linux/include/crypto/internal/skcipher.h, branch v3.13.2Linux kernel source treehttps://git.amat.us/linux/atom/include/crypto/internal/skcipher.h?h=v3.13.22012-03-29T11:52:47Zcrypto: user - Fix lookup of algorithms with IV generator2012-03-29T11:52:47ZSteffen Klassertsteffen.klassert@secunet.com2012-03-29T07:03:47Zurn:sha1:1e1229940045a537c61fb69f86010a8774e576d0
We lookup algorithms with crypto_alg_mod_lookup() when instantiating via
crypto_add_alg(). However, algorithms that are wrapped by an IV genearator
(e.g. aead or genicv type algorithms) need special care. The userspace
process hangs until it gets a timeout when we use crypto_alg_mod_lookup()
to lookup these algorithms. So export the lookup functions for these
algorithms and use them in crypto_add_alg().
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: skcipher - Fix skcipher_dequeue_givcrypt NULL test2009-08-29T10:44:04ZHerbert Xuherbert@gondor.apana.org.au2009-08-29T10:44:04Zurn:sha1:0c7d400fafaeab6014504a6a6249f01bac7f7db4
As struct skcipher_givcrypt_request includes struct crypto_request
at a non-zero offset, testing for NULL after converting the pointer
returned by crypto_dequeue_request does not work. This can result
in IPsec crashes when the queue is depleted.
This patch fixes it by doing the pointer conversion only when the
return value is non-NULL. In particular, we create a new function
__crypto_dequeue_request that does the pointer conversion.
Reported-by: Brad Bosch <bradbosch@comcast.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: skcipher - Move IV generators into their own modules2008-08-29T05:50:00ZHerbert Xuherbert@gondor.apana.org.au2008-08-17T08:04:30Zurn:sha1:5be5e667a9a5d8d5553e009e67bc692d95e5916a
This patch moves the default IV generators into their own modules
in order to break a dependency loop between cryptomgr, rng, and
blkcipher.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] skcipher: Fix section mismatches2008-03-08T12:29:43ZHerbert Xuherbert@gondor.apana.org.au2008-03-08T12:29:43Zurn:sha1:f13ba2f7d3a877967477ec8f64e1dae7a967c7e2
The previous patch to move chainiv and eseqiv into blkcipher created
a section mismatch for the chainiv exit function which was also called
from __init. This patch removes the __exit marking on it.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] skcipher: Move chainiv/seqiv into crypto_blkcipher module2008-02-23T03:12:06ZHerbert Xuherbert@gondor.apana.org.au2008-02-23T03:12:06Zurn:sha1:76fc60a2e3c6aa6e98cd3a5cb81a1855c637b274
For compatibility with dm-crypt initramfs setups it is useful to merge
chainiv/seqiv into the crypto_blkcipher module. Since they're required
by most algorithms anyway this is an acceptable trade-off.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] chainiv: Avoid lock spinning where possible2008-01-10T21:16:55ZHerbert Xuherbert@gondor.apana.org.au2007-12-14T14:28:14Zurn:sha1:e7cd2514ea506f06bd4f7b13a9b62afd60f9c73b
This patch makes chainiv avoid spinning by postponing requests on lock
contention if the user allows the use of asynchronous algorithms. If
a synchronous algorithm is requested then we behave as before.
This should improve IPsec performance on SMP when two CPUs attempt to
transmit over the same SA. Currently one of them will spin doing nothing
waiting for the other CPU to finish its encryption. This patch makes it
postpone the request and get on with other work.
If only one CPU is transmitting for a given SA, then we will process
the request synchronously as before.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] null: Add null blkcipher algorithm2008-01-10T21:16:53ZHerbert Xuherbert@gondor.apana.org.au2007-12-13T14:28:59Zurn:sha1:3631c650c495d61b1dabf32eb26b46873636e918
This patch adds a null blkcipher algorithm called ecb(cipher_null) for
backwards compatibility. Previously the null algorithm when used by
IPsec copied the data byte by byte. This new algorithm optimises that
to a straight memcpy which lets us better measure inherent overheads in
our IPsec code.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] skcipher: Create default givcipher instances2008-01-10T21:16:46ZHerbert Xuherbert@gondor.apana.org.au2007-12-04T01:46:48Zurn:sha1:b9c55aa475599183d0eab6833ea23e70c52dd24b
This patch makes crypto_alloc_ablkcipher/crypto_grab_skcipher always
return algorithms that are capable of generating their own IVs through
givencrypt and givdecrypt. Each algorithm may specify its default IV
generator through the geniv field.
For algorithms that do not set the geniv field, the blkcipher layer will
pick a default. Currently it's chainiv for synchronous algorithms and
eseqiv for asynchronous algorithms. Note that if these wrappers do not
work on an algorithm then that algorithm must specify its own geniv or
it can't be used at all.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] skcipher: Added skcipher_givcrypt_complete2008-01-10T21:16:45ZHerbert Xuherbert@gondor.apana.org.au2007-11-30T09:17:28Zurn:sha1:15c67286685cddce207b646306e8819ec8268ede
This patch adds the helper skcipher_givcrypt_complete which should be
called when an ablkcipher algorithm has completed a givcrypt request.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] skcipher: Add skcipher_geniv_alloc/skcipher_geniv_free2008-01-10T21:16:44ZHerbert Xuherbert@gondor.apana.org.au2007-12-05T10:08:36Zurn:sha1:ecfc43292f68566c144afca966b46b371c26d56c
This patch creates the infrastructure to help the construction of givcipher
templates that wrap around existing blkcipher/ablkcipher algorithms by adding
an IV generator to them.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>