The lookup function in crypto_type was only used for the implicit
IV generators which have been completely removed from the crypto
API.
This patch removes the lookup function as it is now useless.
Signed-off-by: Herbert Xu
diff --git a/crypto/api.c b/crypto/api.c
On Mon, Mar 19, 2018 at 11:31:24PM +0800, Ard Biesheuvel wrote:
>
> Apologies if this wasn't clear, but there are some cross dependencies
> with the arm64 tree, which receives non-trivial modifications in
> patches 10 and 11, which are subsequently depended upon by patches 12
> - 23.
>
> Without
On Mon, Mar 19, 2018 at 11:04:24AM +, Horia Geantă wrote:
>
> The only solution to avoid leaks in this case is to repeatedly DMA map & unmap
> the buffer.
> IOW, if one wants to load/save HW state in a buffer after an .update() and to
> instruct the crypto engine to do this operation, the
Hi Luc,
Thanks for the feedback. I'll try to address your points in a v13 shortly.
Logan
On 18/03/18 10:13 AM, Luc Van Oostenryck wrote:
> it looks correct but if you should explain why the warning
> is not a valid one. Once done, you can then explain what problem
> you have fixed instead of
On Mon, 19 Mar 2018 19:25:39 +0530
Atul Gupta wrote:
> +#define SOCK_INLINE (31)
>
> [...]
>
> +static inline int csk_flag(const struct sock *sk, enum csk_flags flag)
> +{
> + struct chtls_sock *csk = rcu_dereference_sk_user_data(sk);
> +
> + if (!sock_flag(sk,
On Mon, 19 Mar 2018 19:25:43 +0530
Atul Gupta wrote:
> +int chtls_recvmsg(struct sock *sk, struct msghdr *msg, size_t len,
> + int nonblock, int flags, int *addr_len)
> +{
>
> [...]
>
> + if (likely(!(flags & MSG_TRUNC))) {
> +
On Mon, 19 Mar 2018 19:25:34 +0530
Atul Gupta wrote:
> @@ -268,6 +259,8 @@ static void tls_sk_proto_close(struct sock *sk, long
> timeout)
> skip_tx_cleanup:
> release_sock(sk);
> sk_proto_close(sk, timeout);
> + if (ctx && ctx->tx_conf == TLS_HW_RECORD)
On Mon, 19 Mar 2018 19:25:42 +0530
Atul Gupta wrote:
> +static bool is_tls_skb(struct chtls_sock *csk, const struct sk_buff *skb)
> +{
> + return skb_ulp_tls_skb_flags(skb);
> +}
Do you need this function?
> +/* Copy Key to WR */
> +static void
On Mon, 19 Mar 2018 19:25:33 +0530
Atul Gupta wrote:
> Series for Chelsio Inline TLS driver (chtls)
>
> [...]
>
> v12: patch against net-next
> - fixed few build error
> - replace set_queue with skb_set_queue_mapping [Sabrina]
> - copyright year correction
On 16 March 2018 at 23:57, Herbert Xu wrote:
> On Sat, Mar 10, 2018 at 03:21:45PM +, Ard Biesheuvel wrote:
>> As reported by Sebastian, the way the arm64 NEON crypto code currently
>> keeps kernel mode NEON enabled across calls into skcipher_walk_xxx() is
>>
Entry for Inline TLS as another driver dependent on cxgb4 and chcr
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/Kconfig| 11 +++
drivers/crypto/chelsio/Makefile | 1 +
drivers/crypto/chelsio/chtls/Makefile | 4
3 files changed, 16
TLS handler for record transmit.
Create Inline TLS work request and post to FW.
Create Inline TLS record CPLs for hardware
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chtls/chtls_io.c | 1252 +++
1 file changed, 1252 insertions(+)
Initialize the space reserved for storing the TLS keys,
get and free the location where key is stored for the TLS
connection.
Program the Tx and Rx key as received from user in
struct tls12_crypto_info_aes_gcm_128 and understood by hardware.
added socket option TLS_RX
Signed-off-by: Atul Gupta
Exchange messages with hardware to program the TLS session
CPL handlers for messages received from chip.
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chtls/chtls_cm.c | 2056 +++
net/ipv4/tcp_minisocks.c|1 +
2
handler for record receive. plain text copied to user
buffer
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chtls/chtls_io.c | 600
1 file changed, 600 insertions(+)
diff --git a/drivers/crypto/chelsio/chtls/chtls_io.c
Register chtls as Inline TLS driver, chtls is ULD to cxgb4.
Setsockopt to program (tx/rx) keys on chip.
Support AES GCM of key size 128.
Support both Inline Rx and Tx.
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chtls/chtls_main.c | 590
Define Inline TLS state, connection management info.
Supporting macros definition.
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chtls/chtls.h| 485
drivers/crypto/chelsio/chtls/chtls_cm.h | 202 +
2 files changed,
Key area size in hw-config file. CPL struct for TLS request
and response. Work request for Inline TLS.
Signed-off-by: Atul Gupta
---
drivers/net/ethernet/chelsio/cxgb4/t4_msg.h | 121 ++-
drivers/net/ethernet/chelsio/cxgb4/t4_regs.h | 2 +
Read the Inline TLS capability from firmware.
Determine the area reserved for storing the keys
Dump the Inline TLS tx and rx records count.
Signed-off-by: Atul Gupta
---
drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 32 +---
Define macro for programming the TLS Key context
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chcr_algo.h | 42 +
drivers/crypto/chelsio/chcr_core.h | 55 +-
2 files changed, 96 insertions(+), 1
Ethtool option enables TLS record offload on HW, user
configures the feature for netdev capable of Inline TLS.
This allows user to define custom sk_prot for Inline TLS sock
Signed-off-by: Atul Gupta
---
include/linux/netdev_features.h | 2 ++
net/core/ethtool.c
Facility to register Inline TLS drivers to net/tls. Setup
TLS_HW_RECORD prot to listen on offload device.
Cases handled
- Inline TLS device exists, setup prot for TLS_HW_RECORD
- Atleast one Inline TLS exists, sets TLS_HW_RECORD.
- If non-inline device establish connection, move to TLS_SW_TX
Series for Chelsio Inline TLS driver (chtls)
Use tls ULP infrastructure to register chtls as Inline TLS driver.
Chtls use TCP Sockets to transmit and receive TLS record.
TCP proto is extended to offload TLS record.
T6 adapter provides the following features:
-TLS record offload, TLS
It fixes compilation warning introduced in commit
Introduced by commit
5110e65536f3 ("crypto: chelsio -Split Hash requests for large scatter gather
list")
Reported-by: Stephen Rothwell
Signed-off-by: Harsh Jain
---
On 3/19/2018 11:25 AM, Herbert Xu wrote:
> On Mon, Mar 19, 2018 at 06:39:50AM +, Horia Geantă wrote:
>>
>> The fact that there can be multiple requests in parallel (for a given tfm)
>> is a
>> different topic.
>> Each request object has its state in its own state machine, independent from
>>
On 3/19/2018 2:52 PM, Herbert Xu wrote:
> On Sun, Mar 18, 2018 at 10:36:02AM -0400, David Miller wrote:
>> Herbert, is it OK for this entire series to go via net-next?
> Sure, although there could be conflicts since the chelsio driver
> seems to be changing quite fast.
I applied chcr patches
On Mon, Mar 19, 2018 at 06:39:50AM +, Horia Geantă wrote:
>
> The fact that there can be multiple requests in parallel (for a given tfm) is
> a
> different topic.
> Each request object has its state in its own state machine, independent from
> the
> other request objects.
> I assume this is
On Sun, Mar 18, 2018 at 10:36:02AM -0400, David Miller wrote:
>
> Herbert, is it OK for this entire series to go via net-next?
Sure, although there could be conflicts since the chelsio driver
seems to be changing quite fast.
Cheers,
--
Email: Herbert Xu
Home Page:
This patch improves the send error path as it wasn't handling all error
cases. A new label is added, and some of the goto are updated to point
to the right labels, so that the code is more robust to errors.
Signed-off-by: Antoine Tenart
---
The token used for encryption and decryption of skcipher algorithms sets
its stat field to "last packet". As it's a cipher only algorithm, there
is not hash operation and thus the "last hash" bit should be set to tell
the internal engine no hash operation should be performed.
This does not fix a
This patch fixes a typo in the EIP197_HIA_xDR_WR_CTRL_BUG register name,
as it should be EIP197_HIA_xDR_WR_CTRL_BUF. This is a cosmetic only
change.
Signed-off-by: Antoine Tenart
---
drivers/crypto/inside-secure/safexcel.c | 2 +-
This patches update the way the digest is copied from the state buffer
to the result buffer, so that the copy only happen after the state
buffer was DMA unmapped, as otherwise the buffer would be owned by the
device.
Signed-off-by: Antoine Tenart
---
This patches uses the state size of the algorithms instead of their
digest size to copy the ipad and opad in the context. This doesn't fix
anything as the state and digest size are the same for many algorithms,
and for all the hmac currently supported by this driver. However
hmac(sha224) use the
This patch adds the hmac(sha224) support to the Inside Secure
cryptographic engine driver.
Signed-off-by: Antoine Tenart
---
drivers/crypto/inside-secure/safexcel.c | 1 +
drivers/crypto/inside-secure/safexcel.h | 1 +
Small cosmetic patch fixing one typo in the
EIP197_HIA_DSE_CFG_ALLWAYS_BUFFERABLE macro, it should be _ALWAYS_.
Signed-off-by: Antoine Tenart
---
drivers/crypto/inside-secure/safexcel.c | 2 +-
drivers/crypto/inside-secure/safexcel.h | 2 +-
2 files changed, 2
This patch adds the hmac(sha256) support to the Inside Secure
cryptographic engine driver.
Signed-off-by: Antoine Tenart
---
drivers/crypto/inside-secure/safexcel.c | 3 +-
drivers/crypto/inside-secure/safexcel.h | 1 +
Hi Herbert,
This series brings hmac(sha256) and hmac(sha224) support to the Inside
Secure cryptographic engine driver.
The first 7 patches are fixes and reworks needed for the hmac(sha256)
and hmac(224) support to land in. Then 2 patches adds the 2 new
algorithms.
This has been tested with boot
This patches moves the digest information from the transformation
context to the request context. This fixes cases where HMAC init
functions were called and override the digest value for a short period
of time, as the HMAC init functions call the SHA init one which reset
the value. This lead to a
On 3/16/2018 5:16 PM, Herbert Xu wrote:
> On Mon, Mar 05, 2018 at 12:39:45PM +0200, Horia Geantă wrote:
>> Even though it doesn't make too much sense, it is perfectly legal to:
>> - call .init() and then (as many times) .update()
>> - subseqently _not_ call any of .final(), .finup() or .export()
>
39 matches
Mail list logo