[v3,5/31] crypto: nitrox - Add support for chaining CTS

Message ID	E1k0Jsu-0006JL-QP@fornost.hmeau.com (mailing list archive)
State	Changes Requested
Delegated to:	Herbert Xu
Headers	show Return-Path: <SRS0=t+Y3=BH=vger.kernel.org=linux-crypto-owner@kernel.org> From: "Herbert Xu" <herbert@gondor.apana.org.au> Date: Tue, 28 Jul 2020 17:18:48 +1000 Subject: [v3 PATCH 5/31] crypto: nitrox - Add support for chaining CTS References: <20200728071746.GA22352@gondor.apana.org.au> To: Ard Biesheuvel <ardb@kernel.org>, Stephan Mueller <smueller@chronox.de>, Linux Crypto Mailing List <linux-crypto@vger.kernel.org>, Eric Biggers <ebiggers@kernel.org> Message-Id: <E1k0Jsu-0006JL-QP@fornost.hmeau.com> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk
Series	crypto: skcipher - Add support for no chaining and partial chaining \| expand [v3,0/31] crypto: skcipher - Add support for no chaining and partial chaining [v3,1/31] crypto: skcipher - Add final chunk size field for chaining [v3,2/31] crypto: algif_skcipher - Add support for final_chunksize [v3,3/31] crypto: cts - Add support for chaining [v3,4/31] crypto: arm64/aes-glue - Add support for chaining CTS [v3,5/31] crypto: nitrox - Add support for chaining CTS [v3,6/31] crypto: ccree - Add support for chaining CTS [v3,7/31] crypto: skcipher - Add alg reqsize field [v3,8/31] crypto: skcipher - Initialise requests to zero [v3,9/31] crypto: cryptd - Add support for chaining [v3,10/31] crypto: chacha-generic - Add support for chaining [v3,11/31] crypto: arm/chacha - Add support for chaining [v3,12/31] crypto: arm64/chacha - Add support for chaining [v3,13/31] crypto: mips/chacha - Add support for chaining [v3,14/31] crypto: x86/chacha - Add support for chaining [v3,15/31] crypto: inside-secure - Set final_chunksize on chacha [v3,16/31] crypto: caam/qi2 - Set final_chunksize on chacha [v3,17/31] crypto: ctr - Allow rfc3686 to be chained [v3,18/31] crypto: crypto4xx - Remove rfc3686 implementation [v3,19/31] crypto: caam - Remove rfc3686 implementations [v3,20/31] crypto: nitrox - Set final_chunksize on rfc3686 [v3,21/31] crypto: ccp - Remove rfc3686 implementation [v3,22/31] crypto: chelsio - Remove rfc3686 implementation [v3,23/31] crypto: inside-secure - Set final_chunksize on rfc3686 [v3,24/31] crypto: ixp4xx - Remove rfc3686 implementation [v3,25/31] crypto: nx - Set final_chunksize on rfc3686 [v3,26/31] crypto: essiv - Set final_chunksize [v3,27/31] crypto: simd - Add support for chaining [v3,28/31] crypto: arm64/essiv - Set final_chunksize [v3,29/31] crypto: ccree - Set final_chunksize on essiv [v3,30/31] crypto: kw - Set final_chunksize [v3,31/31] crypto: salsa20-generic - dd support for chaining

diff --git a/drivers/crypto/cavium/nitrox/nitrox_skcipher.c b/drivers/crypto/cavium/nitrox/nitrox_skcipher.c index a553ac65f3249..7a159a5da30a0 100644 --- a/drivers/crypto/cavium/nitrox/nitrox_skcipher.c +++ b/drivers/crypto/cavium/nitrox/nitrox_skcipher.c @@ -20,6 +20,16 @@ struct nitrox_cipher { enum flexi_cipher value; }; +struct nitrox_crypto_cts_ctx { + struct nitrox_crypto_ctx base; + union { + u8 *u8p; + u64 ctx_handle; + struct flexi_crypto_context *fctx; + } cbc; + struct crypto_ctx_hdr *cbchdr; +}; + /** * supported cipher list */ @@ -105,6 +115,18 @@ static void nitrox_cbc_cipher_callback(void *arg, int err) nitrox_skcipher_callback(arg, err); } +static void nitrox_cts_cipher_callback(void *arg, int err) +{ + struct skcipher_request *skreq = arg; + + if (skreq->base.flags & CRYPTO_TFM_REQ_MORE) { + nitrox_cbc_cipher_callback(arg, err); + return; + } + + nitrox_skcipher_callback(arg, err); +} + static int nitrox_skcipher_init(struct crypto_skcipher *tfm) { struct nitrox_crypto_ctx *nctx = crypto_skcipher_ctx(tfm); @@ -162,6 +184,42 @@ static void nitrox_skcipher_exit(struct crypto_skcipher *tfm) nctx->ndev = NULL; } +static int nitrox_cts_init(struct crypto_skcipher *tfm) +{ + struct nitrox_crypto_cts_ctx *ctsctx = crypto_skcipher_ctx(tfm); + struct nitrox_crypto_ctx *nctx = &ctsctx->base; + struct crypto_ctx_hdr *chdr; + int err; + + err = nitrox_skcipher_init(tfm); + if (err) + return err; + + chdr = crypto_alloc_context(nctx->ndev); + if (!chdr) { + nitrox_skcipher_exit(tfm); + return -ENOMEM; + } + + ctsctx->cbchdr = chdr; + ctsctx->cbc.u8p = chdr->vaddr; + ctsctx->cbc.u8p += sizeof(struct ctx_hdr); + nctx->callback = nitrox_cts_cipher_callback; + return 0; +} + +static void nitrox_cts_exit(struct crypto_skcipher *tfm) +{ + struct nitrox_crypto_cts_ctx *ctsctx = crypto_skcipher_ctx(tfm); + struct flexi_crypto_context *fctx = ctsctx->cbc.fctx; + + memset(&fctx->crypto, 0, sizeof(struct crypto_keys)); + memset(&fctx->auth, 0, sizeof(struct auth_keys)); + crypto_free_context(ctsctx->cbchdr); + + nitrox_skcipher_exit(tfm); +} + static inline int nitrox_skcipher_setkey(struct crypto_skcipher *cipher, int aes_keylen, const u8 *key, unsigned int keylen) @@ -244,7 +302,8 @@ static int alloc_dst_sglist(struct skcipher_request *skreq, int ivsize) return 0; } -static int nitrox_skcipher_crypt(struct skcipher_request *skreq, bool enc) +static int nitrox_skcipher_crypt_handle(struct skcipher_request *skreq, + bool enc, u64 handle) { struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(skreq); struct nitrox_crypto_ctx *nctx = crypto_skcipher_ctx(cipher); @@ -269,7 +328,7 @@ static int nitrox_skcipher_crypt(struct skcipher_request *skreq, bool enc) creq->gph.param2 = cpu_to_be16(ivsize); creq->gph.param3 = 0; - creq->ctx_handle = nctx->u.ctx_handle; + creq->ctx_handle = handle; creq->ctrl.s.ctxl = sizeof(struct flexi_crypto_context); ret = alloc_src_sglist(skreq, ivsize); @@ -287,7 +346,16 @@ static int nitrox_skcipher_crypt(struct skcipher_request *skreq, bool enc) skreq); } -static int nitrox_cbc_decrypt(struct skcipher_request *skreq) +static int nitrox_skcipher_crypt(struct skcipher_request *skreq, bool enc) +{ + struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(skreq); + struct nitrox_crypto_ctx *nctx = crypto_skcipher_ctx(cipher); + + return nitrox_skcipher_crypt_handle(skreq, enc, nctx->u.ctx_handle); +} + +static int nitrox_cbc_decrypt_handle(struct skcipher_request *skreq, + u64 handle) { struct nitrox_kcrypt_request *nkreq = skcipher_request_ctx(skreq); struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(skreq); @@ -297,14 +365,46 @@ static int nitrox_cbc_decrypt(struct skcipher_request *skreq) unsigned int start = skreq->cryptlen - ivsize; if (skreq->src != skreq->dst) - return nitrox_skcipher_crypt(skreq, false); + return nitrox_skcipher_crypt_handle(skreq, false, handle); nkreq->iv_out = kmalloc(ivsize, flags); if (!nkreq->iv_out) return -ENOMEM; scatterwalk_map_and_copy(nkreq->iv_out, skreq->src, start, ivsize, 0); - return nitrox_skcipher_crypt(skreq, false); + return nitrox_skcipher_crypt_handle(skreq, false, handle); +} + +static int nitrox_cbc_decrypt(struct skcipher_request *skreq) +{ + struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(skreq); + struct nitrox_crypto_ctx *nctx = crypto_skcipher_ctx(cipher); + + return nitrox_cbc_decrypt_handle(skreq, nctx->u.ctx_handle); +} + +static int nitrox_cts_encrypt(struct skcipher_request *skreq) +{ + if (skreq->base.flags & CRYPTO_TFM_REQ_MORE) { + struct nitrox_crypto_cts_ctx *ctsctx; + + ctsctx = crypto_skcipher_ctx(crypto_skcipher_reqtfm(skreq)); + return nitrox_skcipher_crypt_handle(skreq, true, + ctsctx->cbc.ctx_handle); + } + + return nitrox_skcipher_crypt(skreq, true); +} + +static int nitrox_cts_decrypt(struct skcipher_request *skreq) +{ + struct nitrox_crypto_cts_ctx *ctsctx; + + if (!(skreq->base.flags & CRYPTO_TFM_REQ_MORE)) + return nitrox_skcipher_crypt(skreq, false); + + ctsctx = crypto_skcipher_ctx(crypto_skcipher_reqtfm(skreq)); + return nitrox_cbc_decrypt_handle(skreq, ctsctx->cbc.ctx_handle); } static int nitrox_aes_encrypt(struct skcipher_request *skreq) @@ -484,19 +584,21 @@ static struct skcipher_alg nitrox_skciphers[] = { { .cra_driver_name = "n5_cts(cbc(aes))", .cra_priority = PRIO, .cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY, - .cra_blocksize = AES_BLOCK_SIZE, - .cra_ctxsize = sizeof(struct nitrox_crypto_ctx), + .cra_blocksize = 1, + .cra_ctxsize = sizeof(struct nitrox_crypto_cts_ctx), .cra_alignmask = 0, .cra_module = THIS_MODULE, }, .min_keysize = AES_MIN_KEY_SIZE, .max_keysize = AES_MAX_KEY_SIZE, .ivsize = AES_BLOCK_SIZE, + .chunksize = AES_BLOCK_SIZE, + .final_chunksize = 2 * AES_BLOCK_SIZE, .setkey = nitrox_aes_setkey, - .encrypt = nitrox_aes_encrypt, - .decrypt = nitrox_aes_decrypt, - .init = nitrox_skcipher_init, - .exit = nitrox_skcipher_exit, + .encrypt = nitrox_cts_encrypt, + .decrypt = nitrox_cts_decrypt, + .init = nitrox_cts_init, + .exit = nitrox_cts_exit, }, { .base = { .cra_name = "cbc(des3_ede)",

[v3,5/31] crypto: nitrox - Add support for chaining CTS

Commit Message

Patch