02 Dec, 2010
2 commits
-
Use scatterwalk_crypto_chain in favor of locally defined chaining functions.
Signed-off-by: Steffen Klassert
Signed-off-by: Herbert Xu -
A lot of crypto algorithms implement their own chaining function.
So add a generic one that can be used from all the algorithms that
need scatterlist chaining.Signed-off-by: Steffen Klassert
Signed-off-by: Herbert Xu
30 Nov, 2010
2 commits
-
As it is if user-space passes through a receive buffer that's not
aligned to to the cipher block size, we'll end up encrypting or
decrypting a partial block which causes a spurious EINVAL to be
returned.This patch fixes this by moving the partial block test after the
af_alg_make_sg call.Signed-off-by: Herbert Xu
-
When sk_sndbuf is not a multiple of PAGE_SIZE, the limit tests
in sendmsg fail as the limit variable becomes negative and we're
using an unsigned comparison.The same thing can happen if sk_sndbuf is lowered after a sendmsg
call.This patch fixes this by always taking the signed maximum of limit
and 0 before we perform the comparison.It also rounds the value of sk_sndbuf down to a multiple of PAGE_SIZE
so that we don't end up allocating a page only to use a small number
of bytes in it because we're bound by sk_sndbuf.Signed-off-by: Herbert Xu
29 Nov, 2010
2 commits
-
Add missing dependency on NET since we require sockets for our
interface.Should really be a select but kconfig doesn't like that:
net/Kconfig:6:error: found recursive dependency: NET -> NETWORK_FILESYSTEMS -> AFS_FS -> AF_RXRPC -> CRYPTO -> CRYPTO_USER_API_HASH -> CRYPTO_USER_API -> NET
Reported-by: Zimny Lech
Signed-off-by: Herbert Xu -
Exclude AES-GCM code for x86-32 due to heavy usage of 64-bit registers
not available on x86-32.While at it, fixed unregister order in aesni_exit().
Signed-off-by: Mathias Krause
Signed-off-by: Herbert Xu
28 Nov, 2010
1 commit
-
The error returned from af_alg_make_sg is currently lost and we
always pass on -EINVAL. This patch pases on the underlying error.Signed-off-by: Herbert Xu
27 Nov, 2010
11 commits
-
If scatterlist have more than one entry, current driver uses
aligned buffer to copy data to to accelerator to tackle possible
issues with DMA and SHA buffer alignment.This commit adds more intelligence to verify SG alignment and
possibility to use DMA directly on the data without using copy
buffer.Signed-off-by: Dmitry Kasatkin
Signed-off-by: Herbert Xu -
bufcnt is 0 if it was no update requests before,
which is exact meaning of FLAGS_FIRST.Signed-off-by: Dmitry Kasatkin
Signed-off-by: Herbert Xu -
Hash-in-progress is now stored in hw format.
Only on final call, hash is converted to correct format.
Speedup copy procedure and will allow to use OMAP burst mode.Signed-off-by: Dmitry Kasatkin
Signed-off-by: Herbert Xu -
According to the Herbert Xu, client may not always call
crypto_ahash_final().In the case of error in hash calculation resources will be
automatically cleaned up.But if no hash calculation error happens and client will not call
crypto_ahash_final() at all, then internal buffer will not be freed,
and clocks will not be disabled.This patch provides support for atomic crypto_ahash_update() call.
Clocks are now enabled and disabled per update request.Data buffer is now allocated as a part of request context.
Client is obligated to free it with crypto_free_ahash().Signed-off-by: Dmitry Kasatkin
Signed-off-by: Herbert Xu -
Locking for queuing and dequeuing is combined.
test_and_set_bit() is also replaced with checking under dd->lock.Signed-off-by: Dmitry Kasatkin
Signed-off-by: Herbert Xu -
Introduces DMA error handling.
DMA error is returned as a result code of the hash request.
Clients needs to handle error codes and may repeat hash calculation attempt.Also in the case of DMA error, SHAM module is set to be re-initialized again.
It significantly improves stability against possible HW failures.Signed-off-by: Dmitry Kasatkin
Signed-off-by: Herbert Xu -
DMA parameters for constant data were initialized during driver probe().
It seems that those settings sometimes are lost when devices goes to off mode.
This patch makes DMA initialization just before use.
It solves off mode problems.Fixes: NB#202786 - Aegis & SHA1 block off mode changes
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Herbert Xu -
Currently driver storred digest results in req->results
provided by the client. But some clients do not set it
until final() call. It leads to crash.
Changed to use internal buffer to store temporary digest results.Signed-off-by: Dmitry Kasatkin
Signed-off-by: Herbert Xu -
The AES-NI instructions are also available in legacy mode so the 32-bit
architecture may profit from those, too.To illustrate the performance gain here's a short summary of a dm-crypt
speed test on a Core i7 M620 running at 2.67GHz comparing both assembler
implementations:x86: i568 aes-ni delta
ECB, 256 bit: 93.8 MB/s 123.3 MB/s +31.4%
CBC, 256 bit: 84.8 MB/s 262.3 MB/s +209.3%
LRW, 256 bit: 108.6 MB/s 222.1 MB/s +104.5%
XTS, 256 bit: 105.0 MB/s 205.5 MB/s +95.7%Additionally, due to some minor optimizations, the 64-bit version also
got a minor performance gain as seen below:x86-64: old impl. new impl. delta
ECB, 256 bit: 121.1 MB/s 123.0 MB/s +1.5%
CBC, 256 bit: 285.3 MB/s 290.8 MB/s +1.9%
LRW, 256 bit: 263.7 MB/s 265.3 MB/s +0.6%
XTS, 256 bit: 251.1 MB/s 255.3 MB/s +1.7%Signed-off-by: Mathias Krause
Reviewed-by: Huang Ying
Signed-off-by: Herbert Xu -
Changed Makefile to use -y instead of -objs.
Signed-off-by: Tracey Dent
Signed-off-by: Herbert Xu -
Signed-off-by: Joe Perches
Signed-off-by: Herbert Xu
26 Nov, 2010
1 commit
-
This patch adds the af_alg plugin for symmetric key ciphers,
corresponding to the ablkcipher kernel operation type.Keys can optionally be set through the setsockopt interface.
Once a sendmsg call occurs without MSG_MORE no further writes
may be made to the socket until all previous data has been read.IVs and and whether encryption/decryption is performed can be
set through the setsockopt interface or as a control message
to sendmsg.The interface is completely synchronous, all operations are
carried out in recvmsg(2) and will complete prior to the system
call returning.The splice(2) interface support reading the user-space data directly
without copying (except that the Crypto API itself may copy the data
if alignment is off).The recvmsg(2) interface supports directly writing to user-space
without additional copying, i.e., the kernel crypto interface will
receive the user-space address as its output SG list.Thakns to Miloslav Trmac for reviewing this and contributing
fixes and improvements.Signed-off-by: Herbert Xu
Acked-by: David S. Miller
19 Nov, 2010
3 commits
-
This patch adds the af_alg plugin for hash, corresponding to
the ahash kernel operation type.Keys can optionally be set through the setsockopt interface.
Each sendmsg call will finalise the hash unless sent with a MSG_MORE
flag.Partial hash states can be cloned using accept(2).
The interface is completely synchronous, all operations will
complete prior to the system call returning.Both sendmsg(2) and splice(2) support reading the user-space
data directly without copying (except that the Crypto API itself
may copy the data if alignment is off).For now only the splice(2) interface supports performing digest
instead of init/update/final. In future the sendmsg(2) interface
will also be modified to use digest/finup where possible so that
hardware that cannot return a partial hash state can still benefit
from this interface.Thakns to Miloslav Trmac for reviewing this and contributing
fixes and improvements.Signed-off-by: Herbert Xu
Acked-by: David S. Miller
Tested-by: Martin Willi -
This patch creates the backbone of the user-space interface for
the Crypto API, through a new socket family AF_ALG.Each session corresponds to one or more connections obtained from
that socket. The number depends on the number of inputs/outputs
of that particular type of operation. For most types there will
be a s ingle connection/file descriptor that is used for both input
and output. AEAD is one of the few that require two inputs.Each algorithm type will provide its own implementation that plugs
into af_alg. They're keyed using a string such as "skcipher" or
"hash".IOW this patch only contains the boring bits that is required
to hold everything together.Thakns to Miloslav Trmac for reviewing this and contributing
fixes and improvements.Signed-off-by: Herbert Xu
Acked-by: David S. Miller
Tested-by: Martin Willi -
This patch adds the socket family/level macros for the yet-to-be-born
AF_ALG family. The AF_ALG family provides the user-space interface
for the kernel crypto API.Signed-off-by: Herbert Xu
Acked-by: David S. Miller
13 Nov, 2010
3 commits
-
Updated RFC4106 AES-GCM testing. Some test vectors were taken from
http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/
gcm/gcm-test-vectors.tar.gzSigned-off-by: Adrian Hoban
Signed-off-by: Tadeusz Struk
Signed-off-by: Gabriele Paoloni
Signed-off-by: Aidan O'Mahony
Signed-off-by: Herbert Xu -
This patch adds an optimized RFC4106 AES-GCM implementation for 64-bit
kernels. It supports 128-bit AES key size. This leverages the crypto
AEAD interface type to facilitate a combined AES & GCM operation to
be implemented in assembly code. The assembly code leverages Intel(R)
AES New Instructions and the PCLMULQDQ instruction.Signed-off-by: Adrian Hoban
Signed-off-by: Tadeusz Struk
Signed-off-by: Gabriele Paoloni
Signed-off-by: Aidan O'Mahony
Signed-off-by: Erdinc Ozturk
Signed-off-by: James Guilford
Signed-off-by: Wajdi Feghali
Signed-off-by: Herbert Xu -
I noticed that by factoring out common rounds from the
branches of the if-statements in the encryption and
decryption functions, the executable file size goes down
significantly, for crypto/cast5.ko from 26688 bytes
to 24336 bytes (amd64).On my test system, I saw a slight speedup. This is the
first time I'm doing such a benchmark - I found a similar
one on the crypto mailing list, and I hope I did it right?Before:
# cryptsetup create dm-test /dev/hda2 -c cast5-cbc-plain -s 128
Passsatz eingeben:
# dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50
52428800 Bytes (52 MB) kopiert, 2,43484 s, 21,5 MB/s
# dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50
52428800 Bytes (52 MB) kopiert, 2,4089 s, 21,8 MB/s
# dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50
52428800 Bytes (52 MB) kopiert, 2,41091 s, 21,7 MB/sAfter:
# cryptsetup create dm-test /dev/hda2 -c cast5-cbc-plain -s 128
Passsatz eingeben:
# dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50
52428800 Bytes (52 MB) kopiert, 2,38128 s, 22,0 MB/s
# dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50
52428800 Bytes (52 MB) kopiert, 2,29486 s, 22,8 MB/s
# dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50
52428800 Bytes (52 MB) kopiert, 2,37162 s, 22,1 MB/sSigned-off-by: Nicolas Kaiser
Signed-off-by: Herbert Xu
05 Nov, 2010
1 commit
-
The function shash_async_import did not initialise the descriptor
correctly prior to calling the underlying shash import function.This patch adds the required initialisation.
Reported-by: Miloslav Trmac
Signed-off-by: Herbert Xu
28 Oct, 2010
14 commits
-
* 'upstream-merge' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: (50 commits)
ext4,jbd2: convert tracepoints to use major/minor numbers
ext4: optimize orphan_list handling for ext4_setattr
ext4: fix unbalanced mutex unlock in error path of ext4_li_request_new
ext4: fix compile error in ext4_fallocate()
ext4: move ext4_mb_{get,put}_buddy_cache_lock and make them static
ext4: rename mark_bitmap_end() to ext4_mark_bitmap_end()
ext4: move flush_completed_IO to fs/ext4/fsync.c and make it static
ext4: rename {ext,idx}_pblock and inline small extent functions
ext4: make various ext4 functions be static
ext4: rename {exit,init}_ext4_*() to ext4_{exit,init}_*()
ext4: fix kernel oops if the journal superblock has a non-zero j_errno
ext4: update writeback_index based on last page scanned
ext4: implement writeback livelock avoidance using page tagging
ext4: tidy up a void argument in inode.c
ext4: add batched_discard into ext4 feature list
ext4: Add batched discard support for ext4
fs: Add FITRIM ioctl
ext4: Use return value from sb_issue_discard()
ext4: Check return value of sb_getblk() and friends
ext4: use bio layer instead of buffer layer in mpage_da_submit_io
... -
Conflicts:
fs/ext4/inode.c
fs/ext4/mballoc.c
include/trace/events/ext4.h -
* 'drm-core-next' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6:
drm/radeon/kms: enable unmappable vram for evergreen
drm/radeon/kms: fix tiled db height calculation on 6xx/7xx
drm/radeon/kms: fix handling of tex lookup disable in cs checker on r2xx -
* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs-2.6: (24 commits)
quota: Fix possible oops in __dquot_initialize()
ext3: Update kernel-doc comments
jbd/2: fixed typos
ext2: fixed typo.
ext3: Fix debug messages in ext3_group_extend()
jbd: Convert atomic_inc() to get_bh()
ext3: Remove misplaced BUFFER_TRACE() in ext3_truncate()
jbd: Fix debug message in do_get_write_access()
jbd: Check return value of __getblk()
ext3: Use DIV_ROUND_UP() on group desc block counting
ext3: Return proper error code on ext3_fill_super()
ext3: Remove unnecessary casts on bh->b_data
ext3: Cleanup ext3_setup_super()
quota: Fix issuing of warnings from dquot_transfer
quota: fix dquot_disable vs dquot_transfer race v2
jbd: Convert bitops to buffer fns
ext3/jbd: Avoid WARN() messages when failing to write the superblock
jbd: Use offset_in_page() instead of manual calculation
jbd: Remove unnecessary goto statement
jbd: Use printk_ratelimited() in journal_alloc_journal_head()
... -
Unfortunately perf can't deal with anything other than direct structure
accesses in the TP_printk() section. It will drop dead when it sees
jbd2_dev_to_name() in the "print fmt" section of the tracepoint.Addresses-Google-Bug: 3138508
Signed-off-by: "Theodore Ts'o"
-
Surprisingly chown() on ext4 is not SMP scalable operation.
Due to unconditional orphan_del(NULL, inode) in ext4_setattr()
result in significant performance overhead because of global orphan
mutex, especially in no-journal mode (where orphan_add() is noop).
It is possible to skip explicit orphan_del if possible.
Results of fchown() micro-benchmark in no-journal mode
while (1) {
iteration++;
fchown(fd, uid, gid);
fchown(fd, uid + 1, gid + 1)
}
measured: iterations per millisecond
| nr_tasks | w/o patch | with patch |
| 1 | 142 | 185 |
| 4 | 109 | 642 |Signed-off-by: Dmitry Monakhov
Signed-off-by: "Theodore Ts'o" -
Signed-off-by: Nicolas Kaiser
Signed-off-by: "Theodore Ts'o" -
* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/djbw/async_tx: (48 commits)
DMAENGINE: move COH901318 to arch_initcall
dma: imx-dma: fix signedness bug
dma/timberdale: simplify conditional
ste_dma40: remove channel_type
ste_dma40: remove enum for endianess
ste_dma40: remove TIM_FOR_LINK option
ste_dma40: move mode_opt to separate config
ste_dma40: move channel mode to a separate field
ste_dma40: move priority to separate field
ste_dma40: add variable to indicate valid dma_cfg
async_tx: make async_tx channel switching opt-in
move async raid6 test to lib/Kconfig.debug
dmaengine: Add Freescale i.MX1/21/27 DMA driver
intel_mid_dma: change the slave interface
intel_mid_dma: fix the WARN_ONs
intel_mid_dma: Add sg list support to DMA driver
intel_mid_dma: Allow DMAC2 to share interrupt
intel_mid_dma: Allow IRQ sharing
intel_mid_dma: Add runtime PM support
DMAENGINE: define a dummy filter function for ste_dma40
... -
* 'viafb-next' of git://github.com/schandinat/linux-2.6: (29 commits)
viafb: add initial VX900 support
viafb: fix hardware acceleration for suspend & resume
viafb: make suspend and resume work (on all machines?)
viafb: restore display on resume
Minimal support for viafb suspend/resume
viafb: use proper register for colour when doing fill ops
viafb: add documentation for proc interface
viafb: rename output devices
viafb: add a mapping of supported output devices
viafb: set sync polarity for all output devices
viafb: add function to change sync polarity per device
viafb: reduce I2C timeout and delay
viafb: enable I2C for CRT
viafb: fix i2c_transfer error handling
viafb: vt1636 cleanup
viafb: introduce per output device power management
viafb: limit LCD code impact
viafb: add interface for output device configuration
viafb: merge the remaining output path with enable functions
viafb: use new device routing
... -
* git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-2.6-mn10300: (44 commits)
MN10300: Save frame pointer in thread_info struct rather than global var
MN10300: Change "Matsushita" to "Panasonic".
MN10300: Create a defconfig for the ASB2364 board
MN10300: Update the ASB2303 defconfig
MN10300: ASB2364: Add support for SMSC911X and SMC911X
MN10300: ASB2364: Handle the IRQ multiplexer in the FPGA
MN10300: Generic time support
MN10300: Specify an ELF HWCAP flag for MN10300 Atomic Operations Unit support
MN10300: Map userspace atomic op regs as a vmalloc page
MN10300: And Panasonic AM34 subarch and implement SMP
MN10300: Delete idle_timestamp from irq_cpustat_t
MN10300: Make various interrupt priority settings configurable
MN10300: Optimise do_csum()
MN10300: Implement atomic ops using atomic ops unit
MN10300: Make the FPU operate in non-lazy mode under SMP
MN10300: SMP TLB flushing
MN10300: Use the [ID]PTEL2 registers rather than [ID]PTEL for TLB control
MN10300: Make the use of PIDR to mark TLB entries controllable
MN10300: Rename __flush_tlb*() to local_flush_tlb*()
MN10300: AM34 erratum requires MMUCTR read and write on exception entry
... -
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6:
ALSA: usb-audio: automatically detect feedback format
ASoC: sound/wm9090: add missing __devexit marker
ASoC: sound/max98088: add missing __devexit marker
ASoC: sound/ad73311: add missing __devexit marker
ASoC: fsl - fix build error in pcm030-audio-fabric.c
sound/oss/sb_ess.c: delete double assignment
ALSA: hda - Change BTL amp level on some HP notebooks -
…/git/tip/linux-2.6-tip
* 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: (50 commits)
perf python scripting: Add futex-contention script
perf python scripting: Fixup cut'n'paste error in sctop script
perf scripting: Shut up 'perf record' final status
perf record: Remove newline character from perror() argument
perf python scripting: Support fedora 11 (audit 1.7.17)
perf python scripting: Improve the syscalls-by-pid script
perf python scripting: print the syscall name on sctop
perf python scripting: Improve the syscalls-counts script
perf python scripting: Improve the failed-syscalls-by-pid script
kprobes: Remove redundant text_mutex lock in optimize
x86/oprofile: Fix uninitialized variable use in debug printk
tracing: Fix 'faild' -> 'failed' typo
perf probe: Fix format specified for Dwarf_Off parameter
perf trace: Fix detection of script extension
perf trace: Use $PERF_EXEC_PATH in canned report scripts
perf tools: Document event modifiers
perf tools: Remove direct slang.h include
perf_events: Fix for transaction recovery in group_sched_in()
perf_events: Revert: Fix transaction recovery in group_sched_in()
perf, x86: Use NUMA aware allocations for PEBS/BTS/DS allocations
... -
* 'module' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus:
NULL-terminate all pci_device_id tables
(trivial) Fix compiler warning in kernel/modules.c -
* akpm-incoming-2: (139 commits)
epoll: make epoll_wait() use the hrtimer range feature
select: rename estimate_accuracy() to select_estimate_accuracy()
Remove duplicate includes from many files
ramoops: use the platform data structure instead of module params
kernel/resource.c: handle reinsertion of an already-inserted resource
kfifo: fix kfifo_alloc() to return a signed int value
w1: don't allow arbitrary users to remove w1 devices
alpha: remove dma64_addr_t usage
mips: remove dma64_addr_t usage
sparc: remove dma64_addr_t usage
fuse: use release_pages()
taskstats: use real microsecond granularity for CPU times
taskstats: split fill_pid function
taskstats: separate taskstats commands
delayacct: align to 8 byte boundary on 64-bit systems
delay-accounting: reimplement -c for getdelays.c to report information on a target command
namespaces Kconfig: move namespace menu location after the cgroup
namespaces Kconfig: remove the cgroup device whitelist experimental tag
namespaces Kconfig: remove pointless cgroup dependency
namespaces Kconfig: make namespace a submenu
...
