From: Eric Biggers <ebiggers@kernel.org>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: "open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@vger.kernel.org>,
"Herbert Xu" <herbert@gondor.apana.org.au>,
linuxppc-dev <linuxppc-dev@lists.ozlabs.org>,
"Breno Leitão" <leitao@debian.org>,
"Nayna Jain" <nayna@linux.ibm.com>,
"Paulo Flabiano Smorigo" <pfsmorigo@gmail.com>
Subject: Re: [PATCH 0/4] crypto: nx - convert to skcipher API
Date: Sun, 13 Oct 2019 11:56:16 -0700 [thread overview]
Message-ID: <20191013185616.GA10007@sol.localdomain> (raw)
In-Reply-To: <CAKv+Gu-PEemQvXv=kqxfqb4RvmpdU2h7TZHKps2FKTBUTKFehQ@mail.gmail.com>
On Sun, Oct 13, 2019 at 05:31:31PM +0200, Ard Biesheuvel wrote:
> On Sun, 13 Oct 2019 at 08:29, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
> >
> > On Sun, 13 Oct 2019 at 06:40, Eric Biggers <ebiggers@kernel.org> wrote:
> > >
> > > This series converts the PowerPC Nest (NX) implementations of AES modes
> > > from the deprecated "blkcipher" API to the "skcipher" API. This is
> > > needed in order for the blkcipher API to be removed.
> > >
> > > This patchset is compile-tested only, as I don't have this hardware.
> > > If anyone has this hardware, please test this patchset with
> > > CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y.
> > >
> > > Eric Biggers (4):
> > > crypto: nx - don't abuse blkcipher_desc to pass iv around
> > > crypto: nx - convert AES-ECB to skcipher API
> > > crypto: nx - convert AES-CBC to skcipher API
> > > crypto: nx - convert AES-CTR to skcipher API
> > >
> > > drivers/crypto/nx/nx-aes-cbc.c | 81 ++++++++++++++-----------------
> > > drivers/crypto/nx/nx-aes-ccm.c | 40 ++++++----------
> > > drivers/crypto/nx/nx-aes-ctr.c | 87 +++++++++++++++-------------------
> > > drivers/crypto/nx/nx-aes-ecb.c | 76 +++++++++++++----------------
> > > drivers/crypto/nx/nx-aes-gcm.c | 24 ++++------
> > > drivers/crypto/nx/nx.c | 64 ++++++++++++++-----------
> > > drivers/crypto/nx/nx.h | 19 ++++----
> > > 7 files changed, 176 insertions(+), 215 deletions(-)
> > >
> >
> > Hi Eric,
> >
> > Thanks for taking this on. I'll look in more detail at these patches
> > during the week. In the meantime, I may have a stab at converting ccp,
> > virtio-crypto and omap aes/des myself, since i have the hardware to
> > test those.
> >
>
> OK, I got a bit carried away, and converted a bunch of platforms in
> drivers/crypto (build tested only, except for the virtio driver)
>
> crypto: qce - switch to skcipher API
> crypto: rockchip - switch to skcipher API
> crypto: stm32 - switch to skcipher API
> crypto: sahara - switch to skcipher API
> crypto: picoxcell - switch to skcipher API
> crypto: mediatek - switch to skcipher API
> crypto: mxs - switch to skcipher API
> crypto: ixp4xx - switch to skcipher API
> crypto: hifn - switch to skcipher API
> crypto: chelsio - switch to skcipher API
> crypto: cavium/cpt - switch to skcipher API
> crypto: nitrox - remove cra_type reference to ablkcipher
> crypto: bcm-spu - switch to skcipher API
> crypto: atmel-tdes - switch to skcipher API
> crypto: atmel-aes - switch to skcipher API
> crypto: s5p - switch to skcipher API
> crypto: ux500 - switch to skcipher API
> crypto: omap - switch to skcipher API
> crypto: virtio - switch to skcipher API
> crypto: virtio - deal with unsupported input sizes
> crypto: virtio - implement missing support for output IVs
> crypto: ccp - switch from ablkcipher to skcipher
>
> https://git.kernel.org/pub/scm/linux/kernel/git/ardb/linux.git/log/?h=ablkcipher-removal
>
> I pushed the branch to kernelci, so hopefully we'll get some automated
> results, but I think only a small subset of these are boot tested atm.
Awesome, thanks for doing this! I was just planning to do "blkcipher" for now,
but your patches will take care of almost all of "ablkcipher" too.
A few things I noticed from quickly skimming through your patches:
"ecb-des3-omap", "cbc-des3-omap", "atmel-ecb-tdes", "atmel-cbc-tdes", and
"atmel-ofb-tdes" had their min and/or max key size incorrectly changed to 8
(DES_BLOCK_SIZE or DES3_EDE_BLOCK_SIZE) rather than left as 24
(DES3_EDE_KEY_SIZE or 3*DES_KEY_SIZE).
cra_blocksize for "atmel-cfb64-aes" was changed from CFB64_BLOCK_SIZE to
AES_BLOCKSIZE. Intentional?
cra_blocksize for "stm32-ctr-aes" and for "cfb-aes-mtk" was changed from 1 to
AES_BLOCK_SIZE. Intentional?
CRYPTO_ALG_NEED_FALLBACK was added to "cbc-des-picoxcell" and "ecb-des-picoxcell".
Intentional?
In drivers/crypto/ixp4xx_crypto.c, .walksize was set on "rfc3686(ctr(aes))"
rather than .chunksize. Intentional?
In drivers/crypto/qce/, CRYPTO_ALG_TYPE_ABLKCIPHER should be replaced with
CRYPTO_ALG_TYPE_SKCIPHER.
In drivers/crypto/stm32/, could rename crypto_algs[] to skcipher_algs[].
Thanks!
- Eric
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: "Herbert Xu" <herbert@gondor.apana.org.au>,
"Nayna Jain" <nayna@linux.ibm.com>,
"Paulo Flabiano Smorigo" <pfsmorigo@gmail.com>,
"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@vger.kernel.org>,
"Breno Leitão" <leitao@debian.org>,
linuxppc-dev <linuxppc-dev@lists.ozlabs.org>
Subject: Re: [PATCH 0/4] crypto: nx - convert to skcipher API
Date: Sun, 13 Oct 2019 11:56:16 -0700 [thread overview]
Message-ID: <20191013185616.GA10007@sol.localdomain> (raw)
In-Reply-To: <CAKv+Gu-PEemQvXv=kqxfqb4RvmpdU2h7TZHKps2FKTBUTKFehQ@mail.gmail.com>
On Sun, Oct 13, 2019 at 05:31:31PM +0200, Ard Biesheuvel wrote:
> On Sun, 13 Oct 2019 at 08:29, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
> >
> > On Sun, 13 Oct 2019 at 06:40, Eric Biggers <ebiggers@kernel.org> wrote:
> > >
> > > This series converts the PowerPC Nest (NX) implementations of AES modes
> > > from the deprecated "blkcipher" API to the "skcipher" API. This is
> > > needed in order for the blkcipher API to be removed.
> > >
> > > This patchset is compile-tested only, as I don't have this hardware.
> > > If anyone has this hardware, please test this patchset with
> > > CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y.
> > >
> > > Eric Biggers (4):
> > > crypto: nx - don't abuse blkcipher_desc to pass iv around
> > > crypto: nx - convert AES-ECB to skcipher API
> > > crypto: nx - convert AES-CBC to skcipher API
> > > crypto: nx - convert AES-CTR to skcipher API
> > >
> > > drivers/crypto/nx/nx-aes-cbc.c | 81 ++++++++++++++-----------------
> > > drivers/crypto/nx/nx-aes-ccm.c | 40 ++++++----------
> > > drivers/crypto/nx/nx-aes-ctr.c | 87 +++++++++++++++-------------------
> > > drivers/crypto/nx/nx-aes-ecb.c | 76 +++++++++++++----------------
> > > drivers/crypto/nx/nx-aes-gcm.c | 24 ++++------
> > > drivers/crypto/nx/nx.c | 64 ++++++++++++++-----------
> > > drivers/crypto/nx/nx.h | 19 ++++----
> > > 7 files changed, 176 insertions(+), 215 deletions(-)
> > >
> >
> > Hi Eric,
> >
> > Thanks for taking this on. I'll look in more detail at these patches
> > during the week. In the meantime, I may have a stab at converting ccp,
> > virtio-crypto and omap aes/des myself, since i have the hardware to
> > test those.
> >
>
> OK, I got a bit carried away, and converted a bunch of platforms in
> drivers/crypto (build tested only, except for the virtio driver)
>
> crypto: qce - switch to skcipher API
> crypto: rockchip - switch to skcipher API
> crypto: stm32 - switch to skcipher API
> crypto: sahara - switch to skcipher API
> crypto: picoxcell - switch to skcipher API
> crypto: mediatek - switch to skcipher API
> crypto: mxs - switch to skcipher API
> crypto: ixp4xx - switch to skcipher API
> crypto: hifn - switch to skcipher API
> crypto: chelsio - switch to skcipher API
> crypto: cavium/cpt - switch to skcipher API
> crypto: nitrox - remove cra_type reference to ablkcipher
> crypto: bcm-spu - switch to skcipher API
> crypto: atmel-tdes - switch to skcipher API
> crypto: atmel-aes - switch to skcipher API
> crypto: s5p - switch to skcipher API
> crypto: ux500 - switch to skcipher API
> crypto: omap - switch to skcipher API
> crypto: virtio - switch to skcipher API
> crypto: virtio - deal with unsupported input sizes
> crypto: virtio - implement missing support for output IVs
> crypto: ccp - switch from ablkcipher to skcipher
>
> https://git.kernel.org/pub/scm/linux/kernel/git/ardb/linux.git/log/?h=ablkcipher-removal
>
> I pushed the branch to kernelci, so hopefully we'll get some automated
> results, but I think only a small subset of these are boot tested atm.
Awesome, thanks for doing this! I was just planning to do "blkcipher" for now,
but your patches will take care of almost all of "ablkcipher" too.
A few things I noticed from quickly skimming through your patches:
"ecb-des3-omap", "cbc-des3-omap", "atmel-ecb-tdes", "atmel-cbc-tdes", and
"atmel-ofb-tdes" had their min and/or max key size incorrectly changed to 8
(DES_BLOCK_SIZE or DES3_EDE_BLOCK_SIZE) rather than left as 24
(DES3_EDE_KEY_SIZE or 3*DES_KEY_SIZE).
cra_blocksize for "atmel-cfb64-aes" was changed from CFB64_BLOCK_SIZE to
AES_BLOCKSIZE. Intentional?
cra_blocksize for "stm32-ctr-aes" and for "cfb-aes-mtk" was changed from 1 to
AES_BLOCK_SIZE. Intentional?
CRYPTO_ALG_NEED_FALLBACK was added to "cbc-des-picoxcell" and "ecb-des-picoxcell".
Intentional?
In drivers/crypto/ixp4xx_crypto.c, .walksize was set on "rfc3686(ctr(aes))"
rather than .chunksize. Intentional?
In drivers/crypto/qce/, CRYPTO_ALG_TYPE_ABLKCIPHER should be replaced with
CRYPTO_ALG_TYPE_SKCIPHER.
In drivers/crypto/stm32/, could rename crypto_algs[] to skcipher_algs[].
Thanks!
- Eric
next prev parent reply other threads:[~2019-10-13 18:56 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-13 4:39 [PATCH 0/4] crypto: nx - convert to skcipher API Eric Biggers
2019-10-13 4:39 ` Eric Biggers
2019-10-13 4:39 ` [PATCH 1/4] crypto: nx - don't abuse blkcipher_desc to pass iv around Eric Biggers
2019-10-13 4:39 ` Eric Biggers
2019-10-14 12:35 ` Ard Biesheuvel
2019-10-14 12:35 ` Ard Biesheuvel
2019-10-13 4:39 ` [PATCH 2/4] crypto: nx - convert AES-ECB to skcipher API Eric Biggers
2019-10-13 4:39 ` Eric Biggers
2019-10-14 12:38 ` Ard Biesheuvel
2019-10-14 12:38 ` Ard Biesheuvel
2019-10-13 4:39 ` [PATCH 3/4] crypto: nx - convert AES-CBC " Eric Biggers
2019-10-13 4:39 ` Eric Biggers
2019-10-14 12:39 ` Ard Biesheuvel
2019-10-14 12:39 ` Ard Biesheuvel
2019-10-13 4:39 ` [PATCH 4/4] crypto: nx - convert AES-CTR " Eric Biggers
2019-10-13 4:39 ` Eric Biggers
2019-10-14 12:39 ` Ard Biesheuvel
2019-10-14 12:39 ` Ard Biesheuvel
2019-10-13 6:29 ` [PATCH 0/4] crypto: nx - convert " Ard Biesheuvel
2019-10-13 6:29 ` Ard Biesheuvel
2019-10-13 15:31 ` Ard Biesheuvel
2019-10-13 15:31 ` Ard Biesheuvel
2019-10-13 18:56 ` Eric Biggers [this message]
2019-10-13 18:56 ` Eric Biggers
2019-10-13 19:48 ` Ard Biesheuvel
2019-10-13 19:48 ` Ard Biesheuvel
2019-10-18 8:06 ` Herbert Xu
2019-10-18 8:06 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191013185616.GA10007@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=ard.biesheuvel@linaro.org \
--cc=herbert@gondor.apana.org.au \
--cc=leitao@debian.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=nayna@linux.ibm.com \
--cc=pfsmorigo@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.