
req);
 }
 
 static int virtio_crypto_ablkcipher_init(struct crypto_tfm *tfm)
@@ -521,6 +522,9 @@ static int virtio_crypto_ablkcipher_init(struct crypto_tfm 
*tfm)
tfm->crt_ablkcipher.reqsize = sizeof(struct virtio_crypto_sym_request);
ctx->tfm = tfm;
 
+   ctx->enginectx.op.do_one_request = virtio_crypto_ablkcipher_crypt_req;
+   ctx->enginectx.op.prepare_request = NULL;
+   ctx->enginectx.op.unprepare_request = NULL;
return 0;
 }
 
@@ -538,9 +542,9 @@ static void virtio_crypto_ablkcipher_exit(struct crypto_tfm 
*tfm)
 }
 
 int virtio_crypto_ablkcipher_crypt_req(
-   struct crypto_engine *engine,
-   struct ablkcipher_request *req)
+   struct crypto_engine *engine, void *vreq)
 {
+   struct ablkcipher_request *req = container_of(vreq, struct 
ablkcipher_request, base);
struct virtio_crypto_sym_request *vc_sym_req =
ablkcipher_request_ctx(req);
struct virtio_crypto_request *vc_req = _sym_req->base;
@@ -561,8 +565,8 @@ static void virtio_crypto_ablkcipher_finalize_req(
struct ablkcipher_request *req,
int err)
 {
-   crypto_finalize_cipher_request(vc_sym_req->base.dataq->engine,
-   req, err);
+   crypto_finalize_ablkcipher_request(vc_sym_req->base.dataq->engine,
+  req, err);
kzfree(vc_sym_req->iv);
virtcrypto_clear_request(_sym_req->base);
 }
diff --git a/drivers/crypto/virtio/virtio_crypto_common.h 
b/drivers/crypto/virtio/virtio_crypto_common.h
index e976539a05d9..72621bd67211 100644
--- a/drivers/crypto/virtio/virtio_crypto_common.h
+++ b/drivers/crypto/virtio/virtio_crypto_common.h
@@ -107,8 +107,7 @@ struct virtio_crypto *virtcrypto_get_dev_node(int node);
 int virtcrypto_dev_start(struct virtio_crypto *vcrypto);
 void virtcrypto_dev_stop(struct virtio_crypto *vcrypto);
 int virtio_crypto_ablkcipher_crypt_req(
-   struct crypto_engine *engine,
-   struct ablkcipher_request *req);
+   struct crypto_engine *engine, void *vreq);
 
 void
 virtcrypto_clear_request(struct virtio_crypto_request *vc_req);
diff --git a/drivers/crypto/virtio/virtio_crypto_core.c 
b/drivers/crypto/virtio/virtio_crypto_core.c
index ff1410a32c2b..83326986c113 100644
--- a/drivers/crypto/virtio/virtio_crypto_core.c
+++ b/drivers/crypto/virtio/virtio_crypto_core.c
@@ -111,9 +111,6 @@ static int virtcrypto_find_vqs(struct virtio_crypto *vi)
ret = -ENOMEM;
goto err_engine;
}
-
-   vi->data_vq[i].engine->cipher_one_request =
-   virtio_crypto_ablkcipher_crypt_req;
}
 
kfree(names);
-- 
2.13.6

[PATCH v2 3/6] crypto: omap: convert to new crypto engine API

[Corentin Labbe]

This patch convert the driver to the new crypto engine API.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/omap-aes.c | 21 +++--
 drivers/crypto/omap-aes.h |  3 +++
 drivers/crypto/omap-des.c | 24 ++--
 3 files changed, 36 insertions(+), 12 deletions(-)

diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-aes.c
index fbec0a2e76dd..5bd383ed3dec 100644
--- a/drivers/crypto/omap-aes.c
+++ b/drivers/crypto/omap-aes.c
@@ -388,7 +388,7 @@ static void omap_aes_finish_req(struct omap_aes_dev *dd, 
int err)
 
pr_debug("err: %d\n", err);
 
-   crypto_finalize_cipher_request(dd->engine, req, err);
+   crypto_finalize_ablkcipher_request(dd->engine, req, err);
 
pm_runtime_mark_last_busy(dd->dev);
pm_runtime_put_autosuspend(dd->dev);
@@ -408,14 +408,15 @@ static int omap_aes_handle_queue(struct omap_aes_dev *dd,
 struct ablkcipher_request *req)
 {
if (req)
-   return crypto_transfer_cipher_request_to_engine(dd->engine, 
req);
+   return crypto_transfer_ablkcipher_request_to_engine(dd->engine, 
req);
 
return 0;
 }
 
 static int omap_aes_prepare_req(struct crypto_engine *engine,
-   struct ablkcipher_request *req)
+   void *areq)
 {
+   struct ablkcipher_request *req = container_of(areq, struct 
ablkcipher_request, base);
struct omap_aes_ctx *ctx = crypto_ablkcipher_ctx(
crypto_ablkcipher_reqtfm(req));
struct omap_aes_reqctx *rctx = ablkcipher_request_ctx(req);
@@ -468,8 +469,9 @@ static int omap_aes_prepare_req(struct crypto_engine 
*engine,
 }
 
 static int omap_aes_crypt_req(struct crypto_engine *engine,
- struct ablkcipher_request *req)
+ void *areq)
 {
+   struct ablkcipher_request *req = container_of(areq, struct 
ablkcipher_request, base);
struct omap_aes_reqctx *rctx = ablkcipher_request_ctx(req);
struct omap_aes_dev *dd = rctx->dd;
 
@@ -601,6 +603,11 @@ static int omap_aes_ctr_decrypt(struct ablkcipher_request 
*req)
return omap_aes_crypt(req, FLAGS_CTR);
 }
 
+static int omap_aes_prepare_req(struct crypto_engine *engine,
+   void *req);
+static int omap_aes_crypt_req(struct crypto_engine *engine,
+ void *req);
+
 static int omap_aes_cra_init(struct crypto_tfm *tfm)
 {
const char *name = crypto_tfm_alg_name(tfm);
@@ -616,6 +623,10 @@ static int omap_aes_cra_init(struct crypto_tfm *tfm)
 
tfm->crt_ablkcipher.reqsize = sizeof(struct omap_aes_reqctx);
 
+   ctx->enginectx.op.prepare_request = omap_aes_prepare_req;
+   ctx->enginectx.op.unprepare_request = NULL;
+   ctx->enginectx.op.do_one_request = omap_aes_crypt_req;
+
return 0;
 }
 
@@ -1119,8 +1130,6 @@ static int omap_aes_probe(struct platform_device *pdev)
goto err_engine;
}
 
-   dd->engine->prepare_cipher_request = omap_aes_prepare_req;
-   dd->engine->cipher_one_request = omap_aes_crypt_req;
err = crypto_engine_start(dd->engine);
if (err)
goto err_engine;
diff --git a/drivers/crypto/omap-aes.h b/drivers/crypto/omap-aes.h
index 8906342e2b9a..fc3b46a85809 100644
--- a/drivers/crypto/omap-aes.h
+++ b/drivers/crypto/omap-aes.h
@@ -13,6 +13,8 @@
 #ifndef __OMAP_AES_H__
 #define __OMAP_AES_H__
 
+#include 
+
 #define DST_MAXBURST   4
 #define DMA_MIN(DST_MAXBURST * sizeof(u32))
 
@@ -95,6 +97,7 @@ struct omap_aes_gcm_result {
 };
 
 struct omap_aes_ctx {
+   struct crypto_engine_ctx enginectx;
int keylen;
u32 key[AES_KEYSIZE_256 / sizeof(u32)];
u8  nonce[4];
diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c
index ebc5c0f11f03..eb95b0d7f184 100644
--- a/drivers/crypto/omap-des.c
+++ b/drivers/crypto/omap-des.c
@@ -86,6 +86,7 @@
 #define FLAGS_OUT_DATA_ST_SHIFT10
 
 struct omap_des_ctx {
+   struct crypto_engine_ctx enginectx;
struct omap_des_dev *dd;
 
int keylen;
@@ -498,7 +499,7 @@ static void omap_des_finish_req(struct omap_des_dev *dd, 
int err)
 
pr_debug("err: %d\n", err);
 
-   crypto_finalize_cipher_request(dd->engine, req, err);
+   crypto_finalize_ablkcipher_request(dd->engine, req, err);
 
pm_runtime_mark_last_busy(dd->dev);
pm_runtime_put_autosuspend(dd->dev);
@@ -520,14 +521,15 @@ static int omap_des_handle_queue(struct omap_des_dev *dd,
 struct ablkcipher_request *req)
 {
if (req)
-   return crypto_transfer_cipher_request_to_engine(dd->engine, 
req);
+   return crypto_tran

[PATCH v2 5/6] crypto: stm32-hash: convert to the new crypto engine API

[Corentin Labbe]

This patch convert the stm32-hash driver to the new crypto engine API.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
Tested-by: Fabien Dessenne <fabien.desse...@st.com>
---
 drivers/crypto/stm32/stm32-hash.c | 20 +---
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/drivers/crypto/stm32/stm32-hash.c 
b/drivers/crypto/stm32/stm32-hash.c
index 4ca4a264a833..89b0c2490d80 100644
--- a/drivers/crypto/stm32/stm32-hash.c
+++ b/drivers/crypto/stm32/stm32-hash.c
@@ -122,6 +122,7 @@ enum stm32_hash_data_format {
 #define HASH_DMA_THRESHOLD 50
 
 struct stm32_hash_ctx {
+   struct crypto_engine_ctx enginectx;
struct stm32_hash_dev   *hdev;
unsigned long   flags;
 
@@ -828,15 +829,19 @@ static int stm32_hash_hw_init(struct stm32_hash_dev *hdev,
return 0;
 }
 
+static int stm32_hash_one_request(struct crypto_engine *engine, void *areq);
+static int stm32_hash_prepare_req(struct crypto_engine *engine, void *areq);
+
 static int stm32_hash_handle_queue(struct stm32_hash_dev *hdev,
   struct ahash_request *req)
 {
return crypto_transfer_hash_request_to_engine(hdev->engine, req);
 }
 
-static int stm32_hash_prepare_req(struct crypto_engine *engine,
- struct ahash_request *req)
+static int stm32_hash_prepare_req(struct crypto_engine *engine, void *areq)
 {
+   struct ahash_request *req = container_of(areq, struct ahash_request,
+base);
struct stm32_hash_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
struct stm32_hash_dev *hdev = stm32_hash_find_dev(ctx);
struct stm32_hash_request_ctx *rctx;
@@ -854,9 +859,10 @@ static int stm32_hash_prepare_req(struct crypto_engine 
*engine,
return stm32_hash_hw_init(hdev, rctx);
 }
 
-static int stm32_hash_one_request(struct crypto_engine *engine,
- struct ahash_request *req)
+static int stm32_hash_one_request(struct crypto_engine *engine, void *areq)
 {
+   struct ahash_request *req = container_of(areq, struct ahash_request,
+base);
struct stm32_hash_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
struct stm32_hash_dev *hdev = stm32_hash_find_dev(ctx);
struct stm32_hash_request_ctx *rctx;
@@ -1033,6 +1039,9 @@ static int stm32_hash_cra_init_algs(struct crypto_tfm 
*tfm,
if (algs_hmac_name)
ctx->flags |= HASH_FLAGS_HMAC;
 
+   ctx->enginectx.op.do_one_request = stm32_hash_one_request;
+   ctx->enginectx.op.prepare_request = stm32_hash_prepare_req;
+   ctx->enginectx.op.unprepare_request = NULL;
return 0;
 }
 
@@ -1493,9 +1502,6 @@ static int stm32_hash_probe(struct platform_device *pdev)
goto err_engine;
}
 
-   hdev->engine->prepare_hash_request = stm32_hash_prepare_req;
-   hdev->engine->hash_one_request = stm32_hash_one_request;
-
ret = crypto_engine_start(hdev->engine);
if (ret)
goto err_engine_start;
-- 
2.13.6

[PATCH v2 0/6] crypto: engine - Permit to enqueue all async requests

[Corentin Labbe]

Hello

The current crypto_engine support only ahash and ablkcipher request.
My first patch which try to add skcipher was Nacked, it will add too many 
functions
and adding other algs(aead, asymetric_key) will make the situation worst.

This patchset remove all algs specific stuff and now only process generic 
crypto_async_request.

The requests handler function pointer are now moved out of struct engine and
are now stored directly in a crypto_engine_reqctx.

The original proposal of Herbert [1] cannot be done completly since the 
crypto_engine
could only dequeue crypto_async_request and it is impossible to access any 
request_ctx
without knowing the underlying request type.

So I do something near that was requested: adding crypto_engine_reqctx in TFM 
context.
Note that the current implementation expect that crypto_engine_reqctx
is the first member of the context.

The first patch is a try to document the crypto engine API.
The second patch convert the crypto engine with the new way,
while the following patchs convert the 4 existing users of crypto_engine.
Note that this split break bisection, so probably the final commit will be all 
merged.

Appart from virtio, all 4 latest patch were compile tested only.
But the crypto engine is tested with my new sun8i-ce driver.

Regards

[1] https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1474434.html

Changes since V1:
- renamed crypto_engine_reqctx to crypto_engine_ctx
- indentation fix in function parameter
- do not export crypto_transfer_request
- Add aead support
- crypto_finalize_request is now static

Changes since RFC:
- Added a documentation patch
- Added patch for stm32-cryp
- Changed parameter of all crypto_engine_op functions from
crypto_async_request to void*
- Reintroduced crypto_transfer_xxx_request_to_engine functions

Corentin Labbe (6):
  Documentation: crypto: document crypto engine API
  crypto: engine - Permit to enqueue all async requests
  crypto: omap: convert to new crypto engine API
  crypto: virtio: convert to new crypto engine API
  crypto: stm32-hash: convert to the new crypto engine API
  crypto: stm32-cryp: convert to the new crypto engine API

 Documentation/crypto/crypto_engine.rst   |  48 +
 crypto/crypto_engine.c   | 301 +++
 drivers/crypto/omap-aes.c|  21 +-
 drivers/crypto/omap-aes.h|   3 +
 drivers/crypto/omap-des.c|  24 ++-
 drivers/crypto/stm32/stm32-cryp.c|  29 ++-
 drivers/crypto/stm32/stm32-hash.c|  20 +-
 drivers/crypto/virtio/virtio_crypto_algs.c   |  16 +-
 drivers/crypto/virtio/virtio_crypto_common.h |   3 +-
 drivers/crypto/virtio/virtio_crypto_core.c   |   3 -
 include/crypto/engine.h  |  68 +++---
 11 files changed, 332 insertions(+), 204 deletions(-)
 create mode 100644 Documentation/crypto/crypto_engine.rst

-- 
2.13.6

[PATCH v2 2/6] crypto: engine - Permit to enqueue all async requests

[Corentin Labbe]

The crypto engine could actually only enqueue hash and ablkcipher request.
This patch permit it to enqueue any type of crypto_async_request.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
Tested-by: Fabien Dessenne <fabien.desse...@st.com>
---
 crypto/crypto_engine.c  | 301 ++--
 include/crypto/engine.h |  68 ++-
 2 files changed, 203 insertions(+), 166 deletions(-)

diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index 61e7c4e02fd2..992e8d8dcdd9 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -15,13 +15,50 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include "internal.h"
 
 #define CRYPTO_ENGINE_MAX_QLEN 10
 
 /**
+ * crypto_finalize_request - finalize one request if the request is done
+ * @engine: the hardware engine
+ * @req: the request need to be finalized
+ * @err: error number
+ */
+static void crypto_finalize_request(struct crypto_engine *engine,
+struct crypto_async_request *req, int err)
+{
+   unsigned long flags;
+   bool finalize_cur_req = false;
+   int ret;
+   struct crypto_engine_ctx *enginectx;
+
+   spin_lock_irqsave(>queue_lock, flags);
+   if (engine->cur_req == req)
+   finalize_cur_req = true;
+   spin_unlock_irqrestore(>queue_lock, flags);
+
+   if (finalize_cur_req) {
+   enginectx = crypto_tfm_ctx(req->tfm);
+   if (engine->cur_req_prepared &&
+   enginectx->op.unprepare_request) {
+   ret = enginectx->op.unprepare_request(engine, req);
+   if (ret)
+   dev_err(engine->dev, "failed to unprepare 
request\n");
+   }
+   spin_lock_irqsave(>queue_lock, flags);
+   engine->cur_req = NULL;
+   engine->cur_req_prepared = false;
+   spin_unlock_irqrestore(>queue_lock, flags);
+   }
+
+   req->complete(req, err);
+
+   kthread_queue_work(engine->kworker, >pump_requests);
+}
+
+/**
  * crypto_pump_requests - dequeue one request from engine queue to process
  * @engine: the hardware engine
  * @in_kthread: true if we are in the context of the request pump thread
@@ -34,11 +71,10 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
 bool in_kthread)
 {
struct crypto_async_request *async_req, *backlog;
-   struct ahash_request *hreq;
-   struct ablkcipher_request *breq;
unsigned long flags;
bool was_busy = false;
-   int ret, rtype;
+   int ret;
+   struct crypto_engine_ctx *enginectx;
 
spin_lock_irqsave(>queue_lock, flags);
 
@@ -94,7 +130,6 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
 
spin_unlock_irqrestore(>queue_lock, flags);
 
-   rtype = crypto_tfm_alg_type(engine->cur_req->tfm);
/* Until here we get the request need to be encrypted successfully */
if (!was_busy && engine->prepare_crypt_hardware) {
ret = engine->prepare_crypt_hardware(engine);
@@ -104,57 +139,31 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
}
}
 
-   switch (rtype) {
-   case CRYPTO_ALG_TYPE_AHASH:
-   hreq = ahash_request_cast(engine->cur_req);
-   if (engine->prepare_hash_request) {
-   ret = engine->prepare_hash_request(engine, hreq);
-   if (ret) {
-   dev_err(engine->dev, "failed to prepare 
request: %d\n",
-   ret);
-   goto req_err;
-   }
-   engine->cur_req_prepared = true;
-   }
-   ret = engine->hash_one_request(engine, hreq);
-   if (ret) {
-   dev_err(engine->dev, "failed to hash one request from 
queue\n");
-   goto req_err;
-   }
-   return;
-   case CRYPTO_ALG_TYPE_ABLKCIPHER:
-   breq = ablkcipher_request_cast(engine->cur_req);
-   if (engine->prepare_cipher_request) {
-   ret = engine->prepare_cipher_request(engine, breq);
-   if (ret) {
-   dev_err(engine->dev, "failed to prepare 
request: %d\n",
-   ret);
-   goto req_err;
-   }
-   engine->cur_req_prepared = true;
-   }
-   ret = engine->cipher_one_request(engine, breq);
+   enginectx = crypto_tfm_ctx(async_req->tfm);
+
+   if (enginectx->op.prepare_request) {
+

[PATCH] sparc64: fix typo in CONFIG_CRYPTO_DES_SPARC64 => CONFIG_CRYPTO_CAMELLIA_SPARC64

[Corentin Labbe]

This patch fixes the typo CONFIG_CRYPTO_DES_SPARC64 => 
CONFIG_CRYPTO_CAMELLIA_SPARC64

Fixes: 81658ad0d923 ("sparc64: Add CAMELLIA driver making use of the new 
camellia opcodes.")
Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
 arch/sparc/crypto/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/sparc/crypto/Makefile b/arch/sparc/crypto/Makefile
index 818d3aa5172e..d257186c27d1 100644
--- a/arch/sparc/crypto/Makefile
+++ b/arch/sparc/crypto/Makefile
@@ -10,7 +10,7 @@ obj-$(CONFIG_CRYPTO_MD5_SPARC64) += md5-sparc64.o
 
 obj-$(CONFIG_CRYPTO_AES_SPARC64) += aes-sparc64.o
 obj-$(CONFIG_CRYPTO_DES_SPARC64) += des-sparc64.o
-obj-$(CONFIG_CRYPTO_DES_SPARC64) += camellia-sparc64.o
+obj-$(CONFIG_CRYPTO_CAMELLIA_SPARC64) += camellia-sparc64.o
 
 obj-$(CONFIG_CRYPTO_CRC32C_SPARC64) += crc32c-sparc64.o
 
-- 
2.13.6

[BUG] skcipher: Test 1 failed (invalid result) on encryption for cts(virtio_crypto_aes_cbc)

[Corentin Labbe]

Hello

When modprobing tcrypt on a qemu virtual machine, I get the following trace in 
dmesg:
skcipher: Test 1 failed (invalid result) on encryption for 
cts(virtio_crypto_aes_cbc)

Regards
Corentin Labbe

[PATCH] crypto: artpec6 - remove select on non-existing CRYPTO_SHA384

[Corentin Labbe]

Since CRYPTO_SHA384 does not exists, Kconfig should not select it.
Anyway, all SHA384 stuff is in CRYPTO_SHA512 which is already selected.

Fixes: a21eb94fc4d3i ("crypto: axis - add ARTPEC-6/7 crypto accelerator driver")
Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/Kconfig | 1 -
 1 file changed, 1 deletion(-)

diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index f7f803e78701..e92b9304a8d5 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -725,7 +725,6 @@ config CRYPTO_DEV_ARTPEC6
select CRYPTO_HASH
select CRYPTO_SHA1
select CRYPTO_SHA256
-   select CRYPTO_SHA384
select CRYPTO_SHA512
help
  Enables the driver for the on-chip crypto accelerator
-- 
2.13.6

[PATCH 1/2] crypto: Implement a generic crypto statistics

[Corentin Labbe]

This patch implement a generic way to get statistics about all crypto
usages.

Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
 crypto/Kconfig  | 11 
 crypto/ablkcipher.c |  9 +++
 crypto/acompress.c  |  9 +++
 crypto/aead.c   | 10 
 crypto/ahash.c  |  8 ++
 crypto/akcipher.c   | 13 ++
 crypto/algapi.c |  6 +
 crypto/blkcipher.c  |  9 +++
 crypto/crypto_user.c| 28 +
 crypto/kpp.c|  7 ++
 crypto/rng.c|  8 ++
 crypto/scompress.c  |  9 +++
 crypto/shash.c  |  5 
 crypto/skcipher.c   |  9 +++
 include/crypto/acompress.h  | 22 
 include/crypto/aead.h   | 22 
 include/crypto/akcipher.h   | 42 +++
 include/crypto/hash.h   | 21 
 include/crypto/kpp.h| 28 +
 include/crypto/rng.h| 17 +
 include/crypto/skcipher.h   | 22 
 include/linux/crypto.h  | 56 +
 include/uapi/linux/cryptouser.h | 34 +
 23 files changed, 405 insertions(+)

diff --git a/crypto/Kconfig b/crypto/Kconfig
index 971d558494c3..3b88fba14b59 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -1780,6 +1780,17 @@ config CRYPTO_USER_API_AEAD
  This option enables the user-spaces interface for AEAD
  cipher algorithms.
 
+config CRYPTO_STATS
+   bool "Crypto usage statistics for User-space"
+   help
+ This option enables the gathering of crypto stats.
+ This will collect:
+ - encrypt/decrypt size and numbers of symmeric operations
+ - compress/decompress size and numbers of compress operations
+ - size and numbers of hash operations
+ - encrypt/decrypt/sign/verify numbers for asymmetric operations
+ - generate/seed numbers for rng operations
+
 config CRYPTO_HASH_INFO
bool
 
diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c
index d880a4897159..f6d20e4ca977 100644
--- a/crypto/ablkcipher.c
+++ b/crypto/ablkcipher.c
@@ -369,6 +369,7 @@ static int crypto_init_ablkcipher_ops(struct crypto_tfm 
*tfm, u32 type,
 static int crypto_ablkcipher_report(struct sk_buff *skb, struct crypto_alg 
*alg)
 {
struct crypto_report_blkcipher rblkcipher;
+   u64 v;
 
strncpy(rblkcipher.type, "ablkcipher", sizeof(rblkcipher.type));
strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "",
@@ -378,6 +379,14 @@ static int crypto_ablkcipher_report(struct sk_buff *skb, 
struct crypto_alg *alg)
rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize;
rblkcipher.max_keysize = alg->cra_ablkcipher.max_keysize;
rblkcipher.ivsize = alg->cra_ablkcipher.ivsize;
+   v = atomic_read(>encrypt_cnt);
+   rblkcipher.stat_encrypt_cnt = v;
+   v = atomic_read(>encrypt_tlen);
+   rblkcipher.stat_encrypt_tlen = v;
+   v = atomic_read(>decrypt_cnt);
+   rblkcipher.stat_decrypt_cnt = v;
+   v = atomic_read(>decrypt_tlen);
+   rblkcipher.stat_decrypt_tlen = v;
 
if (nla_put(skb, CRYPTOCFGA_REPORT_BLKCIPHER,
sizeof(struct crypto_report_blkcipher), ))
diff --git a/crypto/acompress.c b/crypto/acompress.c
index 1544b7c057fb..524c8a3e3f80 100644
--- a/crypto/acompress.c
+++ b/crypto/acompress.c
@@ -32,8 +32,17 @@ static const struct crypto_type crypto_acomp_type;
 static int crypto_acomp_report(struct sk_buff *skb, struct crypto_alg *alg)
 {
struct crypto_report_acomp racomp;
+   u64 v;
 
strncpy(racomp.type, "acomp", sizeof(racomp.type));
+   v = atomic_read(>compress_cnt);
+   racomp.stat_compress_cnt = v;
+   v = atomic_read(>compress_tlen);
+   racomp.stat_compress_tlen = v;
+   v = atomic_read(>decompress_cnt);
+   racomp.stat_decompress_cnt = v;
+   v = atomic_read(>decompress_tlen);
+   racomp.stat_decompress_tlen = v;
 
if (nla_put(skb, CRYPTOCFGA_REPORT_ACOMP,
sizeof(struct crypto_report_acomp), ))
diff --git a/crypto/aead.c b/crypto/aead.c
index fe00cbd7243d..de13bd345d8b 100644
--- a/crypto/aead.c
+++ b/crypto/aead.c
@@ -109,6 +109,7 @@ static int crypto_aead_report(struct sk_buff *skb, struct 
crypto_alg *alg)
 {
struct crypto_report_aead raead;
struct aead_alg *aead = container_of(alg, struct aead_alg, base);
+   u64 v;
 
strncpy(raead.type, "aead", sizeof(raead.type));
strncpy(raead.geniv, "", sizeof(raead.geniv));
@@ -116,6 +117,15 @@ static int crypto_aead_report(struct sk_buff *skb, struct 
crypto_alg *alg)
raead.blocksize = 

[PATCH 2/2] crypto: tools: Add cryptostat userspace

[Corentin Labbe]

Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
 tools/crypto/getstat.c | 283 +
 1 file changed, 283 insertions(+)
 create mode 100644 tools/crypto/getstat.c

diff --git a/tools/crypto/getstat.c b/tools/crypto/getstat.c
new file mode 100644
index ..e73f2a73e0f6
--- /dev/null
+++ b/tools/crypto/getstat.c
@@ -0,0 +1,283 @@
+/* Heavily copied from libkcapi 2015 - 2017, Stephan Mueller 
<smuel...@chronox.de> */
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#define CR_RTA(x)  ((struct rtattr *)(((char *)(x)) + 
NLMSG_ALIGN(sizeof(struct crypto_user_alg
+
+static int get_stat(const char *drivername)
+{
+   struct {
+   struct nlmsghdr n;
+   struct crypto_user_alg cru;
+   } req;
+   struct sockaddr_nl nl;
+   int sd = 0, ret;
+   socklen_t addr_len;
+   struct iovec iov;
+   struct msghdr msg;
+   char buf[4096];
+   struct nlmsghdr *res_n = (struct nlmsghdr *)buf;
+   struct crypto_user_alg *cru_res = NULL;
+   int res_len = 0;
+   struct rtattr *tb[CRYPTOCFGA_MAX + 1];
+   struct rtattr *rta;
+
+   memset(, 0, sizeof(req));
+   memset(, 0, sizeof(buf));
+   memset(, 0, sizeof(msg));
+
+   req.n.nlmsg_len = NLMSG_LENGTH(sizeof(req.cru));
+   req.n.nlmsg_flags = NLM_F_REQUEST;
+   req.n.nlmsg_type = CRYPTO_MSG_GETALG;
+   req.n.nlmsg_seq = time(NULL);
+
+   strncpy(req.cru.cru_driver_name, drivername, strlen(drivername));
+
+   sd =  socket(AF_NETLINK, SOCK_RAW, NETLINK_CRYPTO);
+   if (sd < 0) {
+   fprintf(stderr, "Netlink error: cannot open netlink socket");
+   return -errno;
+   }
+   memset(, 0, sizeof(nl));
+   nl.nl_family = AF_NETLINK;
+   if (bind(sd, (struct sockaddr *), sizeof(nl)) < 0) {
+   ret = -errno;
+   fprintf(stderr, "Netlink error: cannot bind netlink socket");
+   goto out;
+   }
+
+   /* sanity check that netlink socket was successfully opened */
+   addr_len = sizeof(nl);
+   if (getsockname(sd, (struct sockaddr *), _len) < 0) {
+   ret = -errno;
+   printf("Netlink error: cannot getsockname");
+   goto out;
+   }
+   if (addr_len != sizeof(nl)) {
+   ret = -errno;
+   printf("Netlink error: wrong address length %d", addr_len);
+   goto out;
+   }
+   if (nl.nl_family != AF_NETLINK) {
+   ret = -errno;
+   printf("Netlink error: wrong address family %d",
+   nl.nl_family);
+   goto out;
+   }
+
+   memset(, 0, sizeof(nl));
+   nl.nl_family = AF_NETLINK;
+   iov.iov_base = (void *)
+   iov.iov_len = req.n.nlmsg_len;
+   msg.msg_name = 
+   msg.msg_namelen = sizeof(nl);
+   msg.msg_iov = 
+   msg.msg_iovlen = 1;
+   if (sendmsg(sd, , 0) < 0) {
+   ret = -errno;
+   printf("Netlink error: sendmsg failed");
+   goto out;
+   }
+   memset(buf, 0, sizeof(buf));
+   iov.iov_base = buf;
+   while (1) {
+   iov.iov_len = sizeof(buf);
+   ret = recvmsg(sd, , 0);
+   if (ret < 0) {
+   if (errno == EINTR || errno == EAGAIN)
+   continue;
+   ret = -errno;
+   printf("Netlink error: netlink receive error");
+   goto out;
+   }
+   if (ret == 0) {
+   ret = -errno;
+   printf("Netlink error: no data");
+   goto out;
+   }
+   if (ret > sizeof(buf)) {
+   ret = -errno;
+   printf("Netlink error: received too much data");
+   goto out;
+   }
+   break;
+   }
+
+   ret = -EFAULT;
+   res_len = res_n->nlmsg_len;
+   if (res_n->nlmsg_type == NLMSG_ERROR) {
+   /*
+* return -EAGAIN -- this error will occur if we received a
+* driver name, but used it for a generic name. Allow caller
+* to invoke function again where driver name is looked up
+*/
+   ret = -EAGAIN;
+   goto out;
+   }
+
+   if (res_n->nlmsg_type == CRYPTO_MSG_GETALG) {
+   cru_res = NLMSG_DATA(res_n);
+   res_len -= NLMSG_SPACE(sizeof(*cru_res));
+   }
+   if (res_len < 0) {
+   printf("Netlink error: nlmsg len %d\n", res_len);
+   goto out;
+   }
+
+   if (!cru_res) {
+   ret = -EFAU

[PATCH 0/2] crypto: Implement generic crypto statistics

[Corentin Labbe]

te: 0 bytes: 0
lzo-scomp   Compress
Compress: 2 bytes: 229
Decompress: 4 bytes: 367
lzo-generic Compress
Compress: 0 bytes: 0
Decompress: 0 bytes: 0
crc32c-generic
Hash: 176 bytes: 31652
zlib-deflate-scomp  Compress
Compress: 2 bytes: 261
Decompress: 4 bytes: 345
deflate-scomp   Compress
Compress: 2 bytes: 261
Decompress: 4 bytes: 320
deflate-generic Compress
Compress: 0 bytes: 0
Decompress: 0 bytes: 0
poly1305-generic
Hash: 66 bytes: 9294
chacha20-genericCipher
Encrypt: 16 bytes: 8853
Decrypt: 16 bytes: 8853
ecb(arc4)-generic   Cipher
Encrypt: 42 bytes: 540
Decrypt: 42 bytes: 540
arc4-genericcipher
Encrypt: 0 bytes: 0
Decrypt: 0 bytes: 0
aes-generic cipher
Encrypt: 0 bytes: 0
Decrypt: 0 bytes: 0
des3_ede-genericcipher
Encrypt: 0 bytes: 0
Decrypt: 0 bytes: 0
des-generic cipher
Encrypt: 0 bytes: 0
Decrypt: 0 bytes: 0
sha384-generic
Hash: 48 bytes: 10072
sha512-generic
Hash: 48 bytes: 10072
sha224-generic
Hash: 40 bytes: 9056
sha256-generic
Hash: 40 bytes: 9056
sha1-generic
Hash: 48 bytes: 9728
md5-generic
Hash: 56 bytes: 1436
md4-generic
Hash: 56 bytes: 1436
digest_null-generic
Hash: 0 bytes: 0
compress_null-generic   Compress
Compress: 0 bytes: 0
Decompress: 0 bytes: 0
ecb-cipher_null Cipher
Encrypt: 130 bytes: 2828
Decrypt: 24 bytes: 732
cipher_null-generic cipher
Encrypt: 0 bytes: 0
Decrypt: 0 bytes: 0
rsa-generic Akcipher
Encrypt: 7 bytes: 232
Decrypt: 6 bytes: 1152
Sign: 0
Verify: 13
dh-generic  KPP
Setsecret: 2
Generate public key: 2
Compute_shared_secret: 2
ctr-des3_ede-asmCipher
Encrypt: 20 bytes: 9950
Decrypt: 20 bytes: 9950
cbc-des3_ede-asmCipher
Encrypt: 46 bytes: 9568
Decrypt: 16 bytes: 5728
ecb-des3_ede-asmCipher
Encrypt: 28 bytes: 5104
Decrypt: 28 bytes: 5104
des3_ede-asmcipher
Encrypt: 0 bytes: 0
Decrypt: 0 bytes: 0
aes-asm cipher
Encrypt: 0 bytes: 0
Decrypt: 0 bytes: 0

Futur possible additions:
- Add a "number of needed fallback" statistics.
- maximum request size

Regards

Changes since RFC:
- Use cryptouser(netlink) instead of /sys
- Use atomic_t instead of unsigned long
- moved stat code into dedicated inline function
- spelling fixes

Corentin Labbe (2):
  crypto: Implement a generic crypto statistics
  crypto: tools: Add cryptostat userspace

 crypto/Kconfig  |  11 ++
 crypto/ablkcipher.c |   9 ++
 crypto/acompress.c  |   9 ++
 crypto/aead.c   |  10 ++
 crypto/ahash.c  |   8 ++
 crypto/akcipher.c   |  13 ++
 crypto/algapi.c |   6 +
 crypto/blkcipher.c  |   9 ++
 crypto/crypto_user.c|  28 
 crypto/kpp.c|   7 +
 crypto/rng.c|   8 ++
 crypto/scompress.c  |   9 ++
 crypto/shash.c  |   5 +
 crypto/skcipher.c   |   9 ++
 include/crypto/acompress.h  |  22 
 include/crypto/aead.h   |  10 ++
 include/crypto/akcipher.h   |  42 ++
 include/crypto/hash.h   |  10 ++
 include/crypto/kpp.h|  28 
 include/crypto/rng.h|  17 +++
 include/crypto/skcipher.h   |  22 
 include/linux/crypto.h  |  56 
 include/uapi/linux/cryptouser.h |  34 +
 tools/crypto/getstat.c  | 279 
 24 files changed, 661 insertions(+)
 create mode 100644 tools/crypto/getstat.c

-- 
2.13.6

Re: [PATCH 3/7] crypto: ccree: add ablkcipher support

[Corentin Labbe]

On Thu, Jan 11, 2018 at 09:17:10AM +, Gilad Ben-Yossef wrote:
> Add CryptoCell ablkcipher support
> 

Hello

I have some minor comments:

ablkcipher is deprecated, so you need to use skcipher instead.

> Signed-off-by: Gilad Ben-Yossef 
> ---
>  drivers/crypto/ccree/Makefile|2 +-
>  drivers/crypto/ccree/cc_buffer_mgr.c |  125 
>  drivers/crypto/ccree/cc_buffer_mgr.h |   10 +
>  drivers/crypto/ccree/cc_cipher.c | 1167 
> ++
>  drivers/crypto/ccree/cc_cipher.h |   74 +++
>  drivers/crypto/ccree/cc_driver.c |   11 +
>  drivers/crypto/ccree/cc_driver.h |2 +
>  7 files changed, 1390 insertions(+), 1 deletion(-)
>  create mode 100644 drivers/crypto/ccree/cc_cipher.c
>  create mode 100644 drivers/crypto/ccree/cc_cipher.h
> 
[...]
> +
> +struct tdes_keys {
> + u8  key1[DES_KEY_SIZE];
> + u8  key2[DES_KEY_SIZE];
> + u8  key3[DES_KEY_SIZE];
> +};
> +
> +static const u8 zero_buff[] = {  0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
> + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
> + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
> + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0};
> +

This constant is used nowhere.

> +/* The function verifies that tdes keys are not weak.*/
> +static int cc_verify_3des_keys(const u8 *key, unsigned int keylen)
> +{
> + struct tdes_keys *tdes_key = (struct tdes_keys *)key;
> +
> + /* verify key1 != key2 and key3 != key2*/
> + if ((memcmp((u8 *)tdes_key->key1, (u8 *)tdes_key->key2,
> + sizeof(tdes_key->key1)) == 0) ||
> + (memcmp((u8 *)tdes_key->key3, (u8 *)tdes_key->key2,
> + sizeof(tdes_key->key3)) == 0)) {
> + return -ENOEXEC;
> + }
> +
> + return 0;
> +}

All driver testing 3des key also use des_ekey()

[...]
> +static void cc_cipher_complete(struct device *dev, void *cc_req, int err)
> +{
> + struct ablkcipher_request *areq = (struct ablkcipher_request *)cc_req;
> + struct scatterlist *dst = areq->dst;
> + struct scatterlist *src = areq->src;
> + struct blkcipher_req_ctx *req_ctx = ablkcipher_request_ctx(areq);
> + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
> + unsigned int ivsize = crypto_ablkcipher_ivsize(tfm);
> + struct ablkcipher_request *req = (struct ablkcipher_request *)areq;
> +
> + cc_unmap_blkcipher_request(dev, req_ctx, ivsize, src, dst);
> + kfree(req_ctx->iv);

kzfree for all stuff with IV/key

[...]
> +
> +#ifdef CRYPTO_TFM_REQ_HW_KEY
> +
> +static inline bool cc_is_hw_key(struct crypto_tfm *tfm)
> +{
> + return (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_HW_KEY);
> +}
> +
> +#else
> +
> +struct arm_hw_key_info {
> + int hw_key1;
> + int hw_key2;
> +};
> +
> +static inline bool cc_is_hw_key(struct crypto_tfm *tfm)
> +{
> + return false;
> +}
> +
> +#endif /* CRYPTO_TFM_REQ_HW_KEY */

I see nowhere any use/documentation of CRYPTO_TFM_REQ_HW_KEY, so a cleaning 
could be done

Regards

Re: [PATCH 1/6] Documentation: crypto: document crypto engine API

[Corentin Labbe]

On Wed, Jan 10, 2018 at 02:13:13PM +, Fabien DESSENNE wrote:
> Hi Corentin,
> 
> 
> Thank you for this new version which I have testes successfully with the 
> stm32 hash & cryp drivers.
> 
> As a general comment on this patchset, I would say that it does not 
> cover all async requests: typically I need (for the pending stm32 cryp 
> driver uprade) to use CryptoEngine to process AEAD requests which is not 
> covered here.
> 
> Could you please consider adding the 'transfer' and 'finalize' EXPORTed 
> functions for aead requests? (the implementation is quite trivial)
> 
> Have also a look at struct acomp_req (acompress.h) and struct 
> kpp_request (kpp.h) which also use "struct crypto_async_request base"
> 
> 
> BR
> 
> Fabien
> 

Hello

Thanks for your review and test (could I add your tested-by ?).
I didn't add aead (and kpp/acompress), since I do not have any way to test it.
Since you have a way to test aead, I will add it to the next release.

Regards

> 
> On 03/01/18 21:11, Corentin Labbe wrote:
> > Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
> > ---
> >   Documentation/crypto/crypto_engine.rst | 46 
> > ++
> >   1 file changed, 46 insertions(+)
> >   create mode 100644 Documentation/crypto/crypto_engine.rst
> >
> > diff --git a/Documentation/crypto/crypto_engine.rst 
> > b/Documentation/crypto/crypto_engine.rst
> > new file mode 100644
> > index ..b0ed37f9fb0c
> > --- /dev/null
> > +++ b/Documentation/crypto/crypto_engine.rst
> > @@ -0,0 +1,46 @@
> > +=
> > +CRYPTO ENGINE
> > +=
> > +
> > +Overview
> > +
> > +The crypto engine API (CE), is a crypto queue manager.
> > +
> > +Requirement
> > +---
> > +You have to put at start of your tfm_ctx the struct crypto_engine_reqctx
> > +struct your_tfm_ctx {
> > +struct crypto_engine_reqctx enginectx;
> > +...
> > +};
> > +Why: Since CE manage only crypto_async_request, it cannot know the 
> > underlying
> > +request_type and so have access only on the TFM.
> > +So using container_of for accessing __ctx is impossible.
> > +Furthermore, the crypto engine cannot know the "struct your_tfm_ctx",
> > +so it must assume that crypto_engine_reqctx is at start of it.
> > +
> > +Order of operations
> > +---
> > +You have to obtain a struct crypto_engine via crypto_engine_alloc_init().
> > +And start it via crypto_engine_start().
> > +
> > +Before transferring any request, you have to fill the enginectx.
> > +- prepare_request: (taking a function pointer) If you need to do some 
> > processing before doing the request
> > +- unprepare_request: (taking a function pointer) Undoing what's done in 
> > prepare_request
> > +- do_one_request: (taking a function pointer) Do encryption for current 
> > request
> > +
> > +Note: that those three functions get the crypto_async_request associated 
> > with the received request.
> > +So your need to get the original request via container_of(areq, struct 
> > yourrequesttype_request, base);
> > +
> > +When your driver receive a crypto_request, you have to transfer it to
> > +the cryptoengine via one of:
> > +- crypto_transfer_cipher_request_to_engine()
> > +- crypto_transfer_skcipher_request_to_engine()
> > +- crypto_transfer_akcipher_request_to_engine()
> > +- crypto_transfer_hash_request_to_engine()
> > +
> > +At the end of the request process, a call to one of the following function 
> > is needed:
> > +- crypto_finalize_cipher_request
> > +- crypto_finalize_skcipher_request
> > +- crypto_finalize_akcipher_request
> > +- crypto_finalize_hash_request

[PATCH 1/6] Documentation: crypto: document crypto engine API

[Corentin Labbe]

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 Documentation/crypto/crypto_engine.rst | 46 ++
 1 file changed, 46 insertions(+)
 create mode 100644 Documentation/crypto/crypto_engine.rst

diff --git a/Documentation/crypto/crypto_engine.rst 
b/Documentation/crypto/crypto_engine.rst
new file mode 100644
index ..b0ed37f9fb0c
--- /dev/null
+++ b/Documentation/crypto/crypto_engine.rst
@@ -0,0 +1,46 @@
+=
+CRYPTO ENGINE
+=
+
+Overview
+
+The crypto engine API (CE), is a crypto queue manager.
+
+Requirement
+---
+You have to put at start of your tfm_ctx the struct crypto_engine_reqctx
+struct your_tfm_ctx {
+struct crypto_engine_reqctx enginectx;
+...
+};
+Why: Since CE manage only crypto_async_request, it cannot know the underlying
+request_type and so have access only on the TFM.
+So using container_of for accessing __ctx is impossible.
+Furthermore, the crypto engine cannot know the "struct your_tfm_ctx",
+so it must assume that crypto_engine_reqctx is at start of it.
+
+Order of operations
+---
+You have to obtain a struct crypto_engine via crypto_engine_alloc_init().
+And start it via crypto_engine_start().
+
+Before transferring any request, you have to fill the enginectx.
+- prepare_request: (taking a function pointer) If you need to do some 
processing before doing the request
+- unprepare_request: (taking a function pointer) Undoing what's done in 
prepare_request
+- do_one_request: (taking a function pointer) Do encryption for current request
+
+Note: that those three functions get the crypto_async_request associated with 
the received request.
+So your need to get the original request via container_of(areq, struct 
yourrequesttype_request, base);
+
+When your driver receive a crypto_request, you have to transfer it to
+the cryptoengine via one of:
+- crypto_transfer_cipher_request_to_engine()
+- crypto_transfer_skcipher_request_to_engine()
+- crypto_transfer_akcipher_request_to_engine()
+- crypto_transfer_hash_request_to_engine()
+
+At the end of the request process, a call to one of the following function is 
needed:
+- crypto_finalize_cipher_request
+- crypto_finalize_skcipher_request
+- crypto_finalize_akcipher_request
+- crypto_finalize_hash_request
-- 
2.13.6

[PATCH 0/6] crypto: engine - Permit to enqueue all async requests

[Corentin Labbe]

Hello

The current crypto_engine support only ahash and ablkcipher request.
My first patch which try to add skcipher was Nacked, it will add too many 
functions
and adding other algs(aead, asymetric_key) will make the situation worst.

This patchset remove all algs specific stuff and now only process generic 
crypto_async_request.

The requests handler function pointer are now moved out of struct engine and
are now stored directly in a crypto_engine_reqctx.

The original proposal of Herbert [1] cannot be done completly since the 
crypto_engine
could only dequeue crypto_async_request and it is impossible to access any 
request_ctx
without knowing the underlying request type.

So I do something near that was requested: adding crypto_engine_reqctx in TFM 
context.
Note that the current implementation expect that crypto_engine_reqctx
is the first member of the context.

The first patch is a try to document the crypto engine API.
The second patch convert the crypto engine with the new way,
while the following patchs convert the 4 existing users of crypto_engine.
Note that this split break bisection, so probably the final commit will be all 
merged.

Appart from virtio, all 4 latest patch were compile tested only.
But the crypto engine is tested with my new sun8i-ce driver.

Regards

[1] https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1474434.html

Changes since RFC:
- Added a documentation patch
- Added patch for stm32-cryp
- Changed parameter of all crypto_engine_op functions from
  crypto_async_request to void*
- Reintroduced crypto_transfer_xxx_request_to_engine functions

Corentin Labbe (6):
  Documentation: crypto: document crypto engine API
  crypto: engine - Permit to enqueue all async requests
  crypto: omap: convert to new crypto engine API
  crypto: virtio: convert to new crypto engine API
  crypto: stm32-hash: convert to the new crypto engine API
  crypto: stm32-cryp: convert to the new crypto engine API

 Documentation/crypto/crypto_engine.rst   |  46 ++
 crypto/crypto_engine.c   | 230 +--
 drivers/crypto/omap-aes.c|  17 +-
 drivers/crypto/omap-aes.h|   3 +
 drivers/crypto/omap-des.c|  20 ++-
 drivers/crypto/stm32/stm32-cryp.c|  21 ++-
 drivers/crypto/stm32/stm32-hash.c|  18 ++-
 drivers/crypto/virtio/virtio_crypto_algs.c   |  10 +-
 drivers/crypto/virtio/virtio_crypto_common.h |   3 +-
 drivers/crypto/virtio/virtio_crypto_core.c   |   3 -
 include/crypto/engine.h  |  59 ---
 11 files changed, 263 insertions(+), 167 deletions(-)
 create mode 100644 Documentation/crypto/crypto_engine.rst

-- 
2.13.6

[PATCH 2/6] crypto: engine - Permit to enqueue all async requests

[Corentin Labbe]

The crypto engine could actually only enqueue hash and ablkcipher request.
This patch permit it to enqueue any type of crypto_async_request.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 crypto/crypto_engine.c  | 230 
 include/crypto/engine.h |  59 +++--
 2 files changed, 148 insertions(+), 141 deletions(-)

diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index 61e7c4e02fd2..036270b61648 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -15,7 +15,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include "internal.h"
 
@@ -34,11 +33,10 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
 bool in_kthread)
 {
struct crypto_async_request *async_req, *backlog;
-   struct ahash_request *hreq;
-   struct ablkcipher_request *breq;
unsigned long flags;
bool was_busy = false;
-   int ret, rtype;
+   int ret;
+   struct crypto_engine_reqctx *enginectx;
 
spin_lock_irqsave(>queue_lock, flags);
 
@@ -94,7 +92,6 @@ static void crypto_pump_requests(struct crypto_engine *engine,
 
spin_unlock_irqrestore(>queue_lock, flags);
 
-   rtype = crypto_tfm_alg_type(engine->cur_req->tfm);
/* Until here we get the request need to be encrypted successfully */
if (!was_busy && engine->prepare_crypt_hardware) {
ret = engine->prepare_crypt_hardware(engine);
@@ -104,57 +101,31 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
}
}
 
-   switch (rtype) {
-   case CRYPTO_ALG_TYPE_AHASH:
-   hreq = ahash_request_cast(engine->cur_req);
-   if (engine->prepare_hash_request) {
-   ret = engine->prepare_hash_request(engine, hreq);
-   if (ret) {
-   dev_err(engine->dev, "failed to prepare 
request: %d\n",
-   ret);
-   goto req_err;
-   }
-   engine->cur_req_prepared = true;
-   }
-   ret = engine->hash_one_request(engine, hreq);
-   if (ret) {
-   dev_err(engine->dev, "failed to hash one request from 
queue\n");
-   goto req_err;
-   }
-   return;
-   case CRYPTO_ALG_TYPE_ABLKCIPHER:
-   breq = ablkcipher_request_cast(engine->cur_req);
-   if (engine->prepare_cipher_request) {
-   ret = engine->prepare_cipher_request(engine, breq);
-   if (ret) {
-   dev_err(engine->dev, "failed to prepare 
request: %d\n",
-   ret);
-   goto req_err;
-   }
-   engine->cur_req_prepared = true;
-   }
-   ret = engine->cipher_one_request(engine, breq);
+   enginectx = crypto_tfm_ctx(async_req->tfm);
+
+   if (enginectx->op.prepare_request) {
+   ret = enginectx->op.prepare_request(engine, async_req);
if (ret) {
-   dev_err(engine->dev, "failed to cipher one request from 
queue\n");
+   dev_err(engine->dev, "failed to prepare request: %d\n",
+   ret);
goto req_err;
}
-   return;
-   default:
-   dev_err(engine->dev, "failed to prepare request of unknown 
type\n");
-   return;
+   engine->cur_req_prepared = true;
+   }
+   if (!enginectx->op.do_one_request) {
+   dev_err(engine->dev, "failed to do request\n");
+   ret = -EINVAL;
+   goto req_err;
+   }
+   ret = enginectx->op.do_one_request(engine, async_req);
+   if (ret) {
+   dev_err(engine->dev, "Failed to do one request from queue: 
%d\n", ret);
+   goto req_err;
}
+   return;
 
 req_err:
-   switch (rtype) {
-   case CRYPTO_ALG_TYPE_AHASH:
-   hreq = ahash_request_cast(engine->cur_req);
-   crypto_finalize_hash_request(engine, hreq, ret);
-   break;
-   case CRYPTO_ALG_TYPE_ABLKCIPHER:
-   breq = ablkcipher_request_cast(engine->cur_req);
-   crypto_finalize_cipher_request(engine, breq, ret);
-   break;
-   }
+   crypto_finalize_request(engine, async_req, ret);
return;
 
 out:
@@ -170,13 +141,12 @@ static void crypto_pump_work(struct kthread_work *work)
 }
 
 /**
- * crypto_transfer_cipher_request - transfer the ne

[PATCH 4/6] crypto: virtio: convert to new crypto engine API

[Corentin Labbe]

This patch convert the driver to the new crypto engine API.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/virtio/virtio_crypto_algs.c   | 10 +++---
 drivers/crypto/virtio/virtio_crypto_common.h |  3 +--
 drivers/crypto/virtio/virtio_crypto_core.c   |  3 ---
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/drivers/crypto/virtio/virtio_crypto_algs.c 
b/drivers/crypto/virtio/virtio_crypto_algs.c
index abe8c15450df..060824a8ab0a 100644
--- a/drivers/crypto/virtio/virtio_crypto_algs.c
+++ b/drivers/crypto/virtio/virtio_crypto_algs.c
@@ -29,6 +29,7 @@
 
 
 struct virtio_crypto_ablkcipher_ctx {
+   struct crypto_engine_reqctx enginectx;
struct virtio_crypto *vcrypto;
struct crypto_tfm *tfm;
 
@@ -521,6 +522,9 @@ static int virtio_crypto_ablkcipher_init(struct crypto_tfm 
*tfm)
tfm->crt_ablkcipher.reqsize = sizeof(struct virtio_crypto_sym_request);
ctx->tfm = tfm;
 
+   ctx->enginectx.op.do_one_request = virtio_crypto_ablkcipher_crypt_req;
+   ctx->enginectx.op.prepare_request = NULL;
+   ctx->enginectx.op.unprepare_request = NULL;
return 0;
 }
 
@@ -538,9 +542,9 @@ static void virtio_crypto_ablkcipher_exit(struct crypto_tfm 
*tfm)
 }
 
 int virtio_crypto_ablkcipher_crypt_req(
-   struct crypto_engine *engine,
-   struct ablkcipher_request *req)
+   struct crypto_engine *engine, void *vreq)
 {
+   struct ablkcipher_request *req = container_of(vreq, struct 
ablkcipher_request, base);
struct virtio_crypto_sym_request *vc_sym_req =
ablkcipher_request_ctx(req);
struct virtio_crypto_request *vc_req = _sym_req->base;
@@ -562,7 +566,7 @@ static void virtio_crypto_ablkcipher_finalize_req(
int err)
 {
crypto_finalize_cipher_request(vc_sym_req->base.dataq->engine,
-   req, err);
+  req, err);
kzfree(vc_sym_req->iv);
virtcrypto_clear_request(_sym_req->base);
 }
diff --git a/drivers/crypto/virtio/virtio_crypto_common.h 
b/drivers/crypto/virtio/virtio_crypto_common.h
index e976539a05d9..72621bd67211 100644
--- a/drivers/crypto/virtio/virtio_crypto_common.h
+++ b/drivers/crypto/virtio/virtio_crypto_common.h
@@ -107,8 +107,7 @@ struct virtio_crypto *virtcrypto_get_dev_node(int node);
 int virtcrypto_dev_start(struct virtio_crypto *vcrypto);
 void virtcrypto_dev_stop(struct virtio_crypto *vcrypto);
 int virtio_crypto_ablkcipher_crypt_req(
-   struct crypto_engine *engine,
-   struct ablkcipher_request *req);
+   struct crypto_engine *engine, void *vreq);
 
 void
 virtcrypto_clear_request(struct virtio_crypto_request *vc_req);
diff --git a/drivers/crypto/virtio/virtio_crypto_core.c 
b/drivers/crypto/virtio/virtio_crypto_core.c
index ff1410a32c2b..83326986c113 100644
--- a/drivers/crypto/virtio/virtio_crypto_core.c
+++ b/drivers/crypto/virtio/virtio_crypto_core.c
@@ -111,9 +111,6 @@ static int virtcrypto_find_vqs(struct virtio_crypto *vi)
ret = -ENOMEM;
goto err_engine;
}
-
-   vi->data_vq[i].engine->cipher_one_request =
-   virtio_crypto_ablkcipher_crypt_req;
}
 
kfree(names);
-- 
2.13.6

[PATCH 3/6] crypto: omap: convert to new crypto engine API

[Corentin Labbe]

This patch convert the driver to the new crypto engine API.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/omap-aes.c | 17 +
 drivers/crypto/omap-aes.h |  3 +++
 drivers/crypto/omap-des.c | 20 
 3 files changed, 32 insertions(+), 8 deletions(-)

diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-aes.c
index fbec0a2e76dd..518b94628166 100644
--- a/drivers/crypto/omap-aes.c
+++ b/drivers/crypto/omap-aes.c
@@ -414,8 +414,9 @@ static int omap_aes_handle_queue(struct omap_aes_dev *dd,
 }
 
 static int omap_aes_prepare_req(struct crypto_engine *engine,
-   struct ablkcipher_request *req)
+   void *areq)
 {
+   struct ablkcipher_request *req = container_of(areq, struct 
ablkcipher_request, base);
struct omap_aes_ctx *ctx = crypto_ablkcipher_ctx(
crypto_ablkcipher_reqtfm(req));
struct omap_aes_reqctx *rctx = ablkcipher_request_ctx(req);
@@ -468,8 +469,9 @@ static int omap_aes_prepare_req(struct crypto_engine 
*engine,
 }
 
 static int omap_aes_crypt_req(struct crypto_engine *engine,
- struct ablkcipher_request *req)
+ void *areq)
 {
+   struct ablkcipher_request *req = container_of(areq, struct 
ablkcipher_request, base);
struct omap_aes_reqctx *rctx = ablkcipher_request_ctx(req);
struct omap_aes_dev *dd = rctx->dd;
 
@@ -601,6 +603,11 @@ static int omap_aes_ctr_decrypt(struct ablkcipher_request 
*req)
return omap_aes_crypt(req, FLAGS_CTR);
 }
 
+static int omap_aes_prepare_req(struct crypto_engine *engine,
+   void *req);
+static int omap_aes_crypt_req(struct crypto_engine *engine,
+ void *req);
+
 static int omap_aes_cra_init(struct crypto_tfm *tfm)
 {
const char *name = crypto_tfm_alg_name(tfm);
@@ -616,6 +623,10 @@ static int omap_aes_cra_init(struct crypto_tfm *tfm)
 
tfm->crt_ablkcipher.reqsize = sizeof(struct omap_aes_reqctx);
 
+   ctx->enginectx.op.prepare_request = omap_aes_prepare_req;
+   ctx->enginectx.op.unprepare_request = NULL;
+   ctx->enginectx.op.do_one_request = omap_aes_crypt_req;
+
return 0;
 }
 
@@ -1119,8 +1130,6 @@ static int omap_aes_probe(struct platform_device *pdev)
goto err_engine;
}
 
-   dd->engine->prepare_cipher_request = omap_aes_prepare_req;
-   dd->engine->cipher_one_request = omap_aes_crypt_req;
err = crypto_engine_start(dd->engine);
if (err)
goto err_engine;
diff --git a/drivers/crypto/omap-aes.h b/drivers/crypto/omap-aes.h
index 8906342e2b9a..f6ce94907ade 100644
--- a/drivers/crypto/omap-aes.h
+++ b/drivers/crypto/omap-aes.h
@@ -13,6 +13,8 @@
 #ifndef __OMAP_AES_H__
 #define __OMAP_AES_H__
 
+#include 
+
 #define DST_MAXBURST   4
 #define DMA_MIN(DST_MAXBURST * sizeof(u32))
 
@@ -95,6 +97,7 @@ struct omap_aes_gcm_result {
 };
 
 struct omap_aes_ctx {
+   struct crypto_engine_reqctx enginectx;
int keylen;
u32 key[AES_KEYSIZE_256 / sizeof(u32)];
u8  nonce[4];
diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c
index ebc5c0f11f03..c6a3b0490616 100644
--- a/drivers/crypto/omap-des.c
+++ b/drivers/crypto/omap-des.c
@@ -86,6 +86,7 @@
 #define FLAGS_OUT_DATA_ST_SHIFT10
 
 struct omap_des_ctx {
+   struct crypto_engine_reqctx enginectx;
struct omap_des_dev *dd;
 
int keylen;
@@ -526,8 +527,9 @@ static int omap_des_handle_queue(struct omap_des_dev *dd,
 }
 
 static int omap_des_prepare_req(struct crypto_engine *engine,
-   struct ablkcipher_request *req)
+   void *areq)
 {
+   struct ablkcipher_request *req = container_of(areq, struct 
ablkcipher_request, base);
struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(
crypto_ablkcipher_reqtfm(req));
struct omap_des_dev *dd = omap_des_find_dev(ctx);
@@ -582,8 +584,9 @@ static int omap_des_prepare_req(struct crypto_engine 
*engine,
 }
 
 static int omap_des_crypt_req(struct crypto_engine *engine,
- struct ablkcipher_request *req)
+ void *areq)
 {
+   struct ablkcipher_request *req = container_of(areq, struct 
ablkcipher_request, base);
struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(
crypto_ablkcipher_reqtfm(req));
struct omap_des_dev *dd = omap_des_find_dev(ctx);
@@ -695,12 +698,23 @@ static int omap_des_cbc_decrypt(struct ablkcipher_request 
*req)
return omap_des_crypt(req, FLAGS_CBC);
 }
 
+static int omap_des_prepare_req(struct crypto_engine *engine,
+   void *areq);
+static int omap_des_cr

[PATCH 5/6] crypto: stm32-hash: convert to the new crypto engine API

[Corentin Labbe]

This patch convert the stm32-hash driver to the new crypto engine API.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/stm32/stm32-hash.c | 18 +-
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/stm32/stm32-hash.c 
b/drivers/crypto/stm32/stm32-hash.c
index 4ca4a264a833..9790c2c936c7 100644
--- a/drivers/crypto/stm32/stm32-hash.c
+++ b/drivers/crypto/stm32/stm32-hash.c
@@ -122,6 +122,7 @@ enum stm32_hash_data_format {
 #define HASH_DMA_THRESHOLD 50
 
 struct stm32_hash_ctx {
+   struct crypto_engine_reqctx enginectx;
struct stm32_hash_dev   *hdev;
unsigned long   flags;
 
@@ -828,6 +829,11 @@ static int stm32_hash_hw_init(struct stm32_hash_dev *hdev,
return 0;
 }
 
+static int stm32_hash_one_request(struct crypto_engine *engine,
+ void *areq);
+static int stm32_hash_prepare_req(struct crypto_engine *engine,
+ void *areq);
+
 static int stm32_hash_handle_queue(struct stm32_hash_dev *hdev,
   struct ahash_request *req)
 {
@@ -835,8 +841,9 @@ static int stm32_hash_handle_queue(struct stm32_hash_dev 
*hdev,
 }
 
 static int stm32_hash_prepare_req(struct crypto_engine *engine,
- struct ahash_request *req)
+ void *areq)
 {
+   struct ahash_request *req = container_of(areq, struct ahash_request, 
base);
struct stm32_hash_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
struct stm32_hash_dev *hdev = stm32_hash_find_dev(ctx);
struct stm32_hash_request_ctx *rctx;
@@ -855,8 +862,9 @@ static int stm32_hash_prepare_req(struct crypto_engine 
*engine,
 }
 
 static int stm32_hash_one_request(struct crypto_engine *engine,
- struct ahash_request *req)
+ void *areq)
 {
+   struct ahash_request *req = container_of(areq, struct ahash_request, 
base);
struct stm32_hash_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
struct stm32_hash_dev *hdev = stm32_hash_find_dev(ctx);
struct stm32_hash_request_ctx *rctx;
@@ -1033,6 +1041,9 @@ static int stm32_hash_cra_init_algs(struct crypto_tfm 
*tfm,
if (algs_hmac_name)
ctx->flags |= HASH_FLAGS_HMAC;
 
+   ctx->enginectx.op.do_one_request = stm32_hash_one_request;
+   ctx->enginectx.op.prepare_request = stm32_hash_prepare_req;
+   ctx->enginectx.op.unprepare_request = NULL;
return 0;
 }
 
@@ -1493,9 +1504,6 @@ static int stm32_hash_probe(struct platform_device *pdev)
goto err_engine;
}
 
-   hdev->engine->prepare_hash_request = stm32_hash_prepare_req;
-   hdev->engine->hash_one_request = stm32_hash_one_request;
-
ret = crypto_engine_start(hdev->engine);
if (ret)
goto err_engine_start;
-- 
2.13.6

[PATCH 6/6] crypto: stm32-cryp: convert to the new crypto engine API

[Corentin Labbe]

This patch convert the stm32-cryp driver to the new crypto engine API.
Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/stm32/stm32-cryp.c | 21 -
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/stm32/stm32-cryp.c 
b/drivers/crypto/stm32/stm32-cryp.c
index cf1dddbeaa2c..99e0473ef247 100644
--- a/drivers/crypto/stm32/stm32-cryp.c
+++ b/drivers/crypto/stm32/stm32-cryp.c
@@ -91,6 +91,7 @@
 #define _walked_out (cryp->out_walk.offset - cryp->out_sg->offset)
 
 struct stm32_cryp_ctx {
+   struct crypto_engine_reqctx enginectx;
struct stm32_cryp   *cryp;
int keylen;
u32 key[AES_KEYSIZE_256 / sizeof(u32)];
@@ -494,10 +495,20 @@ static int stm32_cryp_cpu_start(struct stm32_cryp *cryp)
return 0;
 }
 
+static int stm32_cryp_cipher_one_req(struct crypto_engine *engine,
+void *areq);
+static int stm32_cryp_prepare_cipher_req(struct crypto_engine *engine,
+void *areq);
+
 static int stm32_cryp_cra_init(struct crypto_tfm *tfm)
 {
+   struct stm32_cryp_ctx *ctx = crypto_tfm_ctx(tfm);
+
tfm->crt_ablkcipher.reqsize = sizeof(struct stm32_cryp_reqctx);
 
+   ctx->enginectx.op.do_one_request = stm32_cryp_cipher_one_req;
+   ctx->enginectx.op.prepare_request = stm32_cryp_prepare_cipher_req;
+   ctx->enginectx.op.unprepare_request = NULL;
return 0;
 }
 
@@ -695,14 +706,17 @@ static int stm32_cryp_prepare_req(struct crypto_engine 
*engine,
 }
 
 static int stm32_cryp_prepare_cipher_req(struct crypto_engine *engine,
-struct ablkcipher_request *req)
+void *areq)
 {
+   struct ablkcipher_request *req = container_of(areq, struct 
ablkcipher_request, base);
+
return stm32_cryp_prepare_req(engine, req);
 }
 
 static int stm32_cryp_cipher_one_req(struct crypto_engine *engine,
-struct ablkcipher_request *req)
+void *areq)
 {
+   struct ablkcipher_request *req = container_of(areq, struct 
ablkcipher_request, base);
struct stm32_cryp_ctx *ctx = crypto_ablkcipher_ctx(
crypto_ablkcipher_reqtfm(req));
struct stm32_cryp *cryp = ctx->cryp;
@@ -1104,9 +1118,6 @@ static int stm32_cryp_probe(struct platform_device *pdev)
goto err_engine1;
}
 
-   cryp->engine->prepare_cipher_request = stm32_cryp_prepare_cipher_req;
-   cryp->engine->cipher_one_request = stm32_cryp_cipher_one_req;
-
ret = crypto_engine_start(cryp->engine);
if (ret) {
dev_err(dev, "Could not start crypto engine\n");
-- 
2.13.6

Re: [PATCH RFC 1/4] crypto: engine - Permit to enqueue all async requests

[Corentin Labbe]

On Fri, Dec 22, 2017 at 08:06:03PM +1100, Herbert Xu wrote:
> On Fri, Dec 22, 2017 at 09:41:48AM +0100, Corentin Labbe wrote:
> >
> > It's you that was suggesting using crypto_async_request:
> > https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1474434.html
> > "The only wart with this scheme is that the drivers end up seeing
> > struct crypto_async_request and will need to convert that to the
> > respective request types but I couldn't really find a better way."
> > 
> > So I wait for any suggestion.
> 
> The core engine code obviously will use the base type but it should
> not be exposed to the driver authors.  IOW all exposed API should
> take the final types such as aead_request before casting it.
> 

For driver->engine 
calls(crypto_finalize_request/crypto_transfer_request_to_engine) it's easy.

But I do not see how to do it for crypto_engine_op appart re-introducing the 
big if/then/else that
you didnt want.
Or do you agree to set the request parameter for 
crypto_engine_op(prepare_request/unprepare_request/do_one_request) to void * ?

Regards

Re: [PATCH RFC 1/4] crypto: engine - Permit to enqueue all async requests

[Corentin Labbe]

On Fri, Dec 22, 2017 at 05:57:24PM +1100, Herbert Xu wrote:
> On Wed, Nov 29, 2017 at 09:41:18AM +0100, Corentin Labbe wrote:
> > The crypto engine could actually only enqueue hash and ablkcipher request.
> > This patch permit it to enqueue any type of crypto_async_request.
> > 
> > Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
> 
> This is going the wrong way.  We do not want to expose any of the
> base types such as crypto_alg, crypto_async_request to end-users
> and that includes drivers.  Only core API code should touch these
> base types.
> 

Hello

It's you that was suggesting using crypto_async_request:
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1474434.html
"The only wart with this scheme is that the drivers end up seeing
struct crypto_async_request and will need to convert that to the
respective request types but I couldn't really find a better way."

So I wait for any suggestion.

Regards
Corentin Labbe

[PATCH RFC 2/3] crypto: Implement a generic crypto statistics

[Corentin Labbe]

This patch implement a generic way to get statistics about all crypto
usages.

Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
 crypto/Kconfig |  11 +++
 crypto/ahash.c |  18 +
 crypto/algapi.c| 186 +
 crypto/rng.c   |   3 +
 include/crypto/acompress.h |  10 +++
 include/crypto/akcipher.h  |  12 +++
 include/crypto/kpp.h   |   9 +++
 include/crypto/rng.h   |   5 ++
 include/crypto/skcipher.h  |   8 ++
 include/linux/crypto.h |  22 ++
 10 files changed, 284 insertions(+)

diff --git a/crypto/Kconfig b/crypto/Kconfig
index d6e9b60fc063..69f1822a026b 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -1781,6 +1781,17 @@ config CRYPTO_USER_API_AEAD
  This option enables the user-spaces interface for AEAD
  cipher algorithms.
 
+config CRYPTO_STATS
+   bool "Crypto usage statistics for User-space"
+   help
+ This option enables the gathering of crypto stats.
+ This will collect:
+ - encrypt/decrypt size and numbers of symmeric operations
+ - compress/decompress size and numbers of compress operations
+ - size and numbers of hash operations
+ - encrypt/decrypt/sign/verify numbers for asymmetric operations
+ - generate/seed numbers for rng operations
+
 config CRYPTO_HASH_INFO
bool
 
diff --git a/crypto/ahash.c b/crypto/ahash.c
index 3a35d67de7d9..93b56892f1b8 100644
--- a/crypto/ahash.c
+++ b/crypto/ahash.c
@@ -356,18 +356,36 @@ static int crypto_ahash_op(struct ahash_request *req,
 
 int crypto_ahash_final(struct ahash_request *req)
 {
+#ifdef CONFIG_CRYPTO_STATS
+   struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
+
+   tfm->base.__crt_alg->enc_cnt++;
+   tfm->base.__crt_alg->enc_tlen += req->nbytes;
+#endif
return crypto_ahash_op(req, crypto_ahash_reqtfm(req)->final);
 }
 EXPORT_SYMBOL_GPL(crypto_ahash_final);
 
 int crypto_ahash_finup(struct ahash_request *req)
 {
+#ifdef CONFIG_CRYPTO_STATS
+   struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
+
+   tfm->base.__crt_alg->enc_cnt++;
+   tfm->base.__crt_alg->enc_tlen += req->nbytes;
+#endif
return crypto_ahash_op(req, crypto_ahash_reqtfm(req)->finup);
 }
 EXPORT_SYMBOL_GPL(crypto_ahash_finup);
 
 int crypto_ahash_digest(struct ahash_request *req)
 {
+#ifdef CONFIG_CRYPTO_STATS
+   struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
+
+   tfm->base.__crt_alg->enc_cnt++;
+   tfm->base.__crt_alg->enc_tlen += req->nbytes;
+#endif
return crypto_ahash_op(req, crypto_ahash_reqtfm(req)->digest);
 }
 EXPORT_SYMBOL_GPL(crypto_ahash_digest);
diff --git a/crypto/algapi.c b/crypto/algapi.c
index b8f6122f37e9..4fca4576af78 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -20,11 +20,158 @@
 #include 
 #include 
 #include 
+#include 
 
 #include "internal.h"
 
 static LIST_HEAD(crypto_template_list);
 
+#ifdef CONFIG_CRYPTO_STATS
+static struct kobject *crypto_root_kobj;
+
+static struct kobj_type dynamic_kobj_ktype = {
+   .sysfs_ops  = _sysfs_ops,
+};
+
+static ssize_t fcrypto_priority(struct kobject *kobj,
+   struct kobj_attribute *attr, char *buf)
+{
+   struct crypto_alg *alg;
+
+   alg = container_of(kobj, struct crypto_alg, cra_stat_obj);
+   return snprintf(buf, 9, "%d\n", alg->cra_priority);
+}
+
+static ssize_t fcrypto_stat_enc_cnt(struct kobject *kobj,
+   struct kobj_attribute *attr, char *buf)
+{
+   struct crypto_alg *alg;
+
+   alg = container_of(kobj, struct crypto_alg, cra_stat_obj);
+   return snprintf(buf, 9, "%lu\n", alg->enc_cnt);
+}
+
+static ssize_t fcrypto_stat_enc_tlen(struct kobject *kobj,
+struct kobj_attribute *attr, char *buf)
+{
+   struct crypto_alg *alg;
+
+   alg = container_of(kobj, struct crypto_alg, cra_stat_obj);
+   return snprintf(buf, 9, "%lu\n", alg->enc_tlen);
+}
+
+static ssize_t fcrypto_stat_dec_cnt(struct kobject *kobj,
+   struct kobj_attribute *attr, char *buf)
+{
+   struct crypto_alg *alg;
+
+   alg = container_of(kobj, struct crypto_alg, cra_stat_obj);
+   return snprintf(buf, 9, "%lu\n", alg->dec_cnt);
+}
+
+static ssize_t fcrypto_stat_dec_tlen(struct kobject *kobj,
+struct kobj_attribute *attr, char *buf)
+{
+   struct crypto_alg *alg;
+
+   alg = container_of(kobj, struct crypto_alg, cra_stat_obj);
+   return snprintf(buf, 9, "%lu\n", alg->dec_tlen);
+}
+
+static ssize_t fcrypto_stat_verify_cnt(struct kobject *kobj,
+  struct kobj_attribute *attr, char *buf)
+{
+   struct crypto_alg *alg;
+
+   alg = container_of(kobj, struct cryp

[PATCH RFC 1/3] crypto: Prevent to register duplicate cra_driver_name

[Corentin Labbe]

Each crypto algorithm "cra_name" can have multiple implementation called
"cra_driver_name".
If two different implementation have the same cra_driver_name, nothing
can easily differentiate them.
Furthermore the mechanism for getting a crypto algorithm with its
implementation name (crypto_alg_match() in crypto/crypto_user.c) will
get only the first one found.

So this patch prevent the registration of two implementation with the
same cra_driver_name.

Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
 crypto/algapi.c | 5 +
 1 file changed, 5 insertions(+)

diff --git a/crypto/algapi.c b/crypto/algapi.c
index 60d7366ed343..b8f6122f37e9 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -208,6 +208,11 @@ static struct crypto_larval *__crypto_register_alg(struct 
crypto_alg *alg)
goto err;
continue;
}
+   if (!strcmp(q->cra_driver_name, alg->cra_driver_name)) {
+   pr_err("Cannot register since cra_driver_name %s is 
already used\n",
+  alg->cra_driver_name);
+   goto err;
+   }
 
if (!strcmp(q->cra_driver_name, alg->cra_name) ||
!strcmp(q->cra_name, alg->cra_driver_name))
-- 
2.13.6

[PATCH RFC 3/3] crypto: tools: Add cryptostat userspace

[Corentin Labbe]

Add an example tool for getting easily crypto statistics.

Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
 tools/crypto/cryptostat | 40 
 1 file changed, 40 insertions(+)
 create mode 100755 tools/crypto/cryptostat

diff --git a/tools/crypto/cryptostat b/tools/crypto/cryptostat
new file mode 100755
index ..314e108eb608
--- /dev/null
+++ b/tools/crypto/cryptostat
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+for dn in `ls /sys/kernel/crypto/`
+do
+   dnpath=/sys/kernel/crypto/$dn/
+   algtype=$(cat $dnpath/algtype)
+   algname=$(cat $dnpath/algname)
+   echo "$dn ($algtype) $algname"
+   case $algtype in
+   hash)
+   echo -e "\tHash: $(cat $dnpath/enc_cnt)\tbytes $(cat $dnpath/enc_tlen)"
+   ;;
+   cipher)
+   echo -e "\tEncrypt: $(cat $dnpath/enc_cnt)\tbytes $(cat 
$dnpath/enc_tlen)"
+   echo -e "\tDecrypt: $(cat $dnpath/dec_cnt)\tbytes $(cat 
$dnpath/dec_tlen)"
+   ;;
+   compress)
+   echo -e "\tCompress: $(cat $dnpath/enc_cnt)\tbytes $(cat 
$dnpath/enc_tlen)"
+   echo -e "\tDecompress: $(cat $dnpath/dec_cnt)\tbytes $(cat 
$dnpath/dec_tlen)"
+   ;;
+   asymetric)
+   echo -e "\tEncrypt: $(cat $dnpath/enc_cnt)\tbytes $(cat 
$dnpath/enc_tlen)"
+   echo -e "\tDecrypt: $(cat $dnpath/dec_cnt)\tbytes $(cat 
$dnpath/dec_tlen)"
+   echo -e "\tVerify: $(cat $dnpath/verify_cnt)"
+   echo -e "\tSign: $(cat $dnpath/sign_cnt)"
+   ;;
+   rng)
+   echo -e "\tGenerate: $(cat $dnpath/enc_cnt)\tbytes $(cat 
$dnpath/enc_tlen)"
+   echo -e "\tSeed: $(cat $dnpath/dec_cnt)"
+   ;;
+   kpp)
+   echo -e "\tSet_secret: $(cat $dnpath/dec_cnt)"
+   echo -e "\tGenerate_public_key: $(cat $dnpath/enc_cnt)"
+   echo -e "\tCompute_shared_secret: $(cat $dnpath/verify_cnt)"
+   ;;
+   *)
+   echo -e "\t$(cat $dnpath/enc_cnt)\tbytes $(cat $dnpath/enc_tlen)"
+   ;;
+   esac
+done
-- 
2.13.6

[PATCH RFC 0/3] crypto: Implement a generic crypto statistics

[Corentin Labbe]

metric) rsa
Encrypt: 7  bytes 0
Decrypt: 6  bytes 0
Verify: 2
Sign: 0
sha1-asm (hash) sha1
Hash: 24bytes 4864
sha1-generic (hash) sha1
Hash: 24bytes 4864
sha1-neon (hash) sha1
Hash: 24bytes 4864
sha224-asm (hash) sha224
Hash: 20bytes 4528
sha224-generic (hash) sha224
Hash: 20bytes 4528
sha224-neon (hash) sha224
Hash: 20bytes 4528
sha256-asm (hash) sha256
Hash: 20bytes 4528
sha256-generic (hash) sha256
Hash: 20bytes 4528
sha256-neon (hash) sha256
Hash: 20bytes 4528
sha384-generic (hash) sha384
Hash: 24bytes 5036
sha512-generic (hash) sha512
Hash: 24bytes 5036
zlib-deflate-scomp (compress) zlib-deflate
Compress: 2 bytes 261
Decompress: 4   bytes 345

Note that this patch could be a starting base for a /proc/crypto replacement.

Please let me know your opinions about it

Regards

Corentin Labbe (3):
  crypto: Prevent to register duplicate cra_driver_name
  crypto: Implement a generic crypto statistics
  crypto: tools: Add cryptostat userspace

 crypto/Kconfig |  11 +++
 crypto/ahash.c |  18 +
 crypto/algapi.c| 191 +
 crypto/rng.c   |   3 +
 include/crypto/acompress.h |  10 +++
 include/crypto/akcipher.h  |  12 +++
 include/crypto/kpp.h   |   9 +++
 include/crypto/rng.h   |   5 ++
 include/crypto/skcipher.h  |   8 ++
 include/linux/crypto.h |  22 ++
 tools/crypto/cryptostat|  40 ++
 11 files changed, 329 insertions(+)
 create mode 100755 tools/crypto/cryptostat

-- 
2.13.6

[PATCH] crypto: stm32 - Use standard CONFIG name

[Corentin Labbe]

All hardware crypto devices have their CONFIG names using the following
convention:
CRYPTO_DEV_name_algo

This patch apply this conventions on STM32 CONFIG names.

Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
 drivers/crypto/stm32/Kconfig  | 6 +++---
 drivers/crypto/stm32/Makefile | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/drivers/crypto/stm32/Kconfig b/drivers/crypto/stm32/Kconfig
index 61ef00b6bf45..63aa78c0b12b 100644
--- a/drivers/crypto/stm32/Kconfig
+++ b/drivers/crypto/stm32/Kconfig
@@ -1,4 +1,4 @@
-config CRC_DEV_STM32
+config CRYPTO_DEV_STM32_CRC
tristate "Support for STM32 crc accelerators"
depends on ARCH_STM32
select CRYPTO_HASH
@@ -6,7 +6,7 @@ config CRC_DEV_STM32
   This enables support for the CRC32 hw accelerator which can be found
  on STMicroelectronics STM32 SOC.
 
-config HASH_DEV_STM32
+config CRYPTO_DEV_STM32_HASH
tristate "Support for STM32 hash accelerators"
depends on ARCH_STM32
depends on HAS_DMA
@@ -19,7 +19,7 @@ config HASH_DEV_STM32
   This enables support for the HASH hw accelerator which can be found
  on STMicroelectronics STM32 SOC.
 
-config CRYP_DEV_STM32
+config CRYPTO_DEV_STM32_CRYP
tristate "Support for STM32 cryp accelerators"
depends on ARCH_STM32
select CRYPTO_HASH
diff --git a/drivers/crypto/stm32/Makefile b/drivers/crypto/stm32/Makefile
index 2c19fc155bfd..53d1bb94b221 100644
--- a/drivers/crypto/stm32/Makefile
+++ b/drivers/crypto/stm32/Makefile
@@ -1,3 +1,3 @@
-obj-$(CONFIG_CRC_DEV_STM32) += stm32_crc32.o
-obj-$(CONFIG_HASH_DEV_STM32) += stm32-hash.o
-obj-$(CONFIG_CRYP_DEV_STM32) += stm32-cryp.o
+obj-$(CONFIG_CRYPTO_DEV_STM32_CRC) += stm32_crc32.o
+obj-$(CONFIG_CRYPTO_DEV_STM32_HASH) += stm32-hash.o
+obj-$(CONFIG_CRYPTO_DEV_STM32_CRYP) += stm32-cryp.o
-- 
2.13.6

[PATCH] staging: ccree: fix __dump_byte_array() declaration mismatch

[Corentin Labbe]

This patch corrects the type of the size argument in __dump_byte_array()
from unsigned long to size_t as done only in drivers/staging/ccree/ssi_driver.c

This fix also a build error:
drivers/staging/ccree/ssi_driver.c:82:6: error: conflicting types for 
'__dump_byte_array'

Fixes: 3f268f5d6669 ("staging: ccree: turn compile time debug log to params")
Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
 drivers/staging/ccree/ssi_driver.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/staging/ccree/ssi_driver.h 
b/drivers/staging/ccree/ssi_driver.h
index 5a56f7a76b71..0f57c9a8b8a6 100644
--- a/drivers/staging/ccree/ssi_driver.h
+++ b/drivers/staging/ccree/ssi_driver.h
@@ -174,8 +174,7 @@ static inline struct device *drvdata_to_dev(struct 
cc_drvdata *drvdata)
return >plat_dev->dev;
 }
 
-void __dump_byte_array(const char *name, const u8 *the_array,
-  unsigned long size);
+void __dump_byte_array(const char *name, const u8 *buf, size_t size);
 static inline void dump_byte_array(const char *name, const u8 *the_array,
   unsigned long size)
 {
-- 
2.13.6

[PATCH 2/2] crypto: seqiv - Remove unused alg/spawn variable

[Corentin Labbe]

This patch remove two unused variable and some dead "code" using it.

Fixes: 92932d03c2b3 ("crypto: seqiv - Remove AEAD compatibility code")

Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
 crypto/seqiv.c | 5 -
 1 file changed, 5 deletions(-)

diff --git a/crypto/seqiv.c b/crypto/seqiv.c
index 570b7d1aa0ca..39dbf2f7e5f5 100644
--- a/crypto/seqiv.c
+++ b/crypto/seqiv.c
@@ -144,8 +144,6 @@ static int seqiv_aead_decrypt(struct aead_request *req)
 static int seqiv_aead_create(struct crypto_template *tmpl, struct rtattr **tb)
 {
struct aead_instance *inst;
-   struct crypto_aead_spawn *spawn;
-   struct aead_alg *alg;
int err;
 
inst = aead_geniv_alloc(tmpl, tb, 0, 0);
@@ -153,9 +151,6 @@ static int seqiv_aead_create(struct crypto_template *tmpl, 
struct rtattr **tb)
if (IS_ERR(inst))
return PTR_ERR(inst);
 
-   spawn = aead_instance_ctx(inst);
-   alg = crypto_spawn_aead_alg(spawn);
-
err = -EINVAL;
if (inst->alg.ivsize != sizeof(u64))
goto free_inst;
-- 
2.13.6

[PATCH 1/2] crypto: echainiv - Remove unused alg/spawn variable

[Corentin Labbe]

This patch remove two unused variable and some dead "code" using it.

Fixes: 66008d4230f6 ("crypto: echainiv - Remove AEAD compatibility code")
Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
 crypto/echainiv.c | 5 -
 1 file changed, 5 deletions(-)

diff --git a/crypto/echainiv.c b/crypto/echainiv.c
index e3d889b122e0..45819e6015bf 100644
--- a/crypto/echainiv.c
+++ b/crypto/echainiv.c
@@ -118,8 +118,6 @@ static int echainiv_aead_create(struct crypto_template 
*tmpl,
struct rtattr **tb)
 {
struct aead_instance *inst;
-   struct crypto_aead_spawn *spawn;
-   struct aead_alg *alg;
int err;
 
inst = aead_geniv_alloc(tmpl, tb, 0, 0);
@@ -127,9 +125,6 @@ static int echainiv_aead_create(struct crypto_template 
*tmpl,
if (IS_ERR(inst))
return PTR_ERR(inst);
 
-   spawn = aead_instance_ctx(inst);
-   alg = crypto_spawn_aead_alg(spawn);
-
err = -EINVAL;
if (inst->alg.ivsize & (sizeof(u64) - 1) || !inst->alg.ivsize)
goto free_inst;
-- 
2.13.6

Re: [PATCH] crypto: artpec6: set correct iv size for gcm(aes)

[Corentin Labbe]

On Tue, Dec 12, 2017 at 12:20:20PM +0100, Lars Persson wrote:
> The IV size should not include the 32 bit counter. Because we had the
> IV size set as 16 the transform only worked when the IV input was zero
> padded.
> 
> Fixes: a21eb94fc4d3 ("crypto: axis - add ARTPEC-6/7 crypto accelerator 
> driver")
> Signed-off-by: Lars Persson 
> ---
>  drivers/crypto/axis/artpec6_crypto.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/crypto/axis/artpec6_crypto.c 
> b/drivers/crypto/axis/artpec6_crypto.c
> index 456278440863..4de1996120e7 100644
> --- a/drivers/crypto/axis/artpec6_crypto.c
> +++ b/drivers/crypto/axis/artpec6_crypto.c
> @@ -1934,7 +1934,7 @@ static int artpec6_crypto_prepare_aead(struct 
> aead_request *areq)
>  
>   memcpy(req_ctx->hw_ctx.J0, areq->iv, crypto_aead_ivsize(cipher));
>   // The HW omits the initial increment of the counter field.
> - crypto_inc(req_ctx->hw_ctx.J0+12, 4);
> + memcpy(req_ctx->hw_ctx.J0+12, "\x00\x00\x00\x01", 4);
>  
>   ret = artpec6_crypto_setup_out_descr(common, _ctx->hw_ctx,
>   sizeof(struct artpec6_crypto_aead_hw_ctx), false, false);
> @@ -2956,7 +2956,7 @@ static struct aead_alg aead_algos[] = {
>   .setkey = artpec6_crypto_aead_set_key,
>   .encrypt = artpec6_crypto_aead_encrypt,
>   .decrypt = artpec6_crypto_aead_decrypt,
> - .ivsize = AES_BLOCK_SIZE,
> + .ivsize = 12,

GCM_AES_IV_SIZE ?

Regards

Re: [PATCH RFC 0/4] crypto: engine - Permit to enqueue all async requests

[Corentin Labbe]

On Wed, Dec 06, 2017 at 10:59:47AM +, Fabien DESSENNE wrote:
> Hi Corentin,
> 
> 
> I am fine with this proposal: it is generic enough and I have been able 
> to test and run the crypto engine with aead_request without changing any 
> single line of code.
> 
> This is what I need to be able to send the AEAD extension of the 
> stm32-cryp driver (successfully tested with your engine upgrade proposal).
> 
> 
> I have also tested the stm32-hash patch.
> 
> Note that stm32-cryp (new driver applied by Herbert recently 
> [https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git/commit/?id=9e054ec21ef8344345b28603fb272fe999f735db])
>  
> would also need to be converted to the new crypto engine API : this is a 
> trivial patch.

Yes, patch for converting it is already done.

> 
> Thank you for your proposal, I hope that this proposal is fine for 
> Herbert too.
> 

Thanks for your test, I hope other maintainer will test it also.

Regards
Corentin Labbe

Re: [PATCH RFC 1/4] crypto: engine - Permit to enqueue all async requests

[Corentin Labbe]

On Wed, Dec 06, 2017 at 11:02:23AM +, Fabien DESSENNE wrote:
> 
> 
> On 29/11/17 09:41, Corentin Labbe wrote:
> > The crypto engine could actually only enqueue hash and ablkcipher request.
> > This patch permit it to enqueue any type of crypto_async_request.
> >
> > Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
> > ---
> >   crypto/crypto_engine.c  | 188 
> > +++-
> >   include/crypto/engine.h |  46 +---
> >   2 files changed, 60 insertions(+), 174 deletions(-)
> >
> > diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
> > index 61e7c4e02fd2..f7c4c4c1f41b 100644
> > --- a/crypto/crypto_engine.c
> > +++ b/crypto/crypto_engine.c
> > @@ -34,11 +34,10 @@ static void crypto_pump_requests(struct crypto_engine 
> > *engine,
> >  bool in_kthread)
> >   {
> > struct crypto_async_request *async_req, *backlog;
> > -   struct ahash_request *hreq;
> > -   struct ablkcipher_request *breq;
> > unsigned long flags;
> > bool was_busy = false;
> > -   int ret, rtype;
> > +   int ret;
> > +   struct crypto_engine_reqctx *enginectx;
> >   
> > spin_lock_irqsave(>queue_lock, flags);
> >   
> > @@ -94,7 +93,6 @@ static void crypto_pump_requests(struct crypto_engine 
> > *engine,
> >   
> > spin_unlock_irqrestore(>queue_lock, flags);
> >   
> > -   rtype = crypto_tfm_alg_type(engine->cur_req->tfm);
> > /* Until here we get the request need to be encrypted successfully */
> > if (!was_busy && engine->prepare_crypt_hardware) {
> > ret = engine->prepare_crypt_hardware(engine);
> > @@ -104,57 +102,31 @@ static void crypto_pump_requests(struct crypto_engine 
> > *engine,
> > }
> > }
> >   
> > -   switch (rtype) {
> > -   case CRYPTO_ALG_TYPE_AHASH:
> > -   hreq = ahash_request_cast(engine->cur_req);
> > -   if (engine->prepare_hash_request) {
> > -   ret = engine->prepare_hash_request(engine, hreq);
> > -   if (ret) {
> > -   dev_err(engine->dev, "failed to prepare 
> > request: %d\n",
> > -   ret);
> > -   goto req_err;
> > -   }
> > -   engine->cur_req_prepared = true;
> > -   }
> > -   ret = engine->hash_one_request(engine, hreq);
> > -   if (ret) {
> > -   dev_err(engine->dev, "failed to hash one request from 
> > queue\n");
> > -   goto req_err;
> > -   }
> > -   return;
> > -   case CRYPTO_ALG_TYPE_ABLKCIPHER:
> > -   breq = ablkcipher_request_cast(engine->cur_req);
> > -   if (engine->prepare_cipher_request) {
> > -   ret = engine->prepare_cipher_request(engine, breq);
> > -   if (ret) {
> > -   dev_err(engine->dev, "failed to prepare 
> > request: %d\n",
> > -   ret);
> > -   goto req_err;
> > -   }
> > -   engine->cur_req_prepared = true;
> > -   }
> > -   ret = engine->cipher_one_request(engine, breq);
> > +   enginectx = crypto_tfm_ctx(async_req->tfm);
> > +
> > +   if (enginectx->op.prepare_request) {
> > +   ret = enginectx->op.prepare_request(engine, async_req);
> > if (ret) {
> > -   dev_err(engine->dev, "failed to cipher one request from 
> > queue\n");
> > +   dev_err(engine->dev, "failed to prepare request: %d\n",
> > +   ret);
> > goto req_err;
> > }
> > -   return;
> > -   default:
> > -   dev_err(engine->dev, "failed to prepare request of unknown 
> > type\n");
> > -   return;
> > +   engine->cur_req_prepared = true;
> > +   }
> > +   if (!enginectx->op.do_one_request) {
> > +   dev_err(engine->dev, "failed to do request\n");
> > +   ret = -EINVAL;
> > +   goto req_err;
> > +   }
> > +   ret = enginectx->op.do_one_request(engine, async_req);
> > +   if (ret) {
> > +   dev_err(engine->dev, "fail

[PATCH] crypto: stm32: fix module device table name

[Corentin Labbe]

This patch fix the following build failure:
  CC [M]  drivers/crypto/stm32/stm32-cryp.o
In file included from drivers/crypto/stm32/stm32-cryp.c:11:0:
drivers/crypto/stm32/stm32-cryp.c:1049:25: error: 'sti_dt_ids' undeclared here 
(not in a function)
 MODULE_DEVICE_TABLE(of, sti_dt_ids);

Let's replace sti_dt_ids with stm32_dt_ids which is just declared
before.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/stm32/stm32-cryp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/stm32/stm32-cryp.c 
b/drivers/crypto/stm32/stm32-cryp.c
index 098fad266c41..1807789b23f5 100644
--- a/drivers/crypto/stm32/stm32-cryp.c
+++ b/drivers/crypto/stm32/stm32-cryp.c
@@ -1046,7 +1046,7 @@ static const struct of_device_id stm32_dt_ids[] = {
{ .compatible = "st,stm32f756-cryp", },
{},
 };
-MODULE_DEVICE_TABLE(of, sti_dt_ids);
+MODULE_DEVICE_TABLE(of, stm32_dt_ids);
 
 static int stm32_cryp_probe(struct platform_device *pdev)
 {
-- 
2.13.6

[PATCH RFC 1/4] crypto: engine - Permit to enqueue all async requests

[Corentin Labbe]

The crypto engine could actually only enqueue hash and ablkcipher request.
This patch permit it to enqueue any type of crypto_async_request.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 crypto/crypto_engine.c  | 188 +++-
 include/crypto/engine.h |  46 +---
 2 files changed, 60 insertions(+), 174 deletions(-)

diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index 61e7c4e02fd2..f7c4c4c1f41b 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -34,11 +34,10 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
 bool in_kthread)
 {
struct crypto_async_request *async_req, *backlog;
-   struct ahash_request *hreq;
-   struct ablkcipher_request *breq;
unsigned long flags;
bool was_busy = false;
-   int ret, rtype;
+   int ret;
+   struct crypto_engine_reqctx *enginectx;
 
spin_lock_irqsave(>queue_lock, flags);
 
@@ -94,7 +93,6 @@ static void crypto_pump_requests(struct crypto_engine *engine,
 
spin_unlock_irqrestore(>queue_lock, flags);
 
-   rtype = crypto_tfm_alg_type(engine->cur_req->tfm);
/* Until here we get the request need to be encrypted successfully */
if (!was_busy && engine->prepare_crypt_hardware) {
ret = engine->prepare_crypt_hardware(engine);
@@ -104,57 +102,31 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
}
}
 
-   switch (rtype) {
-   case CRYPTO_ALG_TYPE_AHASH:
-   hreq = ahash_request_cast(engine->cur_req);
-   if (engine->prepare_hash_request) {
-   ret = engine->prepare_hash_request(engine, hreq);
-   if (ret) {
-   dev_err(engine->dev, "failed to prepare 
request: %d\n",
-   ret);
-   goto req_err;
-   }
-   engine->cur_req_prepared = true;
-   }
-   ret = engine->hash_one_request(engine, hreq);
-   if (ret) {
-   dev_err(engine->dev, "failed to hash one request from 
queue\n");
-   goto req_err;
-   }
-   return;
-   case CRYPTO_ALG_TYPE_ABLKCIPHER:
-   breq = ablkcipher_request_cast(engine->cur_req);
-   if (engine->prepare_cipher_request) {
-   ret = engine->prepare_cipher_request(engine, breq);
-   if (ret) {
-   dev_err(engine->dev, "failed to prepare 
request: %d\n",
-   ret);
-   goto req_err;
-   }
-   engine->cur_req_prepared = true;
-   }
-   ret = engine->cipher_one_request(engine, breq);
+   enginectx = crypto_tfm_ctx(async_req->tfm);
+
+   if (enginectx->op.prepare_request) {
+   ret = enginectx->op.prepare_request(engine, async_req);
if (ret) {
-   dev_err(engine->dev, "failed to cipher one request from 
queue\n");
+   dev_err(engine->dev, "failed to prepare request: %d\n",
+   ret);
goto req_err;
}
-   return;
-   default:
-   dev_err(engine->dev, "failed to prepare request of unknown 
type\n");
-   return;
+   engine->cur_req_prepared = true;
+   }
+   if (!enginectx->op.do_one_request) {
+   dev_err(engine->dev, "failed to do request\n");
+   ret = -EINVAL;
+   goto req_err;
+   }
+   ret = enginectx->op.do_one_request(engine, async_req);
+   if (ret) {
+   dev_err(engine->dev, "failed to hash one request from queue\n");
+   goto req_err;
}
+   return;
 
 req_err:
-   switch (rtype) {
-   case CRYPTO_ALG_TYPE_AHASH:
-   hreq = ahash_request_cast(engine->cur_req);
-   crypto_finalize_hash_request(engine, hreq, ret);
-   break;
-   case CRYPTO_ALG_TYPE_ABLKCIPHER:
-   breq = ablkcipher_request_cast(engine->cur_req);
-   crypto_finalize_cipher_request(engine, breq, ret);
-   break;
-   }
+   crypto_finalize_request(engine, async_req, ret);
return;
 
 out:
@@ -170,59 +142,16 @@ static void crypto_pump_work(struct kthread_work *work)
 }
 
 /**
- * crypto_transfer_cipher_request - transfer the new request into the
- * enginequeue
+ * crypto_transfer_request - transfer the new requ

[PATCH RFC 2/4] crypto: omap: convert to new crypto engine API

[Corentin Labbe]

This patch convert the driver to the new crypto engine API.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/omap-aes.c | 21 +++--
 drivers/crypto/omap-aes.h |  3 +++
 drivers/crypto/omap-des.c | 24 ++--
 3 files changed, 36 insertions(+), 12 deletions(-)

diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-aes.c
index fbec0a2e76dd..4a31bbfca9a4 100644
--- a/drivers/crypto/omap-aes.c
+++ b/drivers/crypto/omap-aes.c
@@ -388,7 +388,7 @@ static void omap_aes_finish_req(struct omap_aes_dev *dd, 
int err)
 
pr_debug("err: %d\n", err);
 
-   crypto_finalize_cipher_request(dd->engine, req, err);
+   crypto_finalize_request(dd->engine, >base, err);
 
pm_runtime_mark_last_busy(dd->dev);
pm_runtime_put_autosuspend(dd->dev);
@@ -408,14 +408,15 @@ static int omap_aes_handle_queue(struct omap_aes_dev *dd,
 struct ablkcipher_request *req)
 {
if (req)
-   return crypto_transfer_cipher_request_to_engine(dd->engine, 
req);
+   return crypto_transfer_request_to_engine(dd->engine, 
>base);
 
return 0;
 }
 
 static int omap_aes_prepare_req(struct crypto_engine *engine,
-   struct ablkcipher_request *req)
+   struct crypto_async_request *areq)
 {
+   struct ablkcipher_request *req = ablkcipher_request_cast(areq);
struct omap_aes_ctx *ctx = crypto_ablkcipher_ctx(
crypto_ablkcipher_reqtfm(req));
struct omap_aes_reqctx *rctx = ablkcipher_request_ctx(req);
@@ -468,8 +469,9 @@ static int omap_aes_prepare_req(struct crypto_engine 
*engine,
 }
 
 static int omap_aes_crypt_req(struct crypto_engine *engine,
- struct ablkcipher_request *req)
+ struct crypto_async_request *areq)
 {
+   struct ablkcipher_request *req = ablkcipher_request_cast(areq);
struct omap_aes_reqctx *rctx = ablkcipher_request_ctx(req);
struct omap_aes_dev *dd = rctx->dd;
 
@@ -601,6 +603,11 @@ static int omap_aes_ctr_decrypt(struct ablkcipher_request 
*req)
return omap_aes_crypt(req, FLAGS_CTR);
 }
 
+static int omap_aes_prepare_req(struct crypto_engine *engine,
+   struct crypto_async_request *req);
+static int omap_aes_crypt_req(struct crypto_engine *engine,
+ struct crypto_async_request *req);
+
 static int omap_aes_cra_init(struct crypto_tfm *tfm)
 {
const char *name = crypto_tfm_alg_name(tfm);
@@ -616,6 +623,10 @@ static int omap_aes_cra_init(struct crypto_tfm *tfm)
 
tfm->crt_ablkcipher.reqsize = sizeof(struct omap_aes_reqctx);
 
+   ctx->enginectx.op.prepare_request = omap_aes_prepare_req;
+   ctx->enginectx.op.unprepare_request = NULL;
+   ctx->enginectx.op.do_one_request = omap_aes_crypt_req;
+
return 0;
 }
 
@@ -1119,8 +1130,6 @@ static int omap_aes_probe(struct platform_device *pdev)
goto err_engine;
}
 
-   dd->engine->prepare_cipher_request = omap_aes_prepare_req;
-   dd->engine->cipher_one_request = omap_aes_crypt_req;
err = crypto_engine_start(dd->engine);
if (err)
goto err_engine;
diff --git a/drivers/crypto/omap-aes.h b/drivers/crypto/omap-aes.h
index 8906342e2b9a..f6ce94907ade 100644
--- a/drivers/crypto/omap-aes.h
+++ b/drivers/crypto/omap-aes.h
@@ -13,6 +13,8 @@
 #ifndef __OMAP_AES_H__
 #define __OMAP_AES_H__
 
+#include 
+
 #define DST_MAXBURST   4
 #define DMA_MIN(DST_MAXBURST * sizeof(u32))
 
@@ -95,6 +97,7 @@ struct omap_aes_gcm_result {
 };
 
 struct omap_aes_ctx {
+   struct crypto_engine_reqctx enginectx;
int keylen;
u32 key[AES_KEYSIZE_256 / sizeof(u32)];
u8  nonce[4];
diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c
index ebc5c0f11f03..94212248159e 100644
--- a/drivers/crypto/omap-des.c
+++ b/drivers/crypto/omap-des.c
@@ -86,6 +86,7 @@
 #define FLAGS_OUT_DATA_ST_SHIFT10
 
 struct omap_des_ctx {
+   struct crypto_engine_reqctx enginectx;
struct omap_des_dev *dd;
 
int keylen;
@@ -498,7 +499,7 @@ static void omap_des_finish_req(struct omap_des_dev *dd, 
int err)
 
pr_debug("err: %d\n", err);
 
-   crypto_finalize_cipher_request(dd->engine, req, err);
+   crypto_finalize_request(dd->engine, >base, err);
 
pm_runtime_mark_last_busy(dd->dev);
pm_runtime_put_autosuspend(dd->dev);
@@ -520,14 +521,15 @@ static int omap_des_handle_queue(struct omap_des_dev *dd,
 struct ablkcipher_request *req)
 {
if (req)
-   return crypto_transfer_cipher_request_to_engine(dd->engine, 
req);
+   

[PATCH RFC 3/4] crypto: virtio: convert to new crypto engine API

[Corentin Labbe]

This patch convert the driver to the new crypto engine API.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/virtio/virtio_crypto_algs.c   | 15 ++-
 drivers/crypto/virtio/virtio_crypto_common.h |  2 +-
 drivers/crypto/virtio/virtio_crypto_core.c   |  3 ---
 3 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/drivers/crypto/virtio/virtio_crypto_algs.c 
b/drivers/crypto/virtio/virtio_crypto_algs.c
index abe8c15450df..a2ac7a08247f 100644
--- a/drivers/crypto/virtio/virtio_crypto_algs.c
+++ b/drivers/crypto/virtio/virtio_crypto_algs.c
@@ -29,6 +29,7 @@
 
 
 struct virtio_crypto_ablkcipher_ctx {
+   struct crypto_engine_reqctx enginectx;
struct virtio_crypto *vcrypto;
struct crypto_tfm *tfm;
 
@@ -491,7 +492,7 @@ static int virtio_crypto_ablkcipher_encrypt(struct 
ablkcipher_request *req)
vc_sym_req->ablkcipher_req = req;
vc_sym_req->encrypt = true;
 
-   return crypto_transfer_cipher_request_to_engine(data_vq->engine, req);
+   return crypto_transfer_request_to_engine(data_vq->engine, >base);
 }
 
 static int virtio_crypto_ablkcipher_decrypt(struct ablkcipher_request *req)
@@ -511,7 +512,7 @@ static int virtio_crypto_ablkcipher_decrypt(struct 
ablkcipher_request *req)
vc_sym_req->ablkcipher_req = req;
vc_sym_req->encrypt = false;
 
-   return crypto_transfer_cipher_request_to_engine(data_vq->engine, req);
+   return crypto_transfer_request_to_engine(data_vq->engine, >base);
 }
 
 static int virtio_crypto_ablkcipher_init(struct crypto_tfm *tfm)
@@ -521,6 +522,9 @@ static int virtio_crypto_ablkcipher_init(struct crypto_tfm 
*tfm)
tfm->crt_ablkcipher.reqsize = sizeof(struct virtio_crypto_sym_request);
ctx->tfm = tfm;
 
+   ctx->enginectx.op.do_one_request = virtio_crypto_ablkcipher_crypt_req;
+   ctx->enginectx.op.prepare_request = NULL;
+   ctx->enginectx.op.unprepare_request = NULL;
return 0;
 }
 
@@ -539,8 +543,9 @@ static void virtio_crypto_ablkcipher_exit(struct crypto_tfm 
*tfm)
 
 int virtio_crypto_ablkcipher_crypt_req(
struct crypto_engine *engine,
-   struct ablkcipher_request *req)
+   struct crypto_async_request *areq)
 {
+   struct ablkcipher_request *req = ablkcipher_request_cast(areq);
struct virtio_crypto_sym_request *vc_sym_req =
ablkcipher_request_ctx(req);
struct virtio_crypto_request *vc_req = _sym_req->base;
@@ -561,8 +566,8 @@ static void virtio_crypto_ablkcipher_finalize_req(
struct ablkcipher_request *req,
int err)
 {
-   crypto_finalize_cipher_request(vc_sym_req->base.dataq->engine,
-   req, err);
+   crypto_finalize_request(vc_sym_req->base.dataq->engine,
+   >base, err);
kzfree(vc_sym_req->iv);
virtcrypto_clear_request(_sym_req->base);
 }
diff --git a/drivers/crypto/virtio/virtio_crypto_common.h 
b/drivers/crypto/virtio/virtio_crypto_common.h
index e976539a05d9..0d51f6ce226d 100644
--- a/drivers/crypto/virtio/virtio_crypto_common.h
+++ b/drivers/crypto/virtio/virtio_crypto_common.h
@@ -108,7 +108,7 @@ int virtcrypto_dev_start(struct virtio_crypto *vcrypto);
 void virtcrypto_dev_stop(struct virtio_crypto *vcrypto);
 int virtio_crypto_ablkcipher_crypt_req(
struct crypto_engine *engine,
-   struct ablkcipher_request *req);
+   struct crypto_async_request *req);
 
 void
 virtcrypto_clear_request(struct virtio_crypto_request *vc_req);
diff --git a/drivers/crypto/virtio/virtio_crypto_core.c 
b/drivers/crypto/virtio/virtio_crypto_core.c
index ff1410a32c2b..83326986c113 100644
--- a/drivers/crypto/virtio/virtio_crypto_core.c
+++ b/drivers/crypto/virtio/virtio_crypto_core.c
@@ -111,9 +111,6 @@ static int virtcrypto_find_vqs(struct virtio_crypto *vi)
ret = -ENOMEM;
goto err_engine;
}
-
-   vi->data_vq[i].engine->cipher_one_request =
-   virtio_crypto_ablkcipher_crypt_req;
}
 
kfree(names);
-- 
2.13.6

[PATCH RFC 4/4] crypto: stm32: convert to the new crypto engine API

[Corentin Labbe]

This patch convert the driver to the new crypto engine API.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/stm32/stm32-hash.c | 22 +++---
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/drivers/crypto/stm32/stm32-hash.c 
b/drivers/crypto/stm32/stm32-hash.c
index 4ca4a264a833..e3f9f7b04ce2 100644
--- a/drivers/crypto/stm32/stm32-hash.c
+++ b/drivers/crypto/stm32/stm32-hash.c
@@ -122,6 +122,7 @@ enum stm32_hash_data_format {
 #define HASH_DMA_THRESHOLD 50
 
 struct stm32_hash_ctx {
+   struct crypto_engine_reqctx enginectx;
struct stm32_hash_dev   *hdev;
unsigned long   flags;
 
@@ -811,7 +812,7 @@ static void stm32_hash_finish_req(struct ahash_request 
*req, int err)
rctx->flags |= HASH_FLAGS_ERRORS;
}
 
-   crypto_finalize_hash_request(hdev->engine, req, err);
+   crypto_finalize_request(hdev->engine, >base, err);
 }
 
 static int stm32_hash_hw_init(struct stm32_hash_dev *hdev,
@@ -828,15 +829,21 @@ static int stm32_hash_hw_init(struct stm32_hash_dev *hdev,
return 0;
 }
 
+static int stm32_hash_one_request(struct crypto_engine *engine,
+ struct crypto_async_request *areq);
+static int stm32_hash_prepare_req(struct crypto_engine *engine,
+ struct crypto_async_request *areq);
+
 static int stm32_hash_handle_queue(struct stm32_hash_dev *hdev,
   struct ahash_request *req)
 {
-   return crypto_transfer_hash_request_to_engine(hdev->engine, req);
+   return crypto_transfer_request_to_engine(hdev->engine, >base);
 }
 
 static int stm32_hash_prepare_req(struct crypto_engine *engine,
- struct ahash_request *req)
+ struct crypto_async_request *areq)
 {
+   struct ahash_request *req = ahash_request_cast(areq);
struct stm32_hash_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
struct stm32_hash_dev *hdev = stm32_hash_find_dev(ctx);
struct stm32_hash_request_ctx *rctx;
@@ -855,8 +862,9 @@ static int stm32_hash_prepare_req(struct crypto_engine 
*engine,
 }
 
 static int stm32_hash_one_request(struct crypto_engine *engine,
- struct ahash_request *req)
+ struct crypto_async_request *areq)
 {
+   struct ahash_request *req = ahash_request_cast(areq);
struct stm32_hash_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
struct stm32_hash_dev *hdev = stm32_hash_find_dev(ctx);
struct stm32_hash_request_ctx *rctx;
@@ -1033,6 +1041,9 @@ static int stm32_hash_cra_init_algs(struct crypto_tfm 
*tfm,
if (algs_hmac_name)
ctx->flags |= HASH_FLAGS_HMAC;
 
+   ctx->enginectx.op.do_one_request = stm32_hash_one_request;
+   ctx->enginectx.op.prepare_request = stm32_hash_prepare_req;
+   ctx->enginectx.op.unprepare_request = NULL;
return 0;
 }
 
@@ -1493,9 +1504,6 @@ static int stm32_hash_probe(struct platform_device *pdev)
goto err_engine;
}
 
-   hdev->engine->prepare_hash_request = stm32_hash_prepare_req;
-   hdev->engine->hash_one_request = stm32_hash_one_request;
-
ret = crypto_engine_start(hdev->engine);
if (ret)
goto err_engine_start;
-- 
2.13.6

[PATCH RFC 0/4] crypto: engine - Permit to enqueue all async requests

[Corentin Labbe]

Hello

The current crypto_engine support only ahash and ablkcipher.
My first patch which try to add skcipher was Nacked, it will add too many 
functions
and adding other algs(aead, asymetric_key) will make the situation worst.

This patchset remove all algs specific stuff and now only process generic 
crypto_async_request.

The requests handler function pointer are now moved out of struct engine and
are now stored directly in a crypto_engine_reqctx.

The original proposal of Herbert [1] cannot be done completly since the 
crypto_engine
could only dequeue crypto_async_request and it is impossible to access any 
request_ctx
without knowing the underlying request type.

So I do something near that was requested: adding crypto_engine_reqctx in TFM 
context.
Note that the current implementation expect that crypto_engine_reqctx
is the first member of the context.

The first patch convert the crypto engine with the new way,
while the following patchs convert the 3 existing users of crypto_engine.
Note that this split break bisection, so probably the final commit will be all 
merged.

The 3 latest patch were compile tested only, but the first is tested 
successfully
with my new sun8i-ce driver.

Regards

[1] https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1474434.html

Corentin Labbe (4):
  crypto: engine - Permit to enqueue all async requests
  crypto: omap: convert to new crypto engine API
  crypto: virtio: convert to new crypto engine API
  crypto: stm32: convert to the new crypto engine API

 crypto/crypto_engine.c   | 188 ++-
 drivers/crypto/omap-aes.c|  21 ++-
 drivers/crypto/omap-aes.h|   3 +
 drivers/crypto/omap-des.c|  24 +++-
 drivers/crypto/stm32/stm32-hash.c|  22 +++-
 drivers/crypto/virtio/virtio_crypto_algs.c   |  15 ++-
 drivers/crypto/virtio/virtio_crypto_common.h |   2 +-
 drivers/crypto/virtio/virtio_crypto_core.c   |   3 -
 include/crypto/engine.h  |  46 +++
 9 files changed, 122 insertions(+), 202 deletions(-)

-- 
2.13.6

[PATCH v2] ARM64: crypto: do not call crypto_unregister_skcipher twice on error

[Corentin Labbe]

When a cipher fails to register in aes_init(), the error path goes thought
aes_exit() then crypto_unregister_skciphers().
Since aes_exit calls also crypto_unregister_skcipher, this triggers a
refcount_t: underflow; use-after-free.

Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
Changes since v1:
- Instead of duplicate code from aes_exit() minus crypto_unregister_skciphers, 
simply use it and return after
as suggested by Ard Biesheuvel
 arch/arm64/crypto/aes-glue.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/arm64/crypto/aes-glue.c b/arch/arm64/crypto/aes-glue.c
index 998ba519a026..2fa850e86aa8 100644
--- a/arch/arm64/crypto/aes-glue.c
+++ b/arch/arm64/crypto/aes-glue.c
@@ -665,6 +665,7 @@ static int __init aes_init(void)
 
 unregister_simds:
aes_exit();
+   return err;
 unregister_ciphers:
crypto_unregister_skciphers(aes_algs, ARRAY_SIZE(aes_algs));
return err;
-- 
2.13.6

[PATCH] crypto: arm64/aes - do not call crypto_unregister_skcipher twice on error

[Corentin Labbe]

When a cipher fail to register in aes_init(), the error path go thought
aes_exit() then crypto_unregister_skciphers().
Since aes_exit calls also crypto_unregister_skcipher, this trigger a
refcount_t: underflow; use-after-free.

Signed-off-by: Corentin Labbe <cla...@baylibre.com>
---
 arch/arm64/crypto/aes-glue.c | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/arch/arm64/crypto/aes-glue.c b/arch/arm64/crypto/aes-glue.c
index 998ba519a026..9e42ec96243e 100644
--- a/arch/arm64/crypto/aes-glue.c
+++ b/arch/arm64/crypto/aes-glue.c
@@ -664,7 +664,10 @@ static int __init aes_init(void)
return 0;
 
 unregister_simds:
-   aes_exit();
+   for (i = 0; i < ARRAY_SIZE(aes_simd_algs); i++)
+   if (aes_simd_algs[i])
+   simd_skcipher_free(aes_simd_algs[i]);
+   crypto_unregister_shashes(mac_algs, ARRAY_SIZE(mac_algs));
 unregister_ciphers:
crypto_unregister_skciphers(aes_algs, ARRAY_SIZE(aes_algs));
return err;
-- 
2.13.6

Re: [PATCH v5 2/2] crypto: stm32 - Support for STM32 CRYP crypto module

[Corentin Labbe]

On Thu, Oct 19, 2017 at 05:10:30PM +0200, Fabien Dessenne wrote:
> This module registers block cipher algorithms that make use of the
> STMicroelectronics STM32 crypto "CRYP1" hardware.
> The following algorithms are supported:
> - aes: ecb, cbc, ctr
> - des: ecb, cbc
> - tdes: ecb, cbc
> 
> Signed-off-by: Fabien Dessenne 
> ---
>  drivers/crypto/stm32/Kconfig  |9 +
>  drivers/crypto/stm32/Makefile |3 +-
>  drivers/crypto/stm32/stm32-cryp.c | 1172 
> +
>  3 files changed, 1183 insertions(+), 1 deletion(-)
>  create mode 100644 drivers/crypto/stm32/stm32-cryp.c
> 
> diff --git a/drivers/crypto/stm32/Kconfig b/drivers/crypto/stm32/Kconfig
> +static void stm32_cryp_irq_write_block(struct stm32_cryp *cryp)
> +{
> + unsigned int i, j;
> + u32 *src;
> + u8 d8[4];
> +
> + src = sg_virt(cryp->in_sg) + _walked_in;
> +
> + for (i = 0; i < cryp->hw_blocksize / sizeof(u32); i++) {
> + if (likely(cryp->total_in >= sizeof(u32))) {
> + /* Write a full u32 */
> + stm32_cryp_write(cryp, CRYP_DIN, *src);

Hello

Try also to test your driver with userspace via AF_ALG (libkcapi is a good 
start).
It should probably crash here.
I have do the same on my first sunxi-ss driver and you should use kmap().

Regards

Re: [PATCH v4 2/2] crypto: stm32 - Support for STM32 CRYP crypto module

[Corentin Labbe]

On Thu, Oct 19, 2017 at 01:01:56PM +, Fabien DESSENNE wrote:
> Hi Corentin
> 
> 
> Thank you for your comments. I will fix according to them. See also me 
> answers/questions below
> 
> While we are at it, do you plan to deliver a new version of the 
> crypto_engine update? (I had to remove the AEAD part of this new driver 
> since it depends on that pending update)

No plan, I do not like the Herbert proposal, so it is a bit hard to progress on 
it.

> 
> BR
> 
> Fabien
> 
> 
> On 19/10/17 12:34, Corentin Labbe wrote:
> > Hello
> >
> > I have some minor comment below
> >
> > On Thu, Oct 19, 2017 at 11:03:59AM +0200, Fabien Dessenne wrote:
> >> This module registers block cipher algorithms that make use of the
> >> STMicroelectronics STM32 crypto "CRYP1" hardware.
> >> The following algorithms are supported:
> >> - aes: ecb, cbc, ctr
> >> - des: ecb, cbc
> >> - tdes: ecb, cbc
> >>
> >> Signed-off-by: Fabien Dessennie <fabien.desse...@st.com>
> >> ---
> >>   drivers/crypto/stm32/Kconfig  |9 +
> >>   drivers/crypto/stm32/Makefile |3 +-
> >>   drivers/crypto/stm32/stm32-cryp.c | 1188 
> >> +
> >>   3 files changed, 1199 insertions(+), 1 deletion(-)
> >>   create mode 100644 drivers/crypto/stm32/stm32-cryp.c
> >>
> >> diff --git a/drivers/crypto/stm32/Kconfig b/drivers/crypto/stm32/Kconfig
> >> index 602332e..61ef00b 100644
> >> --- a/drivers/crypto/stm32/Kconfig
> >> +++ b/drivers/crypto/stm32/Kconfig
> > [...]
> >> +/* Bit [0] encrypt / decrypt */
> >> +#define FLG_ENCRYPT BIT(0)
> >> +/* Bit [8..1] algo & operation mode */
> >> +#define FLG_AES BIT(1)
> >> +#define FLG_DES BIT(2)
> >> +#define FLG_TDESBIT(3)
> >> +#define FLG_ECB BIT(4)
> >> +#define FLG_CBC BIT(5)
> >> +#define FLG_CTR BIT(6)
> >> +/* Mode mask = bits [15..0] */
> >> +#define FLG_MODE_MASK   GENMASK(15, 0)
> >> +
> >> +/* Registers */
> >> +#define CRYP_CR 0x
> >> +#define CRYP_SR 0x0004
> >> +#define CRYP_DIN0x0008
> >> +#define CRYP_DOUT   0x000C
> >> +#define CRYP_DMACR  0x0010
> >> +#define CRYP_IMSCR  0x0014
> >> +#define CRYP_RISR   0x0018
> >> +#define CRYP_MISR   0x001C
> >> +#define CRYP_K0LR   0x0020
> >> +#define CRYP_K0RR   0x0024
> >> +#define CRYP_K1LR   0x0028
> >> +#define CRYP_K1RR   0x002C
> >> +#define CRYP_K2LR   0x0030
> >> +#define CRYP_K2RR   0x0034
> >> +#define CRYP_K3LR   0x0038
> >> +#define CRYP_K3RR   0x003C
> >> +#define CRYP_IV0LR  0x0040
> >> +#define CRYP_IV0RR  0x0044
> >> +#define CRYP_IV1LR  0x0048
> >> +#define CRYP_IV1RR  0x004C
> >> +
> >> +/* Registers values */
> >> +#define CR_DEC_NOT_ENC  0x0004
> >> +#define CR_TDES_ECB 0x
> >> +#define CR_TDES_CBC 0x0008
> >> +#define CR_DES_ECB  0x0010
> >> +#define CR_DES_CBC  0x0018
> >> +#define CR_AES_ECB  0x0020
> >> +#define CR_AES_CBC  0x0028
> >> +#define CR_AES_CTR  0x0030
> >> +#define CR_AES_KP   0x0038
> >> +#define CR_AES_UNKNOWN  0x
> >> +#define CR_ALGO_MASK0x00080038
> >> +#define CR_DATA32   0x
> >> +#define CR_DATA16   0x0040
> >> +#define CR_DATA80x0080
> >> +#define CR_DATA10x00C0
> >> +#define CR_KEY128   0x
> >> +#define CR_KEY192   0x0100
> >> +#define CR_KEY256   0x0200
> >> +#define CR_FFLUSH   0x4000
> >> +#define CR_CRYPEN   0x8000
> > Why not using BIT(x) ?
> 
> Some values are not only 1 bit (then we may use BIT and BITGEN but this 
> would be less readable), so I prefer to keep this values.
> 
> > Why not usin

Re: [PATCH v4 2/2] crypto: stm32 - Support for STM32 CRYP crypto module

[Corentin Labbe]

Hello

I have some minor comment below

On Thu, Oct 19, 2017 at 11:03:59AM +0200, Fabien Dessenne wrote:
> This module registers block cipher algorithms that make use of the
> STMicroelectronics STM32 crypto "CRYP1" hardware.
> The following algorithms are supported:
> - aes: ecb, cbc, ctr
> - des: ecb, cbc
> - tdes: ecb, cbc
> 
> Signed-off-by: Fabien Dessennie 
> ---
>  drivers/crypto/stm32/Kconfig  |9 +
>  drivers/crypto/stm32/Makefile |3 +-
>  drivers/crypto/stm32/stm32-cryp.c | 1188 
> +
>  3 files changed, 1199 insertions(+), 1 deletion(-)
>  create mode 100644 drivers/crypto/stm32/stm32-cryp.c
> 
> diff --git a/drivers/crypto/stm32/Kconfig b/drivers/crypto/stm32/Kconfig
> index 602332e..61ef00b 100644
> --- a/drivers/crypto/stm32/Kconfig
> +++ b/drivers/crypto/stm32/Kconfig
[...]
> +/* Bit [0] encrypt / decrypt */
> +#define FLG_ENCRYPT BIT(0)
> +/* Bit [8..1] algo & operation mode */
> +#define FLG_AES BIT(1)
> +#define FLG_DES BIT(2)
> +#define FLG_TDESBIT(3)
> +#define FLG_ECB BIT(4)
> +#define FLG_CBC BIT(5)
> +#define FLG_CTR BIT(6)
> +/* Mode mask = bits [15..0] */
> +#define FLG_MODE_MASK   GENMASK(15, 0)
> +
> +/* Registers */
> +#define CRYP_CR 0x
> +#define CRYP_SR 0x0004
> +#define CRYP_DIN0x0008
> +#define CRYP_DOUT   0x000C
> +#define CRYP_DMACR  0x0010
> +#define CRYP_IMSCR  0x0014
> +#define CRYP_RISR   0x0018
> +#define CRYP_MISR   0x001C
> +#define CRYP_K0LR   0x0020
> +#define CRYP_K0RR   0x0024
> +#define CRYP_K1LR   0x0028
> +#define CRYP_K1RR   0x002C
> +#define CRYP_K2LR   0x0030
> +#define CRYP_K2RR   0x0034
> +#define CRYP_K3LR   0x0038
> +#define CRYP_K3RR   0x003C
> +#define CRYP_IV0LR  0x0040
> +#define CRYP_IV0RR  0x0044
> +#define CRYP_IV1LR  0x0048
> +#define CRYP_IV1RR  0x004C
> +
> +/* Registers values */
> +#define CR_DEC_NOT_ENC  0x0004
> +#define CR_TDES_ECB 0x
> +#define CR_TDES_CBC 0x0008
> +#define CR_DES_ECB  0x0010
> +#define CR_DES_CBC  0x0018
> +#define CR_AES_ECB  0x0020
> +#define CR_AES_CBC  0x0028
> +#define CR_AES_CTR  0x0030
> +#define CR_AES_KP   0x0038
> +#define CR_AES_UNKNOWN  0x
> +#define CR_ALGO_MASK0x00080038
> +#define CR_DATA32   0x
> +#define CR_DATA16   0x0040
> +#define CR_DATA80x0080
> +#define CR_DATA10x00C0
> +#define CR_KEY128   0x
> +#define CR_KEY192   0x0100
> +#define CR_KEY256   0x0200
> +#define CR_FFLUSH   0x4000
> +#define CR_CRYPEN   0x8000

Why not using BIT(x) ?
Why not using also directly FLG_XX since CR_XX are arbitray values ? like using 
instead CR_AES_CBC = FLG_AES | FLG_CBC

[...]
> +static inline void stm32_cryp_wait_enable(struct stm32_cryp *cryp)
> +{
> + while (stm32_cryp_read(cryp, CRYP_CR) & CR_CRYPEN)
> + cpu_relax();
> +}

This function is not used, so you could remove it

> +
> +static inline void stm32_cryp_wait_busy(struct stm32_cryp *cryp)
> +{
> + while (stm32_cryp_read(cryp, CRYP_SR) & SR_BUSY)
> + cpu_relax();
> +}

No timeout ?


> +
> +static inline void stm32_cryp_wait_output(struct stm32_cryp *cryp)
> +{
> + while (!(stm32_cryp_read(cryp, CRYP_SR) & SR_OFNE))
> + cpu_relax();
> +}

This function is not used, so you could remove it

[...]
> +static int stm32_cryp_check_aligned(struct scatterlist *sg, size_t total,
> + size_t align)
> +{
> + int len = 0;
> +
> + if (!total)
> + return 0;
> +
> + if (!IS_ALIGNED(total, align))
> + return -EINVAL;
> +
> + while (sg) {
> + if (!IS_ALIGNED(sg->offset, sizeof(u32)))
> + return -1;

-1 is not a good return value, prefer any -E

> +
> + if (!IS_ALIGNED(sg->length, align))
> + return -1;
> +
> + len += sg->length;
> + sg = sg_next(sg);
> + }
> +
> + if (len != total)
> + return -1;
[...]
> +static int stm32_cryp_copy_sgs(struct stm32_cryp *cryp)
> +{
> + void *buf_in, *buf_out;
> + int pages, total_in, total_out;
> +
> + if (!stm32_cryp_check_io_aligned(cryp)) {
> + cryp->sgs_copied = 0;
> + return 0;
> + }
> +
> + total_in = 

[PATCH] block: cryptoloop - Fix build warning

[Corentin Labbe]

This patch fix the following build warning:
drivers/block/cryptoloop.c:46:8: warning: variable 'cipher' set but not used 
[-Wunused-but-set-variable]

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/block/cryptoloop.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/drivers/block/cryptoloop.c b/drivers/block/cryptoloop.c
index 74e03aa537ad..7033a4beda66 100644
--- a/drivers/block/cryptoloop.c
+++ b/drivers/block/cryptoloop.c
@@ -43,7 +43,6 @@ cryptoloop_init(struct loop_device *lo, const struct 
loop_info64 *info)
int cipher_len;
int mode_len;
char cms[LO_NAME_SIZE]; /* cipher-mode string */
-   char *cipher;
char *mode;
char *cmsp = cms;   /* c-m string pointer */
struct crypto_skcipher *tfm;
@@ -56,7 +55,6 @@ cryptoloop_init(struct loop_device *lo, const struct 
loop_info64 *info)
strncpy(cms, info->lo_crypt_name, LO_NAME_SIZE);
cms[LO_NAME_SIZE - 1] = 0;
 
-   cipher = cmsp;
cipher_len = strcspn(cmsp, "-");
 
mode = cmsp + cipher_len;
-- 
2.13.5

[PATCH] crypto: bcm: use of_device_get_match_data

[Corentin Labbe]

The usage of of_device_get_match_data reduce the code size a bit.
Furthermore, it prevents an improbable dereference when
of_match_device() return NULL.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/bcm/cipher.c | 7 ++-
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/bcm/cipher.c b/drivers/crypto/bcm/cipher.c
index 537a67483aa3..92e97a6da811 100644
--- a/drivers/crypto/bcm/cipher.c
+++ b/drivers/crypto/bcm/cipher.c
@@ -4818,7 +4818,6 @@ static int spu_dt_read(struct platform_device *pdev)
struct device *dev = >dev;
struct spu_hw *spu = _priv.spu;
struct resource *spu_ctrl_regs;
-   const struct of_device_id *match;
const struct spu_type_subtype *matched_spu_type;
struct device_node *dn = pdev->dev.of_node;
int err, i;
@@ -4826,14 +4825,12 @@ static int spu_dt_read(struct platform_device *pdev)
/* Count number of mailbox channels */
spu->num_chan = of_count_phandle_with_args(dn, "mboxes", "#mbox-cells");
 
-   match = of_match_device(of_match_ptr(bcm_spu_dt_ids), dev);
-   if (!match) {
+   matched_spu_type = of_device_get_match_data(dev);
+   if (!matched_spu_type) {
dev_err(>dev, "Failed to match device\n");
return -ENODEV;
}
 
-   matched_spu_type = match->data;
-
spu->spu_type = matched_spu_type->type;
spu->spu_subtype = matched_spu_type->subtype;
 
-- 
2.13.5

[PATCH] crypto: omap: use of_device_get_match_data

[Corentin Labbe]

The usage of of_device_get_match_data reduce the code size a bit.
Furthermore, it prevents an improbable dereference when
of_match_device() return NULL.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/omap-aes.c  | 7 ++-
 drivers/crypto/omap-des.c  | 7 ++-
 drivers/crypto/omap-sham.c | 7 ++-
 3 files changed, 6 insertions(+), 15 deletions(-)

diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-aes.c
index 1f3686a1ebfa..fbec0a2e76dd 100644
--- a/drivers/crypto/omap-aes.c
+++ b/drivers/crypto/omap-aes.c
@@ -975,11 +975,10 @@ static int omap_aes_get_res_of(struct omap_aes_dev *dd,
struct device *dev, struct resource *res)
 {
struct device_node *node = dev->of_node;
-   const struct of_device_id *match;
int err = 0;
 
-   match = of_match_device(of_match_ptr(omap_aes_of_match), dev);
-   if (!match) {
+   dd->pdata = of_device_get_match_data(dev);
+   if (!dd->pdata) {
dev_err(dev, "no compatible OF match\n");
err = -EINVAL;
goto err;
@@ -992,8 +991,6 @@ static int omap_aes_get_res_of(struct omap_aes_dev *dd,
goto err;
}
 
-   dd->pdata = match->data;
-
 err:
return err;
 }
diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c
index d37c9506c36c..ebc5c0f11f03 100644
--- a/drivers/crypto/omap-des.c
+++ b/drivers/crypto/omap-des.c
@@ -928,16 +928,13 @@ MODULE_DEVICE_TABLE(of, omap_des_of_match);
 static int omap_des_get_of(struct omap_des_dev *dd,
struct platform_device *pdev)
 {
-   const struct of_device_id *match;
 
-   match = of_match_device(of_match_ptr(omap_des_of_match), >dev);
-   if (!match) {
+   dd->pdata = of_device_get_match_data(>dev);
+   if (!dd->pdata) {
dev_err(>dev, "no compatible OF match\n");
return -EINVAL;
}
 
-   dd->pdata = match->data;
-
return 0;
 }
 #else
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index c40ac30ec002..86b89ace836f 100644
--- a/drivers/crypto/omap-sham.c
+++ b/drivers/crypto/omap-sham.c
@@ -1944,11 +1944,10 @@ static int omap_sham_get_res_of(struct omap_sham_dev 
*dd,
struct device *dev, struct resource *res)
 {
struct device_node *node = dev->of_node;
-   const struct of_device_id *match;
int err = 0;
 
-   match = of_match_device(of_match_ptr(omap_sham_of_match), dev);
-   if (!match) {
+   dd->pdata = of_device_get_match_data(dev);
+   if (!dd->pdata) {
dev_err(dev, "no compatible OF match\n");
err = -EINVAL;
goto err;
@@ -1968,8 +1967,6 @@ static int omap_sham_get_res_of(struct omap_sham_dev *dd,
goto err;
}
 
-   dd->pdata = match->data;
-
 err:
return err;
 }
-- 
2.13.5

[PATCH] crypto: stm32: use of_device_get_match_data

[Corentin Labbe]

The usage of of_device_get_match_data reduce the code size a bit.
Furthermore, it prevents an improbable dereference when
of_match_device() return NULL.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/stm32/stm32-hash.c | 7 ++-
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/stm32/stm32-hash.c 
b/drivers/crypto/stm32/stm32-hash.c
index b585ce54a802..1d9285c62606 100644
--- a/drivers/crypto/stm32/stm32-hash.c
+++ b/drivers/crypto/stm32/stm32-hash.c
@@ -1408,11 +1408,10 @@ MODULE_DEVICE_TABLE(of, stm32_hash_of_match);
 static int stm32_hash_get_of_match(struct stm32_hash_dev *hdev,
   struct device *dev)
 {
-   const struct of_device_id *match;
int err;
 
-   match = of_match_device(stm32_hash_of_match, dev);
-   if (!match) {
+   hdev->pdata = of_device_get_match_data(dev);
+   if (!hdev->pdata) {
dev_err(dev, "no compatible OF match\n");
return -EINVAL;
}
@@ -1420,8 +1419,6 @@ static int stm32_hash_get_of_match(struct stm32_hash_dev 
*hdev,
err = of_property_read_u32(dev->of_node, "dma-maxburst",
   >dma_maxburst);
 
-   hdev->pdata = match->data;
-
return err;
 }
 
-- 
2.13.5

[PATCH 00/11] crypto: gcm - add GCM IV size constant

[Corentin Labbe]

Many GCM users use directly GCM IV size instead of using some constant.

This patch add all IV size constant used by GCM and convert drivers for using 
them..

Corentin Labbe (11):
  crypto: gcm - add GCM iv size constant
  crypto: caam - Use GCM IV size constant
  crypto: ccp - Use GCM IV size constant
  crypto: nx - Use GCM IV size constant
  crypto: atmel - Use GCM IV size constant
  crypto: bcm - Use GCM IV size constant
  crypto: mediatek - Use GCM IV size constant
  crypto: chelsio - Use GCM IV size constant
  crypto: omap - Use GCM IV size constant
  crypto: gcm - Use GCM IV size constant
  crypto: aesni - Use GCM IV size constant

 arch/x86/crypto/aesni-intel_glue.c |  7 ---
 crypto/gcm.c   | 23 ---
 drivers/crypto/atmel-aes.c |  5 +++--
 drivers/crypto/bcm/cipher.c|  8 
 drivers/crypto/bcm/cipher.h|  3 +--
 drivers/crypto/caam/caamalg.c  | 10 +-
 drivers/crypto/caam/compat.h   |  1 +
 drivers/crypto/ccp/ccp-crypto-aes-galois.c |  9 -
 drivers/crypto/chelsio/chcr_algo.c |  9 +
 drivers/crypto/mediatek/mtk-aes.c  |  3 ++-
 drivers/crypto/nx/nx-aes-gcm.c |  9 +
 drivers/crypto/omap-aes-gcm.c  |  7 ---
 drivers/crypto/omap-aes.c  |  5 +++--
 include/crypto/gcm.h   |  8 
 14 files changed, 61 insertions(+), 46 deletions(-)
 create mode 100644 include/crypto/gcm.h

-- 
2.13.0

[PATCH 02/11] crypto: caam - Use GCM IV size constant

[Corentin Labbe]

This patch replace GCM IV size value by their constant name.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/caam/caamalg.c | 10 +-
 drivers/crypto/caam/compat.h  |  1 +
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 54f3b375a453..baa8dd52472d 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -992,7 +992,7 @@ static void init_gcm_job(struct aead_request *req,
struct caam_ctx *ctx = crypto_aead_ctx(aead);
unsigned int ivsize = crypto_aead_ivsize(aead);
u32 *desc = edesc->hw_desc;
-   bool generic_gcm = (ivsize == 12);
+   bool generic_gcm = (ivsize == GCM_AES_IV_SIZE);
unsigned int last;
 
init_aead_job(req, edesc, all_contig, encrypt);
@@ -1004,7 +1004,7 @@ static void init_gcm_job(struct aead_request *req,
 
/* Read GCM IV */
append_cmd(desc, CMD_FIFO_LOAD | FIFOLD_CLASS_CLASS1 | IMMEDIATE |
-FIFOLD_TYPE_IV | FIFOLD_TYPE_FLUSH1 | 12 | last);
+FIFOLD_TYPE_IV | FIFOLD_TYPE_FLUSH1 | GCM_AES_IV_SIZE 
| last);
/* Append Salt */
if (!generic_gcm)
append_data(desc, ctx->key + ctx->cdata.keylen, 4);
@@ -1953,7 +1953,7 @@ static struct caam_aead_alg driver_aeads[] = {
.setauthsize = rfc4106_setauthsize,
.encrypt = ipsec_gcm_encrypt,
.decrypt = ipsec_gcm_decrypt,
-   .ivsize = 8,
+   .ivsize = GCM_RFC4106_IV_SIZE,
.maxauthsize = AES_BLOCK_SIZE,
},
.caam = {
@@ -1971,7 +1971,7 @@ static struct caam_aead_alg driver_aeads[] = {
.setauthsize = rfc4543_setauthsize,
.encrypt = ipsec_gcm_encrypt,
.decrypt = ipsec_gcm_decrypt,
-   .ivsize = 8,
+   .ivsize = GCM_RFC4543_IV_SIZE,
.maxauthsize = AES_BLOCK_SIZE,
},
.caam = {
@@ -1990,7 +1990,7 @@ static struct caam_aead_alg driver_aeads[] = {
.setauthsize = gcm_setauthsize,
.encrypt = gcm_encrypt,
.decrypt = gcm_decrypt,
-   .ivsize = 12,
+   .ivsize = GCM_AES_IV_SIZE,
.maxauthsize = AES_BLOCK_SIZE,
},
.caam = {
diff --git a/drivers/crypto/caam/compat.h b/drivers/crypto/caam/compat.h
index 7149cd2492e0..5b8d930f3dd8 100644
--- a/drivers/crypto/caam/compat.h
+++ b/drivers/crypto/caam/compat.h
@@ -31,6 +31,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
-- 
2.13.0

[PATCH 01/11] crypto: gcm - add GCM IV size constant

[Corentin Labbe]

Many GCM users use directly GCM IV size instead of using some constant.

This patch add all IV size constant used by GCM.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 include/crypto/gcm.h | 8 
 1 file changed, 8 insertions(+)
 create mode 100644 include/crypto/gcm.h

diff --git a/include/crypto/gcm.h b/include/crypto/gcm.h
new file mode 100644
index ..c50e057ea17e
--- /dev/null
+++ b/include/crypto/gcm.h
@@ -0,0 +1,8 @@
+#ifndef _CRYPTO_GCM_H
+#define _CRYPTO_GCM_H
+
+#define GCM_AES_IV_SIZE 12
+#define GCM_RFC4106_IV_SIZE 8
+#define GCM_RFC4543_IV_SIZE 8
+
+#endif
-- 
2.13.0

[PATCH 03/11] crypto: ccp - Use GCM IV size constant

[Corentin Labbe]

This patch replace GCM IV size value by their constant name.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/ccp/ccp-crypto-aes-galois.c | 9 -
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-crypto-aes-galois.c 
b/drivers/crypto/ccp/ccp-crypto-aes-galois.c
index 52313524a4dd..ff02b713c6f6 100644
--- a/drivers/crypto/ccp/ccp-crypto-aes-galois.c
+++ b/drivers/crypto/ccp/ccp-crypto-aes-galois.c
@@ -19,13 +19,12 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 
 #include "ccp-crypto.h"
 
-#defineAES_GCM_IVSIZE  12
-
 static int ccp_aes_gcm_complete(struct crypto_async_request *async_req, int 
ret)
 {
return ret;
@@ -95,9 +94,9 @@ static int ccp_aes_gcm_crypt(struct aead_request *req, bool 
encrypt)
 */
 
/* Prepare the IV: 12 bytes + an integer (counter) */
-   memcpy(rctx->iv, req->iv, AES_GCM_IVSIZE);
+   memcpy(rctx->iv, req->iv, GCM_AES_IV_SIZE);
for (i = 0; i < 3; i++)
-   rctx->iv[i + AES_GCM_IVSIZE] = 0;
+   rctx->iv[i + GCM_AES_IV_SIZE] = 0;
rctx->iv[AES_BLOCK_SIZE - 1] = 1;
 
/* Set up a scatterlist for the IV */
@@ -160,7 +159,7 @@ static struct aead_alg ccp_aes_gcm_defaults = {
.encrypt = ccp_aes_gcm_encrypt,
.decrypt = ccp_aes_gcm_decrypt,
.init = ccp_aes_gcm_cra_init,
-   .ivsize = AES_GCM_IVSIZE,
+   .ivsize = GCM_AES_IV_SIZE,
.maxauthsize = AES_BLOCK_SIZE,
.base = {
.cra_flags  = CRYPTO_ALG_TYPE_ABLKCIPHER |
-- 
2.13.0

[PATCH 06/11] crypto: bcm - Use GCM IV size constant

[Corentin Labbe]

This patch replace GCM IV size value by their constant name.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/bcm/cipher.c | 8 
 drivers/crypto/bcm/cipher.h | 3 +--
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/drivers/crypto/bcm/cipher.c b/drivers/crypto/bcm/cipher.c
index 8685c7e4debd..537a67483aa3 100644
--- a/drivers/crypto/bcm/cipher.c
+++ b/drivers/crypto/bcm/cipher.c
@@ -1367,11 +1367,11 @@ static int handle_aead_req(struct iproc_reqctx_s *rctx)
 * expects AAD to include just SPI and seqno. So
 * subtract off the IV len.
 */
-   aead_parms.assoc_size -= GCM_ESP_IV_SIZE;
+   aead_parms.assoc_size -= GCM_RFC4106_IV_SIZE;
 
if (rctx->is_encrypt) {
aead_parms.return_iv = true;
-   aead_parms.ret_iv_len = GCM_ESP_IV_SIZE;
+   aead_parms.ret_iv_len = GCM_RFC4106_IV_SIZE;
aead_parms.ret_iv_off = GCM_ESP_SALT_SIZE;
}
} else {
@@ -3255,7 +3255,7 @@ static struct iproc_alg_s driver_algs[] = {
.cra_flags = CRYPTO_ALG_NEED_FALLBACK
 },
 .setkey = aead_gcm_esp_setkey,
-.ivsize = GCM_ESP_IV_SIZE,
+.ivsize = GCM_RFC4106_IV_SIZE,
 .maxauthsize = AES_BLOCK_SIZE,
 },
 .cipher_info = {
@@ -3301,7 +3301,7 @@ static struct iproc_alg_s driver_algs[] = {
.cra_flags = CRYPTO_ALG_NEED_FALLBACK
 },
 .setkey = rfc4543_gcm_esp_setkey,
-.ivsize = GCM_ESP_IV_SIZE,
+.ivsize = GCM_RFC4106_IV_SIZE,
 .maxauthsize = AES_BLOCK_SIZE,
 },
 .cipher_info = {
diff --git a/drivers/crypto/bcm/cipher.h b/drivers/crypto/bcm/cipher.h
index 57a55eb2a255..763c425c41ca 100644
--- a/drivers/crypto/bcm/cipher.h
+++ b/drivers/crypto/bcm/cipher.h
@@ -23,6 +23,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 
@@ -39,8 +40,6 @@
 #define ARC4_STATE_SIZE 4
 
 #define CCM_AES_IV_SIZE16
-#define GCM_AES_IV_SIZE12
-#define GCM_ESP_IV_SIZE 8
 #define CCM_ESP_IV_SIZE 8
 #define RFC4543_ICV_SIZE   16
 
-- 
2.13.0

[PATCH 05/11] crypto: atmel - Use GCM IV size constant

[Corentin Labbe]

This patch replace GCM IV size value by their constant name.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/atmel-aes.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
index 29e20c37f3a6..903fd43f23a5 100644
--- a/drivers/crypto/atmel-aes.c
+++ b/drivers/crypto/atmel-aes.c
@@ -36,6 +36,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -1532,7 +1533,7 @@ static int atmel_aes_gcm_start(struct atmel_aes_dev *dd)
if (err)
return atmel_aes_complete(dd, err);
 
-   if (likely(ivsize == 12)) {
+   if (likely(ivsize == GCM_AES_IV_SIZE)) {
memcpy(ctx->j0, iv, ivsize);
ctx->j0[3] = cpu_to_be32(1);
return atmel_aes_gcm_process(dd);
@@ -1820,7 +1821,7 @@ static struct aead_alg aes_gcm_alg = {
.decrypt= atmel_aes_gcm_decrypt,
.init   = atmel_aes_gcm_init,
.exit   = atmel_aes_gcm_exit,
-   .ivsize = 12,
+   .ivsize = GCM_AES_IV_SIZE,
.maxauthsize= AES_BLOCK_SIZE,
 
.base = {
-- 
2.13.0

[PATCH 10/11] crypto: gcm - Use GCM IV size constant

[Corentin Labbe]

This patch replace GCM IV size value by their constant name.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 crypto/gcm.c | 23 ---
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/crypto/gcm.c b/crypto/gcm.c
index 3841b5eafa7e..80cf6cfe082b 100644
--- a/crypto/gcm.c
+++ b/crypto/gcm.c
@@ -14,6 +14,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include "internal.h"
 #include 
@@ -197,8 +198,8 @@ static void crypto_gcm_init_common(struct aead_request *req)
struct scatterlist *sg;
 
memset(pctx->auth_tag, 0, sizeof(pctx->auth_tag));
-   memcpy(pctx->iv, req->iv, 12);
-   memcpy(pctx->iv + 12, , 4);
+   memcpy(pctx->iv, req->iv, GCM_AES_IV_SIZE);
+   memcpy(pctx->iv + GCM_AES_IV_SIZE, , 4);
 
sg_init_table(pctx->src, 3);
sg_set_buf(pctx->src, pctx->auth_tag, sizeof(pctx->auth_tag));
@@ -695,7 +696,7 @@ static int crypto_gcm_create_common(struct crypto_template 
*tmpl,
inst->alg.base.cra_alignmask = ghash->base.cra_alignmask |
   ctr->base.cra_alignmask;
inst->alg.base.cra_ctxsize = sizeof(struct crypto_gcm_ctx);
-   inst->alg.ivsize = 12;
+   inst->alg.ivsize = GCM_AES_IV_SIZE;
inst->alg.chunksize = crypto_skcipher_alg_chunksize(ctr);
inst->alg.maxauthsize = 16;
inst->alg.init = crypto_gcm_init_tfm;
@@ -832,20 +833,20 @@ static struct aead_request *crypto_rfc4106_crypt(struct 
aead_request *req)
u8 *iv = PTR_ALIGN((u8 *)(subreq + 1) + crypto_aead_reqsize(child),
   crypto_aead_alignmask(child) + 1);
 
-   scatterwalk_map_and_copy(iv + 12, req->src, 0, req->assoclen - 8, 0);
+   scatterwalk_map_and_copy(iv + GCM_AES_IV_SIZE, req->src, 0, 
req->assoclen - 8, 0);
 
memcpy(iv, ctx->nonce, 4);
memcpy(iv + 4, req->iv, 8);
 
sg_init_table(rctx->src, 3);
-   sg_set_buf(rctx->src, iv + 12, req->assoclen - 8);
+   sg_set_buf(rctx->src, iv + GCM_AES_IV_SIZE, req->assoclen - 8);
sg = scatterwalk_ffwd(rctx->src + 1, req->src, req->assoclen);
if (sg != rctx->src + 1)
sg_chain(rctx->src, 2, sg);
 
if (req->src != req->dst) {
sg_init_table(rctx->dst, 3);
-   sg_set_buf(rctx->dst, iv + 12, req->assoclen - 8);
+   sg_set_buf(rctx->dst, iv + GCM_AES_IV_SIZE, req->assoclen - 8);
sg = scatterwalk_ffwd(rctx->dst + 1, req->dst, req->assoclen);
if (sg != rctx->dst + 1)
sg_chain(rctx->dst, 2, sg);
@@ -957,7 +958,7 @@ static int crypto_rfc4106_create(struct crypto_template 
*tmpl,
err = -EINVAL;
 
/* Underlying IV size must be 12. */
-   if (crypto_aead_alg_ivsize(alg) != 12)
+   if (crypto_aead_alg_ivsize(alg) != GCM_AES_IV_SIZE)
goto out_drop_alg;
 
/* Not a stream cipher? */
@@ -980,7 +981,7 @@ static int crypto_rfc4106_create(struct crypto_template 
*tmpl,
 
inst->alg.base.cra_ctxsize = sizeof(struct crypto_rfc4106_ctx);
 
-   inst->alg.ivsize = 8;
+   inst->alg.ivsize = GCM_RFC4106_IV_SIZE;
inst->alg.chunksize = crypto_aead_alg_chunksize(alg);
inst->alg.maxauthsize = crypto_aead_alg_maxauthsize(alg);
 
@@ -1134,7 +1135,7 @@ static int crypto_rfc4543_init_tfm(struct crypto_aead 
*tfm)
tfm,
sizeof(struct crypto_rfc4543_req_ctx) +
ALIGN(crypto_aead_reqsize(aead), crypto_tfm_ctx_alignment()) +
-   align + 12);
+   align + GCM_AES_IV_SIZE);
 
return 0;
 
@@ -1199,7 +1200,7 @@ static int crypto_rfc4543_create(struct crypto_template 
*tmpl,
err = -EINVAL;
 
/* Underlying IV size must be 12. */
-   if (crypto_aead_alg_ivsize(alg) != 12)
+   if (crypto_aead_alg_ivsize(alg) != GCM_AES_IV_SIZE)
goto out_drop_alg;
 
/* Not a stream cipher? */
@@ -1222,7 +1223,7 @@ static int crypto_rfc4543_create(struct crypto_template 
*tmpl,
 
inst->alg.base.cra_ctxsize = sizeof(struct crypto_rfc4543_ctx);
 
-   inst->alg.ivsize = 8;
+   inst->alg.ivsize = GCM_RFC4543_IV_SIZE;
inst->alg.chunksize = crypto_aead_alg_chunksize(alg);
inst->alg.maxauthsize = crypto_aead_alg_maxauthsize(alg);
 
-- 
2.13.0

[PATCH 11/11] crypto: aesni - Use GCM IV size constant

[Corentin Labbe]

This patch replace GCM IV size value by their constant name.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 arch/x86/crypto/aesni-intel_glue.c | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/arch/x86/crypto/aesni-intel_glue.c 
b/arch/x86/crypto/aesni-intel_glue.c
index 5c15d6b57329..80664368bf14 100644
--- a/arch/x86/crypto/aesni-intel_glue.c
+++ b/arch/x86/crypto/aesni-intel_glue.c
@@ -28,6 +28,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -1131,7 +1132,7 @@ static struct aead_alg aesni_aead_algs[] = { {
.setauthsize= common_rfc4106_set_authsize,
.encrypt= helper_rfc4106_encrypt,
.decrypt= helper_rfc4106_decrypt,
-   .ivsize = 8,
+   .ivsize = GCM_RFC4106_IV_SIZE,
.maxauthsize= 16,
.base = {
.cra_name   = "__gcm-aes-aesni",
@@ -1149,7 +1150,7 @@ static struct aead_alg aesni_aead_algs[] = { {
.setauthsize= rfc4106_set_authsize,
.encrypt= rfc4106_encrypt,
.decrypt= rfc4106_decrypt,
-   .ivsize = 8,
+   .ivsize = GCM_RFC4106_IV_SIZE,
.maxauthsize= 16,
.base = {
.cra_name   = "rfc4106(gcm(aes))",
@@ -1165,7 +1166,7 @@ static struct aead_alg aesni_aead_algs[] = { {
.setauthsize= generic_gcmaes_set_authsize,
.encrypt= generic_gcmaes_encrypt,
.decrypt= generic_gcmaes_decrypt,
-   .ivsize = 12,
+   .ivsize = GCM_AES_IV_SIZE,
.maxauthsize= 16,
.base = {
.cra_name   = "gcm(aes)",
-- 
2.13.0

[PATCH 09/11] crypto: omap - Use GCM IV size constant

[Corentin Labbe]

This patch replace GCM IV size value by their constant name.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/omap-aes-gcm.c | 7 ---
 drivers/crypto/omap-aes.c | 5 +++--
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/omap-aes-gcm.c b/drivers/crypto/omap-aes-gcm.c
index 7d4f8a4be6d8..9b8f1c752168 100644
--- a/drivers/crypto/omap-aes-gcm.c
+++ b/drivers/crypto/omap-aes-gcm.c
@@ -18,6 +18,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -311,7 +312,7 @@ static int omap_aes_gcm_crypt(struct aead_request *req, 
unsigned long mode)
int err, assoclen;
 
memset(rctx->auth_tag, 0, sizeof(rctx->auth_tag));
-   memcpy(rctx->iv + 12, , 4);
+   memcpy(rctx->iv + GCM_AES_IV_SIZE, , 4);
 
err = do_encrypt_iv(req, (u32 *)rctx->auth_tag, (u32 *)rctx->iv);
if (err)
@@ -339,7 +340,7 @@ int omap_aes_gcm_encrypt(struct aead_request *req)
 {
struct omap_aes_reqctx *rctx = aead_request_ctx(req);
 
-   memcpy(rctx->iv, req->iv, 12);
+   memcpy(rctx->iv, req->iv, GCM_AES_IV_SIZE);
return omap_aes_gcm_crypt(req, FLAGS_ENCRYPT | FLAGS_GCM);
 }
 
@@ -347,7 +348,7 @@ int omap_aes_gcm_decrypt(struct aead_request *req)
 {
struct omap_aes_reqctx *rctx = aead_request_ctx(req);
 
-   memcpy(rctx->iv, req->iv, 12);
+   memcpy(rctx->iv, req->iv, GCM_AES_IV_SIZE);
return omap_aes_gcm_crypt(req, FLAGS_GCM);
 }
 
diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-aes.c
index c376a3ee7c2c..1f3686a1ebfa 100644
--- a/drivers/crypto/omap-aes.c
+++ b/drivers/crypto/omap-aes.c
@@ -35,6 +35,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -767,7 +768,7 @@ static struct aead_alg algs_aead_gcm[] = {
},
.init   = omap_aes_gcm_cra_init,
.exit   = omap_aes_gcm_cra_exit,
-   .ivsize = 12,
+   .ivsize = GCM_AES_IV_SIZE,
.maxauthsize= AES_BLOCK_SIZE,
.setkey = omap_aes_gcm_setkey,
.encrypt= omap_aes_gcm_encrypt,
@@ -788,7 +789,7 @@ static struct aead_alg algs_aead_gcm[] = {
.init   = omap_aes_gcm_cra_init,
.exit   = omap_aes_gcm_cra_exit,
.maxauthsize= AES_BLOCK_SIZE,
-   .ivsize = 8,
+   .ivsize = GCM_RFC4106_IV_SIZE,
.setkey = omap_aes_4106gcm_setkey,
.encrypt= omap_aes_4106gcm_encrypt,
.decrypt= omap_aes_4106gcm_decrypt,
-- 
2.13.0

[PATCH 08/11] crypto: chelsio - Use GCM IV size constant

[Corentin Labbe]

This patch replace GCM IV size value by their constant name.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/chelsio/chcr_algo.c | 9 +
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/chelsio/chcr_algo.c 
b/drivers/crypto/chelsio/chcr_algo.c
index 0e8160701833..936bdd895efa 100644
--- a/drivers/crypto/chelsio/chcr_algo.c
+++ b/drivers/crypto/chelsio/chcr_algo.c
@@ -53,6 +53,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -2534,9 +2535,9 @@ static struct sk_buff *create_gcm_wr(struct aead_request 
*req,
if (get_aead_subtype(tfm) ==
CRYPTO_ALG_SUB_TYPE_AEAD_RFC4106) {
memcpy(reqctx->iv, aeadctx->salt, 4);
-   memcpy(reqctx->iv + 4, req->iv, 8);
+   memcpy(reqctx->iv + 4, req->iv, GCM_RFC4106_IV_SIZE);
} else {
-   memcpy(reqctx->iv, req->iv, 12);
+   memcpy(reqctx->iv, req->iv, GCM_AES_IV_SIZE);
}
*((unsigned int *)(reqctx->iv + 12)) = htonl(0x01);
 
@@ -3385,7 +3386,7 @@ static struct chcr_alg_template driver_algs[] = {
sizeof(struct chcr_aead_ctx) +
sizeof(struct chcr_gcm_ctx),
},
-   .ivsize = 12,
+   .ivsize = GCM_AES_IV_SIZE,
.maxauthsize = GHASH_DIGEST_SIZE,
.setkey = chcr_gcm_setkey,
.setauthsize = chcr_gcm_setauthsize,
@@ -3405,7 +3406,7 @@ static struct chcr_alg_template driver_algs[] = {
sizeof(struct chcr_gcm_ctx),
 
},
-   .ivsize = 8,
+   .ivsize = GCM_RFC4106_IV_SIZE,
.maxauthsize= GHASH_DIGEST_SIZE,
.setkey = chcr_gcm_setkey,
.setauthsize= chcr_4106_4309_setauthsize,
-- 
2.13.0

[PATCH 04/11] crypto: nx - Use GCM IV size constant

[Corentin Labbe]

This patch replace GCM IV size value by their constant name.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/nx/nx-aes-gcm.c | 9 +
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/nx/nx-aes-gcm.c b/drivers/crypto/nx/nx-aes-gcm.c
index abd465f479c4..a810596b97c2 100644
--- a/drivers/crypto/nx/nx-aes-gcm.c
+++ b/drivers/crypto/nx/nx-aes-gcm.c
@@ -22,6 +22,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -433,7 +434,7 @@ static int gcm_aes_nx_encrypt(struct aead_request *req)
struct nx_gcm_rctx *rctx = aead_request_ctx(req);
char *iv = rctx->iv;
 
-   memcpy(iv, req->iv, 12);
+   memcpy(iv, req->iv, GCM_AES_IV_SIZE);
 
return gcm_aes_nx_crypt(req, 1, req->assoclen);
 }
@@ -443,7 +444,7 @@ static int gcm_aes_nx_decrypt(struct aead_request *req)
struct nx_gcm_rctx *rctx = aead_request_ctx(req);
char *iv = rctx->iv;
 
-   memcpy(iv, req->iv, 12);
+   memcpy(iv, req->iv, GCM_AES_IV_SIZE);
 
return gcm_aes_nx_crypt(req, 0, req->assoclen);
 }
@@ -498,7 +499,7 @@ struct aead_alg nx_gcm_aes_alg = {
},
.init= nx_crypto_ctx_aes_gcm_init,
.exit= nx_crypto_ctx_aead_exit,
-   .ivsize  = 12,
+   .ivsize  = GCM_AES_IV_SIZE,
.maxauthsize = AES_BLOCK_SIZE,
.setkey  = gcm_aes_nx_set_key,
.encrypt = gcm_aes_nx_encrypt,
@@ -516,7 +517,7 @@ struct aead_alg nx_gcm4106_aes_alg = {
},
.init= nx_crypto_ctx_aes_gcm_init,
.exit= nx_crypto_ctx_aead_exit,
-   .ivsize  = 8,
+   .ivsize  = GCM_RFC4106_IV_SIZE,
.maxauthsize = AES_BLOCK_SIZE,
.setkey  = gcm4106_aes_nx_set_key,
.setauthsize = gcm4106_aes_nx_setauthsize,
-- 
2.13.0

[PATCH 07/11] crypto: mediatek - Use GCM IV size constant

[Corentin Labbe]

This patch replace GCM IV size value by their constant name.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/mediatek/mtk-aes.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/mediatek/mtk-aes.c 
b/drivers/crypto/mediatek/mtk-aes.c
index 9e845e866dec..87e15b624f84 100644
--- a/drivers/crypto/mediatek/mtk-aes.c
+++ b/drivers/crypto/mediatek/mtk-aes.c
@@ -13,6 +13,7 @@
  */
 
 #include 
+#include 
 #include "mtk-platform.h"
 
 #define AES_QUEUE_SIZE 512
@@ -1098,7 +1099,7 @@ static struct aead_alg aes_gcm_alg = {
.decrypt= mtk_aes_gcm_decrypt,
.init   = mtk_aes_gcm_init,
.exit   = mtk_aes_gcm_exit,
-   .ivsize = 12,
+   .ivsize = GCM_AES_IV_SIZE,
.maxauthsize= AES_BLOCK_SIZE,
 
.base = {
-- 
2.13.0

[PATCH v4 0/1] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

Hello

The crypto engine could actually only enqueue hash and ablkcipher request.
This patch serie permit it to enqueue skcipher requests by adding all necessary
functions.

Changes since v3
- Use cra_type only for distinguish ablkcipher from skcipher

Changes since v2
- added two patch for finding request type according to its cra_type

Changes since v1
- Aligned to column struct *dev in include
- Added missing mutex_unlock in crypto_engine_start()

Corentin Labbe (1):
  crypto: engine - Permit to enqueue skcipher request

 crypto/crypto_engine.c  | 120 
 include/crypto/engine.h |  14 ++
 2 files changed, 134 insertions(+)

-- 
2.13.0

[PATCH v4 1/1] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

The crypto engine could actually only enqueue hash and ablkcipher request.
This patch permit it to enqueue skcipher requests by adding all necessary
functions.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 crypto/crypto_engine.c  | 120 
 include/crypto/engine.h |  14 ++
 2 files changed, 134 insertions(+)

diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index 61e7c4e02fd2..d5ee2a615339 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -36,9 +36,11 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
struct crypto_async_request *async_req, *backlog;
struct ahash_request *hreq;
struct ablkcipher_request *breq;
+   struct skcipher_request *skreq;
unsigned long flags;
bool was_busy = false;
int ret, rtype;
+   const struct crypto_type *cratype;
 
spin_lock_irqsave(>queue_lock, flags);
 
@@ -123,6 +125,25 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
}
return;
case CRYPTO_ALG_TYPE_ABLKCIPHER:
+   cratype = engine->cur_req->tfm->__crt_alg->cra_type;
+   if (cratype != _ablkcipher_type) {
+   skreq = skcipher_request_cast(engine->cur_req);
+   if (engine->prepare_skcipher_request) {
+   ret = engine->prepare_skcipher_request(engine, 
skreq);
+   if (ret) {
+   dev_err(engine->dev, "failed to prepare 
request: %d\n",
+   ret);
+   goto req_err;
+   }
+   engine->cur_req_prepared = true;
+   }
+   ret = engine->skcipher_one_request(engine, skreq);
+   if (ret) {
+   dev_err(engine->dev, "failed to cipher one 
request from queue\n");
+   goto req_err;
+   }
+   return;
+   }
breq = ablkcipher_request_cast(engine->cur_req);
if (engine->prepare_cipher_request) {
ret = engine->prepare_cipher_request(engine, breq);
@@ -151,6 +172,12 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
crypto_finalize_hash_request(engine, hreq, ret);
break;
case CRYPTO_ALG_TYPE_ABLKCIPHER:
+   cratype = engine->cur_req->tfm->__crt_alg->cra_type;
+   if (cratype != _ablkcipher_type) {
+   skreq = skcipher_request_cast(engine->cur_req);
+   crypto_finalize_skcipher_request(engine, skreq, ret);
+   break;
+   }
breq = ablkcipher_request_cast(engine->cur_req);
crypto_finalize_cipher_request(engine, breq, ret);
break;
@@ -213,6 +240,49 @@ int crypto_transfer_cipher_request_to_engine(struct 
crypto_engine *engine,
 EXPORT_SYMBOL_GPL(crypto_transfer_cipher_request_to_engine);
 
 /**
+ * crypto_transfer_skcipher_request - transfer the new request into the
+ * enginequeue
+ * @engine: the hardware engine
+ * @req: the request need to be listed into the engine queue
+ */
+int crypto_transfer_skcipher_request(struct crypto_engine *engine,
+struct skcipher_request *req,
+bool need_pump)
+{
+   unsigned long flags;
+   int ret;
+
+   spin_lock_irqsave(>queue_lock, flags);
+
+   if (!engine->running) {
+   spin_unlock_irqrestore(>queue_lock, flags);
+   return -ESHUTDOWN;
+   }
+
+   ret = crypto_enqueue_request(>queue, >base);
+
+   if (!engine->busy && need_pump)
+   kthread_queue_work(engine->kworker, >pump_requests);
+
+   spin_unlock_irqrestore(>queue_lock, flags);
+   return ret;
+}
+EXPORT_SYMBOL_GPL(crypto_transfer_skcipher_request);
+
+/**
+ * crypto_transfer_skcipher_request_to_engine - transfer one request to list
+ * into the engine queue
+ * @engine: the hardware engine
+ * @req: the request need to be listed into the engine queue
+ */
+int crypto_transfer_skcipher_request_to_engine(struct crypto_engine *engine,
+  struct skcipher_request *req)
+{
+   return crypto_transfer_skcipher_request(engine, req, true);
+}
+EXPORT_SYMBOL_GPL(crypto_transfer_skcipher_request_to_engine);
+
+/**
  * crypto_transfer_hash_request - transfer the new request into the
  * enginequeue
  * @engine: the hardware engine
@@ -292,6 +362,43 @@ void crypto_finalize_cipher_request(struct crypto_engine 
*en

Re: [PATCH 2/3] crypto: engine - find request type with cra_type

[Corentin Labbe]

On Fri, Aug 18, 2017 at 04:28:37PM +0800, Herbert Xu wrote:
> On Mon, Aug 14, 2017 at 03:17:24PM +0200, Corentin Labbe wrote:
> > The current method for finding request type is based on crypto_tfm_alg_type.
> > 
> > But in case of skcipher, it is the same than ablkcipher.
> > Using cra_type for this work permits to make the distinction between the 
> > two.
> > 
> > Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
> 
> I think you misunderstood my suggestion.  I'm not saying that
> you should use cra_type to distinguish all crypto types, it should
> only be used to distinguish ablkcipher from skcipher.
> 

Will change that in v4

Thanks

Re: [PATCH 2/3] crypto: engine - find request type with cra_type

[Corentin Labbe]

On Tue, Aug 15, 2017 at 07:51:14AM +, Fabien DESSENNE wrote:
> Hi Corentin,
> 
> Since I have just sent a patch to add the support of "aead_request" to crypto 
> engine, I am wondering if your proposed change (checking cra_type instead of 
> crypto_tfm_alg_type) and mine are compatible.
> It looks like they are (assuming we export crypto_aead_type): can you confirm?
> BR
> 
> Fabien.
> 

Hello

My change is incompatible with yours since I remove a 
switch(crypto_tfm_alg_type) that you use.
Anyway you will need my change:) because you use ablkcipher which is obsolete 
and you need to convert to skcipher.

regards
Corentin Labbe

[PATCH 1/3] crypto: skcipher - export crypto_skcipher_type2

[Corentin Labbe]

This patch export crypto_skcipher_type2 like others cra_type

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 crypto/skcipher.c   | 3 ++-
 include/crypto/algapi.h | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/skcipher.c b/crypto/skcipher.c
index 4faa0fd53b0c..c6523826890f 100644
--- a/crypto/skcipher.c
+++ b/crypto/skcipher.c
@@ -893,7 +893,7 @@ static int crypto_skcipher_report(struct sk_buff *skb, 
struct crypto_alg *alg)
 }
 #endif
 
-static const struct crypto_type crypto_skcipher_type2 = {
+const struct crypto_type crypto_skcipher_type2 = {
.extsize = crypto_skcipher_extsize,
.init_tfm = crypto_skcipher_init_tfm,
.free = crypto_skcipher_free_instance,
@@ -906,6 +906,7 @@ static const struct crypto_type crypto_skcipher_type2 = {
.type = CRYPTO_ALG_TYPE_SKCIPHER,
.tfmsize = offsetof(struct crypto_skcipher, base),
 };
+EXPORT_SYMBOL_GPL(crypto_skcipher_type2);
 
 int crypto_grab_skcipher(struct crypto_skcipher_spawn *spawn,
  const char *name, u32 type, u32 mask)
diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h
index e3cebf640c00..c6a4090ed2ed 100644
--- a/include/crypto/algapi.h
+++ b/include/crypto/algapi.h
@@ -130,6 +130,7 @@ struct ablkcipher_walk {
 
 extern const struct crypto_type crypto_ablkcipher_type;
 extern const struct crypto_type crypto_blkcipher_type;
+extern const struct crypto_type crypto_skcipher_type2;
 
 void crypto_mod_put(struct crypto_alg *alg);
 
-- 
2.13.0

[PATCH 2/3] crypto: engine - find request type with cra_type

[Corentin Labbe]

The current method for finding request type is based on crypto_tfm_alg_type.

But in case of skcipher, it is the same than ablkcipher.
Using cra_type for this work permits to make the distinction between the two.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 crypto/crypto_engine.c | 19 ---
 1 file changed, 8 insertions(+), 11 deletions(-)

diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index 61e7c4e02fd2..74b840749074 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -38,7 +38,8 @@ static void crypto_pump_requests(struct crypto_engine *engine,
struct ablkcipher_request *breq;
unsigned long flags;
bool was_busy = false;
-   int ret, rtype;
+   int ret;
+   const struct crypto_type *cratype;
 
spin_lock_irqsave(>queue_lock, flags);
 
@@ -94,7 +95,7 @@ static void crypto_pump_requests(struct crypto_engine *engine,
 
spin_unlock_irqrestore(>queue_lock, flags);
 
-   rtype = crypto_tfm_alg_type(engine->cur_req->tfm);
+   cratype = engine->cur_req->tfm->__crt_alg->cra_type;
/* Until here we get the request need to be encrypted successfully */
if (!was_busy && engine->prepare_crypt_hardware) {
ret = engine->prepare_crypt_hardware(engine);
@@ -104,8 +105,7 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
}
}
 
-   switch (rtype) {
-   case CRYPTO_ALG_TYPE_AHASH:
+   if (cratype == _ahash_type) {
hreq = ahash_request_cast(engine->cur_req);
if (engine->prepare_hash_request) {
ret = engine->prepare_hash_request(engine, hreq);
@@ -122,7 +122,7 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
goto req_err;
}
return;
-   case CRYPTO_ALG_TYPE_ABLKCIPHER:
+   } else if (cratype == _ablkcipher_type) {
breq = ablkcipher_request_cast(engine->cur_req);
if (engine->prepare_cipher_request) {
ret = engine->prepare_cipher_request(engine, breq);
@@ -139,21 +139,18 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
goto req_err;
}
return;
-   default:
+   } else {
dev_err(engine->dev, "failed to prepare request of unknown 
type\n");
return;
}
 
 req_err:
-   switch (rtype) {
-   case CRYPTO_ALG_TYPE_AHASH:
+   if (cratype == _ahash_type) {
hreq = ahash_request_cast(engine->cur_req);
crypto_finalize_hash_request(engine, hreq, ret);
-   break;
-   case CRYPTO_ALG_TYPE_ABLKCIPHER:
+   } else if (cratype == _ablkcipher_type) {
breq = ablkcipher_request_cast(engine->cur_req);
crypto_finalize_cipher_request(engine, breq, ret);
-   break;
}
return;
 
-- 
2.13.0

[PATCH 3/3] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

The crypto engine could actually only enqueue hash and ablkcipher request.
This patch permit it to enqueue skcipher requets by adding all necessary
functions.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 crypto/crypto_engine.c  | 114 
 include/crypto/engine.h |  14 ++
 2 files changed, 128 insertions(+)

diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index 74b840749074..8567224d7609 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -36,6 +36,7 @@ static void crypto_pump_requests(struct crypto_engine *engine,
struct crypto_async_request *async_req, *backlog;
struct ahash_request *hreq;
struct ablkcipher_request *breq;
+   struct skcipher_request *skreq;
unsigned long flags;
bool was_busy = false;
int ret;
@@ -139,6 +140,23 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
goto req_err;
}
return;
+   } else if (cratype == _skcipher_type2) {
+   skreq = skcipher_request_cast(engine->cur_req);
+   if (engine->prepare_skcipher_request) {
+   ret = engine->prepare_skcipher_request(engine, skreq);
+   if (ret) {
+   dev_err(engine->dev, "failed to prepare 
request: %d\n",
+   ret);
+   goto req_err;
+   }
+   engine->cur_req_prepared = true;
+   }
+   ret = engine->skcipher_one_request(engine, skreq);
+   if (ret) {
+   dev_err(engine->dev, "failed to cipher one request from 
queue\n");
+   goto req_err;
+   }
+   return;
} else {
dev_err(engine->dev, "failed to prepare request of unknown 
type\n");
return;
@@ -151,6 +169,9 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
} else if (cratype == _ablkcipher_type) {
breq = ablkcipher_request_cast(engine->cur_req);
crypto_finalize_cipher_request(engine, breq, ret);
+   } else if (cratype == _skcipher_type2) {
+   skreq = skcipher_request_cast(engine->cur_req);
+   crypto_finalize_skcipher_request(engine, skreq, ret);
}
return;
 
@@ -210,6 +231,49 @@ int crypto_transfer_cipher_request_to_engine(struct 
crypto_engine *engine,
 EXPORT_SYMBOL_GPL(crypto_transfer_cipher_request_to_engine);
 
 /**
+ * crypto_transfer_skcipher_request - transfer the new request into the
+ * enginequeue
+ * @engine: the hardware engine
+ * @req: the request need to be listed into the engine queue
+ */
+int crypto_transfer_skcipher_request(struct crypto_engine *engine,
+struct skcipher_request *req,
+bool need_pump)
+{
+   unsigned long flags;
+   int ret;
+
+   spin_lock_irqsave(>queue_lock, flags);
+
+   if (!engine->running) {
+   spin_unlock_irqrestore(>queue_lock, flags);
+   return -ESHUTDOWN;
+   }
+
+   ret = crypto_enqueue_request(>queue, >base);
+
+   if (!engine->busy && need_pump)
+   kthread_queue_work(engine->kworker, >pump_requests);
+
+   spin_unlock_irqrestore(>queue_lock, flags);
+   return ret;
+}
+EXPORT_SYMBOL_GPL(crypto_transfer_skcipher_request);
+
+/**
+ * crypto_transfer_skcipher_request_to_engine - transfer one request to list
+ * into the engine queue
+ * @engine: the hardware engine
+ * @req: the request need to be listed into the engine queue
+ */
+int crypto_transfer_skcipher_request_to_engine(struct crypto_engine *engine,
+  struct skcipher_request *req)
+{
+   return crypto_transfer_skcipher_request(engine, req, true);
+}
+EXPORT_SYMBOL_GPL(crypto_transfer_skcipher_request_to_engine);
+
+/**
  * crypto_transfer_hash_request - transfer the new request into the
  * enginequeue
  * @engine: the hardware engine
@@ -289,6 +353,43 @@ void crypto_finalize_cipher_request(struct crypto_engine 
*engine,
 EXPORT_SYMBOL_GPL(crypto_finalize_cipher_request);
 
 /**
+ * crypto_finalize_skcipher_request - finalize one request if the request is 
done
+ * @engine: the hardware engine
+ * @req: the request need to be finalized
+ * @err: error number
+ */
+void crypto_finalize_skcipher_request(struct crypto_engine *engine,
+ struct skcipher_request *req, int err)
+{
+   unsigned long flags;
+   bool finalize_cur_req = false;
+   int ret;
+
+   spin_lock_irqsave(>queue_lock, flags);
+   if (engine->cur_req == >base)
+   finalize_cur_req = true;
+ 

[PATCH 0/3 v3] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

Hello

The crypto engine could actually only enqueue hash and ablkcipher request.
This patch serie permit it to enqueue skcipher requests by adding all necessary
functions.

Changes since v2
- added two patch for finding request type according to its cra_type

Changes since v1
- Aligned to column struct *dev in include
- Added missing mutex_unlock in crypto_engine_start()

Corentin Labbe (3):
  crypto: skcipher - export crypto_skcipher_type2
  crypto: engine - find request type with cra_type
  crypto: engine - Permit to enqueue skcipher request

 crypto/crypto_engine.c  | 133 
 crypto/skcipher.c   |   3 +-
 include/crypto/algapi.h |   1 +
 include/crypto/engine.h |  14 +
 4 files changed, 139 insertions(+), 12 deletions(-)

-- 
2.13.0

[PATCH] crypto: cavium - add release_firmware to all return case

[Corentin Labbe]

Two return case misses to call release_firmware() and so leak some
memory.

This patch create a fw_release label (and so a common error path)
and use it on all return case.

Detected by CoverityScan, CID#1416422 ("Resource Leak")

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/cavium/cpt/cptpf_main.c | 13 +
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/cavium/cpt/cptpf_main.c 
b/drivers/crypto/cavium/cpt/cptpf_main.c
index 4119c40e7c4b..34a6d8bf229e 100644
--- a/drivers/crypto/cavium/cpt/cptpf_main.c
+++ b/drivers/crypto/cavium/cpt/cptpf_main.c
@@ -268,8 +268,10 @@ static int cpt_ucode_load_fw(struct cpt_device *cpt, const 
u8 *fw, bool is_ae)
mcode = >mcode[cpt->next_mc_idx];
memcpy(mcode->version, (u8 *)fw_entry->data, CPT_UCODE_VERSION_SZ);
mcode->code_size = ntohl(ucode->code_length) * 2;
-   if (!mcode->code_size)
-   return -EINVAL;
+   if (!mcode->code_size) {
+   ret = -EINVAL;
+   goto fw_release;
+   }
 
mcode->is_ae = is_ae;
mcode->core_mask = 0ULL;
@@ -280,7 +282,8 @@ static int cpt_ucode_load_fw(struct cpt_device *cpt, const 
u8 *fw, bool is_ae)
  >phys_base, GFP_KERNEL);
if (!mcode->code) {
dev_err(dev, "Unable to allocate space for microcode");
-   return -ENOMEM;
+   ret = -ENOMEM;
+   goto fw_release;
}
 
memcpy((void *)mcode->code, (void *)(fw_entry->data + sizeof(*ucode)),
@@ -302,12 +305,14 @@ static int cpt_ucode_load_fw(struct cpt_device *cpt, 
const u8 *fw, bool is_ae)
ret = do_cpt_init(cpt, mcode);
if (ret) {
dev_err(dev, "do_cpt_init failed with ret: %d\n", ret);
-   return ret;
+   goto fw_release;
}
 
dev_info(dev, "Microcode Loaded %s\n", mcode->version);
mcode->is_mc_valid = 1;
cpt->next_mc_idx++;
+
+fw_release:
release_firmware(fw_entry);
 
return ret;
-- 
2.13.0

Re: [PATCH v2 2/2] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

On Fri, Jul 28, 2017 at 05:01:19PM +0200, Corentin Labbe wrote:
> On Fri, Jul 28, 2017 at 09:52:57PM +0800, Herbert Xu wrote:
> > On Fri, Jul 14, 2017 at 01:15:36PM +0200, Corentin Labbe wrote:
> > > On Fri, Jun 23, 2017 at 02:48:37PM +0800, Herbert Xu wrote:
> > > > On Mon, Jun 19, 2017 at 09:55:24AM +0200, Corentin Labbe wrote:
> > > > >
> > > > > Since there are two different user of "crypto engine + ablkcipher", 
> > > > > it will be not easy to convert them in one serie. (I could do it, but 
> > > > > I simply could not test it for OMAP (lack of hw))
> > > > > And any new user which want to use crypto engine+skcipher (like me 
> > > > > with the sun8i-ce driver) are simply stuck.
> > > > 
> > > > You're right.  We'll need to do this in a backwards-compatible way.  In 
> > > > fact
> > > > we already do something similar in skcipher.c itself.  Simply look at 
> > > > the
> > > > cra_type field and if it matches blkcipher/ablkcipher/givcipher then 
> > > > it's
> > > > legacy ablkcipher, otherwise it's skcipher.
> > > > 
> > > > Also the way crypto_engine looks at the request type in the data-path is
> > > > suboptimal.  This should really be built into the cra_type object.  For
> > > > example, we can have cra_type->engine->prepare_request which would just
> > > > do the right thing.
> > > > 
> > > 
> > > Not sure to have well understand what you want.
> > > You want that I switch on cra_type instead of crypto_tfm_alg_type() ?
> > 
> > No I mean that we should have an engine hooks object registered
> > under cra_type so that you simply call
> > 
> > cra_type->engine->prepare_request()
> > 
> > regardless of what type you're using.
> > 
> 
> I am sorry, I didnt see how to do that.

Hello

I really didnt see how to do that since cra_type is const.
Anyway, I think it cannot be possible since we could have two different engine 
with two different prepare_request().

I will really appreciate any advice on what you want exactly.

Regards

Re: [PATCH v2 2/2] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

On Fri, Jul 28, 2017 at 09:52:57PM +0800, Herbert Xu wrote:
> On Fri, Jul 14, 2017 at 01:15:36PM +0200, Corentin Labbe wrote:
> > On Fri, Jun 23, 2017 at 02:48:37PM +0800, Herbert Xu wrote:
> > > On Mon, Jun 19, 2017 at 09:55:24AM +0200, Corentin Labbe wrote:
> > > >
> > > > Since there are two different user of "crypto engine + ablkcipher", it 
> > > > will be not easy to convert them in one serie. (I could do it, but I 
> > > > simply could not test it for OMAP (lack of hw))
> > > > And any new user which want to use crypto engine+skcipher (like me with 
> > > > the sun8i-ce driver) are simply stuck.
> > > 
> > > You're right.  We'll need to do this in a backwards-compatible way.  In 
> > > fact
> > > we already do something similar in skcipher.c itself.  Simply look at the
> > > cra_type field and if it matches blkcipher/ablkcipher/givcipher then it's
> > > legacy ablkcipher, otherwise it's skcipher.
> > > 
> > > Also the way crypto_engine looks at the request type in the data-path is
> > > suboptimal.  This should really be built into the cra_type object.  For
> > > example, we can have cra_type->engine->prepare_request which would just
> > > do the right thing.
> > > 
> > 
> > Not sure to have well understand what you want.
> > You want that I switch on cra_type instead of crypto_tfm_alg_type() ?
> 
> No I mean that we should have an engine hooks object registered
> under cra_type so that you simply call
> 
>   cra_type->engine->prepare_request()
> 
> regardless of what type you're using.
> 

I am sorry, I didnt see how to do that.

Re: [PATCH v2 2/2] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

On Fri, Jun 23, 2017 at 02:48:37PM +0800, Herbert Xu wrote:
> On Mon, Jun 19, 2017 at 09:55:24AM +0200, Corentin Labbe wrote:
> >
> > Since there are two different user of "crypto engine + ablkcipher", it will 
> > be not easy to convert them in one serie. (I could do it, but I simply 
> > could not test it for OMAP (lack of hw))
> > And any new user which want to use crypto engine+skcipher (like me with the 
> > sun8i-ce driver) are simply stuck.
> 
> You're right.  We'll need to do this in a backwards-compatible way.  In fact
> we already do something similar in skcipher.c itself.  Simply look at the
> cra_type field and if it matches blkcipher/ablkcipher/givcipher then it's
> legacy ablkcipher, otherwise it's skcipher.
> 
> Also the way crypto_engine looks at the request type in the data-path is
> suboptimal.  This should really be built into the cra_type object.  For
> example, we can have cra_type->engine->prepare_request which would just
> do the right thing.
> 

Not sure to have well understand what you want.
You want that I switch on cra_type instead of crypto_tfm_alg_type() ?

[PATCH v5] crypto: sun4i-ss: support the Security System PRNG

[Corentin Labbe]

The Security System has a PRNG, this patch adds support for it via
crypto_rng.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---

Change since v4
- Fixed some spelling issue in Kconfig and patch description

Changes since v3 (note: the v3 miss changes and version tag sorry)
- Replaced all len values with bits / BITS_PER_LONG or BITS_PER_BYTE

Changes since v2
 - converted to crypto_rng

Changes since v1:
 - Replaced all spin_lock_bh by simple spin_lock
 - Removed handling of size not modulo 4 which will never happen
 - Added add_random_ready_callback()

 drivers/crypto/Kconfig  |  8 +
 drivers/crypto/sunxi-ss/Makefile|  1 +
 drivers/crypto/sunxi-ss/sun4i-ss-core.c | 30 ++
 drivers/crypto/sunxi-ss/sun4i-ss-prng.c | 56 +
 drivers/crypto/sunxi-ss/sun4i-ss.h  | 11 +++
 5 files changed, 106 insertions(+)
 create mode 100644 drivers/crypto/sunxi-ss/sun4i-ss-prng.c

diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index ab82536d64e2..99245f9c9d58 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -618,6 +618,14 @@ config CRYPTO_DEV_SUN4I_SS
  To compile this driver as a module, choose M here: the module
  will be called sun4i-ss.
 
+config CRYPTO_DEV_SUN4I_SS_PRNG
+   bool "Support for Allwinner Security System PRNG"
+   depends on CRYPTO_DEV_SUN4I_SS
+   select CRYPTO_RNG
+   help
+ Select this option if you want to provide kernel-side support for
+ the Pseudo-Random Number Generator found in the Security System.
+
 config CRYPTO_DEV_ROCKCHIP
tristate "Rockchip's Cryptographic Engine driver"
depends on OF && ARCH_ROCKCHIP
diff --git a/drivers/crypto/sunxi-ss/Makefile b/drivers/crypto/sunxi-ss/Makefile
index 8f4c7a273141..ccb893219079 100644
--- a/drivers/crypto/sunxi-ss/Makefile
+++ b/drivers/crypto/sunxi-ss/Makefile
@@ -1,2 +1,3 @@
 obj-$(CONFIG_CRYPTO_DEV_SUN4I_SS) += sun4i-ss.o
 sun4i-ss-y += sun4i-ss-core.o sun4i-ss-hash.o sun4i-ss-cipher.o
+sun4i-ss-$(CONFIG_CRYPTO_DEV_SUN4I_SS_PRNG) += sun4i-ss-prng.o
diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-core.c 
b/drivers/crypto/sunxi-ss/sun4i-ss-core.c
index 02ad8256e900..1547cbe13dc2 100644
--- a/drivers/crypto/sunxi-ss/sun4i-ss-core.c
+++ b/drivers/crypto/sunxi-ss/sun4i-ss-core.c
@@ -213,6 +213,23 @@ static struct sun4i_ss_alg_template ss_algs[] = {
}
}
 },
+#ifdef CONFIG_CRYPTO_DEV_SUN4I_SS_PRNG
+{
+   .type = CRYPTO_ALG_TYPE_RNG,
+   .alg.rng = {
+   .base = {
+   .cra_name   = "stdrng",
+   .cra_driver_name= "sun4i_ss_rng",
+   .cra_priority   = 300,
+   .cra_ctxsize= 0,
+   .cra_module = THIS_MODULE,
+   },
+   .generate   = sun4i_ss_prng_generate,
+   .seed   = sun4i_ss_prng_seed,
+   .seedsize   = SS_SEED_LEN / BITS_PER_BYTE,
+   }
+},
+#endif
 };
 
 static int sun4i_ss_probe(struct platform_device *pdev)
@@ -355,6 +372,13 @@ static int sun4i_ss_probe(struct platform_device *pdev)
goto error_alg;
}
break;
+   case CRYPTO_ALG_TYPE_RNG:
+   err = crypto_register_rng(_algs[i].alg.rng);
+   if (err) {
+   dev_err(ss->dev, "Fail to register %s\n",
+   ss_algs[i].alg.rng.base.cra_name);
+   }
+   break;
}
}
platform_set_drvdata(pdev, ss);
@@ -369,6 +393,9 @@ static int sun4i_ss_probe(struct platform_device *pdev)
case CRYPTO_ALG_TYPE_AHASH:
crypto_unregister_ahash(_algs[i].alg.hash);
break;
+   case CRYPTO_ALG_TYPE_RNG:
+   crypto_unregister_rng(_algs[i].alg.rng);
+   break;
}
}
if (ss->reset)
@@ -393,6 +420,9 @@ static int sun4i_ss_remove(struct platform_device *pdev)
case CRYPTO_ALG_TYPE_AHASH:
crypto_unregister_ahash(_algs[i].alg.hash);
break;
+   case CRYPTO_ALG_TYPE_RNG:
+   crypto_unregister_rng(_algs[i].alg.rng);
+   break;
}
}
 
diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-prng.c 
b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
new file mode 100644
index ..0d01d1624252
--- /dev/null
+++ b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
@@ -0,0 +1,56 @@
+#include "sun4i-ss.h"
+
+int sun4i_ss_prng_seed(struct crypto_rng *tfm, const u8 *seed,
+  

Re: [PATCH v4] crypto: sun4i-ss: support the Security System PRNG

[Corentin Labbe]

On Mon, Jun 26, 2017 at 02:36:43PM +0200, Frans Klaver wrote:
> Hi,
> 
> On Mon, Jun 26, 2017 at 2:20 PM, Corentin Labbe
> <clabbe.montj...@gmail.com> wrote:
> > The Security System have a PRNG, this patch add support for it via
> > crypto_rng.
> 
> s,have,has,
> s,add,adds,
> 
> >
> > Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
> > ---
> >
> > Changes since v3 (note: the v3 miss changes and version tag sorry)
> > - Replaced all len values with bits / BITS_PER_LONG or BITS_PER_BYTE
> >
> > Changes since v2
> >  - converted to crypto_rng
> >
> > Changes since v1:
> >  - Replaced all spin_lock_bh by simple spin_lock
> >  - Removed handling of size not modulo 4 which will never happen
> >  - Added add_random_ready_callback()
> >
> >  drivers/crypto/Kconfig  |  8 +
> >  drivers/crypto/sunxi-ss/Makefile|  1 +
> >  drivers/crypto/sunxi-ss/sun4i-ss-core.c | 30 ++
> >  drivers/crypto/sunxi-ss/sun4i-ss-prng.c | 56 
> > +
> >  drivers/crypto/sunxi-ss/sun4i-ss.h  | 11 +++
> >  5 files changed, 106 insertions(+)
> >  create mode 100644 drivers/crypto/sunxi-ss/sun4i-ss-prng.c
> >
> > diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
> > index ab82536d64e2..bde0b102eb70 100644
> > --- a/drivers/crypto/Kconfig
> > +++ b/drivers/crypto/Kconfig
> > @@ -618,6 +618,14 @@ config CRYPTO_DEV_SUN4I_SS
> >   To compile this driver as a module, choose M here: the module
> >   will be called sun4i-ss.
> >
> > +config CRYPTO_DEV_SUN4I_SS_PRNG
> > +   bool "Support for Allwinner Security System PRNG"
> > +   depends on CRYPTO_DEV_SUN4I_SS
> > +   select CRYPTO_RNG
> > +   help
> > + Select this option if you to provides kernel-side support for
> > + the Pseudo-Random Number Generator found in the Security System.
> 
> This sentence does not parse. "Select this option if you want to
> provide kernel-side for ...". Alternatively: "This option enables
> kernel-side support for ..."
> 
> Frans

Thanks, I will change it.

[PATCH v4] crypto: sun4i-ss: support the Security System PRNG

[Corentin Labbe]

The Security System have a PRNG, this patch add support for it via
crypto_rng.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---

Changes since v3 (note: the v3 miss changes and version tag sorry)
- Replaced all len values with bits / BITS_PER_LONG or BITS_PER_BYTE

Changes since v2
 - converted to crypto_rng

Changes since v1:
 - Replaced all spin_lock_bh by simple spin_lock
 - Removed handling of size not modulo 4 which will never happen
 - Added add_random_ready_callback()

 drivers/crypto/Kconfig  |  8 +
 drivers/crypto/sunxi-ss/Makefile|  1 +
 drivers/crypto/sunxi-ss/sun4i-ss-core.c | 30 ++
 drivers/crypto/sunxi-ss/sun4i-ss-prng.c | 56 +
 drivers/crypto/sunxi-ss/sun4i-ss.h  | 11 +++
 5 files changed, 106 insertions(+)
 create mode 100644 drivers/crypto/sunxi-ss/sun4i-ss-prng.c

diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index ab82536d64e2..bde0b102eb70 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -618,6 +618,14 @@ config CRYPTO_DEV_SUN4I_SS
  To compile this driver as a module, choose M here: the module
  will be called sun4i-ss.
 
+config CRYPTO_DEV_SUN4I_SS_PRNG
+   bool "Support for Allwinner Security System PRNG"
+   depends on CRYPTO_DEV_SUN4I_SS
+   select CRYPTO_RNG
+   help
+ Select this option if you to provides kernel-side support for
+ the Pseudo-Random Number Generator found in the Security System.
+
 config CRYPTO_DEV_ROCKCHIP
tristate "Rockchip's Cryptographic Engine driver"
depends on OF && ARCH_ROCKCHIP
diff --git a/drivers/crypto/sunxi-ss/Makefile b/drivers/crypto/sunxi-ss/Makefile
index 8f4c7a273141..ccb893219079 100644
--- a/drivers/crypto/sunxi-ss/Makefile
+++ b/drivers/crypto/sunxi-ss/Makefile
@@ -1,2 +1,3 @@
 obj-$(CONFIG_CRYPTO_DEV_SUN4I_SS) += sun4i-ss.o
 sun4i-ss-y += sun4i-ss-core.o sun4i-ss-hash.o sun4i-ss-cipher.o
+sun4i-ss-$(CONFIG_CRYPTO_DEV_SUN4I_SS_PRNG) += sun4i-ss-prng.o
diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-core.c 
b/drivers/crypto/sunxi-ss/sun4i-ss-core.c
index 02ad8256e900..1547cbe13dc2 100644
--- a/drivers/crypto/sunxi-ss/sun4i-ss-core.c
+++ b/drivers/crypto/sunxi-ss/sun4i-ss-core.c
@@ -213,6 +213,23 @@ static struct sun4i_ss_alg_template ss_algs[] = {
}
}
 },
+#ifdef CONFIG_CRYPTO_DEV_SUN4I_SS_PRNG
+{
+   .type = CRYPTO_ALG_TYPE_RNG,
+   .alg.rng = {
+   .base = {
+   .cra_name   = "stdrng",
+   .cra_driver_name= "sun4i_ss_rng",
+   .cra_priority   = 300,
+   .cra_ctxsize= 0,
+   .cra_module = THIS_MODULE,
+   },
+   .generate   = sun4i_ss_prng_generate,
+   .seed   = sun4i_ss_prng_seed,
+   .seedsize   = SS_SEED_LEN / BITS_PER_BYTE,
+   }
+},
+#endif
 };
 
 static int sun4i_ss_probe(struct platform_device *pdev)
@@ -355,6 +372,13 @@ static int sun4i_ss_probe(struct platform_device *pdev)
goto error_alg;
}
break;
+   case CRYPTO_ALG_TYPE_RNG:
+   err = crypto_register_rng(_algs[i].alg.rng);
+   if (err) {
+   dev_err(ss->dev, "Fail to register %s\n",
+   ss_algs[i].alg.rng.base.cra_name);
+   }
+   break;
}
}
platform_set_drvdata(pdev, ss);
@@ -369,6 +393,9 @@ static int sun4i_ss_probe(struct platform_device *pdev)
case CRYPTO_ALG_TYPE_AHASH:
crypto_unregister_ahash(_algs[i].alg.hash);
break;
+   case CRYPTO_ALG_TYPE_RNG:
+   crypto_unregister_rng(_algs[i].alg.rng);
+   break;
}
}
if (ss->reset)
@@ -393,6 +420,9 @@ static int sun4i_ss_remove(struct platform_device *pdev)
case CRYPTO_ALG_TYPE_AHASH:
crypto_unregister_ahash(_algs[i].alg.hash);
break;
+   case CRYPTO_ALG_TYPE_RNG:
+   crypto_unregister_rng(_algs[i].alg.rng);
+   break;
}
}
 
diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-prng.c 
b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
new file mode 100644
index ..0d01d1624252
--- /dev/null
+++ b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
@@ -0,0 +1,56 @@
+#include "sun4i-ss.h"
+
+int sun4i_ss_prng_seed(struct crypto_rng *tfm, const u8 *seed,
+  unsigned int slen)
+{
+   struct sun4i_ss_alg_template *algt;
+   stru

Re: [PATCH] crypto: sun4i-ss: support the Security System PRNG

[Corentin Labbe]

On Tue, Jun 20, 2017 at 11:59:47AM +0200, Maxime Ripard wrote:
> Hi,
> 
> On Tue, Jun 20, 2017 at 10:58:19AM +0200, Corentin Labbe wrote:
> > The Security System have a PRNG, this patch add support for it via
> > crypto_rng.
> 
> This might be a dumb question, but is the CRYPTO_RNG code really
> supposed to be used with PRNG?
> 

Yes, see recently added drivers/crypto/exynos-rng.c

[...]
> > --- a/drivers/crypto/sunxi-ss/sun4i-ss.h
> > +++ b/drivers/crypto/sunxi-ss/sun4i-ss.h
> > @@ -32,6 +32,7 @@
> >  #include 
> >  #include 
> >  #include 
> > +#include 
> >  
> >  #define SS_CTL0x00
> >  #define SS_KEY0   0x04
> > @@ -127,6 +128,9 @@
> >  #define SS_RXFIFO_EMP_INT_ENABLE   (1 << 2)
> >  #define SS_TXFIFO_AVA_INT_ENABLE   (1 << 0)
> >  
> > +#define SS_SEED_LEN (192 / 8)
> > +#define SS_DATA_LEN (160 / 8)
> > +
> >  struct sun4i_ss_ctx {
> > void __iomem *base;
> > int irq;
> > @@ -136,6 +140,7 @@ struct sun4i_ss_ctx {
> > struct device *dev;
> > struct resource *res;
> > spinlock_t slock; /* control the use of the device */
> > +   u32 seed[SS_SEED_LEN / 4];
> 
> Shouldn't you define SS_SEED_LEN in bits, and then use either
> BITS_PER_BYTE and BITS_PER_LONG so that it's obvious what you're doing
> ?
> 
> And you could also make that variable defined based on the option,
> otherwise you'll always allocate that array, even if you're not using
> it.

I will do that

Thanks

[PATCH] crypto: sun4i-ss: support the Security System PRNG

[Corentin Labbe]

The Security System have a PRNG, this patch add support for it via
crypto_rng.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/Kconfig  |  8 +
 drivers/crypto/sunxi-ss/Makefile|  1 +
 drivers/crypto/sunxi-ss/sun4i-ss-core.c | 30 ++
 drivers/crypto/sunxi-ss/sun4i-ss-prng.c | 56 +
 drivers/crypto/sunxi-ss/sun4i-ss.h  |  9 ++
 5 files changed, 104 insertions(+)
 create mode 100644 drivers/crypto/sunxi-ss/sun4i-ss-prng.c

diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index ab82536d64e2..bde0b102eb70 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -618,6 +618,14 @@ config CRYPTO_DEV_SUN4I_SS
  To compile this driver as a module, choose M here: the module
  will be called sun4i-ss.
 
+config CRYPTO_DEV_SUN4I_SS_PRNG
+   bool "Support for Allwinner Security System PRNG"
+   depends on CRYPTO_DEV_SUN4I_SS
+   select CRYPTO_RNG
+   help
+ Select this option if you to provides kernel-side support for
+ the Pseudo-Random Number Generator found in the Security System.
+
 config CRYPTO_DEV_ROCKCHIP
tristate "Rockchip's Cryptographic Engine driver"
depends on OF && ARCH_ROCKCHIP
diff --git a/drivers/crypto/sunxi-ss/Makefile b/drivers/crypto/sunxi-ss/Makefile
index 8f4c7a273141..ccb893219079 100644
--- a/drivers/crypto/sunxi-ss/Makefile
+++ b/drivers/crypto/sunxi-ss/Makefile
@@ -1,2 +1,3 @@
 obj-$(CONFIG_CRYPTO_DEV_SUN4I_SS) += sun4i-ss.o
 sun4i-ss-y += sun4i-ss-core.o sun4i-ss-hash.o sun4i-ss-cipher.o
+sun4i-ss-$(CONFIG_CRYPTO_DEV_SUN4I_SS_PRNG) += sun4i-ss-prng.o
diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-core.c 
b/drivers/crypto/sunxi-ss/sun4i-ss-core.c
index 02ad8256e900..d6bb2991c000 100644
--- a/drivers/crypto/sunxi-ss/sun4i-ss-core.c
+++ b/drivers/crypto/sunxi-ss/sun4i-ss-core.c
@@ -213,6 +213,23 @@ static struct sun4i_ss_alg_template ss_algs[] = {
}
}
 },
+#ifdef CONFIG_CRYPTO_DEV_SUN4I_SS_PRNG
+{
+   .type = CRYPTO_ALG_TYPE_RNG,
+   .alg.rng = {
+   .base = {
+   .cra_name   = "stdrng",
+   .cra_driver_name= "sun4i_ss_rng",
+   .cra_priority   = 300,
+   .cra_ctxsize= 0,
+   .cra_module = THIS_MODULE,
+   },
+   .generate   = sun4i_ss_prng_generate,
+   .seed   = sun4i_ss_prng_seed,
+   .seedsize   = SS_SEED_LEN,
+   }
+},
+#endif
 };
 
 static int sun4i_ss_probe(struct platform_device *pdev)
@@ -355,6 +372,13 @@ static int sun4i_ss_probe(struct platform_device *pdev)
goto error_alg;
}
break;
+   case CRYPTO_ALG_TYPE_RNG:
+   err = crypto_register_rng(_algs[i].alg.rng);
+   if (err) {
+   dev_err(ss->dev, "Fail to register %s\n",
+   ss_algs[i].alg.rng.base.cra_name);
+   }
+   break;
}
}
platform_set_drvdata(pdev, ss);
@@ -369,6 +393,9 @@ static int sun4i_ss_probe(struct platform_device *pdev)
case CRYPTO_ALG_TYPE_AHASH:
crypto_unregister_ahash(_algs[i].alg.hash);
break;
+   case CRYPTO_ALG_TYPE_RNG:
+   crypto_unregister_rng(_algs[i].alg.rng);
+   break;
}
}
if (ss->reset)
@@ -393,6 +420,9 @@ static int sun4i_ss_remove(struct platform_device *pdev)
case CRYPTO_ALG_TYPE_AHASH:
crypto_unregister_ahash(_algs[i].alg.hash);
break;
+   case CRYPTO_ALG_TYPE_RNG:
+   crypto_unregister_rng(_algs[i].alg.rng);
+   break;
}
}
 
diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-prng.c 
b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
new file mode 100644
index ..3941587def6b
--- /dev/null
+++ b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c
@@ -0,0 +1,56 @@
+#include "sun4i-ss.h"
+
+int sun4i_ss_prng_seed(struct crypto_rng *tfm, const u8 *seed,
+  unsigned int slen)
+{
+   struct sun4i_ss_alg_template *algt;
+   struct rng_alg *alg = crypto_rng_alg(tfm);
+
+   algt = container_of(alg, struct sun4i_ss_alg_template, alg.rng);
+   memcpy(algt->ss->seed, seed, slen);
+
+   return 0;
+}
+
+int sun4i_ss_prng_generate(struct crypto_rng *tfm, const u8 *src,
+  unsigned int slen, u8 *dst, unsigned int dlen)
+{
+   struct sun4i_ss_alg_template 

Re: [PATCH v2 2/2] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

On Mon, Jun 19, 2017 at 01:27:08PM +0800, Herbert Xu wrote:
> On Tue, Jun 06, 2017 at 03:44:17PM +0200, Corentin Labbe wrote:
> > The crypto engine could actually only enqueue hash and ablkcipher request.
> > This patch permit it to enqueue skcipher requets by adding all necessary
> > functions.
> > The only problem is that ablkcipher and skcipher id are the same, so
> > only one cipher type is usable on the same crypto engine.
> > 
> > Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
> 
> I think this should be done as part of the skcipher conversion rather
> than as a standalone patch.
> 

Since there are two different user of "crypto engine + ablkcipher", it will be 
not easy to convert them in one serie. (I could do it, but I simply could not 
test it for OMAP (lack of hw))
And any new user which want to use crypto engine+skcipher (like me with the 
sun8i-ce driver) are simply stuck.

Regards

Re: [PATCH v2 2/2] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

On Tue, Jun 06, 2017 at 04:07:25PM +0200, Stephan Müller wrote:
> Am Dienstag, 6. Juni 2017, 15:44:17 CEST schrieb Corentin Labbe:
> 
> Hi Corentin,
> 
> > The crypto engine could actually only enqueue hash and ablkcipher request.
> > This patch permit it to enqueue skcipher requets by adding all necessary
> > functions.
> > The only problem is that ablkcipher and skcipher id are the same, so
> > only one cipher type is usable on the same crypto engine.
> 
> Why do you think this is needed? I thought that skcipher is the successor to 
> ablkcipher AND blkcipher. I.e. ablkcipher and blkcipher should be phased out. 
> Thus, I would infer that any ablkcipher support should or could be dropped.
> 

There are two user of it, crypto/omap and crypto/virtio.
And for crypto/omap, I have no way of testing any convertion to skcipher (no 
hardware).

Regards
Corentin Labbe

[PATCH v2 1/2] crypto: engine - replace pr_xxx by dev_xxx

[Corentin Labbe]

By adding a struct device *dev to struct engine, we could store the
device used at register time and so use all dev_xxx functions instead of
pr_xxx.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 crypto/crypto_engine.c  | 23 +--
 include/crypto/engine.h |  1 +
 2 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index 727bd5c3569e..61e7c4e02fd2 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -70,7 +70,7 @@ static void crypto_pump_requests(struct crypto_engine *engine,
 
if (engine->unprepare_crypt_hardware &&
engine->unprepare_crypt_hardware(engine))
-   pr_err("failed to unprepare crypt hardware\n");
+   dev_err(engine->dev, "failed to unprepare crypt 
hardware\n");
 
spin_lock_irqsave(>queue_lock, flags);
engine->idling = false;
@@ -99,7 +99,7 @@ static void crypto_pump_requests(struct crypto_engine *engine,
if (!was_busy && engine->prepare_crypt_hardware) {
ret = engine->prepare_crypt_hardware(engine);
if (ret) {
-   pr_err("failed to prepare crypt hardware\n");
+   dev_err(engine->dev, "failed to prepare crypt 
hardware\n");
goto req_err;
}
}
@@ -110,14 +110,15 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
if (engine->prepare_hash_request) {
ret = engine->prepare_hash_request(engine, hreq);
if (ret) {
-   pr_err("failed to prepare request: %d\n", ret);
+   dev_err(engine->dev, "failed to prepare 
request: %d\n",
+   ret);
goto req_err;
}
engine->cur_req_prepared = true;
}
ret = engine->hash_one_request(engine, hreq);
if (ret) {
-   pr_err("failed to hash one request from queue\n");
+   dev_err(engine->dev, "failed to hash one request from 
queue\n");
goto req_err;
}
return;
@@ -126,19 +127,20 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
if (engine->prepare_cipher_request) {
ret = engine->prepare_cipher_request(engine, breq);
if (ret) {
-   pr_err("failed to prepare request: %d\n", ret);
+   dev_err(engine->dev, "failed to prepare 
request: %d\n",
+   ret);
goto req_err;
}
engine->cur_req_prepared = true;
}
ret = engine->cipher_one_request(engine, breq);
if (ret) {
-   pr_err("failed to cipher one request from queue\n");
+   dev_err(engine->dev, "failed to cipher one request from 
queue\n");
goto req_err;
}
return;
default:
-   pr_err("failed to prepare request of unknown type\n");
+   dev_err(engine->dev, "failed to prepare request of unknown 
type\n");
return;
}
 
@@ -275,7 +277,7 @@ void crypto_finalize_cipher_request(struct crypto_engine 
*engine,
engine->unprepare_cipher_request) {
ret = engine->unprepare_cipher_request(engine, req);
if (ret)
-   pr_err("failed to unprepare request\n");
+   dev_err(engine->dev, "failed to unprepare 
request\n");
}
spin_lock_irqsave(>queue_lock, flags);
engine->cur_req = NULL;
@@ -312,7 +314,7 @@ void crypto_finalize_hash_request(struct crypto_engine 
*engine,
engine->unprepare_hash_request) {
ret = engine->unprepare_hash_request(engine, req);
if (ret)
-   pr_err("failed to unprepare request\n");
+   dev_err(engine->dev, "failed to unprepare 
request\n");
}
spin_lock_irqsave(>queue_lock, flags);
engine->cur_req = NULL;
@@ -384,7 +386,7 @@ int crypto_engine_stop(struct crypto_engine *engine)
spin_unlock_irqrestore(>queue_lock, flags);
 
  

[PATCH v2 2/2] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

The crypto engine could actually only enqueue hash and ablkcipher request.
This patch permit it to enqueue skcipher requets by adding all necessary
functions.
The only problem is that ablkcipher and skcipher id are the same, so
only one cipher type is usable on the same crypto engine.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 crypto/crypto_engine.c  | 138 
 include/crypto/engine.h |  14 +
 2 files changed, 141 insertions(+), 11 deletions(-)

diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index 61e7c4e02fd2..fc0f58b6299c 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -36,6 +36,7 @@ static void crypto_pump_requests(struct crypto_engine *engine,
struct crypto_async_request *async_req, *backlog;
struct ahash_request *hreq;
struct ablkcipher_request *breq;
+   struct skcipher_request *skreq;
unsigned long flags;
bool was_busy = false;
int ret, rtype;
@@ -123,17 +124,34 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
}
return;
case CRYPTO_ALG_TYPE_ABLKCIPHER:
-   breq = ablkcipher_request_cast(engine->cur_req);
-   if (engine->prepare_cipher_request) {
-   ret = engine->prepare_cipher_request(engine, breq);
-   if (ret) {
-   dev_err(engine->dev, "failed to prepare 
request: %d\n",
-   ret);
-   goto req_err;
+   /* since CRYPTO_ALG_TYPE_ABLKCIPHER == CRYPTO_ALG_TYPE_SKCIPHER
+* differenciate both with the presence of cipher_one_request
+*/
+   if (engine->cipher_one_request) {
+   breq = ablkcipher_request_cast(engine->cur_req);
+   if (engine->prepare_cipher_request) {
+   ret = engine->prepare_cipher_request(engine, 
breq);
+   if (ret) {
+   dev_err(engine->dev, "failed to prepare 
request: %d\n",
+   ret);
+   goto req_err;
+   }
+   engine->cur_req_prepared = true;
}
-   engine->cur_req_prepared = true;
+   ret = engine->cipher_one_request(engine, breq);
+   } else {
+   skreq = skcipher_request_cast(engine->cur_req);
+   if (engine->prepare_skcipher_request) {
+   ret = engine->prepare_skcipher_request(engine, 
skreq);
+   if (ret) {
+   dev_err(engine->dev, "failed to prepare 
request: %d\n",
+   ret);
+   goto req_err;
+   }
+   engine->cur_req_prepared = true;
+   }
+   ret = engine->skcipher_one_request(engine, skreq);
}
-   ret = engine->cipher_one_request(engine, breq);
if (ret) {
dev_err(engine->dev, "failed to cipher one request from 
queue\n");
goto req_err;
@@ -151,8 +169,13 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
crypto_finalize_hash_request(engine, hreq, ret);
break;
case CRYPTO_ALG_TYPE_ABLKCIPHER:
-   breq = ablkcipher_request_cast(engine->cur_req);
-   crypto_finalize_cipher_request(engine, breq, ret);
+   if (engine->cipher_one_request) {
+   breq = ablkcipher_request_cast(engine->cur_req);
+   crypto_finalize_cipher_request(engine, breq, ret);
+   } else {
+   skreq = skcipher_request_cast(engine->cur_req);
+   crypto_finalize_skcipher_request(engine, skreq, ret);
+   }
break;
}
return;
@@ -213,6 +236,49 @@ int crypto_transfer_cipher_request_to_engine(struct 
crypto_engine *engine,
 EXPORT_SYMBOL_GPL(crypto_transfer_cipher_request_to_engine);
 
 /**
+ * crypto_transfer_skcipher_request - transfer the new request into the
+ * enginequeue
+ * @engine: the hardware engine
+ * @req: the request need to be listed into the engine queue
+ */
+int crypto_transfer_skcipher_request(struct crypto_engine *engine,
+struct skcipher_request *req,
+bool need_pump)
+{
+   unsigned long flags;
+   int ret;
+
+   spin_lock_irqsave(>queue_lock, fla

[PATCH v2 0/2] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

The crypto engine could actually only enqueue hash and ablkcipher request.
This patch serie permit it to enqueue skcipher requets by adding all necessary
functions.

Changes since v1
- Aligned to column struct *dev in include
- Added missing mutex_unlock in crypto_engine_start()

Corentin Labbe (2):
  crypto: engine - replace pr_xxx by dev_xxx
  crypto: engine - Permit to enqueue skcipher request

 crypto/crypto_engine.c  | 157 ++--
 include/crypto/engine.h |  15 +
 2 files changed, 153 insertions(+), 19 deletions(-)

-- 
2.13.0

Re: [PATCH v2 00/12] ARM: sun5i: cryptographic engine support

[Corentin Labbe]

On Mon, May 29, 2017 at 10:27:26PM +0200, Antoine Tenart wrote:
> Hello,
> 
> This series adds the cryptographic engine support to sun5i SoCs. This is
> based on top of v4.12-rc1 and was tested on a CHIP. The series begins
> with fixes and improvements. The series is available at:
> https://github.com/atenart/linux v4.12-rc1/sun5i-crypto
> 
> The 8 first patches are reworks and cosmetic improvements.
> 
> Patch 9 moves the cipher part of the sun4i-ss driver from the ablkcipher
> API to the newer skcipher API.
> 
> Patch 10 adds the CRYPTO_ALG_KERN_DRIVER_ONLY flag for ciphers exposed
> by the sun4i-ss driver.
> 
> Patch 11 fixes the crypto framework selftests on the CHIP. It might fix
> other users too.
> 
> Patch 12 adds a cryptographic engine node for sun5i SoCs.
> 
> Thanks,
> Antoine
> 
> Since v1:
>   - Fixed a typo.
>   - Made the CRYPTO_ALG_KERN_DRIVER_ONLY flag addition in a dedicated
> patch.
> 
> Antoine Tenart (12):
>   crypto: sun4i-ss: group variable definitions in sun4i_hash()
>   crypto: sun4i-ss: remove conditional checks against 0
>   crypto: sun4i-ss: use lower/upper_32_bits helpers
>   crypto: sun4i-ss: cannot use DMA is the request is 0 length
>   crypto: sun4i-ss: do not dynamically set parts of the last buffer to 0
>   crypto: sun4i-ss: simplify the pad length calculation
>   crypto: sun4i-ss: simplify the appended bit assignment
>   crypto: sun4i-ss: use GENMASK to generate masks
>   crypto: sun4i-ss: move from ablkcipher to skcipher API
>   crypto: sun4i-ss: add the CRYPTO_ALG_KERN_DRIVER_ONLY flag
>   crypto: sun4i-ss: fix large block size support
>   ARM: sun5i: add a cryptographic engine node
> 
>  arch/arm/boot/dts/sun5i.dtsi  |   8 +
>  drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 213 ++-
>  drivers/crypto/sunxi-ss/sun4i-ss-core.c   | 237 
> +++---
>  drivers/crypto/sunxi-ss/sun4i-ss-hash.c   | 138 -
>  drivers/crypto/sunxi-ss/sun4i-ss.h    |  34 +++--
>  5 files changed, 321 insertions(+), 309 deletions(-)
> 

Hello

Thanks for the work

For the whole serie:
Tested-by: Corentin Labbe <clabbe.montj...@gmail.com>
Acked-by: Corentin Labbe <clabbe.montj...@gmail.com>

Re: [PATCH 09/11] crypto: sun4i-ss: move from ablkcipher to skcipher API

[Corentin Labbe]

On Wed, May 24, 2017 at 09:06:50PM +0200, Antoine Tenart wrote:
> Update the sun4i-ss driver to use the skcipher API instead of the old
> ablkcipher one. It's a bit more tricky than s/ablkcipher/skcipher/, but
> still nothing special and the driver's logic stays the same.
> 
> Signed-off-by: Antoine Tenart 
> ---
>  drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 189 -
>  drivers/crypto/sunxi-ss/sun4i-ss-core.c   | 227 
> +++---
>  drivers/crypto/sunxi-ss/sun4i-ss.h|  34 ++---
>  3 files changed, 226 insertions(+), 224 deletions(-)
> 
> diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c 
> b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
> index 23e549204365..5cf64746731a 100644
> --- a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
> +++ b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
> -{   .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
> +{   .type = CRYPTO_ALG_TYPE_SKCIPHER,
>   .alg.crypto = {
> - .cra_name = "cbc(aes)",
> - .cra_driver_name = "cbc-aes-sun4i-ss",
> - .cra_priority = 300,
> - .cra_blocksize = AES_BLOCK_SIZE,
> - .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER,
> - .cra_ctxsize = sizeof(struct sun4i_tfm_ctx),
> - .cra_module = THIS_MODULE,
> - .cra_alignmask = 3,
> - .cra_type = _ablkcipher_type,
> - .cra_init = sun4i_ss_cipher_init,
> - .cra_ablkcipher = {
> - .min_keysize= AES_MIN_KEY_SIZE,
> - .max_keysize= AES_MAX_KEY_SIZE,
> - .ivsize = AES_BLOCK_SIZE,
> - .setkey = sun4i_ss_aes_setkey,
> - .encrypt= sun4i_ss_cbc_aes_encrypt,
> - .decrypt= sun4i_ss_cbc_aes_decrypt,
> + .setkey = sun4i_ss_aes_setkey,
> + .encrypt= sun4i_ss_cbc_aes_encrypt,
> + .decrypt= sun4i_ss_cbc_aes_decrypt,
> + .min_keysize= AES_MIN_KEY_SIZE,
> + .max_keysize= AES_MAX_KEY_SIZE,
> + .ivsize = AES_BLOCK_SIZE,
> + .base = {
> + .cra_name = "cbc(aes)",
> + .cra_driver_name = "cbc-aes-sun4i-ss",
> + .cra_priority = 300,
> + .cra_blocksize = AES_BLOCK_SIZE,
> + .cra_flags = CRYPTO_ALG_TYPE_SKCIPHER |
> +  CRYPTO_ALG_KERN_DRIVER_ONLY,

Hello

You add CRYPTO_ALG_KERN_DRIVER_ONLY on all flags which is unrelated to the 
patch description.

Regards

Re: [PATCH 10/11] crypto: sun4i-ss: fix large block size support

[Corentin Labbe]

On Wed, May 24, 2017 at 09:06:51PM +0200, Antoine Tenart wrote:
> The run-time self-tests fail quite early, as soon as the input block
> size is larger than 64 bytes:
> 
>   alg: hash: Test 4 failed for sha1-sun4i-ss
>   : b9 c9 1e 52 c0 26 d8 39 81 ff f2 3c 99 b1 27 b2
>   0010: 30 d6 c9 85
> 
> One thing to notice is the value of the last word, which is the one
> expected (it can sometime be the last two words). The datasheet isn't
> very clear about when the digest is ready to retrieve and is seems the
> bit SS_DATA_END is cleared when the digest was computed *but* that
> doesn't mean the digest is ready to retrieve in the registers.
> 
> A ndelay(1) is added before reading the computed digest to ensure it is
> available in the SS_MD[] registers.
> 
> Signed-off-by: Antoine Tenart <antoine.ten...@free-electrons.com>
> ---
>  drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 18 ++
>  1 file changed, 18 insertions(+)
> 
> diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-hash.c 
> b/drivers/crypto/sunxi-ss/sun4i-ss-hash.c
> index 685de5b6ab17..6da8d2bbd4da 100644
> --- a/drivers/crypto/sunxi-ss/sun4i-ss-hash.c
> +++ b/drivers/crypto/sunxi-ss/sun4i-ss-hash.c
> @@ -358,6 +358,15 @@ static int sun4i_hash(struct ahash_request *areq)
>   goto release_ss;
>   }
>  
> + /*
> +  * The datasheet isn't very clear about when to retrieve the digest. The
> +  * bit SS_DATA_END is cleared when the engine has processed the data and
> +  * when the digest is computed *but* it doesn't mean the digest is
> +  * available in the diesgt registers. Hence the delay to be sure we can

Hello

Small typo here (diesgt/digest)

> +  * read it.
> +  */
> + ndelay(1);
> +
>   for (i = 0; i < crypto_ahash_digestsize(tfm) / 4; i++)
>   op->hash[i] = readl(ss->base + SS_MD0 + i * 4);
>  
> @@ -446,6 +455,15 @@ static int sun4i_hash(struct ahash_request *areq)
>   goto release_ss;
>   }
>  
> + /*
> +  * The datasheet isn't very clear about when to retrieve the digest. The
> +  * bit SS_DATA_END is cleared when the engine has processed the data and
> +  * when the digest is computed *but* it doesn't mean the digest is
> +  * available in the diesgt registers. Hence the delay to be sure we can

and here.

This behaviour is very strange since I didnt get it on other platform.
Could you give me the board name where you get it ?
Does any wmb() after the writel(..SS_DATA_END..) do the trick ?
Which speed are the SS clocks ?

Anyway the whole serie seems good, I will test it just after this weekend.

Thanks
Regards
Corentin Labbe

[PATCH 2/2] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

The crypto engine could actually only enqueue hash and ablkcipher request.
This patch permit it to enqueue skcipher requets by adding all necessary
functions.
The only problem is that ablkcipher and skcipher id are the same, so
only one cipher type is usable on the same crypto engine.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 crypto/crypto_engine.c  | 136 
 include/crypto/engine.h |  14 +
 2 files changed, 139 insertions(+), 11 deletions(-)

diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index 61e7c4e02fd2..9f690e04006a 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -36,6 +36,7 @@ static void crypto_pump_requests(struct crypto_engine *engine,
struct crypto_async_request *async_req, *backlog;
struct ahash_request *hreq;
struct ablkcipher_request *breq;
+   struct skcipher_request *skreq;
unsigned long flags;
bool was_busy = false;
int ret, rtype;
@@ -123,17 +124,34 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
}
return;
case CRYPTO_ALG_TYPE_ABLKCIPHER:
-   breq = ablkcipher_request_cast(engine->cur_req);
-   if (engine->prepare_cipher_request) {
-   ret = engine->prepare_cipher_request(engine, breq);
-   if (ret) {
-   dev_err(engine->dev, "failed to prepare 
request: %d\n",
-   ret);
-   goto req_err;
+   /* since CRYPTO_ALG_TYPE_ABLKCIPHER == CRYPTO_ALG_TYPE_SKCIPHER
+* differenciate both with the presence of cipher_one_request
+*/
+   if (engine->cipher_one_request) {
+   breq = ablkcipher_request_cast(engine->cur_req);
+   if (engine->prepare_cipher_request) {
+   ret = engine->prepare_cipher_request(engine, 
breq);
+   if (ret) {
+   dev_err(engine->dev, "failed to prepare 
request: %d\n",
+   ret);
+   goto req_err;
+   }
+   engine->cur_req_prepared = true;
}
-   engine->cur_req_prepared = true;
+   ret = engine->cipher_one_request(engine, breq);
+   } else {
+   skreq = skcipher_request_cast(engine->cur_req);
+   if (engine->prepare_skcipher_request) {
+   ret = engine->prepare_skcipher_request(engine, 
skreq);
+   if (ret) {
+   dev_err(engine->dev, "failed to prepare 
request: %d\n",
+   ret);
+   goto req_err;
+   }
+   engine->cur_req_prepared = true;
+   }
+   ret = engine->skcipher_one_request(engine, skreq);
}
-   ret = engine->cipher_one_request(engine, breq);
if (ret) {
dev_err(engine->dev, "failed to cipher one request from 
queue\n");
goto req_err;
@@ -151,8 +169,13 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
crypto_finalize_hash_request(engine, hreq, ret);
break;
case CRYPTO_ALG_TYPE_ABLKCIPHER:
-   breq = ablkcipher_request_cast(engine->cur_req);
-   crypto_finalize_cipher_request(engine, breq, ret);
+   if (engine->cipher_one_request) {
+   breq = ablkcipher_request_cast(engine->cur_req);
+   crypto_finalize_cipher_request(engine, breq, ret);
+   } else {
+   skreq = skcipher_request_cast(engine->cur_req);
+   crypto_finalize_skcipher_request(engine, skreq, ret);
+   }
break;
}
return;
@@ -213,6 +236,49 @@ int crypto_transfer_cipher_request_to_engine(struct 
crypto_engine *engine,
 EXPORT_SYMBOL_GPL(crypto_transfer_cipher_request_to_engine);
 
 /**
+ * crypto_transfer_skcipher_request - transfer the new request into the
+ * enginequeue
+ * @engine: the hardware engine
+ * @req: the request need to be listed into the engine queue
+ */
+int crypto_transfer_skcipher_request(struct crypto_engine *engine,
+struct skcipher_request *req,
+bool need_pump)
+{
+   unsigned long flags;
+   int ret;
+
+   spin_lock_irqsave(>queue_lock, fla

[PATCH 1/2] crypto: engine - replace pr_xxx by dev_xxx

[Corentin Labbe]

By adding a struct device *dev to struct engine, we could store the
device used at register time and so use all dev_xxx functions instead of
pr_xxx.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 crypto/crypto_engine.c  | 23 +--
 include/crypto/engine.h |  1 +
 2 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index 727bd5c3569e..61e7c4e02fd2 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -70,7 +70,7 @@ static void crypto_pump_requests(struct crypto_engine *engine,
 
if (engine->unprepare_crypt_hardware &&
engine->unprepare_crypt_hardware(engine))
-   pr_err("failed to unprepare crypt hardware\n");
+   dev_err(engine->dev, "failed to unprepare crypt 
hardware\n");
 
spin_lock_irqsave(>queue_lock, flags);
engine->idling = false;
@@ -99,7 +99,7 @@ static void crypto_pump_requests(struct crypto_engine *engine,
if (!was_busy && engine->prepare_crypt_hardware) {
ret = engine->prepare_crypt_hardware(engine);
if (ret) {
-   pr_err("failed to prepare crypt hardware\n");
+   dev_err(engine->dev, "failed to prepare crypt 
hardware\n");
goto req_err;
}
}
@@ -110,14 +110,15 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
if (engine->prepare_hash_request) {
ret = engine->prepare_hash_request(engine, hreq);
if (ret) {
-   pr_err("failed to prepare request: %d\n", ret);
+   dev_err(engine->dev, "failed to prepare 
request: %d\n",
+   ret);
goto req_err;
}
engine->cur_req_prepared = true;
}
ret = engine->hash_one_request(engine, hreq);
if (ret) {
-   pr_err("failed to hash one request from queue\n");
+   dev_err(engine->dev, "failed to hash one request from 
queue\n");
goto req_err;
}
return;
@@ -126,19 +127,20 @@ static void crypto_pump_requests(struct crypto_engine 
*engine,
if (engine->prepare_cipher_request) {
ret = engine->prepare_cipher_request(engine, breq);
if (ret) {
-   pr_err("failed to prepare request: %d\n", ret);
+   dev_err(engine->dev, "failed to prepare 
request: %d\n",
+   ret);
goto req_err;
}
engine->cur_req_prepared = true;
}
ret = engine->cipher_one_request(engine, breq);
if (ret) {
-   pr_err("failed to cipher one request from queue\n");
+   dev_err(engine->dev, "failed to cipher one request from 
queue\n");
goto req_err;
}
return;
default:
-   pr_err("failed to prepare request of unknown type\n");
+   dev_err(engine->dev, "failed to prepare request of unknown 
type\n");
return;
}
 
@@ -275,7 +277,7 @@ void crypto_finalize_cipher_request(struct crypto_engine 
*engine,
engine->unprepare_cipher_request) {
ret = engine->unprepare_cipher_request(engine, req);
if (ret)
-   pr_err("failed to unprepare request\n");
+   dev_err(engine->dev, "failed to unprepare 
request\n");
}
spin_lock_irqsave(>queue_lock, flags);
engine->cur_req = NULL;
@@ -312,7 +314,7 @@ void crypto_finalize_hash_request(struct crypto_engine 
*engine,
engine->unprepare_hash_request) {
ret = engine->unprepare_hash_request(engine, req);
if (ret)
-   pr_err("failed to unprepare request\n");
+   dev_err(engine->dev, "failed to unprepare 
request\n");
}
spin_lock_irqsave(>queue_lock, flags);
engine->cur_req = NULL;
@@ -384,7 +386,7 @@ int crypto_engine_stop(struct crypto_engine *engine)
spin_unlock_irqrestore(>queue_lock, flags);
 
  

DEADLOCK: bisected to d215aab82d81974f438bfbc80aa437132f3c37c3 ("cpu/hotplug: Convert hotplug locking to percpu rwsem")

[Corentin Labbe]

:c0c607c0 r7:c0b37850 r6:c0c607c0 r5:c0b48060 
r4:c09ff118
[4.799377] [] (kernel_init_freeable) from [] 
(kernel_init+0x10/0x118)
[4.807635]  r10: r9: r8: r7: r6: 
r5:c070c1c8
[4.815454]  r4:
[4.817995] [] (kernel_init) from [] 
(ret_from_fork+0x14/0x24)
[4.82]  r5:c070c1c8 r4:

I bisected the issue to commit d215aab82d81974f438bfbc80aa437132f3c37c3 
"cpu/hotplug: Convert hotplug locking to percpu rwsem"

i try to revert the patch but get:
  CC  kernel/jump_label.o
/linux-next/kernel/jump_label.c:124:6: warning: no previous prototype for 
'__static_key_slow_inc' [-Wmissing-prototypes]
 void __static_key_slow_inc(struct static_key *key)
  ^
/linux-next/kernel/jump_label.c: In function '__static_key_slow_dec':
/linux-next/kernel/jump_label.c:194:2: error: implicit declaration of function 
'lockdep_assert_hotplug_held' [-Werror=implicit-function-declaration]
didnt try to go further.

Regards
Corentin Labbe

[PATCH v2 3/9] crypto: ixp4xx - Use IPAD/OPAD constant

[Corentin Labbe]

This patch simply replace all occurrence of HMAC IPAD/OPAD value by their
define.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/ixp4xx_crypto.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/crypto/ixp4xx_crypto.c b/drivers/crypto/ixp4xx_crypto.c
index 771dd26c7076..427cbe012729 100644
--- a/drivers/crypto/ixp4xx_crypto.c
+++ b/drivers/crypto/ixp4xx_crypto.c
@@ -23,6 +23,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -90,8 +91,6 @@
 #define CTL_FLAG_PERFORM_AEAD  0x0008
 #define CTL_FLAG_MASK  0x000f
 
-#define HMAC_IPAD_VALUE   0x36
-#define HMAC_OPAD_VALUE   0x5C
 #define HMAC_PAD_BLOCKLEN SHA1_BLOCK_SIZE
 
 #define MD5_DIGEST_SIZE   16
-- 
2.13.0

[PATCH v2 4/9] crypto: marvell - Use IPAD/OPAD constant

[Corentin Labbe]

This patch simply replace all occurrence of HMAC IPAD/OPAD value by their
define.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/marvell/hash.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/marvell/hash.c b/drivers/crypto/marvell/hash.c
index 77c0fb936f47..e61b08566093 100644
--- a/drivers/crypto/marvell/hash.c
+++ b/drivers/crypto/marvell/hash.c
@@ -12,6 +12,7 @@
  * by the Free Software Foundation.
  */
 
+#include 
 #include 
 #include 
 
@@ -1164,8 +1165,8 @@ static int mv_cesa_ahmac_pad_init(struct ahash_request 
*req,
memcpy(opad, ipad, blocksize);
 
for (i = 0; i < blocksize; i++) {
-   ipad[i] ^= 0x36;
-   opad[i] ^= 0x5c;
+   ipad[i] ^= HMAC_IPAD_VALUE;
+   opad[i] ^= HMAC_OPAD_VALUE;
}
 
return 0;
-- 
2.13.0

[PATCH v2 5/9] crypto: mv_cesa - Use IPAD/OPAD constant

[Corentin Labbe]

This patch simply replace all occurrence of HMAC IPAD/OPAD value by their
define.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/mv_cesa.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/mv_cesa.c b/drivers/crypto/mv_cesa.c
index 451fa18c1c7b..bf25f415eea6 100644
--- a/drivers/crypto/mv_cesa.c
+++ b/drivers/crypto/mv_cesa.c
@@ -18,6 +18,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -822,8 +823,8 @@ static int mv_hash_setkey(struct crypto_ahash *tfm, const 
u8 * key,
memcpy(opad, ipad, bs);
 
for (i = 0; i < bs; i++) {
-   ipad[i] ^= 0x36;
-   opad[i] ^= 0x5c;
+   ipad[i] ^= HMAC_IPAD_VALUE;
+   opad[i] ^= HMAC_OPAD_VALUE;
}
 
rc = crypto_shash_init(shash) ? :
-- 
2.13.0

[PATCH v2 2/9] crypto: brcm - Use IPAD/OPAD constant

[Corentin Labbe]

This patch simply replace all occurrence of HMAC IPAD/OPAD value by their
define.

Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com>
---
 drivers/crypto/bcm/cipher.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/bcm/cipher.c b/drivers/crypto/bcm/cipher.c
index cc0d5b98006e..61393dc70b0b 100644
--- a/drivers/crypto/bcm/cipher.c
+++ b/drivers/crypto/bcm/cipher.c
@@ -36,6 +36,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -2510,8 +2511,8 @@ static int ahash_hmac_setkey(struct crypto_ahash *ahash, 
const u8 *key,
memcpy(ctx->opad, ctx->ipad, blocksize);
 
for (index = 0; index < blocksize; index++) {
-   ctx->ipad[index] ^= 0x36;
-   ctx->opad[index] ^= 0x5c;
+   ctx->ipad[index] ^= HMAC_IPAD_VALUE;
+   ctx->opad[index] ^= HMAC_OPAD_VALUE;
}
 
flow_dump("  ipad: ", ctx->ipad, blocksize);
-- 
2.13.0

[PATCH v2 0/9] crypto: add HMAC IPAD/OPAD constant

[Corentin Labbe]

Hello

Many HMAC users directly use directly 0x36/0x5c values.
It's better with crypto to use a name instead of directly some crypto constant.

Changes since v1:
- Moved constant to include/crypto/hmac.h
- Added  to includes

Corentin Labbe (9):
  crypto: add hmac IPAD/OPAD constant
  crypto: brcm - Use IPAD/OPAD constant
  crypto: ixp4xx - Use IPAD/OPAD constant
  crypto: marvell - Use IPAD/OPAD constant
  crypto: mv_cesa - Use IPAD/OPAD constant
  crypto: omap-sham - Use IPAD/OPAD constant
  crypto: qat - Use IPAD/OPAD constant
  crypto: mediatek - Use IPAD/OPAD constant
  crypto: ccp - Use IPAD/OPAD constant

 crypto/hmac.c| 5 +++--
 drivers/crypto/bcm/cipher.c  | 5 +++--
 drivers/crypto/ccp/ccp-crypto-sha.c  | 5 +++--
 drivers/crypto/ixp4xx_crypto.c   | 3 +--
 drivers/crypto/marvell/hash.c| 5 +++--
 drivers/crypto/mediatek/mtk-sha.c| 5 +++--
 drivers/crypto/mv_cesa.c | 5 +++--
 drivers/crypto/omap-sham.c   | 5 +++--
 drivers/crypto/qat/qat_common/qat_algs.c | 5 +++--
 include/crypto/hmac.h| 7 +++
 10 files changed, 32 insertions(+), 18 deletions(-)
 create mode 100644 include/crypto/hmac.h

-- 
2.13.0