LinuxPPC-Dev Archive on lore.kernel.org
 help / color / Atom feed
From: Eric Biggers <ebiggers@kernel.org>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: "Herbert Xu" <herbert@gondor.apana.org.au>,
	"Nayna Jain" <nayna@linux.ibm.com>,
	"Paulo Flabiano Smorigo" <pfsmorigo@gmail.com>,
	"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
	<linux-crypto@vger.kernel.org>,
	"Breno Leitão" <leitao@debian.org>,
	linuxppc-dev <linuxppc-dev@lists.ozlabs.org>
Subject: Re: [PATCH 0/4] crypto: nx - convert to skcipher API
Date: Sun, 13 Oct 2019 11:56:16 -0700
Message-ID: <20191013185616.GA10007@sol.localdomain> (raw)
In-Reply-To: <CAKv+Gu-PEemQvXv=kqxfqb4RvmpdU2h7TZHKps2FKTBUTKFehQ@mail.gmail.com>

On Sun, Oct 13, 2019 at 05:31:31PM +0200, Ard Biesheuvel wrote:
> On Sun, 13 Oct 2019 at 08:29, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
> >
> > On Sun, 13 Oct 2019 at 06:40, Eric Biggers <ebiggers@kernel.org> wrote:
> > >
> > > This series converts the PowerPC Nest (NX) implementations of AES modes
> > > from the deprecated "blkcipher" API to the "skcipher" API.  This is
> > > needed in order for the blkcipher API to be removed.
> > >
> > > This patchset is compile-tested only, as I don't have this hardware.
> > > If anyone has this hardware, please test this patchset with
> > > CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y.
> > >
> > > Eric Biggers (4):
> > >   crypto: nx - don't abuse blkcipher_desc to pass iv around
> > >   crypto: nx - convert AES-ECB to skcipher API
> > >   crypto: nx - convert AES-CBC to skcipher API
> > >   crypto: nx - convert AES-CTR to skcipher API
> > >
> > >  drivers/crypto/nx/nx-aes-cbc.c | 81 ++++++++++++++-----------------
> > >  drivers/crypto/nx/nx-aes-ccm.c | 40 ++++++----------
> > >  drivers/crypto/nx/nx-aes-ctr.c | 87 +++++++++++++++-------------------
> > >  drivers/crypto/nx/nx-aes-ecb.c | 76 +++++++++++++----------------
> > >  drivers/crypto/nx/nx-aes-gcm.c | 24 ++++------
> > >  drivers/crypto/nx/nx.c         | 64 ++++++++++++++-----------
> > >  drivers/crypto/nx/nx.h         | 19 ++++----
> > >  7 files changed, 176 insertions(+), 215 deletions(-)
> > >
> >
> > Hi Eric,
> >
> > Thanks for taking this on. I'll look in more detail at these patches
> > during the week. In the meantime, I may have a stab at converting ccp,
> > virtio-crypto and omap aes/des myself, since i have the hardware to
> > test those.
> >
> 
> OK, I got a bit carried away, and converted a bunch of platforms in
> drivers/crypto (build tested only, except for the virtio driver)
> 
> crypto: qce - switch to skcipher API
> crypto: rockchip - switch to skcipher API
> crypto: stm32 - switch to skcipher API
> crypto: sahara - switch to skcipher API
> crypto: picoxcell - switch to skcipher API
> crypto: mediatek - switch to skcipher API
> crypto: mxs - switch to skcipher API
> crypto: ixp4xx - switch to skcipher API
> crypto: hifn - switch to skcipher API
> crypto: chelsio - switch to skcipher API
> crypto: cavium/cpt - switch to skcipher API
> crypto: nitrox - remove cra_type reference to ablkcipher
> crypto: bcm-spu - switch to skcipher API
> crypto: atmel-tdes - switch to skcipher API
> crypto: atmel-aes - switch to skcipher API
> crypto: s5p - switch to skcipher API
> crypto: ux500 - switch to skcipher API
> crypto: omap - switch to skcipher API
> crypto: virtio - switch to skcipher API
> crypto: virtio - deal with unsupported input sizes
> crypto: virtio - implement missing support for output IVs
> crypto: ccp - switch from ablkcipher to skcipher
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/ardb/linux.git/log/?h=ablkcipher-removal
> 
> I pushed the branch to kernelci, so hopefully we'll get some automated
> results, but I think only a small subset of these are boot tested atm.

Awesome, thanks for doing this!  I was just planning to do "blkcipher" for now,
but your patches will take care of almost all of "ablkcipher" too.

A few things I noticed from quickly skimming through your patches:

"ecb-des3-omap", "cbc-des3-omap", "atmel-ecb-tdes", "atmel-cbc-tdes", and
"atmel-ofb-tdes" had their min and/or max key size incorrectly changed to 8
(DES_BLOCK_SIZE or DES3_EDE_BLOCK_SIZE) rather than left as 24
(DES3_EDE_KEY_SIZE or 3*DES_KEY_SIZE).

cra_blocksize for "atmel-cfb64-aes" was changed from CFB64_BLOCK_SIZE to
AES_BLOCKSIZE.  Intentional?

cra_blocksize for "stm32-ctr-aes" and for "cfb-aes-mtk" was changed from 1 to
AES_BLOCK_SIZE.  Intentional?

CRYPTO_ALG_NEED_FALLBACK was added to "cbc-des-picoxcell" and "ecb-des-picoxcell".
Intentional?

In drivers/crypto/ixp4xx_crypto.c, .walksize was set on "rfc3686(ctr(aes))"
rather than .chunksize.  Intentional?

In drivers/crypto/qce/, CRYPTO_ALG_TYPE_ABLKCIPHER should be replaced with
CRYPTO_ALG_TYPE_SKCIPHER.

In drivers/crypto/stm32/, could rename crypto_algs[] to skcipher_algs[].

Thanks!

- Eric

  reply index

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-13  4:39 Eric Biggers
2019-10-13  4:39 ` [PATCH 1/4] crypto: nx - don't abuse blkcipher_desc to pass iv around Eric Biggers
2019-10-14 12:35   ` Ard Biesheuvel
2019-10-13  4:39 ` [PATCH 2/4] crypto: nx - convert AES-ECB to skcipher API Eric Biggers
2019-10-14 12:38   ` Ard Biesheuvel
2019-10-13  4:39 ` [PATCH 3/4] crypto: nx - convert AES-CBC " Eric Biggers
2019-10-14 12:39   ` Ard Biesheuvel
2019-10-13  4:39 ` [PATCH 4/4] crypto: nx - convert AES-CTR " Eric Biggers
2019-10-14 12:39   ` Ard Biesheuvel
2019-10-13  6:29 ` [PATCH 0/4] crypto: nx - convert " Ard Biesheuvel
2019-10-13 15:31   ` Ard Biesheuvel
2019-10-13 18:56     ` Eric Biggers [this message]
2019-10-13 19:48       ` Ard Biesheuvel
2019-10-18  8:06 ` Herbert Xu

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191013185616.GA10007@sol.localdomain \
    --to=ebiggers@kernel.org \
    --cc=ard.biesheuvel@linaro.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=leitao@debian.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=nayna@linux.ibm.com \
    --cc=pfsmorigo@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

LinuxPPC-Dev Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linuxppc-dev/0 linuxppc-dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linuxppc-dev linuxppc-dev/ https://lore.kernel.org/linuxppc-dev \
		linuxppc-dev@lists.ozlabs.org linuxppc-dev@ozlabs.org
	public-inbox-index linuxppc-dev

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.ozlabs.lists.linuxppc-dev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git