| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1231814053.5937.120.camel@yhuang-dev.sh.intel.com>
Date: Tue, 13 Jan 2009 10:34:13 +0800
From: Huang Ying <ying.huang@...el.com>
To: Herbert Xu <herbert@...dor.apana.org.au>
Cc: Sebastian Siewior <linux-crypto@...breakpoint.cc>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>
Subject: Re: [RFC PATCH crypto 4/4] AES-NI: Add support to Intel AES-NI
instructions for x86_64 platform
On Mon, 2009-01-12 at 18:43 +0800, Herbert Xu wrote:
> On Mon, Jan 12, 2009 at 02:55:10PM +0800, Huang Ying wrote:
> >
> > I use a "shell" cbc(aes) algorithm which chooses between
> > cryptd(__cbc-aes-aesni) and __cbc-aes-aesni according to context. But
> > the struct ablkcipher_request passed in can not be used for cryptd(*).
> > This can be resolved by allocating another struct ablkcipher_request for
> > cryptd(*) for each incoming struct ablkcipher_request. But is there any
> > better solution?
>
> You should include that other ablkcipher_request as part of the
> context of your ablkcipher_request.
>
> See for example how aead embeds it.
Thank you! I take a look at gcm.c, and know how to implement it.
I have another idea, the sample code is as follow. In short, just relay
the request to cryptd_tfm, and change tfm before/after.
struct async_aes_ctx {
struct crypto_ablkcipher *cryptd_tfm;
};
struct async_aes_req_ctx {
struct crypto_ablkcipher *ablk_tfm;
crypto_completion_t complete;
};
static inline struct async_aes_req_ctx *ablk_aes_req_ctx(
struct ablkcipher_request *req,
struct crypto_ablkcipher *ablk_tfm) {
return ablkcipher_request_ctx(req) +
ablk_tfm->base.crt_ablkcipher.reqsize;
}
static void ablk_complete(struct crypto_async_request *req, int err)
{
struct ablkcipher_request *ablk_req = ablkcipher_request_cast(req);
struct async_aes_req_ctx *req_ctx =
ablk_aes_req_ctx(ablk_req, crypto_ablkcipher_reqtfm(ablk_req));
ablkcipher_request_set_tfm(ablk_req, req_ctx->ablk_tfm);
req_ctx->complete(req, err);
}
static int ablk_encrypt(struct ablkcipher_request *req)
{
struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req);
struct async_aes_ctx *ctx = crypto_ablkcipher_ctx(tfm);
if (kernel_fpu_using()) {
struct async_aes_req_ctx *req_ctx =
ablk_aes_req_ctx(req, ctx->cryptd_tfm);
req_ctx->ablk_tfm = tfm;
ablkcipher_request_set_tfm(req, ctx->cryptd_tfm);
req_ctx->complete = req->base.complete;
req->base.complete = ablk_complete;
return crypto_ablkcipher_encrypt(req);
} else {
struct blkcipher_desc desc;
desc.tfm = cryptd_ablkcipher_child(ctx->cryptd_tfm);
desc.info = req->info;
desc.flags = 0;
return crypto_blkcipher_encrypt(&desc, req->dst, req->src,
req->nbytes);
}
}
static void ablk_init_common(struct crypto_tfm *tfm,
struct crypto_ablkcipher *cryptd_tfm)
{
struct async_aes_ctx *ctx = crypto_tfm_ctx(tfm);
ctx->cryptd_tfm = cryptd_tfm;
tfm->crt_ablkcipher.reqsize = cryptd_tfm->base.crt_ablkcipher.reqsize +
sizeof(struct async_aes_req_ctx);
}
static int ablk_ecb_init(struct crypto_tfm *tfm)
{
struct crypto_ablkcipher *cryptd_tfm;
cryptd_tfm = cryptd_alloc_ablkcipher("__ecb-aes-aesni", 0, 0);
if (IS_ERR(cryptd_tfm))
return PTR_ERR(cryptd_tfm);
ablk_init_common(tfm, cryptd_tfm);
return 0;
}
Best Regards,
Huang Ying
Download attachment "signature.asc" of type "application/pgp-signature" (198 bytes)
Powered by blists - more mailing lists