From 7dd607e82d823e40675b0b87f035ff04dcb0b5c0 Mon Sep 17 00:00:00 2001 From: Jiri Kosina Date: Wed, 27 Jan 2010 01:00:10 +0100 Subject: crypto: fix typo in Kconfig help text MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reported-by: Toralf Förster Signed-off-by: Jiri Kosina --- crypto/Kconfig | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'crypto') diff --git a/crypto/Kconfig b/crypto/Kconfig index 81c185a6971f..755ab90294da 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -816,8 +816,8 @@ config CRYPTO_ANSI_CPRNG help This option enables the generic pseudo random number generator for cryptographic modules. Uses the Algorithm specified in - ANSI X9.31 A.2.4. Not this option must be enabled if CRYPTO_FIPS - is selected + ANSI X9.31 A.2.4. Note that this option must be enabled if + CRYPTO_FIPS is selected source "drivers/crypto/Kconfig" -- cgit v1.2.3 From eebb111f5f4aa7b91ffc046b84b24c1b75e391d1 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Tue, 2 Mar 2010 21:58:16 +0800 Subject: crypto: md5 - Set statesize As md5 now has export/import functions, it must set the attribute statesize. Otherwise anything that relies on import/export may fail as they will see a zero statesize. Signed-off-by: Herbert Xu --- crypto/md5.c | 1 + 1 file changed, 1 insertion(+) (limited to 'crypto') diff --git a/crypto/md5.c b/crypto/md5.c index 9fda213a592e..30efc7dad891 100644 --- a/crypto/md5.c +++ b/crypto/md5.c @@ -234,6 +234,7 @@ static struct shash_alg alg = { .export = md5_export, .import = md5_import, .descsize = sizeof(struct md5_state), + .statesize = sizeof(struct md5_state), .base = { .cra_name = "md5", .cra_flags = CRYPTO_ALG_TYPE_SHASH, -- cgit v1.2.3 From 77ba115c478d442024964b217f9f12192018cc77 Mon Sep 17 00:00:00 2001 From: Steffen Klassert Date: Tue, 2 Mar 2010 21:59:54 +0800 Subject: crypto: authenc - Use correct ahash complete functions We accidentally assigned the ahash update complete function to the wrong function pointer in crypto_authenc_verify. This patch fixes this. Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu --- crypto/authenc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'crypto') diff --git a/crypto/authenc.c b/crypto/authenc.c index 18870906ea06..6287cfd4d7a0 100644 --- a/crypto/authenc.c +++ b/crypto/authenc.c @@ -454,7 +454,7 @@ static int crypto_authenc_verify(struct aead_request *req, unsigned int authsize; areq_ctx->complete = authenc_verify_ahash_done; - areq_ctx->complete = authenc_verify_ahash_update_done; + areq_ctx->update_complete = authenc_verify_ahash_update_done; ohash = authenc_ahash_fn(req, CRYPTO_TFM_REQ_MAY_SLEEP); if (IS_ERR(ohash)) -- cgit v1.2.3 From cbb9bf65ae25dee772e85589136e7dd1c3e743ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Szilveszter=20=C3=96rd=C3=B6g?= Date: Wed, 3 Mar 2010 08:03:23 +0800 Subject: crypto: hash - Fix handling of unaligned buffers MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The correct way to calculate the start of the aligned part of an unaligned buffer is: offset = ALIGN(offset, alignmask + 1); However, crypto_hash_walk_done() has: offset += alignmask - 1; offset = ALIGN(offset, alignmask + 1); which actually skips a whole block unless offset % (alignmask + 1) == 1. This patch fixes the problem. Signed-off-by: Szilveszter Ördög Signed-off-by: Herbert Xu --- crypto/ahash.c | 1 - 1 file changed, 1 deletion(-) (limited to 'crypto') diff --git a/crypto/ahash.c b/crypto/ahash.c index 33a4ff45f842..b8c59b889c6e 100644 --- a/crypto/ahash.c +++ b/crypto/ahash.c @@ -78,7 +78,6 @@ int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err) walk->data -= walk->offset; if (nbytes && walk->offset & alignmask && !err) { - walk->offset += alignmask - 1; walk->offset = ALIGN(walk->offset, alignmask + 1); walk->data += walk->offset; -- cgit v1.2.3 From 50beceba7fdf5f10a04d8a053e62d40b742099ad Mon Sep 17 00:00:00 2001 From: Steffen Klassert Date: Wed, 3 Mar 2010 22:41:08 +0800 Subject: crypto: authenc - Move saved IV in front of the ablkcipher request In crypto_authenc_encrypt() we save the IV behind the ablkcipher request. To save space on the request, we overwrite the ablkcipher request with a ahash request after encryption. So the IV may be overwritten by the ahash request. This patch fixes this by placing the IV in front of the ablkcipher/ahash request. Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu --- crypto/authenc.c | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) (limited to 'crypto') diff --git a/crypto/authenc.c b/crypto/authenc.c index 6287cfd4d7a0..2bb7348d8d55 100644 --- a/crypto/authenc.c +++ b/crypto/authenc.c @@ -386,11 +386,13 @@ static int crypto_authenc_encrypt(struct aead_request *req) { struct crypto_aead *authenc = crypto_aead_reqtfm(req); struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); - struct ablkcipher_request *abreq = aead_request_ctx(req); + struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); struct crypto_ablkcipher *enc = ctx->enc; struct scatterlist *dst = req->dst; unsigned int cryptlen = req->cryptlen; - u8 *iv = (u8 *)(abreq + 1) + crypto_ablkcipher_reqsize(enc); + struct ablkcipher_request *abreq = (void *)(areq_ctx->tail + + ctx->reqoff); + u8 *iv = (u8 *)abreq - crypto_ablkcipher_ivsize(enc); int err; ablkcipher_request_set_tfm(abreq, enc); @@ -546,10 +548,6 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm) if (IS_ERR(auth)) return PTR_ERR(auth); - ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) + - crypto_ahash_alignmask(auth), - crypto_ahash_alignmask(auth) + 1); - enc = crypto_spawn_skcipher(&ictx->enc); err = PTR_ERR(enc); if (IS_ERR(enc)) @@ -558,13 +556,18 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm) ctx->auth = auth; ctx->enc = enc; - tfm->crt_aead.reqsize = max_t(unsigned int, - crypto_ahash_reqsize(auth) + ctx->reqoff + - sizeof(struct authenc_request_ctx) + + ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) + + crypto_ahash_alignmask(auth), + crypto_ahash_alignmask(auth) + 1) + + crypto_ablkcipher_ivsize(enc); + + tfm->crt_aead.reqsize = sizeof(struct authenc_request_ctx) + + ctx->reqoff + + max_t(unsigned int, + crypto_ahash_reqsize(auth) + sizeof(struct ahash_request), sizeof(struct skcipher_givcrypt_request) + - crypto_ablkcipher_reqsize(enc) + - crypto_ablkcipher_ivsize(enc)); + crypto_ablkcipher_reqsize(enc)); return 0; -- cgit v1.2.3 From 5a0e3ad6af8660be21ca98a971cd00f331318c05 Mon Sep 17 00:00:00 2001 From: Tejun Heo Date: Wed, 24 Mar 2010 17:04:11 +0900 Subject: include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h percpu.h is included by sched.h and module.h and thus ends up being included when building most .c files. percpu.h includes slab.h which in turn includes gfp.h making everything defined by the two files universally available and complicating inclusion dependencies. percpu.h -> slab.h dependency is about to be removed. Prepare for this change by updating users of gfp and slab facilities include those headers directly instead of assuming availability. As this conversion needs to touch large number of source files, the following script is used as the basis of conversion. http://userweb.kernel.org/~tj/misc/slabh-sweep.py The script does the followings. * Scan files for gfp and slab usages and update includes such that only the necessary includes are there. ie. if only gfp is used, gfp.h, if slab is used, slab.h. * When the script inserts a new include, it looks at the include blocks and try to put the new include such that its order conforms to its surrounding. It's put in the include block which contains core kernel includes, in the same order that the rest are ordered - alphabetical, Christmas tree, rev-Xmas-tree or at the end if there doesn't seem to be any matching order. * If the script can't find a place to put a new include (mostly because the file doesn't have fitting include block), it prints out an error message indicating which .h file needs to be added to the file. The conversion was done in the following steps. 1. The initial automatic conversion of all .c files updated slightly over 4000 files, deleting around 700 includes and adding ~480 gfp.h and ~3000 slab.h inclusions. The script emitted errors for ~400 files. 2. Each error was manually checked. Some didn't need the inclusion, some needed manual addition while adding it to implementation .h or embedding .c file was more appropriate for others. This step added inclusions to around 150 files. 3. The script was run again and the output was compared to the edits from #2 to make sure no file was left behind. 4. Several build tests were done and a couple of problems were fixed. e.g. lib/decompress_*.c used malloc/free() wrappers around slab APIs requiring slab.h to be added manually. 5. The script was run on all .h files but without automatically editing them as sprinkling gfp.h and slab.h inclusions around .h files could easily lead to inclusion dependency hell. Most gfp.h inclusion directives were ignored as stuff from gfp.h was usually wildly available and often used in preprocessor macros. Each slab.h inclusion directive was examined and added manually as necessary. 6. percpu.h was updated not to include slab.h. 7. Build test were done on the following configurations and failures were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my distributed build env didn't work with gcov compiles) and a few more options had to be turned off depending on archs to make things build (like ipr on powerpc/64 which failed due to missing writeq). * x86 and x86_64 UP and SMP allmodconfig and a custom test config. * powerpc and powerpc64 SMP allmodconfig * sparc and sparc64 SMP allmodconfig * ia64 SMP allmodconfig * s390 SMP allmodconfig * alpha SMP allmodconfig * um on x86_64 SMP allmodconfig 8. percpu.h modifications were reverted so that it could be applied as a separate patch and serve as bisection point. Given the fact that I had only a couple of failures from tests on step 6, I'm fairly confident about the coverage of this conversion patch. If there is a breakage, it's likely to be something in one of the arch headers which should be easily discoverable easily on most builds of the specific arch. Signed-off-by: Tejun Heo Guess-its-ok-by: Christoph Lameter Cc: Ingo Molnar Cc: Lee Schermerhorn --- crypto/algapi.c | 1 + crypto/algboss.c | 1 + crypto/async_tx/async_pq.c | 1 + crypto/async_tx/raid6test.c | 1 + crypto/hmac.c | 1 - crypto/rng.c | 1 + crypto/seqiv.c | 1 + crypto/tcrypt.c | 2 +- crypto/xor.c | 1 + 9 files changed, 8 insertions(+), 2 deletions(-) (limited to 'crypto') diff --git a/crypto/algapi.c b/crypto/algapi.c index 3e4524e6139b..76fae27ed01c 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include "internal.h" diff --git a/crypto/algboss.c b/crypto/algboss.c index 412241ce4cfa..c3c196b5823a 100644 --- a/crypto/algboss.c +++ b/crypto/algboss.c @@ -19,6 +19,7 @@ #include #include #include +#include #include #include "internal.h" diff --git a/crypto/async_tx/async_pq.c b/crypto/async_tx/async_pq.c index ec87f53d5059..fdd8257d35d9 100644 --- a/crypto/async_tx/async_pq.c +++ b/crypto/async_tx/async_pq.c @@ -24,6 +24,7 @@ #include #include #include +#include /** * pq_scribble_page - space to hold throwaway P or Q buffer for diff --git a/crypto/async_tx/raid6test.c b/crypto/async_tx/raid6test.c index f84f6b4301d9..c1321935ebcc 100644 --- a/crypto/async_tx/raid6test.c +++ b/crypto/async_tx/raid6test.c @@ -20,6 +20,7 @@ * */ #include +#include #include #undef pr diff --git a/crypto/hmac.c b/crypto/hmac.c index 15c2eb534541..8d9544cf8169 100644 --- a/crypto/hmac.c +++ b/crypto/hmac.c @@ -23,7 +23,6 @@ #include #include #include -#include #include struct hmac_ctx { diff --git a/crypto/rng.c b/crypto/rng.c index ba05e7380e76..f93cb5311182 100644 --- a/crypto/rng.c +++ b/crypto/rng.c @@ -19,6 +19,7 @@ #include #include #include +#include #include static DEFINE_MUTEX(crypto_default_rng_lock); diff --git a/crypto/seqiv.c b/crypto/seqiv.c index 5a013a8bf87a..4c4491229417 100644 --- a/crypto/seqiv.c +++ b/crypto/seqiv.c @@ -20,6 +20,7 @@ #include #include #include +#include #include #include diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index aa3f84ccc786..a35159947a26 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c @@ -18,8 +18,8 @@ #include #include #include +#include #include -#include #include #include #include diff --git a/crypto/xor.c b/crypto/xor.c index fc5b836f3430..b75182d8ab14 100644 --- a/crypto/xor.c +++ b/crypto/xor.c @@ -18,6 +18,7 @@ #define BH_TRACE 0 #include +#include #include #include #include -- cgit v1.2.3 From 180ce7e81030e1ef763d58f97f9ab840ff57d848 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Mon, 26 Apr 2010 09:14:05 +0800 Subject: crypto: authenc - Add EINPROGRESS check When Steffen originally wrote the authenc async hash patch, he correctly had EINPROGRESS checks in place so that we did not invoke the original completion handler with it. Unfortuantely I told him to remove it before the patch was applied. As only MAY_BACKLOG request completion handlers are required to handle EINPROGRESS completions, those checks are really needed. This patch restores them. Reported-by: Sebastian Andrzej Siewior Signed-off-by: Herbert Xu --- crypto/authenc.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'crypto') diff --git a/crypto/authenc.c b/crypto/authenc.c index 2bb7348d8d55..05eb32e0d949 100644 --- a/crypto/authenc.c +++ b/crypto/authenc.c @@ -46,6 +46,12 @@ struct authenc_request_ctx { char tail[]; }; +static void authenc_request_complete(struct aead_request *req, int err) +{ + if (err != -EINPROGRESS) + aead_request_complete(req, err); +} + static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key, unsigned int keylen) { @@ -142,7 +148,7 @@ static void authenc_geniv_ahash_update_done(struct crypto_async_request *areq, crypto_aead_authsize(authenc), 1); out: - aead_request_complete(req, err); + authenc_request_complete(req, err); } static void authenc_geniv_ahash_done(struct crypto_async_request *areq, int err) @@ -208,7 +214,7 @@ static void authenc_verify_ahash_update_done(struct crypto_async_request *areq, err = crypto_ablkcipher_decrypt(abreq); out: - aead_request_complete(req, err); + authenc_request_complete(req, err); } static void authenc_verify_ahash_done(struct crypto_async_request *areq, @@ -245,7 +251,7 @@ static void authenc_verify_ahash_done(struct crypto_async_request *areq, err = crypto_ablkcipher_decrypt(abreq); out: - aead_request_complete(req, err); + authenc_request_complete(req, err); } static u8 *crypto_authenc_ahash_fb(struct aead_request *req, unsigned int flags) @@ -379,7 +385,7 @@ static void crypto_authenc_encrypt_done(struct crypto_async_request *req, err = crypto_authenc_genicv(areq, iv, 0); } - aead_request_complete(areq, err); + authenc_request_complete(areq, err); } static int crypto_authenc_encrypt(struct aead_request *req) @@ -420,7 +426,7 @@ static void crypto_authenc_givencrypt_done(struct crypto_async_request *req, err = crypto_authenc_genicv(areq, greq->giv, 0); } - aead_request_complete(areq, err); + authenc_request_complete(areq, err); } static int crypto_authenc_givencrypt(struct aead_givcrypt_request *req) -- cgit v1.2.3