On Mon, Dec 01, 2008 at 09:44:48PM +0800, Herbert Xu wrote:
On Mon, Dec 01, 2008 at 02:36:54PM +0100, Steffen Klassert wrote:
I searched for your shash work. Is there already some work in progress
aside from crc32?
I started on the algorithm conversion but have only made it as far
This patchset adds the 'pcrypt' parallel crypto template. With this template it
is possible to process the crypto requests of a transform in parallel without
getting request reorder. This is in particular interesting for IPsec.
I posted a first network based version to the netdev list some time
for the completition of the IV generation
from a previous request that runs on a different cpu.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/Makefile |1 +
crypto/cpu_chainiv.c | 327 ++
2 files changed, 328 insertions(+), 0
This patch adds a parallel crypto template that takes a crypto
algorithm and converts it to process the crypto transforms in
parallel. For the moment only aead is supported.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/Kconfig| 13 ++
crypto/Makefile
This patch introduces an interface to process data objects
in parallel. On request it is possible to serialize again.
The parallelized objects return after serialization in the
same order as they were before the parallelization.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
On Fri, Mar 27, 2009 at 04:36:15PM +0800, Herbert Xu wrote:
On Mon, Mar 16, 2009 at 12:52:51PM +0100, Steffen Klassert wrote:
If the crypro requests of a crypto transformation are processed in
parallel, the usual chain IV generator would serialize the crypto
requests again. The percpu IV
On Fri, Mar 27, 2009 at 04:44:57PM +0800, Herbert Xu wrote:
On Mon, Mar 16, 2009 at 12:55:26PM +0100, Steffen Klassert wrote:
@@ -447,7 +448,7 @@ static int esp_init_aead(struct xfrm_state *x)
struct crypto_aead *aead;
int err;
- aead = crypto_alloc_aead(x-aead-alg_name, 0
On Mon, Mar 30, 2009 at 09:19:55PM +0800, Herbert Xu wrote:
How about using eseqiv? It's designed for exactly this situation
where you want parallel async processing. Its overhead is just
one extra encryption block.
Yes, that's an option too. I'll give it a try.
Thanks!
--
To unsubscribe
On Thu, Apr 09, 2009 at 11:20:45AM +0800, Herbert Xu wrote:
You can allocate eseqiv(alg), e.g., eseqiv(cbc(aes)).
Ok, that's possible. I missed this possibility, probaply because nobody
is actually doing it this way. Thanks!
Unfortunately eseqiv does not work out of the box if we do
an asynchronous
algorithm would call eseqiv_complete() as the complete function.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/eseqiv.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/crypto/eseqiv.c b/crypto/eseqiv.c
index 2a342c8..2fa53b0 100644
eseqiv_complete2() just if the generated IV has to be
copied to req-giv.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/eseqiv.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/crypto/eseqiv.c b/crypto/eseqiv.c
index 2a342c8..3ca3b66 100644
--- a/crypto
This patch introduces an interface to process data objects
in parallel. On request it is possible to serialize again.
The parallelized objects return after serialization in the
same order as they were before the parallelization.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
This patch adds a parallel crypto template that takes a crypto
algorithm and converts it to process the crypto transforms in
parallel. For the moment only aead is supported.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/Kconfig| 13 ++
crypto/Makefile
This patchset adds the 'pcrypt' parallel crypto template. With this template it
is possible to process the crypto requests of a transform in parallel without
getting request reorder. This is in particular interesting for IPsec.
The parallel crypto template is based on a generic
This patch adds a netlink attribute for software crypto
accelerators like pcrypt. This makes it possible to choose a
crypto accelerator template by it's name from the userspace.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
include/linux/xfrm.h | 10 ++
include/net
On Mon, Apr 27, 2009 at 04:56:20PM +0800, Herbert Xu wrote:
On Fri, Apr 24, 2009 at 12:27:20PM +0200, Steffen Klassert wrote:
+ alg = crypto_get_attr_alg(tb, algt-type,
+ (algt-mask CRYPTO_ALG_TYPE_MASK)
+ | CRYPTO_ALG_PCRYPT
On Tue, Apr 28, 2009 at 02:31:29PM +0800, Herbert Xu wrote:
I thought so. The system is certainly not going to automatically
construct a second pcrypt algorithm once one exists. So I think
we can just remove this bit.
Ok, so I will remove it in the next version.
Steffen
--
To
On Mon, Apr 27, 2009 at 04:53:46PM +0800, Herbert Xu wrote:
While this should work for pcrypt, I'd like this to be solved
more generally. The crux of the issue is that we can't specify
an arbitrary implementation of a given algorithm. So the obvious
solution is to specify the driver name
This patchset adds the 'pcrypt' parallel crypto template. With this template it
is possible to process the crypto requests of a transform in parallel without
getting request reorder. This is in particular interesting for IPsec.
The parallel crypto template is based on a generic
This patch adds a parallel crypto template that takes a crypto
algorithm and converts it to process the crypto transforms in
parallel. For the moment only aead is supported.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/Kconfig| 13 ++
crypto/Makefile
This adds eseqiv support for aead algorithms, this is usefull
for aead wrappers that need eseqiv as it's default IV generator.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/eseqiv.c| 248 +---
include/linux/crypto.h
On Tue, Jun 02, 2009 at 01:50:41PM +1000, Herbert Xu wrote:
Hmm, it seems that this patch is completely intertwined into the
rest of the patches so we can't just kill it. Can you elaborate
on the rationale behind this wrap work? I'm curious to find out
what we gain by this over the much
On Tue, Jun 02, 2009 at 07:28:15PM +1000, Herbert Xu wrote:
On Tue, Jun 02, 2009 at 11:21:51AM +0200, Steffen Klassert wrote:
The reason for the wrap work is to have a possibility to choose a
certain version of an algorithm as the system default. The advantage
e.g. for pcrypt is that we
On Wed, Jun 03, 2009 at 07:40:50PM +1000, Herbert Xu wrote:
I see. How about if we let tcrypt test algorithms by name, e.g.,
something like
modprobe tcrypt alg='pcrypt(authenc(hmac(sha1),cbc(aes))'
I'm not that sure whether this does what I want.
If pcrypt has cra_name =
On Wed, Jun 03, 2009 at 09:59:31PM +1000, Herbert Xu wrote:
When pcrypt instantiates an algorithm, it should set cra_name to
%s and cra_driver_name to pcrypt(%s). So as long as the pcrypt
priority is higher than the underlying algorithm, it should all
work.
As it is, I can instantiate
On Mon, Jun 08, 2009 at 03:28:08PM +1000, Herbert Xu wrote:
On Fri, Jun 05, 2009 at 11:34:30AM +0200, Steffen Klassert wrote:
In pcrypt_alloc_instance() I do
inst-alg.cra_priority = alg-cra_priority + 100;
So, in my case authenc has priority 2000 and pcrypt has priority 2100
This patch introduces an interface to process data objects
in parallel. On request it is possible to serialize again.
The parallelized objects return after serialization in the
same order as they were before the parallelization.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
This patch adds a parallel crypto template that takes a crypto
algorithm and converts it to process the crypto transforms in
parallel. For the moment only aead is supported.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/Kconfig| 13 ++
crypto/Makefile
aead eseqiv needs to add the IV to the scatterlist itself.
So check if the IV is already contained in the scatterlist
and add it just if it is not already there.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/authenc.c |5 +++--
1 files changed, 3 insertions(+), 2
This adds the 'alg' module parameter to be able to test an
algorithm by name. If the algorithm type is not ad-hoc
clear for a algorithm (e.g. pcrypt, cryptd) it is possilbe
to set the algorithm type with the 'type' module parameter.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
This adds the 'alg' module parameter to be able to test an
algorithm by name. If the algorithm type is not ad-hoc
clear for a algorithm (e.g. pcrypt, cryptd) it is possilbe
to set the algorithm type with the 'type' module parameter.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
On Fri, Jun 19, 2009 at 08:38:15PM +0800, Herbert Xu wrote:
That was quick :)
Patch applied. Thanks a lot Steffen!
BTW, I added this on top so that modprobe doesn't complain about
the return code:
Ugh, I was a bit too quick. Thanks for fixing this up!
--
To unsubscribe from this
On Tue, Jun 23, 2009 at 05:18:52PM +0800, Herbert Xu wrote:
On Tue, Jun 23, 2009 at 11:14:29AM +0200, Steffen Klassert wrote:
I posted some numbers for the actual softirq based version with the
first patchset, see:
http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg03035.html
On Thu, Jun 25, 2009 at 02:51:12PM +0800, Herbert Xu wrote:
OK, the patch I just posted to the list should fix the problem.
I was able to test it suing
modprobe tcrypt alg='pcrypt(authenc(hmac(sha1-generic),cbc(aes-generic)))'
type=3
I applied your patch on top of the last pcrypt
On Thu, Jun 25, 2009 at 06:46:02PM +0800, Herbert Xu wrote:
On Mon, Jun 08, 2009 at 09:10:46AM +0200, Steffen Klassert wrote:
This adds eseqiv support for aead algorithms, this is usefull
for aead algorithms that need eseqiv as it's default IV generator.
Signed-off-by: Steffen Klassert
This patch introduces an interface to process data objects
in parallel. On request it is possible to serialize again.
The parallelized objects return after serialization in the
same order as they were before the parallelization.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
This patch adds a parallel crypto template that takes a crypto
algorithm and converts it to process the crypto transforms in
parallel. For the moment only aead is supported.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/Kconfig| 13 ++
crypto/Makefile
On Tue, Jul 07, 2009 at 02:00:03PM +0800, Herbert Xu wrote:
Sure, maybe I could take some of your code as is. My plan for
hmac is to first convert it to shash, then convert the users to
ahash, and finally convert hmac itself to ahash.
This way we don't have to convert all the users and
This patchset converts hmac to the new ahash frontend. It has just some
basic tests and is not yet for inclusion.
Steffen
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More majordomo info at
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
include/crypto/hash.h | 25 +
include/crypto/internal/hash.h |5 +
2 files changed, 30 insertions(+), 0 deletions(-)
diff --git a/include/crypto/hash.h b/include/crypto/hash.h
index
This patch adds the finup method for ahash. This can be used to
do the last hash update and the hash final together.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/ahash.c |1 +
crypto/shash.c | 15 +++
include/crypto/hash.h |6
This converts hmac to the new ahash frontend.
Also the hashing of the ipaded and opaded key is done now with the
setkey function, this saves some bytes of hashing on each request.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/hmac.c | 471
On Tue, Jul 14, 2009 at 09:06:00PM +0800, Herbert Xu wrote:
This hasn't caused a problem before because we haven't started
using ahash yet, apart from tcrypt which is single-threaded.
I'm currently in the process of converting authenc (hence IPsec)
across, which means that we will soon rely
On Tue, Jul 14, 2009 at 10:43:44PM +0800, Herbert Xu wrote:
Sure, go ahead. I'm still redoing the ahash infrastructure to
properly support finup and export/import.
Ok, for a moment I thought we both working at the same thing :)
I'll finalize my work and send everything in the next days.
On Wed, Jul 15, 2009 at 03:16:21PM +0800, Herbert Xu wrote:
crypto: cryptd - Switch to template create API
This patch changes cryptd to use the template-create function
instead of alloc in anticipation for the switch to new style
ahash algorithms.
Signed-off-by: Herbert Xu
If cryptd_alloc_instance() fails, the return value is uninitialized.
This patch fixes this by setting the return value.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/cryptd.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/crypto/cryptd.c b
On Wed, Jul 15, 2009 at 03:16:05PM +0800, Herbert Xu wrote:
crypto: padlock - Switch sha to shash
This patch converts the padlock-sha implementation to shash.
In doing so the existing mechanism of storing the data until
final is no longer viable as we do not have a way of allocating
data in
On Wed, Jul 15, 2009 at 06:30:25PM +0800, Herbert Xu wrote:
On Wed, Jul 15, 2009 at 12:28:18PM +0200, Steffen Klassert wrote:
Just FYI, I'm getting the following compiler error:
Is this 32-bit or 64-bit?
It's 32-bit.
One of my test systems had padlock enabled by chance
This patchset converts IPsec over to the new ahash interface.
The pachset applies to cryptodev-2.6. I was able to test the synchronous
codepaths, the asynchronous ones are untested.
I'm still somewhat unhappy with the ahash version of authenc, but I decided
to post anyway as a base for
To be able to chain all the scatterlists we add an additional
scatterlist entry to the scatterlist of the associated data.
To keep compatibility we set the termination bit at the first
entry. This can be reverted as soon as we can use sg_chain().
Signed-off-by: Steffen Klassert steffen.klass
This patch converts authenc to the new ahash interface.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/authenc.c | 215 +
1 files changed, 150 insertions(+), 65 deletions(-)
diff --git a/crypto/authenc.c b/crypto
This patch converts ah6 to the new ahash interface.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
net/ipv6/ah6.c | 352 +++-
1 files changed, 272 insertions(+), 80 deletions(-)
diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c
ah4 and ah6 are converted to ahash now, so we can remove the
code for the obsolete hash algorithm.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
include/net/ah.h | 29 +++--
1 files changed, 3 insertions(+), 26 deletions(-)
diff --git a/include/net
The last users of skb_icv_walk are converted to ahash now,
so skb_icv_walk is unused and can be removed.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
include/net/xfrm.h |3 --
net/xfrm/xfrm_algo.c | 78 --
2 files
On Thu, Jul 16, 2009 at 11:46:14PM +0800, Herbert Xu wrote:
My suggestion would be to optimise for the common case, where
assoc is a single-entry list. So just put some space aside in
the request context for a two-entry sg list and copy the assoc
sg entry into it and chain it with the rest.
This patch converts authenc to the new ahash interface.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/authenc.c | 217 ++
1 files changed, 152 insertions(+), 65 deletions(-)
diff --git a/crypto/authenc.c b/crypto
On Mon, Jul 20, 2009 at 02:52:44PM +0800, Herbert Xu wrote:
This is not quite right. What I had in mind was to use the digest
interface if the assoc SG list has a single entry in it. Otherwise
it should just fall back to doing update followed by finup.
Ok. I was not even aware that the
On Mon, Jul 20, 2009 at 02:55:14PM +0800, Herbert Xu wrote:
For the case at hand, as we've agreed to only do the chaining
if there is only a single entry in the list, we don't need this
at all. All you need to do is copy the page pointer, offset and
length without copying the raw
On Mon, Jul 20, 2009 at 04:22:24PM +0800, Herbert Xu wrote:
Actually, you can assume that init is always sync since I'll
ensure that everything supports export/import before hmac is
converted to ahash (from shash).
Ok, I'll update and resend the patch.
Thanks.
--
To unsubscribe from this
This patch converts authenc to the new ahash interface.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/authenc.c | 371 --
1 files changed, 302 insertions(+), 69 deletions(-)
diff --git a/crypto/authenc.c b/crypto
On Tue, Jul 21, 2009 at 09:07:25PM +0800, Herbert Xu wrote:
On Tue, Jul 21, 2009 at 02:25:09PM +0200, Steffen Klassert wrote:
I just noticed that your shash version of hmac keeps the paded keys
on the transform. I assumed the hashing to be reentrant, so I
removed the locks arround the hash
On Wed, Jul 22, 2009 at 03:02:59PM +0800, Herbert Xu wrote:
On Tue, Jul 21, 2009 at 11:02:17AM +0200, Steffen Klassert wrote:
+ err = crypto_ahash_finup(ahreq);
+ if (err == -EINPROGRESS)
+ return;
This is redundant. All completion functions must expect to be
called
ahash_op_unaligned() and ahash_def_finup() allocate memory atomically,
regardless whether the request can sleep or not. This patch changes
this to use GFP_KERNEL if the request can sleep.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/ahash.c |4 ++--
1 files changed
crypto_init_shash_ops_async() tests for setkey and not for import
before exporting the algorithms import function to ahash.
This patch fixes this.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/shash.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff
On Tue, Jul 21, 2009 at 09:07:25PM +0800, Herbert Xu wrote:
On Tue, Jul 21, 2009 at 02:25:09PM +0200, Steffen Klassert wrote:
I just noticed that your shash version of hmac keeps the paded keys
on the transform. I assumed the hashing to be reentrant, so I
removed the locks arround the hash
On Fri, Jul 24, 2009 at 03:23:11PM +0800, Herbert Xu wrote:
Ah, that makes sense. I've done the prehash patch, let me know
if this works.
Yes, it works.
Thanks!
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
algorithm
for the alignmnent calculation in xcbc_create now.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/xcbc.c |8 +---
1 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/crypto/xcbc.c b/crypto/xcbc.c
index 1e30b31..bb7b67f 100644
--- a/crypto/xcbc.c
On Mon, Jun 29, 2009 at 03:52:57PM +0200, Steffen Klassert wrote:
On Mon, Jun 29, 2009 at 07:59:50PM +0800, Herbert Xu wrote:
OK. Can you send me the patches you used against the current
cryptodev tree (I only just pushed so give it an hour or so)?
I'll see if I can reproduce it here
This patch adds a parallel crypto template that takes a crypto
algorithm and converts it to process the crypto transforms in
parallel. For the moment only aead is supported.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/Kconfig| 13 ++
crypto/Makefile
This patchset adds the 'pcrypt' parallel crypto template. With this template it
is possible to process the crypto requests of a transform in parallel without
getting request reorder. This is in particular interesting for IPsec.
The parallel crypto template is based on a generic
On Thu, Jan 15, 2009 at 04:56:44PM +1100, Herbert Xu wrote:
Dean Jenkins djenk...@mvista.com wrote:
Does ESP support 64 bit sequence numbering for use with the
authentication HMAC ?
We don't support 64-bit sequence numbers yet. If you look at
struct xfrm_replay_state which is where we
On Tue, Sep 01, 2009 at 03:23:21PM +0300, Alex Badea wrote:
A while ago I implemented a rough version of ESN support. It's against
an ancient 2.6.7 kernel though, and is only superficially tested.
I suppose there's no reason not to publish them here, if only for
historical reasons. My
This patch introduces an interface to process data objects
in parallel. On request it is possible to serialize again.
The parallelized objects return after serialization in the
same order as they were before the parallelization.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
On Thu, Oct 08, 2009 at 11:18:33PM -0700, David Miller wrote:
Steffen are we going to end up adding a softirq for every crypto
transform type?
That won't work, softirqs are to be scarcely allocated and operate
at a very high level.
I can think of two alternatives:
1) One softirq that
On Thu, Oct 08, 2009 at 11:18:33PM -0700, David Miller wrote:
Steffen are we going to end up adding a softirq for every crypto
transform type?
That won't work, softirqs are to be scarcely allocated and operate
at a very high level.
I changed padata to use workqueues instead of softirqs
On Fri, Oct 30, 2009 at 08:58:18AM -0400, Herbert Xu wrote:
Since this is all happening through a crypto completion call,
it needs to be done with BH off since that's a requirement for
crypto completion functions. So netif_rx will work correctly
as when BH is reenabled it'll pick up the
This patch adds a parallel crypto template that takes a crypto
algorithm and converts it to process the crypto transforms in
parallel. For the moment only aead algorithms are supported.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/Kconfig | 10 +
crypto
This patch introduces an interface to process data objects
in parallel. The parallelized objects return after serialization
in the same order as they were before the parallelization.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
include/linux/padata.h | 88 ++
init
This fixes three forgotten calls to the complete function
in the error case.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/pcrypt.c |6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/crypto/pcrypt.c b/crypto/pcrypt.c
index b9527d0..8020124
We accidentally assigned the ahash update complete function to
the wrong function pointer in crypto_authenc_verify.
This patch fixes this.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/authenc.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git
/ahash request.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/authenc.c | 25 ++---
1 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/crypto/authenc.c b/crypto/authenc.c
index 6287cfd..2bb7348 100644
--- a/crypto/authenc.c
+++ b/crypto
On Sat, Feb 27, 2010 at 12:14:15PM +0100, Roberto Sassu wrote:
Hello
i'm trying to use the authenc module and i wrote a small kernel module that
simply encrypts/decrypts a fixed data using the hmac(sha1) as authentication
algorithm and cbc(aes) as encryption algorithm.
The used platform
allocation for this cpumask.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
kernel/padata.c |8 +++-
1 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/kernel/padata.c b/kernel/padata.c
index 6f9bcb8..93caf65 100644
--- a/kernel/padata.c
+++ b/kernel/padata.c
On Sun, Mar 21, 2010 at 12:28:47PM +0300, Dan Carpenter wrote:
crypto_get_attr_type() can returns ERR_PTRs if there is a problem.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/crypto/pcrypt.c b/crypto/pcrypt.c
index 8020124..41bd80f 100644
--- a/crypto/pcrypt.c
+++
On Mon, Mar 22, 2010 at 04:53:19PM +0300, Dan Carpenter wrote:
-static struct crypto_instance *pcrypt_alloc_aead(struct rtattr **tb)
+static struct crypto_instance *pcrypt_alloc_aead(struct rtattr **tb,
+ struct crypto_attr_type *algt)
{
On Mon, Mar 22, 2010 at 06:28:45PM +0300, Dan Carpenter wrote:
I was concerned about the error handling for crypto_get_attr_type() in
pcrypt_alloc_aead(). Steffen Klassert pointed out that we could simply
avoid calling crypto_get_attr_type() if we passed the type and mask as a
parameters
On Thu, Apr 22, 2010 at 10:57:24AM +0200, Nils Rennebarth wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
As parallel encryption of ipsec is now in the official kernel, I tried to use
it, and to actually make ipsec connections use it, I did
$ modprobe tcrypt
that arrives to the reorder queues. The timer
function sends it out in this case.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
include/linux/padata.h |2 ++
kernel/padata.c| 25 ++---
2 files changed, 20 insertions(+), 7 deletions(-)
diff --git
yield was used to wait until all references of the internal control
structure in use are dropped before it is freed. This patch implements
padata_flush_queues which actively flushes the padata percpu queues
in this case.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
kernel
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
include/linux/padata.h | 53
kernel/padata.c| 50 +++-
2 files changed, 101 insertions(+), 2 deletions(-)
diff --git a/include
Hi Randy,
On Fri, May 14, 2010 at 09:18:57AM -0700, Randy Dunlap wrote:
Hi Steffen,
These comments are roughly 90% of the way to being kernel-doc notation,
so how about going the rest of the way, please?
yes of course we can. I read Documentation/kernel-doc-nano-HOWTO.txt,
so I need to
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
include/linux/padata.h | 53 +
kernel/padata.c| 68
2 files changed, 110 insertions(+), 11 deletions(-)
diff --git a/include/linux
This patchset contains the following changes:
1. Add a flag to mark the padata instance as invalid.
We will use this to mark the padata instace as invalid
if the padata cpumask contains no active cpu.
2. Make padata_stop to block until the padata instance is
unused. So it's save to change the
padata user, pcrypt to this change.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/pcrypt.c| 19 ++-
include/linux/padata.h |3 ++-
kernel/padata.c| 18 --
3 files changed, 32 insertions(+), 8 deletions(-)
diff --git
This patch makes padata_stop to block until the padata
instance is unused. Also we split padata_stop to a locked
and a unlocked version. This is in preparation to be able
to change the cpumask after a call to patata stop.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
kernel
if padata_do_parallel
was called on a not running padata instance as we can't handle it
anymore. This fallback was unused, so it's save to remove it.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
crypto/pcrypt.c | 18 ++
kernel/padata.c | 11 +--
2 files
number and the percpu
reorder queue of the next object that needs serialization without
searching through the percpu reorder queues. This avoids some
accesses to memory of foreign cpus.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
include/linux/padata.h |6 ++--
kernel
This patch updates the padata documentation to the changed
API of padata_start/padata_stop and padata_do parallel.
Signed-off-by: Steffen Klassert steffen.klass...@secunet.com
---
Documentation/padata.txt | 21 +++--
1 files changed, 11 insertions(+), 10 deletions(-)
diff
On Mon, Jul 19, 2010 at 02:04:26PM +0800, Herbert Xu wrote:
All applied. Thanks!
Hm, I was just about to write some comments on these patches,
they still have some issues. For example, handling empty cpumasks
is broken again (NULL pointer dereference in padata_replace).
The cpu_index is zero
This patchset contains the following fixes:
1. padata - Fix a potential hang of the parallel worker threads on
cpu hotplug.
2. padata - Fix two NULL pointer dereference crashes if one of the
padata cpumasks is empty. The crashes can be triggered by doing
echo 0
1 - 100 of 302 matches
Mail list logo