[v2 PATCH 9/26] eCryptfs: Use skcipher and shash

[Herbert Xu]

On Sun, Jan 24, 2016 at 07:10:50PM +0100, Julia Lawall wrote:
> Maybe the goto on line 1726 needs a preceding mutex_unlock?

Good catch! Thanks.

---8<---
This patch replaces uses of ablkcipher and blkcipher with skcipher,
and the long obsolete hash interface with shash.

Signed-off-by: Herbert Xu 

diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 80d6901..11255cb 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -23,6 +23,8 @@
  * 02111-1307, USA.
  */
 
+#include 
+#include 
 #include 
 #include 
 #include 
@@ -30,7 +32,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -74,6 +75,19 @@ void ecryptfs_from_hex(char *dst, char *src, int dst_size)
}
 }
 
+static int ecryptfs_hash_digest(struct crypto_shash *tfm,
+   char *src, int len, char *dst)
+{
+   SHASH_DESC_ON_STACK(desc, tfm);
+   int err;
+
+   desc->tfm = tfm;
+   desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+   err = crypto_shash_digest(desc, src, len, dst);
+   shash_desc_zero(desc);
+   return err;
+}
+
 /**
  * ecryptfs_calculate_md5 - calculates the md5 of @src
  * @dst: Pointer to 16 bytes of allocated memory
@@ -88,45 +102,26 @@ static int ecryptfs_calculate_md5(char *dst,
  struct ecryptfs_crypt_stat *crypt_stat,
  char *src, int len)
 {
-   struct scatterlist sg;
-   struct hash_desc desc = {
-   .tfm = crypt_stat->hash_tfm,
-   .flags = CRYPTO_TFM_REQ_MAY_SLEEP
-   };
+   struct crypto_shash *tfm;
int rc = 0;
 
mutex_lock(_stat->cs_hash_tfm_mutex);
-   sg_init_one(, (u8 *)src, len);
-   if (!desc.tfm) {
-   desc.tfm = crypto_alloc_hash(ECRYPTFS_DEFAULT_HASH, 0,
-CRYPTO_ALG_ASYNC);
-   if (IS_ERR(desc.tfm)) {
-   rc = PTR_ERR(desc.tfm);
+   tfm = crypt_stat->hash_tfm;
+   if (!tfm) {
+   tfm = crypto_alloc_shash(ECRYPTFS_DEFAULT_HASH, 0, 0);
+   if (IS_ERR(tfm)) {
+   rc = PTR_ERR(tfm);
ecryptfs_printk(KERN_ERR, "Error attempting to "
"allocate crypto context; rc = [%d]\n",
rc);
goto out;
}
-   crypt_stat->hash_tfm = desc.tfm;
-   }
-   rc = crypto_hash_init();
-   if (rc) {
-   printk(KERN_ERR
-  "%s: Error initializing crypto hash; rc = [%d]\n",
-  __func__, rc);
-   goto out;
+   crypt_stat->hash_tfm = tfm;
}
-   rc = crypto_hash_update(, , len);
+   rc = ecryptfs_hash_digest(tfm, src, len, dst);
if (rc) {
printk(KERN_ERR
-  "%s: Error updating crypto hash; rc = [%d]\n",
-  __func__, rc);
-   goto out;
-   }
-   rc = crypto_hash_final(, dst);
-   if (rc) {
-   printk(KERN_ERR
-  "%s: Error finalizing crypto hash; rc = [%d]\n",
+  "%s: Error computing crypto hash; rc = [%d]\n",
   __func__, rc);
goto out;
}
@@ -234,10 +229,8 @@ void ecryptfs_destroy_crypt_stat(struct 
ecryptfs_crypt_stat *crypt_stat)
 {
struct ecryptfs_key_sig *key_sig, *key_sig_tmp;
 
-   if (crypt_stat->tfm)
-   crypto_free_ablkcipher(crypt_stat->tfm);
-   if (crypt_stat->hash_tfm)
-   crypto_free_hash(crypt_stat->hash_tfm);
+   crypto_free_skcipher(crypt_stat->tfm);
+   crypto_free_shash(crypt_stat->hash_tfm);
list_for_each_entry_safe(key_sig, key_sig_tmp,
 _stat->keysig_list, crypt_stat_list) {
list_del(_sig->crypt_stat_list);
@@ -342,7 +335,7 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat 
*crypt_stat,
 struct scatterlist *src_sg, int size,
 unsigned char *iv, int op)
 {
-   struct ablkcipher_request *req = NULL;
+   struct skcipher_request *req = NULL;
struct extent_crypt_result ecr;
int rc = 0;
 
@@ -358,20 +351,20 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat 
*crypt_stat,
init_completion();
 
mutex_lock(_stat->cs_tfm_mutex);
-   req = ablkcipher_request_alloc(crypt_stat->tfm, GFP_NOFS);
+   req = skcipher_request_alloc(crypt_stat->tfm, GFP_NOFS);
if (!req) {
mutex_unlock(_stat->cs_tfm_mutex);
rc = -ENOMEM;
goto out;
}
 
-   ablkcipher_request_set_callback(req,
+   skcipher_request_set_callback(req,
CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,

[PATCH 4/26] dm crypt: Use skcipher and ahash

[Herbert Xu]

This patch replaces uses of ablkcipher with skcipher, and the long
obsolete hash interface with ahash.

Signed-off-by: Herbert Xu 
---

 drivers/md/dm-crypt.c |   93 +-
 1 file changed, 48 insertions(+), 45 deletions(-)

diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 3147c8d..06a4e3c 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -28,6 +28,7 @@
 #include 
 #include 
 #include 
+#include 
 
 #include 
 
@@ -44,7 +45,7 @@ struct convert_context {
struct bvec_iter iter_out;
sector_t cc_sector;
atomic_t cc_pending;
-   struct ablkcipher_request *req;
+   struct skcipher_request *req;
 };
 
 /*
@@ -86,7 +87,7 @@ struct crypt_iv_operations {
 };
 
 struct iv_essiv_private {
-   struct crypto_hash *hash_tfm;
+   struct crypto_ahash *hash_tfm;
u8 *salt;
 };
 
@@ -153,13 +154,13 @@ struct crypt_config {
 
/* ESSIV: struct crypto_cipher *essiv_tfm */
void *iv_private;
-   struct crypto_ablkcipher **tfms;
+   struct crypto_skcipher **tfms;
unsigned tfms_count;
 
/*
 * Layout of each crypto request:
 *
-*   struct ablkcipher_request
+*   struct skcipher_request
 *  context
 *  padding
 *   struct dm_crypt_request
@@ -189,7 +190,7 @@ static u8 *iv_of_dmreq(struct crypt_config *cc, struct 
dm_crypt_request *dmreq);
 /*
  * Use this to access cipher attributes that are the same for each CPU.
  */
-static struct crypto_ablkcipher *any_tfm(struct crypt_config *cc)
+static struct crypto_skcipher *any_tfm(struct crypt_config *cc)
 {
return cc->tfms[0];
 }
@@ -263,23 +264,25 @@ static int crypt_iv_plain64_gen(struct crypt_config *cc, 
u8 *iv,
 static int crypt_iv_essiv_init(struct crypt_config *cc)
 {
struct iv_essiv_private *essiv = >iv_gen_private.essiv;
-   struct hash_desc desc;
+   AHASH_REQUEST_ON_STACK(req, essiv->hash_tfm);
struct scatterlist sg;
struct crypto_cipher *essiv_tfm;
int err;
 
sg_init_one(, cc->key, cc->key_size);
-   desc.tfm = essiv->hash_tfm;
-   desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+   ahash_request_set_tfm(req, essiv->hash_tfm);
+   ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL);
+   ahash_request_set_crypt(req, , essiv->salt, cc->key_size);
 
-   err = crypto_hash_digest(, , cc->key_size, essiv->salt);
+   err = crypto_ahash_digest(req);
+   ahash_request_zero(req);
if (err)
return err;
 
essiv_tfm = cc->iv_private;
 
err = crypto_cipher_setkey(essiv_tfm, essiv->salt,
-   crypto_hash_digestsize(essiv->hash_tfm));
+   crypto_ahash_digestsize(essiv->hash_tfm));
if (err)
return err;
 
@@ -290,7 +293,7 @@ static int crypt_iv_essiv_init(struct crypt_config *cc)
 static int crypt_iv_essiv_wipe(struct crypt_config *cc)
 {
struct iv_essiv_private *essiv = >iv_gen_private.essiv;
-   unsigned salt_size = crypto_hash_digestsize(essiv->hash_tfm);
+   unsigned salt_size = crypto_ahash_digestsize(essiv->hash_tfm);
struct crypto_cipher *essiv_tfm;
int r, err = 0;
 
@@ -320,7 +323,7 @@ static struct crypto_cipher *setup_essiv_cpu(struct 
crypt_config *cc,
}
 
if (crypto_cipher_blocksize(essiv_tfm) !=
-   crypto_ablkcipher_ivsize(any_tfm(cc))) {
+   crypto_skcipher_ivsize(any_tfm(cc))) {
ti->error = "Block size of ESSIV cipher does "
"not match IV size of block cipher";
crypto_free_cipher(essiv_tfm);
@@ -342,7 +345,7 @@ static void crypt_iv_essiv_dtr(struct crypt_config *cc)
struct crypto_cipher *essiv_tfm;
struct iv_essiv_private *essiv = >iv_gen_private.essiv;
 
-   crypto_free_hash(essiv->hash_tfm);
+   crypto_free_ahash(essiv->hash_tfm);
essiv->hash_tfm = NULL;
 
kzfree(essiv->salt);
@@ -360,7 +363,7 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, 
struct dm_target *ti,
  const char *opts)
 {
struct crypto_cipher *essiv_tfm = NULL;
-   struct crypto_hash *hash_tfm = NULL;
+   struct crypto_ahash *hash_tfm = NULL;
u8 *salt = NULL;
int err;
 
@@ -370,14 +373,14 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, 
struct dm_target *ti,
}
 
/* Allocate hash algorithm */
-   hash_tfm = crypto_alloc_hash(opts, 0, CRYPTO_ALG_ASYNC);
+   hash_tfm = crypto_alloc_ahash(opts, 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(hash_tfm)) {
ti->error = "Error initializing ESSIV hash";
err = PTR_ERR(hash_tfm);
goto bad;
}
 
-   salt = kzalloc(crypto_hash_digestsize(hash_tfm), GFP_KERNEL);
+   salt = 

[PATCH 2/26] ppp_mppe: Use skcipher and ahash

[Herbert Xu]

This patch replaces uses of blkcipher with skcipher, and the long
obsolete hash interface with ahash.  This is a bug-for-bug conversion
and no attempt has been made to fix bugs such as the ignored return
values of the crypto operations.

Signed-off-by: Herbert Xu 
---

 drivers/net/ppp/ppp_mppe.c |   99 ++---
 1 file changed, 58 insertions(+), 41 deletions(-)

diff --git a/drivers/net/ppp/ppp_mppe.c b/drivers/net/ppp/ppp_mppe.c
index 05005c6..f60f766 100644
--- a/drivers/net/ppp/ppp_mppe.c
+++ b/drivers/net/ppp/ppp_mppe.c
@@ -42,6 +42,8 @@
  *deprecated in 2.6
  */
 
+#include 
+#include 
 #include 
 #include 
 #include 
@@ -49,7 +51,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -94,8 +95,8 @@ static inline void sha_pad_init(struct sha_pad *shapad)
  * State for an MPPE (de)compressor.
  */
 struct ppp_mppe_state {
-   struct crypto_blkcipher *arc4;
-   struct crypto_hash *sha1;
+   struct crypto_skcipher *arc4;
+   struct crypto_ahash *sha1;
unsigned char *sha1_digest;
unsigned char master_key[MPPE_MAX_KEY_LEN];
unsigned char session_key[MPPE_MAX_KEY_LEN];
@@ -135,7 +136,7 @@ struct ppp_mppe_state {
  */
 static void get_new_key_from_sha(struct ppp_mppe_state * state)
 {
-   struct hash_desc desc;
+   AHASH_REQUEST_ON_STACK(req, state->sha1);
struct scatterlist sg[4];
unsigned int nbytes;
 
@@ -148,10 +149,12 @@ static void get_new_key_from_sha(struct ppp_mppe_state * 
state)
nbytes += setup_sg([3], sha_pad->sha_pad2,
   sizeof(sha_pad->sha_pad2));
 
-   desc.tfm = state->sha1;
-   desc.flags = 0;
+   ahash_request_set_tfm(req, state->sha1);
+   ahash_request_set_callback(req, 0, NULL, NULL);
+   ahash_request_set_crypt(req, sg, state->sha1_digest, nbytes);
 
-   crypto_hash_digest(, sg, nbytes, state->sha1_digest);
+   crypto_ahash_digest(req);
+   ahash_request_zero(req);
 }
 
 /*
@@ -161,20 +164,23 @@ static void get_new_key_from_sha(struct ppp_mppe_state * 
state)
 static void mppe_rekey(struct ppp_mppe_state * state, int initial_key)
 {
struct scatterlist sg_in[1], sg_out[1];
-   struct blkcipher_desc desc = { .tfm = state->arc4 };
+   SKCIPHER_REQUEST_ON_STACK(req, state->arc4);
+
+   skcipher_request_set_tfm(req, state->arc4);
+   skcipher_request_set_callback(req, 0, NULL, NULL);
 
get_new_key_from_sha(state);
if (!initial_key) {
-   crypto_blkcipher_setkey(state->arc4, state->sha1_digest,
-   state->keylen);
+   crypto_skcipher_setkey(state->arc4, state->sha1_digest,
+  state->keylen);
sg_init_table(sg_in, 1);
sg_init_table(sg_out, 1);
setup_sg(sg_in, state->sha1_digest, state->keylen);
setup_sg(sg_out, state->session_key, state->keylen);
-   if (crypto_blkcipher_encrypt(, sg_out, sg_in,
-state->keylen) != 0) {
+   skcipher_request_set_crypt(req, sg_in, sg_out, state->keylen,
+  NULL);
+   if (crypto_skcipher_encrypt(req))
printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n");
-   }
} else {
memcpy(state->session_key, state->sha1_digest, state->keylen);
}
@@ -184,7 +190,8 @@ static void mppe_rekey(struct ppp_mppe_state * state, int 
initial_key)
state->session_key[1] = 0x26;
state->session_key[2] = 0x9e;
}
-   crypto_blkcipher_setkey(state->arc4, state->session_key, state->keylen);
+   crypto_skcipher_setkey(state->arc4, state->session_key, state->keylen);
+   skcipher_request_zero(req);
 }
 
 /*
@@ -204,19 +211,19 @@ static void *mppe_alloc(unsigned char *options, int 
optlen)
goto out;
 
 
-   state->arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
+   state->arc4 = crypto_alloc_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(state->arc4)) {
state->arc4 = NULL;
goto out_free;
}
 
-   state->sha1 = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC);
+   state->sha1 = crypto_alloc_ahash("sha1", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(state->sha1)) {
state->sha1 = NULL;
goto out_free;
}
 
-   digestsize = crypto_hash_digestsize(state->sha1);
+   digestsize = crypto_ahash_digestsize(state->sha1);
if (digestsize < MPPE_MAX_KEY_LEN)
goto out_free;
 
@@ -237,15 +244,12 @@ static void *mppe_alloc(unsigned char *options, int 
optlen)
 
return (void *)state;
 
-   out_free:
-   if (state->sha1_digest)
-   

[PATCH 1/26] block: cryptoloop - Use new skcipher interface

[Herbert Xu]

This patch replaces uses of blkcipher with the new skcipher
interface.

Signed-off-by: Herbert Xu 
---

 drivers/block/cryptoloop.c |   48 +++--
 1 file changed, 25 insertions(+), 23 deletions(-)

diff --git a/drivers/block/cryptoloop.c b/drivers/block/cryptoloop.c
index 99e773c..3d31761 100644
--- a/drivers/block/cryptoloop.c
+++ b/drivers/block/cryptoloop.c
@@ -21,9 +21,9 @@
 
 #include 
 
+#include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -46,7 +46,7 @@ cryptoloop_init(struct loop_device *lo, const struct 
loop_info64 *info)
char *cipher;
char *mode;
char *cmsp = cms;   /* c-m string pointer */
-   struct crypto_blkcipher *tfm;
+   struct crypto_skcipher *tfm;
 
/* encryption breaks for non sector aligned offsets */
 
@@ -82,12 +82,12 @@ cryptoloop_init(struct loop_device *lo, const struct 
loop_info64 *info)
*cmsp++ = ')';
*cmsp = 0;
 
-   tfm = crypto_alloc_blkcipher(cms, 0, CRYPTO_ALG_ASYNC);
+   tfm = crypto_alloc_skcipher(cms, 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(tfm))
return PTR_ERR(tfm);
 
-   err = crypto_blkcipher_setkey(tfm, info->lo_encrypt_key,
- info->lo_encrypt_key_size);
+   err = crypto_skcipher_setkey(tfm, info->lo_encrypt_key,
+info->lo_encrypt_key_size);

if (err != 0)
goto out_free_tfm;
@@ -96,17 +96,14 @@ cryptoloop_init(struct loop_device *lo, const struct 
loop_info64 *info)
return 0;
 
  out_free_tfm:
-   crypto_free_blkcipher(tfm);
+   crypto_free_skcipher(tfm);
 
  out:
return err;
 }
 
 
-typedef int (*encdec_cbc_t)(struct blkcipher_desc *desc,
-   struct scatterlist *sg_out,
-   struct scatterlist *sg_in,
-   unsigned int nsg);
+typedef int (*encdec_cbc_t)(struct skcipher_request *req);
 
 static int
 cryptoloop_transfer(struct loop_device *lo, int cmd,
@@ -114,11 +111,8 @@ cryptoloop_transfer(struct loop_device *lo, int cmd,
struct page *loop_page, unsigned loop_off,
int size, sector_t IV)
 {
-   struct crypto_blkcipher *tfm = lo->key_data;
-   struct blkcipher_desc desc = {
-   .tfm = tfm,
-   .flags = CRYPTO_TFM_REQ_MAY_SLEEP,
-   };
+   struct crypto_skcipher *tfm = lo->key_data;
+   SKCIPHER_REQUEST_ON_STACK(req, tfm);
struct scatterlist sg_out;
struct scatterlist sg_in;
 
@@ -127,6 +121,10 @@ cryptoloop_transfer(struct loop_device *lo, int cmd,
unsigned in_offs, out_offs;
int err;
 
+   skcipher_request_set_tfm(req, tfm);
+   skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP,
+ NULL, NULL);
+
sg_init_table(_out, 1);
sg_init_table(_in, 1);
 
@@ -135,13 +133,13 @@ cryptoloop_transfer(struct loop_device *lo, int cmd,
in_offs = raw_off;
out_page = loop_page;
out_offs = loop_off;
-   encdecfunc = crypto_blkcipher_crt(tfm)->decrypt;
+   encdecfunc = crypto_skcipher_decrypt;
} else {
in_page = loop_page;
in_offs = loop_off;
out_page = raw_page;
out_offs = raw_off;
-   encdecfunc = crypto_blkcipher_crt(tfm)->encrypt;
+   encdecfunc = crypto_skcipher_encrypt;
}
 
while (size > 0) {
@@ -152,10 +150,10 @@ cryptoloop_transfer(struct loop_device *lo, int cmd,
sg_set_page(_in, in_page, sz, in_offs);
sg_set_page(_out, out_page, sz, out_offs);
 
-   desc.info = iv;
-   err = encdecfunc(, _out, _in, sz);
+   skcipher_request_set_crypt(req, _in, _out, sz, iv);
+   err = encdecfunc(req);
if (err)
-   return err;
+   goto out;
 
IV++;
size -= sz;
@@ -163,7 +161,11 @@ cryptoloop_transfer(struct loop_device *lo, int cmd,
out_offs += sz;
}
 
-   return 0;
+   err = 0;
+
+out:
+   skcipher_request_zero(req);
+   return err;
 }
 
 static int
@@ -175,9 +177,9 @@ cryptoloop_ioctl(struct loop_device *lo, int cmd, unsigned 
long arg)
 static int
 cryptoloop_release(struct loop_device *lo)
 {
-   struct crypto_blkcipher *tfm = lo->key_data;
+   struct crypto_skcipher *tfm = lo->key_data;
if (tfm != NULL) {
-   crypto_free_blkcipher(tfm);
+   crypto_free_skcipher(tfm);
lo->key_data = NULL;
return 0;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  

Re: [PATCH 1/26] block: cryptoloop - Use new skcipher interface

[kbuild test robot]

Hi Herbert,

[auto build test ERROR on net/master]
[also build test ERROR on v4.4 next-20160122]
[if your patch is applied to the wrong git tree, please drop us a note to help 
improving the system]

url:
https://github.com/0day-ci/linux/commits/Herbert-Xu/crypto-Use-skcipher-and-ahash-shash-where-possible/20160124-212323
config: x86_64-randconfig-x014-201604 (attached as .config)
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64 

All errors (new ones prefixed by >>):

   drivers/block/cryptoloop.c: In function 'cryptoloop_transfer':
>> drivers/block/cryptoloop.c:167:2: error: implicit declaration of function 
>> 'skcipher_request_zero' [-Werror=implicit-function-declaration]
 skcipher_request_zero(req);
 ^
   cc1: some warnings being treated as errors

vim +/skcipher_request_zero +167 drivers/block/cryptoloop.c

   161  out_offs += sz;
   162  }
   163  
   164  err = 0;
   165  
   166  out:
 > 167  skcipher_request_zero(req);
   168  return err;
   169  }
   170  

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation


.config.gz
Description: Binary data

[PATCH 7/26] wusb: Use skcipher

[Herbert Xu]

This patch replaces uses of blkcipher with skcipher.

Signed-off-by: Herbert Xu 
---

 drivers/usb/wusbcore/crypto.c |   30 --
 1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/drivers/usb/wusbcore/crypto.c b/drivers/usb/wusbcore/crypto.c
index 50ce80d..8ed8e34 100644
--- a/drivers/usb/wusbcore/crypto.c
+++ b/drivers/usb/wusbcore/crypto.c
@@ -45,6 +45,7 @@
  * funneled through AES are...16 bytes in size!
  */
 
+#include 
 #include 
 #include 
 #include 
@@ -195,21 +196,22 @@ static void bytewise_xor(void *_bo, const void *_bi1, 
const void *_bi2,
  * NOTE: blen is not aligned to a block size, we'll pad zeros, that's
  *   what sg[4] is for. Maybe there is a smarter way to do this.
  */
-static int wusb_ccm_mac(struct crypto_blkcipher *tfm_cbc,
+static int wusb_ccm_mac(struct crypto_skcipher *tfm_cbc,
struct crypto_cipher *tfm_aes, void *mic,
const struct aes_ccm_nonce *n,
const struct aes_ccm_label *a, const void *b,
size_t blen)
 {
int result = 0;
-   struct blkcipher_desc desc;
+   SKCIPHER_REQUEST_ON_STACK(req, tfm_cbc);
struct aes_ccm_b0 b0;
struct aes_ccm_b1 b1;
struct aes_ccm_a ax;
struct scatterlist sg[4], sg_dst;
-   void *iv, *dst_buf;
-   size_t ivsize, dst_size;
+   void *dst_buf;
+   size_t dst_size;
const u8 bzero[16] = { 0 };
+   u8 iv[crypto_skcipher_ivsize(tfm_cbc)];
size_t zero_padding;
 
/*
@@ -232,9 +234,7 @@ static int wusb_ccm_mac(struct crypto_blkcipher *tfm_cbc,
goto error_dst_buf;
}
 
-   iv = crypto_blkcipher_crt(tfm_cbc)->iv;
-   ivsize = crypto_blkcipher_ivsize(tfm_cbc);
-   memset(iv, 0, ivsize);
+   memset(iv, 0, sizeof(iv));
 
/* Setup B0 */
b0.flags = 0x59;/* Format B0 */
@@ -259,9 +259,11 @@ static int wusb_ccm_mac(struct crypto_blkcipher *tfm_cbc,
sg_set_buf([3], bzero, zero_padding);
sg_init_one(_dst, dst_buf, dst_size);
 
-   desc.tfm = tfm_cbc;
-   desc.flags = 0;
-   result = crypto_blkcipher_encrypt(, _dst, sg, dst_size);
+   skcipher_request_set_tfm(req, tfm_cbc);
+   skcipher_request_set_callback(req, 0, NULL, NULL);
+   skcipher_request_set_crypt(req, sg, _dst, dst_size, iv);
+   result = crypto_skcipher_encrypt(req);
+   skcipher_request_zero(req);
if (result < 0) {
printk(KERN_ERR "E: can't compute CBC-MAC tag (MIC): %d\n",
   result);
@@ -301,18 +303,18 @@ ssize_t wusb_prf(void *out, size_t out_size,
 {
ssize_t result, bytes = 0, bitr;
struct aes_ccm_nonce n = *_n;
-   struct crypto_blkcipher *tfm_cbc;
+   struct crypto_skcipher *tfm_cbc;
struct crypto_cipher *tfm_aes;
u64 sfn = 0;
__le64 sfn_le;
 
-   tfm_cbc = crypto_alloc_blkcipher("cbc(aes)", 0, CRYPTO_ALG_ASYNC);
+   tfm_cbc = crypto_alloc_skcipher("cbc(aes)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(tfm_cbc)) {
result = PTR_ERR(tfm_cbc);
printk(KERN_ERR "E: can't load CBC(AES): %d\n", (int)result);
goto error_alloc_cbc;
}
-   result = crypto_blkcipher_setkey(tfm_cbc, key, 16);
+   result = crypto_skcipher_setkey(tfm_cbc, key, 16);
if (result < 0) {
printk(KERN_ERR "E: can't set CBC key: %d\n", (int)result);
goto error_setkey_cbc;
@@ -345,7 +347,7 @@ error_setkey_aes:
crypto_free_cipher(tfm_aes);
 error_alloc_aes:
 error_setkey_cbc:
-   crypto_free_blkcipher(tfm_cbc);
+   crypto_free_skcipher(tfm_cbc);
 error_alloc_cbc:
return result;
 }
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 5/26] orinoco: Use ahash

[Herbert Xu]

This patch replaces uses the long obsolete hash interface with ahash.

Signed-off-by: Herbert Xu 
---

 drivers/net/wireless/intersil/orinoco/mic.c |   29 ++--
 drivers/net/wireless/intersil/orinoco/mic.h |4 +--
 drivers/net/wireless/intersil/orinoco/orinoco.h |4 +--
 3 files changed, 21 insertions(+), 16 deletions(-)

diff --git a/drivers/net/wireless/intersil/orinoco/mic.c 
b/drivers/net/wireless/intersil/orinoco/mic.c
index fce4a84..bc7397d 100644
--- a/drivers/net/wireless/intersil/orinoco/mic.c
+++ b/drivers/net/wireless/intersil/orinoco/mic.c
@@ -6,7 +6,7 @@
 #include 
 #include 
 #include 
-#include 
+#include 
 
 #include "orinoco.h"
 #include "mic.h"
@@ -16,7 +16,8 @@
 //
 int orinoco_mic_init(struct orinoco_private *priv)
 {
-   priv->tx_tfm_mic = crypto_alloc_hash("michael_mic", 0, 0);
+   priv->tx_tfm_mic = crypto_alloc_ahash("michael_mic", 0,
+ CRYPTO_ALG_ASYNC);
if (IS_ERR(priv->tx_tfm_mic)) {
printk(KERN_DEBUG "orinoco_mic_init: could not allocate "
   "crypto API michael_mic\n");
@@ -24,7 +25,8 @@ int orinoco_mic_init(struct orinoco_private *priv)
return -ENOMEM;
}
 
-   priv->rx_tfm_mic = crypto_alloc_hash("michael_mic", 0, 0);
+   priv->rx_tfm_mic = crypto_alloc_ahash("michael_mic", 0,
+ CRYPTO_ALG_ASYNC);
if (IS_ERR(priv->rx_tfm_mic)) {
printk(KERN_DEBUG "orinoco_mic_init: could not allocate "
   "crypto API michael_mic\n");
@@ -38,18 +40,19 @@ int orinoco_mic_init(struct orinoco_private *priv)
 void orinoco_mic_free(struct orinoco_private *priv)
 {
if (priv->tx_tfm_mic)
-   crypto_free_hash(priv->tx_tfm_mic);
+   crypto_free_ahash(priv->tx_tfm_mic);
if (priv->rx_tfm_mic)
-   crypto_free_hash(priv->rx_tfm_mic);
+   crypto_free_ahash(priv->rx_tfm_mic);
 }
 
-int orinoco_mic(struct crypto_hash *tfm_michael, u8 *key,
+int orinoco_mic(struct crypto_ahash *tfm_michael, u8 *key,
u8 *da, u8 *sa, u8 priority,
u8 *data, size_t data_len, u8 *mic)
 {
-   struct hash_desc desc;
+   AHASH_REQUEST_ON_STACK(req, tfm_michael);
struct scatterlist sg[2];
u8 hdr[ETH_HLEN + 2]; /* size of header + padding */
+   int err;
 
if (tfm_michael == NULL) {
printk(KERN_WARNING "orinoco_mic: tfm_michael == NULL\n");
@@ -69,11 +72,13 @@ int orinoco_mic(struct crypto_hash *tfm_michael, u8 *key,
sg_set_buf([0], hdr, sizeof(hdr));
sg_set_buf([1], data, data_len);
 
-   if (crypto_hash_setkey(tfm_michael, key, MIC_KEYLEN))
+   if (crypto_ahash_setkey(tfm_michael, key, MIC_KEYLEN))
return -1;
 
-   desc.tfm = tfm_michael;
-   desc.flags = 0;
-   return crypto_hash_digest(, sg, data_len + sizeof(hdr),
- mic);
+   ahash_request_set_tfm(req, tfm_michael);
+   ahash_request_set_callback(req, 0, NULL, NULL);
+   ahash_request_set_crypt(req, sg, mic, data_len + sizeof(hdr));
+   err = crypto_ahash_digest(req);
+   ahash_request_zero(req);
+   return err;
 }
diff --git a/drivers/net/wireless/intersil/orinoco/mic.h 
b/drivers/net/wireless/intersil/orinoco/mic.h
index 04d05bc..ce731d0 100644
--- a/drivers/net/wireless/intersil/orinoco/mic.h
+++ b/drivers/net/wireless/intersil/orinoco/mic.h
@@ -11,11 +11,11 @@
 
 /* Forward declarations */
 struct orinoco_private;
-struct crypto_hash;
+struct crypto_ahash;
 
 int orinoco_mic_init(struct orinoco_private *priv);
 void orinoco_mic_free(struct orinoco_private *priv);
-int orinoco_mic(struct crypto_hash *tfm_michael, u8 *key,
+int orinoco_mic(struct crypto_ahash *tfm_michael, u8 *key,
u8 *da, u8 *sa, u8 priority,
u8 *data, size_t data_len, u8 *mic);
 
diff --git a/drivers/net/wireless/intersil/orinoco/orinoco.h 
b/drivers/net/wireless/intersil/orinoco/orinoco.h
index eebd2be..2f0c84b 100644
--- a/drivers/net/wireless/intersil/orinoco/orinoco.h
+++ b/drivers/net/wireless/intersil/orinoco/orinoco.h
@@ -152,8 +152,8 @@ struct orinoco_private {
u8 *wpa_ie;
int wpa_ie_len;
 
-   struct crypto_hash *rx_tfm_mic;
-   struct crypto_hash *tx_tfm_mic;
+   struct crypto_ahash *rx_tfm_mic;
+   struct crypto_ahash *tx_tfm_mic;
 
unsigned int wpa_enabled:1;
unsigned int tkip_cm_active:1;
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 6/26] staging: rtl8192u: Use skcipher and ahash

[Herbert Xu]

This patch replaces uses of blkcipher with skcipher, and the long
obsolete hash interface with ahash.

Signed-off-by: Herbert Xu 
---

 drivers/staging/rtl8192u/ieee80211/ieee80211_crypt_tkip.c |   92 +++---
 drivers/staging/rtl8192u/ieee80211/ieee80211_crypt_wep.c  |   46 ---
 2 files changed, 81 insertions(+), 57 deletions(-)

diff --git a/drivers/staging/rtl8192u/ieee80211/ieee80211_crypt_tkip.c 
b/drivers/staging/rtl8192u/ieee80211/ieee80211_crypt_tkip.c
index 908bc2e..6fa96d5 100644
--- a/drivers/staging/rtl8192u/ieee80211/ieee80211_crypt_tkip.c
+++ b/drivers/staging/rtl8192u/ieee80211/ieee80211_crypt_tkip.c
@@ -21,7 +21,8 @@
 
 #include "ieee80211.h"
 
-#include 
+#include 
+#include 
#include 
 #include 
 
@@ -52,10 +53,10 @@ struct ieee80211_tkip_data {
 
int key_idx;
 
-   struct crypto_blkcipher *rx_tfm_arc4;
-   struct crypto_hash *rx_tfm_michael;
-   struct crypto_blkcipher *tx_tfm_arc4;
-   struct crypto_hash *tx_tfm_michael;
+   struct crypto_skcipher *rx_tfm_arc4;
+   struct crypto_ahash *rx_tfm_michael;
+   struct crypto_skcipher *tx_tfm_arc4;
+   struct crypto_ahash *tx_tfm_michael;
 
/* scratch buffers for virt_to_page() (crypto API) */
u8 rx_hdr[16], tx_hdr[16];
@@ -70,7 +71,7 @@ static void *ieee80211_tkip_init(int key_idx)
goto fail;
priv->key_idx = key_idx;
 
-   priv->tx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0,
+   priv->tx_tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0,
CRYPTO_ALG_ASYNC);
if (IS_ERR(priv->tx_tfm_arc4)) {
printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
@@ -79,7 +80,7 @@ static void *ieee80211_tkip_init(int key_idx)
goto fail;
}
 
-   priv->tx_tfm_michael = crypto_alloc_hash("michael_mic", 0,
+   priv->tx_tfm_michael = crypto_alloc_ahash("michael_mic", 0,
CRYPTO_ALG_ASYNC);
if (IS_ERR(priv->tx_tfm_michael)) {
printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
@@ -88,7 +89,7 @@ static void *ieee80211_tkip_init(int key_idx)
goto fail;
}
 
-   priv->rx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0,
+   priv->rx_tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0,
CRYPTO_ALG_ASYNC);
if (IS_ERR(priv->rx_tfm_arc4)) {
printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
@@ -97,7 +98,7 @@ static void *ieee80211_tkip_init(int key_idx)
goto fail;
}
 
-   priv->rx_tfm_michael = crypto_alloc_hash("michael_mic", 0,
+   priv->rx_tfm_michael = crypto_alloc_ahash("michael_mic", 0,
CRYPTO_ALG_ASYNC);
if (IS_ERR(priv->rx_tfm_michael)) {
printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
@@ -110,14 +111,10 @@ static void *ieee80211_tkip_init(int key_idx)
 
 fail:
if (priv) {
-   if (priv->tx_tfm_michael)
-   crypto_free_hash(priv->tx_tfm_michael);
-   if (priv->tx_tfm_arc4)
-   crypto_free_blkcipher(priv->tx_tfm_arc4);
-   if (priv->rx_tfm_michael)
-   crypto_free_hash(priv->rx_tfm_michael);
-   if (priv->rx_tfm_arc4)
-   crypto_free_blkcipher(priv->rx_tfm_arc4);
+   crypto_free_ahash(priv->tx_tfm_michael);
+   crypto_free_skcipher(priv->tx_tfm_arc4);
+   crypto_free_ahash(priv->rx_tfm_michael);
+   crypto_free_skcipher(priv->rx_tfm_arc4);
kfree(priv);
}
 
@@ -130,14 +127,10 @@ static void ieee80211_tkip_deinit(void *priv)
struct ieee80211_tkip_data *_priv = priv;
 
if (_priv) {
-   if (_priv->tx_tfm_michael)
-   crypto_free_hash(_priv->tx_tfm_michael);
-   if (_priv->tx_tfm_arc4)
-   crypto_free_blkcipher(_priv->tx_tfm_arc4);
-   if (_priv->rx_tfm_michael)
-   crypto_free_hash(_priv->rx_tfm_michael);
-   if (_priv->rx_tfm_arc4)
-   crypto_free_blkcipher(_priv->rx_tfm_arc4);
+   crypto_free_ahash(_priv->tx_tfm_michael);
+   crypto_free_skcipher(_priv->tx_tfm_arc4);
+   crypto_free_ahash(_priv->rx_tfm_michael);
+   crypto_free_skcipher(_priv->rx_tfm_arc4);
}
kfree(priv);
 }
@@ -312,7 +305,6 @@ static int ieee80211_tkip_encrypt(struct sk_buff *skb, int 
hdr_len, void *priv)
u8 *pos;
struct rtl_80211_hdr_4addr *hdr;
cb_desc *tcb_desc = (cb_desc *)(skb->cb + MAX_DEV_ADDR_SIZE);
-   struct blkcipher_desc desc = {.tfm = tkey->tx_tfm_arc4};
int ret = 0;
u8 rc4key[16],  *icv;
u32 crc;
@@ -357,15 +349,21 @@ static int ieee80211_tkip_encrypt(struct sk_buff *skb, 

[PATCH 3/26] staging: rtl8192e: Replace uses of obsolete blkcipher and hash

[Herbert Xu]

The interfaces blkcipher and hash are obsolete.  This patch replaces
them with skcipher and ahash respectively.

Signed-off-by: Herbert Xu 
---

 drivers/staging/rtl8192e/rtllib_crypt_tkip.c |   99 ++-
 drivers/staging/rtl8192e/rtllib_crypt_wep.c  |   48 +++--
 2 files changed, 82 insertions(+), 65 deletions(-)

diff --git a/drivers/staging/rtl8192e/rtllib_crypt_tkip.c 
b/drivers/staging/rtl8192e/rtllib_crypt_tkip.c
index 2096d78..8eac7cd 100644
--- a/drivers/staging/rtl8192e/rtllib_crypt_tkip.c
+++ b/drivers/staging/rtl8192e/rtllib_crypt_tkip.c
@@ -9,6 +9,8 @@
  * more details.
  */
 
+#include 
+#include 
 #include 
 #include 
 #include 
@@ -18,7 +20,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -48,10 +49,10 @@ struct rtllib_tkip_data {
u32 dot11RSNAStatsTKIPLocalMICFailures;
 
int key_idx;
-   struct crypto_blkcipher *rx_tfm_arc4;
-   struct crypto_hash *rx_tfm_michael;
-   struct crypto_blkcipher *tx_tfm_arc4;
-   struct crypto_hash *tx_tfm_michael;
+   struct crypto_skcipher *rx_tfm_arc4;
+   struct crypto_ahash *rx_tfm_michael;
+   struct crypto_skcipher *tx_tfm_arc4;
+   struct crypto_ahash *tx_tfm_michael;
/* scratch buffers for virt_to_page() (crypto API) */
u8 rx_hdr[16];
u8 tx_hdr[16];
@@ -65,32 +66,32 @@ static void *rtllib_tkip_init(int key_idx)
if (priv == NULL)
goto fail;
priv->key_idx = key_idx;
-   priv->tx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0,
-   CRYPTO_ALG_ASYNC);
+   priv->tx_tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0,
+ CRYPTO_ALG_ASYNC);
if (IS_ERR(priv->tx_tfm_arc4)) {
pr_debug("Could not allocate crypto API arc4\n");
priv->tx_tfm_arc4 = NULL;
goto fail;
}
 
-   priv->tx_tfm_michael = crypto_alloc_hash("michael_mic", 0,
-   CRYPTO_ALG_ASYNC);
+   priv->tx_tfm_michael = crypto_alloc_ahash("michael_mic", 0,
+ CRYPTO_ALG_ASYNC);
if (IS_ERR(priv->tx_tfm_michael)) {
pr_debug("Could not allocate crypto API michael_mic\n");
priv->tx_tfm_michael = NULL;
goto fail;
}
 
-   priv->rx_tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0,
-   CRYPTO_ALG_ASYNC);
+   priv->rx_tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0,
+ CRYPTO_ALG_ASYNC);
if (IS_ERR(priv->rx_tfm_arc4)) {
pr_debug("Could not allocate crypto API arc4\n");
priv->rx_tfm_arc4 = NULL;
goto fail;
}
 
-   priv->rx_tfm_michael = crypto_alloc_hash("michael_mic", 0,
-   CRYPTO_ALG_ASYNC);
+   priv->rx_tfm_michael = crypto_alloc_ahash("michael_mic", 0,
+ CRYPTO_ALG_ASYNC);
if (IS_ERR(priv->rx_tfm_michael)) {
pr_debug("Could not allocate crypto API michael_mic\n");
priv->rx_tfm_michael = NULL;
@@ -100,14 +101,10 @@ static void *rtllib_tkip_init(int key_idx)
 
 fail:
if (priv) {
-   if (priv->tx_tfm_michael)
-   crypto_free_hash(priv->tx_tfm_michael);
-   if (priv->tx_tfm_arc4)
-   crypto_free_blkcipher(priv->tx_tfm_arc4);
-   if (priv->rx_tfm_michael)
-   crypto_free_hash(priv->rx_tfm_michael);
-   if (priv->rx_tfm_arc4)
-   crypto_free_blkcipher(priv->rx_tfm_arc4);
+   crypto_free_ahash(priv->tx_tfm_michael);
+   crypto_free_skcipher(priv->tx_tfm_arc4);
+   crypto_free_ahash(priv->rx_tfm_michael);
+   crypto_free_skcipher(priv->rx_tfm_arc4);
kfree(priv);
}
 
@@ -120,14 +117,10 @@ static void rtllib_tkip_deinit(void *priv)
struct rtllib_tkip_data *_priv = priv;
 
if (_priv) {
-   if (_priv->tx_tfm_michael)
-   crypto_free_hash(_priv->tx_tfm_michael);
-   if (_priv->tx_tfm_arc4)
-   crypto_free_blkcipher(_priv->tx_tfm_arc4);
-   if (_priv->rx_tfm_michael)
-   crypto_free_hash(_priv->rx_tfm_michael);
-   if (_priv->rx_tfm_arc4)
-   crypto_free_blkcipher(_priv->rx_tfm_arc4);
+   crypto_free_ahash(_priv->tx_tfm_michael);
+   crypto_free_skcipher(_priv->tx_tfm_arc4);
+   crypto_free_ahash(_priv->rx_tfm_michael);
+   crypto_free_skcipher(_priv->rx_tfm_arc4);
}
kfree(priv);
 }
@@ -301,7 +294,6 @@ static int rtllib_tkip_encrypt(struct sk_buff *skb, int 
hdr_len, void *priv)
struct 

Re: [PATCH 24/26] nfsd: Use shash

[kbuild test robot]

Hi Herbert,

[auto build test ERROR on net/master]
[also build test ERROR on v4.4 next-20160122]
[if your patch is applied to the wrong git tree, please drop us a note to help 
improving the system]

url:
https://github.com/0day-ci/linux/commits/Herbert-Xu/crypto-Use-skcipher-and-ahash-shash-where-possible/20160124-212323
config: x86_64-randconfig-x009-201604 (attached as .config)
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64 

All errors (new ones prefixed by >>):

   fs/nfsd/nfs4recover.c: In function 'nfs4_make_rec_clidname':
>> fs/nfsd/nfs4recover.c:133:3: error: implicit declaration of function 
>> 'shash_desc_zero' [-Werror=implicit-function-declaration]
  shash_desc_zero(desc);
  ^
   cc1: some warnings being treated as errors

vim +/shash_desc_zero +133 fs/nfsd/nfs4recover.c

   127  
   128  desc->tfm = tfm;
   129  desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
   130  
   131  status = crypto_shash_digest(desc, clname->data, 
clname->len,
   132   cksum.data);
 > 133  shash_desc_zero(desc);
   134  }
   135  
   136  if (status)

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation


.config.gz
Description: Binary data

[PATCH 9/26] eCryptfs: Use skcipher and shash

[Herbert Xu]

This patch replaces uses of ablkcipher and blkcipher with skcipher,
and the long obsolete hash interface with shash.
   
Signed-off-by: Herbert Xu 
---

 fs/ecryptfs/crypto.c  |  107 +---
 fs/ecryptfs/ecryptfs_kernel.h |   12 +-
 fs/ecryptfs/inode.c   |1 
 fs/ecryptfs/keystore.c|  217 --
 fs/ecryptfs/main.c|1 
 fs/ecryptfs/mmap.c|1 
 fs/ecryptfs/super.c   |1 
 7 files changed, 179 insertions(+), 161 deletions(-)

diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 80d6901..11255cb 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -23,6 +23,8 @@
  * 02111-1307, USA.
  */
 
+#include 
+#include 
 #include 
 #include 
 #include 
@@ -30,7 +32,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -74,6 +75,19 @@ void ecryptfs_from_hex(char *dst, char *src, int dst_size)
}
 }
 
+static int ecryptfs_hash_digest(struct crypto_shash *tfm,
+   char *src, int len, char *dst)
+{
+   SHASH_DESC_ON_STACK(desc, tfm);
+   int err;
+
+   desc->tfm = tfm;
+   desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+   err = crypto_shash_digest(desc, src, len, dst);
+   shash_desc_zero(desc);
+   return err;
+}
+
 /**
  * ecryptfs_calculate_md5 - calculates the md5 of @src
  * @dst: Pointer to 16 bytes of allocated memory
@@ -88,45 +102,26 @@ static int ecryptfs_calculate_md5(char *dst,
  struct ecryptfs_crypt_stat *crypt_stat,
  char *src, int len)
 {
-   struct scatterlist sg;
-   struct hash_desc desc = {
-   .tfm = crypt_stat->hash_tfm,
-   .flags = CRYPTO_TFM_REQ_MAY_SLEEP
-   };
+   struct crypto_shash *tfm;
int rc = 0;
 
mutex_lock(_stat->cs_hash_tfm_mutex);
-   sg_init_one(, (u8 *)src, len);
-   if (!desc.tfm) {
-   desc.tfm = crypto_alloc_hash(ECRYPTFS_DEFAULT_HASH, 0,
-CRYPTO_ALG_ASYNC);
-   if (IS_ERR(desc.tfm)) {
-   rc = PTR_ERR(desc.tfm);
+   tfm = crypt_stat->hash_tfm;
+   if (!tfm) {
+   tfm = crypto_alloc_shash(ECRYPTFS_DEFAULT_HASH, 0, 0);
+   if (IS_ERR(tfm)) {
+   rc = PTR_ERR(tfm);
ecryptfs_printk(KERN_ERR, "Error attempting to "
"allocate crypto context; rc = [%d]\n",
rc);
goto out;
}
-   crypt_stat->hash_tfm = desc.tfm;
-   }
-   rc = crypto_hash_init();
-   if (rc) {
-   printk(KERN_ERR
-  "%s: Error initializing crypto hash; rc = [%d]\n",
-  __func__, rc);
-   goto out;
+   crypt_stat->hash_tfm = tfm;
}
-   rc = crypto_hash_update(, , len);
+   rc = ecryptfs_hash_digest(tfm, src, len, dst);
if (rc) {
printk(KERN_ERR
-  "%s: Error updating crypto hash; rc = [%d]\n",
-  __func__, rc);
-   goto out;
-   }
-   rc = crypto_hash_final(, dst);
-   if (rc) {
-   printk(KERN_ERR
-  "%s: Error finalizing crypto hash; rc = [%d]\n",
+  "%s: Error computing crypto hash; rc = [%d]\n",
   __func__, rc);
goto out;
}
@@ -234,10 +229,8 @@ void ecryptfs_destroy_crypt_stat(struct 
ecryptfs_crypt_stat *crypt_stat)
 {
struct ecryptfs_key_sig *key_sig, *key_sig_tmp;
 
-   if (crypt_stat->tfm)
-   crypto_free_ablkcipher(crypt_stat->tfm);
-   if (crypt_stat->hash_tfm)
-   crypto_free_hash(crypt_stat->hash_tfm);
+   crypto_free_skcipher(crypt_stat->tfm);
+   crypto_free_shash(crypt_stat->hash_tfm);
list_for_each_entry_safe(key_sig, key_sig_tmp,
 _stat->keysig_list, crypt_stat_list) {
list_del(_sig->crypt_stat_list);
@@ -342,7 +335,7 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat 
*crypt_stat,
 struct scatterlist *src_sg, int size,
 unsigned char *iv, int op)
 {
-   struct ablkcipher_request *req = NULL;
+   struct skcipher_request *req = NULL;
struct extent_crypt_result ecr;
int rc = 0;
 
@@ -358,20 +351,20 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat 
*crypt_stat,
init_completion();
 
mutex_lock(_stat->cs_tfm_mutex);
-   req = ablkcipher_request_alloc(crypt_stat->tfm, GFP_NOFS);
+   req = skcipher_request_alloc(crypt_stat->tfm, GFP_NOFS);
if (!req) {
mutex_unlock(_stat->cs_tfm_mutex);
rc = -ENOMEM;
   

[PATCH 18/26] rxrpc: Use skcipher

[Herbert Xu]

This patch replaces uses of blkcipher with skcipher.
   
Signed-off-by: Herbert Xu 
---

 net/rxrpc/ar-internal.h |2 
 net/rxrpc/ar-key.c  |   12 +--
 net/rxrpc/rxkad.c   |  172 +---
 3 files changed, 114 insertions(+), 72 deletions(-)

diff --git a/net/rxrpc/ar-internal.h b/net/rxrpc/ar-internal.h
index 2934a73..71598f5 100644
--- a/net/rxrpc/ar-internal.h
+++ b/net/rxrpc/ar-internal.h
@@ -252,7 +252,7 @@ struct rxrpc_connection {
struct rxrpc_security   *security;  /* applied security module */
struct key  *key;   /* security for this connection 
(client) */
struct key  *server_key;/* security for this service */
-   struct crypto_blkcipher *cipher;/* encryption handle */
+   struct crypto_skcipher  *cipher;/* encryption handle */
struct rxrpc_crypt  csum_iv;/* packet checksum base */
unsigned long   events;
 #define RXRPC_CONN_CHALLENGE   0   /* send challenge packet */
diff --git a/net/rxrpc/ar-key.c b/net/rxrpc/ar-key.c
index 3f65716..3fb492e 100644
--- a/net/rxrpc/ar-key.c
+++ b/net/rxrpc/ar-key.c
@@ -12,11 +12,11 @@
  * "a...@cambridge.redhat.com>
  */
 
+#include 
 #include 
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -824,7 +824,7 @@ static void rxrpc_free_preparse(struct 
key_preparsed_payload *prep)
  */
 static int rxrpc_preparse_s(struct key_preparsed_payload *prep)
 {
-   struct crypto_blkcipher *ci;
+   struct crypto_skcipher *ci;
 
_enter("%zu", prep->datalen);
 
@@ -833,13 +833,13 @@ static int rxrpc_preparse_s(struct key_preparsed_payload 
*prep)
 
memcpy(>payload.data[2], prep->data, 8);
 
-   ci = crypto_alloc_blkcipher("pcbc(des)", 0, CRYPTO_ALG_ASYNC);
+   ci = crypto_alloc_skcipher("pcbc(des)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(ci)) {
_leave(" = %ld", PTR_ERR(ci));
return PTR_ERR(ci);
}
 
-   if (crypto_blkcipher_setkey(ci, prep->data, 8) < 0)
+   if (crypto_skcipher_setkey(ci, prep->data, 8) < 0)
BUG();
 
prep->payload.data[0] = ci;
@@ -853,7 +853,7 @@ static int rxrpc_preparse_s(struct key_preparsed_payload 
*prep)
 static void rxrpc_free_preparse_s(struct key_preparsed_payload *prep)
 {
if (prep->payload.data[0])
-   crypto_free_blkcipher(prep->payload.data[0]);
+   crypto_free_skcipher(prep->payload.data[0]);
 }
 
 /*
@@ -870,7 +870,7 @@ static void rxrpc_destroy(struct key *key)
 static void rxrpc_destroy_s(struct key *key)
 {
if (key->payload.data[0]) {
-   crypto_free_blkcipher(key->payload.data[0]);
+   crypto_free_skcipher(key->payload.data[0]);
key->payload.data[0] = NULL;
}
 }
diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c
index d7a9ab5..0d96b48 100644
--- a/net/rxrpc/rxkad.c
+++ b/net/rxrpc/rxkad.c
@@ -9,11 +9,11 @@
  * 2 of the License, or (at your option) any later version.
  */
 
+#include 
 #include 
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -53,7 +53,7 @@ MODULE_LICENSE("GPL");
  * alloc routine, but since we have it to hand, we use it to decrypt RESPONSE
  * packets
  */
-static struct crypto_blkcipher *rxkad_ci;
+static struct crypto_skcipher *rxkad_ci;
 static DEFINE_MUTEX(rxkad_ci_mutex);
 
 /*
@@ -61,7 +61,7 @@ static DEFINE_MUTEX(rxkad_ci_mutex);
  */
 static int rxkad_init_connection_security(struct rxrpc_connection *conn)
 {
-   struct crypto_blkcipher *ci;
+   struct crypto_skcipher *ci;
struct rxrpc_key_token *token;
int ret;
 
@@ -70,15 +70,15 @@ static int rxkad_init_connection_security(struct 
rxrpc_connection *conn)
token = conn->key->payload.data[0];
conn->security_ix = token->security_index;
 
-   ci = crypto_alloc_blkcipher("pcbc(fcrypt)", 0, CRYPTO_ALG_ASYNC);
+   ci = crypto_alloc_skcipher("pcbc(fcrypt)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(ci)) {
_debug("no cipher");
ret = PTR_ERR(ci);
goto error;
}
 
-   if (crypto_blkcipher_setkey(ci, token->kad->session_key,
-   sizeof(token->kad->session_key)) < 0)
+   if (crypto_skcipher_setkey(ci, token->kad->session_key,
+  sizeof(token->kad->session_key)) < 0)
BUG();
 
switch (conn->security_level) {
@@ -113,7 +113,7 @@ error:
 static void rxkad_prime_packet_security(struct rxrpc_connection *conn)
 {
struct rxrpc_key_token *token;
-   struct blkcipher_desc desc;
+   SKCIPHER_REQUEST_ON_STACK(req, conn->cipher);
struct scatterlist sg[2];
struct rxrpc_crypt iv;
struct {
@@ -128,10 +128,6 @@ static void rxkad_prime_packet_security(struct 
rxrpc_connection *conn)
token 

[PATCH 20/26] drbd: Use shash and ahash

[Herbert Xu]

This patch replaces uses of the long obsolete hash interface with
either shash (for non-SG users) or ahash.

Signed-off-by: Herbert Xu 
---

 drivers/block/drbd/drbd_int.h  |   16 +-
 drivers/block/drbd/drbd_main.c |   16 +-
 drivers/block/drbd/drbd_nl.c   |   59 +++--
 drivers/block/drbd/drbd_receiver.c |   56 ---
 drivers/block/drbd/drbd_worker.c   |   43 +++---
 5 files changed, 103 insertions(+), 87 deletions(-)

diff --git a/drivers/block/drbd/drbd_int.h b/drivers/block/drbd/drbd_int.h
index e66d453..686d955 100644
--- a/drivers/block/drbd/drbd_int.h
+++ b/drivers/block/drbd/drbd_int.h
@@ -26,13 +26,13 @@
 #ifndef _DRBD_INT_H
 #define _DRBD_INT_H
 
+#include 
 #include 
 #include 
 #include 
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -737,11 +737,11 @@ struct drbd_connection {
 
struct list_head transfer_log;  /* all requests not yet fully processed 
*/
 
-   struct crypto_hash *cram_hmac_tfm;
-   struct crypto_hash *integrity_tfm;  /* checksums we compute, updates 
protected by connection->data->mutex */
-   struct crypto_hash *peer_integrity_tfm;  /* checksums we verify, only 
accessed from receiver thread  */
-   struct crypto_hash *csums_tfm;
-   struct crypto_hash *verify_tfm;
+   struct crypto_shash *cram_hmac_tfm;
+   struct crypto_ahash *integrity_tfm;  /* checksums we compute, updates 
protected by connection->data->mutex */
+   struct crypto_ahash *peer_integrity_tfm;  /* checksums we verify, only 
accessed from receiver thread  */
+   struct crypto_ahash *csums_tfm;
+   struct crypto_ahash *verify_tfm;
void *int_dig_in;
void *int_dig_vv;
 
@@ -1511,8 +1511,8 @@ static inline void ov_out_of_sync_print(struct 
drbd_device *device)
 }
 
 
-extern void drbd_csum_bio(struct crypto_hash *, struct bio *, void *);
-extern void drbd_csum_ee(struct crypto_hash *, struct drbd_peer_request *, 
void *);
+extern void drbd_csum_bio(struct crypto_ahash *, struct bio *, void *);
+extern void drbd_csum_ee(struct crypto_ahash *, struct drbd_peer_request *, 
void *);
 /* worker callbacks */
 extern int w_e_end_data_req(struct drbd_work *, int);
 extern int w_e_end_rsdata_req(struct drbd_work *, int);
diff --git a/drivers/block/drbd/drbd_main.c b/drivers/block/drbd/drbd_main.c
index 74d97f4..69ee808 100644
--- a/drivers/block/drbd/drbd_main.c
+++ b/drivers/block/drbd/drbd_main.c
@@ -1339,7 +1339,7 @@ void drbd_send_ack_dp(struct drbd_peer_device 
*peer_device, enum drbd_packet cmd
  struct p_data *dp, int data_size)
 {
if (peer_device->connection->peer_integrity_tfm)
-   data_size -= 
crypto_hash_digestsize(peer_device->connection->peer_integrity_tfm);
+   data_size -= 
crypto_ahash_digestsize(peer_device->connection->peer_integrity_tfm);
_drbd_send_ack(peer_device, cmd, dp->sector, cpu_to_be32(data_size),
   dp->block_id);
 }
@@ -1628,7 +1628,7 @@ int drbd_send_dblock(struct drbd_peer_device 
*peer_device, struct drbd_request *
sock = _device->connection->data;
p = drbd_prepare_command(peer_device, sock);
digest_size = peer_device->connection->integrity_tfm ?
- 
crypto_hash_digestsize(peer_device->connection->integrity_tfm) : 0;
+ 
crypto_ahash_digestsize(peer_device->connection->integrity_tfm) : 0;
 
if (!p)
return -EIO;
@@ -1717,7 +1717,7 @@ int drbd_send_block(struct drbd_peer_device *peer_device, 
enum drbd_packet cmd,
p = drbd_prepare_command(peer_device, sock);
 
digest_size = peer_device->connection->integrity_tfm ?
- 
crypto_hash_digestsize(peer_device->connection->integrity_tfm) : 0;
+ 
crypto_ahash_digestsize(peer_device->connection->integrity_tfm) : 0;
 
if (!p)
return -EIO;
@@ -2506,11 +2506,11 @@ void conn_free_crypto(struct drbd_connection 
*connection)
 {
drbd_free_sock(connection);
 
-   crypto_free_hash(connection->csums_tfm);
-   crypto_free_hash(connection->verify_tfm);
-   crypto_free_hash(connection->cram_hmac_tfm);
-   crypto_free_hash(connection->integrity_tfm);
-   crypto_free_hash(connection->peer_integrity_tfm);
+   crypto_free_ahash(connection->csums_tfm);
+   crypto_free_ahash(connection->verify_tfm);
+   crypto_free_shash(connection->cram_hmac_tfm);
+   crypto_free_ahash(connection->integrity_tfm);
+   crypto_free_ahash(connection->peer_integrity_tfm);
kfree(connection->int_dig_in);
kfree(connection->int_dig_vv);
 
diff --git a/drivers/block/drbd/drbd_nl.c b/drivers/block/drbd/drbd_nl.c
index e80cbef..578f635 100644
--- a/drivers/block/drbd/drbd_nl.c
+++ b/drivers/block/drbd/drbd_nl.c
@@ -2065,19 +2065,34 @@ check_net_options(struct 

[PATCH 15/26] Bluetooth: Use skcipher and hash

[Herbert Xu]

This patch replaces uses of blkcipher with skcipher and the long
obsolete hash interface with shash.
   
Signed-off-by: Herbert Xu 
---

 net/bluetooth/smp.c |  135 
 1 file changed, 63 insertions(+), 72 deletions(-)

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index ffed8a1..78ad7d6 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -21,9 +21,10 @@
 */
 
 #include 
-#include 
 #include 
 #include 
+#include 
+#include 
 
 #include 
 #include 
@@ -87,8 +88,8 @@ struct smp_dev {
u8  min_key_size;
u8  max_key_size;
 
-   struct crypto_blkcipher *tfm_aes;
-   struct crypto_hash  *tfm_cmac;
+   struct crypto_skcipher  *tfm_aes;
+   struct crypto_shash *tfm_cmac;
 };
 
 struct smp_chan {
@@ -126,8 +127,8 @@ struct smp_chan {
u8  dhkey[32];
u8  mackey[16];
 
-   struct crypto_blkcipher *tfm_aes;
-   struct crypto_hash  *tfm_cmac;
+   struct crypto_skcipher  *tfm_aes;
+   struct crypto_shash *tfm_cmac;
 };
 
 /* These debug key values are defined in the SMP section of the core
@@ -165,12 +166,11 @@ static inline void swap_buf(const u8 *src, u8 *dst, 
size_t len)
  * AES-CMAC, f4, f5, f6, g2 and h6.
  */
 
-static int aes_cmac(struct crypto_hash *tfm, const u8 k[16], const u8 *m,
+static int aes_cmac(struct crypto_shash *tfm, const u8 k[16], const u8 *m,
size_t len, u8 mac[16])
 {
uint8_t tmp[16], mac_msb[16], msg_msb[CMAC_MSG_MAX];
-   struct hash_desc desc;
-   struct scatterlist sg;
+   SHASH_DESC_ON_STACK(desc, tfm);
int err;
 
if (len > CMAC_MSG_MAX)
@@ -181,10 +181,8 @@ static int aes_cmac(struct crypto_hash *tfm, const u8 
k[16], const u8 *m,
return -EINVAL;
}
 
-   desc.tfm = tfm;
-   desc.flags = 0;
-
-   crypto_hash_init();
+   desc->tfm = tfm;
+   desc->flags = 0;
 
/* Swap key and message from LSB to MSB */
swap_buf(k, tmp, 16);
@@ -193,23 +191,16 @@ static int aes_cmac(struct crypto_hash *tfm, const u8 
k[16], const u8 *m,
SMP_DBG("msg (len %zu) %*phN", len, (int) len, m);
SMP_DBG("key %16phN", k);
 
-   err = crypto_hash_setkey(tfm, tmp, 16);
+   err = crypto_shash_setkey(tfm, tmp, 16);
if (err) {
BT_ERR("cipher setkey failed: %d", err);
return err;
}
 
-   sg_init_one(, msg_msb, len);
-
-   err = crypto_hash_update(, , len);
+   err = crypto_shash_digest(desc, msg_msb, len, mac_msb);
+   shash_desc_zero(desc);
if (err) {
-   BT_ERR("Hash update error %d", err);
-   return err;
-   }
-
-   err = crypto_hash_final(, mac_msb);
-   if (err) {
-   BT_ERR("Hash final error %d", err);
+   BT_ERR("Hash computation error %d", err);
return err;
}
 
@@ -220,8 +211,8 @@ static int aes_cmac(struct crypto_hash *tfm, const u8 
k[16], const u8 *m,
return 0;
 }
 
-static int smp_f4(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32],
- const u8 x[16], u8 z, u8 res[16])
+static int smp_f4(struct crypto_shash *tfm_cmac, const u8 u[32],
+ const u8 v[32], const u8 x[16], u8 z, u8 res[16])
 {
u8 m[65];
int err;
@@ -243,7 +234,7 @@ static int smp_f4(struct crypto_hash *tfm_cmac, const u8 
u[32], const u8 v[32],
return err;
 }
 
-static int smp_f5(struct crypto_hash *tfm_cmac, const u8 w[32],
+static int smp_f5(struct crypto_shash *tfm_cmac, const u8 w[32],
  const u8 n1[16], const u8 n2[16], const u8 a1[7],
  const u8 a2[7], u8 mackey[16], u8 ltk[16])
 {
@@ -296,7 +287,7 @@ static int smp_f5(struct crypto_hash *tfm_cmac, const u8 
w[32],
return 0;
 }
 
-static int smp_f6(struct crypto_hash *tfm_cmac, const u8 w[16],
+static int smp_f6(struct crypto_shash *tfm_cmac, const u8 w[16],
  const u8 n1[16], const u8 n2[16], const u8 r[16],
  const u8 io_cap[3], const u8 a1[7], const u8 a2[7],
  u8 res[16])
@@ -324,7 +315,7 @@ static int smp_f6(struct crypto_hash *tfm_cmac, const u8 
w[16],
return err;
 }
 
-static int smp_g2(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32],
+static int smp_g2(struct crypto_shash *tfm_cmac, const u8 u[32], const u8 
v[32],
  const u8 x[16], const u8 y[16], u32 *val)
 {
u8 m[80], tmp[16];
@@ -350,7 +341,7 @@ static int smp_g2(struct crypto_hash *tfm_cmac, const u8 
u[32], const u8 v[32],
return 0;
 }
 
-static int smp_h6(struct crypto_hash *tfm_cmac, const u8 w[16],
+static int smp_h6(struct crypto_shash *tfm_cmac, const u8 w[16],
  const u8 key_id[4], u8 res[16])
 {
int err;
@@ -370,9 +361,9 @@ static int 

[PATCH 22/26] iscsi_tcp: Use ahash

[Herbert Xu]

This patch replaces uses of the long obsolete hash interface with
ahash.

Signed-off-by: Herbert Xu 
---

 drivers/scsi/iscsi_tcp.c|   54 ++--
 drivers/scsi/iscsi_tcp.h|4 +--
 drivers/scsi/libiscsi_tcp.c |   29 +--
 include/scsi/libiscsi_tcp.h |   13 +-
 4 files changed, 58 insertions(+), 42 deletions(-)

diff --git a/drivers/scsi/iscsi_tcp.c b/drivers/scsi/iscsi_tcp.c
index 0b8af18..2e4c82f 100644
--- a/drivers/scsi/iscsi_tcp.c
+++ b/drivers/scsi/iscsi_tcp.c
@@ -26,12 +26,12 @@
  * Zhenyu Wang
  */
 
+#include 
 #include 
 #include 
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -428,7 +428,7 @@ static void iscsi_sw_tcp_send_hdr_prep(struct iscsi_conn 
*conn, void *hdr,
 * sufficient room.
 */
if (conn->hdrdgst_en) {
-   iscsi_tcp_dgst_header(_sw_conn->tx_hash, hdr, hdrlen,
+   iscsi_tcp_dgst_header(tcp_sw_conn->tx_hash, hdr, hdrlen,
  hdr + hdrlen);
hdrlen += ISCSI_DIGEST_SIZE;
}
@@ -454,7 +454,7 @@ iscsi_sw_tcp_send_data_prep(struct iscsi_conn *conn, struct 
scatterlist *sg,
 {
struct iscsi_tcp_conn *tcp_conn = conn->dd_data;
struct iscsi_sw_tcp_conn *tcp_sw_conn = tcp_conn->dd_data;
-   struct hash_desc *tx_hash = NULL;
+   struct ahash_request *tx_hash = NULL;
unsigned int hdr_spec_len;
 
ISCSI_SW_TCP_DBG(conn, "offset=%d, datalen=%d %s\n", offset, len,
@@ -467,7 +467,7 @@ iscsi_sw_tcp_send_data_prep(struct iscsi_conn *conn, struct 
scatterlist *sg,
WARN_ON(iscsi_padded(len) != iscsi_padded(hdr_spec_len));
 
if (conn->datadgst_en)
-   tx_hash = _sw_conn->tx_hash;
+   tx_hash = tcp_sw_conn->tx_hash;
 
return iscsi_segment_seek_sg(_sw_conn->out.data_segment,
 sg, count, offset, len,
@@ -480,7 +480,7 @@ iscsi_sw_tcp_send_linear_data_prep(struct iscsi_conn *conn, 
void *data,
 {
struct iscsi_tcp_conn *tcp_conn = conn->dd_data;
struct iscsi_sw_tcp_conn *tcp_sw_conn = tcp_conn->dd_data;
-   struct hash_desc *tx_hash = NULL;
+   struct ahash_request *tx_hash = NULL;
unsigned int hdr_spec_len;
 
ISCSI_SW_TCP_DBG(conn, "datalen=%zd %s\n", len, conn->datadgst_en ?
@@ -492,7 +492,7 @@ iscsi_sw_tcp_send_linear_data_prep(struct iscsi_conn *conn, 
void *data,
WARN_ON(iscsi_padded(len) != iscsi_padded(hdr_spec_len));
 
if (conn->datadgst_en)
-   tx_hash = _sw_conn->tx_hash;
+   tx_hash = tcp_sw_conn->tx_hash;
 
iscsi_segment_init_linear(_sw_conn->out.data_segment,
data, len, NULL, tx_hash);
@@ -543,6 +543,7 @@ iscsi_sw_tcp_conn_create(struct iscsi_cls_session 
*cls_session,
struct iscsi_cls_conn *cls_conn;
struct iscsi_tcp_conn *tcp_conn;
struct iscsi_sw_tcp_conn *tcp_sw_conn;
+   struct crypto_ahash *tfm;
 
cls_conn = iscsi_tcp_conn_setup(cls_session, sizeof(*tcp_sw_conn),
conn_idx);
@@ -552,23 +553,28 @@ iscsi_sw_tcp_conn_create(struct iscsi_cls_session 
*cls_session,
tcp_conn = conn->dd_data;
tcp_sw_conn = tcp_conn->dd_data;
 
-   tcp_sw_conn->tx_hash.tfm = crypto_alloc_hash("crc32c", 0,
-CRYPTO_ALG_ASYNC);
-   tcp_sw_conn->tx_hash.flags = 0;
-   if (IS_ERR(tcp_sw_conn->tx_hash.tfm))
+   tfm = crypto_alloc_ahash("crc32c", 0, CRYPTO_ALG_ASYNC);
+   if (IS_ERR(tfm))
goto free_conn;
 
-   tcp_sw_conn->rx_hash.tfm = crypto_alloc_hash("crc32c", 0,
-CRYPTO_ALG_ASYNC);
-   tcp_sw_conn->rx_hash.flags = 0;
-   if (IS_ERR(tcp_sw_conn->rx_hash.tfm))
-   goto free_tx_tfm;
-   tcp_conn->rx_hash = _sw_conn->rx_hash;
+   tcp_sw_conn->tx_hash = ahash_request_alloc(tfm, GFP_KERNEL);
+   if (!tcp_sw_conn->tx_hash)
+   goto free_tfm;
+   ahash_request_set_callback(tcp_sw_conn->tx_hash, 0, NULL, NULL);
+
+   tcp_sw_conn->rx_hash = ahash_request_alloc(tfm, GFP_KERNEL);
+   if (!tcp_sw_conn->rx_hash)
+   goto free_tx_hash;
+   ahash_request_set_callback(tcp_sw_conn->rx_hash, 0, NULL, NULL);
+
+   tcp_conn->rx_hash = tcp_sw_conn->rx_hash;
 
return cls_conn;
 
-free_tx_tfm:
-   crypto_free_hash(tcp_sw_conn->tx_hash.tfm);
+free_tx_hash:
+   ahash_request_free(tcp_sw_conn->tx_hash);
+free_tfm:
+   crypto_free_ahash(tfm);
 free_conn:
iscsi_conn_printk(KERN_ERR, conn,
  "Could not create connection due to crc32c "
@@ -607,10 +613,14 @@ static void iscsi_sw_tcp_conn_destroy(struct 
iscsi_cls_conn *cls_conn)
 
iscsi_sw_tcp_release_conn(conn);
 
-   if (tcp_sw_conn->tx_hash.tfm)
-  

[PATCH 25/26] sctp: Use shash

[Herbert Xu]

This patch replaces uses of the long obsolete hash interface with
shash.

Signed-off-by: Herbert Xu 
---

 include/net/sctp/auth.h|4 +--
 include/net/sctp/structs.h |6 ++---
 net/sctp/auth.c|   36 ---
 net/sctp/endpointola.c |1 
 net/sctp/sm_make_chunk.c   |   51 +
 net/sctp/socket.c  |8 +++
 6 files changed, 57 insertions(+), 49 deletions(-)

diff --git a/include/net/sctp/auth.h b/include/net/sctp/auth.h
index f2d58aa..9b9fb12 100644
--- a/include/net/sctp/auth.h
+++ b/include/net/sctp/auth.h
@@ -31,12 +31,12 @@
 #define __sctp_auth_h__
 
 #include 
-#include 
 
 struct sctp_endpoint;
 struct sctp_association;
 struct sctp_authkey;
 struct sctp_hmacalgo;
+struct crypto_shash;
 
 /*
  * Define a generic struct that will hold all the info
@@ -90,7 +90,7 @@ int sctp_auth_asoc_copy_shkeys(const struct sctp_endpoint *ep,
struct sctp_association *asoc,
gfp_t gfp);
 int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp);
-void sctp_auth_destroy_hmacs(struct crypto_hash *auth_hmacs[]);
+void sctp_auth_destroy_hmacs(struct crypto_shash *auth_hmacs[]);
 struct sctp_hmac *sctp_auth_get_hmac(__u16 hmac_id);
 struct sctp_hmac *sctp_auth_asoc_get_hmac(const struct sctp_association *asoc);
 void sctp_auth_asoc_set_default_hmac(struct sctp_association *asoc,
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
index 20e7212..6b1e383 100644
--- a/include/net/sctp/structs.h
+++ b/include/net/sctp/structs.h
@@ -82,7 +82,7 @@ struct sctp_bind_addr;
 struct sctp_ulpq;
 struct sctp_ep_common;
 struct sctp_ssnmap;
-struct crypto_hash;
+struct crypto_shash;
 
 
 #include 
@@ -166,7 +166,7 @@ struct sctp_sock {
struct sctp_pf *pf;
 
/* Access to HMAC transform. */
-   struct crypto_hash *hmac;
+   struct crypto_shash *hmac;
char *sctp_hmac_alg;
 
/* What is our base endpointer? */
@@ -1235,7 +1235,7 @@ struct sctp_endpoint {
/* SCTP AUTH: array of the HMACs that will be allocated
 * we need this per association so that we don't serialize
 */
-   struct crypto_hash **auth_hmacs;
+   struct crypto_shash **auth_hmacs;
 
/* SCTP-AUTH: hmacs for the endpoint encoded into parameter */
 struct sctp_hmac_algo_param *auth_hmacs_list;
diff --git a/net/sctp/auth.c b/net/sctp/auth.c
index 1543e39..912eb16 100644
--- a/net/sctp/auth.c
+++ b/net/sctp/auth.c
@@ -27,9 +27,9 @@
  *   Vlad Yasevich 
  */
 
+#include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -448,7 +448,7 @@ struct sctp_shared_key *sctp_auth_get_shkey(
  */
 int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp)
 {
-   struct crypto_hash *tfm = NULL;
+   struct crypto_shash *tfm = NULL;
__u16   id;
 
/* If AUTH extension is disabled, we are done */
@@ -462,9 +462,8 @@ int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t 
gfp)
return 0;
 
/* Allocated the array of pointers to transorms */
-   ep->auth_hmacs = kzalloc(
-   sizeof(struct crypto_hash *) * SCTP_AUTH_NUM_HMACS,
-   gfp);
+   ep->auth_hmacs = kzalloc(sizeof(struct crypto_shash *) *
+SCTP_AUTH_NUM_HMACS, gfp);
if (!ep->auth_hmacs)
return -ENOMEM;
 
@@ -483,8 +482,7 @@ int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t 
gfp)
continue;
 
/* Allocate the ID */
-   tfm = crypto_alloc_hash(sctp_hmac_list[id].hmac_name, 0,
-   CRYPTO_ALG_ASYNC);
+   tfm = crypto_alloc_shash(sctp_hmac_list[id].hmac_name, 0, 0);
if (IS_ERR(tfm))
goto out_err;
 
@@ -500,7 +498,7 @@ out_err:
 }
 
 /* Destroy the hmac tfm array */
-void sctp_auth_destroy_hmacs(struct crypto_hash *auth_hmacs[])
+void sctp_auth_destroy_hmacs(struct crypto_shash *auth_hmacs[])
 {
int i;
 
@@ -508,8 +506,7 @@ void sctp_auth_destroy_hmacs(struct crypto_hash 
*auth_hmacs[])
return;
 
for (i = 0; i < SCTP_AUTH_NUM_HMACS; i++) {
-   if (auth_hmacs[i])
-   crypto_free_hash(auth_hmacs[i]);
+   crypto_free_shash(auth_hmacs[i]);
}
kfree(auth_hmacs);
 }
@@ -709,8 +706,7 @@ void sctp_auth_calculate_hmac(const struct sctp_association 
*asoc,
  struct sctp_auth_chunk *auth,
  gfp_t gfp)
 {
-   struct scatterlist sg;
-   struct hash_desc desc;
+   struct crypto_shash *tfm;
struct sctp_auth_bytes *asoc_key;
__u16 key_id, hmac_id;
__u8 *digest;
@@ -742,16 +738,22 @@ void sctp_auth_calculate_hmac(const struct 

[PATCH 26/26] tcp: Use ahash

[Herbert Xu]

This patch replaces uses of the long obsolete hash interface with
ahash.

Signed-off-by: Herbert Xu 
---

 include/net/tcp.h   |6 +-
 net/ipv4/tcp.c  |   41 ++---
 net/ipv4/tcp_fastopen.c |1 +
 net/ipv4/tcp_ipv4.c |   23 +--
 net/ipv6/tcp_ipv6.c |   23 +--
 5 files changed, 54 insertions(+), 40 deletions(-)

diff --git a/include/net/tcp.h b/include/net/tcp.h
index 8ea1997..2a5b3b8 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -27,7 +27,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -1325,9 +1324,6 @@ static inline void tcp_clear_all_retrans_hints(struct 
tcp_sock *tp)
tp->retransmit_skb_hint = NULL;
 }
 
-/* MD5 Signature */
-struct crypto_hash;
-
 union tcp_md5_addr {
struct in_addr  a4;
 #if IS_ENABLED(CONFIG_IPV6)
@@ -1376,7 +1372,7 @@ union tcp_md5sum_block {
 
 /* - pool: digest algorithm, hash description and scratch buffer */
 struct tcp_md5sig_pool {
-   struct hash_descmd5_desc;
+   struct ahash_request*md5_req;
union tcp_md5sum_block  md5_blk;
 };
 
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index fd17eec..91ffef3 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -247,6 +247,7 @@
 
 #define pr_fmt(fmt) "TCP: " fmt
 
+#include 
 #include 
 #include 
 #include 
@@ -266,7 +267,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 
@@ -2939,17 +2939,26 @@ static bool tcp_md5sig_pool_populated = false;
 
 static void __tcp_alloc_md5sig_pool(void)
 {
+   struct crypto_ahash *hash;
int cpu;
 
+   hash = crypto_alloc_ahash("md5", 0, CRYPTO_ALG_ASYNC);
+   if (IS_ERR_OR_NULL(hash))
+   return;
+
for_each_possible_cpu(cpu) {
-   if (!per_cpu(tcp_md5sig_pool, cpu).md5_desc.tfm) {
-   struct crypto_hash *hash;
+   struct ahash_request *req;
 
-   hash = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);
-   if (IS_ERR_OR_NULL(hash))
-   return;
-   per_cpu(tcp_md5sig_pool, cpu).md5_desc.tfm = hash;
-   }
+   if (per_cpu(tcp_md5sig_pool, cpu).md5_req)
+   continue;
+
+   req = ahash_request_alloc(hash, GFP_KERNEL);
+   if (!req)
+   return;
+
+   ahash_request_set_callback(req, 0, NULL, NULL);
+
+   per_cpu(tcp_md5sig_pool, cpu).md5_req = req;
}
/* before setting tcp_md5sig_pool_populated, we must commit all writes
 * to memory. See smp_rmb() in tcp_get_md5sig_pool()
@@ -2999,7 +3008,6 @@ int tcp_md5_hash_header(struct tcp_md5sig_pool *hp,
 {
struct scatterlist sg;
struct tcphdr hdr;
-   int err;
 
/* We are not allowed to change tcphdr, make a local copy */
memcpy(, th, sizeof(hdr));
@@ -3007,8 +3015,8 @@ int tcp_md5_hash_header(struct tcp_md5sig_pool *hp,
 
/* options aren't included in the hash */
sg_init_one(, , sizeof(hdr));
-   err = crypto_hash_update(>md5_desc, , sizeof(hdr));
-   return err;
+   ahash_request_set_crypt(hp->md5_req, , NULL, sizeof(hdr));
+   return crypto_ahash_update(hp->md5_req);
 }
 EXPORT_SYMBOL(tcp_md5_hash_header);
 
@@ -3017,7 +3025,7 @@ int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *hp,
 {
struct scatterlist sg;
const struct tcphdr *tp = tcp_hdr(skb);
-   struct hash_desc *desc = >md5_desc;
+   struct ahash_request *req = hp->md5_req;
unsigned int i;
const unsigned int head_data_len = skb_headlen(skb) > header_len ?
   skb_headlen(skb) - header_len : 0;
@@ -3027,7 +3035,8 @@ int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *hp,
sg_init_table(, 1);
 
sg_set_buf(, ((u8 *) tp) + header_len, head_data_len);
-   if (crypto_hash_update(desc, , head_data_len))
+   ahash_request_set_crypt(req, , NULL, head_data_len);
+   if (crypto_ahash_update(req))
return 1;
 
for (i = 0; i < shi->nr_frags; ++i) {
@@ -3037,7 +3046,8 @@ int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *hp,
 
sg_set_page(, page, skb_frag_size(f),
offset_in_page(offset));
-   if (crypto_hash_update(desc, , skb_frag_size(f)))
+   ahash_request_set_crypt(req, , NULL, skb_frag_size(f));
+   if (crypto_ahash_update(req))
return 1;
}
 
@@ -3054,7 +3064,8 @@ int tcp_md5_hash_key(struct tcp_md5sig_pool *hp, const 
struct tcp_md5sig_key *ke
struct scatterlist sg;
 
sg_init_one(, key->key, key->keylen);
-   return crypto_hash_update(>md5_desc, , key->keylen);
+   ahash_request_set_crypt(hp->md5_req, , NULL, key->keylen);
+   return 

[PATCH 10/26] ext4: Use skcipher

[Herbert Xu]

This patch replaces uses of ablkcipher with skcipher.
   
Signed-off-by: Herbert Xu 
---

 fs/ext4/crypto.c   |   24 +++-
 fs/ext4/crypto_fname.c |   32 +++-
 fs/ext4/crypto_key.c   |   42 --
 fs/ext4/ext4_crypto.h  |2 +-
 4 files changed, 47 insertions(+), 53 deletions(-)

diff --git a/fs/ext4/crypto.c b/fs/ext4/crypto.c
index 1a08350..a052c2a 100644
--- a/fs/ext4/crypto.c
+++ b/fs/ext4/crypto.c
@@ -18,11 +18,9 @@
  * Special Publication 800-38E and IEEE P1619/D16.
  */
 
-#include 
-#include 
+#include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -261,21 +259,21 @@ static int ext4_page_crypto(struct inode *inode,
 
 {
u8 xts_tweak[EXT4_XTS_TWEAK_SIZE];
-   struct ablkcipher_request *req = NULL;
+   struct skcipher_request *req = NULL;
DECLARE_EXT4_COMPLETION_RESULT(ecr);
struct scatterlist dst, src;
struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
-   struct crypto_ablkcipher *tfm = ci->ci_ctfm;
+   struct crypto_skcipher *tfm = ci->ci_ctfm;
int res = 0;
 
-   req = ablkcipher_request_alloc(tfm, GFP_NOFS);
+   req = skcipher_request_alloc(tfm, GFP_NOFS);
if (!req) {
printk_ratelimited(KERN_ERR
   "%s: crypto_request_alloc() failed\n",
   __func__);
return -ENOMEM;
}
-   ablkcipher_request_set_callback(
+   skcipher_request_set_callback(
req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,
ext4_crypt_complete, );
 
@@ -288,21 +286,21 @@ static int ext4_page_crypto(struct inode *inode,
sg_set_page(, dest_page, PAGE_CACHE_SIZE, 0);
sg_init_table(, 1);
sg_set_page(, src_page, PAGE_CACHE_SIZE, 0);
-   ablkcipher_request_set_crypt(req, , , PAGE_CACHE_SIZE,
-xts_tweak);
+   skcipher_request_set_crypt(req, , , PAGE_CACHE_SIZE,
+  xts_tweak);
if (rw == EXT4_DECRYPT)
-   res = crypto_ablkcipher_decrypt(req);
+   res = crypto_skcipher_decrypt(req);
else
-   res = crypto_ablkcipher_encrypt(req);
+   res = crypto_skcipher_encrypt(req);
if (res == -EINPROGRESS || res == -EBUSY) {
wait_for_completion();
res = ecr.res;
}
-   ablkcipher_request_free(req);
+   skcipher_request_free(req);
if (res) {
printk_ratelimited(
KERN_ERR
-   "%s: crypto_ablkcipher_encrypt() returned %d\n",
+   "%s: crypto_skcipher_encrypt() returned %d\n",
__func__, res);
return res;
}
diff --git a/fs/ext4/crypto_fname.c b/fs/ext4/crypto_fname.c
index 2fbef8a..1a2f360 100644
--- a/fs/ext4/crypto_fname.c
+++ b/fs/ext4/crypto_fname.c
@@ -11,11 +11,9 @@
  *
  */
 
-#include 
-#include 
+#include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -65,10 +63,10 @@ static int ext4_fname_encrypt(struct inode *inode,
  struct ext4_str *oname)
 {
u32 ciphertext_len;
-   struct ablkcipher_request *req = NULL;
+   struct skcipher_request *req = NULL;
DECLARE_EXT4_COMPLETION_RESULT(ecr);
struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
-   struct crypto_ablkcipher *tfm = ci->ci_ctfm;
+   struct crypto_skcipher *tfm = ci->ci_ctfm;
int res = 0;
char iv[EXT4_CRYPTO_BLOCK_SIZE];
struct scatterlist src_sg, dst_sg;
@@ -95,14 +93,14 @@ static int ext4_fname_encrypt(struct inode *inode,
}
 
/* Allocate request */
-   req = ablkcipher_request_alloc(tfm, GFP_NOFS);
+   req = skcipher_request_alloc(tfm, GFP_NOFS);
if (!req) {
printk_ratelimited(
KERN_ERR "%s: crypto_request_alloc() failed\n", __func__);
kfree(alloc_buf);
return -ENOMEM;
}
-   ablkcipher_request_set_callback(req,
+   skcipher_request_set_callback(req,
CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,
ext4_dir_crypt_complete, );
 
@@ -117,14 +115,14 @@ static int ext4_fname_encrypt(struct inode *inode,
/* Create encryption request */
sg_init_one(_sg, workbuf, ciphertext_len);
sg_init_one(_sg, oname->name, ciphertext_len);
-   ablkcipher_request_set_crypt(req, _sg, _sg, ciphertext_len, iv);
-   res = crypto_ablkcipher_encrypt(req);
+   skcipher_request_set_crypt(req, _sg, _sg, ciphertext_len, iv);
+   res = crypto_skcipher_encrypt(req);
if (res == -EINPROGRESS || res == -EBUSY) {
wait_for_completion();
res = ecr.res;
}

[PATCH 17/26] mac802154: Use skcipher

[Herbert Xu]

This patch replaces uses of blkcipher with skcipher.
   
Signed-off-by: Herbert Xu 
---

 net/mac802154/llsec.c |   41 +++--
 net/mac802154/llsec.h |3 +--
 2 files changed, 24 insertions(+), 20 deletions(-)

diff --git a/net/mac802154/llsec.c b/net/mac802154/llsec.c
index a13d02b..6a3e1c2 100644
--- a/net/mac802154/llsec.c
+++ b/net/mac802154/llsec.c
@@ -17,9 +17,9 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
+#include 
 
 #include "ieee802154_i.h"
 #include "llsec.h"
@@ -144,18 +144,18 @@ llsec_key_alloc(const struct ieee802154_llsec_key 
*template)
goto err_tfm;
}
 
-   key->tfm0 = crypto_alloc_blkcipher("ctr(aes)", 0, CRYPTO_ALG_ASYNC);
+   key->tfm0 = crypto_alloc_skcipher("ctr(aes)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(key->tfm0))
goto err_tfm;
 
-   if (crypto_blkcipher_setkey(key->tfm0, template->key,
-   IEEE802154_LLSEC_KEY_SIZE))
+   if (crypto_skcipher_setkey(key->tfm0, template->key,
+  IEEE802154_LLSEC_KEY_SIZE))
goto err_tfm0;
 
return key;
 
 err_tfm0:
-   crypto_free_blkcipher(key->tfm0);
+   crypto_free_skcipher(key->tfm0);
 err_tfm:
for (i = 0; i < ARRAY_SIZE(key->tfm); i++)
if (key->tfm[i])
@@ -175,7 +175,7 @@ static void llsec_key_release(struct kref *ref)
for (i = 0; i < ARRAY_SIZE(key->tfm); i++)
crypto_free_aead(key->tfm[i]);
 
-   crypto_free_blkcipher(key->tfm0);
+   crypto_free_skcipher(key->tfm0);
kzfree(key);
 }
 
@@ -620,15 +620,17 @@ llsec_do_encrypt_unauth(struct sk_buff *skb, const struct 
mac802154_llsec *sec,
 {
u8 iv[16];
struct scatterlist src;
-   struct blkcipher_desc req = {
-   .tfm = key->tfm0,
-   .info = iv,
-   .flags = 0,
-   };
+   SKCIPHER_REQUEST_ON_STACK(req, key->tfm0);
+   int err;
 
llsec_geniv(iv, sec->params.hwaddr, >sec);
sg_init_one(, skb->data, skb->len);
-   return crypto_blkcipher_encrypt_iv(, , , skb->len);
+   skcipher_request_set_tfm(req, key->tfm0);
+   skcipher_request_set_callback(req, 0, NULL, NULL);
+   skcipher_request_set_crypt(req, , , skb->len, iv);
+   err = crypto_skcipher_encrypt(req);
+   skcipher_request_zero(req);
+   return err;
 }
 
 static struct crypto_aead*
@@ -830,11 +832,8 @@ llsec_do_decrypt_unauth(struct sk_buff *skb, const struct 
mac802154_llsec *sec,
unsigned char *data;
int datalen;
struct scatterlist src;
-   struct blkcipher_desc req = {
-   .tfm = key->tfm0,
-   .info = iv,
-   .flags = 0,
-   };
+   SKCIPHER_REQUEST_ON_STACK(req, key->tfm0);
+   int err;
 
llsec_geniv(iv, dev_addr, >sec);
data = skb_mac_header(skb) + skb->mac_len;
@@ -842,7 +841,13 @@ llsec_do_decrypt_unauth(struct sk_buff *skb, const struct 
mac802154_llsec *sec,
 
sg_init_one(, data, datalen);
 
-   return crypto_blkcipher_decrypt_iv(, , , datalen);
+   skcipher_request_set_tfm(req, key->tfm0);
+   skcipher_request_set_callback(req, 0, NULL, NULL);
+   skcipher_request_set_crypt(req, , , datalen, iv);
+
+   err = crypto_skcipher_decrypt(req);
+   skcipher_request_zero(req);
+   return err;
 }
 
 static int
diff --git a/net/mac802154/llsec.h b/net/mac802154/llsec.h
index 950578e..6f3b658 100644
--- a/net/mac802154/llsec.h
+++ b/net/mac802154/llsec.h
@@ -19,7 +19,6 @@
 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -30,7 +29,7 @@ struct mac802154_llsec_key {
 
/* one tfm for each authsize (4/8/16) */
struct crypto_aead *tfm[3];
-   struct crypto_blkcipher *tfm0;
+   struct crypto_skcipher *tfm0;
 
struct kref ref;
 };
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 21/26] nfc: s3fwrn5: Use shash

[kbuild test robot]

Hi Herbert,

[auto build test ERROR on net/master]
[also build test ERROR on v4.4 next-20160122]
[if your patch is applied to the wrong git tree, please drop us a note to help 
improving the system]

url:
https://github.com/0day-ci/linux/commits/Herbert-Xu/crypto-Use-skcipher-and-ahash-shash-where-possible/20160124-212323
config: x86_64-randconfig-x014-201604 (attached as .config)
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64 

All errors (new ones prefixed by >>):

   drivers/nfc/s3fwrn5/firmware.c: In function 's3fwrn5_fw_download':
>> drivers/nfc/s3fwrn5/firmware.c:456:3: error: implicit declaration of 
>> function 'shash_desc_zero' [-Werror=implicit-function-declaration]
  shash_desc_zero(desc);
  ^
   cc1: some warnings being treated as errors

vim +/shash_desc_zero +456 drivers/nfc/s3fwrn5/firmware.c

   450  
   451  desc->tfm = tfm;
   452  desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
   453  
   454  ret = crypto_shash_digest(desc, fw->image, image_size,
   455hash_data);
 > 456  shash_desc_zero(desc);
   457  }
   458  
   459  crypto_free_shash(tfm);

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation


.config.gz
Description: Binary data

[PATCH 11/26] f2fs: Use skcipher

[Herbert Xu]

This patch replaces uses of ablkcipher with skcipher.
   
Signed-off-by: Herbert Xu 
---

 fs/f2fs/crypto.c   |   24 +++-
 fs/f2fs/crypto_fname.c |   32 +++-
 fs/f2fs/crypto_key.c   |   40 ++--
 fs/f2fs/f2fs_crypto.h  |2 +-
 4 files changed, 45 insertions(+), 53 deletions(-)

diff --git a/fs/f2fs/crypto.c b/fs/f2fs/crypto.c
index 4a62ef1..95c5cf0 100644
--- a/fs/f2fs/crypto.c
+++ b/fs/f2fs/crypto.c
@@ -23,11 +23,9 @@
  * The usage of AES-XTS should conform to recommendations in NIST
  * Special Publication 800-38E and IEEE P1619/D16.
  */
-#include 
-#include 
+#include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -328,21 +326,21 @@ static int f2fs_page_crypto(struct f2fs_crypto_ctx *ctx,
struct page *dest_page)
 {
u8 xts_tweak[F2FS_XTS_TWEAK_SIZE];
-   struct ablkcipher_request *req = NULL;
+   struct skcipher_request *req = NULL;
DECLARE_F2FS_COMPLETION_RESULT(ecr);
struct scatterlist dst, src;
struct f2fs_crypt_info *ci = F2FS_I(inode)->i_crypt_info;
-   struct crypto_ablkcipher *tfm = ci->ci_ctfm;
+   struct crypto_skcipher *tfm = ci->ci_ctfm;
int res = 0;
 
-   req = ablkcipher_request_alloc(tfm, GFP_NOFS);
+   req = skcipher_request_alloc(tfm, GFP_NOFS);
if (!req) {
printk_ratelimited(KERN_ERR
"%s: crypto_request_alloc() failed\n",
__func__);
return -ENOMEM;
}
-   ablkcipher_request_set_callback(
+   skcipher_request_set_callback(
req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,
f2fs_crypt_complete, );
 
@@ -355,21 +353,21 @@ static int f2fs_page_crypto(struct f2fs_crypto_ctx *ctx,
sg_set_page(, dest_page, PAGE_CACHE_SIZE, 0);
sg_init_table(, 1);
sg_set_page(, src_page, PAGE_CACHE_SIZE, 0);
-   ablkcipher_request_set_crypt(req, , , PAGE_CACHE_SIZE,
-   xts_tweak);
+   skcipher_request_set_crypt(req, , , PAGE_CACHE_SIZE,
+  xts_tweak);
if (rw == F2FS_DECRYPT)
-   res = crypto_ablkcipher_decrypt(req);
+   res = crypto_skcipher_decrypt(req);
else
-   res = crypto_ablkcipher_encrypt(req);
+   res = crypto_skcipher_encrypt(req);
if (res == -EINPROGRESS || res == -EBUSY) {
BUG_ON(req->base.data != );
wait_for_completion();
res = ecr.res;
}
-   ablkcipher_request_free(req);
+   skcipher_request_free(req);
if (res) {
printk_ratelimited(KERN_ERR
-   "%s: crypto_ablkcipher_encrypt() returned %d\n",
+   "%s: crypto_skcipher_encrypt() returned %d\n",
__func__, res);
return res;
}
diff --git a/fs/f2fs/crypto_fname.c b/fs/f2fs/crypto_fname.c
index ab377d4..16aec66 100644
--- a/fs/f2fs/crypto_fname.c
+++ b/fs/f2fs/crypto_fname.c
@@ -15,11 +15,9 @@
  *
  * This has not yet undergone a rigorous security audit.
  */
-#include 
-#include 
+#include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -70,10 +68,10 @@ static int f2fs_fname_encrypt(struct inode *inode,
const struct qstr *iname, struct f2fs_str *oname)
 {
u32 ciphertext_len;
-   struct ablkcipher_request *req = NULL;
+   struct skcipher_request *req = NULL;
DECLARE_F2FS_COMPLETION_RESULT(ecr);
struct f2fs_crypt_info *ci = F2FS_I(inode)->i_crypt_info;
-   struct crypto_ablkcipher *tfm = ci->ci_ctfm;
+   struct crypto_skcipher *tfm = ci->ci_ctfm;
int res = 0;
char iv[F2FS_CRYPTO_BLOCK_SIZE];
struct scatterlist src_sg, dst_sg;
@@ -99,14 +97,14 @@ static int f2fs_fname_encrypt(struct inode *inode,
}
 
/* Allocate request */
-   req = ablkcipher_request_alloc(tfm, GFP_NOFS);
+   req = skcipher_request_alloc(tfm, GFP_NOFS);
if (!req) {
printk_ratelimited(KERN_ERR
"%s: crypto_request_alloc() failed\n", __func__);
kfree(alloc_buf);
return -ENOMEM;
}
-   ablkcipher_request_set_callback(req,
+   skcipher_request_set_callback(req,
CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,
f2fs_dir_crypt_complete, );
 
@@ -121,15 +119,15 @@ static int f2fs_fname_encrypt(struct inode *inode,
/* Create encryption request */
sg_init_one(_sg, workbuf, ciphertext_len);
sg_init_one(_sg, oname->name, ciphertext_len);
-   ablkcipher_request_set_crypt(req, _sg, _sg, ciphertext_len, iv);
-   res = crypto_ablkcipher_encrypt(req);
+   

Re: [PATCH 7/26] wusb: Use skcipher

[kbuild test robot]

Hi Herbert,

[auto build test ERROR on net/master]
[also build test ERROR on v4.4 next-20160122]
[if your patch is applied to the wrong git tree, please drop us a note to help 
improving the system]

url:
https://github.com/0day-ci/linux/commits/Herbert-Xu/crypto-Use-skcipher-and-ahash-shash-where-possible/20160124-212323
config: x86_64-randconfig-x016-201604 (attached as .config)
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64 

All errors (new ones prefixed by >>):

   drivers/usb/wusbcore/crypto.c: In function 'wusb_ccm_mac':
>> drivers/usb/wusbcore/crypto.c:266:2: error: implicit declaration of function 
>> 'skcipher_request_zero' [-Werror=implicit-function-declaration]
 skcipher_request_zero(req);
 ^
   cc1: some warnings being treated as errors

vim +/skcipher_request_zero +266 drivers/usb/wusbcore/crypto.c

   260  sg_init_one(_dst, dst_buf, dst_size);
   261  
   262  skcipher_request_set_tfm(req, tfm_cbc);
   263  skcipher_request_set_callback(req, 0, NULL, NULL);
   264  skcipher_request_set_crypt(req, sg, _dst, dst_size, iv);
   265  result = crypto_skcipher_encrypt(req);
 > 266  skcipher_request_zero(req);
   267  if (result < 0) {
   268  printk(KERN_ERR "E: can't compute CBC-MAC tag (MIC): 
%d\n",
   269 result);

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation


.config.gz
Description: Binary data

Re: [PATCH 15/26] Bluetooth: Use skcipher and hash

[kbuild test robot]

Hi Herbert,

[auto build test ERROR on net/master]
[also build test ERROR on v4.4 next-20160122]
[if your patch is applied to the wrong git tree, please drop us a note to help 
improving the system]

url:
https://github.com/0day-ci/linux/commits/Herbert-Xu/crypto-Use-skcipher-and-ahash-shash-where-possible/20160124-212323
config: x86_64-randconfig-x014-201604 (attached as .config)
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64 

All errors (new ones prefixed by >>):

   net/bluetooth/smp.c: In function 'aes_cmac':
>> net/bluetooth/smp.c:201:2: error: implicit declaration of function 
>> 'shash_desc_zero' [-Werror=implicit-function-declaration]
 shash_desc_zero(desc);
 ^
   net/bluetooth/smp.c: In function 'smp_e':
>> net/bluetooth/smp.c:397:2: error: implicit declaration of function 
>> 'skcipher_request_zero' [-Werror=implicit-function-declaration]
 skcipher_request_zero(req);
 ^
   cc1: some warnings being treated as errors

vim +/shash_desc_zero +201 net/bluetooth/smp.c

   195  if (err) {
   196  BT_ERR("cipher setkey failed: %d", err);
   197  return err;
   198  }
   199  
   200  err = crypto_shash_digest(desc, msg_msb, len, mac_msb);
 > 201  shash_desc_zero(desc);
   202  if (err) {
   203  BT_ERR("Hash computation error %d", err);
   204  return err;
   205  }
   206  
   207  swap_buf(mac_msb, mac, 16);
   208  
   209  SMP_DBG("mac %16phN", mac);
   210  
   211  return 0;
   212  }
   213  
   214  static int smp_f4(struct crypto_shash *tfm_cmac, const u8 u[32],
   215const u8 v[32], const u8 x[16], u8 z, u8 res[16])
   216  {
   217  u8 m[65];
   218  int err;
   219  
   220  SMP_DBG("u %32phN", u);
   221  SMP_DBG("v %32phN", v);
   222  SMP_DBG("x %16phN z %02x", x, z);
   223  
   224  m[0] = z;
   225  memcpy(m + 1, v, 32);
   226  memcpy(m + 33, u, 32);
   227  
   228  err = aes_cmac(tfm_cmac, x, m, sizeof(m), res);
   229  if (err)
   230  return err;
   231  
   232  SMP_DBG("res %16phN", res);
   233  
   234  return err;
   235  }
   236  
   237  static int smp_f5(struct crypto_shash *tfm_cmac, const u8 w[32],
   238const u8 n1[16], const u8 n2[16], const u8 a1[7],
   239const u8 a2[7], u8 mackey[16], u8 ltk[16])
   240  {
   241  /* The btle, salt and length "magic" values are as defined in
   242   * the SMP section of the Bluetooth core specification. In ASCII
   243   * the btle value ends up being 'btle'. The salt is just a
   244   * random number whereas length is the value 256 in little
   245   * endian format.
   246   */
   247  const u8 btle[4] = { 0x65, 0x6c, 0x74, 0x62 };
   248  const u8 salt[16] = { 0xbe, 0x83, 0x60, 0x5a, 0xdb, 0x0b, 0x37, 
0x60,
   2490x38, 0xa5, 0xf5, 0xaa, 0x91, 0x83, 0x88, 
0x6c };
   250  const u8 length[2] = { 0x00, 0x01 };
   251  u8 m[53], t[16];
   252  int err;
   253  
   254  SMP_DBG("w %32phN", w);
   255  SMP_DBG("n1 %16phN n2 %16phN", n1, n2);
   256  SMP_DBG("a1 %7phN a2 %7phN", a1, a2);
   257  
   258  err = aes_cmac(tfm_cmac, salt, w, 32, t);
   259  if (err)
   260  return err;
   261  
   262  SMP_DBG("t %16phN", t);
   263  
   264  memcpy(m, length, 2);
   265  memcpy(m + 2, a2, 7);
   266  memcpy(m + 9, a1, 7);
   267  memcpy(m + 16, n2, 16);
   268  memcpy(m + 32, n1, 16);
   269  memcpy(m + 48, btle, 4);
   270  
   271  m[52] = 0; /* Counter */
   272  
   273  err = aes_cmac(tfm_cmac, t, m, sizeof(m), mackey);
   274  if (err)
   275  return err;
   276  
   277  SMP_DBG("mackey %16phN", mackey);
   278  
   279  m[52] = 1; /* Counter */
   280  
   281  err = aes_cmac(tfm_cmac, t, m, sizeof(m), ltk);
   282  if (err)
   283  return err;
   284  
   285  SMP_DBG("ltk %16phN", ltk);
   286  
   287  return 0;
   288  }
   289  
   290  static int smp_f6(struct crypto_shash *tfm_cmac, const u8 w[16],
   291const u8 n1[16], const u8 n2[16], const u8 r[16],
   292const u8 io_cap[3], const u8 a1[7], const u8 a2[7],
   293u8 res[16])
   294  {
   295  u8 m[65];
   296  int err;
   297  
   298  SMP_DBG("w %16phN", w);
   299  SMP_DBG("n1 %16phN n2 %16ph

[PATCH 0/26] crypto: Use skcipher and ahash/shash where possible

[Herbert Xu]

Hi:

The crypto hash interface has been obsolete for many years and
this series converts all remaining users to shash and ahash as
appropriate.  Despite the name ahash can be used synchronously
and is the preferred interface for those dealing with SGs.

The blkcipher and ablkcipher interfaces are also being phased out
and is being replaced with the merged skcipher interface which
is essentially the same as ablkcipher but without the implicit
IV generators.  This series converts all users of blkcipher and
ablkcipher over to skcipher.

If you have any objections please shout.  Otherwise I would like
to take these patches through the cryptodev tree so we can proceed
with phasing out the obsolete interfaces.

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 12/26] sunrpc: Use skcipher and ahash/shash

[Herbert Xu]

This patch replaces uses of blkcipher with skcipher and the long
obsolete hash interface with either shash (for non-SG users) and
ahash.
   
Signed-off-by: Herbert Xu 
---

 include/linux/sunrpc/gss_krb5.h   |   32 +--
 net/sunrpc/auth_gss/gss_krb5_crypto.c |  350 --
 net/sunrpc/auth_gss/gss_krb5_keys.c   |   12 -
 net/sunrpc/auth_gss/gss_krb5_mech.c   |   89 
 net/sunrpc/auth_gss/gss_krb5_seqnum.c |   22 +-
 net/sunrpc/auth_gss/gss_krb5_wrap.c   |   24 +-
 6 files changed, 306 insertions(+), 223 deletions(-)

diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h
index df02a41..7df625d 100644
--- a/include/linux/sunrpc/gss_krb5.h
+++ b/include/linux/sunrpc/gss_krb5.h
@@ -36,7 +36,7 @@
  *
  */
 
-#include 
+#include 
 #include 
 #include 
 #include 
@@ -71,10 +71,10 @@ struct gss_krb5_enctype {
const u32   keyed_cksum;/* is it a keyed cksum? */
const u32   keybytes;   /* raw key len, in bytes */
const u32   keylength;  /* final key len, in bytes */
-   u32 (*encrypt) (struct crypto_blkcipher *tfm,
+   u32 (*encrypt) (struct crypto_skcipher *tfm,
void *iv, void *in, void *out,
int length);/* encryption function */
-   u32 (*decrypt) (struct crypto_blkcipher *tfm,
+   u32 (*decrypt) (struct crypto_skcipher *tfm,
void *iv, void *in, void *out,
int length);/* decryption function */
u32 (*mk_key) (const struct gss_krb5_enctype *gk5e,
@@ -98,12 +98,12 @@ struct krb5_ctx {
u32 enctype;
u32 flags;
const struct gss_krb5_enctype *gk5e; /* enctype-specific info */
-   struct crypto_blkcipher *enc;
-   struct crypto_blkcipher *seq;
-   struct crypto_blkcipher *acceptor_enc;
-   struct crypto_blkcipher *initiator_enc;
-   struct crypto_blkcipher *acceptor_enc_aux;
-   struct crypto_blkcipher *initiator_enc_aux;
+   struct crypto_skcipher  *enc;
+   struct crypto_skcipher  *seq;
+   struct crypto_skcipher *acceptor_enc;
+   struct crypto_skcipher *initiator_enc;
+   struct crypto_skcipher *acceptor_enc_aux;
+   struct crypto_skcipher *initiator_enc_aux;
u8  Ksess[GSS_KRB5_MAX_KEYLEN]; /* session key */
u8  cksum[GSS_KRB5_MAX_KEYLEN];
s32 endtime;
@@ -262,24 +262,24 @@ gss_unwrap_kerberos(struct gss_ctx *ctx_id, int offset,
 
 
 u32
-krb5_encrypt(struct crypto_blkcipher *key,
+krb5_encrypt(struct crypto_skcipher *key,
 void *iv, void *in, void *out, int length);
 
 u32
-krb5_decrypt(struct crypto_blkcipher *key,
+krb5_decrypt(struct crypto_skcipher *key,
 void *iv, void *in, void *out, int length); 
 
 int
-gss_encrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *outbuf,
+gss_encrypt_xdr_buf(struct crypto_skcipher *tfm, struct xdr_buf *outbuf,
int offset, struct page **pages);
 
 int
-gss_decrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *inbuf,
+gss_decrypt_xdr_buf(struct crypto_skcipher *tfm, struct xdr_buf *inbuf,
int offset);
 
 s32
 krb5_make_seq_num(struct krb5_ctx *kctx,
-   struct crypto_blkcipher *key,
+   struct crypto_skcipher *key,
int direction,
u32 seqnum, unsigned char *cksum, unsigned char *buf);
 
@@ -320,12 +320,12 @@ gss_krb5_aes_decrypt(struct krb5_ctx *kctx, u32 offset,
 
 int
 krb5_rc4_setup_seq_key(struct krb5_ctx *kctx,
-  struct crypto_blkcipher *cipher,
+  struct crypto_skcipher *cipher,
   unsigned char *cksum);
 
 int
 krb5_rc4_setup_enc_key(struct krb5_ctx *kctx,
-  struct crypto_blkcipher *cipher,
+  struct crypto_skcipher *cipher,
   s32 seqnum);
 void
 gss_krb5_make_confounder(char *p, u32 conflen);
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c 
b/net/sunrpc/auth_gss/gss_krb5_crypto.c
index fee3c15..d94a8e1 100644
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
@@ -34,11 +34,12 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
+#include 
+#include 
 #include 
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -51,7 +52,7 @@
 
 u32
 krb5_encrypt(
-   struct crypto_blkcipher *tfm,
+   struct crypto_skcipher *tfm,
void * iv,
void * in,
void * out,
@@ -60,24 +61,28 @@ krb5_encrypt(
u32 ret = -EINVAL;
struct scatterlist sg[1];
u8 local_iv[GSS_KRB5_MAX_BLOCKSIZE] = {0};
-   struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv };
+   SKCIPHER_REQUEST_ON_STACK(req, 

[PATCH 19/26] ipsec: Use skcipher and ahash when probing algorithms

[Herbert Xu]

This patch removes the last reference to hash and ablkcipher from
IPsec and replaces them with ahash and skcipher respectively.  For
skcipher there is currently no difference at all, while for ahash
the current code is actually buggy and would prevent asynchronous
algorithms from being discovered.

Signed-off-by: Herbert Xu 
---

 net/xfrm/xfrm_algo.c |7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c
index f07224d..250e567 100644
--- a/net/xfrm/xfrm_algo.c
+++ b/net/xfrm/xfrm_algo.c
@@ -9,6 +9,8 @@
  * any later version.
  */
 
+#include 
+#include 
 #include 
 #include 
 #include 
@@ -782,14 +784,13 @@ void xfrm_probe_algs(void)
BUG_ON(in_softirq());
 
for (i = 0; i < aalg_entries(); i++) {
-   status = crypto_has_hash(aalg_list[i].name, 0,
-CRYPTO_ALG_ASYNC);
+   status = crypto_has_ahash(aalg_list[i].name, 0, 0);
if (aalg_list[i].available != status)
aalg_list[i].available = status;
}
 
for (i = 0; i < ealg_entries(); i++) {
-   status = crypto_has_ablkcipher(ealg_list[i].name, 0, 0);
+   status = crypto_has_skcipher(ealg_list[i].name, 0, 0);
if (ealg_list[i].available != status)
ealg_list[i].available = status;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 8/26] cifs: Use skcipher

[Herbert Xu]

This patch replaces uses of blkcipher with skcipher.

Signed-off-by: Herbert Xu 
---

 fs/cifs/cifsencrypt.c |   32 +---
 fs/cifs/smbencrypt.c  |   26 +++---
 2 files changed, 40 insertions(+), 18 deletions(-)

diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index afa09fc..d411654 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -33,6 +33,7 @@
 #include 
 #include 
 #include 
+#include 
 
 static int
 cifs_crypto_shash_md5_allocate(struct TCP_Server_Info *server)
@@ -789,38 +790,46 @@ int
 calc_seckey(struct cifs_ses *ses)
 {
int rc;
-   struct crypto_blkcipher *tfm_arc4;
+   struct crypto_skcipher *tfm_arc4;
struct scatterlist sgin, sgout;
-   struct blkcipher_desc desc;
+   struct skcipher_request *req;
unsigned char sec_key[CIFS_SESS_KEY_SIZE]; /* a nonce */
 
get_random_bytes(sec_key, CIFS_SESS_KEY_SIZE);
 
-   tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
+   tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(tfm_arc4)) {
rc = PTR_ERR(tfm_arc4);
cifs_dbg(VFS, "could not allocate crypto API arc4\n");
return rc;
}
 
-   desc.tfm = tfm_arc4;
-
-   rc = crypto_blkcipher_setkey(tfm_arc4, ses->auth_key.response,
+   rc = crypto_skcipher_setkey(tfm_arc4, ses->auth_key.response,
CIFS_SESS_KEY_SIZE);
if (rc) {
cifs_dbg(VFS, "%s: Could not set response as a key\n",
 __func__);
-   return rc;
+   goto out_free_cipher;
+   }
+
+   req = skcipher_request_alloc(tfm_arc4, GFP_KERNEL);
+   if (!req) {
+   rc = -ENOMEM;
+   cifs_dbg(VFS, "could not allocate crypto API arc4 request\n");
+   goto out_free_cipher;
}
 
sg_init_one(, sec_key, CIFS_SESS_KEY_SIZE);
sg_init_one(, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE);
 
-   rc = crypto_blkcipher_encrypt(, , , CIFS_CPHTXT_SIZE);
+   skcipher_request_set_callback(req, 0, NULL, NULL);
+   skcipher_request_set_crypt(req, , , CIFS_CPHTXT_SIZE, NULL);
+
+   rc = crypto_skcipher_encrypt(req);
+   skcipher_request_free(req);
if (rc) {
cifs_dbg(VFS, "could not encrypt session key rc: %d\n", rc);
-   crypto_free_blkcipher(tfm_arc4);
-   return rc;
+   goto out_free_cipher;
}
 
/* make secondary_key/nonce as session key */
@@ -828,7 +837,8 @@ calc_seckey(struct cifs_ses *ses)
/* and make len as that of session key only */
ses->auth_key.len = CIFS_SESS_KEY_SIZE;
 
-   crypto_free_blkcipher(tfm_arc4);
+out_free_cipher:
+   crypto_free_skcipher(tfm_arc4);
 
return rc;
 }
diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c
index a4232ec..699b786 100644
--- a/fs/cifs/smbencrypt.c
+++ b/fs/cifs/smbencrypt.c
@@ -23,6 +23,7 @@
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 
+#include 
 #include 
 #include 
 #include 
@@ -70,31 +71,42 @@ smbhash(unsigned char *out, const unsigned char *in, 
unsigned char *key)
 {
int rc;
unsigned char key2[8];
-   struct crypto_blkcipher *tfm_des;
+   struct crypto_skcipher *tfm_des;
struct scatterlist sgin, sgout;
-   struct blkcipher_desc desc;
+   struct skcipher_request *req;
 
str_to_key(key, key2);
 
-   tfm_des = crypto_alloc_blkcipher("ecb(des)", 0, CRYPTO_ALG_ASYNC);
+   tfm_des = crypto_alloc_skcipher("ecb(des)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(tfm_des)) {
rc = PTR_ERR(tfm_des);
cifs_dbg(VFS, "could not allocate des crypto API\n");
goto smbhash_err;
}
 
-   desc.tfm = tfm_des;
+   req = skcipher_request_alloc(tfm_des, GFP_KERNEL);
+   if (!req) {
+   rc = -ENOMEM;
+   cifs_dbg(VFS, "could not allocate des crypto API\n");
+   goto smbhash_free_skcipher;
+   }
 
-   crypto_blkcipher_setkey(tfm_des, key2, 8);
+   crypto_skcipher_setkey(tfm_des, key2, 8);
 
sg_init_one(, in, 8);
sg_init_one(, out, 8);
 
-   rc = crypto_blkcipher_encrypt(, , , 8);
+   skcipher_request_set_callback(req, 0, NULL, NULL);
+   skcipher_request_set_crypt(req, , , 8, NULL);
+
+   rc = crypto_skcipher_encrypt(req);
if (rc)
cifs_dbg(VFS, "could not encrypt crypt key rc: %d\n", rc);
 
-   crypto_free_blkcipher(tfm_des);
+   skcipher_request_free(req);
+
+smbhash_free_skcipher:
+   crypto_free_skcipher(tfm_des);
 smbhash_err:
return rc;
 }
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  

[PATCH 24/26] nfsd: Use shash

[Herbert Xu]

This patch replaces uses of the long obsolete hash interface with
shash.

Signed-off-by: Herbert Xu 
---

 fs/nfsd/nfs4recover.c |   28 +---
 1 file changed, 17 insertions(+), 11 deletions(-)

diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index 79f0307..a79c150 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -32,10 +32,10 @@
 *
 */
 
+#include 
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -104,29 +104,35 @@ static int
 nfs4_make_rec_clidname(char *dname, const struct xdr_netobj *clname)
 {
struct xdr_netobj cksum;
-   struct hash_desc desc;
-   struct scatterlist sg;
+   struct crypto_shash *tfm;
int status;
 
dprintk("NFSD: nfs4_make_rec_clidname for %.*s\n",
clname->len, clname->data);
-   desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
-   desc.tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);
-   if (IS_ERR(desc.tfm)) {
-   status = PTR_ERR(desc.tfm);
+   tfm = crypto_alloc_shash("md5", 0, 0);
+   if (IS_ERR(tfm)) {
+   status = PTR_ERR(tfm);
goto out_no_tfm;
}
 
-   cksum.len = crypto_hash_digestsize(desc.tfm);
+   cksum.len = crypto_shash_digestsize(tfm);
cksum.data = kmalloc(cksum.len, GFP_KERNEL);
if (cksum.data == NULL) {
status = -ENOMEM;
goto out;
}
 
-   sg_init_one(, clname->data, clname->len);
+   {
+   SHASH_DESC_ON_STACK(desc, tfm);
+
+   desc->tfm = tfm;
+   desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+
+   status = crypto_shash_digest(desc, clname->data, clname->len,
+cksum.data);
+   shash_desc_zero(desc);
+   }
 
-   status = crypto_hash_digest(, , sg.length, cksum.data);
if (status)
goto out;
 
@@ -135,7 +141,7 @@ nfs4_make_rec_clidname(char *dname, const struct xdr_netobj 
*clname)
status = 0;
 out:
kfree(cksum.data);
-   crypto_free_hash(desc.tfm);
+   crypto_free_shash(tfm);
 out_no_tfm:
return status;
 }
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 9/26] eCryptfs: Use skcipher and shash

[kbuild test robot]

Hi Herbert,

[auto build test ERROR on net/master]
[also build test ERROR on v4.4 next-20160122]
[if your patch is applied to the wrong git tree, please drop us a note to help 
improving the system]

url:
https://github.com/0day-ci/linux/commits/Herbert-Xu/crypto-Use-skcipher-and-ahash-shash-where-possible/20160124-212323
config: x86_64-randconfig-x012-201604 (attached as .config)
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64 

All error/warnings (new ones prefixed by >>):

   fs/ecryptfs/crypto.c: In function 'ecryptfs_hash_digest':
>> fs/ecryptfs/crypto.c:87:2: error: implicit declaration of function 
>> 'shash_desc_zero' [-Werror=implicit-function-declaration]
 shash_desc_zero(desc);
 ^
   fs/ecryptfs/crypto.c: In function 'ecryptfs_process_key_cipher':
>> fs/ecryptfs/crypto.c:1614:15: error: implicit declaration of function 
>> 'crypto_skcipher_default_keysize' [-Werror=implicit-function-declaration]
  *key_size = crypto_skcipher_default_keysize(*key_tfm);
  ^
   cc1: some warnings being treated as errors
--
   fs/ecryptfs/keystore.c: In function 'ecryptfs_write_tag_70_packet':
>> fs/ecryptfs/keystore.c:700:10: error: implicit declaration of function 
>> 'crypto_skcipher_driver_name' [-Werror=implicit-function-declaration]
 crypto_skcipher_driver_name(s->skcipher_tfm));
 ^
   In file included from include/linux/printk.h:6:0,
from include/linux/kernel.h:13,
from include/linux/crypto.h:21,
from include/crypto/hash.h:16,
from fs/ecryptfs/keystore.c:28:
>> include/linux/kern_levels.h:4:18: warning: format '%s' expects argument of 
>> type 'char *', but argument 3 has type 'int' [-Wformat=]
#define KERN_SOH "\001"  /* ASCII Start Of Header */
 ^
   include/linux/kern_levels.h:10:18: note: in expansion of macro 'KERN_SOH'
#define KERN_ERR KERN_SOH "3" /* error conditions */
 ^
>> fs/ecryptfs/keystore.c:698:10: note: in expansion of macro 'KERN_ERR'
  printk(KERN_ERR "%s: Out of kernel memory whilst attempting to "
 ^
   fs/ecryptfs/keystore.c: In function 'ecryptfs_parse_tag_70_packet':
>> include/linux/kern_levels.h:4:18: warning: format '%s' expects argument of 
>> type 'char *', but argument 3 has type 'int' [-Wformat=]
#define KERN_SOH "\001"  /* ASCII Start Of Header */
 ^
   include/linux/kern_levels.h:10:18: note: in expansion of macro 'KERN_SOH'
#define KERN_ERR KERN_SOH "3" /* error conditions */
 ^
   fs/ecryptfs/keystore.c:1031:10: note: in expansion of macro 'KERN_ERR'
  printk(KERN_ERR "%s: Out of kernel memory whilst attempting to "
 ^
   fs/ecryptfs/keystore.c: In function 
'decrypt_passphrase_encrypted_session_key':
>> include/linux/kern_levels.h:4:18: warning: format '%s' expects argument of 
>> type 'char *', but argument 3 has type 'int' [-Wformat=]
#define KERN_SOH "\001"  /* ASCII Start Of Header */
 ^
   include/linux/kern_levels.h:10:18: note: in expansion of macro 'KERN_SOH'
#define KERN_ERR KERN_SOH "3" /* error conditions */
 ^
   fs/ecryptfs/keystore.c:1722:10: note: in expansion of macro 'KERN_ERR'
  printk(KERN_ERR "%s: Out of kernel memory whilst attempting to "
 ^
   fs/ecryptfs/keystore.c: In function 'write_tag_3_packet':
>> fs/ecryptfs/keystore.c:2232:10: error: implicit declaration of function 
>> 'crypto_skcipher_default_keysize' [-Werror=implicit-function-declaration]
 crypto_skcipher_default_keysize(tfm));
 ^
   In file included from fs/ecryptfs/keystore.c:36:0:
>> include/linux/kern_levels.h:4:18: warning: format '%s' expects argument of 
>> type 'char *', but argument 3 has type 'int' [-Wformat=]
#define KERN_SOH "\001"  /* ASCII Start Of Header */
 ^
   fs/ecryptfs/ecryptfs_kernel.h:530:27: note: in definition of macro 
'ecryptfs_printk'
__ecryptfs_printk(type "%s: " fmt, __func__, ## arg);
  ^
   include/linux/kern_levels.h:10:18: note: in expansion of macro 'KERN_SOH'
#define KERN_ERR KERN_SOH "3" /* error conditions */
 ^
   fs/ecryptfs/keystore.c:2316:19: note: in expansion of macro 'KERN_ERR'
  ecryptfs_printk(KERN_ERR, "Out of kernel memory whilst "
  ^
   cc1: some warnings being treated as errors

vim +/shash_desc_zero +87 fs/ecryptfs/crypto.c

81  SHASH_DESC_ON_STACK(desc, tfm);
82  int err;
83  
84  desc->tfm = tfm;
85  desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
  

Re: [PATCH 1/26] block: cryptoloop - Use new skcipher interface

[Herbert Xu]

On Sun, Jan 24, 2016 at 09:37:33PM +0800, kbuild test robot wrote:
> 
> [auto build test ERROR on net/master]
> [also build test ERROR on v4.4 next-20160122]
> [if your patch is applied to the wrong git tree, please drop us a note to 
> help improving the system]

These patches depend on the two helpers that I posted yesterday
so unfortunately we'll be getting quite a few build errors from
the bot.

Cheers,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 4/26] dm crypt: Use skcipher and ahash

[kbuild test robot]

Hi Herbert,

[auto build test ERROR on net/master]
[also build test ERROR on v4.4 next-20160122]
[if your patch is applied to the wrong git tree, please drop us a note to help 
improving the system]

url:
https://github.com/0day-ci/linux/commits/Herbert-Xu/crypto-Use-skcipher-and-ahash-shash-where-possible/20160124-212323
config: x86_64-randconfig-x014-201604 (attached as .config)
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64 

All errors (new ones prefixed by >>):

   drivers/md/dm-crypt.c: In function 'crypt_iv_essiv_init':
>> drivers/md/dm-crypt.c:278:2: error: implicit declaration of function 
>> 'ahash_request_zero' [-Werror=implicit-function-declaration]
 ahash_request_zero(req);
 ^
   cc1: some warnings being treated as errors

vim +/ahash_request_zero +278 drivers/md/dm-crypt.c

   272  sg_init_one(, cc->key, cc->key_size);
   273  ahash_request_set_tfm(req, essiv->hash_tfm);
   274  ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, 
NULL);
   275  ahash_request_set_crypt(req, , essiv->salt, cc->key_size);
   276  
   277  err = crypto_ahash_digest(req);
 > 278  ahash_request_zero(req);
   279  if (err)
   280  return err;
   281  

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation


.config.gz
Description: Binary data

Re: [PATCH 19/26] ipsec: Use skcipher and ahash when probing algorithms

[kbuild test robot]

Hi Herbert,

[auto build test ERROR on net/master]
[also build test ERROR on v4.4 next-20160122]
[if your patch is applied to the wrong git tree, please drop us a note to help 
improving the system]

url:
https://github.com/0day-ci/linux/commits/Herbert-Xu/crypto-Use-skcipher-and-ahash-shash-where-possible/20160124-212323
config: x86_64-randconfig-x014-201604 (attached as .config)
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64 

All errors (new ones prefixed by >>):

   net/xfrm/xfrm_algo.c: In function 'xfrm_probe_algs':
>> net/xfrm/xfrm_algo.c:787:12: error: implicit declaration of function 
>> 'crypto_has_ahash' [-Werror=implicit-function-declaration]
  status = crypto_has_ahash(aalg_list[i].name, 0, 0);
   ^
   cc1: some warnings being treated as errors

vim +/crypto_has_ahash +787 net/xfrm/xfrm_algo.c

   781  {
   782  int i, status;
   783  
   784  BUG_ON(in_softirq());
   785  
   786  for (i = 0; i < aalg_entries(); i++) {
 > 787  status = crypto_has_ahash(aalg_list[i].name, 0, 0);
   788  if (aalg_list[i].available != status)
   789  aalg_list[i].available = status;
   790  }

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation


.config.gz
Description: Binary data

Re: [PATCH 19/26] ipsec: Use skcipher and ahash when probing algorithms

[David Miller]

From: Herbert Xu 
Date: Sun, 24 Jan 2016 21:19:11 +0800

> This patch removes the last reference to hash and ablkcipher from
> IPsec and replaces them with ahash and skcipher respectively.  For
> skcipher there is currently no difference at all, while for ahash
> the current code is actually buggy and would prevent asynchronous
> algorithms from being discovered.
> 
> Signed-off-by: Herbert Xu 

Acked-by: David S. Miller 
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 25/26] sctp: Use shash

[David Miller]

From: Herbert Xu 
Date: Sun, 24 Jan 2016 21:20:12 +0800

> This patch replaces uses of the long obsolete hash interface with
> shash.
> 
> Signed-off-by: Herbert Xu 

Acked-by: David S. Miller 
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v1] crypto: ccp - Add hash state import and export support

[Herbert Xu]

On Fri, Jan 22, 2016 at 11:22:48AM -0600, Tom Lendacky wrote:
> On 01/12/2016 11:17 AM, Tom Lendacky wrote:
> > Commit 8996eafdcbad ("crypto: ahash - ensure statesize is non-zero")
> > added a check to prevent ahash algorithms from successfully registering
> > if the import and export functions were not implemented. This prevents
> > an oops in the hash_accept function of algif_hash. This commit causes
> > the ccp-crypto module SHA support and AES CMAC support from successfully
> > registering and causing the ccp-crypto module load to fail because the
> > ahash import and export functions are not implemented.
> > 
> > Update the CCP Crypto API support to provide import and export support
> > for ahash algorithms.
> > 
> > Cc:  # 3.14.x-
> > Signed-off-by: Tom Lendacky 
> 
> Herbert, is it possible this patch can be part of Crypto Fixes for 4.5?

While your patch is probably OK the rctx structure just contains
too much crap for me to feel safe about pushing this in at this
point in time.  So I'd like to have it cook for another cycle.

The reason I'm overly cautious is because import/export is directly
exposed to user-space so if we get this wrong then we may open
up a root hole.

Cheers,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 0/5] crypto: atmel-sha: fix registration issue and other bugs

[Herbert Xu]

On Fri, Jan 22, 2016 at 05:52:45PM +0100, Nicolas Ferre wrote:
> Le 15/01/2016 15:49, Cyrille Pitchen a écrit :
> > Hi all,
> > 
> > This series of patches fixes many issues such as the algo registration 
> > failure
> > or the broken support of context switches.
> 
> I think it's eligible as a "fixes" series for 4.5... Herbert, is the
> whole series can be queued as fixes, in your opinion?

Sorry, but I'd prefer to postpone this til the next cycle as it
came in too close to the cut-off mark.  This code is directly
accessible by unprivileged users so I'd like it to cook for a
bit longer.

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 0/2] crypto: caam - performance fixes/improvements

[Herbert Xu]

On Fri, Jan 22, 2016 at 04:52:36PM +, Horia Ioan Geanta Neag wrote:
> Herbert, I see that you've sent the crypto fixes for 4.5 pull request.
> Any reason why these patches were not included?
> I was expecting at least the first one to get it, it's even Cc-ing stable.

Well the second patch is definitely too late for 4.5. In future
please don't bundle patches together unless they are all obviously
critical bug fixes or they may all be postponed to the next merge
window.

I'll look at the first patch again.

Cheers,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 15/26] Bluetooth: Use skcipher and hash

[Marcel Holtmann]

Hi Herbert,

> This patch replaces uses of blkcipher with skcipher and the long
> obsolete hash interface with shash.
> 
> Signed-off-by: Herbert Xu 

Acked-by: Marcel Holtmann 

> ---
> 
> net/bluetooth/smp.c |  135 
> 
> 1 file changed, 63 insertions(+), 72 deletions(-)

Regards

Marcel

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 26/26] tcp: Use ahash

[David Miller]

From: Herbert Xu 
Date: Sun, 24 Jan 2016 21:20:23 +0800

> This patch replaces uses of the long obsolete hash interface with
> ahash.
> 
> Signed-off-by: Herbert Xu 

Acked-by: David S. Miller 
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 5/5] crypto: atmel-sha: fix algorihtm registration

[Herbert Xu]

On Fri, Jan 15, 2016 at 03:49:35PM +0100, Cyrille Pitchen wrote:
>
> +static int atmel_sha_export(struct ahash_request *req, void *out)
> +{
> + const struct atmel_sha_reqctx *ctx = ahash_request_ctx(req);
> + struct atmel_sha_state *state = out;
> +
> + memcpy(state->digest, ctx->digest, SHA512_DIGEST_SIZE);
> + memcpy(state->buffer, ctx->buffer, ctx->bufcnt);
> + state->bufcnt = ctx->bufcnt;
> + state->digcnt[0] = ctx->digcnt[0];
> + state->digcnt[1] = ctx->digcnt[1];
> + return 0;
> +}

Hmm, you're assuming that out is aligned but that is not necessarily
the case.  Ditto for import.

Cheers,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 9/26] eCryptfs: Use skcipher and shash

[Julia Lawall]

Maybe the goto on line 1726 needs a preceding mutex_unlock?

julia

On Mon, 25 Jan 2016, kbuild test robot wrote:

> Hi Herbert,
>
> [auto build test WARNING on net/master]
> [also build test WARNING on v4.4 next-20160122]
> [if your patch is applied to the wrong git tree, please drop us a note to 
> help improving the system]
>
> url:
> https://github.com/0day-ci/linux/commits/Herbert-Xu/crypto-Use-skcipher-and-ahash-shash-where-possible/20160124-212323
> :: branch date: 5 hours ago
> :: commit date: 5 hours ago
>
> >> fs/ecryptfs/keystore.c:1761:1-7: preceding lock on line 1719
>
> git remote add linux-review https://github.com/0day-ci/linux
> git remote update linux-review
> git checkout 0186bf144c1f96606f491be0e7ed47b79ea0d285
> vim +1761 fs/ecryptfs/keystore.c
>
> ac97b9f9 Michael Halcrow 2008-11-19  1713 if (rc < 1 || rc > 2) {
> f4aad16a Michael Halcrow 2007-10-16  1714 printk(KERN_ERR 
> "Internal error whilst attempting to convert "
> f4aad16a Michael Halcrow 2007-10-16  1715 
> "auth_tok->session_key.decrypted_key to scatterlist; "
> f4aad16a Michael Halcrow 2007-10-16  1716 "expected rc = 
> 1; got rc = [%d]\n", rc);
> f4aad16a Michael Halcrow 2007-10-16  1717 goto out;
> 237fead6 Michael Halcrow 2006-10-04  1718 }
> 237fead6 Michael Halcrow 2006-10-04 @1719 mutex_lock(tfm_mutex);
> 0186bf14 Herbert Xu  2016-01-24  1720 req = 
> skcipher_request_alloc(tfm, GFP_KERNEL);
> 0186bf14 Herbert Xu  2016-01-24  1721 if (!req) {
> 0186bf14 Herbert Xu  2016-01-24  1722 printk(KERN_ERR "%s: 
> Out of kernel memory whilst attempting to "
> 0186bf14 Herbert Xu  2016-01-24  1723
> "skcipher_request_alloc for %s\n", __func__,
> 0186bf14 Herbert Xu  2016-01-24  1724
> crypto_skcipher_driver_name(tfm));
> 0186bf14 Herbert Xu  2016-01-24  1725 rc = -ENOMEM;
> 0186bf14 Herbert Xu  2016-01-24  1726 goto out;
> 0186bf14 Herbert Xu  2016-01-24  1727 }
> 0186bf14 Herbert Xu  2016-01-24  1728
> 0186bf14 Herbert Xu  2016-01-24  1729 
> skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP,
> 0186bf14 Herbert Xu  2016-01-24  1730   
> NULL, NULL);
> 0186bf14 Herbert Xu  2016-01-24  1731 rc = crypto_skcipher_setkey(
> 0186bf14 Herbert Xu  2016-01-24  1732 tfm, 
> auth_tok->token.password.session_key_encryption_key,
> 237fead6 Michael Halcrow 2006-10-04  1733 crypt_stat->key_size);
> f4aad16a Michael Halcrow 2007-10-16  1734 if (unlikely(rc < 0)) {
> f4aad16a Michael Halcrow 2007-10-16  1735 mutex_unlock(tfm_mutex);
> e5d9cbde Michael Halcrow 2006-10-30  1736 printk(KERN_ERR "Error 
> setting key for crypto context\n");
> e5d9cbde Michael Halcrow 2006-10-30  1737 rc = -EINVAL;
> f4aad16a Michael Halcrow 2007-10-16  1738 goto out;
> 237fead6 Michael Halcrow 2006-10-04  1739 }
> 0186bf14 Herbert Xu  2016-01-24  1740 skcipher_request_set_crypt(req, 
> src_sg, dst_sg,
> 0186bf14 Herbert Xu  2016-01-24  1741
> auth_tok->session_key.encrypted_key_size,
> 0186bf14 Herbert Xu  2016-01-24  1742
> NULL);
> 0186bf14 Herbert Xu  2016-01-24  1743 rc = 
> crypto_skcipher_decrypt(req);
> f4aad16a Michael Halcrow 2007-10-16  1744 mutex_unlock(tfm_mutex);
> f4aad16a Michael Halcrow 2007-10-16  1745 if (unlikely(rc)) {
> 8bba066f Michael Halcrow 2006-10-30  1746 printk(KERN_ERR "Error 
> decrypting; rc = [%d]\n", rc);
> f4aad16a Michael Halcrow 2007-10-16  1747 goto out;
> 8bba066f Michael Halcrow 2006-10-30  1748 }
> 237fead6 Michael Halcrow 2006-10-04  1749 auth_tok->session_key.flags |= 
> ECRYPTFS_CONTAINS_DECRYPTED_KEY;
> 237fead6 Michael Halcrow 2006-10-04  1750 memcpy(crypt_stat->key, 
> auth_tok->session_key.decrypted_key,
> 237fead6 Michael Halcrow 2006-10-04  1751
> auth_tok->session_key.decrypted_key_size);
> e2bd99ec Michael Halcrow 2007-02-12  1752 crypt_stat->flags |= 
> ECRYPTFS_KEY_VALID;
> f4aad16a Michael Halcrow 2007-10-16  1753 if (unlikely(ecryptfs_verbosity 
> > 0)) {
> f24b3887 Tyler Hicks 2010-11-15  1754 
> ecryptfs_printk(KERN_DEBUG, "FEK of size [%zd]:\n",
> f4aad16a Michael Halcrow 2007-10-16  1755 
> crypt_stat->key_size);
> 237fead6 Michael Halcrow 2006-10-04  1756 
> ecryptf

Re: [PATCH 6/26] staging: rtl8192u: Use skcipher and ahash

[Greg KH]

On Sun, Jan 24, 2016 at 09:16:57PM +0800, Herbert Xu wrote:
> This patch replaces uses of blkcipher with skcipher, and the long
> obsolete hash interface with ahash.
> 
> Signed-off-by: Herbert Xu 
> ---
> 
>  drivers/staging/rtl8192u/ieee80211/ieee80211_crypt_tkip.c |   92 
> +++---
>  drivers/staging/rtl8192u/ieee80211/ieee80211_crypt_wep.c  |   46 ---
>  2 files changed, 81 insertions(+), 57 deletions(-)

Acked-by: Greg Kroah-Hartman 
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 3/26] staging: rtl8192e: Replace uses of obsolete blkcipher and hash

[Greg KH]

On Sun, Jan 24, 2016 at 09:16:26PM +0800, Herbert Xu wrote:
> The interfaces blkcipher and hash are obsolete.  This patch replaces
> them with skcipher and ahash respectively.
> 
> Signed-off-by: Herbert Xu 
> ---
> 
>  drivers/staging/rtl8192e/rtllib_crypt_tkip.c |   99 
> ++-
>  drivers/staging/rtl8192e/rtllib_crypt_wep.c  |   48 +++--
>  2 files changed, 82 insertions(+), 65 deletions(-)

Acked-by: Greg Kroah-Hartman 
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html