From c91b102c4960baa54478289e65ab8551d84bcdee Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Thu, 25 Jun 2009 14:46:31 +0800 Subject: crypto: skcipher - Fix request for sync algorithms When a sync givcipher algorithm is requested, if an async version of the same algorithm already exists, then we will loop forever without ever constructing the sync version based on a blkcipher. This is because we did not include the requested type/mask when getting a larval for the geniv algorithm that is to be constructed. Signed-off-by: Herbert Xu --- crypto/ablkcipher.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'crypto/ablkcipher.c') diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c index e11ce37c..43fc8fb9 100644 --- a/crypto/ablkcipher.c +++ b/crypto/ablkcipher.c @@ -201,8 +201,9 @@ static int crypto_givcipher_default(struct crypto_alg *alg, u32 type, u32 mask) int err; larval = crypto_larval_lookup(alg->cra_driver_name, + (type & ~CRYPTO_ALG_TYPE_MASK) | CRYPTO_ALG_TYPE_GIVCIPHER, - CRYPTO_ALG_TYPE_MASK); + mask | CRYPTO_ALG_TYPE_MASK); err = PTR_ERR(larval); if (IS_ERR(larval)) goto out; -- cgit v1.2.3 From 640bb628bcc9199d043d2d25ea6cdfa420ec9802 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Thu, 25 Jun 2009 18:43:48 +0800 Subject: crypto: skcipher - Change default sync geniv on SMP to eseqiv As it stands we use chainiv for sync algorithms and eseqiv for async algorithms. However, when there is more than one CPU chainiv forces all processing to be serialised which is usually not what you want. Also, the added overhead of eseqiv isn't that great. Therefore this patch changes the default sync geniv on SMP machines to eseqiv. For the odd situation where the overhead is unacceptable then chainiv is still available as an option. Note that on UP machines chainiv is still preferred over eseqiv for sync algorithms. Signed-off-by: Herbert Xu --- crypto/ablkcipher.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'crypto/ablkcipher.c') diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c index 43fc8fb9..03fb5fac 100644 --- a/crypto/ablkcipher.c +++ b/crypto/ablkcipher.c @@ -14,6 +14,7 @@ */ #include +#include #include #include #include @@ -25,6 +26,8 @@ #include "internal.h" +static const char *skcipher_default_geniv __read_mostly; + static int setkey_unaligned(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { @@ -180,7 +183,8 @@ EXPORT_SYMBOL_GPL(crypto_givcipher_type); const char *crypto_default_geniv(const struct crypto_alg *alg) { - return alg->cra_flags & CRYPTO_ALG_ASYNC ? "eseqiv" : "chainiv"; + return alg->cra_flags & CRYPTO_ALG_ASYNC ? + "eseqiv" : skcipher_default_geniv; } static int crypto_givcipher_default(struct crypto_alg *alg, u32 type, u32 mask) @@ -361,3 +365,17 @@ err: return ERR_PTR(err); } EXPORT_SYMBOL_GPL(crypto_alloc_ablkcipher); + +static int __init skcipher_module_init(void) +{ + skcipher_default_geniv = num_possible_cpus() > 1 ? + "eseqiv" : "chainiv"; + return 0; +} + +static void skcipher_module_exit(void) +{ +} + +module_init(skcipher_module_init); +module_exit(skcipher_module_exit); -- cgit v1.2.3 From b3146c3e86a27991b00fe36685f0493888b939b6 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Fri, 14 Aug 2009 22:55:35 +1000 Subject: crypto: blkcipher - Do not use eseqiv on stream ciphers Recently we switched to using eseqiv on SMP machines in preference over chainiv. However, eseqiv does not support stream ciphers so they should still default to chainiv. This patch applies the same check as done by eseqiv to weed out the stream ciphers. In particular, all algorithms where the IV size is not equal to the block size will now default to chainiv. Signed-off-by: Herbert Xu --- crypto/ablkcipher.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'crypto/ablkcipher.c') diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c index 03fb5fac..f6f08336 100644 --- a/crypto/ablkcipher.c +++ b/crypto/ablkcipher.c @@ -183,6 +183,12 @@ EXPORT_SYMBOL_GPL(crypto_givcipher_type); const char *crypto_default_geniv(const struct crypto_alg *alg) { + if (((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == + CRYPTO_ALG_TYPE_BLKCIPHER ? alg->cra_blkcipher.ivsize : + alg->cra_ablkcipher.ivsize) != + alg->cra_blocksize) + return "chainiv"; + return alg->cra_flags & CRYPTO_ALG_ASYNC ? "eseqiv" : skcipher_default_geniv; } -- cgit v1.2.3