summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* [CRYPTO] api: Added crypto_type supportHerbert Xu2006-09-214-10/+38
| | | | | | | | | | | This patch adds the crypto_type structure which will be used for all new crypto algorithm types, beginning with block ciphers. The primary purpose of this abstraction is to allow different crypto_type objects for crypto algorithms of the same type, in particular, there will be a different crypto_type objects for asynchronous algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Feed flag directly to crypto_yieldHerbert Xu2006-09-213-4/+4
| | | | | | | | | The sleeping flag used to determine whether crypto_yield can actually yield is really a per-operation flag rather than a per-tfm flag. This patch changes crypto_yield to take a flag directly so that we can start using a per-operation flag instead the tfm flag. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Added crypto_alloc_baseHerbert Xu2006-09-212-11/+63
| | | | | | | | | | | | | | | | | | | | | | | | Up until now all crypto transforms have been of the same type, struct crypto_tfm, regardless of whether they are ciphers, digests, or other types. As a result of that, we check the types at run-time before each crypto operation. This is rather cumbersome. We could instead use different C types for each crypto type to ensure that the correct types are used at compile time. That is, we would have crypto_cipher/crypto_digest instead of just crypto_tfm. The appropriate type would then be required for the actual operations such as crypto_digest_digest. Now that we have the type/mask fields when looking up algorithms, it is easy to request for an algorithm of the precise type that the user wants. However, crypto_alloc_tfm currently does not expose these new attributes. This patch introduces the function crypto_alloc_base which will carry these new parameters. It will be renamed to crypto_alloc_tfm once all existing users have been converted. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] s390: Added missing driver name and priorityHerbert Xu2006-09-215-0/+14
| | | | | | | | Accelerated versions of crypto algorithms must carry a distinct driver name and priority in order to distinguish themselves from their generic counter- part. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Added asynchronous flagHerbert Xu2006-09-212-2/+4
| | | | | | | This patch adds the asynchronous flag and changes all existing users to only look up algorithms that are synchronous. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Add common instance initialisation codeHerbert Xu2006-09-212-0/+58
| | | | | | | | This patch adds the helpers crypto_get_attr_alg and crypto_alloc_instance which can be used by simple one-argument templates like hmac to process input parameters and allocate instances. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] cipher: Removed special IV checks for ECBHerbert Xu2006-09-212-2/+2
| | | | | | | | This patch makes IV operations on ECB fail through nocrypt_iv rather than calling BUG(). This is needed to generalise CBC/ECB using the template mechanism. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] tcrypt: Use test_hash for crc32cHerbert Xu2006-09-212-105/+180
| | | | | | | | Now that crc32c has been fixed to conform with standard digest semantics, we can use test_hash for it. I've turned the last test into a chunky test. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] digest: Store temporary digest in tfmHerbert Xu2006-09-212-7/+18
| | | | | | | | | When the final result location is unaligned, we store the digest in a temporary buffer before copying it to the final location. Currently that buffer sits on the stack. This patch moves it to an area in the tfm, just like the CBC IV buffer. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Get rid of flags argument to setkeyHerbert Xu2006-09-2124-92/+63
| | | | | | | | | | | | | | | Now that the tfm is passed directly to setkey instead of the ctx, we no longer need to pass the &tfm->crt_flags pointer. This patch also gets rid of a few unnecessary checks on the key length for ciphers as the cipher layer guarantees that the key length is within the bounds specified by the algorithm. Rather than testing dia_setkey every time, this patch does it only once during crypto_alloc_tfm. The redundant check from crypto_digest_setkey is also removed. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] crc32c: Fix unconventional setkey usageHerbert Xu2006-09-212-10/+19
| | | | | | | | | | | The convention for setkey is that once it is set it should not change, in particular, init must not wipe out the key set by it. In fact, init should always be used after setkey before any digestion is performed. The only user of crc32c that sets the key is tcrypt. This patch adds the necessary init calls there. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] padlock-sha: TFMs don't need to be staticMichal Ludvig2006-09-211-9/+9
| | | | | | | | TFMs are local variables. No need to declare them static. After all one is enough. Signed-off-by: Michal Ludvig <michal@logix.cz> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] padlock: Helper module padlock.koMichal Ludvig2006-09-214-7/+72
| | | | | | | | | | | | Compile a helper module padlock.ko that will try to autoload all configured padlock algorithms. This also provides backward compatibility with the ancient times before padlock.ko was renamed to padlock-aes.ko Signed-off-by: Michal Ludvig <michal@logix.cz> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] padlock-sha: Make 2 functions staticAdrian Bunk2006-09-211-2/+2
| | | | | | | This patch makes two needlessly global functions static. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] padlock: Driver for SHA1 / SHA256 algorithmsMichal Ludvig2006-09-213-0/+354
| | | | | | | Support for SHA1 / SHA256 algorithms in VIA C7 processors. Signed-off-by: Michal Ludvig <michal@logix.cz> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] padlock: Update private header fileMichal Ludvig2006-09-212-12/+14
| | | | | | | | | | | PADLOCK_CRA_PRIORITY is shared between padlock-aes and padlock-sha so it should be in the header. On the other hand "struct cword" is only used in padlock-aes.c so it's unnecessary to have it in padlock.h Signed-off-by: Michal Ludvig <michal@logix.cz> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] padlock: Add compatibility alias after renameHerbert Xu2006-09-212-5/+3
| | | | | | | | | | Whenever we rename modules we should add an alias to ensure that existing users can still locate the new module. This patch also gets rid of the now unused module function prototypes from padlock.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] padlock: Get rid of padlock-generic.cMichal Ludvig2006-09-214-79/+42
| | | | | | | | | | Merge padlock-generic.c into padlock-aes.c and compile AES as a standalone module. We won't make a monolithic padlock.ko with all supported algorithms, instead we'll compile each driver into its own module. Signed-off-by: Michal Ludvig <michal@logix.cz> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Add missing accessors for new crypto_alg fieldsMichal Ludvig2006-09-211-0/+10
| | | | | | | Add missing accessors for cra_driver_name and cra_priority. Signed-off-by: Michal Ludvig <michal@logix.cz> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] sha: Add module aliases for sha1 / sha256Michal Ludvig2006-09-212-0/+6
| | | | | | | | | | Crypto modules should be loadable by their .cra_driver_name, so we should make MODULE_ALIAS()es with these names. This patch adds aliases for SHA1 and SHA256 only as that's what we need for PadLock-SHA driver. Signed-off-by: Michal Ludvig <michal@logix.cz> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Added spawnsHerbert Xu2006-09-216-53/+280
| | | | | | | | | | Spawns lock a specific crypto algorithm in place. They can then be used with crypto_spawn_tfm to allocate a tfm for that algorithm. When the base algorithm of a spawn is deregistered, all its spawns will be automatically removed. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [CRYPTO] api: Allow algorithm lookup by typeHerbert Xu2006-09-214-18/+40
| | | | | | | | | | | This patch also adds the infrastructure to pick an algorithm based on their type. For example, this allows you to select the encryption algorithm "aes", instead of any algorithm registered under the name "aes". For now this is only accessible internally. Eventually it will be made available through crypto_alloc_tfm. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [CRYPTO] api: Add cryptomgrHerbert Xu2006-09-215-1/+173
| | | | | | | | | | | | | | The cryptomgr module is a simple manager of crypto algorithm instances. It ensures that parameterised algorithms of the type tmpl(alg) (e.g., cbc(aes)) are always created. This is meant to satisfy the needs for most users. For more complex cases such as deeper combinations or multiple parameters, a netlink module will be created which allows arbitrary expressions to be parsed in user-space. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [CRYPTO] api: Added event notificationHerbert Xu2006-09-214-14/+199
| | | | | | | | | This patch adds a notifier chain for algorithm/template registration events. This will be used to register compound algorithms such as cbc(aes). In future this will also be passed onto user-space through netlink. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [CRYPTO] api: Add template registrationHerbert Xu2006-09-213-22/+182
| | | | | | | | | A crypto_template generates a crypto_alg object when given a set of parameters. this patch adds the basic data structure fo templates and code to handle their registration/deregistration. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [CRYPTO] api: Split out low-level APIHerbert Xu2006-09-218-134/+204
| | | | | | | | | | The crypto API is made up of the part facing users such as IPsec and the low-level part which is used by cryptographic entities such as algorithms. This patch splits out the latter so that the two APIs are more clearly delineated. As a bonus the low-level API can now be modularised if all algorithms are built as modules. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [IPSEC]: Move linux/crypto.h inclusion out of net/xfrm.hHerbert Xu2006-09-215-1/+8
| | | | | | | | | The header file linux/crypto.h is only needed by a few files so including it in net/xfrm.h (which is included by half of the networking stack) is a waste. This patch moves it out of net/xfrm.h and into the specific header files that actually need it. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Add crypto_alg reference countingHerbert Xu2006-09-213-6/+32
| | | | | | | | | | | | | Up until now we've relied on module reference counting to ensure that the crypto_alg structures don't disappear from under us. This was good enough as long as each crypto_alg came from exactly one module. However, with parameterised crypto algorithms a crypto_alg object may need two or more modules to operate. This means that we need to count the references to the crypto_alg object directly. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [CRYPTO] api: Rename crypto_alg_get to crypto_mod_getHerbert Xu2006-09-211-7/+7
| | | | | | | | | | | | | The functions crypto_alg_get and crypto_alg_put operates on the crypto modules rather than the algorithms. Therefore it makes sense to call them crypto_mod_get and crypto_alg_put respectively. This is needed because we need to have real algorithm reference counters for parameterised algorithms as they can be unregistered from below by when their parameter algorithms are themselves unregistered. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [CRYPTO] twofish: x86-64 assembly versionJoachim Fritschi2006-09-214-0/+439
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The patch passed the trycpt tests and automated filesystem tests. This rewrite resulted in some nice perfomance increase over my last patch. Short summary of the tcrypt benchmarks: Twofish Assembler vs. Twofish C (256bit 8kb block CBC) encrypt: -27% Cycles decrypt: -23% Cycles Twofish Assembler vs. AES Assembler (128bit 8kb block CBC) encrypt: +18% Cycles decrypt: +15% Cycles Twofish Assembler vs. AES Assembler (256bit 8kb block CBC) encrypt: -9% Cycles decrypt: -8% Cycles Full Output: http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-twofish-c-x86_64.txt http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-twofish-asm-x86_64.txt http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-aes-asm-x86_64.txt Here is another bonnie++ benchmark with encrypted filesystems. Most runs maxed out the hd. It should give some idea what the module can do for encrypted filesystem performance even though you can't see the full numbers. http://homepages.tu-darmstadt.de/~fritschi/twofish/output_20060610_130806_x86_64.html Signed-off-by: Joachim Fritschi <jfritschi@freenet.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] twofish: i586 assembly versionJoachim Fritschi2006-09-214-0/+450
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The patch passed the trycpt tests and automated filesystem tests. This rewrite resulted in some nice perfomance increase over my last patch. Short summary of the tcrypt benchmarks: Twofish Assembler vs. Twofish C (256bit 8kb block CBC) encrypt: -33% Cycles decrypt: -45% Cycles Twofish Assembler vs. AES Assembler (128bit 8kb block CBC) encrypt: +3% Cycles decrypt: -22% Cycles Twofish Assembler vs. AES Assembler (256bit 8kb block CBC) encrypt: -20% Cycles decrypt: -36% Cycles Full Output: http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-twofish-asm-i586.txt http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-twofish-c-i586.txt http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-aes-asm-i586.txt Here is another bonnie++ benchmark with encrypted filesystems. All runs with the twofish assembler modules max out the drivespeed. It should give some idea what the module can do for encrypted filesystem performance even though you can't see the full numbers. http://homepages.tu-darmstadt.de/~fritschi/twofish/output_20060611_205432_x86.html Signed-off-by: Joachim Fritschi <jfritschi@freenet.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] twofish: Fix the priorityJoachim Fritschi2006-09-211-0/+2
| | | | | | | | This patch adds a proper driver name and priority to the generic c implemtation to allow coexistance of c and assembler modules. Signed-off-by: Joachim Fritschi <jfritschi@freenet.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] twofish: Split out common c codeJoachim Fritschi2006-09-215-697/+777
| | | | | | | | | | | | | | This patch splits up the twofish crypto routine into a common part ( key setup ) which will be uses by all twofish crypto modules ( generic-c , i586 assembler and x86_64 assembler ) and generic-c part. It also creates a new header file which will be used by all 3 modules. This eliminates all code duplication. Correctness was verified with the tcrypt module and automated test scripts. Signed-off-by: Joachim Fritschi <jfritschi@freenet.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Fixed crypto_tfm context alignmentHerbert Xu2006-09-211-2/+23
| | | | | | | | | | | Previously the __aligned__ attribute was added to the crypto_tfm context member to ensure it is alinged correctly on architectures such as arm. Unfortunately kmalloc does not use the same minimum alignment rules as gcc so this is useless. This patch changes it to use kmalloc's minimum alignment. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Linux v2.6.18. Arrr!v2.6.18Linus Torvalds2006-09-191-2/+2
| | | | | | Ahoy, all land-lubbers, test me out right smartly! Signed-off-by: Linus Torvalds <torvalds@osdl.org>
* Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds2006-09-193-4/+8
|\ | | | | | | | | | | | | * master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: [IPV4] fib_trie: missing ntohl() when calling fib_semantic_match() [NETFILTER]: xt_quota: add missing module aliases [ATM]: [he] don't hold the device lock when upcalling
| * [IPV4] fib_trie: missing ntohl() when calling fib_semantic_match()Al Viro2006-09-191-4/+4
| | | | | | | | | | | | | | | | fib_trie.c::check_leaf() passes host-endian where fib_semantic_match() expects (and stores into) net-endian. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER]: xt_quota: add missing module aliasesPatrick McHardy2006-09-191-0/+2
| | | | | | | | | | | | | | | | Add missing aliases for ipt_quota and ip6t_quota to make autoload work. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [ATM]: [he] don't hold the device lock when upcallingChas Williams2006-09-191-0/+2
| | | | | | | | | | | | | | | | | | This can create a deadlock/lock ordering problem with other layers that want to use the transmit (or other) path of the card at that time. Signed-off-by: Chas Williams <chas@cmf.nrl.navy.mil> Signed-off-by: David S. Miller <davem@davemloft.net>
* | Merge branch 'fixes' of git://git.linux-nfs.org/pub/linux/nfs-2.6Linus Torvalds2006-09-193-7/+9
|\ \ | |/ |/| | | | | | | | | * 'fixes' of git://git.linux-nfs.org/pub/linux/nfs-2.6: NFS: Fix nfs_page use after free issues in fs/nfs/write.c NFSv4: Fix incorrect semaphore release in _nfs4_do_open() NFS: Fix Oopsable condition in nfs_readpage_sync()
| * NFS: Fix nfs_page use after free issues in fs/nfs/write.cTrond Myklebust2006-09-191-2/+2
| | | | | | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| * NFSv4: Fix incorrect semaphore release in _nfs4_do_open()Trond Myklebust2006-09-191-3/+3
| | | | | | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| * NFS: Fix Oopsable condition in nfs_readpage_sync()Trond Myklebust2006-09-191-2/+4
| | | | | | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | Revert mmiocfg heuristics and blacklist changesLinus Torvalds2006-09-197-57/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commits 11012d419cfc0e0f78ca356aca03674217910124 and 40dd2d20f220eda1cd0da8ea3f0f9db8971ba237, which allowed us to use the MMIO accesses for PCI config cycles even without the area being marked reserved in the e820 memory tables. Those changes were needed for EFI-environment Intel macs, but broke some newer Intel 965 boards, so for now it's better to revert to our old 2.6.17 behaviour and at least avoid introducing any new breakage. Andi Kleen has a set of patches that work with both EFI and the broken Intel 965 boards, which will be applied once they get wider testing. Cc: Arjan van de Ven <arjan@infradead.org> Cc: Edgar Hucek <hostmaster@ed-soft.at> Cc: Andi Kleen <ak@suse.de> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
* | Merge git://git.infradead.org/mtd-2.6Linus Torvalds2006-09-1915-103/+271
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.infradead.org/mtd-2.6: [MTD] Use SEEK_{SET,CUR,END} instead of hardcoded values in mtdchar lseek() MTD: Fix bug in fixup_convert_atmel_pri [JFFS2][SUMMARY] Fix a summary collecting bug. [PATCH] [MTD] DEVICES: Fill more device IDs in the structure of m25p80 MTD: Add lock/unlock operations for Atmel AT49BV6416 MTD: Convert Atmel PRI information to AMD format fs/jffs2/xattr.c: remove dead code [PATCH] [MTD] Maps: Add dependency on alternate probe methods to physmap [PATCH] MTD: Add Macronix MX29F040 to JEDEC [MTD] Fixes of performance and stability issues in CFI driver. block2mtd.c: Make kernel boot command line arguments work (try 4) [MTD NAND] Fix lookup error in nand_get_flash_type() remove #error on !PCI from pmc551.c MTD: [NAND] Fix the sharpsl driver after breakage from a core conversion [MTD] NAND: OOB buffer offset fixups make fs/jffs2/nodelist.c:jffs2_obsolete_node_frag() static [PATCH] [MTD] NAND: fix dead URL in Kconfig
| * | [MTD] Use SEEK_{SET,CUR,END} instead of hardcoded values in mtdchar lseek()Josef 'Jeff' Sipek2006-09-171-6/+3
| | | | | | | | | | | | | | | Signed-off-by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | MTD: Fix bug in fixup_convert_atmel_priHåvard Skinnemoen2006-09-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The memset() in fixup_convert_atmel_pri is supposed to zero out everything except the first 5 bytes in *extp, but it ends up zeroing out something way outside the struct instead. Fix this potentially dangerous code by casting the pointer to char * before doing arithmetic. Signed-off-by: Håvard Skinnemoen <hskinnemoen@atmel.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | [JFFS2][SUMMARY] Fix a summary collecting bug.Havasi Ferenc2006-09-161-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In some special case (padding because of sync or umount) it can be possible that summary information is not fit to the end of the erase block. In these cases the collecting of summary is disabled for this erase block. The problem was that this was not respected by jffs2_sum_add_kvec(). This patch fix this bug. From: Zoltan Sogor <weth@inf.u-szeged.hu> Signed-off-by: Ferenc Havasi <havasi@inf.u-szeged.hu> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | [PATCH] [MTD] DEVICES: Fill more device IDs in the structure of m25p80Aubrey Lee2006-09-051-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | The flash_info structure has a bunch of missing fields which causes problems when actually tryin to use some ST parts as it gets detected incorrectly. Signed-off-by: Aubrey L1 <aubreylee@gmail.com> Signed-off-by: Josh Boyer <jwboyer@gmail.com>
| * | Merge branch 'master' of ↵David Woodhouse2006-08-302138-23373/+52985
| |\ \ | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6