linux/crypto/seqiv.c, branch v5.0Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/
https://git.shady.money/linux/atom?h=v5.02018-09-28T04:46:08Zcrypto: null - Remove VLA usage of skcipher2018-09-28T04:46:08ZKees Cookkeescook@chromium.org2018-09-19T02:10:51Zurn:sha1:8d605398425843c7ce3c0e9a0434d832d3bd54cc
In the quest to remove all stack VLA usage from the kernel[1], this
replaces struct crypto_skcipher and SKCIPHER_REQUEST_ON_STACK() usage
with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(),
which uses a fixed stack size.
[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Remove unused alg/spawn variable2017-12-22T08:52:45ZCorentin Labbeclabbe@baylibre.com2017-12-12T19:30:14Zurn:sha1:d94c3d65df24833f2745618bd797d3e2612d6418
This patch remove two unused variable and some dead "code" using it.
Fixes: 92932d03c2b3 ("crypto: seqiv - Remove AEAD compatibility code")
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic2017-02-11T09:52:28ZArd Biesheuvelard.biesheuvel@linaro.org2017-02-05T10:06:12Zurn:sha1:db91af0fbe20474cec33263e28d15f5e6b45ebc9
Instead of unconditionally forcing 4 byte alignment for all generic
chaining modes that rely on crypto_xor() or crypto_inc() (which may
result in unnecessary copying of data when the underlying hardware
can perform unaligned accesses efficiently), make those functions
deal with unaligned input explicitly, but only if the Kconfig symbol
HAVE_EFFICIENT_UNALIGNED_ACCESS is set. This will allow us to drop
the alignmasks from the CBC, CMAC, CTR, CTS, PCBC and SEQIV drivers.
For crypto_inc(), this simply involves making the 4-byte stride
conditional on HAVE_EFFICIENT_UNALIGNED_ACCESS being set, given that
it typically operates on 16 byte buffers.
For crypto_xor(), an algorithm is implemented that simply runs through
the input using the largest strides possible if unaligned accesses are
allowed. If they are not, an optimal sequence of memory accesses is
emitted that takes the relative alignment of the input buffers into
account, e.g., if the relative misalignment of dst and src is 4 bytes,
the entire xor operation will be completed using 4 byte loads and stores
(modulo unaligned bits at the start and end). Note that all expressions
involving misalign are simply eliminated by the compiler when
HAVE_EFFICIENT_UNALIGNED_ACCESS is defined.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: skcipher - Remove top-level givcipher interface2016-07-18T09:35:46ZHerbert Xuherbert@gondor.apana.org.au2016-07-12T05:17:50Zurn:sha1:3a01d0ee2b991c8c267620e63a4ab47cd8c30cc4
This patch removes the old crypto_grab_skcipher helper and replaces
it with crypto_grab_skcipher2.
As this is the final entry point into givcipher this patch also
removes all traces of the top-level givcipher interface, including
all implicit IV generators such as chainiv.
The bottom-level givcipher interface remains until the drivers
using it are converted.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Use skcipher2016-07-18T09:35:43ZHerbert Xuherbert@gondor.apana.org.au2016-07-12T05:17:45Zurn:sha1:ef22871f20e6da987e32719a4ba5e3a9b7d81ae8
This patch replaces use of the obsolete blkcipher with skcipher.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Use generic geniv init/exit helpers2015-08-17T08:53:46ZHerbert Xuherbert@gondor.apana.org.au2015-08-13T09:28:59Zurn:sha1:659e7f528317d5a97e5100abcaf6e00552c23417
This patch replaces the seqiv init/exit handlers with the generic
geniv helpers.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Remove AEAD compatibility code2015-08-17T08:53:43ZHerbert Xuherbert@gondor.apana.org.au2015-08-13T09:28:54Zurn:sha1:92932d03c2b3613f40ce49ff42088e814e403afc
Now that we no longer have any legacy AEAD implementations the
compatibility code path can no longer be triggered. This patch
removes it.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Remove seqniv2015-08-17T08:53:42ZHerbert Xuherbert@gondor.apana.org.au2015-08-13T09:28:53Zurn:sha1:8a2cd1c4a7aa0b4a24eafd6914756be6fbe7f361
Now that IPsec no longer uses seqniv we can remove it.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Replace seqniv with seqiv2015-07-14T06:56:46ZHerbert Xuherbert@gondor.apana.org.au2015-07-08T23:17:22Zurn:sha1:5964f26c9f6003e9badedb768a0735eaf034ac56
This patch replaces the seqniv generator with seqiv when the
underlying algorithm understands the new calling convention.
This not only makes more sense as now seqiv is solely responsible
for IV generation rather than also determining how the IV is going
to be used, it also allows for optimisations in the underlying
implementation. For example, the space for the IV could be used
to add padding for authentication.
This patch also removes the unnecessary copying of IV to dst
during seqiv decryption as the IV is part of the AD and not cipher
text.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Add compatibility support without RNG2015-06-22T07:49:28ZHerbert Xuherbert@gondor.apana.org.au2015-06-21T11:11:49Zurn:sha1:eeee12aa34d840c6c99051f0ff85a9ffa1badd07
When seqiv is used in compatibility mode, this patch allows it
to function even when an RNG Is not available. It also changes
the RNG allocation for the new explicit seqiv interface so that
we only hold a reference to the RNG during initialisation.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>