Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Commits on Jun 22, 2012
  1. @herbertx

    crypto: algapi - Move larval completion into algboss

    herbertx authored
    It has been observed that sometimes the crypto allocation code
    will get stuck for 60 seconds or multiples thereof.  This is
    usually caused by an algorithm failing to pass the self-test.
    
    If an algorithm fails to be constructed, we will immediately notify
    all larval waiters.  However, if it succeeds in construction, but
    then fails the self-test, we won't notify anyone at all.
    
    This patch fixes this by merging the notification in the case
    where the algorithm fails to be constructed with that of the
    the case where it pases the self-test.  This way regardless of
    what happens, we'll give the larval waiters an answer.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Oct 21, 2011
  1. @herbertx

    crypto: Export crypto_remove_final

    Steffen Klassert authored herbertx committed
    The upcomming crypto usrerspace configuration api needs
    to remove the spawns on top on an algorithm, so export
    crypto_remove_final.
    
    Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. @herbertx

    crypto: Export crypto_remove_spawns

    Steffen Klassert authored herbertx committed
    The upcomming crypto usrerspace configuration api needs
    to remove the spawns on top on an algorithm, so export
    crypto_remove_spawns.
    
    Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Mar 10, 2010
  1. @RichiH @herbertx

    crypto: internal - Fix checkpatch errors

    RichiH authored herbertx committed
    Signed-off-by: Richard Hartmann <richih.mailinglist@gmail.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Jul 14, 2009
  1. @herbertx

    crypto: cryptd - Switch to template create API

    herbertx authored
    This patch changes cryptd to use the template->create function
    instead of alloc in anticipation for the switch to new style
    ahash algorithms.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. @herbertx

    crypto: hash - Remove legacy hash/digest implementaion

    herbertx authored
    This patch removes the implementation of hash and digest now that
    no algorithms use them anymore.  The interface though will remain
    until the users are converted across.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Jul 8, 2009
  1. @herbertx

    crypto: api - Add crypto_attr_alg2 helper

    herbertx authored
    This patch adds the helper crypto_attr_alg2 which is similar to
    crypto_attr_alg but takes an extra frontend argument.  This is
    intended to be used by new style algorithm types such as shash.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Jun 18, 2009
  1. @herbertx

    random: Add optional continuous repetition test to entropy store base…

    Neil Horman authored herbertx committed
    …d rngs
    
    FIPS-140 requires that all random number generators implement continuous self
    tests in which each extracted block of data is compared against the last block
    for repetition.  The ansi_cprng implements such a test, but it would be nice if
    the hw rng's did the same thing.  Obviously its not something thats always
    needed, but it seems like it would be a nice feature to have on occasion. I've
    written the below patch which allows individual entropy stores to be flagged as
    desiring a continuous test to be run on them as is extracted.  By default this
    option is off, but is enabled in the event that fips mode is selected during
    bootup.
    
    Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
    Acked-by: Matt Mackall <mpm@selenic.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Jun 2, 2009
  1. @herbertx

    crypto: testmgr - Dynamically allocate xbuf and axbuf

    herbertx authored
    We currently allocate temporary memory that is used for testing
    statically.  This renders the testing engine non-reentrant. As
    algorithms may nest, i.e., one may construct another in order to
    carry out a part of its operation, this is unacceptable.  For
    example, it has been reported that an AEAD implementation allocates
    a cipher in its setkey function, which causes it to fail during
    testing as the temporary memory is overwritten.
    
    This patch replaces the static memory with dynamically allocated
    buffers.  We need a maximum of 16 pages so this slightly increases
    the chances of an algorithm failing due to memory shortage.
    However, as testing usually occurs at registration, this shouldn't
    be a big problem.
    
    Reported-by: Shasi Pulijala <spulijala@amcc.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Feb 18, 2009
  1. @herbertx

    crypto: api - Fix crypto_alloc_tfm/create_create_tfm return convention

    herbertx authored
    This is based on a report and patch by Geert Uytterhoeven.
    
    The functions crypto_alloc_tfm and create_create_tfm return a
    pointer that needs to be adjusted by the caller when successful
    and otherwise an error value.  This means that the caller has
    to check for the error and only perform the adjustment if the
    pointer returned is valid.
    
    Since all callers want to make the adjustment and we know how
    to adjust it ourselves, it's much easier to just return adjusted
    pointer directly.
    
    The only caveat is that we have to return a void * instead of
    struct crypto_tfm *.  However, this isn't that bad because both
    of these functions are for internal use only (by types code like
    shash.c, not even algorithms code).
    
    This patch also moves crypto_alloc_tfm into crypto/internal.h
    (crypto_create_tfm is already there) to reflect this.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Dec 25, 2008
  1. @herbertx

    crypto: api - Rebirth of crypto_alloc_tfm

    herbertx authored
    This patch reintroduces a completely revamped crypto_alloc_tfm.
    The biggest change is that we now take two crypto_type objects
    when allocating a tfm, a frontend and a backend.  In fact this
    simply formalises what we've been doing behind the API's back.
    
    For example, as it stands crypto_alloc_ahash may use an
    actual ahash algorithm or a crypto_hash algorithm.  Putting
    this in the API allows us to do this much more cleanly.
    
    The existing types will be converted across gradually.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Aug 29, 2008
  1. @herbertx

    crypto: api - Add fips_enable flag

    Neil Horman authored herbertx committed
    Add the ability to turn FIPS-compliant mode on or off at boot
    
    In order to be FIPS compliant, several check may need to be preformed that may
    be construed as unusefull in a non-compliant mode.  This patch allows us to set
    a kernel flag incating that we are running in a fips-compliant mode from boot
    up.  It also exports that mode information to user space via a sysctl
    (/proc/sys/crypto/fips_enabled).
    
    Tested successfully by me.
    
    Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. @herbertx

    crypto: api - Use test infrastructure

    herbertx authored
    This patch makes use of the new testing infrastructure by requiring
    algorithms to pass a run-time test before they're made available to
    users.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  3. @herbertx

    crypto: cryptomgr - Add test infrastructure

    herbertx authored
    This patch moves the newly created alg_test infrastructure into
    cryptomgr.  This shall allow us to use it for testing at algorithm
    registrations.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  4. @herbertx

    crypto: api - Export crypto_alg_lookup instead of __crypto_alg_lookup

    herbertx authored
    Since the only user of __crypto_alg_lookup is doing exactly what
    crypto_alg_lookup does, we can now the latter in lieu of the former.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Jul 10, 2008
  1. @herbertx

    [CRYPTO] hash: Add asynchronous hash support

    Loc Ho authored herbertx committed
    This patch adds asynchronous hash and digest support.
    
    Signed-off-by: Loc Ho <lho@amcc.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Jan 10, 2008
  1. @herbertx

    [CRYPTO] skcipher: Create default givcipher instances

    herbertx authored
    This patch makes crypto_alloc_ablkcipher/crypto_grab_skcipher always
    return algorithms that are capable of generating their own IVs through
    givencrypt and givdecrypt.  Each algorithm may specify its default IV
    generator through the geniv field.
    
    For algorithms that do not set the geniv field, the blkcipher layer will
    pick a default.  Currently it's chainiv for synchronous algorithms and
    eseqiv for asynchronous algorithms.  Note that if these wrappers do not
    work on an algorithm then that algorithm must specify its own geniv or
    it can't be used at all.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. @herbertx

    [CRYPTO] scatterwalk: Move scatterwalk.h to linux/crypto

    herbertx authored
    The scatterwalk infrastructure is used by algorithms so it needs to
    move out of crypto for future users that may live in drivers/crypto
    or asm/*/crypto.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Oct 10, 2007
  1. @herbertx

    [CRYPTO] api: Kill crypto_km_types

    herbertx authored David S. Miller committed
    When scatterwalk is built as a module digest.c was broken because it
    requires the crypto_km_types structure which is in scatterwalk.  This
    patch removes the crypto_km_types structure by encoding the logic into
    crypto_kmap_type directly.
    
    In fact, this even saves a few bytes of code (not to mention the data
    structure itself) on i386 which is about the only place where it's
    needed.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Feb 6, 2007
  1. @herbertx

    [CRYPTO] api: Allow multiple frontends per backend

    herbertx authored
    This patch adds support for multiple frontend types for each backend
    algorithm by passing the type and mask through to the backend type
    init function.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. @herbertx

    [CRYPTO] api: Remove deprecated interface

    herbertx authored
    This patch removes the old cipher interface and related code.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Sep 21, 2006
  1. @herbertx

    [CRYPTO] digest: Remove old HMAC implementation

    herbertx authored
    This patch removes the old HMAC implementation now that nobody uses it
    anymore.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  2. @herbertx

    [CRYPTO] cipher: Added block ciphers for CBC/ECB

    herbertx authored
    This patch adds two block cipher algorithms, CBC and ECB.  These
    are implemented as templates on top of existing single-block cipher
    algorithms.  They invoke the single-block cipher through the new
    encrypt_one/decrypt_one interface.
    
    This also optimises the in-place encryption and decryption to remove
    the cost of an IV copy each round.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  3. @herbertx

    [CRYPTO] api: Feed flag directly to crypto_yield

    herbertx authored
    The sleeping flag used to determine whether crypto_yield can actually
    yield is really a per-operation flag rather than a per-tfm flag.  This
    patch changes crypto_yield to take a flag directly so that we can start
    using a per-operation flag instead the tfm flag.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  4. @herbertx

    [CRYPTO] digest: Store temporary digest in tfm

    herbertx authored
    When the final result location is unaligned, we store the digest in a
    temporary buffer before copying it to the final location.  Currently
    that buffer sits on the stack.  This patch moves it to an area in the
    tfm, just like the CBC IV buffer.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  5. @herbertx

    [CRYPTO] api: Added spawns

    herbertx authored
    Spawns lock a specific crypto algorithm in place.  They can then be used
    with crypto_spawn_tfm to allocate a tfm for that algorithm.  When the base
    algorithm of a spawn is deregistered, all its spawns will be automatically
    removed.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  6. @herbertx

    [CRYPTO] api: Allow algorithm lookup by type

    herbertx authored
    This patch also adds the infrastructure to pick an algorithm based on
    their type.  For example, this allows you to select the encryption
    algorithm "aes", instead of any algorithm registered under the name
    "aes".  For now this is only accessible internally.  Eventually it
    will be made available through crypto_alloc_tfm.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  7. @herbertx

    [CRYPTO] api: Added event notification

    herbertx authored
    This patch adds a notifier chain for algorithm/template registration events.
    This will be used to register compound algorithms such as cbc(aes).  In
    future this will also be passed onto user-space through netlink.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  8. @herbertx

    [CRYPTO] api: Add template registration

    herbertx authored
    A crypto_template generates a crypto_alg object when given a set of
    parameters.  this patch adds the basic data structure fo templates
    and code to handle their registration/deregistration.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  9. @herbertx

    [CRYPTO] api: Split out low-level API

    herbertx authored
    The crypto API is made up of the part facing users such as IPsec and the
    low-level part which is used by cryptographic entities such as algorithms.
    This patch splits out the latter so that the two APIs are more clearly
    delineated.  As a bonus the low-level API can now be modularised if all
    algorithms are built as modules.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Jan 9, 2006
  1. @herbertx

    [CRYPTO] Allow multiple implementations of the same algorithm

    herbertx authored David S. Miller committed
    This is the first step on the road towards asynchronous support in
    the Crypto API.  It adds support for having multiple crypto_alg objects
    for the same algorithm registered in the system.
    
    For example, each device driver would register a crypto_alg object
    for each algorithm that it supports.  While at the same time the
    user may load software implementations of those same algorithms.
    
    Users of the Crypto API may then select a specific implementation
    by name, or choose any implementation for a given algorithm with
    the highest priority.
    
    The priority field is a 32-bit signed integer.  In future it will be
    possible to modify it from user-space.
    
    This also provides a solution to the problem of selecting amongst
    various AES implementations, that is, aes vs. aes-i586 vs. aes-padlock.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Sep 2, 2005
  1. @herbertx @davem330

    [CRYPTO]: Added CRYPTO_TFM_REQ_MAY_SLEEP flag

    herbertx authored davem330 committed
    The crypto layer currently uses in_atomic() to determine whether it is
    allowed to sleep.  This is incorrect since spin locks don't always cause
    in_atomic() to return true.
    
    Instead of that, this patch returns to an earlier idea of a per-tfm flag
    which determines whether sleeping is allowed.  Unlike the earlier version,
    the default is to not allow sleeping.  This ensures that no existing code
    can break.
    
    As usual, this flag may either be set through crypto_alloc_tfm(), or
    just before a specific crypto operation.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: David S. Miller <davem@davemloft.net>
Commits on Jul 15, 2005
  1. @herbertx @davem330

    [CRYPTO]: Fix zero-extension bug on 64-bit architectures.

    herbertx authored davem330 committed
    Noticed by Ken-ichirou MATSUZAWA.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: David S. Miller <davem@davemloft.net>
Commits on Jul 6, 2005
  1. @herbertx @davem330

    [CRYPTO] Ensure cit_iv is aligned correctly

    herbertx authored davem330 committed
    This patch ensures that cit_iv is aligned according to cra_alignmask
    by allocating it as part of the tfm structure.  As a side effect the
    crypto layer will also guarantee that the tfm ctx area has enough space
    to be aligned by cra_alignmask.  This allows us to remove the extra
    space reservation from the Padlock driver.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  2. @AdrianBunk @davem330

    [CRYPTO] Make crypto_alg_lookup static

    AdrianBunk authored davem330 committed
    This patch makes a needlessly global function static.
    
    Signed-off-by: Adrian Bunk <bunk@stusta.de>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: David S. Miller <davem@davemloft.net>
Something went wrong with that request. Please try again.