From: Ard Biesheuvel <ard.biesheuvel@linaro.org> To: Eric Biggers <ebiggers@kernel.org> Cc: "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" <linux-crypto@vger.kernel.org>, "Herbert Xu" <herbert@gondor.apana.org.au>, linuxppc-dev <linuxppc-dev@lists.ozlabs.org>, "Breno Leitão" <leitao@debian.org>, "Nayna Jain" <nayna@linux.ibm.com>, "Paulo Flabiano Smorigo" <pfsmorigo@gmail.com> Subject: Re: [PATCH 0/4] crypto: nx - convert to skcipher API Date: Sun, 13 Oct 2019 21:48:58 +0200 [thread overview] Message-ID: <CAKv+Gu_+yG0grjr+Y7rO8KYkvO5xjB-Y7B_AzuMPEHVTaUJB8w@mail.gmail.com> (raw) In-Reply-To: <20191013185616.GA10007@sol.localdomain> On Sun, 13 Oct 2019 at 20:56, Eric Biggers <ebiggers@kernel.org> wrote: > > On Sun, Oct 13, 2019 at 05:31:31PM +0200, Ard Biesheuvel wrote: > > On Sun, 13 Oct 2019 at 08:29, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote: > > > > > > On Sun, 13 Oct 2019 at 06:40, Eric Biggers <ebiggers@kernel.org> wrote: > > > > > > > > This series converts the PowerPC Nest (NX) implementations of AES modes > > > > from the deprecated "blkcipher" API to the "skcipher" API. This is > > > > needed in order for the blkcipher API to be removed. > > > > > > > > This patchset is compile-tested only, as I don't have this hardware. > > > > If anyone has this hardware, please test this patchset with > > > > CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y. > > > > > > > > Eric Biggers (4): > > > > crypto: nx - don't abuse blkcipher_desc to pass iv around > > > > crypto: nx - convert AES-ECB to skcipher API > > > > crypto: nx - convert AES-CBC to skcipher API > > > > crypto: nx - convert AES-CTR to skcipher API > > > > > > > > drivers/crypto/nx/nx-aes-cbc.c | 81 ++++++++++++++----------------- > > > > drivers/crypto/nx/nx-aes-ccm.c | 40 ++++++---------- > > > > drivers/crypto/nx/nx-aes-ctr.c | 87 +++++++++++++++------------------- > > > > drivers/crypto/nx/nx-aes-ecb.c | 76 +++++++++++++---------------- > > > > drivers/crypto/nx/nx-aes-gcm.c | 24 ++++------ > > > > drivers/crypto/nx/nx.c | 64 ++++++++++++++----------- > > > > drivers/crypto/nx/nx.h | 19 ++++---- > > > > 7 files changed, 176 insertions(+), 215 deletions(-) > > > > > > > > > > Hi Eric, > > > > > > Thanks for taking this on. I'll look in more detail at these patches > > > during the week. In the meantime, I may have a stab at converting ccp, > > > virtio-crypto and omap aes/des myself, since i have the hardware to > > > test those. > > > > > > > OK, I got a bit carried away, and converted a bunch of platforms in > > drivers/crypto (build tested only, except for the virtio driver) > > > > crypto: qce - switch to skcipher API > > crypto: rockchip - switch to skcipher API > > crypto: stm32 - switch to skcipher API > > crypto: sahara - switch to skcipher API > > crypto: picoxcell - switch to skcipher API > > crypto: mediatek - switch to skcipher API > > crypto: mxs - switch to skcipher API > > crypto: ixp4xx - switch to skcipher API > > crypto: hifn - switch to skcipher API > > crypto: chelsio - switch to skcipher API > > crypto: cavium/cpt - switch to skcipher API > > crypto: nitrox - remove cra_type reference to ablkcipher > > crypto: bcm-spu - switch to skcipher API > > crypto: atmel-tdes - switch to skcipher API > > crypto: atmel-aes - switch to skcipher API > > crypto: s5p - switch to skcipher API > > crypto: ux500 - switch to skcipher API > > crypto: omap - switch to skcipher API > > crypto: virtio - switch to skcipher API > > crypto: virtio - deal with unsupported input sizes > > crypto: virtio - implement missing support for output IVs > > crypto: ccp - switch from ablkcipher to skcipher > > > > https://git.kernel.org/pub/scm/linux/kernel/git/ardb/linux.git/log/?h=ablkcipher-removal > > > > I pushed the branch to kernelci, so hopefully we'll get some automated > > results, but I think only a small subset of these are boot tested atm. > > Awesome, thanks for doing this! I was just planning to do "blkcipher" for now, > but your patches will take care of almost all of "ablkcipher" too. > Yeah. I thought it was about time we take care of this, and ablkcipher is much more straightforward anyway. > A few things I noticed from quickly skimming through your patches: > Thanks. These are all mistakes on my part - I went through these at high speed with lots of mechanical search-replace. > "ecb-des3-omap", "cbc-des3-omap", "atmel-ecb-tdes", "atmel-cbc-tdes", and > "atmel-ofb-tdes" had their min and/or max key size incorrectly changed to 8 > (DES_BLOCK_SIZE or DES3_EDE_BLOCK_SIZE) rather than left as 24 > (DES3_EDE_KEY_SIZE or 3*DES_KEY_SIZE). > > cra_blocksize for "atmel-cfb64-aes" was changed from CFB64_BLOCK_SIZE to > AES_BLOCKSIZE. Intentional? > > cra_blocksize for "stm32-ctr-aes" and for "cfb-aes-mtk" was changed from 1 to > AES_BLOCK_SIZE. Intentional? > > CRYPTO_ALG_NEED_FALLBACK was added to "cbc-des-picoxcell" and "ecb-des-picoxcell". > Intentional? > > In drivers/crypto/ixp4xx_crypto.c, .walksize was set on "rfc3686(ctr(aes))" > rather than .chunksize. Intentional? > > In drivers/crypto/qce/, CRYPTO_ALG_TYPE_ABLKCIPHER should be replaced with > CRYPTO_ALG_TYPE_SKCIPHER. > > In drivers/crypto/stm32/, could rename crypto_algs[] to skcipher_algs[]. > > Thanks! > > - Eric
WARNING: multiple messages have this Message-ID (diff)
From: Ard Biesheuvel <ard.biesheuvel@linaro.org> To: Eric Biggers <ebiggers@kernel.org> Cc: "Herbert Xu" <herbert@gondor.apana.org.au>, "Nayna Jain" <nayna@linux.ibm.com>, "Paulo Flabiano Smorigo" <pfsmorigo@gmail.com>, "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" <linux-crypto@vger.kernel.org>, "Breno Leitão" <leitao@debian.org>, linuxppc-dev <linuxppc-dev@lists.ozlabs.org> Subject: Re: [PATCH 0/4] crypto: nx - convert to skcipher API Date: Sun, 13 Oct 2019 21:48:58 +0200 [thread overview] Message-ID: <CAKv+Gu_+yG0grjr+Y7rO8KYkvO5xjB-Y7B_AzuMPEHVTaUJB8w@mail.gmail.com> (raw) In-Reply-To: <20191013185616.GA10007@sol.localdomain> On Sun, 13 Oct 2019 at 20:56, Eric Biggers <ebiggers@kernel.org> wrote: > > On Sun, Oct 13, 2019 at 05:31:31PM +0200, Ard Biesheuvel wrote: > > On Sun, 13 Oct 2019 at 08:29, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote: > > > > > > On Sun, 13 Oct 2019 at 06:40, Eric Biggers <ebiggers@kernel.org> wrote: > > > > > > > > This series converts the PowerPC Nest (NX) implementations of AES modes > > > > from the deprecated "blkcipher" API to the "skcipher" API. This is > > > > needed in order for the blkcipher API to be removed. > > > > > > > > This patchset is compile-tested only, as I don't have this hardware. > > > > If anyone has this hardware, please test this patchset with > > > > CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y. > > > > > > > > Eric Biggers (4): > > > > crypto: nx - don't abuse blkcipher_desc to pass iv around > > > > crypto: nx - convert AES-ECB to skcipher API > > > > crypto: nx - convert AES-CBC to skcipher API > > > > crypto: nx - convert AES-CTR to skcipher API > > > > > > > > drivers/crypto/nx/nx-aes-cbc.c | 81 ++++++++++++++----------------- > > > > drivers/crypto/nx/nx-aes-ccm.c | 40 ++++++---------- > > > > drivers/crypto/nx/nx-aes-ctr.c | 87 +++++++++++++++------------------- > > > > drivers/crypto/nx/nx-aes-ecb.c | 76 +++++++++++++---------------- > > > > drivers/crypto/nx/nx-aes-gcm.c | 24 ++++------ > > > > drivers/crypto/nx/nx.c | 64 ++++++++++++++----------- > > > > drivers/crypto/nx/nx.h | 19 ++++---- > > > > 7 files changed, 176 insertions(+), 215 deletions(-) > > > > > > > > > > Hi Eric, > > > > > > Thanks for taking this on. I'll look in more detail at these patches > > > during the week. In the meantime, I may have a stab at converting ccp, > > > virtio-crypto and omap aes/des myself, since i have the hardware to > > > test those. > > > > > > > OK, I got a bit carried away, and converted a bunch of platforms in > > drivers/crypto (build tested only, except for the virtio driver) > > > > crypto: qce - switch to skcipher API > > crypto: rockchip - switch to skcipher API > > crypto: stm32 - switch to skcipher API > > crypto: sahara - switch to skcipher API > > crypto: picoxcell - switch to skcipher API > > crypto: mediatek - switch to skcipher API > > crypto: mxs - switch to skcipher API > > crypto: ixp4xx - switch to skcipher API > > crypto: hifn - switch to skcipher API > > crypto: chelsio - switch to skcipher API > > crypto: cavium/cpt - switch to skcipher API > > crypto: nitrox - remove cra_type reference to ablkcipher > > crypto: bcm-spu - switch to skcipher API > > crypto: atmel-tdes - switch to skcipher API > > crypto: atmel-aes - switch to skcipher API > > crypto: s5p - switch to skcipher API > > crypto: ux500 - switch to skcipher API > > crypto: omap - switch to skcipher API > > crypto: virtio - switch to skcipher API > > crypto: virtio - deal with unsupported input sizes > > crypto: virtio - implement missing support for output IVs > > crypto: ccp - switch from ablkcipher to skcipher > > > > https://git.kernel.org/pub/scm/linux/kernel/git/ardb/linux.git/log/?h=ablkcipher-removal > > > > I pushed the branch to kernelci, so hopefully we'll get some automated > > results, but I think only a small subset of these are boot tested atm. > > Awesome, thanks for doing this! I was just planning to do "blkcipher" for now, > but your patches will take care of almost all of "ablkcipher" too. > Yeah. I thought it was about time we take care of this, and ablkcipher is much more straightforward anyway. > A few things I noticed from quickly skimming through your patches: > Thanks. These are all mistakes on my part - I went through these at high speed with lots of mechanical search-replace. > "ecb-des3-omap", "cbc-des3-omap", "atmel-ecb-tdes", "atmel-cbc-tdes", and > "atmel-ofb-tdes" had their min and/or max key size incorrectly changed to 8 > (DES_BLOCK_SIZE or DES3_EDE_BLOCK_SIZE) rather than left as 24 > (DES3_EDE_KEY_SIZE or 3*DES_KEY_SIZE). > > cra_blocksize for "atmel-cfb64-aes" was changed from CFB64_BLOCK_SIZE to > AES_BLOCKSIZE. Intentional? > > cra_blocksize for "stm32-ctr-aes" and for "cfb-aes-mtk" was changed from 1 to > AES_BLOCK_SIZE. Intentional? > > CRYPTO_ALG_NEED_FALLBACK was added to "cbc-des-picoxcell" and "ecb-des-picoxcell". > Intentional? > > In drivers/crypto/ixp4xx_crypto.c, .walksize was set on "rfc3686(ctr(aes))" > rather than .chunksize. Intentional? > > In drivers/crypto/qce/, CRYPTO_ALG_TYPE_ABLKCIPHER should be replaced with > CRYPTO_ALG_TYPE_SKCIPHER. > > In drivers/crypto/stm32/, could rename crypto_algs[] to skcipher_algs[]. > > Thanks! > > - Eric
next prev parent reply other threads:[~2019-10-13 19:49 UTC|newest] Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-10-13 4:39 [PATCH 0/4] crypto: nx - convert to skcipher API Eric Biggers 2019-10-13 4:39 ` Eric Biggers 2019-10-13 4:39 ` [PATCH 1/4] crypto: nx - don't abuse blkcipher_desc to pass iv around Eric Biggers 2019-10-13 4:39 ` Eric Biggers 2019-10-14 12:35 ` Ard Biesheuvel 2019-10-14 12:35 ` Ard Biesheuvel 2019-10-13 4:39 ` [PATCH 2/4] crypto: nx - convert AES-ECB to skcipher API Eric Biggers 2019-10-13 4:39 ` Eric Biggers 2019-10-14 12:38 ` Ard Biesheuvel 2019-10-14 12:38 ` Ard Biesheuvel 2019-10-13 4:39 ` [PATCH 3/4] crypto: nx - convert AES-CBC " Eric Biggers 2019-10-13 4:39 ` Eric Biggers 2019-10-14 12:39 ` Ard Biesheuvel 2019-10-14 12:39 ` Ard Biesheuvel 2019-10-13 4:39 ` [PATCH 4/4] crypto: nx - convert AES-CTR " Eric Biggers 2019-10-13 4:39 ` Eric Biggers 2019-10-14 12:39 ` Ard Biesheuvel 2019-10-14 12:39 ` Ard Biesheuvel 2019-10-13 6:29 ` [PATCH 0/4] crypto: nx - convert " Ard Biesheuvel 2019-10-13 6:29 ` Ard Biesheuvel 2019-10-13 15:31 ` Ard Biesheuvel 2019-10-13 15:31 ` Ard Biesheuvel 2019-10-13 18:56 ` Eric Biggers 2019-10-13 18:56 ` Eric Biggers 2019-10-13 19:48 ` Ard Biesheuvel [this message] 2019-10-13 19:48 ` Ard Biesheuvel 2019-10-18 8:06 ` Herbert Xu 2019-10-18 8:06 ` Herbert Xu
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=CAKv+Gu_+yG0grjr+Y7rO8KYkvO5xjB-Y7B_AzuMPEHVTaUJB8w@mail.gmail.com \ --to=ard.biesheuvel@linaro.org \ --cc=ebiggers@kernel.org \ --cc=herbert@gondor.apana.org.au \ --cc=leitao@debian.org \ --cc=linux-crypto@vger.kernel.org \ --cc=linuxppc-dev@lists.ozlabs.org \ --cc=nayna@linux.ibm.com \ --cc=pfsmorigo@gmail.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.