Merge "lib80211: don't use skcipher" (6ebf1f08) · Commits · e / devices / android_kernel_fairphone_FP4

drivers/crypto/picoxcell_crypto.c

+10 −11

Original line number	Diff line number	Diff line
		@@ -171,7 +171,7 @@ struct spacc_ablk_ctx {
		* The fallback cipher. If the operation can't be done in hardware,
		* fallback to a software version.
		*/
		struct crypto_skcipher *sw_cipher;
		struct crypto_sync_skcipher *sw_cipher;
		};

		/* AEAD cipher context. */
		@@ -799,17 +799,17 @@ static int spacc_aes_setkey(struct crypto_ablkcipher cipher, const u8 key,
		* Set the fallback transform to use the same request flags as
		* the hardware transform.
		*/
		crypto_skcipher_clear_flags(ctx->sw_cipher,
		crypto_sync_skcipher_clear_flags(ctx->sw_cipher,
		CRYPTO_TFM_REQ_MASK);
		crypto_skcipher_set_flags(ctx->sw_cipher,
		crypto_sync_skcipher_set_flags(ctx->sw_cipher,
		cipher->base.crt_flags &
		CRYPTO_TFM_REQ_MASK);

		err = crypto_skcipher_setkey(ctx->sw_cipher, key, len);
		err = crypto_sync_skcipher_setkey(ctx->sw_cipher, key, len);

		tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
		tfm->crt_flags \|=
		crypto_skcipher_get_flags(ctx->sw_cipher) &
		crypto_sync_skcipher_get_flags(ctx->sw_cipher) &
		CRYPTO_TFM_RES_MASK;

		if (err)
		@@ -914,7 +914,7 @@ static int spacc_ablk_do_fallback(struct ablkcipher_request *req,
		struct crypto_tfm *old_tfm =
		crypto_ablkcipher_tfm(crypto_ablkcipher_reqtfm(req));
		struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(old_tfm);
		SKCIPHER_REQUEST_ON_STACK(subreq, ctx->sw_cipher);
		SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->sw_cipher);
		int err;

		/*
		@@ -922,7 +922,7 @@ static int spacc_ablk_do_fallback(struct ablkcipher_request *req,
		* the ciphering has completed, put the old transform back into the
		* request.
		*/
		skcipher_request_set_tfm(subreq, ctx->sw_cipher);
		skcipher_request_set_sync_tfm(subreq, ctx->sw_cipher);
		skcipher_request_set_callback(subreq, req->base.flags, NULL, NULL);
		skcipher_request_set_crypt(subreq, req->src, req->dst,
		req->nbytes, req->info);
		@@ -1020,9 +1020,8 @@ static int spacc_ablk_cra_init(struct crypto_tfm *tfm)
		ctx->generic.flags = spacc_alg->type;
		ctx->generic.engine = engine;
		if (alg->cra_flags & CRYPTO_ALG_NEED_FALLBACK) {
		ctx->sw_cipher = crypto_alloc_skcipher(
		alg->cra_name, 0, CRYPTO_ALG_ASYNC \|
		CRYPTO_ALG_NEED_FALLBACK);
		ctx->sw_cipher = crypto_alloc_sync_skcipher(
		alg->cra_name, 0, CRYPTO_ALG_NEED_FALLBACK);
		if (IS_ERR(ctx->sw_cipher)) {
		dev_warn(engine->dev, "failed to allocate fallback for %s\n",
		alg->cra_name);
		@@ -1041,7 +1040,7 @@ static void spacc_ablk_cra_exit(struct crypto_tfm *tfm)
		{
		struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);

		crypto_free_skcipher(ctx->sw_cipher);
		crypto_free_sync_skcipher(ctx->sw_cipher);
		}

		static int spacc_ablk_encrypt(struct ablkcipher_request *req)

net/mac802154/llsec.c

+8 −8

Original line number	Diff line number	Diff line
		@@ -146,18 +146,18 @@ llsec_key_alloc(const struct ieee802154_llsec_key *template)
		goto err_tfm;
		}

		key->tfm0 = crypto_alloc_skcipher("ctr(aes)", 0, CRYPTO_ALG_ASYNC);
		key->tfm0 = crypto_alloc_sync_skcipher("ctr(aes)", 0, 0);
		if (IS_ERR(key->tfm0))
		goto err_tfm;

		if (crypto_skcipher_setkey(key->tfm0, template->key,
		if (crypto_sync_skcipher_setkey(key->tfm0, template->key,
		IEEE802154_LLSEC_KEY_SIZE))
		goto err_tfm0;

		return key;

		err_tfm0:
		crypto_free_skcipher(key->tfm0);
		crypto_free_sync_skcipher(key->tfm0);
		err_tfm:
		for (i = 0; i < ARRAY_SIZE(key->tfm); i++)
		if (key->tfm[i])
		@@ -177,7 +177,7 @@ static void llsec_key_release(struct kref *ref)
		for (i = 0; i < ARRAY_SIZE(key->tfm); i++)
		crypto_free_aead(key->tfm[i]);

		crypto_free_skcipher(key->tfm0);
		crypto_free_sync_skcipher(key->tfm0);
		kzfree(key);
		}

		@@ -622,7 +622,7 @@ llsec_do_encrypt_unauth(struct sk_buff skb, const struct mac802154_llsec sec,
		{
		u8 iv[16];
		struct scatterlist src;
		SKCIPHER_REQUEST_ON_STACK(req, key->tfm0);
		SYNC_SKCIPHER_REQUEST_ON_STACK(req, key->tfm0);
		int err, datalen;
		unsigned char *data;

		@@ -632,7 +632,7 @@ llsec_do_encrypt_unauth(struct sk_buff skb, const struct mac802154_llsec sec,
		datalen = skb_tail_pointer(skb) - data;
		sg_init_one(&src, data, datalen);

		skcipher_request_set_tfm(req, key->tfm0);
		skcipher_request_set_sync_tfm(req, key->tfm0);
		skcipher_request_set_callback(req, 0, NULL, NULL);
		skcipher_request_set_crypt(req, &src, &src, datalen, iv);
		err = crypto_skcipher_encrypt(req);
		@@ -840,7 +840,7 @@ llsec_do_decrypt_unauth(struct sk_buff skb, const struct mac802154_llsec sec,
		unsigned char *data;
		int datalen;
		struct scatterlist src;
		SKCIPHER_REQUEST_ON_STACK(req, key->tfm0);
		SYNC_SKCIPHER_REQUEST_ON_STACK(req, key->tfm0);
		int err;

		llsec_geniv(iv, dev_addr, &hdr->sec);
		@@ -849,7 +849,7 @@ llsec_do_decrypt_unauth(struct sk_buff skb, const struct mac802154_llsec sec,

		sg_init_one(&src, data, datalen);

		skcipher_request_set_tfm(req, key->tfm0);
		skcipher_request_set_sync_tfm(req, key->tfm0);
		skcipher_request_set_callback(req, 0, NULL, NULL);
		skcipher_request_set_crypt(req, &src, &src, datalen, iv);

net/mac802154/llsec.h

+1 −1

Original line number	Diff line number	Diff line
		@@ -29,7 +29,7 @@ struct mac802154_llsec_key {

		/* one tfm for each authsize (4/8/16) */
		struct crypto_aead *tfm[3];
		struct crypto_skcipher *tfm0;
		struct crypto_sync_skcipher *tfm0;

		struct kref ref;
		};

net/rxrpc/ar-internal.h

+1 −1

Original line number	Diff line number	Diff line
		@@ -435,7 +435,7 @@ struct rxrpc_connection {
		struct sk_buff_head rx_queue; /* received conn-level packets */
		const struct rxrpc_security security; / applied security module */
		struct key server_key; / security for this service */
		struct crypto_skcipher cipher; / encryption handle */
		struct crypto_sync_skcipher cipher; / encryption handle */
		struct rxrpc_crypt csum_iv; /* packet checksum base */
		unsigned long flags;
		unsigned long events;

net/rxrpc/rxkad.c

+22 −22

Original line number	Diff line number	Diff line
		@@ -46,7 +46,7 @@ struct rxkad_level2_hdr {
		* alloc routine, but since we have it to hand, we use it to decrypt RESPONSE
		* packets
		*/
		static struct crypto_skcipher *rxkad_ci;
		static struct crypto_sync_skcipher *rxkad_ci;
		static DEFINE_MUTEX(rxkad_ci_mutex);

		/*
		@@ -54,7 +54,7 @@ static DEFINE_MUTEX(rxkad_ci_mutex);
		*/
		static int rxkad_init_connection_security(struct rxrpc_connection *conn)
		{
		struct crypto_skcipher *ci;
		struct crypto_sync_skcipher *ci;
		struct rxrpc_key_token *token;
		int ret;

		@@ -63,14 +63,14 @@ static int rxkad_init_connection_security(struct rxrpc_connection *conn)
		token = conn->params.key->payload.data[0];
		conn->security_ix = token->security_index;

		ci = crypto_alloc_skcipher("pcbc(fcrypt)", 0, CRYPTO_ALG_ASYNC);
		ci = crypto_alloc_sync_skcipher("pcbc(fcrypt)", 0, 0);
		if (IS_ERR(ci)) {
		_debug("no cipher");
		ret = PTR_ERR(ci);
		goto error;
		}

		if (crypto_skcipher_setkey(ci, token->kad->session_key,
		if (crypto_sync_skcipher_setkey(ci, token->kad->session_key,
		sizeof(token->kad->session_key)) < 0)
		BUG();

		@@ -104,7 +104,7 @@ static int rxkad_init_connection_security(struct rxrpc_connection *conn)
		static int rxkad_prime_packet_security(struct rxrpc_connection *conn)
		{
		struct rxrpc_key_token *token;
		SKCIPHER_REQUEST_ON_STACK(req, conn->cipher);
		SYNC_SKCIPHER_REQUEST_ON_STACK(req, conn->cipher);
		struct scatterlist sg;
		struct rxrpc_crypt iv;
		__be32 *tmpbuf;
		@@ -128,7 +128,7 @@ static int rxkad_prime_packet_security(struct rxrpc_connection *conn)
		tmpbuf[3] = htonl(conn->security_ix);

		sg_init_one(&sg, tmpbuf, tmpsize);
		skcipher_request_set_tfm(req, conn->cipher);
		skcipher_request_set_sync_tfm(req, conn->cipher);
		skcipher_request_set_callback(req, 0, NULL, NULL);
		skcipher_request_set_crypt(req, &sg, &sg, tmpsize, iv.x);
		crypto_skcipher_encrypt(req);
		@@ -167,7 +167,7 @@ static int rxkad_secure_packet_auth(const struct rxrpc_call *call,
		memset(&iv, 0, sizeof(iv));

		sg_init_one(&sg, sechdr, 8);
		skcipher_request_set_tfm(req, call->conn->cipher);
		skcipher_request_set_sync_tfm(req, call->conn->cipher);
		skcipher_request_set_callback(req, 0, NULL, NULL);
		skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x);
		crypto_skcipher_encrypt(req);
		@@ -212,7 +212,7 @@ static int rxkad_secure_packet_encrypt(const struct rxrpc_call *call,
		memcpy(&iv, token->kad->session_key, sizeof(iv));

		sg_init_one(&sg[0], sechdr, sizeof(rxkhdr));
		skcipher_request_set_tfm(req, call->conn->cipher);
		skcipher_request_set_sync_tfm(req, call->conn->cipher);
		skcipher_request_set_callback(req, 0, NULL, NULL);
		skcipher_request_set_crypt(req, &sg[0], &sg[0], sizeof(rxkhdr), iv.x);
		crypto_skcipher_encrypt(req);
		@@ -250,7 +250,7 @@ static int rxkad_secure_packet(struct rxrpc_call *call,
		void *sechdr)
		{
		struct rxrpc_skb_priv *sp;
		SKCIPHER_REQUEST_ON_STACK(req, call->conn->cipher);
		SYNC_SKCIPHER_REQUEST_ON_STACK(req, call->conn->cipher);
		struct rxrpc_crypt iv;
		struct scatterlist sg;
		u32 x, y;
		@@ -279,7 +279,7 @@ static int rxkad_secure_packet(struct rxrpc_call *call,
		call->crypto_buf[1] = htonl(x);

		sg_init_one(&sg, call->crypto_buf, 8);
		skcipher_request_set_tfm(req, call->conn->cipher);
		skcipher_request_set_sync_tfm(req, call->conn->cipher);
		skcipher_request_set_callback(req, 0, NULL, NULL);
		skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x);
		crypto_skcipher_encrypt(req);
		@@ -352,7 +352,7 @@ static int rxkad_verify_packet_1(struct rxrpc_call call, struct sk_buff skb,
		/* start the decryption afresh */
		memset(&iv, 0, sizeof(iv));

		skcipher_request_set_tfm(req, call->conn->cipher);
		skcipher_request_set_sync_tfm(req, call->conn->cipher);
		skcipher_request_set_callback(req, 0, NULL, NULL);
		skcipher_request_set_crypt(req, sg, sg, 8, iv.x);
		crypto_skcipher_decrypt(req);
		@@ -450,7 +450,7 @@ static int rxkad_verify_packet_2(struct rxrpc_call call, struct sk_buff skb,
		token = call->conn->params.key->payload.data[0];
		memcpy(&iv, token->kad->session_key, sizeof(iv));

		skcipher_request_set_tfm(req, call->conn->cipher);
		skcipher_request_set_sync_tfm(req, call->conn->cipher);
		skcipher_request_set_callback(req, 0, NULL, NULL);
		skcipher_request_set_crypt(req, sg, sg, len, iv.x);
		crypto_skcipher_decrypt(req);
		@@ -506,7 +506,7 @@ static int rxkad_verify_packet(struct rxrpc_call call, struct sk_buff skb,
		unsigned int offset, unsigned int len,
		rxrpc_seq_t seq, u16 expected_cksum)
		{
		SKCIPHER_REQUEST_ON_STACK(req, call->conn->cipher);
		SYNC_SKCIPHER_REQUEST_ON_STACK(req, call->conn->cipher);
		struct rxrpc_crypt iv;
		struct scatterlist sg;
		bool aborted;
		@@ -529,7 +529,7 @@ static int rxkad_verify_packet(struct rxrpc_call call, struct sk_buff skb,
		call->crypto_buf[1] = htonl(x);

		sg_init_one(&sg, call->crypto_buf, 8);
		skcipher_request_set_tfm(req, call->conn->cipher);
		skcipher_request_set_sync_tfm(req, call->conn->cipher);
		skcipher_request_set_callback(req, 0, NULL, NULL);
		skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x);
		crypto_skcipher_encrypt(req);
		@@ -755,7 +755,7 @@ static void rxkad_encrypt_response(struct rxrpc_connection *conn,
		struct rxkad_response *resp,
		const struct rxkad_key *s2)
		{
		SKCIPHER_REQUEST_ON_STACK(req, conn->cipher);
		SYNC_SKCIPHER_REQUEST_ON_STACK(req, conn->cipher);
		struct rxrpc_crypt iv;
		struct scatterlist sg[1];

		@@ -764,7 +764,7 @@ static void rxkad_encrypt_response(struct rxrpc_connection *conn,

		sg_init_table(sg, 1);
		sg_set_buf(sg, &resp->encrypted, sizeof(resp->encrypted));
		skcipher_request_set_tfm(req, conn->cipher);
		skcipher_request_set_sync_tfm(req, conn->cipher);
		skcipher_request_set_callback(req, 0, NULL, NULL);
		skcipher_request_set_crypt(req, sg, sg, sizeof(resp->encrypted), iv.x);
		crypto_skcipher_encrypt(req);
		@@ -1021,7 +1021,7 @@ static void rxkad_decrypt_response(struct rxrpc_connection *conn,
		struct rxkad_response *resp,
		const struct rxrpc_crypt *session_key)
		{
		SKCIPHER_REQUEST_ON_STACK(req, rxkad_ci);
		SYNC_SKCIPHER_REQUEST_ON_STACK(req, rxkad_ci);
		struct scatterlist sg[1];
		struct rxrpc_crypt iv;

		@@ -1031,7 +1031,7 @@ static void rxkad_decrypt_response(struct rxrpc_connection *conn,
		ASSERT(rxkad_ci != NULL);

		mutex_lock(&rxkad_ci_mutex);
		if (crypto_skcipher_setkey(rxkad_ci, session_key->x,
		if (crypto_sync_skcipher_setkey(rxkad_ci, session_key->x,
		sizeof(*session_key)) < 0)
		BUG();

		@@ -1039,7 +1039,7 @@ static void rxkad_decrypt_response(struct rxrpc_connection *conn,

		sg_init_table(sg, 1);
		sg_set_buf(sg, &resp->encrypted, sizeof(resp->encrypted));
		skcipher_request_set_tfm(req, rxkad_ci);
		skcipher_request_set_sync_tfm(req, rxkad_ci);
		skcipher_request_set_callback(req, 0, NULL, NULL);
		skcipher_request_set_crypt(req, sg, sg, sizeof(resp->encrypted), iv.x);
		crypto_skcipher_decrypt(req);
		@@ -1218,7 +1218,7 @@ static void rxkad_clear(struct rxrpc_connection *conn)
		_enter("");

		if (conn->cipher)
		crypto_free_skcipher(conn->cipher);
		crypto_free_sync_skcipher(conn->cipher);
		}

		/*
		@@ -1228,7 +1228,7 @@ static int rxkad_init(void)
		{
		/* pin the cipher we need so that the crypto layer doesn't invoke
		* keventd to go get it */
		rxkad_ci = crypto_alloc_skcipher("pcbc(fcrypt)", 0, CRYPTO_ALG_ASYNC);
		rxkad_ci = crypto_alloc_sync_skcipher("pcbc(fcrypt)", 0, 0);
		return PTR_ERR_OR_ZERO(rxkad_ci);
		}

		@@ -1238,7 +1238,7 @@ static int rxkad_init(void)
		static void rxkad_exit(void)
		{
		if (rxkad_ci)
		crypto_free_skcipher(rxkad_ci);
		crypto_free_sync_skcipher(rxkad_ci);
		}

		/*