From patchwork Tue Oct 18 14:08:32 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 9382169 X-Patchwork-Delegate: johannes@sipsolutions.net Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5E243607D0 for ; Tue, 18 Oct 2016 14:08:53 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4E42629627 for ; Tue, 18 Oct 2016 14:08:53 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4236E29629; Tue, 18 Oct 2016 14:08:53 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1824729628 for ; Tue, 18 Oct 2016 14:08:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1760010AbcJROIt (ORCPT ); Tue, 18 Oct 2016 10:08:49 -0400 Received: from mail-qk0-f180.google.com ([209.85.220.180]:36451 "EHLO mail-qk0-f180.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1758231AbcJROIo (ORCPT ); Tue, 18 Oct 2016 10:08:44 -0400 Received: by mail-qk0-f180.google.com with SMTP id o68so340586440qkf.3 for ; Tue, 18 Oct 2016 07:08:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=XNn05xyKFgGiIceB4HyWHklV/HuRWQbwyWhbmoL0BtQ=; b=A4FtjpHdFidFBP0B2QFH+LYwdJFsmmJvCVqr6caOLwzjJ5Ho60IhHtXbTBYzovd08Q FH9oM8mv/DBnhCO6ACmKBAORi92E9SrIGdCRAhnclptVKpo+H6SwmyvcU0qyE7HWM4iN mf+7D93+qqPx5mpitbW3pEWR9T9X9sBYJ/ajk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=XNn05xyKFgGiIceB4HyWHklV/HuRWQbwyWhbmoL0BtQ=; b=nKLXl1Up3vFpcgW/OF28NsR2f/dk8LO/GPYD4ycdC0NnMXhkJxaRUj09IzAIBeil0X gUc//9zK1ZPgLltr4xpO2YhjrJZgIfwCgVozGRFiGPFNqazP1kPcPapJ7sbIZ+ZHHdXH tu2yLFAO+yd04K4dQZaFH3gT81fJ1J2qVBKk/TQf8R4IMcNqOlVej1jguLldlOWix32V 3SzLTI5P34ovxwqq95Oud9jvj/pANp1AA8kATdGpxt827pMsbS2O6dSKRVi0uDGufDTY GXY5LbnHCSv4qa+Q5vZjlIq/dOFS0/7NYlOy41sCrbL2vIdEXQARLSPkNB/zJZj4it0X EAaQ== X-Gm-Message-State: AA6/9RnBytfZ4jPQ3zjW3RRLpc+O05UhWE5ha7ZaQ89zdlWy33ZbWGoEpBFuXM+EWjoHkKpU X-Received: by 10.194.79.170 with SMTP id k10mr334796wjx.209.1476799721689; Tue, 18 Oct 2016 07:08:41 -0700 (PDT) Received: from localhost.localdomain ([105.137.38.75]) by smtp.gmail.com with ESMTPSA id za1sm59123596wjb.8.2016.10.18.07.08.39 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 18 Oct 2016 07:08:41 -0700 (PDT) From: Ard Biesheuvel To: linux-wireless@vger.kernel.org, johannes@sipsolutions.net, netdev@vger.kernel.org Cc: herbert@gondor.apana.org.au, j@w1.fi, luto@amacapital.net, Ard Biesheuvel Subject: [RFC PATCH 1/2] mac80211: aes_ccm: prepare key struct for storing context data Date: Tue, 18 Oct 2016 15:08:32 +0100 Message-Id: <1476799713-16188-2-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1476799713-16188-1-git-send-email-ard.biesheuvel@linaro.org> References: <1476799713-16188-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP As a prepatory change to allow per CPU caching of request structures, refactor the key allocation routine so we can access per key data beyond the core AEAD transform easily. Signed-off-by: Ard Biesheuvel --- net/mac80211/aes_ccm.c | 35 +++++++++++--------- net/mac80211/aes_ccm.h | 16 ++++----- net/mac80211/key.c | 16 ++++----- net/mac80211/key.h | 2 +- net/mac80211/wpa.c | 4 +-- 5 files changed, 37 insertions(+), 36 deletions(-) diff --git a/net/mac80211/aes_ccm.c b/net/mac80211/aes_ccm.c index a4e0d59a40dd..58e0338a2c34 100644 --- a/net/mac80211/aes_ccm.c +++ b/net/mac80211/aes_ccm.c @@ -10,6 +10,7 @@ */ #include +#include #include #include #include @@ -18,13 +19,13 @@ #include "key.h" #include "aes_ccm.h" -int ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, - u8 *data, size_t data_len, u8 *mic, +int ieee80211_aes_ccm_encrypt(struct ieee80211_ccmp_aead *ccmp, u8 *b_0, + u8 *aad, u8 *data, size_t data_len, u8 *mic, size_t mic_len) { struct scatterlist sg[3]; struct aead_request *aead_req; - int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm); + int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(ccmp->tfm); u8 *__aad; aead_req = kzalloc(reqsize + CCM_AAD_LEN, GFP_ATOMIC); @@ -39,7 +40,7 @@ int ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, sg_set_buf(&sg[1], data, data_len); sg_set_buf(&sg[2], mic, mic_len); - aead_request_set_tfm(aead_req, tfm); + aead_request_set_tfm(aead_req, ccmp->tfm); aead_request_set_crypt(aead_req, sg, sg, data_len, b_0); aead_request_set_ad(aead_req, sg[0].length); @@ -49,13 +50,13 @@ int ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, return 0; } -int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, - u8 *data, size_t data_len, u8 *mic, +int ieee80211_aes_ccm_decrypt(struct ieee80211_ccmp_aead *ccmp, u8 *b_0, + u8 *aad, u8 *data, size_t data_len, u8 *mic, size_t mic_len) { struct scatterlist sg[3]; struct aead_request *aead_req; - int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm); + int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(ccmp->tfm); u8 *__aad; int err; @@ -74,7 +75,7 @@ int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, sg_set_buf(&sg[1], data, data_len); sg_set_buf(&sg[2], mic, mic_len); - aead_request_set_tfm(aead_req, tfm); + aead_request_set_tfm(aead_req, ccmp->tfm); aead_request_set_crypt(aead_req, sg, sg, data_len + mic_len, b_0); aead_request_set_ad(aead_req, sg[0].length); @@ -84,16 +85,17 @@ int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, return err; } -struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[], - size_t key_len, - size_t mic_len) +int ieee80211_aes_key_setup_encrypt(struct ieee80211_ccmp_aead *ccmp, + const u8 key[], + size_t key_len, + size_t mic_len) { struct crypto_aead *tfm; int err; tfm = crypto_alloc_aead("ccm(aes)", 0, CRYPTO_ALG_ASYNC); if (IS_ERR(tfm)) - return tfm; + return PTR_ERR(tfm); err = crypto_aead_setkey(tfm, key, key_len); if (err) @@ -102,14 +104,15 @@ struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[], if (err) goto free_aead; - return tfm; + ccmp->tfm = tfm; + return 0; free_aead: crypto_free_aead(tfm); - return ERR_PTR(err); + return err; } -void ieee80211_aes_key_free(struct crypto_aead *tfm) +void ieee80211_aes_key_free(struct ieee80211_ccmp_aead *ccmp) { - crypto_free_aead(tfm); + crypto_free_aead(ccmp->tfm); } diff --git a/net/mac80211/aes_ccm.h b/net/mac80211/aes_ccm.h index fcd3254c5cf0..82e91c6ec41f 100644 --- a/net/mac80211/aes_ccm.h +++ b/net/mac80211/aes_ccm.h @@ -14,15 +14,15 @@ #define CCM_AAD_LEN 32 -struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[], - size_t key_len, - size_t mic_len); -int ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, - u8 *data, size_t data_len, u8 *mic, +int ieee80211_aes_key_setup_encrypt(struct ieee80211_ccmp_aead *ccmp, + const u8 key[], size_t key_len, + size_t mic_len); +int ieee80211_aes_ccm_encrypt(struct ieee80211_ccmp_aead *ccmp, u8 *b_0, + u8 *aad, u8 *data, size_t data_len, u8 *mic, size_t mic_len); -int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, - u8 *data, size_t data_len, u8 *mic, +int ieee80211_aes_ccm_decrypt(struct ieee80211_ccmp_aead *ccmp, u8 *b_0, + u8 *aad, u8 *data, size_t data_len, u8 *mic, size_t mic_len); -void ieee80211_aes_key_free(struct crypto_aead *tfm); +void ieee80211_aes_key_free(struct ieee80211_ccmp_aead *ccmp); #endif /* AES_CCM_H */ diff --git a/net/mac80211/key.c b/net/mac80211/key.c index edd6f2945f69..6d1a066e3c4e 100644 --- a/net/mac80211/key.c +++ b/net/mac80211/key.c @@ -431,10 +431,9 @@ ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, * Initialize AES key state here as an optimization so that * it does not need to be initialized for every packet. */ - key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( - key_data, key_len, IEEE80211_CCMP_MIC_LEN); - if (IS_ERR(key->u.ccmp.tfm)) { - err = PTR_ERR(key->u.ccmp.tfm); + err = ieee80211_aes_key_setup_encrypt(&key->u.ccmp, key_data, + key_len, IEEE80211_CCMP_MIC_LEN); + if (err) { kfree(key); return ERR_PTR(err); } @@ -449,10 +448,9 @@ ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, /* Initialize AES key state here as an optimization so that * it does not need to be initialized for every packet. */ - key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( - key_data, key_len, IEEE80211_CCMP_256_MIC_LEN); - if (IS_ERR(key->u.ccmp.tfm)) { - err = PTR_ERR(key->u.ccmp.tfm); + err = ieee80211_aes_key_setup_encrypt(&key->u.ccmp, key_data, + key_len, IEEE80211_CCMP_256_MIC_LEN); + if (err) { kfree(key); return ERR_PTR(err); } @@ -545,7 +543,7 @@ static void ieee80211_key_free_common(struct ieee80211_key *key) switch (key->conf.cipher) { case WLAN_CIPHER_SUITE_CCMP: case WLAN_CIPHER_SUITE_CCMP_256: - ieee80211_aes_key_free(key->u.ccmp.tfm); + ieee80211_aes_key_free(&key->u.ccmp); break; case WLAN_CIPHER_SUITE_AES_CMAC: case WLAN_CIPHER_SUITE_BIP_CMAC_256: diff --git a/net/mac80211/key.h b/net/mac80211/key.h index 4aa20cef0859..1ec7a737ab79 100644 --- a/net/mac80211/key.h +++ b/net/mac80211/key.h @@ -80,7 +80,7 @@ struct ieee80211_key { /* number of mic failures */ u32 mic_failures; } tkip; - struct { + struct ieee80211_ccmp_aead { /* * Last received packet number. The first * IEEE80211_NUM_TIDS counters are used with Data diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index 14b28998c571..694af013494f 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c @@ -461,7 +461,7 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb, pos += IEEE80211_CCMP_HDR_LEN; ccmp_special_blocks(skb, pn, b_0, aad); - return ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, b_0, aad, pos, len, + return ieee80211_aes_ccm_encrypt(&key->u.ccmp, b_0, aad, pos, len, skb_put(skb, mic_len), mic_len); } @@ -538,7 +538,7 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx, ccmp_special_blocks(skb, pn, b_0, aad); if (ieee80211_aes_ccm_decrypt( - key->u.ccmp.tfm, b_0, aad, + &key->u.ccmp, b_0, aad, skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN, data_len, skb->data + skb->len - mic_len, mic_len))