crypto: remove CONFIG_CRYPTO_STATS · tjh.dev/kernel@29ce50e

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

crypto: remove CONFIG_CRYPTO_STATS

Remove support for the "Crypto usage statistics" feature
(CONFIG_CRYPTO_STATS). This feature does not appear to have ever been
used, and it is harmful because it significantly reduces performance and
is a large maintenance burden.

Covering each of these points in detail:

1. Feature is not being used

Since these generic crypto statistics are only readable using netlink,
it's fairly straightforward to look for programs that use them. I'm
unable to find any evidence that any such programs exist. For example,
Debian Code Search returns no hits except the kernel header and kernel
code itself and translations of the kernel header:
https://codesearch.debian.net/search?q=CRYPTOCFGA_STAT&literal=1&perpkg=1

The patch series that added this feature in 2018
(https://lore.kernel.org/linux-crypto/1537351855-16618-1-git-send-email-clabbe@baylibre.com/)
said "The goal is to have an ifconfig for crypto device." This doesn't
appear to have happened.

It's not clear that there is real demand for crypto statistics. Just
because the kernel provides other types of statistics such as I/O and
networking statistics and some people find those useful does not mean
that crypto statistics are useful too.

Further evidence that programs are not using CONFIG_CRYPTO_STATS is that
it was able to be disabled in RHEL and Fedora as a bug fix
(https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/2947).

Even further evidence comes from the fact that there are and have been
bugs in how the stats work, but they were never reported. For example,
before Linux v6.7 hash stats were double-counted in most cases.

There has also never been any documentation for this feature, so it
might be hard to use even if someone wanted to.

2. CONFIG_CRYPTO_STATS significantly reduces performance

Enabling CONFIG_CRYPTO_STATS significantly reduces the performance of
the crypto API, even if no program ever retrieves the statistics. This
primarily affects systems with a large number of CPUs. For example,
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2039576 reported
that Lustre client encryption performance improved from 21.7GB/s to
48.2GB/s by disabling CONFIG_CRYPTO_STATS.

It can be argued that this means that CONFIG_CRYPTO_STATS should be
optimized with per-cpu counters similar to many of the networking
counters. But no one has done this in 5+ years. This is consistent
with the fact that the feature appears to be unused, so there seems to
be little interest in improving it as opposed to just disabling it.

It can be argued that because CONFIG_CRYPTO_STATS is off by default,
performance doesn't matter. But Linux distros tend to error on the side
of enabling options. The option is enabled in Ubuntu and Arch Linux,
and until recently was enabled in RHEL and Fedora (see above). So, even
just having the option available is harmful to users.

3. CONFIG_CRYPTO_STATS is a large maintenance burden

There are over 1000 lines of code associated with CONFIG_CRYPTO_STATS,
spread among 32 files. It significantly complicates much of the
implementation of the crypto API. After the initial submission, many
fixes and refactorings have consumed effort of multiple people to keep
this feature "working". We should be spending this effort elsewhere.

Acked-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Eric Biggers and committed by

Herbert Xu 2 years ago 29ce50e0 1e6b251c

+71 -1096

32 changed files

expand all

arch

s390

configs

debug_defconfig

defconfig

crypto

Kconfig

Makefile

acompress.c

aead.c

ahash.c

akcipher.c

compress.h

crypto_user.c

crypto_user_stat.c

hash.h

kpp.c

lskcipher.c

rng.c

scompress.c

shash.c

sig.c

skcipher.c

skcipher.h

include

crypto

acompress.h

aead.h

akcipher.h

algapi.h

hash.h

internal

acompress.h

cryptouser.h

scompress.h

kpp.h

rng.h

skcipher.h

uapi

linux

cryptouser.h

-1

arch/s390/configs/debug_defconfig

··· 760 760 CONFIG_CRYPTO_USER_API_SKCIPHER=m 761 761 CONFIG_CRYPTO_USER_API_RNG=m 762 762 CONFIG_CRYPTO_USER_API_AEAD=m 763 - CONFIG_CRYPTO_STATS=y 764 763 CONFIG_CRYPTO_CRC32_S390=y 765 764 CONFIG_CRYPTO_SHA512_S390=m 766 765 CONFIG_CRYPTO_SHA1_S390=m

-1

arch/s390/configs/defconfig

··· 745 745 CONFIG_CRYPTO_USER_API_SKCIPHER=m 746 746 CONFIG_CRYPTO_USER_API_RNG=m 747 747 CONFIG_CRYPTO_USER_API_AEAD=m 748 - CONFIG_CRYPTO_STATS=y 749 748 CONFIG_CRYPTO_CRC32_S390=y 750 749 CONFIG_CRYPTO_SHA512_S390=m 751 750 CONFIG_CRYPTO_SHA1_S390=m

-20

crypto/Kconfig

··· 1456 1456 already been phased out from internal use by the kernel, and are 1457 1457 only useful for userspace clients that still rely on them. 1458 1458 1459 - config CRYPTO_STATS 1460 - bool "Crypto usage statistics" 1461 - depends on CRYPTO_USER 1462 - help 1463 - Enable the gathering of crypto stats. 1464 - 1465 - Enabling this option reduces the performance of the crypto API. It 1466 - should only be enabled when there is actually a use case for it. 1467 - 1468 - This collects data sizes, numbers of requests, and numbers 1469 - of errors processed by: 1470 - - AEAD ciphers (encrypt, decrypt) 1471 - - asymmetric key ciphers (encrypt, decrypt, verify, sign) 1472 - - symmetric key ciphers (encrypt, decrypt) 1473 - - compression algorithms (compress, decompress) 1474 - - hash algorithms (hash) 1475 - - key-agreement protocol primitives (setsecret, generate 1476 - public key, compute shared secret) 1477 - - RNG (generate, seed) 1478 - 1479 1459 endmenu 1480 1460 1481 1461 config CRYPTO_HASH_INFO

-2

crypto/Makefile

··· 69 69 70 70 obj-$(CONFIG_CRYPTO_MANAGER2) += cryptomgr.o 71 71 obj-$(CONFIG_CRYPTO_USER) += crypto_user.o 72 - crypto_user-y := crypto_user_base.o 73 - crypto_user-$(CONFIG_CRYPTO_STATS) += crypto_user_stat.o 74 72 obj-$(CONFIG_CRYPTO_CMAC) += cmac.o 75 73 obj-$(CONFIG_CRYPTO_HMAC) += hmac.o 76 74 obj-$(CONFIG_CRYPTO_VMAC) += vmac.o

-33

crypto/acompress.c

··· 93 93 return extsize; 94 94 } 95 95 96 - static inline int __crypto_acomp_report_stat(struct sk_buff *skb, 97 - struct crypto_alg *alg) 98 - { 99 - struct comp_alg_common *calg = __crypto_comp_alg_common(alg); 100 - struct crypto_istat_compress *istat = comp_get_stat(calg); 101 - struct crypto_stat_compress racomp; 102 - 103 - memset(&racomp, 0, sizeof(racomp)); 104 - 105 - strscpy(racomp.type, "acomp", sizeof(racomp.type)); 106 - racomp.stat_compress_cnt = atomic64_read(&istat->compress_cnt); 107 - racomp.stat_compress_tlen = atomic64_read(&istat->compress_tlen); 108 - racomp.stat_decompress_cnt = atomic64_read(&istat->decompress_cnt); 109 - racomp.stat_decompress_tlen = atomic64_read(&istat->decompress_tlen); 110 - racomp.stat_err_cnt = atomic64_read(&istat->err_cnt); 111 - 112 - return nla_put(skb, CRYPTOCFGA_STAT_ACOMP, sizeof(racomp), &racomp); 113 - } 114 - 115 - #ifdef CONFIG_CRYPTO_STATS 116 - int crypto_acomp_report_stat(struct sk_buff *skb, struct crypto_alg *alg) 117 - { 118 - return __crypto_acomp_report_stat(skb, alg); 119 - } 120 - #endif 121 - 122 96 static const struct crypto_type crypto_acomp_type = { 123 97 .extsize = crypto_acomp_extsize, 124 98 .init_tfm = crypto_acomp_init_tfm, ··· 101 127 #endif 102 128 #if IS_ENABLED(CONFIG_CRYPTO_USER) 103 129 .report = crypto_acomp_report, 104 - #endif 105 - #ifdef CONFIG_CRYPTO_STATS 106 - .report_stat = crypto_acomp_report_stat, 107 130 #endif 108 131 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 109 132 .maskset = CRYPTO_ALG_TYPE_ACOMPRESS_MASK, ··· 155 184 156 185 void comp_prepare_alg(struct comp_alg_common *alg) 157 186 { 158 - struct crypto_istat_compress *istat = comp_get_stat(alg); 159 187 struct crypto_alg *base = &alg->base; 160 188 161 189 base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; 162 - 163 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 164 - memset(istat, 0, sizeof(*istat)); 165 190 } 166 191 167 192 int crypto_register_acomp(struct acomp_alg *alg)

+7 -77

crypto/aead.c

··· 20 20 21 21 #include "internal.h" 22 22 23 - static inline struct crypto_istat_aead *aead_get_stat(struct aead_alg *alg) 24 - { 25 - #ifdef CONFIG_CRYPTO_STATS 26 - return &alg->stat; 27 - #else 28 - return NULL; 29 - #endif 30 - } 31 - 32 23 static int setkey_unaligned(struct crypto_aead *tfm, const u8 *key, 33 24 unsigned int keylen) 34 25 { ··· 81 90 } 82 91 EXPORT_SYMBOL_GPL(crypto_aead_setauthsize); 83 92 84 - static inline int crypto_aead_errstat(struct crypto_istat_aead *istat, int err) 85 - { 86 - if (!IS_ENABLED(CONFIG_CRYPTO_STATS)) 87 - return err; 88 - 89 - if (err && err != -EINPROGRESS && err != -EBUSY) 90 - atomic64_inc(&istat->err_cnt); 91 - 92 - return err; 93 - } 94 - 95 93 int crypto_aead_encrypt(struct aead_request *req) 96 94 { 97 95 struct crypto_aead *aead = crypto_aead_reqtfm(req); 98 - struct aead_alg *alg = crypto_aead_alg(aead); 99 - struct crypto_istat_aead *istat; 100 - int ret; 101 - 102 - istat = aead_get_stat(alg); 103 - 104 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 105 - atomic64_inc(&istat->encrypt_cnt); 106 - atomic64_add(req->cryptlen, &istat->encrypt_tlen); 107 - } 108 96 109 97 if (crypto_aead_get_flags(aead) & CRYPTO_TFM_NEED_KEY) 110 - ret = -ENOKEY; 111 - else 112 - ret = alg->encrypt(req); 98 + return -ENOKEY; 113 99 114 - return crypto_aead_errstat(istat, ret); 100 + return crypto_aead_alg(aead)->encrypt(req); 115 101 } 116 102 EXPORT_SYMBOL_GPL(crypto_aead_encrypt); 117 103 118 104 int crypto_aead_decrypt(struct aead_request *req) 119 105 { 120 106 struct crypto_aead *aead = crypto_aead_reqtfm(req); 121 - struct aead_alg *alg = crypto_aead_alg(aead); 122 - struct crypto_istat_aead *istat; 123 - int ret; 124 - 125 - istat = aead_get_stat(alg); 126 - 127 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 128 - atomic64_inc(&istat->encrypt_cnt); 129 - atomic64_add(req->cryptlen, &istat->encrypt_tlen); 130 - } 131 107 132 108 if (crypto_aead_get_flags(aead) & CRYPTO_TFM_NEED_KEY) 133 - ret = -ENOKEY; 134 - else if (req->cryptlen < crypto_aead_authsize(aead)) 135 - ret = -EINVAL; 136 - else 137 - ret = alg->decrypt(req); 109 + return -ENOKEY; 138 110 139 - return crypto_aead_errstat(istat, ret); 111 + if (req->cryptlen < crypto_aead_authsize(aead)) 112 + return -EINVAL; 113 + 114 + return crypto_aead_alg(aead)->decrypt(req); 140 115 } 141 116 EXPORT_SYMBOL_GPL(crypto_aead_decrypt); 142 117 ··· 172 215 aead->free(aead); 173 216 } 174 217 175 - static int __maybe_unused crypto_aead_report_stat( 176 - struct sk_buff *skb, struct crypto_alg *alg) 177 - { 178 - struct aead_alg *aead = container_of(alg, struct aead_alg, base); 179 - struct crypto_istat_aead *istat = aead_get_stat(aead); 180 - struct crypto_stat_aead raead; 181 - 182 - memset(&raead, 0, sizeof(raead)); 183 - 184 - strscpy(raead.type, "aead", sizeof(raead.type)); 185 - 186 - raead.stat_encrypt_cnt = atomic64_read(&istat->encrypt_cnt); 187 - raead.stat_encrypt_tlen = atomic64_read(&istat->encrypt_tlen); 188 - raead.stat_decrypt_cnt = atomic64_read(&istat->decrypt_cnt); 189 - raead.stat_decrypt_tlen = atomic64_read(&istat->decrypt_tlen); 190 - raead.stat_err_cnt = atomic64_read(&istat->err_cnt); 191 - 192 - return nla_put(skb, CRYPTOCFGA_STAT_AEAD, sizeof(raead), &raead); 193 - } 194 - 195 218 static const struct crypto_type crypto_aead_type = { 196 219 .extsize = crypto_alg_extsize, 197 220 .init_tfm = crypto_aead_init_tfm, ··· 181 244 #endif 182 245 #if IS_ENABLED(CONFIG_CRYPTO_USER) 183 246 .report = crypto_aead_report, 184 - #endif 185 - #ifdef CONFIG_CRYPTO_STATS 186 - .report_stat = crypto_aead_report_stat, 187 247 #endif 188 248 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 189 249 .maskset = CRYPTO_ALG_TYPE_MASK, ··· 211 277 212 278 static int aead_prepare_alg(struct aead_alg *alg) 213 279 { 214 - struct crypto_istat_aead *istat = aead_get_stat(alg); 215 280 struct crypto_alg *base = &alg->base; 216 281 217 282 if (max3(alg->maxauthsize, alg->ivsize, alg->chunksize) > ··· 223 290 base->cra_type = &crypto_aead_type; 224 291 base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; 225 292 base->cra_flags |= CRYPTO_ALG_TYPE_AEAD; 226 - 227 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 228 - memset(istat, 0, sizeof(*istat)); 229 293 230 294 return 0; 231 295 }

+5 -58

crypto/ahash.c

··· 27 27 28 28 #define CRYPTO_ALG_TYPE_AHASH_MASK 0x0000000e 29 29 30 - static inline struct crypto_istat_hash *ahash_get_stat(struct ahash_alg *alg) 31 - { 32 - return hash_get_stat(&alg->halg); 33 - } 34 - 35 - static inline int crypto_ahash_errstat(struct ahash_alg *alg, int err) 36 - { 37 - if (!IS_ENABLED(CONFIG_CRYPTO_STATS)) 38 - return err; 39 - 40 - if (err && err != -EINPROGRESS && err != -EBUSY) 41 - atomic64_inc(&ahash_get_stat(alg)->err_cnt); 42 - 43 - return err; 44 - } 45 - 46 30 /* 47 31 * For an ahash tfm that is using an shash algorithm (instead of an ahash 48 32 * algorithm), this returns the underlying shash tfm. ··· 328 344 int crypto_ahash_update(struct ahash_request *req) 329 345 { 330 346 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 331 - struct ahash_alg *alg; 332 347 333 348 if (likely(tfm->using_shash)) 334 349 return shash_ahash_update(req, ahash_request_ctx(req)); 335 350 336 - alg = crypto_ahash_alg(tfm); 337 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 338 - atomic64_add(req->nbytes, &ahash_get_stat(alg)->hash_tlen); 339 - return crypto_ahash_errstat(alg, alg->update(req)); 351 + return crypto_ahash_alg(tfm)->update(req); 340 352 } 341 353 EXPORT_SYMBOL_GPL(crypto_ahash_update); 342 354 343 355 int crypto_ahash_final(struct ahash_request *req) 344 356 { 345 357 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 346 - struct ahash_alg *alg; 347 358 348 359 if (likely(tfm->using_shash)) 349 360 return crypto_shash_final(ahash_request_ctx(req), req->result); 350 361 351 - alg = crypto_ahash_alg(tfm); 352 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 353 - atomic64_inc(&ahash_get_stat(alg)->hash_cnt); 354 - return crypto_ahash_errstat(alg, alg->final(req)); 362 + return crypto_ahash_alg(tfm)->final(req); 355 363 } 356 364 EXPORT_SYMBOL_GPL(crypto_ahash_final); 357 365 358 366 int crypto_ahash_finup(struct ahash_request *req) 359 367 { 360 368 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 361 - struct ahash_alg *alg; 362 369 363 370 if (likely(tfm->using_shash)) 364 371 return shash_ahash_finup(req, ahash_request_ctx(req)); 365 372 366 - alg = crypto_ahash_alg(tfm); 367 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 368 - struct crypto_istat_hash *istat = ahash_get_stat(alg); 369 - 370 - atomic64_inc(&istat->hash_cnt); 371 - atomic64_add(req->nbytes, &istat->hash_tlen); 372 - } 373 - return crypto_ahash_errstat(alg, alg->finup(req)); 373 + return crypto_ahash_alg(tfm)->finup(req); 374 374 } 375 375 EXPORT_SYMBOL_GPL(crypto_ahash_finup); 376 376 377 377 int crypto_ahash_digest(struct ahash_request *req) 378 378 { 379 379 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 380 - struct ahash_alg *alg; 381 - int err; 382 380 383 381 if (likely(tfm->using_shash)) 384 382 return shash_ahash_digest(req, prepare_shash_desc(req, tfm)); 385 383 386 - alg = crypto_ahash_alg(tfm); 387 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 388 - struct crypto_istat_hash *istat = ahash_get_stat(alg); 389 - 390 - atomic64_inc(&istat->hash_cnt); 391 - atomic64_add(req->nbytes, &istat->hash_tlen); 392 - } 393 - 394 384 if (crypto_ahash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) 395 - err = -ENOKEY; 396 - else 397 - err = alg->digest(req); 385 + return -ENOKEY; 398 386 399 - return crypto_ahash_errstat(alg, err); 387 + return crypto_ahash_alg(tfm)->digest(req); 400 388 } 401 389 EXPORT_SYMBOL_GPL(crypto_ahash_digest); 402 390 ··· 527 571 __crypto_hash_alg_common(alg)->digestsize); 528 572 } 529 573 530 - static int __maybe_unused crypto_ahash_report_stat( 531 - struct sk_buff *skb, struct crypto_alg *alg) 532 - { 533 - return crypto_hash_report_stat(skb, alg, "ahash"); 534 - } 535 - 536 574 static const struct crypto_type crypto_ahash_type = { 537 575 .extsize = crypto_ahash_extsize, 538 576 .init_tfm = crypto_ahash_init_tfm, ··· 536 586 #endif 537 587 #if IS_ENABLED(CONFIG_CRYPTO_USER) 538 588 .report = crypto_ahash_report, 539 - #endif 540 - #ifdef CONFIG_CRYPTO_STATS 541 - .report_stat = crypto_ahash_report_stat, 542 589 #endif 543 590 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 544 591 .maskset = CRYPTO_ALG_TYPE_AHASH_MASK,

-31

crypto/akcipher.c

··· 70 70 akcipher->free(akcipher); 71 71 } 72 72 73 - static int __maybe_unused crypto_akcipher_report_stat( 74 - struct sk_buff *skb, struct crypto_alg *alg) 75 - { 76 - struct akcipher_alg *akcipher = __crypto_akcipher_alg(alg); 77 - struct crypto_istat_akcipher *istat; 78 - struct crypto_stat_akcipher rakcipher; 79 - 80 - istat = akcipher_get_stat(akcipher); 81 - 82 - memset(&rakcipher, 0, sizeof(rakcipher)); 83 - 84 - strscpy(rakcipher.type, "akcipher", sizeof(rakcipher.type)); 85 - rakcipher.stat_encrypt_cnt = atomic64_read(&istat->encrypt_cnt); 86 - rakcipher.stat_encrypt_tlen = atomic64_read(&istat->encrypt_tlen); 87 - rakcipher.stat_decrypt_cnt = atomic64_read(&istat->decrypt_cnt); 88 - rakcipher.stat_decrypt_tlen = atomic64_read(&istat->decrypt_tlen); 89 - rakcipher.stat_sign_cnt = atomic64_read(&istat->sign_cnt); 90 - rakcipher.stat_verify_cnt = atomic64_read(&istat->verify_cnt); 91 - rakcipher.stat_err_cnt = atomic64_read(&istat->err_cnt); 92 - 93 - return nla_put(skb, CRYPTOCFGA_STAT_AKCIPHER, 94 - sizeof(rakcipher), &rakcipher); 95 - } 96 - 97 73 static const struct crypto_type crypto_akcipher_type = { 98 74 .extsize = crypto_alg_extsize, 99 75 .init_tfm = crypto_akcipher_init_tfm, ··· 79 103 #endif 80 104 #if IS_ENABLED(CONFIG_CRYPTO_USER) 81 105 .report = crypto_akcipher_report, 82 - #endif 83 - #ifdef CONFIG_CRYPTO_STATS 84 - .report_stat = crypto_akcipher_report_stat, 85 106 #endif 86 107 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 87 108 .maskset = CRYPTO_ALG_TYPE_AHASH_MASK, ··· 104 131 105 132 static void akcipher_prepare_alg(struct akcipher_alg *alg) 106 133 { 107 - struct crypto_istat_akcipher *istat = akcipher_get_stat(alg); 108 134 struct crypto_alg *base = &alg->base; 109 135 110 136 base->cra_type = &crypto_akcipher_type; 111 137 base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; 112 138 base->cra_flags |= CRYPTO_ALG_TYPE_AKCIPHER; 113 - 114 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 115 - memset(istat, 0, sizeof(*istat)); 116 139 } 117 140 118 141 static int akcipher_default_op(struct akcipher_request *req)

-3

crypto/compress.h

··· 13 13 14 14 struct acomp_req; 15 15 struct comp_alg_common; 16 - struct sk_buff; 17 16 18 17 int crypto_init_scomp_ops_async(struct crypto_tfm *tfm); 19 18 struct acomp_req *crypto_acomp_scomp_alloc_ctx(struct acomp_req *req); 20 19 void crypto_acomp_scomp_free_ctx(struct acomp_req *req); 21 - 22 - int crypto_acomp_report_stat(struct sk_buff *skb, struct crypto_alg *alg); 23 20 24 21 void comp_prepare_alg(struct comp_alg_common *alg); 25 22

+8 -2

crypto/crypto_user_base.c crypto/crypto_user.c

··· 18 18 #include <crypto/internal/rng.h> 19 19 #include <crypto/akcipher.h> 20 20 #include <crypto/kpp.h> 21 - #include <crypto/internal/cryptouser.h> 22 21 23 22 #include "internal.h" 24 23 ··· 32 33 u16 nlmsg_flags; 33 34 }; 34 35 35 - struct crypto_alg *crypto_alg_match(struct crypto_user_alg *p, int exact) 36 + static struct crypto_alg *crypto_alg_match(struct crypto_user_alg *p, int exact) 36 37 { 37 38 struct crypto_alg *q, *alg = NULL; 38 39 ··· 384 385 if (!netlink_capable(skb, CAP_NET_ADMIN)) 385 386 return -EPERM; 386 387 return crypto_del_default_rng(); 388 + } 389 + 390 + static int crypto_reportstat(struct sk_buff *in_skb, struct nlmsghdr *in_nlh, 391 + struct nlattr **attrs) 392 + { 393 + /* No longer supported */ 394 + return -ENOTSUPP; 387 395 } 388 396 389 397 #define MSGSIZE(type) sizeof(struct type)

-176

crypto/crypto_user_stat.c

··· 1 - // SPDX-License-Identifier: GPL-2.0 2 - /* 3 - * Crypto user configuration API. 4 - * 5 - * Copyright (C) 2017-2018 Corentin Labbe <clabbe@baylibre.com> 6 - * 7 - */ 8 - 9 - #include <crypto/algapi.h> 10 - #include <crypto/internal/cryptouser.h> 11 - #include <linux/errno.h> 12 - #include <linux/kernel.h> 13 - #include <linux/module.h> 14 - #include <linux/string.h> 15 - #include <net/netlink.h> 16 - #include <net/sock.h> 17 - 18 - #define null_terminated(x) (strnlen(x, sizeof(x)) < sizeof(x)) 19 - 20 - struct crypto_dump_info { 21 - struct sk_buff *in_skb; 22 - struct sk_buff *out_skb; 23 - u32 nlmsg_seq; 24 - u16 nlmsg_flags; 25 - }; 26 - 27 - static int crypto_report_cipher(struct sk_buff *skb, struct crypto_alg *alg) 28 - { 29 - struct crypto_stat_cipher rcipher; 30 - 31 - memset(&rcipher, 0, sizeof(rcipher)); 32 - 33 - strscpy(rcipher.type, "cipher", sizeof(rcipher.type)); 34 - 35 - return nla_put(skb, CRYPTOCFGA_STAT_CIPHER, sizeof(rcipher), &rcipher); 36 - } 37 - 38 - static int crypto_report_comp(struct sk_buff *skb, struct crypto_alg *alg) 39 - { 40 - struct crypto_stat_compress rcomp; 41 - 42 - memset(&rcomp, 0, sizeof(rcomp)); 43 - 44 - strscpy(rcomp.type, "compression", sizeof(rcomp.type)); 45 - 46 - return nla_put(skb, CRYPTOCFGA_STAT_COMPRESS, sizeof(rcomp), &rcomp); 47 - } 48 - 49 - static int crypto_reportstat_one(struct crypto_alg *alg, 50 - struct crypto_user_alg *ualg, 51 - struct sk_buff *skb) 52 - { 53 - memset(ualg, 0, sizeof(*ualg)); 54 - 55 - strscpy(ualg->cru_name, alg->cra_name, sizeof(ualg->cru_name)); 56 - strscpy(ualg->cru_driver_name, alg->cra_driver_name, 57 - sizeof(ualg->cru_driver_name)); 58 - strscpy(ualg->cru_module_name, module_name(alg->cra_module), 59 - sizeof(ualg->cru_module_name)); 60 - 61 - ualg->cru_type = 0; 62 - ualg->cru_mask = 0; 63 - ualg->cru_flags = alg->cra_flags; 64 - ualg->cru_refcnt = refcount_read(&alg->cra_refcnt); 65 - 66 - if (nla_put_u32(skb, CRYPTOCFGA_PRIORITY_VAL, alg->cra_priority)) 67 - goto nla_put_failure; 68 - if (alg->cra_flags & CRYPTO_ALG_LARVAL) { 69 - struct crypto_stat_larval rl; 70 - 71 - memset(&rl, 0, sizeof(rl)); 72 - strscpy(rl.type, "larval", sizeof(rl.type)); 73 - if (nla_put(skb, CRYPTOCFGA_STAT_LARVAL, sizeof(rl), &rl)) 74 - goto nla_put_failure; 75 - goto out; 76 - } 77 - 78 - if (alg->cra_type && alg->cra_type->report_stat) { 79 - if (alg->cra_type->report_stat(skb, alg)) 80 - goto nla_put_failure; 81 - goto out; 82 - } 83 - 84 - switch (alg->cra_flags & (CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_LARVAL)) { 85 - case CRYPTO_ALG_TYPE_CIPHER: 86 - if (crypto_report_cipher(skb, alg)) 87 - goto nla_put_failure; 88 - break; 89 - case CRYPTO_ALG_TYPE_COMPRESS: 90 - if (crypto_report_comp(skb, alg)) 91 - goto nla_put_failure; 92 - break; 93 - default: 94 - pr_err("ERROR: Unhandled alg %d in %s\n", 95 - alg->cra_flags & (CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_LARVAL), 96 - __func__); 97 - } 98 - 99 - out: 100 - return 0; 101 - 102 - nla_put_failure: 103 - return -EMSGSIZE; 104 - } 105 - 106 - static int crypto_reportstat_alg(struct crypto_alg *alg, 107 - struct crypto_dump_info *info) 108 - { 109 - struct sk_buff *in_skb = info->in_skb; 110 - struct sk_buff *skb = info->out_skb; 111 - struct nlmsghdr *nlh; 112 - struct crypto_user_alg *ualg; 113 - int err = 0; 114 - 115 - nlh = nlmsg_put(skb, NETLINK_CB(in_skb).portid, info->nlmsg_seq, 116 - CRYPTO_MSG_GETSTAT, sizeof(*ualg), info->nlmsg_flags); 117 - if (!nlh) { 118 - err = -EMSGSIZE; 119 - goto out; 120 - } 121 - 122 - ualg = nlmsg_data(nlh); 123 - 124 - err = crypto_reportstat_one(alg, ualg, skb); 125 - if (err) { 126 - nlmsg_cancel(skb, nlh); 127 - goto out; 128 - } 129 - 130 - nlmsg_end(skb, nlh); 131 - 132 - out: 133 - return err; 134 - } 135 - 136 - int crypto_reportstat(struct sk_buff *in_skb, struct nlmsghdr *in_nlh, 137 - struct nlattr **attrs) 138 - { 139 - struct net *net = sock_net(in_skb->sk); 140 - struct crypto_user_alg *p = nlmsg_data(in_nlh); 141 - struct crypto_alg *alg; 142 - struct sk_buff *skb; 143 - struct crypto_dump_info info; 144 - int err; 145 - 146 - if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name)) 147 - return -EINVAL; 148 - 149 - alg = crypto_alg_match(p, 0); 150 - if (!alg) 151 - return -ENOENT; 152 - 153 - err = -ENOMEM; 154 - skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 155 - if (!skb) 156 - goto drop_alg; 157 - 158 - info.in_skb = in_skb; 159 - info.out_skb = skb; 160 - info.nlmsg_seq = in_nlh->nlmsg_seq; 161 - info.nlmsg_flags = 0; 162 - 163 - err = crypto_reportstat_alg(alg, &info); 164 - 165 - drop_alg: 166 - crypto_mod_put(alg); 167 - 168 - if (err) { 169 - kfree_skb(skb); 170 - return err; 171 - } 172 - 173 - return nlmsg_unicast(net->crypto_nlsk, skb, NETLINK_CB(in_skb).portid); 174 - } 175 - 176 - MODULE_LICENSE("GPL");

-30

crypto/hash.h

··· 8 8 #define _LOCAL_CRYPTO_HASH_H 9 9 10 10 #include <crypto/internal/hash.h> 11 - #include <linux/cryptouser.h> 12 11 13 12 #include "internal.h" 14 - 15 - static inline struct crypto_istat_hash *hash_get_stat( 16 - struct hash_alg_common *alg) 17 - { 18 - #ifdef CONFIG_CRYPTO_STATS 19 - return &alg->stat; 20 - #else 21 - return NULL; 22 - #endif 23 - } 24 - 25 - static inline int crypto_hash_report_stat(struct sk_buff *skb, 26 - struct crypto_alg *alg, 27 - const char *type) 28 - { 29 - struct hash_alg_common *halg = __crypto_hash_alg_common(alg); 30 - struct crypto_istat_hash *istat = hash_get_stat(halg); 31 - struct crypto_stat_hash rhash; 32 - 33 - memset(&rhash, 0, sizeof(rhash)); 34 - 35 - strscpy(rhash.type, type, sizeof(rhash.type)); 36 - 37 - rhash.stat_hash_cnt = atomic64_read(&istat->hash_cnt); 38 - rhash.stat_hash_tlen = atomic64_read(&istat->hash_tlen); 39 - rhash.stat_err_cnt = atomic64_read(&istat->err_cnt); 40 - 41 - return nla_put(skb, CRYPTOCFGA_STAT_HASH, sizeof(rhash), &rhash); 42 - } 43 13 44 14 extern const struct crypto_type crypto_shash_type; 45 15

-30

crypto/kpp.c

··· 66 66 kpp->free(kpp); 67 67 } 68 68 69 - static int __maybe_unused crypto_kpp_report_stat( 70 - struct sk_buff *skb, struct crypto_alg *alg) 71 - { 72 - struct kpp_alg *kpp = __crypto_kpp_alg(alg); 73 - struct crypto_istat_kpp *istat; 74 - struct crypto_stat_kpp rkpp; 75 - 76 - istat = kpp_get_stat(kpp); 77 - 78 - memset(&rkpp, 0, sizeof(rkpp)); 79 - 80 - strscpy(rkpp.type, "kpp", sizeof(rkpp.type)); 81 - 82 - rkpp.stat_setsecret_cnt = atomic64_read(&istat->setsecret_cnt); 83 - rkpp.stat_generate_public_key_cnt = 84 - atomic64_read(&istat->generate_public_key_cnt); 85 - rkpp.stat_compute_shared_secret_cnt = 86 - atomic64_read(&istat->compute_shared_secret_cnt); 87 - rkpp.stat_err_cnt = atomic64_read(&istat->err_cnt); 88 - 89 - return nla_put(skb, CRYPTOCFGA_STAT_KPP, sizeof(rkpp), &rkpp); 90 - } 91 - 92 69 static const struct crypto_type crypto_kpp_type = { 93 70 .extsize = crypto_alg_extsize, 94 71 .init_tfm = crypto_kpp_init_tfm, ··· 75 98 #endif 76 99 #if IS_ENABLED(CONFIG_CRYPTO_USER) 77 100 .report = crypto_kpp_report, 78 - #endif 79 - #ifdef CONFIG_CRYPTO_STATS 80 - .report_stat = crypto_kpp_report_stat, 81 101 #endif 82 102 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 83 103 .maskset = CRYPTO_ALG_TYPE_MASK, ··· 105 131 106 132 static void kpp_prepare_alg(struct kpp_alg *alg) 107 133 { 108 - struct crypto_istat_kpp *istat = kpp_get_stat(alg); 109 134 struct crypto_alg *base = &alg->base; 110 135 111 136 base->cra_type = &crypto_kpp_type; 112 137 base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; 113 138 base->cra_flags |= CRYPTO_ALG_TYPE_KPP; 114 - 115 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 116 - memset(istat, 0, sizeof(*istat)); 117 139 } 118 140 119 141 int crypto_register_kpp(struct kpp_alg *alg)

+4 -69

crypto/lskcipher.c

··· 29 29 return container_of(alg, struct lskcipher_alg, co.base); 30 30 } 31 31 32 - static inline struct crypto_istat_cipher *lskcipher_get_stat( 33 - struct lskcipher_alg *alg) 34 - { 35 - return skcipher_get_stat_common(&alg->co); 36 - } 37 - 38 - static inline int crypto_lskcipher_errstat(struct lskcipher_alg *alg, int err) 39 - { 40 - struct crypto_istat_cipher *istat = lskcipher_get_stat(alg); 41 - 42 - if (!IS_ENABLED(CONFIG_CRYPTO_STATS)) 43 - return err; 44 - 45 - if (err) 46 - atomic64_inc(&istat->err_cnt); 47 - 48 - return err; 49 - } 50 - 51 32 static int lskcipher_setkey_unaligned(struct crypto_lskcipher *tfm, 52 33 const u8 *key, unsigned int keylen) 53 34 { ··· 128 147 u32 flags)) 129 148 { 130 149 unsigned long alignmask = crypto_lskcipher_alignmask(tfm); 131 - struct lskcipher_alg *alg = crypto_lskcipher_alg(tfm); 132 - int ret; 133 150 134 151 if (((unsigned long)src | (unsigned long)dst | (unsigned long)iv) & 135 - alignmask) { 136 - ret = crypto_lskcipher_crypt_unaligned(tfm, src, dst, len, iv, 137 - crypt); 138 - goto out; 139 - } 152 + alignmask) 153 + return crypto_lskcipher_crypt_unaligned(tfm, src, dst, len, iv, 154 + crypt); 140 155 141 - ret = crypt(tfm, src, dst, len, iv, CRYPTO_LSKCIPHER_FLAG_FINAL); 142 - 143 - out: 144 - return crypto_lskcipher_errstat(alg, ret); 156 + return crypt(tfm, src, dst, len, iv, CRYPTO_LSKCIPHER_FLAG_FINAL); 145 157 } 146 158 147 159 int crypto_lskcipher_encrypt(struct crypto_lskcipher *tfm, const u8 *src, 148 160 u8 *dst, unsigned len, u8 *iv) 149 161 { 150 162 struct lskcipher_alg *alg = crypto_lskcipher_alg(tfm); 151 - 152 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 153 - struct crypto_istat_cipher *istat = lskcipher_get_stat(alg); 154 - 155 - atomic64_inc(&istat->encrypt_cnt); 156 - atomic64_add(len, &istat->encrypt_tlen); 157 - } 158 163 159 164 return crypto_lskcipher_crypt(tfm, src, dst, len, iv, alg->encrypt); 160 165 } ··· 150 183 u8 *dst, unsigned len, u8 *iv) 151 184 { 152 185 struct lskcipher_alg *alg = crypto_lskcipher_alg(tfm); 153 - 154 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 155 - struct crypto_istat_cipher *istat = lskcipher_get_stat(alg); 156 - 157 - atomic64_inc(&istat->decrypt_cnt); 158 - atomic64_add(len, &istat->decrypt_tlen); 159 - } 160 186 161 187 return crypto_lskcipher_crypt(tfm, src, dst, len, iv, alg->decrypt); 162 188 } ··· 280 320 sizeof(rblkcipher), &rblkcipher); 281 321 } 282 322 283 - static int __maybe_unused crypto_lskcipher_report_stat( 284 - struct sk_buff *skb, struct crypto_alg *alg) 285 - { 286 - struct lskcipher_alg *skcipher = __crypto_lskcipher_alg(alg); 287 - struct crypto_istat_cipher *istat; 288 - struct crypto_stat_cipher rcipher; 289 - 290 - istat = lskcipher_get_stat(skcipher); 291 - 292 - memset(&rcipher, 0, sizeof(rcipher)); 293 - 294 - strscpy(rcipher.type, "cipher", sizeof(rcipher.type)); 295 - 296 - rcipher.stat_encrypt_cnt = atomic64_read(&istat->encrypt_cnt); 297 - rcipher.stat_encrypt_tlen = atomic64_read(&istat->encrypt_tlen); 298 - rcipher.stat_decrypt_cnt = atomic64_read(&istat->decrypt_cnt); 299 - rcipher.stat_decrypt_tlen = atomic64_read(&istat->decrypt_tlen); 300 - rcipher.stat_err_cnt = atomic64_read(&istat->err_cnt); 301 - 302 - return nla_put(skb, CRYPTOCFGA_STAT_CIPHER, sizeof(rcipher), &rcipher); 303 - } 304 - 305 323 static const struct crypto_type crypto_lskcipher_type = { 306 324 .extsize = crypto_alg_extsize, 307 325 .init_tfm = crypto_lskcipher_init_tfm, ··· 289 351 #endif 290 352 #if IS_ENABLED(CONFIG_CRYPTO_USER) 291 353 .report = crypto_lskcipher_report, 292 - #endif 293 - #ifdef CONFIG_CRYPTO_STATS 294 - .report_stat = crypto_lskcipher_report_stat, 295 354 #endif 296 355 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 297 356 .maskset = CRYPTO_ALG_TYPE_MASK,

+5 -39

crypto/rng.c

··· 30 30 31 31 int crypto_rng_reset(struct crypto_rng *tfm, const u8 *seed, unsigned int slen) 32 32 { 33 - struct rng_alg *alg = crypto_rng_alg(tfm); 34 33 u8 *buf = NULL; 35 34 int err; 36 35 37 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 38 - atomic64_inc(&rng_get_stat(alg)->seed_cnt); 39 - 40 36 if (!seed && slen) { 41 37 buf = kmalloc(slen, GFP_KERNEL); 42 - err = -ENOMEM; 43 38 if (!buf) 44 - goto out; 39 + return -ENOMEM; 45 40 46 41 err = get_random_bytes_wait(buf, slen); 47 42 if (err) 48 - goto free_buf; 43 + goto out; 49 44 seed = buf; 50 45 } 51 46 52 - err = alg->seed(tfm, seed, slen); 53 - free_buf: 54 - kfree_sensitive(buf); 47 + err = crypto_rng_alg(tfm)->seed(tfm, seed, slen); 55 48 out: 56 - return crypto_rng_errstat(alg, err); 49 + kfree_sensitive(buf); 50 + return err; 57 51 } 58 52 EXPORT_SYMBOL_GPL(crypto_rng_reset); 59 53 ··· 85 91 seq_printf(m, "seedsize : %u\n", seedsize(alg)); 86 92 } 87 93 88 - static int __maybe_unused crypto_rng_report_stat( 89 - struct sk_buff *skb, struct crypto_alg *alg) 90 - { 91 - struct rng_alg *rng = __crypto_rng_alg(alg); 92 - struct crypto_istat_rng *istat; 93 - struct crypto_stat_rng rrng; 94 - 95 - istat = rng_get_stat(rng); 96 - 97 - memset(&rrng, 0, sizeof(rrng)); 98 - 99 - strscpy(rrng.type, "rng", sizeof(rrng.type)); 100 - 101 - rrng.stat_generate_cnt = atomic64_read(&istat->generate_cnt); 102 - rrng.stat_generate_tlen = atomic64_read(&istat->generate_tlen); 103 - rrng.stat_seed_cnt = atomic64_read(&istat->seed_cnt); 104 - rrng.stat_err_cnt = atomic64_read(&istat->err_cnt); 105 - 106 - return nla_put(skb, CRYPTOCFGA_STAT_RNG, sizeof(rrng), &rrng); 107 - } 108 - 109 94 static const struct crypto_type crypto_rng_type = { 110 95 .extsize = crypto_alg_extsize, 111 96 .init_tfm = crypto_rng_init_tfm, ··· 93 120 #endif 94 121 #if IS_ENABLED(CONFIG_CRYPTO_USER) 95 122 .report = crypto_rng_report, 96 - #endif 97 - #ifdef CONFIG_CRYPTO_STATS 98 - .report_stat = crypto_rng_report_stat, 99 123 #endif 100 124 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 101 125 .maskset = CRYPTO_ALG_TYPE_MASK, ··· 169 199 170 200 int crypto_register_rng(struct rng_alg *alg) 171 201 { 172 - struct crypto_istat_rng *istat = rng_get_stat(alg); 173 202 struct crypto_alg *base = &alg->base; 174 203 175 204 if (alg->seedsize > PAGE_SIZE / 8) ··· 177 208 base->cra_type = &crypto_rng_type; 178 209 base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; 179 210 base->cra_flags |= CRYPTO_ALG_TYPE_RNG; 180 - 181 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 182 - memset(istat, 0, sizeof(*istat)); 183 211 184 212 return crypto_register_alg(base); 185 213 }

-3

crypto/scompress.c

··· 271 271 #if IS_ENABLED(CONFIG_CRYPTO_USER) 272 272 .report = crypto_scomp_report, 273 273 #endif 274 - #ifdef CONFIG_CRYPTO_STATS 275 - .report_stat = crypto_acomp_report_stat, 276 - #endif 277 274 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 278 275 .maskset = CRYPTO_ALG_TYPE_MASK, 279 276 .type = CRYPTO_ALG_TYPE_SCOMPRESS,

+5 -70

crypto/shash.c

··· 16 16 17 17 #include "hash.h" 18 18 19 - static inline struct crypto_istat_hash *shash_get_stat(struct shash_alg *alg) 20 - { 21 - return hash_get_stat(&alg->halg); 22 - } 23 - 24 - static inline int crypto_shash_errstat(struct shash_alg *alg, int err) 25 - { 26 - if (IS_ENABLED(CONFIG_CRYPTO_STATS) && err) 27 - atomic64_inc(&shash_get_stat(alg)->err_cnt); 28 - return err; 29 - } 30 - 31 19 int shash_no_setkey(struct crypto_shash *tfm, const u8 *key, 32 20 unsigned int keylen) 33 21 { ··· 49 61 int crypto_shash_update(struct shash_desc *desc, const u8 *data, 50 62 unsigned int len) 51 63 { 52 - struct shash_alg *shash = crypto_shash_alg(desc->tfm); 53 - int err; 54 - 55 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 56 - atomic64_add(len, &shash_get_stat(shash)->hash_tlen); 57 - 58 - err = shash->update(desc, data, len); 59 - 60 - return crypto_shash_errstat(shash, err); 64 + return crypto_shash_alg(desc->tfm)->update(desc, data, len); 61 65 } 62 66 EXPORT_SYMBOL_GPL(crypto_shash_update); 63 67 64 68 int crypto_shash_final(struct shash_desc *desc, u8 *out) 65 69 { 66 - struct shash_alg *shash = crypto_shash_alg(desc->tfm); 67 - int err; 68 - 69 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 70 - atomic64_inc(&shash_get_stat(shash)->hash_cnt); 71 - 72 - err = shash->final(desc, out); 73 - 74 - return crypto_shash_errstat(shash, err); 70 + return crypto_shash_alg(desc->tfm)->final(desc, out); 75 71 } 76 72 EXPORT_SYMBOL_GPL(crypto_shash_final); 77 73 ··· 71 99 int crypto_shash_finup(struct shash_desc *desc, const u8 *data, 72 100 unsigned int len, u8 *out) 73 101 { 74 - struct crypto_shash *tfm = desc->tfm; 75 - struct shash_alg *shash = crypto_shash_alg(tfm); 76 - int err; 77 - 78 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 79 - struct crypto_istat_hash *istat = shash_get_stat(shash); 80 - 81 - atomic64_inc(&istat->hash_cnt); 82 - atomic64_add(len, &istat->hash_tlen); 83 - } 84 - 85 - err = shash->finup(desc, data, len, out); 86 - 87 - return crypto_shash_errstat(shash, err); 102 + return crypto_shash_alg(desc->tfm)->finup(desc, data, len, out); 88 103 } 89 104 EXPORT_SYMBOL_GPL(crypto_shash_finup); 90 105 ··· 88 129 unsigned int len, u8 *out) 89 130 { 90 131 struct crypto_shash *tfm = desc->tfm; 91 - struct shash_alg *shash = crypto_shash_alg(tfm); 92 - int err; 93 - 94 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 95 - struct crypto_istat_hash *istat = shash_get_stat(shash); 96 - 97 - atomic64_inc(&istat->hash_cnt); 98 - atomic64_add(len, &istat->hash_tlen); 99 - } 100 132 101 133 if (crypto_shash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) 102 - err = -ENOKEY; 103 - else 104 - err = shash->digest(desc, data, len, out); 134 + return -ENOKEY; 105 135 106 - return crypto_shash_errstat(shash, err); 136 + return crypto_shash_alg(tfm)->digest(desc, data, len, out); 107 137 } 108 138 EXPORT_SYMBOL_GPL(crypto_shash_digest); 109 139 ··· 213 265 seq_printf(m, "digestsize : %u\n", salg->digestsize); 214 266 } 215 267 216 - static int __maybe_unused crypto_shash_report_stat( 217 - struct sk_buff *skb, struct crypto_alg *alg) 218 - { 219 - return crypto_hash_report_stat(skb, alg, "shash"); 220 - } 221 - 222 268 const struct crypto_type crypto_shash_type = { 223 269 .extsize = crypto_alg_extsize, 224 270 .init_tfm = crypto_shash_init_tfm, ··· 222 280 #endif 223 281 #if IS_ENABLED(CONFIG_CRYPTO_USER) 224 282 .report = crypto_shash_report, 225 - #endif 226 - #ifdef CONFIG_CRYPTO_STATS 227 - .report_stat = crypto_shash_report_stat, 228 283 #endif 229 284 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 230 285 .maskset = CRYPTO_ALG_TYPE_MASK, ··· 289 350 290 351 int hash_prepare_alg(struct hash_alg_common *alg) 291 352 { 292 - struct crypto_istat_hash *istat = hash_get_stat(alg); 293 353 struct crypto_alg *base = &alg->base; 294 354 295 355 if (alg->digestsize > HASH_MAX_DIGESTSIZE) ··· 299 361 return -EINVAL; 300 362 301 363 base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; 302 - 303 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 304 - memset(istat, 0, sizeof(*istat)); 305 364 306 365 return 0; 307 366 }

-13

crypto/sig.c

··· 45 45 return nla_put(skb, CRYPTOCFGA_REPORT_AKCIPHER, sizeof(rsig), &rsig); 46 46 } 47 47 48 - static int __maybe_unused crypto_sig_report_stat(struct sk_buff *skb, 49 - struct crypto_alg *alg) 50 - { 51 - struct crypto_stat_akcipher rsig = {}; 52 - 53 - strscpy(rsig.type, "sig", sizeof(rsig.type)); 54 - 55 - return nla_put(skb, CRYPTOCFGA_STAT_AKCIPHER, sizeof(rsig), &rsig); 56 - } 57 - 58 48 static const struct crypto_type crypto_sig_type = { 59 49 .extsize = crypto_alg_extsize, 60 50 .init_tfm = crypto_sig_init_tfm, ··· 53 63 #endif 54 64 #if IS_ENABLED(CONFIG_CRYPTO_USER) 55 65 .report = crypto_sig_report, 56 - #endif 57 - #ifdef CONFIG_CRYPTO_STATS 58 - .report_stat = crypto_sig_report_stat, 59 66 #endif 60 67 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 61 68 .maskset = CRYPTO_ALG_TYPE_SIG_MASK,

+8 -78

crypto/skcipher.c

··· 89 89 return container_of(alg, struct skcipher_alg, base); 90 90 } 91 91 92 - static inline struct crypto_istat_cipher *skcipher_get_stat( 93 - struct skcipher_alg *alg) 94 - { 95 - return skcipher_get_stat_common(&alg->co); 96 - } 97 - 98 - static inline int crypto_skcipher_errstat(struct skcipher_alg *alg, int err) 99 - { 100 - struct crypto_istat_cipher *istat = skcipher_get_stat(alg); 101 - 102 - if (!IS_ENABLED(CONFIG_CRYPTO_STATS)) 103 - return err; 104 - 105 - if (err && err != -EINPROGRESS && err != -EBUSY) 106 - atomic64_inc(&istat->err_cnt); 107 - 108 - return err; 109 - } 110 - 111 92 static int skcipher_done_slow(struct skcipher_walk *walk, unsigned int bsize) 112 93 { 113 94 u8 *addr; ··· 635 654 { 636 655 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); 637 656 struct skcipher_alg *alg = crypto_skcipher_alg(tfm); 638 - int ret; 639 - 640 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 641 - struct crypto_istat_cipher *istat = skcipher_get_stat(alg); 642 - 643 - atomic64_inc(&istat->encrypt_cnt); 644 - atomic64_add(req->cryptlen, &istat->encrypt_tlen); 645 - } 646 657 647 658 if (crypto_skcipher_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) 648 - ret = -ENOKEY; 649 - else if (alg->co.base.cra_type != &crypto_skcipher_type) 650 - ret = crypto_lskcipher_encrypt_sg(req); 651 - else 652 - ret = alg->encrypt(req); 653 - 654 - return crypto_skcipher_errstat(alg, ret); 659 + return -ENOKEY; 660 + if (alg->co.base.cra_type != &crypto_skcipher_type) 661 + return crypto_lskcipher_encrypt_sg(req); 662 + return alg->encrypt(req); 655 663 } 656 664 EXPORT_SYMBOL_GPL(crypto_skcipher_encrypt); 657 665 ··· 648 678 { 649 679 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); 650 680 struct skcipher_alg *alg = crypto_skcipher_alg(tfm); 651 - int ret; 652 - 653 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 654 - struct crypto_istat_cipher *istat = skcipher_get_stat(alg); 655 - 656 - atomic64_inc(&istat->decrypt_cnt); 657 - atomic64_add(req->cryptlen, &istat->decrypt_tlen); 658 - } 659 681 660 682 if (crypto_skcipher_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) 661 - ret = -ENOKEY; 662 - else if (alg->co.base.cra_type != &crypto_skcipher_type) 663 - ret = crypto_lskcipher_decrypt_sg(req); 664 - else 665 - ret = alg->decrypt(req); 666 - 667 - return crypto_skcipher_errstat(alg, ret); 683 + return -ENOKEY; 684 + if (alg->co.base.cra_type != &crypto_skcipher_type) 685 + return crypto_lskcipher_decrypt_sg(req); 686 + return alg->decrypt(req); 668 687 } 669 688 EXPORT_SYMBOL_GPL(crypto_skcipher_decrypt); 670 689 ··· 805 846 sizeof(rblkcipher), &rblkcipher); 806 847 } 807 848 808 - static int __maybe_unused crypto_skcipher_report_stat( 809 - struct sk_buff *skb, struct crypto_alg *alg) 810 - { 811 - struct skcipher_alg *skcipher = __crypto_skcipher_alg(alg); 812 - struct crypto_istat_cipher *istat; 813 - struct crypto_stat_cipher rcipher; 814 - 815 - istat = skcipher_get_stat(skcipher); 816 - 817 - memset(&rcipher, 0, sizeof(rcipher)); 818 - 819 - strscpy(rcipher.type, "cipher", sizeof(rcipher.type)); 820 - 821 - rcipher.stat_encrypt_cnt = atomic64_read(&istat->encrypt_cnt); 822 - rcipher.stat_encrypt_tlen = atomic64_read(&istat->encrypt_tlen); 823 - rcipher.stat_decrypt_cnt = atomic64_read(&istat->decrypt_cnt); 824 - rcipher.stat_decrypt_tlen = atomic64_read(&istat->decrypt_tlen); 825 - rcipher.stat_err_cnt = atomic64_read(&istat->err_cnt); 826 - 827 - return nla_put(skb, CRYPTOCFGA_STAT_CIPHER, sizeof(rcipher), &rcipher); 828 - } 829 - 830 849 static const struct crypto_type crypto_skcipher_type = { 831 850 .extsize = crypto_skcipher_extsize, 832 851 .init_tfm = crypto_skcipher_init_tfm, ··· 814 877 #endif 815 878 #if IS_ENABLED(CONFIG_CRYPTO_USER) 816 879 .report = crypto_skcipher_report, 817 - #endif 818 - #ifdef CONFIG_CRYPTO_STATS 819 - .report_stat = crypto_skcipher_report_stat, 820 880 #endif 821 881 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 822 882 .maskset = CRYPTO_ALG_TYPE_SKCIPHER_MASK, ··· 869 935 870 936 int skcipher_prepare_alg_common(struct skcipher_alg_common *alg) 871 937 { 872 - struct crypto_istat_cipher *istat = skcipher_get_stat_common(alg); 873 938 struct crypto_alg *base = &alg->base; 874 939 875 940 if (alg->ivsize > PAGE_SIZE / 8 || alg->chunksize > PAGE_SIZE / 8 || ··· 880 947 alg->chunksize = base->cra_blocksize; 881 948 882 949 base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; 883 - 884 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 885 - memset(istat, 0, sizeof(*istat)); 886 950 887 951 return 0; 888 952 }

-10

crypto/skcipher.h

··· 10 10 #include <crypto/internal/skcipher.h> 11 11 #include "internal.h" 12 12 13 - static inline struct crypto_istat_cipher *skcipher_get_stat_common( 14 - struct skcipher_alg_common *alg) 15 - { 16 - #ifdef CONFIG_CRYPTO_STATS 17 - return &alg->stat; 18 - #else 19 - return NULL; 20 - #endif 21 - } 22 - 23 13 int crypto_lskcipher_encrypt_sg(struct skcipher_request *req); 24 14 int crypto_lskcipher_decrypt_sg(struct skcipher_request *req); 25 15 int crypto_init_lskcipher_ops_sg(struct crypto_tfm *tfm);

+2 -71

include/crypto/acompress.h

··· 56 56 struct crypto_tfm base; 57 57 }; 58 58 59 - /* 60 - * struct crypto_istat_compress - statistics for compress algorithm 61 - * @compress_cnt: number of compress requests 62 - * @compress_tlen: total data size handled by compress requests 63 - * @decompress_cnt: number of decompress requests 64 - * @decompress_tlen: total data size handled by decompress requests 65 - * @err_cnt: number of error for compress requests 66 - */ 67 - struct crypto_istat_compress { 68 - atomic64_t compress_cnt; 69 - atomic64_t compress_tlen; 70 - atomic64_t decompress_cnt; 71 - atomic64_t decompress_tlen; 72 - atomic64_t err_cnt; 73 - }; 74 - 75 - #ifdef CONFIG_CRYPTO_STATS 76 - #define COMP_ALG_COMMON_STATS struct crypto_istat_compress stat; 77 - #else 78 - #define COMP_ALG_COMMON_STATS 79 - #endif 80 - 81 59 #define COMP_ALG_COMMON { \ 82 - COMP_ALG_COMMON_STATS \ 83 - \ 84 60 struct crypto_alg base; \ 85 61 } 86 62 struct comp_alg_common COMP_ALG_COMMON; ··· 237 261 req->flags |= CRYPTO_ACOMP_ALLOC_OUTPUT; 238 262 } 239 263 240 - static inline struct crypto_istat_compress *comp_get_stat( 241 - struct comp_alg_common *alg) 242 - { 243 - #ifdef CONFIG_CRYPTO_STATS 244 - return &alg->stat; 245 - #else 246 - return NULL; 247 - #endif 248 - } 249 - 250 - static inline int crypto_comp_errstat(struct comp_alg_common *alg, int err) 251 - { 252 - if (!IS_ENABLED(CONFIG_CRYPTO_STATS)) 253 - return err; 254 - 255 - if (err && err != -EINPROGRESS && err != -EBUSY) 256 - atomic64_inc(&comp_get_stat(alg)->err_cnt); 257 - 258 - return err; 259 - } 260 - 261 264 /** 262 265 * crypto_acomp_compress() -- Invoke asynchronous compress operation 263 266 * ··· 248 293 */ 249 294 static inline int crypto_acomp_compress(struct acomp_req *req) 250 295 { 251 - struct crypto_acomp *tfm = crypto_acomp_reqtfm(req); 252 - struct comp_alg_common *alg; 253 - 254 - alg = crypto_comp_alg_common(tfm); 255 - 256 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 257 - struct crypto_istat_compress *istat = comp_get_stat(alg); 258 - 259 - atomic64_inc(&istat->compress_cnt); 260 - atomic64_add(req->slen, &istat->compress_tlen); 261 - } 262 - 263 - return crypto_comp_errstat(alg, tfm->compress(req)); 296 + return crypto_acomp_reqtfm(req)->compress(req); 264 297 } 265 298 266 299 /** ··· 262 319 */ 263 320 static inline int crypto_acomp_decompress(struct acomp_req *req) 264 321 { 265 - struct crypto_acomp *tfm = crypto_acomp_reqtfm(req); 266 - struct comp_alg_common *alg; 267 - 268 - alg = crypto_comp_alg_common(tfm); 269 - 270 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 271 - struct crypto_istat_compress *istat = comp_get_stat(alg); 272 - 273 - atomic64_inc(&istat->decompress_cnt); 274 - atomic64_add(req->slen, &istat->decompress_tlen); 275 - } 276 - 277 - return crypto_comp_errstat(alg, tfm->decompress(req)); 322 + return crypto_acomp_reqtfm(req)->decompress(req); 278 323 } 279 324 280 325 #endif

-21

include/crypto/aead.h

··· 101 101 void *__ctx[] CRYPTO_MINALIGN_ATTR; 102 102 }; 103 103 104 - /* 105 - * struct crypto_istat_aead - statistics for AEAD algorithm 106 - * @encrypt_cnt: number of encrypt requests 107 - * @encrypt_tlen: total data size handled by encrypt requests 108 - * @decrypt_cnt: number of decrypt requests 109 - * @decrypt_tlen: total data size handled by decrypt requests 110 - * @err_cnt: number of error for AEAD requests 111 - */ 112 - struct crypto_istat_aead { 113 - atomic64_t encrypt_cnt; 114 - atomic64_t encrypt_tlen; 115 - atomic64_t decrypt_cnt; 116 - atomic64_t decrypt_tlen; 117 - atomic64_t err_cnt; 118 - }; 119 - 120 104 /** 121 105 * struct aead_alg - AEAD cipher definition 122 106 * @maxauthsize: Set the maximum authentication tag size supported by the ··· 119 135 * @setkey: see struct skcipher_alg 120 136 * @encrypt: see struct skcipher_alg 121 137 * @decrypt: see struct skcipher_alg 122 - * @stat: statistics for AEAD algorithm 123 138 * @ivsize: see struct skcipher_alg 124 139 * @chunksize: see struct skcipher_alg 125 140 * @init: Initialize the cryptographic transformation object. This function ··· 144 161 int (*decrypt)(struct aead_request *req); 145 162 int (*init)(struct crypto_aead *tfm); 146 163 void (*exit)(struct crypto_aead *tfm); 147 - 148 - #ifdef CONFIG_CRYPTO_STATS 149 - struct crypto_istat_aead stat; 150 - #endif 151 164 152 165 unsigned int ivsize; 153 166 unsigned int maxauthsize;

+4 -74

include/crypto/akcipher.h

··· 54 54 struct crypto_tfm base; 55 55 }; 56 56 57 - /* 58 - * struct crypto_istat_akcipher - statistics for akcipher algorithm 59 - * @encrypt_cnt: number of encrypt requests 60 - * @encrypt_tlen: total data size handled by encrypt requests 61 - * @decrypt_cnt: number of decrypt requests 62 - * @decrypt_tlen: total data size handled by decrypt requests 63 - * @verify_cnt: number of verify operation 64 - * @sign_cnt: number of sign requests 65 - * @err_cnt: number of error for akcipher requests 66 - */ 67 - struct crypto_istat_akcipher { 68 - atomic64_t encrypt_cnt; 69 - atomic64_t encrypt_tlen; 70 - atomic64_t decrypt_cnt; 71 - atomic64_t decrypt_tlen; 72 - atomic64_t verify_cnt; 73 - atomic64_t sign_cnt; 74 - atomic64_t err_cnt; 75 - }; 76 - 77 57 /** 78 58 * struct akcipher_alg - generic public key algorithm 79 59 * ··· 90 110 * @exit: Deinitialize the cryptographic transformation object. This is a 91 111 * counterpart to @init, used to remove various changes set in 92 112 * @init. 93 - * @stat: Statistics for akcipher algorithm 94 113 * 95 114 * @base: Common crypto API algorithm data structure 96 115 */ ··· 105 126 unsigned int (*max_size)(struct crypto_akcipher *tfm); 106 127 int (*init)(struct crypto_akcipher *tfm); 107 128 void (*exit)(struct crypto_akcipher *tfm); 108 - 109 - #ifdef CONFIG_CRYPTO_STATS 110 - struct crypto_istat_akcipher stat; 111 - #endif 112 129 113 130 struct crypto_alg base; 114 131 }; ··· 277 302 return alg->max_size(tfm); 278 303 } 279 304 280 - static inline struct crypto_istat_akcipher *akcipher_get_stat( 281 - struct akcipher_alg *alg) 282 - { 283 - #ifdef CONFIG_CRYPTO_STATS 284 - return &alg->stat; 285 - #else 286 - return NULL; 287 - #endif 288 - } 289 - 290 - static inline int crypto_akcipher_errstat(struct akcipher_alg *alg, int err) 291 - { 292 - if (!IS_ENABLED(CONFIG_CRYPTO_STATS)) 293 - return err; 294 - 295 - if (err && err != -EINPROGRESS && err != -EBUSY) 296 - atomic64_inc(&akcipher_get_stat(alg)->err_cnt); 297 - 298 - return err; 299 - } 300 - 301 305 /** 302 306 * crypto_akcipher_encrypt() - Invoke public key encrypt operation 303 307 * ··· 290 336 static inline int crypto_akcipher_encrypt(struct akcipher_request *req) 291 337 { 292 338 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); 293 - struct akcipher_alg *alg = crypto_akcipher_alg(tfm); 294 339 295 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 296 - struct crypto_istat_akcipher *istat = akcipher_get_stat(alg); 297 - 298 - atomic64_inc(&istat->encrypt_cnt); 299 - atomic64_add(req->src_len, &istat->encrypt_tlen); 300 - } 301 - 302 - return crypto_akcipher_errstat(alg, alg->encrypt(req)); 340 + return crypto_akcipher_alg(tfm)->encrypt(req); 303 341 } 304 342 305 343 /** ··· 307 361 static inline int crypto_akcipher_decrypt(struct akcipher_request *req) 308 362 { 309 363 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); 310 - struct akcipher_alg *alg = crypto_akcipher_alg(tfm); 311 364 312 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 313 - struct crypto_istat_akcipher *istat = akcipher_get_stat(alg); 314 - 315 - atomic64_inc(&istat->decrypt_cnt); 316 - atomic64_add(req->src_len, &istat->decrypt_tlen); 317 - } 318 - 319 - return crypto_akcipher_errstat(alg, alg->decrypt(req)); 365 + return crypto_akcipher_alg(tfm)->decrypt(req); 320 366 } 321 367 322 368 /** ··· 360 422 static inline int crypto_akcipher_sign(struct akcipher_request *req) 361 423 { 362 424 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); 363 - struct akcipher_alg *alg = crypto_akcipher_alg(tfm); 364 425 365 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 366 - atomic64_inc(&akcipher_get_stat(alg)->sign_cnt); 367 - 368 - return crypto_akcipher_errstat(alg, alg->sign(req)); 426 + return crypto_akcipher_alg(tfm)->sign(req); 369 427 } 370 428 371 429 /** ··· 381 447 static inline int crypto_akcipher_verify(struct akcipher_request *req) 382 448 { 383 449 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); 384 - struct akcipher_alg *alg = crypto_akcipher_alg(tfm); 385 450 386 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 387 - atomic64_inc(&akcipher_get_stat(alg)->verify_cnt); 388 - 389 - return crypto_akcipher_errstat(alg, alg->verify(req)); 451 + return crypto_akcipher_alg(tfm)->verify(req); 390 452 } 391 453 392 454 /**

-3

include/crypto/algapi.h

··· 61 61 void (*show)(struct seq_file *m, struct crypto_alg *alg); 62 62 int (*report)(struct sk_buff *skb, struct crypto_alg *alg); 63 63 void (*free)(struct crypto_instance *inst); 64 - #ifdef CONFIG_CRYPTO_STATS 65 - int (*report_stat)(struct sk_buff *skb, struct crypto_alg *alg); 66 - #endif 67 64 68 65 unsigned int type; 69 66 unsigned int maskclear;

-22

include/crypto/hash.h

··· 24 24 */ 25 25 26 26 /* 27 - * struct crypto_istat_hash - statistics for has algorithm 28 - * @hash_cnt: number of hash requests 29 - * @hash_tlen: total data size hashed 30 - * @err_cnt: number of error for hash requests 31 - */ 32 - struct crypto_istat_hash { 33 - atomic64_t hash_cnt; 34 - atomic64_t hash_tlen; 35 - atomic64_t err_cnt; 36 - }; 37 - 38 - #ifdef CONFIG_CRYPTO_STATS 39 - #define HASH_ALG_COMMON_STAT struct crypto_istat_hash stat; 40 - #else 41 - #define HASH_ALG_COMMON_STAT 42 - #endif 43 - 44 - /* 45 27 * struct hash_alg_common - define properties of message digest 46 - * @stat: Statistics for hash algorithm. 47 28 * @digestsize: Size of the result of the transformation. A buffer of this size 48 29 * must be available to the @final and @finup calls, so they can 49 30 * store the resulting hash into it. For various predefined sizes, ··· 41 60 * information. 42 61 */ 43 62 #define HASH_ALG_COMMON { \ 44 - HASH_ALG_COMMON_STAT \ 45 - \ 46 63 unsigned int digestsize; \ 47 64 unsigned int statesize; \ 48 65 \ ··· 222 243 }; 223 244 }; 224 245 #undef HASH_ALG_COMMON 225 - #undef HASH_ALG_COMMON_STAT 226 246 227 247 struct crypto_ahash { 228 248 bool using_shash; /* Underlying algorithm is shash, not ahash */

-1

include/crypto/internal/acompress.h

··· 31 31 * @init. 32 32 * 33 33 * @reqsize: Context size for (de)compression requests 34 - * @stat: Statistics for compress algorithm 35 34 * @base: Common crypto API algorithm data structure 36 35 * @calg: Cmonn algorithm data structure shared with scomp 37 36 */

-16

include/crypto/internal/cryptouser.h

··· 1 - /* SPDX-License-Identifier: GPL-2.0 */ 2 - #include <linux/cryptouser.h> 3 - #include <net/netlink.h> 4 - 5 - struct crypto_alg *crypto_alg_match(struct crypto_user_alg *p, int exact); 6 - 7 - #ifdef CONFIG_CRYPTO_STATS 8 - int crypto_reportstat(struct sk_buff *in_skb, struct nlmsghdr *in_nlh, struct nlattr **attrs); 9 - #else 10 - static inline int crypto_reportstat(struct sk_buff *in_skb, 11 - struct nlmsghdr *in_nlh, 12 - struct nlattr **attrs) 13 - { 14 - return -ENOTSUPP; 15 - } 16 - #endif

-1

include/crypto/internal/scompress.h

··· 27 27 * @free_ctx: Function frees context allocated with alloc_ctx 28 28 * @compress: Function performs a compress operation 29 29 * @decompress: Function performs a de-compress operation 30 - * @stat: Statistics for compress algorithm 31 30 * @base: Common crypto API algorithm data structure 32 31 * @calg: Cmonn algorithm data structure shared with acomp 33 32 */

+3 -55

include/crypto/kpp.h

··· 51 51 struct crypto_tfm base; 52 52 }; 53 53 54 - /* 55 - * struct crypto_istat_kpp - statistics for KPP algorithm 56 - * @setsecret_cnt: number of setsecrey operation 57 - * @generate_public_key_cnt: number of generate_public_key operation 58 - * @compute_shared_secret_cnt: number of compute_shared_secret operation 59 - * @err_cnt: number of error for KPP requests 60 - */ 61 - struct crypto_istat_kpp { 62 - atomic64_t setsecret_cnt; 63 - atomic64_t generate_public_key_cnt; 64 - atomic64_t compute_shared_secret_cnt; 65 - atomic64_t err_cnt; 66 - }; 67 - 68 54 /** 69 55 * struct kpp_alg - generic key-agreement protocol primitives 70 56 * ··· 73 87 * @exit: Undo everything @init did. 74 88 * 75 89 * @base: Common crypto API algorithm data structure 76 - * @stat: Statistics for KPP algorithm 77 90 */ 78 91 struct kpp_alg { 79 92 int (*set_secret)(struct crypto_kpp *tfm, const void *buffer, ··· 84 99 85 100 int (*init)(struct crypto_kpp *tfm); 86 101 void (*exit)(struct crypto_kpp *tfm); 87 - 88 - #ifdef CONFIG_CRYPTO_STATS 89 - struct crypto_istat_kpp stat; 90 - #endif 91 102 92 103 struct crypto_alg base; 93 104 }; ··· 272 291 unsigned short len; 273 292 }; 274 293 275 - static inline struct crypto_istat_kpp *kpp_get_stat(struct kpp_alg *alg) 276 - { 277 - #ifdef CONFIG_CRYPTO_STATS 278 - return &alg->stat; 279 - #else 280 - return NULL; 281 - #endif 282 - } 283 - 284 - static inline int crypto_kpp_errstat(struct kpp_alg *alg, int err) 285 - { 286 - if (!IS_ENABLED(CONFIG_CRYPTO_STATS)) 287 - return err; 288 - 289 - if (err && err != -EINPROGRESS && err != -EBUSY) 290 - atomic64_inc(&kpp_get_stat(alg)->err_cnt); 291 - 292 - return err; 293 - } 294 - 295 294 /** 296 295 * crypto_kpp_set_secret() - Invoke kpp operation 297 296 * ··· 290 329 static inline int crypto_kpp_set_secret(struct crypto_kpp *tfm, 291 330 const void *buffer, unsigned int len) 292 331 { 293 - struct kpp_alg *alg = crypto_kpp_alg(tfm); 294 - 295 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 296 - atomic64_inc(&kpp_get_stat(alg)->setsecret_cnt); 297 - 298 - return crypto_kpp_errstat(alg, alg->set_secret(tfm, buffer, len)); 332 + return crypto_kpp_alg(tfm)->set_secret(tfm, buffer, len); 299 333 } 300 334 301 335 /** ··· 309 353 static inline int crypto_kpp_generate_public_key(struct kpp_request *req) 310 354 { 311 355 struct crypto_kpp *tfm = crypto_kpp_reqtfm(req); 312 - struct kpp_alg *alg = crypto_kpp_alg(tfm); 313 356 314 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 315 - atomic64_inc(&kpp_get_stat(alg)->generate_public_key_cnt); 316 - 317 - return crypto_kpp_errstat(alg, alg->generate_public_key(req)); 357 + return crypto_kpp_alg(tfm)->generate_public_key(req); 318 358 } 319 359 320 360 /** ··· 326 374 static inline int crypto_kpp_compute_shared_secret(struct kpp_request *req) 327 375 { 328 376 struct crypto_kpp *tfm = crypto_kpp_reqtfm(req); 329 - struct kpp_alg *alg = crypto_kpp_alg(tfm); 330 377 331 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) 332 - atomic64_inc(&kpp_get_stat(alg)->compute_shared_secret_cnt); 333 - 334 - return crypto_kpp_errstat(alg, alg->compute_shared_secret(req)); 378 + return crypto_kpp_alg(tfm)->compute_shared_secret(req); 335 379 } 336 380 337 381 /**

+1 -50

include/crypto/rng.h

··· 15 15 16 16 struct crypto_rng; 17 17 18 - /* 19 - * struct crypto_istat_rng: statistics for RNG algorithm 20 - * @generate_cnt: number of RNG generate requests 21 - * @generate_tlen: total data size of generated data by the RNG 22 - * @seed_cnt: number of times the RNG was seeded 23 - * @err_cnt: number of error for RNG requests 24 - */ 25 - struct crypto_istat_rng { 26 - atomic64_t generate_cnt; 27 - atomic64_t generate_tlen; 28 - atomic64_t seed_cnt; 29 - atomic64_t err_cnt; 30 - }; 31 - 32 18 /** 33 19 * struct rng_alg - random number generator definition 34 20 * ··· 32 46 * size of the seed is defined with @seedsize . 33 47 * @set_ent: Set entropy that would otherwise be obtained from 34 48 * entropy source. Internal use only. 35 - * @stat: Statistics for rng algorithm 36 49 * @seedsize: The seed size required for a random number generator 37 50 * initialization defined with this variable. Some 38 51 * random number generators does not require a seed ··· 47 62 int (*seed)(struct crypto_rng *tfm, const u8 *seed, unsigned int slen); 48 63 void (*set_ent)(struct crypto_rng *tfm, const u8 *data, 49 64 unsigned int len); 50 - 51 - #ifdef CONFIG_CRYPTO_STATS 52 - struct crypto_istat_rng stat; 53 - #endif 54 65 55 66 unsigned int seedsize; 56 67 ··· 125 144 crypto_destroy_tfm(tfm, crypto_rng_tfm(tfm)); 126 145 } 127 146 128 - static inline struct crypto_istat_rng *rng_get_stat(struct rng_alg *alg) 129 - { 130 - #ifdef CONFIG_CRYPTO_STATS 131 - return &alg->stat; 132 - #else 133 - return NULL; 134 - #endif 135 - } 136 - 137 - static inline int crypto_rng_errstat(struct rng_alg *alg, int err) 138 - { 139 - if (!IS_ENABLED(CONFIG_CRYPTO_STATS)) 140 - return err; 141 - 142 - if (err && err != -EINPROGRESS && err != -EBUSY) 143 - atomic64_inc(&rng_get_stat(alg)->err_cnt); 144 - 145 - return err; 146 - } 147 - 148 147 /** 149 148 * crypto_rng_generate() - get random number 150 149 * @tfm: cipher handle ··· 143 182 const u8 *src, unsigned int slen, 144 183 u8 *dst, unsigned int dlen) 145 184 { 146 - struct rng_alg *alg = crypto_rng_alg(tfm); 147 - 148 - if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { 149 - struct crypto_istat_rng *istat = rng_get_stat(alg); 150 - 151 - atomic64_inc(&istat->generate_cnt); 152 - atomic64_add(dlen, &istat->generate_tlen); 153 - } 154 - 155 - return crypto_rng_errstat(alg, 156 - alg->generate(tfm, src, slen, dst, dlen)); 185 + return crypto_rng_alg(tfm)->generate(tfm, src, slen, dst, dlen); 157 186 } 158 187 159 188 /**

-25

include/crypto/skcipher.h

··· 65 65 }; 66 66 67 67 /* 68 - * struct crypto_istat_cipher - statistics for cipher algorithm 69 - * @encrypt_cnt: number of encrypt requests 70 - * @encrypt_tlen: total data size handled by encrypt requests 71 - * @decrypt_cnt: number of decrypt requests 72 - * @decrypt_tlen: total data size handled by decrypt requests 73 - * @err_cnt: number of error for cipher requests 74 - */ 75 - struct crypto_istat_cipher { 76 - atomic64_t encrypt_cnt; 77 - atomic64_t encrypt_tlen; 78 - atomic64_t decrypt_cnt; 79 - atomic64_t decrypt_tlen; 80 - atomic64_t err_cnt; 81 - }; 82 - 83 - #ifdef CONFIG_CRYPTO_STATS 84 - #define SKCIPHER_ALG_COMMON_STAT struct crypto_istat_cipher stat; 85 - #else 86 - #define SKCIPHER_ALG_COMMON_STAT 87 - #endif 88 - 89 - /* 90 68 * struct skcipher_alg_common - common properties of skcipher_alg 91 69 * @min_keysize: Minimum key size supported by the transformation. This is the 92 70 * smallest key length supported by this transformation algorithm. ··· 81 103 * @chunksize: Equal to the block size except for stream ciphers such as 82 104 * CTR where it is set to the underlying block size. 83 105 * @statesize: Size of the internal state for the algorithm. 84 - * @stat: Statistics for cipher algorithm 85 106 * @base: Definition of a generic crypto algorithm. 86 107 */ 87 108 #define SKCIPHER_ALG_COMMON { \ ··· 89 112 unsigned int ivsize; \ 90 113 unsigned int chunksize; \ 91 114 unsigned int statesize; \ 92 - \ 93 - SKCIPHER_ALG_COMMON_STAT \ 94 115 \ 95 116 struct crypto_alg base; \ 96 117 }

+19 -11

include/uapi/linux/cryptouser.h

··· 32 32 CRYPTO_MSG_UPDATEALG, 33 33 CRYPTO_MSG_GETALG, 34 34 CRYPTO_MSG_DELRNG, 35 - CRYPTO_MSG_GETSTAT, 35 + CRYPTO_MSG_GETSTAT, /* No longer supported, do not use. */ 36 36 __CRYPTO_MSG_MAX 37 37 }; 38 38 #define CRYPTO_MSG_MAX (__CRYPTO_MSG_MAX - 1) ··· 54 54 CRYPTOCFGA_REPORT_AKCIPHER, /* struct crypto_report_akcipher */ 55 55 CRYPTOCFGA_REPORT_KPP, /* struct crypto_report_kpp */ 56 56 CRYPTOCFGA_REPORT_ACOMP, /* struct crypto_report_acomp */ 57 - CRYPTOCFGA_STAT_LARVAL, /* struct crypto_stat */ 58 - CRYPTOCFGA_STAT_HASH, /* struct crypto_stat */ 59 - CRYPTOCFGA_STAT_BLKCIPHER, /* struct crypto_stat */ 60 - CRYPTOCFGA_STAT_AEAD, /* struct crypto_stat */ 61 - CRYPTOCFGA_STAT_COMPRESS, /* struct crypto_stat */ 62 - CRYPTOCFGA_STAT_RNG, /* struct crypto_stat */ 63 - CRYPTOCFGA_STAT_CIPHER, /* struct crypto_stat */ 64 - CRYPTOCFGA_STAT_AKCIPHER, /* struct crypto_stat */ 65 - CRYPTOCFGA_STAT_KPP, /* struct crypto_stat */ 66 - CRYPTOCFGA_STAT_ACOMP, /* struct crypto_stat */ 57 + CRYPTOCFGA_STAT_LARVAL, /* No longer supported, do not use. */ 58 + CRYPTOCFGA_STAT_HASH, /* No longer supported, do not use. */ 59 + CRYPTOCFGA_STAT_BLKCIPHER, /* No longer supported, do not use. */ 60 + CRYPTOCFGA_STAT_AEAD, /* No longer supported, do not use. */ 61 + CRYPTOCFGA_STAT_COMPRESS, /* No longer supported, do not use. */ 62 + CRYPTOCFGA_STAT_RNG, /* No longer supported, do not use. */ 63 + CRYPTOCFGA_STAT_CIPHER, /* No longer supported, do not use. */ 64 + CRYPTOCFGA_STAT_AKCIPHER, /* No longer supported, do not use. */ 65 + CRYPTOCFGA_STAT_KPP, /* No longer supported, do not use. */ 66 + CRYPTOCFGA_STAT_ACOMP, /* No longer supported, do not use. */ 67 67 __CRYPTOCFGA_MAX 68 68 69 69 #define CRYPTOCFGA_MAX (__CRYPTOCFGA_MAX - 1) ··· 79 79 __u32 cru_flags; 80 80 }; 81 81 82 + /* No longer supported, do not use. */ 82 83 struct crypto_stat_aead { 83 84 char type[CRYPTO_MAX_NAME]; 84 85 __u64 stat_encrypt_cnt; ··· 89 88 __u64 stat_err_cnt; 90 89 }; 91 90 91 + /* No longer supported, do not use. */ 92 92 struct crypto_stat_akcipher { 93 93 char type[CRYPTO_MAX_NAME]; 94 94 __u64 stat_encrypt_cnt; ··· 101 99 __u64 stat_err_cnt; 102 100 }; 103 101 102 + /* No longer supported, do not use. */ 104 103 struct crypto_stat_cipher { 105 104 char type[CRYPTO_MAX_NAME]; 106 105 __u64 stat_encrypt_cnt; ··· 111 108 __u64 stat_err_cnt; 112 109 }; 113 110 111 + /* No longer supported, do not use. */ 114 112 struct crypto_stat_compress { 115 113 char type[CRYPTO_MAX_NAME]; 116 114 __u64 stat_compress_cnt; ··· 121 117 __u64 stat_err_cnt; 122 118 }; 123 119 120 + /* No longer supported, do not use. */ 124 121 struct crypto_stat_hash { 125 122 char type[CRYPTO_MAX_NAME]; 126 123 __u64 stat_hash_cnt; ··· 129 124 __u64 stat_err_cnt; 130 125 }; 131 126 127 + /* No longer supported, do not use. */ 132 128 struct crypto_stat_kpp { 133 129 char type[CRYPTO_MAX_NAME]; 134 130 __u64 stat_setsecret_cnt; ··· 138 132 __u64 stat_err_cnt; 139 133 }; 140 134 135 + /* No longer supported, do not use. */ 141 136 struct crypto_stat_rng { 142 137 char type[CRYPTO_MAX_NAME]; 143 138 __u64 stat_generate_cnt; ··· 147 140 __u64 stat_err_cnt; 148 141 }; 149 142 143 + /* No longer supported, do not use. */ 150 144 struct crypto_stat_larval { 151 145 char type[CRYPTO_MAX_NAME]; 152 146 };

Configure Feed

Configure Feed