Re: [PATCH 4/4] crypto: nx - convert AES-CTR to skcipher API
On Sun, 13 Oct 2019 at 06:40, Eric Biggers wrote:
>
> From: Eric Biggers
>
> Convert the PowerPC Nest (NX) implementation of AES-CTR from the
> deprecated "blkcipher" API to the "skcipher" API. This is needed in
> order for the blkcipher API to be removed.
>
> Signed-off-by: Eric Biggers
Reviewed-by: Ard Biesheuvel
> ---
> drivers/crypto/nx/nx-aes-ctr.c | 84 +++---
> drivers/crypto/nx/nx.c | 25 +++---
> drivers/crypto/nx/nx.h | 4 +-
> 3 files changed, 46 insertions(+), 67 deletions(-)
>
> diff --git a/drivers/crypto/nx/nx-aes-ctr.c b/drivers/crypto/nx/nx-aes-ctr.c
> index 05e558cefe94..6d5ce1a66f1e 100644
> --- a/drivers/crypto/nx/nx-aes-ctr.c
> +++ b/drivers/crypto/nx/nx-aes-ctr.c
> @@ -19,11 +19,11 @@
> #include "nx.h"
>
>
> -static int ctr_aes_nx_set_key(struct crypto_tfm *tfm,
> - const u8 *in_key,
> - unsigned int key_len)
> +static int ctr_aes_nx_set_key(struct crypto_skcipher *tfm,
> + const u8 *in_key,
> + unsigned intkey_len)
> {
> - struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(tfm);
> + struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
> struct nx_csbcpb *csbcpb = nx_ctx->csbcpb;
>
> nx_ctx_init(nx_ctx, HCOP_FC_AES);
> @@ -51,11 +51,11 @@ static int ctr_aes_nx_set_key(struct crypto_tfm *tfm,
> return 0;
> }
>
> -static int ctr3686_aes_nx_set_key(struct crypto_tfm *tfm,
> - const u8 *in_key,
> - unsigned int key_len)
> +static int ctr3686_aes_nx_set_key(struct crypto_skcipher *tfm,
> + const u8 *in_key,
> + unsigned intkey_len)
> {
> - struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(tfm);
> + struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
>
> if (key_len < CTR_RFC3686_NONCE_SIZE)
> return -EINVAL;
> @@ -69,12 +69,10 @@ static int ctr3686_aes_nx_set_key(struct crypto_tfm *tfm,
> return ctr_aes_nx_set_key(tfm, in_key, key_len);
> }
>
> -static int ctr_aes_nx_crypt(struct blkcipher_desc *desc,
> - struct scatterlist*dst,
> - struct scatterlist*src,
> - unsigned int nbytes)
> +static int ctr_aes_nx_crypt(struct skcipher_request *req, u8 *iv)
> {
> - struct nx_crypto_ctx *nx_ctx = crypto_blkcipher_ctx(desc->tfm);
> + struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
> + struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
> struct nx_csbcpb *csbcpb = nx_ctx->csbcpb;
> unsigned long irq_flags;
> unsigned int processed = 0, to_process;
> @@ -83,9 +81,9 @@ static int ctr_aes_nx_crypt(struct blkcipher_desc *desc,
> spin_lock_irqsave(_ctx->lock, irq_flags);
>
> do {
> - to_process = nbytes - processed;
> + to_process = req->cryptlen - processed;
>
> - rc = nx_build_sg_lists(nx_ctx, desc->info, dst, src,
> + rc = nx_build_sg_lists(nx_ctx, iv, req->dst, req->src,
>_process, processed,
>csbcpb->cpb.aes_ctr.iv);
> if (rc)
> @@ -97,59 +95,51 @@ static int ctr_aes_nx_crypt(struct blkcipher_desc *desc,
> }
>
> rc = nx_hcall_sync(nx_ctx, _ctx->op,
> - desc->flags & CRYPTO_TFM_REQ_MAY_SLEEP);
> + req->base.flags &
> CRYPTO_TFM_REQ_MAY_SLEEP);
> if (rc)
> goto out;
>
> - memcpy(desc->info, csbcpb->cpb.aes_cbc.cv, AES_BLOCK_SIZE);
> + memcpy(iv, csbcpb->cpb.aes_cbc.cv, AES_BLOCK_SIZE);
>
> atomic_inc(&(nx_ctx->stats->aes_ops));
> atomic64_add(csbcpb->csb.processed_byte_count,
> &(nx_ctx->stats->aes_bytes));
>
> processed += to_process;
> - } while (processed < nbytes);
> + } while (processed < req->cryptlen);
> out:
> spin_unlock_irqrestore(_ctx->lock, irq_flags);
> return rc;
> }
>
> -static int ctr3686_aes_nx_crypt(struct blkcipher_desc *desc,
> - struct scatterlist*dst,
> - struct scatterlist*src,
> - unsigned int nbytes)
> +static int ctr3686_aes_nx_crypt(struct skcipher_request *req)
> {
> - struct nx_crypto_ctx *nx_ctx = crypto_blkcipher_ctx(desc->tfm);
> + struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
> + struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
> u8 iv[16];
>
> memcpy(iv,
[PATCH 4/4] crypto: nx - convert AES-CTR to skcipher API
From: Eric Biggers
Convert the PowerPC Nest (NX) implementation of AES-CTR from the
deprecated "blkcipher" API to the "skcipher" API. This is needed in
order for the blkcipher API to be removed.
Signed-off-by: Eric Biggers
---
drivers/crypto/nx/nx-aes-ctr.c | 84 +++---
drivers/crypto/nx/nx.c | 25 +++---
drivers/crypto/nx/nx.h | 4 +-
3 files changed, 46 insertions(+), 67 deletions(-)
diff --git a/drivers/crypto/nx/nx-aes-ctr.c b/drivers/crypto/nx/nx-aes-ctr.c
index 05e558cefe94..6d5ce1a66f1e 100644
--- a/drivers/crypto/nx/nx-aes-ctr.c
+++ b/drivers/crypto/nx/nx-aes-ctr.c
@@ -19,11 +19,11 @@
#include "nx.h"
-static int ctr_aes_nx_set_key(struct crypto_tfm *tfm,
- const u8 *in_key,
- unsigned int key_len)
+static int ctr_aes_nx_set_key(struct crypto_skcipher *tfm,
+ const u8 *in_key,
+ unsigned intkey_len)
{
- struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(tfm);
+ struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
struct nx_csbcpb *csbcpb = nx_ctx->csbcpb;
nx_ctx_init(nx_ctx, HCOP_FC_AES);
@@ -51,11 +51,11 @@ static int ctr_aes_nx_set_key(struct crypto_tfm *tfm,
return 0;
}
-static int ctr3686_aes_nx_set_key(struct crypto_tfm *tfm,
- const u8 *in_key,
- unsigned int key_len)
+static int ctr3686_aes_nx_set_key(struct crypto_skcipher *tfm,
+ const u8 *in_key,
+ unsigned intkey_len)
{
- struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(tfm);
+ struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
if (key_len < CTR_RFC3686_NONCE_SIZE)
return -EINVAL;
@@ -69,12 +69,10 @@ static int ctr3686_aes_nx_set_key(struct crypto_tfm *tfm,
return ctr_aes_nx_set_key(tfm, in_key, key_len);
}
-static int ctr_aes_nx_crypt(struct blkcipher_desc *desc,
- struct scatterlist*dst,
- struct scatterlist*src,
- unsigned int nbytes)
+static int ctr_aes_nx_crypt(struct skcipher_request *req, u8 *iv)
{
- struct nx_crypto_ctx *nx_ctx = crypto_blkcipher_ctx(desc->tfm);
+ struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
+ struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
struct nx_csbcpb *csbcpb = nx_ctx->csbcpb;
unsigned long irq_flags;
unsigned int processed = 0, to_process;
@@ -83,9 +81,9 @@ static int ctr_aes_nx_crypt(struct blkcipher_desc *desc,
spin_lock_irqsave(_ctx->lock, irq_flags);
do {
- to_process = nbytes - processed;
+ to_process = req->cryptlen - processed;
- rc = nx_build_sg_lists(nx_ctx, desc->info, dst, src,
+ rc = nx_build_sg_lists(nx_ctx, iv, req->dst, req->src,
_process, processed,
csbcpb->cpb.aes_ctr.iv);
if (rc)
@@ -97,59 +95,51 @@ static int ctr_aes_nx_crypt(struct blkcipher_desc *desc,
}
rc = nx_hcall_sync(nx_ctx, _ctx->op,
- desc->flags & CRYPTO_TFM_REQ_MAY_SLEEP);
+ req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP);
if (rc)
goto out;
- memcpy(desc->info, csbcpb->cpb.aes_cbc.cv, AES_BLOCK_SIZE);
+ memcpy(iv, csbcpb->cpb.aes_cbc.cv, AES_BLOCK_SIZE);
atomic_inc(&(nx_ctx->stats->aes_ops));
atomic64_add(csbcpb->csb.processed_byte_count,
&(nx_ctx->stats->aes_bytes));
processed += to_process;
- } while (processed < nbytes);
+ } while (processed < req->cryptlen);
out:
spin_unlock_irqrestore(_ctx->lock, irq_flags);
return rc;
}
-static int ctr3686_aes_nx_crypt(struct blkcipher_desc *desc,
- struct scatterlist*dst,
- struct scatterlist*src,
- unsigned int nbytes)
+static int ctr3686_aes_nx_crypt(struct skcipher_request *req)
{
- struct nx_crypto_ctx *nx_ctx = crypto_blkcipher_ctx(desc->tfm);
+ struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
+ struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
u8 iv[16];
memcpy(iv, nx_ctx->priv.ctr.nonce, CTR_RFC3686_IV_SIZE);
- memcpy(iv + CTR_RFC3686_NONCE_SIZE,
- desc->info, CTR_RFC3686_IV_SIZE);
+ memcpy(iv + CTR_RFC3686_NONCE_SIZE, req->iv, CTR_RFC3686_IV_SIZE);
iv[12] = iv[13] = iv[14] = 0;
iv[15] = 1;
- desc->info =
