From patchwork Fri Feb  7 15:02:25 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Eneas U de Queiroz <cotequeiroz@gmail.com>
X-Patchwork-Id: 11370651
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <SRS0=xktg=33=vger.kernel.org=linux-crypto-owner@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8AA5E92A
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Fri,  7 Feb 2020 15:03:01 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 66751214AF
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Fri,  7 Feb 2020 15:03:01 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b="c4uisUdN"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726674AbgBGPDB (ORCPT
        <rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
        Fri, 7 Feb 2020 10:03:01 -0500
Received: from mail-qt1-f194.google.com ([209.85.160.194]:36683 "EHLO
        mail-qt1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727130AbgBGPDA (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Fri, 7 Feb 2020 10:03:00 -0500
Received: by mail-qt1-f194.google.com with SMTP id t13so2056373qto.3
        for <linux-crypto@vger.kernel.org>;
 Fri, 07 Feb 2020 07:02:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=Dy9o98hzu1MS+RljWNRsefU29lbZAdlv1mMfEvRfL38=;
        b=c4uisUdNLTzpymbPFXvGawpmXIi9FZWG3/LhMHqCU0TSVujhM2pkLyJNIXZqfpUBi5
         6un4dAGQQPlGxY/fL87oCA+krbjeXB3O6cObO1hNFYQ77QTzZSKn009Z6cHCRB2+/g4Q
         L+1GuFiL7TI69lzrqsHwn3QhAl2u+r9NRbeUvLme6SvlAdddKMnjZ9Z05yTkN5jt5NeG
         TcpCnWKv+J+am625vuXmg/rLtIv0Kyv1m/nsdZF59wg0L1ZyQOKnfMx/B1qyhfB9jlFZ
         +NkqKT+mpps19AmT9GFEeAOVAZaNSRoSgV+CaQm0Dt9C9Sz0BgnZ57/dOmZ0oD8merE4
         dXWg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=Dy9o98hzu1MS+RljWNRsefU29lbZAdlv1mMfEvRfL38=;
        b=bjEd4V4rb/wh0X0nTKMXxxM4E//vCrlhAgFnTbld14y6Z90XdTIOYhpb/dzSEKL6X0
         u6Z4UTJgU5m0SbKSaBrvJVJD2ldzSriqj0WhBdHRn/Clm/lSHX9eSKcFh4+CeGWb7zS+
         J4Gta5ZrxQ3ycK57TEGxeSeVFFD3dO5Q0vBLzVIuK7tI0DXyLx6UnuSjfHbfWgo8XPa2
         cUPNc7B0NpBHtUNa7/Sw3SSwxCw6rwK9hNHZQUnfDgiEKDhgno8tNf4Q3nOzZYS3Lm5Y
         iY79UBwAfLxT/7YfrjvKhihEGPaqUXxtqTa8abOvUnDmLyqTOZ+Ssm6yA2TIbZjylPrK
         cwKQ==
X-Gm-Message-State: APjAAAXjItRLFBpiinhtfXw7hbnBWl7O03SvaDr5NY3xKEC+W1H+/Avo
        cHYJ4y8zwPZmW7+1leX9ROvA30Qc
X-Google-Smtp-Source: 
 APXvYqyZkrye44WvXCmhyvOgtzxDzh9c+Hki0/k0tOhBqqEcxsmpj0YilESM2n3cY6Yi2hYdGKRErA==
X-Received: by 2002:ac8:7caf:: with SMTP id z15mr7808295qtv.68.1581087778660;
        Fri, 07 Feb 2020 07:02:58 -0800 (PST)
Received: from gateway.troianet.com.br (ipv6.troianet.com.br.
 [2804:688:21:4::2])
        by smtp.gmail.com with ESMTPSA id
 c10sm420740qkm.56.2020.02.07.07.02.56
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 07 Feb 2020 07:02:58 -0800 (PST)
From: Eneas U de Queiroz <cotequeiroz@gmail.com>
To: linux-crypto@vger.kernel.org,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>
Cc: Ard Biesheuvel <ardb@kernel.org>,
        Eneas U de Queiroz <cotequeiroz@gmail.com>
Subject: [PATCH v5 1/3] crypto: qce - use cryptlen when adding extra sgl
Date: Fri,  7 Feb 2020 12:02:25 -0300
Message-Id: <20200207150227.31014-2-cotequeiroz@gmail.com>
X-Mailer: git-send-email 2.23.0
In-Reply-To: <20200207150227.31014-1-cotequeiroz@gmail.com>
References: <20200207150227.31014-1-cotequeiroz@gmail.com>
MIME-Version: 1.0
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

The qce crypto driver appends an extra entry to the dst sgl, to maintain
private state information.

When the gcm driver sends requests to the ctr skcipher, it passes the
authentication tag after the actual crypto payload, but it must not be
touched.

Commit 1336c2221bee ("crypto: qce - save a sg table slot for result
buf") limited the destination sgl to avoid overwriting the
authentication tag but it assumed the tag would be in a separate sgl
entry.

This is not always the case, so it is better to limit the length of the
destination buffer to req->cryptlen before appending the result buf.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
---
v1 -> v5: no change

diff --git a/drivers/crypto/qce/dma.c b/drivers/crypto/qce/dma.c
index 7da893dc00e7..46db5bf366b4 100644
--- a/drivers/crypto/qce/dma.c
+++ b/drivers/crypto/qce/dma.c
@@ -48,9 +48,10 @@ void qce_dma_release(struct qce_dma_data *dma)
 
 struct scatterlist *
 qce_sgtable_add(struct sg_table *sgt, struct scatterlist *new_sgl,
-		int max_ents)
+		unsigned int max_len)
 {
 	struct scatterlist *sg = sgt->sgl, *sg_last = NULL;
+	unsigned int new_len;
 
 	while (sg) {
 		if (!sg_page(sg))
@@ -61,13 +62,13 @@ qce_sgtable_add(struct sg_table *sgt, struct scatterlist *new_sgl,
 	if (!sg)
 		return ERR_PTR(-EINVAL);
 
-	while (new_sgl && sg && max_ents) {
-		sg_set_page(sg, sg_page(new_sgl), new_sgl->length,
-			    new_sgl->offset);
+	while (new_sgl && sg && max_len) {
+		new_len = new_sgl->length > max_len ? max_len : new_sgl->length;
+		sg_set_page(sg, sg_page(new_sgl), new_len, new_sgl->offset);
 		sg_last = sg;
 		sg = sg_next(sg);
 		new_sgl = sg_next(new_sgl);
-		max_ents--;
+		max_len -= new_len;
 	}
 
 	return sg_last;
diff --git a/drivers/crypto/qce/dma.h b/drivers/crypto/qce/dma.h
index ed25a0d9829e..786402169360 100644
--- a/drivers/crypto/qce/dma.h
+++ b/drivers/crypto/qce/dma.h
@@ -43,6 +43,6 @@ void qce_dma_issue_pending(struct qce_dma_data *dma);
 int qce_dma_terminate_all(struct qce_dma_data *dma);
 struct scatterlist *
 qce_sgtable_add(struct sg_table *sgt, struct scatterlist *sg_add,
-		int max_ents);
+		unsigned int max_len);
 
 #endif /* _DMA_H_ */
diff --git a/drivers/crypto/qce/skcipher.c b/drivers/crypto/qce/skcipher.c
index 4217b745f124..63ae75809cb7 100644
--- a/drivers/crypto/qce/skcipher.c
+++ b/drivers/crypto/qce/skcipher.c
@@ -97,13 +97,14 @@ qce_skcipher_async_req_handle(struct crypto_async_request *async_req)
 
 	sg_init_one(&rctx->result_sg, qce->dma.result_buf, QCE_RESULT_BUF_SZ);
 
-	sg = qce_sgtable_add(&rctx->dst_tbl, req->dst, rctx->dst_nents - 1);
+	sg = qce_sgtable_add(&rctx->dst_tbl, req->dst, req->cryptlen);
 	if (IS_ERR(sg)) {
 		ret = PTR_ERR(sg);
 		goto error_free;
 	}
 
-	sg = qce_sgtable_add(&rctx->dst_tbl, &rctx->result_sg, 1);
+	sg = qce_sgtable_add(&rctx->dst_tbl, &rctx->result_sg,
+			     QCE_RESULT_BUF_SZ);
 	if (IS_ERR(sg)) {
 		ret = PTR_ERR(sg);
 		goto error_free;

From patchwork Fri Feb  7 15:02:26 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Eneas U de Queiroz <cotequeiroz@gmail.com>
X-Patchwork-Id: 11370653
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <SRS0=xktg=33=vger.kernel.org=linux-crypto-owner@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D592992A
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Fri,  7 Feb 2020 15:03:03 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id AAAFB21775
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Fri,  7 Feb 2020 15:03:03 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b="eb1rh8jl"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727130AbgBGPDD (ORCPT
        <rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
        Fri, 7 Feb 2020 10:03:03 -0500
Received: from mail-qt1-f195.google.com ([209.85.160.195]:34173 "EHLO
        mail-qt1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727114AbgBGPDD (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Fri, 7 Feb 2020 10:03:03 -0500
Received: by mail-qt1-f195.google.com with SMTP id h12so2065969qtu.1
        for <linux-crypto@vger.kernel.org>;
 Fri, 07 Feb 2020 07:03:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=wW7gtQJfwXp30zTvjNtMGQiFV0f+k33/RRqjiuCMwVA=;
        b=eb1rh8jlyBBDpNN8hEgMTQz4ncFfI9ZyRDDKZ13+g0E0gh7K50E0nfA5Z8KbEoYULU
         lmY3yJMp/aQsE88HuAEf8kKca16gPjRzbaO3+dIdA8k14JyVWLyYPCboYQG/+i9CuMrS
         XoEw7+/sxtYY+XgZmcWVGUlZOHyDelgHLAeQ8C3IQmR7LE+hjmJlUoNq0sKBq8ckaWY0
         aqF22scP+yFi/QecbWuhK8h0DgvKZBCsW5he9dVSpn4MDQUA3AT0yLZCvyyFPwILTuN/
         eupDeO/e84xQNEWuVSlkS/Pukn2dSONjx4ENKb3xLQdjL30ExzgdfXQPHhW6Gn0sppg/
         mTjg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=wW7gtQJfwXp30zTvjNtMGQiFV0f+k33/RRqjiuCMwVA=;
        b=ce9ycWAx/pjSq4YMjuLwfLZxqXGW6FcFvt+KukOUG1aH2+SQQonse1a8fLY5htoUBO
         y3Qx611ZUxDJf7DpiY/k3OG2q0/RRA3YYPTAyWP26IsMJy1nbsTw7HiWmO6Jg4i6K2VT
         gMTnfGg4vNbxAo8au9+NR0BkPcmjK6OOepr7nEYjStf9vtmC+me32WirpTdSdUE/JJdU
         N2UsC0A5Y0bkIzDbFpOZnpnZ3pphwkkrqInNJgk8vuPYWcMePPdG6m+J7mNsz7ilfQ3z
         oxTZFI+b3KtMbXMm3hdYFztQjGSQU1glhRVPR9BK3GuxXSswxovBqq2UZW7a12WV4ZF+
         sZSQ==
X-Gm-Message-State: APjAAAU1KUg2BRGTW/XHYA9hHdbBIIZcRQ07gjeIBl4DK75fpw7DXZDE
        fyWAaYVglhBwIEhh+bo5fCk3bQ7Q
X-Google-Smtp-Source: 
 APXvYqwaZYnvfqr1zsgXI7UNiHKX76AqrZEpiwnUfksX7pPPj4EzDr8rs/WiJTWppGRGrlzRHfUT9A==
X-Received: by 2002:ac8:1306:: with SMTP id e6mr7845677qtj.267.1581087781060;
        Fri, 07 Feb 2020 07:03:01 -0800 (PST)
Received: from gateway.troianet.com.br (ipv6.troianet.com.br.
 [2804:688:21:4::2])
        by smtp.gmail.com with ESMTPSA id
 c10sm420740qkm.56.2020.02.07.07.02.58
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 07 Feb 2020 07:03:00 -0800 (PST)
From: Eneas U de Queiroz <cotequeiroz@gmail.com>
To: linux-crypto@vger.kernel.org,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>
Cc: Ard Biesheuvel <ardb@kernel.org>,
        Eneas U de Queiroz <cotequeiroz@gmail.com>,
        kbuild test robot <lkp@intel.com>
Subject: [PATCH v5 2/3] crypto: qce - use AES fallback for small requests
Date: Fri,  7 Feb 2020 12:02:26 -0300
Message-Id: <20200207150227.31014-3-cotequeiroz@gmail.com>
X-Mailer: git-send-email 2.23.0
In-Reply-To: <20200207150227.31014-1-cotequeiroz@gmail.com>
References: <20200207150227.31014-1-cotequeiroz@gmail.com>
MIME-Version: 1.0
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

Process small blocks using the fallback cipher, as a workaround for an
observed failure (DMA-related, apparently) when computing the GCM ghash
key.  This brings a speed gain as well, since it avoids the latency of
using the hardware engine to process small blocks.

Using software for all 16-byte requests would be enough to make GCM
work, but to increase performance, a larger threshold would be better.
Measuring the performance of supported ciphers with openssl speed,
software matches hardware at around 768-1024 bytes.

Considering the 256-bit ciphers, software is 2-3 times faster than qce
at 256-bytes, 30% faster at 512, and about even at 768-bytes.  With
128-bit keys, the break-even point would be around 1024-bytes.

This adds the 'aes_sw_max_len' parameter, to set the largest request
length processed by the software fallback.  Its default is being set to
512 bytes, a little lower than the break-even point, to balance the cost
in CPU usage.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
---
v4 -> v5:
Fixed parentheses around '&&' within '||'
Reported-by: kbuild test robot <lkp@intel.com>

v3 -> v4:
Corrected a missing 'static' declaration of aes_sw_max_len

v2 -> v3:
Corrected style issues pointed out by checkpatch.pl

v1 -> v2:
Changed the threshold from a fixed number to a module parameter

diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index c2767ed54dfe..052d3ff7fb20 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -685,6 +685,29 @@ choice
 
 endchoice
 
+config CRYPTO_DEV_QCE_SW_MAX_LEN
+	int "Default maximum request size to use software for AES"
+	depends on CRYPTO_DEV_QCE && CRYPTO_DEV_QCE_SKCIPHER
+	default 512
+	help
+	  This sets the default maximum request size to perform AES requests
+	  using software instead of the crypto engine.  It can be changed by
+	  setting the aes_sw_max_len parameter.
+
+	  Small blocks are processed faster in software than hardware.
+	  Considering the 256-bit ciphers, software is 2-3 times faster than
+	  qce at 256-bytes, 30% faster at 512, and about even at 768-bytes.
+	  With 128-bit keys, the break-even point would be around 1024-bytes.
+
+	  The default is set a little lower, to 512 bytes, to balance the
+	  cost in CPU usage.  The minimum recommended setting is 16-bytes
+	  (1 AES block), since AES-GCM will fail if you set it lower.
+	  Setting this to zero will send all requests to the hardware.
+
+	  Note that 192-bit keys are not supported by the hardware and are
+	  always processed by the software fallback, and all DES requests
+	  are done by the hardware.
+
 config CRYPTO_DEV_QCOM_RNG
 	tristate "Qualcomm Random Number Generator Driver"
 	depends on ARCH_QCOM || COMPILE_TEST
diff --git a/drivers/crypto/qce/skcipher.c b/drivers/crypto/qce/skcipher.c
index 63ae75809cb7..fc7c940b5a43 100644
--- a/drivers/crypto/qce/skcipher.c
+++ b/drivers/crypto/qce/skcipher.c
@@ -5,6 +5,7 @@
 
 #include <linux/device.h>
 #include <linux/interrupt.h>
+#include <linux/moduleparam.h>
 #include <linux/types.h>
 #include <crypto/aes.h>
 #include <crypto/internal/des.h>
@@ -12,6 +13,13 @@
 
 #include "cipher.h"
 
+static unsigned int aes_sw_max_len = CONFIG_CRYPTO_DEV_QCE_SW_MAX_LEN;
+module_param(aes_sw_max_len, uint, 0644);
+MODULE_PARM_DESC(aes_sw_max_len,
+		 "Only use hardware for AES requests larger than this "
+		 "[0=always use hardware; anything <16 breaks AES-GCM; default="
+		 __stringify(CONFIG_CRYPTO_DEV_QCE_SOFT_THRESHOLD)"]");
+
 static LIST_HEAD(skcipher_algs);
 
 static void qce_skcipher_done(void *data)
@@ -166,15 +174,10 @@ static int qce_skcipher_setkey(struct crypto_skcipher *ablk, const u8 *key,
 	switch (IS_XTS(flags) ? keylen >> 1 : keylen) {
 	case AES_KEYSIZE_128:
 	case AES_KEYSIZE_256:
+		memcpy(ctx->enc_key, key, keylen);
 		break;
-	default:
-		goto fallback;
 	}
 
-	ctx->enc_keylen = keylen;
-	memcpy(ctx->enc_key, key, keylen);
-	return 0;
-fallback:
 	ret = crypto_sync_skcipher_setkey(ctx->fallback, key, keylen);
 	if (!ret)
 		ctx->enc_keylen = keylen;
@@ -224,8 +227,9 @@ static int qce_skcipher_crypt(struct skcipher_request *req, int encrypt)
 	rctx->flags |= encrypt ? QCE_ENCRYPT : QCE_DECRYPT;
 	keylen = IS_XTS(rctx->flags) ? ctx->enc_keylen >> 1 : ctx->enc_keylen;
 
-	if (IS_AES(rctx->flags) && keylen != AES_KEYSIZE_128 &&
-	    keylen != AES_KEYSIZE_256) {
+	if (IS_AES(rctx->flags) &&
+	    ((keylen != AES_KEYSIZE_128 && keylen != AES_KEYSIZE_256) ||
+	     req->cryptlen <= aes_sw_max_len)) {
 		SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback);
 
 		skcipher_request_set_sync_tfm(subreq, ctx->fallback);

From patchwork Fri Feb  7 15:02:27 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Eneas U de Queiroz <cotequeiroz@gmail.com>
X-Patchwork-Id: 11370655
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <SRS0=xktg=33=vger.kernel.org=linux-crypto-owner@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id CE68A1398
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Fri,  7 Feb 2020 15:03:05 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id ABA5D21775
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Fri,  7 Feb 2020 15:03:05 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b="Fit4zGJR"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727131AbgBGPDF (ORCPT
        <rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
        Fri, 7 Feb 2020 10:03:05 -0500
Received: from mail-qk1-f193.google.com ([209.85.222.193]:41965 "EHLO
        mail-qk1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727114AbgBGPDF (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Fri, 7 Feb 2020 10:03:05 -0500
Received: by mail-qk1-f193.google.com with SMTP id d11so2457256qko.8
        for <linux-crypto@vger.kernel.org>;
 Fri, 07 Feb 2020 07:03:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=5+KsiVAJvgTf7V6v0DOa/NLUACdLizAHWtfht9qDR3k=;
        b=Fit4zGJR9rlBS6Mi8CgLoY7IBS5YAJ4qcquNhSUl927Xx6TPym+HCxM0NeaqeKiE3p
         MQR69echXgiTAt/cOysNVBi++gmd38dlAnJQtvuR4AQgPIkt3IS2l3nBfi/BIZdc5rVi
         T0O6d1RVHImn+fvRff4xo8sUsaXC7Rb6O4Ip46EjIp1UT48vUEm3GT35DW42HP9IcFbT
         PIvaxhY+p5+pAPQexruy1CmI9I15EA9DWYVBHWMaue1QlUplj7ngHeuW2ixtpO+TePTm
         nVo8bGtdQ8QXozJmVcTw3PvYCIkZia93FMz9YXcYIgtqCrvqB7sPoLMHv1Z9AbRgsNxf
         HIiw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=5+KsiVAJvgTf7V6v0DOa/NLUACdLizAHWtfht9qDR3k=;
        b=Lo3+TrWaUPsYwNa8vqg1bVspvoKlvAbNHM6sbiOJggmLOP/NCXJR60BDQSN1vNdMkT
         kiQqy8h2US3ox/gikPaZezFicjzU4XtLMOzg+6bTqq/8q40AboKLFkoji6R8+LnfEx9X
         eB0fPjun80ziAY1GzWAK1W7tlPH+a7ZTTAWWCNdaPt3Kb2L5iYUZVEMXaHwMzHk0VZ3J
         VB0N2BKYpxukKcDwXMzBOgTPoIUdHDE+s0itD18k1gz9mr9CXgqearvMlrlOM7Ve96yZ
         m9OuBmXdI11obo6rgwvlFXcqWMWL0EzUI0MfbCTo7zxsm+gDNNleBQZ1pLmzHDRqBvCY
         v4Qw==
X-Gm-Message-State: APjAAAUW4AVPvgTTc3C1gAtRpnM8+fqZW+6AQLt+5B9tVASVv8zAClbn
        VXPJU/A3htAXvbul0t0U1KR1pHvw
X-Google-Smtp-Source: 
 APXvYqxm2lweBQJLRUIqaUZsqXEYWuP34WkA79r2gcy5te6bq0gIzwUjeNywze9WXei66ex+xntClQ==
X-Received: by 2002:ae9:dc85:: with SMTP id
 q127mr7538151qkf.460.1581087783461;
        Fri, 07 Feb 2020 07:03:03 -0800 (PST)
Received: from gateway.troianet.com.br (ipv6.troianet.com.br.
 [2804:688:21:4::2])
        by smtp.gmail.com with ESMTPSA id
 c10sm420740qkm.56.2020.02.07.07.03.01
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 07 Feb 2020 07:03:02 -0800 (PST)
From: Eneas U de Queiroz <cotequeiroz@gmail.com>
To: linux-crypto@vger.kernel.org,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>
Cc: Ard Biesheuvel <ardb@kernel.org>,
        Eneas U de Queiroz <cotequeiroz@gmail.com>
Subject: [PATCH v5 3/3] crypto: qce - handle AES-XTS cases that qce fails
Date: Fri,  7 Feb 2020 12:02:27 -0300
Message-Id: <20200207150227.31014-4-cotequeiroz@gmail.com>
X-Mailer: git-send-email 2.23.0
In-Reply-To: <20200207150227.31014-1-cotequeiroz@gmail.com>
References: <20200207150227.31014-1-cotequeiroz@gmail.com>
MIME-Version: 1.0
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

QCE hangs when presented with an AES-XTS request whose length is larger
than QCE_SECTOR_SIZE (512-bytes), and is not a multiple of it.  Let the
fallback cipher handle them.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
---
v4 -> v5
Adapted to [v5 2/3] paretheses change

v3 -> v4
No change

v2 -> v3
Corrected style issues pointed out by checkpatch.pl

v1 -> v2
Patch was first added to the series

diff --git a/drivers/crypto/qce/common.c b/drivers/crypto/qce/common.c
index 629e7f34dc09..5006e74c40cd 100644
--- a/drivers/crypto/qce/common.c
+++ b/drivers/crypto/qce/common.c
@@ -15,8 +15,6 @@
 #include "regs-v5.h"
 #include "sha.h"
 
-#define QCE_SECTOR_SIZE		512
-
 static inline u32 qce_read(struct qce_device *qce, u32 offset)
 {
 	return readl(qce->base + offset);
diff --git a/drivers/crypto/qce/common.h b/drivers/crypto/qce/common.h
index 282d4317470d..9f989cba0f1b 100644
--- a/drivers/crypto/qce/common.h
+++ b/drivers/crypto/qce/common.h
@@ -12,6 +12,9 @@
 #include <crypto/hash.h>
 #include <crypto/internal/skcipher.h>
 
+/* xts du size */
+#define QCE_SECTOR_SIZE			512
+
 /* key size in bytes */
 #define QCE_SHA_HMAC_KEY_SIZE		64
 #define QCE_MAX_CIPHER_KEY_SIZE		AES_KEYSIZE_256
diff --git a/drivers/crypto/qce/skcipher.c b/drivers/crypto/qce/skcipher.c
index fc7c940b5a43..a4f6ec1b64c7 100644
--- a/drivers/crypto/qce/skcipher.c
+++ b/drivers/crypto/qce/skcipher.c
@@ -227,9 +227,14 @@ static int qce_skcipher_crypt(struct skcipher_request *req, int encrypt)
 	rctx->flags |= encrypt ? QCE_ENCRYPT : QCE_DECRYPT;
 	keylen = IS_XTS(rctx->flags) ? ctx->enc_keylen >> 1 : ctx->enc_keylen;
 
+	/* qce is hanging when AES-XTS request len > QCE_SECTOR_SIZE and
+	 * is not a multiple of it; pass such requests to the fallback
+	 */
 	if (IS_AES(rctx->flags) &&
-	    ((keylen != AES_KEYSIZE_128 && keylen != AES_KEYSIZE_256) ||
-	     req->cryptlen <= aes_sw_max_len)) {
+	    (((keylen != AES_KEYSIZE_128 && keylen != AES_KEYSIZE_256) ||
+	      req->cryptlen <= aes_sw_max_len) ||
+	     (IS_XTS(rctx->flags) && req->cryptlen > QCE_SECTOR_SIZE &&
+	      req->cryptlen % QCE_SECTOR_SIZE))) {
 		SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback);
 
 		skcipher_request_set_sync_tfm(subreq, ctx->fallback);