| Message ID | 20191014121910.7264-1-ard.biesheuvel@linaro.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | crypto: convert h/w accelerator driver to skcipher API | expand |
Copy Marek who is the author of the driver. Shawn On Mon, Oct 14, 2019 at 02:19:01PM +0200, Ard Biesheuvel wrote: > Commit 7a7ffe65c8c5 ("crypto: skcipher - Add top-level skcipher interface") > dated 20 august 2015 introduced the new skcipher API which is supposed to > replace both blkcipher and ablkcipher. While all consumers of the API have > been converted long ago, some producers of the ablkcipher remain, forcing > us to keep the ablkcipher support routines alive, along with the matching > code to expose [a]blkciphers via the skcipher API. > > So switch this driver to the skcipher API, allowing us to finally drop the > blkcipher code in the near future. > > Cc: Shawn Guo <shawnguo@kernel.org> > Cc: Sascha Hauer <s.hauer@pengutronix.de> > Cc: Pengutronix Kernel Team <kernel@pengutronix.de> > Cc: Fabio Estevam <festevam@gmail.com> > Cc: NXP Linux Team <linux-imx@nxp.com> > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> > --- > drivers/crypto/mxs-dcp.c | 140 +++++++++----------- > 1 file changed, 65 insertions(+), 75 deletions(-) > > diff --git a/drivers/crypto/mxs-dcp.c b/drivers/crypto/mxs-dcp.c > index bf8d2197bc11..f438b425c655 100644 > --- a/drivers/crypto/mxs-dcp.c > +++ b/drivers/crypto/mxs-dcp.c > @@ -211,11 +211,11 @@ static int mxs_dcp_start_dma(struct dcp_async_ctx *actx) > * Encryption (AES128) > */ > static int mxs_dcp_run_aes(struct dcp_async_ctx *actx, > - struct ablkcipher_request *req, int init) > + struct skcipher_request *req, int init) > { > struct dcp *sdcp = global_sdcp; > struct dcp_dma_desc *desc = &sdcp->coh->desc[actx->chan]; > - struct dcp_aes_req_ctx *rctx = ablkcipher_request_ctx(req); > + struct dcp_aes_req_ctx *rctx = skcipher_request_ctx(req); > int ret; > > dma_addr_t key_phys = dma_map_single(sdcp->dev, sdcp->coh->aes_key, > @@ -274,9 +274,9 @@ static int mxs_dcp_aes_block_crypt(struct crypto_async_request *arq) > { > struct dcp *sdcp = global_sdcp; > > - struct ablkcipher_request *req = ablkcipher_request_cast(arq); > + struct skcipher_request *req = skcipher_request_cast(arq); > struct dcp_async_ctx *actx = crypto_tfm_ctx(arq->tfm); > - struct dcp_aes_req_ctx *rctx = ablkcipher_request_ctx(req); > + struct dcp_aes_req_ctx *rctx = skcipher_request_ctx(req); > > struct scatterlist *dst = req->dst; > struct scatterlist *src = req->src; > @@ -305,7 +305,7 @@ static int mxs_dcp_aes_block_crypt(struct crypto_async_request *arq) > > if (!rctx->ecb) { > /* Copy the CBC IV just past the key. */ > - memcpy(key + AES_KEYSIZE_128, req->info, AES_KEYSIZE_128); > + memcpy(key + AES_KEYSIZE_128, req->iv, AES_KEYSIZE_128); > /* CBC needs the INIT set. */ > init = 1; > } else { > @@ -316,10 +316,10 @@ static int mxs_dcp_aes_block_crypt(struct crypto_async_request *arq) > src_buf = sg_virt(src); > len = sg_dma_len(src); > tlen += len; > - limit_hit = tlen > req->nbytes; > + limit_hit = tlen > req->cryptlen; > > if (limit_hit) > - len = req->nbytes - (tlen - len); > + len = req->cryptlen - (tlen - len); > > do { > if (actx->fill + len > out_off) > @@ -375,10 +375,10 @@ static int mxs_dcp_aes_block_crypt(struct crypto_async_request *arq) > /* Copy the IV for CBC for chaining */ > if (!rctx->ecb) { > if (rctx->enc) > - memcpy(req->info, out_buf+(last_out_len-AES_BLOCK_SIZE), > + memcpy(req->iv, out_buf+(last_out_len-AES_BLOCK_SIZE), > AES_BLOCK_SIZE); > else > - memcpy(req->info, in_buf+(last_out_len-AES_BLOCK_SIZE), > + memcpy(req->iv, in_buf+(last_out_len-AES_BLOCK_SIZE), > AES_BLOCK_SIZE); > } > > @@ -422,17 +422,17 @@ static int dcp_chan_thread_aes(void *data) > return 0; > } > > -static int mxs_dcp_block_fallback(struct ablkcipher_request *req, int enc) > +static int mxs_dcp_block_fallback(struct skcipher_request *req, int enc) > { > - struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req); > - struct dcp_async_ctx *ctx = crypto_ablkcipher_ctx(tfm); > + struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); > + struct dcp_async_ctx *ctx = crypto_skcipher_ctx(tfm); > SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback); > int ret; > > skcipher_request_set_sync_tfm(subreq, ctx->fallback); > skcipher_request_set_callback(subreq, req->base.flags, NULL, NULL); > skcipher_request_set_crypt(subreq, req->src, req->dst, > - req->nbytes, req->info); > + req->cryptlen, req->iv); > > if (enc) > ret = crypto_skcipher_encrypt(subreq); > @@ -444,12 +444,12 @@ static int mxs_dcp_block_fallback(struct ablkcipher_request *req, int enc) > return ret; > } > > -static int mxs_dcp_aes_enqueue(struct ablkcipher_request *req, int enc, int ecb) > +static int mxs_dcp_aes_enqueue(struct skcipher_request *req, int enc, int ecb) > { > struct dcp *sdcp = global_sdcp; > struct crypto_async_request *arq = &req->base; > struct dcp_async_ctx *actx = crypto_tfm_ctx(arq->tfm); > - struct dcp_aes_req_ctx *rctx = ablkcipher_request_ctx(req); > + struct dcp_aes_req_ctx *rctx = skcipher_request_ctx(req); > int ret; > > if (unlikely(actx->key_len != AES_KEYSIZE_128)) > @@ -468,30 +468,30 @@ static int mxs_dcp_aes_enqueue(struct ablkcipher_request *req, int enc, int ecb) > return ret; > } > > -static int mxs_dcp_aes_ecb_decrypt(struct ablkcipher_request *req) > +static int mxs_dcp_aes_ecb_decrypt(struct skcipher_request *req) > { > return mxs_dcp_aes_enqueue(req, 0, 1); > } > > -static int mxs_dcp_aes_ecb_encrypt(struct ablkcipher_request *req) > +static int mxs_dcp_aes_ecb_encrypt(struct skcipher_request *req) > { > return mxs_dcp_aes_enqueue(req, 1, 1); > } > > -static int mxs_dcp_aes_cbc_decrypt(struct ablkcipher_request *req) > +static int mxs_dcp_aes_cbc_decrypt(struct skcipher_request *req) > { > return mxs_dcp_aes_enqueue(req, 0, 0); > } > > -static int mxs_dcp_aes_cbc_encrypt(struct ablkcipher_request *req) > +static int mxs_dcp_aes_cbc_encrypt(struct skcipher_request *req) > { > return mxs_dcp_aes_enqueue(req, 1, 0); > } > > -static int mxs_dcp_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, > +static int mxs_dcp_aes_setkey(struct crypto_skcipher *tfm, const u8 *key, > unsigned int len) > { > - struct dcp_async_ctx *actx = crypto_ablkcipher_ctx(tfm); > + struct dcp_async_ctx *actx = crypto_skcipher_ctx(tfm); > unsigned int ret; > > /* > @@ -525,10 +525,10 @@ static int mxs_dcp_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, > return ret; > } > > -static int mxs_dcp_aes_fallback_init(struct crypto_tfm *tfm) > +static int mxs_dcp_aes_fallback_init_tfm(struct crypto_skcipher *tfm) > { > - const char *name = crypto_tfm_alg_name(tfm); > - struct dcp_async_ctx *actx = crypto_tfm_ctx(tfm); > + const char *name = crypto_tfm_alg_name(crypto_skcipher_tfm(tfm)); > + struct dcp_async_ctx *actx = crypto_skcipher_ctx(tfm); > struct crypto_sync_skcipher *blk; > > blk = crypto_alloc_sync_skcipher(name, 0, CRYPTO_ALG_NEED_FALLBACK); > @@ -536,13 +536,13 @@ static int mxs_dcp_aes_fallback_init(struct crypto_tfm *tfm) > return PTR_ERR(blk); > > actx->fallback = blk; > - tfm->crt_ablkcipher.reqsize = sizeof(struct dcp_aes_req_ctx); > + crypto_skcipher_set_reqsize(tfm, sizeof(struct dcp_aes_req_ctx)); > return 0; > } > > -static void mxs_dcp_aes_fallback_exit(struct crypto_tfm *tfm) > +static void mxs_dcp_aes_fallback_exit_tfm(struct crypto_skcipher *tfm) > { > - struct dcp_async_ctx *actx = crypto_tfm_ctx(tfm); > + struct dcp_async_ctx *actx = crypto_skcipher_ctx(tfm); > > crypto_free_sync_skcipher(actx->fallback); > } > @@ -854,54 +854,44 @@ static void dcp_sha_cra_exit(struct crypto_tfm *tfm) > } > > /* AES 128 ECB and AES 128 CBC */ > -static struct crypto_alg dcp_aes_algs[] = { > +static struct skcipher_alg dcp_aes_algs[] = { > { > - .cra_name = "ecb(aes)", > - .cra_driver_name = "ecb-aes-dcp", > - .cra_priority = 400, > - .cra_alignmask = 15, > - .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | > - CRYPTO_ALG_ASYNC | > + .base.cra_name = "ecb(aes)", > + .base.cra_driver_name = "ecb-aes-dcp", > + .base.cra_priority = 400, > + .base.cra_alignmask = 15, > + .base.cra_flags = CRYPTO_ALG_ASYNC | > CRYPTO_ALG_NEED_FALLBACK, > - .cra_init = mxs_dcp_aes_fallback_init, > - .cra_exit = mxs_dcp_aes_fallback_exit, > - .cra_blocksize = AES_BLOCK_SIZE, > - .cra_ctxsize = sizeof(struct dcp_async_ctx), > - .cra_type = &crypto_ablkcipher_type, > - .cra_module = THIS_MODULE, > - .cra_u = { > - .ablkcipher = { > - .min_keysize = AES_MIN_KEY_SIZE, > - .max_keysize = AES_MAX_KEY_SIZE, > - .setkey = mxs_dcp_aes_setkey, > - .encrypt = mxs_dcp_aes_ecb_encrypt, > - .decrypt = mxs_dcp_aes_ecb_decrypt > - }, > - }, > + .base.cra_blocksize = AES_BLOCK_SIZE, > + .base.cra_ctxsize = sizeof(struct dcp_async_ctx), > + .base.cra_module = THIS_MODULE, > + > + .min_keysize = AES_MIN_KEY_SIZE, > + .max_keysize = AES_MAX_KEY_SIZE, > + .setkey = mxs_dcp_aes_setkey, > + .encrypt = mxs_dcp_aes_ecb_encrypt, > + .decrypt = mxs_dcp_aes_ecb_decrypt, > + .init = mxs_dcp_aes_fallback_init_tfm, > + .exit = mxs_dcp_aes_fallback_exit_tfm, > }, { > - .cra_name = "cbc(aes)", > - .cra_driver_name = "cbc-aes-dcp", > - .cra_priority = 400, > - .cra_alignmask = 15, > - .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | > - CRYPTO_ALG_ASYNC | > + .base.cra_name = "cbc(aes)", > + .base.cra_driver_name = "cbc-aes-dcp", > + .base.cra_priority = 400, > + .base.cra_alignmask = 15, > + .base.cra_flags = CRYPTO_ALG_ASYNC | > CRYPTO_ALG_NEED_FALLBACK, > - .cra_init = mxs_dcp_aes_fallback_init, > - .cra_exit = mxs_dcp_aes_fallback_exit, > - .cra_blocksize = AES_BLOCK_SIZE, > - .cra_ctxsize = sizeof(struct dcp_async_ctx), > - .cra_type = &crypto_ablkcipher_type, > - .cra_module = THIS_MODULE, > - .cra_u = { > - .ablkcipher = { > - .min_keysize = AES_MIN_KEY_SIZE, > - .max_keysize = AES_MAX_KEY_SIZE, > - .setkey = mxs_dcp_aes_setkey, > - .encrypt = mxs_dcp_aes_cbc_encrypt, > - .decrypt = mxs_dcp_aes_cbc_decrypt, > - .ivsize = AES_BLOCK_SIZE, > - }, > - }, > + .base.cra_blocksize = AES_BLOCK_SIZE, > + .base.cra_ctxsize = sizeof(struct dcp_async_ctx), > + .base.cra_module = THIS_MODULE, > + > + .min_keysize = AES_MIN_KEY_SIZE, > + .max_keysize = AES_MAX_KEY_SIZE, > + .setkey = mxs_dcp_aes_setkey, > + .encrypt = mxs_dcp_aes_cbc_encrypt, > + .decrypt = mxs_dcp_aes_cbc_decrypt, > + .ivsize = AES_BLOCK_SIZE, > + .init = mxs_dcp_aes_fallback_init_tfm, > + .exit = mxs_dcp_aes_fallback_exit_tfm, > }, > }; > > @@ -1104,8 +1094,8 @@ static int mxs_dcp_probe(struct platform_device *pdev) > sdcp->caps = readl(sdcp->base + MXS_DCP_CAPABILITY1); > > if (sdcp->caps & MXS_DCP_CAPABILITY1_AES128) { > - ret = crypto_register_algs(dcp_aes_algs, > - ARRAY_SIZE(dcp_aes_algs)); > + ret = crypto_register_skciphers(dcp_aes_algs, > + ARRAY_SIZE(dcp_aes_algs)); > if (ret) { > /* Failed to register algorithm. */ > dev_err(dev, "Failed to register AES crypto!\n"); > @@ -1139,7 +1129,7 @@ static int mxs_dcp_probe(struct platform_device *pdev) > > err_unregister_aes: > if (sdcp->caps & MXS_DCP_CAPABILITY1_AES128) > - crypto_unregister_algs(dcp_aes_algs, ARRAY_SIZE(dcp_aes_algs)); > + crypto_unregister_skciphers(dcp_aes_algs, ARRAY_SIZE(dcp_aes_algs)); > > err_destroy_aes_thread: > kthread_stop(sdcp->thread[DCP_CHAN_CRYPTO]); > @@ -1164,7 +1154,7 @@ static int mxs_dcp_remove(struct platform_device *pdev) > crypto_unregister_ahash(&dcp_sha1_alg); > > if (sdcp->caps & MXS_DCP_CAPABILITY1_AES128) > - crypto_unregister_algs(dcp_aes_algs, ARRAY_SIZE(dcp_aes_algs)); > + crypto_unregister_skciphers(dcp_aes_algs, ARRAY_SIZE(dcp_aes_algs)); > > kthread_stop(sdcp->thread[DCP_CHAN_HASH_SHA]); > kthread_stop(sdcp->thread[DCP_CHAN_CRYPTO]); > -- > 2.20.1 >
This series converts all drivers for h/w accelerators that produce the ablkcipher API to the skcipher API, so that we can finally retire the long deprecated blkcipher code. Patches #1, #2 are fixes for the virtio driver, which need to be applied first so that they can be backported Patches #3 and #4 have been tested on actual 'hardware' (given the virtual nature of the virtio driver). Patch #7 was tested successfully in kernelci. All other patches have been build tested *only*, and should be tested on actual hardware before being merged. Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: Eric Biggers <ebiggers@google.com> Cc: linux-arm-kernel@lists.infradead.org Ard Biesheuvel (25): crypto: virtio - implement missing support for output IVs crypto: virtio - deal with unsupported input sizes crypto: virtio - switch to skcipher API crypto: ccp - switch from ablkcipher to skcipher crypto: omap - switch to skcipher API crypto: ux500 - switch to skcipher API crypto: s5p - switch to skcipher API crypto: atmel-aes - switch to skcipher API crypto: atmel-tdes - switch to skcipher API crypto: bcm-spu - switch to skcipher API crypto: nitrox - remove cra_type reference to ablkcipher crypto: cavium/cpt - switch to skcipher API crypto: chelsio - switch to skcipher API crypto: hifn - switch to skcipher API crypto: ixp4xx - switch to skcipher API crypto: mxs - switch to skcipher API crypto: mediatek - switch to skcipher API crypto: picoxcell - switch to skcipher API crypto: sahara - switch to skcipher API crypto: stm32 - switch to skcipher API crypto: rockchip - switch to skcipher API crypto: qce - switch to skcipher API crypto: niagara2 - switch to skcipher API crypto: talitos - switch to skcipher API crypto: qat - switch to skcipher API drivers/crypto/Kconfig | 2 +- drivers/crypto/atmel-aes.c | 507 +++++++++--------- drivers/crypto/atmel-tdes.c | 433 ++++++++------- drivers/crypto/bcm/cipher.c | 373 +++++++------ drivers/crypto/bcm/cipher.h | 10 +- drivers/crypto/bcm/spu2.c | 6 +- drivers/crypto/cavium/cpt/cptvf_algs.c | 292 +++++----- drivers/crypto/cavium/nitrox/nitrox_skcipher.c | 1 - drivers/crypto/ccp/ccp-crypto-aes-galois.c | 7 +- drivers/crypto/ccp/ccp-crypto-aes-xts.c | 94 ++-- drivers/crypto/ccp/ccp-crypto-aes.c | 169 +++--- drivers/crypto/ccp/ccp-crypto-des3.c | 100 ++-- drivers/crypto/ccp/ccp-crypto-main.c | 14 +- drivers/crypto/ccp/ccp-crypto.h | 13 +- drivers/crypto/chelsio/chcr_algo.c | 332 ++++++------ drivers/crypto/chelsio/chcr_algo.h | 2 +- drivers/crypto/chelsio/chcr_crypto.h | 14 +- drivers/crypto/hifn_795x.c | 183 +++---- drivers/crypto/ixp4xx_crypto.c | 228 ++++---- drivers/crypto/mediatek/mtk-aes.c | 248 ++++----- drivers/crypto/mxs-dcp.c | 140 +++-- drivers/crypto/n2_core.c | 194 ++++--- drivers/crypto/omap-aes.c | 208 ++++---- drivers/crypto/omap-aes.h | 4 +- drivers/crypto/omap-des.c | 232 ++++---- drivers/crypto/picoxcell_crypto.c | 386 +++++++------- drivers/crypto/qat/qat_common/qat_algs.c | 255 +++++---- drivers/crypto/qat/qat_common/qat_crypto.h | 4 +- drivers/crypto/qce/Makefile | 2 +- drivers/crypto/qce/cipher.h | 8 +- drivers/crypto/qce/common.c | 12 +- drivers/crypto/qce/common.h | 3 +- drivers/crypto/qce/core.c | 2 +- drivers/crypto/qce/{ablkcipher.c => skcipher.c} | 172 +++--- drivers/crypto/rockchip/Makefile | 2 +- drivers/crypto/rockchip/rk3288_crypto.c | 8 +- drivers/crypto/rockchip/rk3288_crypto.h | 3 +- drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c | 556 -------------------- drivers/crypto/rockchip/rk3288_crypto_skcipher.c | 538 +++++++++++++++++++ drivers/crypto/s5p-sss.c | 191 ++++--- drivers/crypto/sahara.c | 156 +++--- drivers/crypto/stm32/stm32-cryp.c | 338 ++++++------ drivers/crypto/talitos.c | 306 +++++------ drivers/crypto/ux500/cryp/cryp_core.c | 371 ++++++------- drivers/crypto/virtio/virtio_crypto_algs.c | 192 +++---- drivers/crypto/virtio/virtio_crypto_common.h | 2 +- 46 files changed, 3487 insertions(+), 3826 deletions(-) rename drivers/crypto/qce/{ablkcipher.c => skcipher.c} (61%) delete mode 100644 drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c create mode 100644 drivers/crypto/rockchip/rk3288_crypto_skcipher.c