[GIT PULL] KEYS: Miscellaneous bits for security/next

[David Howells]

Hi James,

Could you pull this into security/next, please?

The most important patches here are the ones that deal with making the
asymmetric key software public key subtype use the akcipher crypto API for
the actual public key algorithm.

But there are also:

 (1) Allow space to be reserved for extra certificate insertion in the
 unsigned kernel image.

 (2) Allow modules to be signed with a raw signature.

 (3) Allow utilities to be built with LibreSSL instead of OpenSSL.

 (4) Fix X.509 time & date parsing.

 (5) Use text-based identifiers within the public key code instead of
 enums.
 
Plus other small fixes.

Thanks,
David
---
The following changes since commit 388f7b1d6e8ca06762e2454d28d6c3c55ad0fe95:

  Linux 4.5-rc3 (2016-02-07 15:38:30 -0800)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git 
tags/keys-next-20160303

for you to fetch changes up to 4e8ae72a75aae285ec5b93518b9680da198afd0d:

  X.509: Make algo identifiers text instead of enum (2016-03-03 21:49:27 +)


Keyrings changes for next


Arnd Bergmann (1):
  modsign: hide openssl output in silent builds

Codarren Velvindron (1):
  v2 linux-next scripts/sign-file.c Fix LibreSSL support

Colin Ian King (1):
  PKCS#7: fix unitialized boolean 'want'

David Howells (10):
  KEYS: Add an alloc flag to convey the builtinness of a key
  KEYS: CONFIG_KEYS_DEBUG_PROC_KEYS is no longer an option
  X.509: Fix leap year handling again
  Handle ISO 8601 leap seconds and encodings of midnight in mktime64()
  X.509: Support leap seconds
  X.509: Handle midnight alternative notation in GeneralizedTime
  certs: Fix misaligned data in extra certificate list
  MODSIGN: linux/string.h should be #included to get memcpy()
  akcipher: Move the RSA DER encoding check to the crypto layer
  X.509: Make algo identifiers text instead of enum

Juerg Haefliger (1):
  scripts/sign-file.c: Add support for signing with a raw signature

Marc-Antoine Perennou (1):
  sign-file: fix build with CMS support disabled

Mehmet Kayaalp (2):
  KEYS: Reserve an extra certificate symbol for inserting without 
recompiling
  KEYS: Use the symbol value for list size, updated by 
scripts/insert-sys-cert

Paul Gortmaker (1):
  security/keys: make big_key.c explicitly non-modular

Tadeusz Struk (4):
  crypto: KEYS: convert public key and digsig asym to the akcipher api
  integrity: convert digsig to akcipher api
  crypto: public_key: remove MPIs from public_key_signature struct
  crypto: Add hash param to pkcs1pad

 arch/arm/configs/colibri_pxa270_defconfig   |   1 -
 arch/arm/configs/iop13xx_defconfig  |   1 -
 arch/arm/configs/iop32x_defconfig   |   1 -
 arch/arm/configs/trizeps4_defconfig |   1 -
 arch/microblaze/configs/mmu_defconfig   |   1 -
 arch/microblaze/configs/nommu_defconfig |   1 -
 arch/mips/configs/bigsur_defconfig  |   1 -
 arch/mips/configs/ip22_defconfig|   1 -
 arch/mips/configs/ip27_defconfig|   1 -
 arch/mips/configs/ip32_defconfig|   1 -
 arch/mips/configs/jazz_defconfig|   1 -
 arch/mips/configs/lemote2f_defconfig|   1 -
 arch/mips/configs/rm200_defconfig   |   1 -
 arch/mips/configs/sb1250_swarm_defconfig|   1 -
 arch/parisc/configs/712_defconfig   |   1 -
 arch/parisc/configs/a500_defconfig  |   1 -
 arch/parisc/configs/default_defconfig   |   1 -
 arch/parisc/configs/generic-32bit_defconfig |   1 -
 arch/powerpc/configs/c2k_defconfig  |   1 -
 arch/powerpc/configs/ppc6xx_defconfig   |   1 -
 arch/score/configs/spct6600_defconfig   |   1 -
 arch/tile/configs/tilegx_defconfig  |   1 -
 arch/tile/configs/tilepro_defconfig |   1 -
 arch/x86/configs/i386_defconfig |   1 -
 arch/x86/configs/x86_64_defconfig   |   1 -
 certs/Kconfig   |  16 ++
 certs/Makefile  |  33 ++-
 certs/system_certificates.S |  13 +
 certs/system_keyring.c  |   4 +-
 crypto/asymmetric_keys/Kconfig  |   7 -
 crypto/asymmetric_keys/Makefile |   8 +-
 crypto/asymmetric_keys/mscode_parser.c  |  14 +-
 crypto/asymmetric_keys/pkcs7_parser.c   |  32 +--
 crypto/asymmetric_keys/pkcs7_trust.c|   2 +-
 crypto/asymmetric_keys/pkcs7_verify.c   |  10 +-
 crypto/asymmetric_keys/public_key.c | 154 +++
 crypto/asymmetric_keys/public_key.h |  36 ---
 crypto/asymmetric_keys/rsa.c| 278 ---
 crypto/asymmetric_keys/verify_pefile.c  |   4 +-
 crypto/asymmetric_keys/verify_pefile.h  |   2 +-
 crypto/asymmetric_keys/x509_cert_parser.c   |  75 ++---
 cr

Re: [PATCH 1/3] Documentation: devicetree: add Freescale RNGC binding

[Rob Herring]

On Mon, Feb 29, 2016 at 04:52:34PM +0100, Steffen Trumtrar wrote:
> Add binding documentation for the Freescale RNGC found on
> some i.MX2/3/5 SoCs.
> 
> Signed-off-by: Steffen Trumtrar 
> ---
>  Documentation/devicetree/bindings/rng/mxc_rngc.txt | 16 
>  1 file changed, 16 insertions(+)
>  create mode 100644 Documentation/devicetree/bindings/rng/mxc_rngc.txt

Acked-by: Rob Herring 
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [GIT PULL] KEYS: Miscellaneous bits for security/next

[James Morris]

On Fri, 4 Mar 2016, David Howells wrote:

> Hi James,
> 
> Could you pull this into security/next, please?
> 

Done.


-- 
James Morris


--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 1/4] scatterlist: Introduce some helper functions

[Baolin Wang]

Hi Robert,

On 4 March 2016 at 03:15, Robert Jarzmik  wrote:
> Baolin Wang  writes:
>
>> @@ -212,6 +212,37 @@ static inline void sg_unmark_end(struct scatterlist *sg)
>>  }
>>
>>  /**
>> + * sg_is_contiguous - Check if the scatterlists are contiguous
>> + * @sga: SG entry
>> + * @sgb: SG entry
>> + *
>> + * Description:
>> + *   If the sga scatterlist is contiguous with the sgb scatterlist,
>> + *   that means they can be merged together.
>> + *
>> + **/
>> +static inline bool sg_is_contiguous(struct scatterlist *sga,
>> + struct scatterlist *sgb)
>> +{
>> + return ((sga->page_link & ~0x3UL) + sga->offset + sga->length ==
>> + (sgb->page_link & ~0x3UL));
>> +}
> I don't understand that one.
> sga->page_link is a pointer to a "struct page *". How can it be added to an
> offset within a page ???


Ah, sorry that's a mistake. It should check as below:
static inline bool sg_is_contiguous(struct scatterlist *sga, struct
scatterlist *sgb)
{
return (unsigned int)sg_virt(sga) + sga->length == (unsigned
int)sg_virt(sgb);
}

>
>> @@ -370,6 +370,65 @@ int sg_alloc_table(struct sg_table *table, unsigned int
>> nents, gfp_t gfp_mask)
> ...
>>  /**
>> + * sg_add_sg_to_table - Add one scatterlist into sg table
>> + * @sgt: The sg table header to use
>> + * @src: The sg need to be added into sg table
>> + *
>> + * Description:
>> + *   The 'nents' member indicates how many scatterlists added in the sg 
>> table.
>> + *   Copy the @src@ scatterlist into sg table and increase 'nents' member.
>> + *
>> + **/
>> +int sg_add_sg_to_table(struct sg_table *sgt, struct scatterlist *src)
>> +{
>> + unsigned int i = 0, orig_nents = sgt->orig_nents;
>> + struct scatterlist *sgl = sgt->sgl;
>> + struct scatterlist *sg;
>> +
>> + /* Check if there are enough space for the new sg to be added */
>> + if (sgt->nents >= sgt->orig_nents)
>> + return -EINVAL;
> I must admit I don't understand that one either : how do comparing the number 
> of
> "mapped" entries against the number of "allocated" entries determines if there
> is enough room ?

That's for a dynamic sg table. If there is one sg table allocated
'orig_nents' scatterlists, and we need copy another mapped scatterlist
into the sg table if there are some requirements. So we use 'nents' to
record how many scatterlists have been copied into the sg table.

>
>> +/**
>> + * sg_alloc_empty_table - Allocate one empty sg table
>> + * @sgt: The sg table header to use
>> + * @nents:   Number of entries in sg list
>> + * @gfp_mask:GFP allocation mask
>> + *
>> + *  Description:
>> + *Allocate and initialize an sg table. The 'nents' member of sg_table
>> + *indicates how many scatterlists added in the sg table. It should set
>> + *0 which means there are no scatterlists added in this sg table now.
>> + *
>> + **/
>> +int sg_alloc_empty_table(struct sg_table *sgt, unsigned int nents,
>> +  gfp_t gfp_mask)
> As for this one, there has to be a purpose for it I fail to see. From far away
> it looks exactly like sg_alloc_table(), excepting it "works around" the nents 
> >
> 0 protection of __sg_alloc_table().
> What is exactly the need for this one, and if it's usefull why not simply
> changing the __sg_alloc_table() "nents > 0" test and see what the outcome of 
> the
> review will be ?

Like I said above. If we want to copy some mapped scatterlists into
one sg table, we should set the 'nents' to 0 to indicates how many
scatterlists coppied in the sg table.
Thanks for your comments.

>
> Cheers.
>
> --
> Robert



-- 
Baolin.wang
Best Regards
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] vti6: Add pmtu handling to vti6_xmit.

[Steffen Klassert]

On Wed, Feb 24, 2016 at 09:37:39PM +, Mark McKinstry wrote:
> On 19/02/16 01:19, Steffen Klassert wrote:
> > On Thu, Feb 18, 2016 at 01:40:00AM +, Mark McKinstry wrote:
> >> This patch fixes our issue, thanks. In our scenario the tunnel path MTU
> >> now gets updated so that subsequent large packets sent over the tunnel
> >> get fragmented correctly.
> > I've applied this patch to the ipsec tree now.
> > Thanks for testing!
> I spoke too soon. Upon further testing with this patch we have found it 
> causes
> a skt buffer leak. This is problematic for us and can cause memory 
> exhaustion in
> one of our test scenarios that has an IPv4 IPsec tunnel over a PPP link. 

The patch below is what I plan to apply on top of the original patch.

Subject: [PATCH] vti: Fix recource leeks on pmtu discovery

A recent patch introduced pmtu handling directly in the
vti transmit routine. Unfortunately we now return without
releasing the dst_entry and freeing the sk_buff. This patch
fixes the issue.

Fixes: 325b71fe0f57 ("vti: Add pmtu handling to vti_xmit.")
Reported-by: Mark McKinstry 
Signed-off-by: Steffen Klassert 
---
 net/ipv4/ip_vti.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c
index 6862305..2ea2b6e 100644
--- a/net/ipv4/ip_vti.c
+++ b/net/ipv4/ip_vti.c
@@ -206,7 +206,8 @@ static netdev_tx_t vti_xmit(struct sk_buff *skb, struct 
net_device *dev,
else
icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
 
-   return -EMSGSIZE;
+   dst_release(dst);
+   goto tx_error;
}
 
err = dst_output(tunnel->net, skb->sk, skb);
-- 
1.9.1

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 0/3] KEYS: Use crypto rsa pkcs1pad module for software public keys

[Herbert Xu]

On Mon, Feb 29, 2016 at 09:32:08AM +, David Howells wrote:
> Herbert Xu  wrote:
> 
> > David Howells  wrote:
> > > 
> > > Here's a set of patches that change the software public key asymmetric key
> > > subtype to use the RSA pkcs1pad module in the crypto layer.  I've merged
> > > together mine and Tadeusz's patches.
> > > 
> > > I have not included Tadeusz's original three patches that converted to
> > > using the raw rsa module in this set, but they're prerequisites for this.
> > 
> > Looks OK to me.  Where do you want these patches to go?
> 
> Can I turn that into an Reviewed-by?  I'll take them through my tree and
> James's tree.

Of course.

Acked-by: Herbert Xu 
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH V2] crypto: implement DH primitives under akcipher API

[Marcel Holtmann]

Hi Salvatore,

> Implement Diffie-Hellman primitives required by the scheme under the
> akcipher API. Here is how it works.
> 1) Call set_pub_key() by passing DH parameters (p,g) in PKCS3 format
> 2) Call set_priv_key() to set your own private key (xa) in raw format
> 3) Call decrypt() without passing any data as input to get back the
>   public part which will be computed as g^xa mod p
> 4) Call encrypt() by passing the counter part public key (yb) in raw format
>   as input to get back the shared secret calculated as zz = yb^xa mod p

I am still not convinced that akcipher is good match for key exchange methods. 
I think we should try to introduce a new abstraction here.

Overloading set_pub_key() with DH params and using decrypt() for private/public 
key pair generation seems not a good fit. It does not really match.

And as I said before, we know for certain that ECDH has to happen as well. So 
we need to forward look into making that fit as well.

Regards

Marcel

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto/async_pq: use __free_page() instead of put_page()

[Vinod Koul]

On Tue, Mar 01, 2016 at 10:54:50PM +0900, Joonsoo Kim wrote:
> 2016-03-01 3:04 GMT+09:00 Dan Williams :
> > On Mon, Feb 29, 2016 at 1:33 AM, Arnd Bergmann  wrote:
> >> The addition of tracepoints to the page reference tracking had an
> >> unfortunate side-effect in at least one driver that calls put_page
> >> from its exit function, resulting in a link error:
> >>
> >> `.exit.text' referenced in section `__jump_table' of crypto/built-in.o: 
> >> defined in discarded section `.exit.text' of crypto/built-in.o
> >>
> >> From a cursory look at that this driver, it seems that it may be
> >> doing the wrong thing here anyway, as the page gets allocated
> >> using 'alloc_page()', and should be freed using '__free_page()'
> >> rather than 'put_page()'.
> >>
> >> With this patch, I no longer get any other build errors from the
> >> page_ref patch, so hopefully we can assume that it's always wrong
> >> to call any of those functions from __exit code, and that no other
> >> driver does it.
> >>
> >> Fixes: 0f80830dd044 ("mm/page_ref: add tracepoint to track down page 
> >> reference manipulation")
> >> Signed-off-by: Arnd Bergmann 
> >
> > Acked-by: Dan Williams 
> >
> > Vinod, will you take this one?
> 
> Problematic patch ("mm/page_ref: ~~~") is not yet merged one. It is on mmotm
> and this fix should go together with it or before it. I think that
> handling this fix by
> Andrew is easier to all.

Okay fine by me.

-- 
~Vinod
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH V2] crypto: implement DH primitives under akcipher API

[Salvatore Benedetto]

Implement Diffie-Hellman primitives required by the scheme under the
akcipher API. Here is how it works.
1) Call set_pub_key() by passing DH parameters (p,g) in PKCS3 format
2) Call set_priv_key() to set your own private key (xa) in raw format
3) Call decrypt() without passing any data as input to get back the
   public part which will be computed as g^xa mod p
4) Call encrypt() by passing the counter part public key (yb) in raw format
   as input to get back the shared secret calculated as zz = yb^xa mod p

A test is included in the patch. Test vector has been generated with
openssl

Signed-off-by: Salvatore Benedetto 
---

Changes in V2:
 * Use dh_get_params where required
 * Use key lengths defined in RFC3526
 * Set fips_allowed=1 for the test

 crypto/Kconfig|   8 ++
 crypto/Makefile   |   7 ++
 crypto/dh.c   | 264 ++
 crypto/pkcs3.asn1 |   5 ++
 crypto/tcrypt.c   |   4 +
 crypto/testmgr.c  | 141 +++--
 crypto/testmgr.h  | 208 +-
 7 files changed, 628 insertions(+), 9 deletions(-)
 create mode 100644 crypto/dh.c
 create mode 100644 crypto/pkcs3.asn1

diff --git a/crypto/Kconfig b/crypto/Kconfig
index f6bfdda..fd5b78d 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -101,6 +101,14 @@ config CRYPTO_RSA
help
  Generic implementation of the RSA public key algorithm.
 
+config CRYPTO_DH
+   tristate "Diffie-Hellman algorithm"
+   select CRYPTO_AKCIPHER
+   select MPILIB
+   select ASN1
+   help
+ Generic implementation of the Diffie-Hellman algorithm.
+
 config CRYPTO_MANAGER
tristate "Cryptographic algorithm manager"
select CRYPTO_MANAGER2
diff --git a/crypto/Makefile b/crypto/Makefile
index 4f4ef7e..ee73489 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -31,6 +31,13 @@ obj-$(CONFIG_CRYPTO_HASH2) += crypto_hash.o
 
 obj-$(CONFIG_CRYPTO_AKCIPHER2) += akcipher.o
 
+$(obj)/pkcs3-asn1.o: $(obj)/pkcs3-asn1.c $(obj)/pkcs3-asn1.h
+clean-files += pkcs3-asn1.c pkcs3-asn1.h
+
+dh_generic-y := pkcs3-asn1.o
+dh_generic-y += dh.o
+obj-$(CONFIG_CRYPTO_DH) += dh_generic.o
+
 $(obj)/rsapubkey-asn1.o: $(obj)/rsapubkey-asn1.c $(obj)/rsapubkey-asn1.h
 $(obj)/rsaprivkey-asn1.o: $(obj)/rsaprivkey-asn1.c $(obj)/rsaprivkey-asn1.h
 clean-files += rsapubkey-asn1.c rsapubkey-asn1.h
diff --git a/crypto/dh.c b/crypto/dh.c
new file mode 100644
index 000..29243ee
--- /dev/null
+++ b/crypto/dh.c
@@ -0,0 +1,264 @@
+/*  Diffie-Hellman Key Agreement Method [RFC2631]
+ *
+ * Copyright (c) 2016, Intel Corporation
+ * Authors: Salvatore Benedetto 
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public Licence
+ * as published by the Free Software Foundation; either version
+ * 2 of the Licence, or (at your option) any later version.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include "pkcs3-asn1.h"
+
+struct dh_params {
+   MPI p;
+   MPI g;
+   MPI xa;
+};
+
+int dh_get_g(void *context, size_t hdrlen, unsigned char tag, const void 
*value,
+size_t vlen)
+{
+   struct dh_params *params = context;
+
+   params->g = mpi_read_raw_data(value, vlen);
+
+   if (!params->g)
+   return -ENOMEM;
+
+   return 0;
+}
+
+int dh_get_p(void *context, size_t hdrlen, unsigned char tag, const void 
*value,
+size_t vlen)
+{
+   struct dh_params *params = context;
+
+   params->p = mpi_read_raw_data(value, vlen);
+
+   if (!params->p)
+   return -ENOMEM;
+
+   return 0;
+}
+
+static int dh_parse_params(struct dh_params *params, const void *key,
+  unsigned int keylen)
+{
+   int ret;
+
+   mpi_free(params->p);
+   mpi_free(params->g);
+
+   ret = asn1_ber_decoder(_decoder, params, key, keylen);
+
+   return ret;
+}
+
+static void dh_free_params(struct dh_params *params)
+{
+   mpi_free(params->p);
+   mpi_free(params->g);
+   mpi_free(params->xa);
+   params->p = NULL;
+   params->g = NULL;
+   params->xa = NULL;
+}
+
+/*
+ * Public key generation function [RFC2631 sec 2.1.1]
+ * ya = g^xa mod p;
+ */
+static int _generate_public_key(const struct dh_params *params, MPI ya)
+{
+   /* ya = g^xa mod p */
+   return mpi_powm(ya, params->g, params->xa, params->p);
+}
+
+/*
+ * ZZ generation function [RFC2631 sec 2.1.1]
+ * ZZ = yb^xa mod p;
+ */
+static int _compute_shared_secret(const struct dh_params *params, MPI yb,
+ MPI zz)
+{
+   /* ZZ = yb^xa mod p */
+   return mpi_powm(zz, yb, params->xa, params->p);
+}
+
+static inline struct dh_params *dh_get_params(struct crypto_akcipher *tfm)
+{
+   return akcipher_tfm_ctx(tfm);
+}
+
+static int dh_generate_public_key(struct akcipher_request *req)
+{
+   struct 

Re: [PATCH 3/4] crypto: ccp - CCP versioning support

[Tom Lendacky]

On 03/01/2016 01:49 PM, Gary R Hook wrote:
> Future hardware may introduce new algorithms wherein the
> driver will need to manage resources for different versions
> of the cryptographic coprocessor. This precursor patch
> determines the version of the available device, and marks
> and registers algorithms accordingly. A structure is added
> which manages the version-specific data.
> 
> Signed-off-by: Gary R Hook 

Acked-by: Tom Lendacky 

> ---
>  drivers/crypto/ccp/ccp-crypto-aes.c |   12 ++-
>  drivers/crypto/ccp/ccp-crypto-sha.c |9 +++-
>  drivers/crypto/ccp/ccp-dev.c|   27 
>  drivers/crypto/ccp/ccp-dev.h|8 +++
>  drivers/crypto/ccp/ccp-pci.c|8 ++-
>  drivers/crypto/ccp/ccp-platform.c   |   39 
> +--
>  include/linux/ccp.h |   17 +++
>  7 files changed, 115 insertions(+), 5 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 1/4] crypto: ccp - Remove check for x86 family and model

[Tom Lendacky]

On 03/01/2016 01:48 PM, Gary R Hook wrote:
> Each x86 SoC will make use of a unique PCI ID for the CCP
> device so it is not necessary to check for the CPU family
> and model.
> 
> Signed-off-by: Gary R Hook 

Acked-by: Tom Lendacky 

> ---
>  drivers/crypto/ccp/ccp-dev.c |   47 
> ++
>  1 file changed, 11 insertions(+), 36 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 1/4] scatterlist: Introduce some helper functions

[Robert Jarzmik]

Baolin Wang  writes:

> @@ -212,6 +212,37 @@ static inline void sg_unmark_end(struct scatterlist *sg)
>  }
>  
>  /**
> + * sg_is_contiguous - Check if the scatterlists are contiguous
> + * @sga: SG entry
> + * @sgb: SG entry
> + *
> + * Description:
> + *   If the sga scatterlist is contiguous with the sgb scatterlist,
> + *   that means they can be merged together.
> + *
> + **/
> +static inline bool sg_is_contiguous(struct scatterlist *sga,
> + struct scatterlist *sgb)
> +{
> + return ((sga->page_link & ~0x3UL) + sga->offset + sga->length ==
> + (sgb->page_link & ~0x3UL));
> +}
I don't understand that one.
sga->page_link is a pointer to a "struct page *". How can it be added to an
offset within a page ???

> @@ -370,6 +370,65 @@ int sg_alloc_table(struct sg_table *table, unsigned int
> nents, gfp_t gfp_mask)
...
>  /**
> + * sg_add_sg_to_table - Add one scatterlist into sg table
> + * @sgt: The sg table header to use
> + * @src: The sg need to be added into sg table
> + *
> + * Description:
> + *   The 'nents' member indicates how many scatterlists added in the sg 
> table.
> + *   Copy the @src@ scatterlist into sg table and increase 'nents' member.
> + *
> + **/
> +int sg_add_sg_to_table(struct sg_table *sgt, struct scatterlist *src)
> +{
> + unsigned int i = 0, orig_nents = sgt->orig_nents;
> + struct scatterlist *sgl = sgt->sgl;
> + struct scatterlist *sg;
> +
> + /* Check if there are enough space for the new sg to be added */
> + if (sgt->nents >= sgt->orig_nents)
> + return -EINVAL;
I must admit I don't understand that one either : how do comparing the number of
"mapped" entries against the number of "allocated" entries determines if there
is enough room ?

> +/**
> + * sg_alloc_empty_table - Allocate one empty sg table
> + * @sgt: The sg table header to use
> + * @nents:   Number of entries in sg list
> + * @gfp_mask:GFP allocation mask
> + *
> + *  Description:
> + *Allocate and initialize an sg table. The 'nents' member of sg_table
> + *indicates how many scatterlists added in the sg table. It should set
> + *0 which means there are no scatterlists added in this sg table now.
> + *
> + **/
> +int sg_alloc_empty_table(struct sg_table *sgt, unsigned int nents,
> +  gfp_t gfp_mask)
As for this one, there has to be a purpose for it I fail to see. From far away
it looks exactly like sg_alloc_table(), excepting it "works around" the nents >
0 protection of __sg_alloc_table().
What is exactly the need for this one, and if it's usefull why not simply
changing the __sg_alloc_table() "nents > 0" test and see what the outcome of the
review will be ?

Cheers.

-- 
Robert
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html