From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: Eric Biggers <ebiggers@kernel.org>
Cc: "Herbert Xu" <herbert@gondor.apana.org.au>,
"Nayna Jain" <nayna@linux.ibm.com>,
"Paulo Flabiano Smorigo" <pfsmorigo@gmail.com>,
"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@vger.kernel.org>,
"Breno Leitão" <leitao@debian.org>,
linuxppc-dev <linuxppc-dev@lists.ozlabs.org>
Subject: Re: [PATCH 3/4] crypto: nx - convert AES-CBC to skcipher API
Date: Mon, 14 Oct 2019 14:39:12 +0200 [thread overview]
Message-ID: <CAKv+Gu-VQrZPS6+Eo27cpXg9LS2d9MSeBYdd81xkLmF9Lt-s0w@mail.gmail.com> (raw)
In-Reply-To: <20191013043918.337113-4-ebiggers@kernel.org>
On Sun, 13 Oct 2019 at 06:40, Eric Biggers <ebiggers@kernel.org> wrote:
>
> From: Eric Biggers <ebiggers@google.com>
>
> Convert the PowerPC Nest (NX) implementation of AES-CBC from the
> deprecated "blkcipher" API to the "skcipher" API. This is needed in
> order for the blkcipher API to be removed.
>
> Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> drivers/crypto/nx/nx-aes-cbc.c | 78 ++++++++++++++--------------------
> drivers/crypto/nx/nx.c | 11 ++---
> drivers/crypto/nx/nx.h | 4 +-
> 3 files changed, 41 insertions(+), 52 deletions(-)
>
> diff --git a/drivers/crypto/nx/nx-aes-cbc.c b/drivers/crypto/nx/nx-aes-cbc.c
> index 482a203a9260..92e921eceed7 100644
> --- a/drivers/crypto/nx/nx-aes-cbc.c
> +++ b/drivers/crypto/nx/nx-aes-cbc.c
> @@ -18,11 +18,11 @@
> #include "nx.h"
>
>
> -static int cbc_aes_nx_set_key(struct crypto_tfm *tfm,
> - const u8 *in_key,
> - unsigned int key_len)
> +static int cbc_aes_nx_set_key(struct crypto_skcipher *tfm,
> + const u8 *in_key,
> + unsigned int key_len)
> {
> - struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(tfm);
> + struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
> struct nx_csbcpb *csbcpb = nx_ctx->csbcpb;
>
> nx_ctx_init(nx_ctx, HCOP_FC_AES);
> @@ -50,13 +50,11 @@ static int cbc_aes_nx_set_key(struct crypto_tfm *tfm,
> return 0;
> }
>
> -static int cbc_aes_nx_crypt(struct blkcipher_desc *desc,
> - struct scatterlist *dst,
> - struct scatterlist *src,
> - unsigned int nbytes,
> - int enc)
> +static int cbc_aes_nx_crypt(struct skcipher_request *req,
> + int enc)
> {
> - struct nx_crypto_ctx *nx_ctx = crypto_blkcipher_ctx(desc->tfm);
> + struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
> + struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
> struct nx_csbcpb *csbcpb = nx_ctx->csbcpb;
> unsigned long irq_flags;
> unsigned int processed = 0, to_process;
> @@ -70,9 +68,9 @@ static int cbc_aes_nx_crypt(struct blkcipher_desc *desc,
> NX_CPB_FDM(csbcpb) &= ~NX_FDM_ENDE_ENCRYPT;
>
> do {
> - to_process = nbytes - processed;
> + to_process = req->cryptlen - processed;
>
> - rc = nx_build_sg_lists(nx_ctx, desc->info, dst, src,
> + rc = nx_build_sg_lists(nx_ctx, req->iv, req->dst, req->src,
> &to_process, processed,
> csbcpb->cpb.aes_cbc.iv);
> if (rc)
> @@ -84,56 +82,46 @@ static int cbc_aes_nx_crypt(struct blkcipher_desc *desc,
> }
>
> rc = nx_hcall_sync(nx_ctx, &nx_ctx->op,
> - desc->flags & CRYPTO_TFM_REQ_MAY_SLEEP);
> + req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP);
> if (rc)
> goto out;
>
> - memcpy(desc->info, csbcpb->cpb.aes_cbc.cv, AES_BLOCK_SIZE);
> + memcpy(req->iv, csbcpb->cpb.aes_cbc.cv, AES_BLOCK_SIZE);
> atomic_inc(&(nx_ctx->stats->aes_ops));
> atomic64_add(csbcpb->csb.processed_byte_count,
> &(nx_ctx->stats->aes_bytes));
>
> processed += to_process;
> - } while (processed < nbytes);
> + } while (processed < req->cryptlen);
> out:
> spin_unlock_irqrestore(&nx_ctx->lock, irq_flags);
> return rc;
> }
>
> -static int cbc_aes_nx_encrypt(struct blkcipher_desc *desc,
> - struct scatterlist *dst,
> - struct scatterlist *src,
> - unsigned int nbytes)
> +static int cbc_aes_nx_encrypt(struct skcipher_request *req)
> {
> - return cbc_aes_nx_crypt(desc, dst, src, nbytes, 1);
> + return cbc_aes_nx_crypt(req, 1);
> }
>
> -static int cbc_aes_nx_decrypt(struct blkcipher_desc *desc,
> - struct scatterlist *dst,
> - struct scatterlist *src,
> - unsigned int nbytes)
> +static int cbc_aes_nx_decrypt(struct skcipher_request *req)
> {
> - return cbc_aes_nx_crypt(desc, dst, src, nbytes, 0);
> + return cbc_aes_nx_crypt(req, 0);
> }
>
> -struct crypto_alg nx_cbc_aes_alg = {
> - .cra_name = "cbc(aes)",
> - .cra_driver_name = "cbc-aes-nx",
> - .cra_priority = 300,
> - .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
> - .cra_blocksize = AES_BLOCK_SIZE,
> - .cra_ctxsize = sizeof(struct nx_crypto_ctx),
> - .cra_type = &crypto_blkcipher_type,
> - .cra_alignmask = 0xf,
> - .cra_module = THIS_MODULE,
> - .cra_init = nx_crypto_ctx_aes_cbc_init,
> - .cra_exit = nx_crypto_ctx_exit,
> - .cra_blkcipher = {
> - .min_keysize = AES_MIN_KEY_SIZE,
> - .max_keysize = AES_MAX_KEY_SIZE,
> - .ivsize = AES_BLOCK_SIZE,
> - .setkey = cbc_aes_nx_set_key,
> - .encrypt = cbc_aes_nx_encrypt,
> - .decrypt = cbc_aes_nx_decrypt,
> - }
> +struct skcipher_alg nx_cbc_aes_alg = {
> + .base.cra_name = "cbc(aes)",
> + .base.cra_driver_name = "cbc-aes-nx",
> + .base.cra_priority = 300,
> + .base.cra_blocksize = AES_BLOCK_SIZE,
> + .base.cra_ctxsize = sizeof(struct nx_crypto_ctx),
> + .base.cra_alignmask = 0xf,
> + .base.cra_module = THIS_MODULE,
> + .init = nx_crypto_ctx_aes_cbc_init,
> + .exit = nx_crypto_ctx_skcipher_exit,
> + .min_keysize = AES_MIN_KEY_SIZE,
> + .max_keysize = AES_MAX_KEY_SIZE,
> + .ivsize = AES_BLOCK_SIZE,
> + .setkey = cbc_aes_nx_set_key,
> + .encrypt = cbc_aes_nx_encrypt,
> + .decrypt = cbc_aes_nx_decrypt,
> };
> diff --git a/drivers/crypto/nx/nx.c b/drivers/crypto/nx/nx.c
> index 4b97081e7486..8e5367776ca0 100644
> --- a/drivers/crypto/nx/nx.c
> +++ b/drivers/crypto/nx/nx.c
> @@ -589,7 +589,7 @@ static int nx_register_algs(void)
> if (rc)
> goto out;
>
> - rc = nx_register_alg(&nx_cbc_aes_alg, NX_FC_AES, NX_MODE_AES_CBC);
> + rc = nx_register_skcipher(&nx_cbc_aes_alg, NX_FC_AES, NX_MODE_AES_CBC);
> if (rc)
> goto out_unreg_ecb;
>
> @@ -647,7 +647,7 @@ static int nx_register_algs(void)
> out_unreg_ctr3686:
> nx_unregister_alg(&nx_ctr3686_aes_alg, NX_FC_AES, NX_MODE_AES_CTR);
> out_unreg_cbc:
> - nx_unregister_alg(&nx_cbc_aes_alg, NX_FC_AES, NX_MODE_AES_CBC);
> + nx_unregister_skcipher(&nx_cbc_aes_alg, NX_FC_AES, NX_MODE_AES_CBC);
> out_unreg_ecb:
> nx_unregister_skcipher(&nx_ecb_aes_alg, NX_FC_AES, NX_MODE_AES_ECB);
> out:
> @@ -722,9 +722,9 @@ int nx_crypto_ctx_aes_ctr_init(struct crypto_tfm *tfm)
> NX_MODE_AES_CTR);
> }
>
> -int nx_crypto_ctx_aes_cbc_init(struct crypto_tfm *tfm)
> +int nx_crypto_ctx_aes_cbc_init(struct crypto_skcipher *tfm)
> {
> - return nx_crypto_ctx_init(crypto_tfm_ctx(tfm), NX_FC_AES,
> + return nx_crypto_ctx_init(crypto_skcipher_ctx(tfm), NX_FC_AES,
> NX_MODE_AES_CBC);
> }
>
> @@ -817,7 +817,8 @@ static int nx_remove(struct vio_dev *viodev)
> NX_FC_AES, NX_MODE_AES_GCM);
> nx_unregister_alg(&nx_ctr3686_aes_alg,
> NX_FC_AES, NX_MODE_AES_CTR);
> - nx_unregister_alg(&nx_cbc_aes_alg, NX_FC_AES, NX_MODE_AES_CBC);
> + nx_unregister_skcipher(&nx_cbc_aes_alg, NX_FC_AES,
> + NX_MODE_AES_CBC);
> nx_unregister_skcipher(&nx_ecb_aes_alg, NX_FC_AES,
> NX_MODE_AES_ECB);
> }
> diff --git a/drivers/crypto/nx/nx.h b/drivers/crypto/nx/nx.h
> index 1a839ef21c4f..2e1a3e5e65cb 100644
> --- a/drivers/crypto/nx/nx.h
> +++ b/drivers/crypto/nx/nx.h
> @@ -146,7 +146,7 @@ int nx_crypto_ctx_aes_ccm_init(struct crypto_aead *tfm);
> int nx_crypto_ctx_aes_gcm_init(struct crypto_aead *tfm);
> int nx_crypto_ctx_aes_xcbc_init(struct crypto_tfm *tfm);
> int nx_crypto_ctx_aes_ctr_init(struct crypto_tfm *tfm);
> -int nx_crypto_ctx_aes_cbc_init(struct crypto_tfm *tfm);
> +int nx_crypto_ctx_aes_cbc_init(struct crypto_skcipher *tfm);
> int nx_crypto_ctx_aes_ecb_init(struct crypto_skcipher *tfm);
> int nx_crypto_ctx_sha_init(struct crypto_tfm *tfm);
> void nx_crypto_ctx_exit(struct crypto_tfm *tfm);
> @@ -176,7 +176,7 @@ void nx_debugfs_fini(struct nx_crypto_driver *);
>
> #define NX_PAGE_NUM(x) ((u64)(x) & 0xfffffffffffff000ULL)
>
> -extern struct crypto_alg nx_cbc_aes_alg;
> +extern struct skcipher_alg nx_cbc_aes_alg;
> extern struct skcipher_alg nx_ecb_aes_alg;
> extern struct aead_alg nx_gcm_aes_alg;
> extern struct aead_alg nx_gcm4106_aes_alg;
> --
> 2.23.0
>
next prev parent reply other threads:[~2019-10-14 12:45 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-13 4:39 [PATCH 0/4] crypto: nx - convert to skcipher API Eric Biggers
2019-10-13 4:39 ` [PATCH 1/4] crypto: nx - don't abuse blkcipher_desc to pass iv around Eric Biggers
2019-10-14 12:35 ` Ard Biesheuvel
2019-10-13 4:39 ` [PATCH 2/4] crypto: nx - convert AES-ECB to skcipher API Eric Biggers
2019-10-14 12:38 ` Ard Biesheuvel
2019-10-13 4:39 ` [PATCH 3/4] crypto: nx - convert AES-CBC " Eric Biggers
2019-10-14 12:39 ` Ard Biesheuvel [this message]
2019-10-13 4:39 ` [PATCH 4/4] crypto: nx - convert AES-CTR " Eric Biggers
2019-10-14 12:39 ` Ard Biesheuvel
2019-10-13 6:29 ` [PATCH 0/4] crypto: nx - convert " Ard Biesheuvel
2019-10-13 15:31 ` Ard Biesheuvel
2019-10-13 18:56 ` Eric Biggers
2019-10-13 19:48 ` Ard Biesheuvel
2019-10-18 8:06 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKv+Gu-VQrZPS6+Eo27cpXg9LS2d9MSeBYdd81xkLmF9Lt-s0w@mail.gmail.com \
--to=ard.biesheuvel@linaro.org \
--cc=ebiggers@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=leitao@debian.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=nayna@linux.ibm.com \
--cc=pfsmorigo@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).