1. 20 Apr, 2018 1 commit
  2. 04 Aug, 2017 1 commit
    • Ard Biesheuvel's avatar
      crypto: algapi - make crypto_xor() take separate dst and src arguments · 45fe93df
      Ard Biesheuvel authored
      There are quite a number of occurrences in the kernel of the pattern
      
        if (dst != src)
                memcpy(dst, src, walk.total % AES_BLOCK_SIZE);
        crypto_xor(dst, final, walk.total % AES_BLOCK_SIZE);
      
      or
      
        crypto_xor(keystream, src, nbytes);
        memcpy(dst, keystream, nbytes);
      
      where crypto_xor() is preceded or followed by a memcpy() invocation
      that is only there because crypto_xor() uses its output parameter as
      one of the inputs. To avoid having to add new instances of this pattern
      in the arm64 code, which will be refactored to implement non-SIMD
      fallbacks, add an alternative implementation called crypto_xor_cpy(),
      taking separate input and output arguments. This removes the need for
      the separate memcpy().
      Signed-off-by: 's avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      45fe93df
  3. 11 Feb, 2017 1 commit
    • Ard Biesheuvel's avatar
      crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic · db91af0f
      Ard Biesheuvel authored
      Instead of unconditionally forcing 4 byte alignment for all generic
      chaining modes that rely on crypto_xor() or crypto_inc() (which may
      result in unnecessary copying of data when the underlying hardware
      can perform unaligned accesses efficiently), make those functions
      deal with unaligned input explicitly, but only if the Kconfig symbol
      HAVE_EFFICIENT_UNALIGNED_ACCESS is set. This will allow us to drop
      the alignmasks from the CBC, CMAC, CTR, CTS, PCBC and SEQIV drivers.
      
      For crypto_inc(), this simply involves making the 4-byte stride
      conditional on HAVE_EFFICIENT_UNALIGNED_ACCESS being set, given that
      it typically operates on 16 byte buffers.
      
      For crypto_xor(), an algorithm is implemented that simply runs through
      the input using the largest strides possible if unaligned accesses are
      allowed. If they are not, an optimal sequence of memory accesses is
      emitted that takes the relative alignment of the input buffers into
      account, e.g., if the relative misalignment of dst and src is 4 bytes,
      the entire xor operation will be completed using 4 byte loads and stores
      (modulo unaligned bits at the start and end). Note that all expressions
      involving misalign are simply eliminated by the compiler when
      HAVE_EFFICIENT_UNALIGNED_ACCESS is defined.
      Signed-off-by: 's avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      db91af0f
  4. 12 Jan, 2017 1 commit
    • Gideon Israel Dsouza's avatar
      crypto: Replaced gcc specific attributes with macros from compiler.h · d8c34b94
      Gideon Israel Dsouza authored
      Continuing from this commit: 52f5684c
      ("kernel: use macros from compiler.h instead of __attribute__((...))")
      
      I submitted 4 total patches. They are part of task I've taken up to
      increase compiler portability in the kernel. I've cleaned up the
      subsystems under /kernel /mm /block and /security, this patch targets
      /crypto.
      
      There is <linux/compiler.h> which provides macros for various gcc specific
      constructs. Eg: __weak for __attribute__((weak)). I've cleaned all
      instances of gcc specific attributes with the right macros for the crypto
      subsystem.
      
      I had to make one additional change into compiler-gcc.h for the case when
      one wants to use this: __attribute__((aligned) and not specify an alignment
      factor. From the gcc docs, this will result in the largest alignment for
      that data type on the target machine so I've named the macro
      __aligned_largest. Please advise if another name is more appropriate.
      Signed-off-by: 's avatarGideon Israel Dsouza <gidisrael@gmail.com>
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      d8c34b94
  5. 28 Nov, 2016 1 commit
  6. 26 Nov, 2014 1 commit
  7. 07 Feb, 2008 1 commit
  8. 10 Jan, 2008 1 commit
  9. 02 May, 2007 1 commit
    • Herbert Xu's avatar
      [CRYPTO] templates: Pass type/mask when creating instances · ebc610e5
      Herbert Xu authored
      This patch passes the type/mask along when constructing instances of
      templates.  This is in preparation for templates that may support
      multiple types of instances depending on what is requested.  For example,
      the planned software async crypto driver will use this construct.
      
      For the moment this allows us to check whether the instance constructed
      is of the correct type and avoid returning success if the type does not
      match.
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      ebc610e5
  10. 06 Feb, 2007 2 commits
  11. 21 Sep, 2006 1 commit
    • Herbert Xu's avatar
      [CRYPTO] cipher: Added block ciphers for CBC/ECB · db131ef9
      Herbert Xu authored
      This patch adds two block cipher algorithms, CBC and ECB.  These
      are implemented as templates on top of existing single-block cipher
      algorithms.  They invoke the single-block cipher through the new
      encrypt_one/decrypt_one interface.
      
      This also optimises the in-place encryption and decryption to remove
      the cost of an IV copy each round.
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      db131ef9