tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

crypto: akcipher - Add sync interface without SG lists

The only user of akcipher does not use SG lists. Therefore forcing
users to use SG lists only results unnecessary overhead. Add a new
interface that supports arbitrary kernel pointers.

For the time being the copy will be performed unconditionally. But
this will go away once the underlying interface is updated.

Note also that only encryption and decryption is addressed by this
patch as sign/verify will go into a new interface (sig).

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Herbert Xu addde1f2 9979c6e5

+131
+95
crypto/akcipher.c
··· 10 10 #include <linux/errno.h> 11 11 #include <linux/kernel.h> 12 12 #include <linux/module.h> 13 + #include <linux/scatterlist.h> 13 14 #include <linux/seq_file.h> 14 15 #include <linux/slab.h> 15 16 #include <linux/string.h> 16 17 #include <net/netlink.h> 17 18 18 19 #include "internal.h" 20 + 21 + struct crypto_akcipher_sync_data { 22 + struct crypto_akcipher *tfm; 23 + const void *src; 24 + void *dst; 25 + unsigned int slen; 26 + unsigned int dlen; 27 + 28 + struct akcipher_request *req; 29 + struct crypto_wait cwait; 30 + struct scatterlist sg; 31 + u8 *buf; 32 + }; 19 33 20 34 static int __maybe_unused crypto_akcipher_report( 21 35 struct sk_buff *skb, struct crypto_alg *alg) ··· 199 185 return crypto_register_instance(tmpl, akcipher_crypto_instance(inst)); 200 186 } 201 187 EXPORT_SYMBOL_GPL(akcipher_register_instance); 188 + 189 + static int crypto_akcipher_sync_prep(struct crypto_akcipher_sync_data *data) 190 + { 191 + unsigned int reqsize = crypto_akcipher_reqsize(data->tfm); 192 + unsigned int mlen = max(data->slen, data->dlen); 193 + struct akcipher_request *req; 194 + struct scatterlist *sg; 195 + unsigned int len; 196 + u8 *buf; 197 + 198 + len = sizeof(*req) + reqsize + mlen; 199 + if (len < mlen) 200 + return -EOVERFLOW; 201 + 202 + req = kzalloc(len, GFP_KERNEL); 203 + if (!req) 204 + return -ENOMEM; 205 + 206 + data->req = req; 207 + 208 + buf = (u8 *)(req + 1) + reqsize; 209 + data->buf = buf; 210 + memcpy(buf, data->src, data->slen); 211 + 212 + sg = &data->sg; 213 + sg_init_one(sg, buf, mlen); 214 + akcipher_request_set_crypt(req, sg, sg, data->slen, data->dlen); 215 + 216 + crypto_init_wait(&data->cwait); 217 + akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, 218 + crypto_req_done, &data->cwait); 219 + 220 + return 0; 221 + } 222 + 223 + static int crypto_akcipher_sync_post(struct crypto_akcipher_sync_data *data, 224 + int err) 225 + { 226 + err = crypto_wait_req(err, &data->cwait); 227 + memcpy(data->dst, data->buf, data->dlen); 228 + data->dlen = data->req->dst_len; 229 + kfree_sensitive(data->req); 230 + return err; 231 + } 232 + 233 + int crypto_akcipher_sync_encrypt(struct crypto_akcipher *tfm, 234 + const void *src, unsigned int slen, 235 + void *dst, unsigned int dlen) 236 + { 237 + struct crypto_akcipher_sync_data data = { 238 + .tfm = tfm, 239 + .src = src, 240 + .dst = dst, 241 + .slen = slen, 242 + .dlen = dlen, 243 + }; 244 + 245 + return crypto_akcipher_sync_prep(&data) ?: 246 + crypto_akcipher_sync_post(&data, 247 + crypto_akcipher_encrypt(data.req)); 248 + } 249 + EXPORT_SYMBOL_GPL(crypto_akcipher_sync_encrypt); 250 + 251 + int crypto_akcipher_sync_decrypt(struct crypto_akcipher *tfm, 252 + const void *src, unsigned int slen, 253 + void *dst, unsigned int dlen) 254 + { 255 + struct crypto_akcipher_sync_data data = { 256 + .tfm = tfm, 257 + .src = src, 258 + .dst = dst, 259 + .slen = slen, 260 + .dlen = dlen, 261 + }; 262 + 263 + return crypto_akcipher_sync_prep(&data) ?: 264 + crypto_akcipher_sync_post(&data, 265 + crypto_akcipher_decrypt(data.req)) ?: 266 + data.dlen; 267 + } 268 + EXPORT_SYMBOL_GPL(crypto_akcipher_sync_decrypt); 202 269 203 270 MODULE_LICENSE("GPL"); 204 271 MODULE_DESCRIPTION("Generic public key cipher type");
+36
include/crypto/akcipher.h
··· 374 374 } 375 375 376 376 /** 377 + * crypto_akcipher_sync_encrypt() - Invoke public key encrypt operation 378 + * 379 + * Function invokes the specific public key encrypt operation for a given 380 + * public key algorithm 381 + * 382 + * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher() 383 + * @src: source buffer 384 + * @slen: source length 385 + * @dst: destinatino obuffer 386 + * @dlen: destination length 387 + * 388 + * Return: zero on success; error code in case of error 389 + */ 390 + int crypto_akcipher_sync_encrypt(struct crypto_akcipher *tfm, 391 + const void *src, unsigned int slen, 392 + void *dst, unsigned int dlen); 393 + 394 + /** 395 + * crypto_akcipher_sync_decrypt() - Invoke public key decrypt operation 396 + * 397 + * Function invokes the specific public key decrypt operation for a given 398 + * public key algorithm 399 + * 400 + * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher() 401 + * @src: source buffer 402 + * @slen: source length 403 + * @dst: destinatino obuffer 404 + * @dlen: destination length 405 + * 406 + * Return: Output length on success; error code in case of error 407 + */ 408 + int crypto_akcipher_sync_decrypt(struct crypto_akcipher *tfm, 409 + const void *src, unsigned int slen, 410 + void *dst, unsigned int dlen); 411 + 412 + /** 377 413 * crypto_akcipher_sign() - Invoke public key sign operation 378 414 * 379 415 * Function invokes the specific public key sign operation for a given