RE: cra_priority usage
= %d)\n, status); status = cpaCyStopInstance(CPA_INSTANCE_HANDLE_SINGLE); if (CPA_STATUS_SUCCESS != status) { printk(cpaCyStopInstance failed. (status = %d)\n, status); } return -EPERM; } dprintk(%s: cpaCyBufferListGetMetaSize = %u\n, __FUNCTION__, bufferListMetaSize); /* * Allocation of the OpData includes the allocation space for meta data. * The memory after the opData structure is reserved for this meta data. */ pOpDataCache = kmem_cache_create(icp_opdata, sizeof(icp_aead_op_data_t), 0, SLAB_HWCACHE_ALIGN, NULL); if (NULL == pOpDataCache) { printk(%s: unable to allocate OpData cache\n, __FUNCTION__); status = cpaCyStopInstance(CPA_INSTANCE_HANDLE_SINGLE); if (CPA_STATUS_SUCCESS != status) { printk(cpaCyStopInstance failed. (status = %d)\n, status); } return -ENOMEM; } pMetaCache = kmem_cache_create(icp_meta, bufferListMetaSize, 0, SLAB_HWCACHE_ALIGN, NULL); if (NULL == pMetaCache) { printk(%s: unable to allocate OpData cache\n, __FUNCTION__); kmem_cache_destroy(pOpDataCache); pOpDataCache = NULL; status = cpaCyStopInstance(CPA_INSTANCE_HANDLE_SINGLE); if (CPA_STATUS_SUCCESS != status) { printk(cpaCyStopInstance failed. (status = %d)\n, status); } return -ENOMEM; } registerStatus = crypto_register_alg(aead_authenc_3des_hmac_sha1); if (registerStatus != 0) { printk(Register alg failed for 3DES-HMAC_SHA1\n); kmem_cache_destroy(pOpDataCache); kmem_cache_destroy(pMetaCache); pOpDataCache = NULL; pMetaCache = NULL; return registerStatus; } printk(3DES-HMAC_SHA1 loaded\n); registerStatus = crypto_register_alg(aead_authenc_aes_cbc_hmac_sha1); if (registerStatus != 0) { printk(Register alg failed for AES-CBC-HMAC_SHA1\n); kmem_cache_destroy(pOpDataCache); kmem_cache_destroy(pMetaCache); pOpDataCache = NULL; pMetaCache = NULL; return registerStatus; } printk(AES-CBC-HMAC_SHA1 loaded\n); registerStatus = crypto_register_alg(aead_authenc_aes_gcm); if (registerStatus !=0) { printk(Register alg failed for AES_GCM\n); kmem_cache_destroy(pOpDataCache); kmem_cache_destroy(pMetaCache); pOpDataCache = NULL; pMetaCache = NULL; return registerStatus; } printk(AES_GCM loaded\n); printk(%s: Intel ICP NetKey Loaded.\n, __FUNCTION__); return 0; } static void __exit netkey_exit(void) { CpaStatus status = CPA_STATUS_SUCCESS; printk(%s: crypto_unregister_alg()\n, __FUNCTION__); if (crypto_unregister_alg(aead_authenc_3des_hmac_sha1) != 0) { printk(Unable to unload 3DES-HMAC_SHA1\n); } if (crypto_unregister_alg(aead_authenc_aes_cbc_hmac_sha1) != 0) { printk(Unable to unload AES-CBC-HMAC_SHA1\n); } if (crypto_unregister_alg(aead_authenc_aes_gcm) != 0) { printk(Unable to unload AES_GCM\n); } status = cpaCyStopInstance(CPA_INSTANCE_HANDLE_SINGLE); if (CPA_STATUS_SUCCESS != status) { printk(cpaCyStopInstance failed. (status = %d)\n, status); } if (NULL != pOpDataCache) { kmem_cache_destroy(pOpDataCache); pOpDataCache = NULL; } if (NULL != pMetaCache) { kmem_cache_destroy(pMetaCache); pMetaCache = NULL; } /* delete all the tfm descriptors */ while (NULL != g_pTfm_desc_list_head) { del_tfm_desc(g_pTfm_desc_list_head-pAead); } printk(%s: Intel ICP NetKey Unloaded.\n, __FUNCTION__); } module_init(netkey_init); module_exit(netkey_exit); MODULE_LICENSE(GPL); MODULE_DESCRIPTION(QAT ICP NETKEY); MODULE_AUTHOR(Intel); --- Thank you very much. Best regards, Mario -Original Message- From: Herbert Xu [mailto:herb...@gondor.apana.org.au] Sent: 01 April 2010 09:55 To: Nicolas, Mario Cc: linux-crypto@vger.kernel.org Subject: Re: cra_priority usage Nicolas, Mario mario.nico...@intel.com wrote: So my questions are: -What is this variable used for? -If there are multiple implementations of the same
cra_priority usage
Hi, I have written a module that implements GCM algorithm for LKCF (by calling dedicated hardware). I would like to understand how the priority mechanism works in order to be sure that my module will be selected when I need to. At the moment it seems it is always used, which is great but I'd like to understand why :) Here is the crypto_alg structure I am using to register the algorithm: static struct crypto_alg aead_authenc_aes_gcm = { .cra_name = rfc4106(gcm(aes)), .cra_driver_name= icp_aead, .cra_priority = ICP_AES_ASYNC_PRIORITY, /* 3001*/ .cra_flags = CRYPTO_ALG_TYPE_AEAD|CRYPTO_ALG_GENIV|CRYPTO_ALG_ASYNC, .cra_blocksize = AES_BLOCK_SIZE /*16*/, .cra_ctxsize= 0, .cra_type = crypto_aead_type, .cra_module = THIS_MODULE, .cra_list = LIST_HEAD_INIT(aead_authenc_aes_gcm.cra_list), .cra_exit = aead_auth_exit, .cra_u = { .aead = { .ivsize = AES_GCM_IV_SIZE, /*8*/ .maxauthsize = AES_GCM_AUTH_TAG_LEN, /*16*/ .setkey = setkey_aes_gcm, .setauthsize = qat_setauthsize, .encrypt = encrypt_aes_gcm, .decrypt = decrypt_aes_gcm, .givencrypt = geniv_encrypt_aes_gcm, .givdecrypt = geniv_decrypt_aes_gcm, } } }; The algorithm is registered by calling crypto_register_alg in the module_init function. It seems that my module is always used regardless of the value of the priority (I tried to set it to 0 or even to -1). I have also tried to load the default gcm kernel module before (or after) mine but my module is selected in both cases. I have checked in the kernel code and I did not see any location where cra_priority is used. So my questions are: -What is this variable used for? -If there are multiple implementations of the same algorithm, how is one version chosen as opposed to another one? I guess that the reason is that an asynchronous version always has a higher priority than a synchronous one. Is that correct? Thanks Mario -- Intel Shannon Limited Registered in Ireland Registered Office: Collinstown Industrial Park, Leixlip, County Kildare Registered Number: 308263 Business address: Dromore House, East Park, Shannon, Co. Clare This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html