From patchwork Thu Feb 6 21:02:05 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eneas U de Queiroz X-Patchwork-Id: 11369141 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 232DD14B4 for ; Thu, 6 Feb 2020 21:02:45 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 01A8624125 for ; Thu, 6 Feb 2020 21:02:45 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="TyFXP1xH" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727830AbgBFVCo (ORCPT ); Thu, 6 Feb 2020 16:02:44 -0500 Received: from mail-qk1-f194.google.com ([209.85.222.194]:34254 "EHLO mail-qk1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727711AbgBFVCo (ORCPT ); Thu, 6 Feb 2020 16:02:44 -0500 Received: by mail-qk1-f194.google.com with SMTP id a23so99670qka.1 for ; Thu, 06 Feb 2020 13:02:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=zI3TjwN7LJ7pqIcCXM6aXOKYuQCzr3fiuSGdPGq37e8=; b=TyFXP1xHv3jLYqPV4bO1WT99KLgwjPOlYgo5Z9fqjFpRTA5bRpWniPpvuYBHlVaUGv 8nw9g/Kn4qrpL+gSh1JpiZ2UL0XgRnoLbT7rmeUzgYBAwoZvu3E14j3hO3XUVxSh+3um CqUv9wnhi5XnayQyNX0QEiybTAqUdkU1C82Du+RkaJpER5iXS/ttNvLJrxXMs0p/asum rIlodokl+Y6kwfSIaVMVn3KhZ36FpVByugbvMXeKbnINdMCRNnF8eMYuss5ssGoUK6Lg ubtXBTtxVQvEjfv/KwwslS7FoMpmBLnpzGEPUYo+St7sS53lJt1Xj8Z11UtfubozjLDr Lmfg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=zI3TjwN7LJ7pqIcCXM6aXOKYuQCzr3fiuSGdPGq37e8=; b=r0kIZ7vRMGzRUYEOLs+7hOabAtNehf9boY6nHii4YgNNJECrUvcJMmTOCDZpz0vV1m JtJXCOnjNyGu1dRLVFbpMiwcXYz75FOiiu/TAVQcB2fnp5Rmv8zXOcNw2oXlXKVb649I UIUf0XkHvfw0YQANA3jJEixhOw6qlWth6UVX2YPEFolqwNrgRsZAtSDxOBaMaMft5QZH cHYYIaPAMla8CDEWRJ6TJ6gtSMjn59m+FWNCuxsHNDDRi9iJyvGnyq67iYrp36BRjpcQ Sv9rp696qaVHl+dUYf19q5nnnCLxJnROcd5fI64MI5jVdquc8ezD/srp5JrQ2HMdUw3g tkeg== X-Gm-Message-State: APjAAAWj/WxqYg7759eFP8kkUZ0tw/6LM986SUn0CSHmLcZGM22NxBMN PPZhIlJ7SGMB/6j8nRmHUmFMFcdk X-Google-Smtp-Source: APXvYqwulHmnvP4His6SRhmkvlpxOrzSISTEtDyxEnDwBqEj1+Lg4fgoZzMqE7jXlsDgwtt8I3mZFQ== X-Received: by 2002:a37:7cc7:: with SMTP id x190mr4293971qkc.10.1581022962903; Thu, 06 Feb 2020 13:02:42 -0800 (PST) Received: from gateway.troianet.com.br (ipv6.troianet.com.br. [2804:688:21:4::2]) by smtp.gmail.com with ESMTPSA id o12sm252869qke.79.2020.02.06.13.02.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Feb 2020 13:02:42 -0800 (PST) From: Eneas U de Queiroz To: linux-crypto@vger.kernel.org, Herbert Xu , "David S. Miller" Cc: Ard Biesheuvel , Eneas U de Queiroz Subject: [PATCH v4 1/3] crypto: qce - use cryptlen when adding extra sgl Date: Thu, 6 Feb 2020 18:02:05 -0300 Message-Id: <20200206210207.21849-1-cotequeiroz@gmail.com> X-Mailer: git-send-email 2.23.0 MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The qce crypto driver appends an extra entry to the dst sgl, to maintain private state information. When the gcm driver sends requests to the ctr skcipher, it passes the authentication tag after the actual crypto payload, but it must not be touched. Commit 1336c2221bee ("crypto: qce - save a sg table slot for result buf") limited the destination sgl to avoid overwriting the authentication tag but it assumed the tag would be in a separate sgl entry. This is not always the case, so it is better to limit the length of the destination buffer to req->cryptlen before appending the result buf. Signed-off-by: Eneas U de Queiroz --- v1 -> v4: no change diff --git a/drivers/crypto/qce/dma.c b/drivers/crypto/qce/dma.c index 7da893dc00e7..46db5bf366b4 100644 --- a/drivers/crypto/qce/dma.c +++ b/drivers/crypto/qce/dma.c @@ -48,9 +48,10 @@ void qce_dma_release(struct qce_dma_data *dma) struct scatterlist * qce_sgtable_add(struct sg_table *sgt, struct scatterlist *new_sgl, - int max_ents) + unsigned int max_len) { struct scatterlist *sg = sgt->sgl, *sg_last = NULL; + unsigned int new_len; while (sg) { if (!sg_page(sg)) @@ -61,13 +62,13 @@ qce_sgtable_add(struct sg_table *sgt, struct scatterlist *new_sgl, if (!sg) return ERR_PTR(-EINVAL); - while (new_sgl && sg && max_ents) { - sg_set_page(sg, sg_page(new_sgl), new_sgl->length, - new_sgl->offset); + while (new_sgl && sg && max_len) { + new_len = new_sgl->length > max_len ? max_len : new_sgl->length; + sg_set_page(sg, sg_page(new_sgl), new_len, new_sgl->offset); sg_last = sg; sg = sg_next(sg); new_sgl = sg_next(new_sgl); - max_ents--; + max_len -= new_len; } return sg_last; diff --git a/drivers/crypto/qce/dma.h b/drivers/crypto/qce/dma.h index ed25a0d9829e..786402169360 100644 --- a/drivers/crypto/qce/dma.h +++ b/drivers/crypto/qce/dma.h @@ -43,6 +43,6 @@ void qce_dma_issue_pending(struct qce_dma_data *dma); int qce_dma_terminate_all(struct qce_dma_data *dma); struct scatterlist * qce_sgtable_add(struct sg_table *sgt, struct scatterlist *sg_add, - int max_ents); + unsigned int max_len); #endif /* _DMA_H_ */ diff --git a/drivers/crypto/qce/skcipher.c b/drivers/crypto/qce/skcipher.c index 4217b745f124..63ae75809cb7 100644 --- a/drivers/crypto/qce/skcipher.c +++ b/drivers/crypto/qce/skcipher.c @@ -97,13 +97,14 @@ qce_skcipher_async_req_handle(struct crypto_async_request *async_req) sg_init_one(&rctx->result_sg, qce->dma.result_buf, QCE_RESULT_BUF_SZ); - sg = qce_sgtable_add(&rctx->dst_tbl, req->dst, rctx->dst_nents - 1); + sg = qce_sgtable_add(&rctx->dst_tbl, req->dst, req->cryptlen); if (IS_ERR(sg)) { ret = PTR_ERR(sg); goto error_free; } - sg = qce_sgtable_add(&rctx->dst_tbl, &rctx->result_sg, 1); + sg = qce_sgtable_add(&rctx->dst_tbl, &rctx->result_sg, + QCE_RESULT_BUF_SZ); if (IS_ERR(sg)) { ret = PTR_ERR(sg); goto error_free; From patchwork Thu Feb 6 21:02:06 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eneas U de Queiroz X-Patchwork-Id: 11369143 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 84A7F921 for ; Thu, 6 Feb 2020 21:02:47 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 59009227BF for ; Thu, 6 Feb 2020 21:02:47 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="kKxRnbiq" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727843AbgBFVCr (ORCPT ); Thu, 6 Feb 2020 16:02:47 -0500 Received: from mail-qt1-f194.google.com ([209.85.160.194]:42357 "EHLO mail-qt1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727711AbgBFVCq (ORCPT ); Thu, 6 Feb 2020 16:02:46 -0500 Received: by mail-qt1-f194.google.com with SMTP id j5so198610qtq.9 for ; Thu, 06 Feb 2020 13:02:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=AoHCldDCQ5hCkP9X9bLOVxXvyjIh5qhSG0PvyC3sC/0=; b=kKxRnbiq9Y3dHC78ZGvl5uEmlSOeGZebUJyNtWo0GME7yZJ+18GGAjIRcl0SRE9ej4 IN8QPGLfeuqGuHU0QGtrfZlgU6+F+/b/sgNppK2wd8fv827nH5PJi2+Xw9BS0c6kS3r4 oiTR3gPhXtNCaqt8TpuqiUZNhQMvjuSsELIwxKlVLRyoBd0km1zbOtgYNBcdVAVvcEYE V/XrHb0hv7F+xSzhJ8hOey1p10dEnWPUn/d2mehhol8BkSU12m/sOnuj9vgxctwW/5Xf oAEjYFCVBaWuxWKu8HNkKZ3BNoPBeimJH+HqJTx9bnu/KuoyDxi/5wl/ZBr9RFozITCT 9cJA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=AoHCldDCQ5hCkP9X9bLOVxXvyjIh5qhSG0PvyC3sC/0=; b=K82H/oKrBtDDK9ygD1JcjFM5wSR7JFqyQQsKoOcnlKrwYUyEwNeKaerQMZ21zNH/F9 SYsJ8Nd5MCQn/bkORUqFZuO73/6UUp2lM50D1uwuSAlG2utHoMTcoIWnCpFkUtXF6cEn 8CBF4q5PJYC1QQNj0JBNZ4mCOfKLl1Lv11LE691e86Nbplmmm5q6Qfs/vVZbTyO8+aQe 760vIDEH2FR1tIZzc/KsOtK2scfDRPdRF43QQaO/fzR6UDYNLiq4NqYf2inKBddmzkk5 PKVAJNDKhXofDiAZCJivS8muzi/B1wskrK7X7s3NEYezxnv++5zg+jK4inRjwrSXg8eM 4UXg== X-Gm-Message-State: APjAAAVzpWrygsYCFpgWxwyYGieNmYhVPudCuogo++8iefzCbKABstVT WaMNa5fXXBaTOGIKTG2yzaQNSPDp X-Google-Smtp-Source: APXvYqw9HSNybSbCCsVCP1roB2+HVqZKG2UNueb4iD1EHAovQrd7bQOjUkn6wnvHZia1PVz+lRKM1g== X-Received: by 2002:aed:218f:: with SMTP id l15mr4353654qtc.247.1581022965056; Thu, 06 Feb 2020 13:02:45 -0800 (PST) Received: from gateway.troianet.com.br (ipv6.troianet.com.br. [2804:688:21:4::2]) by smtp.gmail.com with ESMTPSA id o12sm252869qke.79.2020.02.06.13.02.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Feb 2020 13:02:44 -0800 (PST) From: Eneas U de Queiroz To: linux-crypto@vger.kernel.org, Herbert Xu , "David S. Miller" Cc: Ard Biesheuvel , Eneas U de Queiroz Subject: [PATCH v4 2/3] crypto: qce - use AES fallback for small requests Date: Thu, 6 Feb 2020 18:02:06 -0300 Message-Id: <20200206210207.21849-2-cotequeiroz@gmail.com> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20200206210207.21849-1-cotequeiroz@gmail.com> References: <20200206210207.21849-1-cotequeiroz@gmail.com> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Process small blocks using the fallback cipher, as a workaround for an observed failure (DMA-related, apparently) when computing the GCM ghash key. This brings a speed gain as well, since it avoids the latency of using the hardware engine to process small blocks. Using software for all 16-byte requests would be enough to make GCM work, but to increase performance, a larger threshold would be better. Measuring the performance of supported ciphers with openssl speed, software matches hardware at around 768-1024 bytes. Considering the 256-bit ciphers, software is 2-3 times faster than qce at 256-bytes, 30% faster at 512, and about even at 768-bytes. With 128-bit keys, the break-even point would be around 1024-bytes. This adds the 'aes_sw_max_len' parameter, to set the largest request length processed by the software fallback. Its default is being set to 512 bytes, a little lower than the break-even point, to balance the cost in CPU usage. Signed-off-by: Eneas U de Queiroz --- v3 -> v4: Corrected a missing 'static' declaration of aes_sw_max_len v2 -> v3: Corrected style issues pointed out by checkpatch.pl v1 -> v2: Changed the threshold from a fixed number to a module parameter diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index c2767ed54dfe..052d3ff7fb20 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -685,6 +685,29 @@ choice endchoice +config CRYPTO_DEV_QCE_SW_MAX_LEN + int "Default maximum request size to use software for AES" + depends on CRYPTO_DEV_QCE && CRYPTO_DEV_QCE_SKCIPHER + default 512 + help + This sets the default maximum request size to perform AES requests + using software instead of the crypto engine. It can be changed by + setting the aes_sw_max_len parameter. + + Small blocks are processed faster in software than hardware. + Considering the 256-bit ciphers, software is 2-3 times faster than + qce at 256-bytes, 30% faster at 512, and about even at 768-bytes. + With 128-bit keys, the break-even point would be around 1024-bytes. + + The default is set a little lower, to 512 bytes, to balance the + cost in CPU usage. The minimum recommended setting is 16-bytes + (1 AES block), since AES-GCM will fail if you set it lower. + Setting this to zero will send all requests to the hardware. + + Note that 192-bit keys are not supported by the hardware and are + always processed by the software fallback, and all DES requests + are done by the hardware. + config CRYPTO_DEV_QCOM_RNG tristate "Qualcomm Random Number Generator Driver" depends on ARCH_QCOM || COMPILE_TEST diff --git a/drivers/crypto/qce/skcipher.c b/drivers/crypto/qce/skcipher.c index 63ae75809cb7..e55348bba36f 100644 --- a/drivers/crypto/qce/skcipher.c +++ b/drivers/crypto/qce/skcipher.c @@ -5,6 +5,7 @@ #include #include +#include #include #include #include @@ -12,6 +13,13 @@ #include "cipher.h" +static unsigned int aes_sw_max_len = CONFIG_CRYPTO_DEV_QCE_SW_MAX_LEN; +module_param(aes_sw_max_len, uint, 0644); +MODULE_PARM_DESC(aes_sw_max_len, + "Only use hardware for AES requests larger than this " + "[0=always use hardware; anything <16 breaks AES-GCM; default=" + __stringify(CONFIG_CRYPTO_DEV_QCE_SOFT_THRESHOLD)"]"); + static LIST_HEAD(skcipher_algs); static void qce_skcipher_done(void *data) @@ -166,15 +174,10 @@ static int qce_skcipher_setkey(struct crypto_skcipher *ablk, const u8 *key, switch (IS_XTS(flags) ? keylen >> 1 : keylen) { case AES_KEYSIZE_128: case AES_KEYSIZE_256: + memcpy(ctx->enc_key, key, keylen); break; - default: - goto fallback; } - ctx->enc_keylen = keylen; - memcpy(ctx->enc_key, key, keylen); - return 0; -fallback: ret = crypto_sync_skcipher_setkey(ctx->fallback, key, keylen); if (!ret) ctx->enc_keylen = keylen; @@ -224,8 +227,9 @@ static int qce_skcipher_crypt(struct skcipher_request *req, int encrypt) rctx->flags |= encrypt ? QCE_ENCRYPT : QCE_DECRYPT; keylen = IS_XTS(rctx->flags) ? ctx->enc_keylen >> 1 : ctx->enc_keylen; - if (IS_AES(rctx->flags) && keylen != AES_KEYSIZE_128 && - keylen != AES_KEYSIZE_256) { + if (IS_AES(rctx->flags) && + ((keylen != AES_KEYSIZE_128 && keylen != AES_KEYSIZE_256) + || req->cryptlen <= aes_sw_max_len)) { SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback); skcipher_request_set_sync_tfm(subreq, ctx->fallback); From patchwork Thu Feb 6 21:02:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eneas U de Queiroz X-Patchwork-Id: 11369145 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5B87A14B4 for ; Thu, 6 Feb 2020 21:02:49 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 3B902227BF for ; Thu, 6 Feb 2020 21:02:49 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ays4k29y" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727845AbgBFVCs (ORCPT ); Thu, 6 Feb 2020 16:02:48 -0500 Received: from mail-qk1-f195.google.com ([209.85.222.195]:39277 "EHLO mail-qk1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727711AbgBFVCs (ORCPT ); Thu, 6 Feb 2020 16:02:48 -0500 Received: by mail-qk1-f195.google.com with SMTP id w15so68854qkf.6 for ; Thu, 06 Feb 2020 13:02:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=p+/JuyW4us5GRMHekSlNiyHwnxrpzKYQWiN0BPd3e+Y=; b=ays4k29yRF7fVVbOr37GIn/gjqZ7QUFTZPPYXPzthUsCy0dTUjsw+DPQOexbOXc4Ha WjHHq+wpzWs1xaQ4+TykKW0y8sIlNHzMD1udYpLd5VTqJuROlWtr6SzvTNdWCVYgJqLZ PhG74E5mqA7irh7fkbmdmo73VcE2C6ULboUfkunRpHe0gBZ1jcY+1Ff/1wjpzpPzzPzV 1I/f/IoiBkCHlImVgV3YWwFqAycQN8cXWRpEpku5QYX9hIw3ILKBpIfSynSbhwsJ21zF YRUq1TkBXtvWjwrcXIELsiMBvyKDucxqkYHbBTL/PAErGWRB0iRGCCl2QkwaqgU5X+XL sKsQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=p+/JuyW4us5GRMHekSlNiyHwnxrpzKYQWiN0BPd3e+Y=; b=HMgJeQQSPnHwN3u2bKpbRX9IRPSU0Q6/737u9Zv1YSrzYBFH+eR7R1H0ZT4uAaKD2f MRdB34D+XuyzMIF4AJXK13s04RXOgt5kje6JhGchF06VmOwmbni+nW5cOSbMtznOL5dN 6nNuNdPN9KhtCRtyHXfM3q1zOIR8ivIAbgkFDrAPoF3V+Mws2DaeUYt8ujfmYzCY/Vne xD9u8T07PJj7P0mCiia4j80lATCBa7+LGty0xKj52E/WUHKe8BHGORWUY2qQiEmXN3Tm vnV/ScOF+g5Hp9F/EE1E93Xe8xt1tnz+GA/XZ+MNdF8VTpNyCOHJeO/ROfkpIzQQUfHD AXhw== X-Gm-Message-State: APjAAAXDFxK3F+zW+9Y26oXVl/n2d+hvQQfQM4VF8PQ2cg0XfY21gXiP oI6/w0MdNa9tGsbuhuF03jwdxa0q X-Google-Smtp-Source: APXvYqyC4hQwlcLi6S4ru7ziahVM4yZPSZ9TB4Zy5OeI33q7llka67Ko7KtxLRF3vdnOyZhk1Jc3lQ== X-Received: by 2002:a37:4a51:: with SMTP id x78mr4047482qka.445.1581022967257; Thu, 06 Feb 2020 13:02:47 -0800 (PST) Received: from gateway.troianet.com.br (ipv6.troianet.com.br. [2804:688:21:4::2]) by smtp.gmail.com with ESMTPSA id o12sm252869qke.79.2020.02.06.13.02.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Feb 2020 13:02:46 -0800 (PST) From: Eneas U de Queiroz To: linux-crypto@vger.kernel.org, Herbert Xu , "David S. Miller" Cc: Ard Biesheuvel , Eneas U de Queiroz Subject: [PATCH v4 3/3] crypto: qce - handle AES-XTS cases that qce fails Date: Thu, 6 Feb 2020 18:02:07 -0300 Message-Id: <20200206210207.21849-3-cotequeiroz@gmail.com> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20200206210207.21849-1-cotequeiroz@gmail.com> References: <20200206210207.21849-1-cotequeiroz@gmail.com> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org QCE hangs when presented with an AES-XTS request whose length is larger than QCE_SECTOR_SIZE (512-bytes), and is not a multiple of it. Let the fallback cipher handle them. Signed-off-by: Eneas U de Queiroz --- v3 -> v4 no change v2 -> v3 Corrected style issues pointed out by checkpatch.pl v1 -> v2 Patch was first added to the series diff --git a/drivers/crypto/qce/common.c b/drivers/crypto/qce/common.c index 629e7f34dc09..5006e74c40cd 100644 --- a/drivers/crypto/qce/common.c +++ b/drivers/crypto/qce/common.c @@ -15,8 +15,6 @@ #include "regs-v5.h" #include "sha.h" -#define QCE_SECTOR_SIZE 512 - static inline u32 qce_read(struct qce_device *qce, u32 offset) { return readl(qce->base + offset); diff --git a/drivers/crypto/qce/common.h b/drivers/crypto/qce/common.h index 282d4317470d..9f989cba0f1b 100644 --- a/drivers/crypto/qce/common.h +++ b/drivers/crypto/qce/common.h @@ -12,6 +12,9 @@ #include #include +/* xts du size */ +#define QCE_SECTOR_SIZE 512 + /* key size in bytes */ #define QCE_SHA_HMAC_KEY_SIZE 64 #define QCE_MAX_CIPHER_KEY_SIZE AES_KEYSIZE_256 diff --git a/drivers/crypto/qce/skcipher.c b/drivers/crypto/qce/skcipher.c index e55348bba36f..9458db683679 100644 --- a/drivers/crypto/qce/skcipher.c +++ b/drivers/crypto/qce/skcipher.c @@ -227,9 +227,14 @@ static int qce_skcipher_crypt(struct skcipher_request *req, int encrypt) rctx->flags |= encrypt ? QCE_ENCRYPT : QCE_DECRYPT; keylen = IS_XTS(rctx->flags) ? ctx->enc_keylen >> 1 : ctx->enc_keylen; + /* qce is hanging when AES-XTS request len > QCE_SECTOR_SIZE and + * is not a multiple of it; pass such requests to the fallback + */ if (IS_AES(rctx->flags) && ((keylen != AES_KEYSIZE_128 && keylen != AES_KEYSIZE_256) - || req->cryptlen <= aes_sw_max_len)) { + || req->cryptlen <= aes_sw_max_len) + || (IS_XTS(rctx->flags) && req->cryptlen > QCE_SECTOR_SIZE && + req->cryptlen % QCE_SECTOR_SIZE)) { SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback); skcipher_request_set_sync_tfm(subreq, ctx->fallback);