diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2015-06-23 00:04:48 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2015-06-23 00:04:48 -0400 |
| commit | 44d21c3f3a2ef2f58b18bda64c52c99e723f3f4a (patch) | |
| tree | 5146cf96cb0dbd7121176d484417ab942c92dcd4 /net/xfrm | |
| parent | efdfce2b7ff3205ba0fba10270b92b80bbc6187d (diff) | |
| parent | fe55dfdcdfabf160ab0c14617725c57c7a1facfc (diff) | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto update from Herbert Xu:
"Here is the crypto update for 4.2:
API:
- Convert RNG interface to new style.
- New AEAD interface with one SG list for AD and plain/cipher text.
All external AEAD users have been converted.
- New asymmetric key interface (akcipher).
Algorithms:
- Chacha20, Poly1305 and RFC7539 support.
- New RSA implementation.
- Jitter RNG.
- DRBG is now seeded with both /dev/random and Jitter RNG. If kernel
pool isn't ready then DRBG will be reseeded when it is.
- DRBG is now the default crypto API RNG, replacing krng.
- 842 compression (previously part of powerpc nx driver).
Drivers:
- Accelerated SHA-512 for arm64.
- New Marvell CESA driver that supports DMA and more algorithms.
- Updated powerpc nx 842 support.
- Added support for SEC1 hardware to talitos"
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (292 commits)
crypto: marvell/cesa - remove COMPILE_TEST dependency
crypto: algif_aead - Temporarily disable all AEAD algorithms
crypto: af_alg - Forbid the use internal algorithms
crypto: echainiv - Only hold RNG during initialisation
crypto: seqiv - Add compatibility support without RNG
crypto: eseqiv - Offer normal cipher functionality without RNG
crypto: chainiv - Offer normal cipher functionality without RNG
crypto: user - Add CRYPTO_MSG_DELRNG
crypto: user - Move cryptouser.h to uapi
crypto: rng - Do not free default RNG when it becomes unused
crypto: skcipher - Allow givencrypt to be NULL
crypto: sahara - propagate the error on clk_disable_unprepare() failure
crypto: rsa - fix invalid select for AKCIPHER
crypto: picoxcell - Update to the current clk API
crypto: nx - Check for bogus firmware properties
crypto: marvell/cesa - add DT bindings documentation
crypto: marvell/cesa - add support for Kirkwood and Dove SoCs
crypto: marvell/cesa - add support for Orion SoCs
crypto: marvell/cesa - add allhwsupport module parameter
crypto: marvell/cesa - add support for all armada SoCs
...
Diffstat (limited to 'net/xfrm')
| -rw-r--r-- | net/xfrm/xfrm_algo.c | 28 | ||||
| -rw-r--r-- | net/xfrm/xfrm_user.c | 40 |
2 files changed, 59 insertions, 9 deletions
diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c index 12e82a5e4ad5..42f7c76cf853 100644 --- a/net/xfrm/xfrm_algo.c +++ b/net/xfrm/xfrm_algo.c | |||
| @@ -31,6 +31,7 @@ static struct xfrm_algo_desc aead_list[] = { | |||
| 31 | 31 | ||
| 32 | .uinfo = { | 32 | .uinfo = { |
| 33 | .aead = { | 33 | .aead = { |
| 34 | .geniv = "seqniv", | ||
| 34 | .icv_truncbits = 64, | 35 | .icv_truncbits = 64, |
| 35 | } | 36 | } |
| 36 | }, | 37 | }, |
| @@ -49,6 +50,7 @@ static struct xfrm_algo_desc aead_list[] = { | |||
| 49 | 50 | ||
| 50 | .uinfo = { | 51 | .uinfo = { |
| 51 | .aead = { | 52 | .aead = { |
| 53 | .geniv = "seqniv", | ||
| 52 | .icv_truncbits = 96, | 54 | .icv_truncbits = 96, |
| 53 | } | 55 | } |
| 54 | }, | 56 | }, |
| @@ -67,6 +69,7 @@ static struct xfrm_algo_desc aead_list[] = { | |||
| 67 | 69 | ||
| 68 | .uinfo = { | 70 | .uinfo = { |
| 69 | .aead = { | 71 | .aead = { |
| 72 | .geniv = "seqniv", | ||
| 70 | .icv_truncbits = 128, | 73 | .icv_truncbits = 128, |
| 71 | } | 74 | } |
| 72 | }, | 75 | }, |
| @@ -85,6 +88,7 @@ static struct xfrm_algo_desc aead_list[] = { | |||
| 85 | 88 | ||
| 86 | .uinfo = { | 89 | .uinfo = { |
| 87 | .aead = { | 90 | .aead = { |
| 91 | .geniv = "seqniv", | ||
| 88 | .icv_truncbits = 64, | 92 | .icv_truncbits = 64, |
| 89 | } | 93 | } |
| 90 | }, | 94 | }, |
| @@ -103,6 +107,7 @@ static struct xfrm_algo_desc aead_list[] = { | |||
| 103 | 107 | ||
| 104 | .uinfo = { | 108 | .uinfo = { |
| 105 | .aead = { | 109 | .aead = { |
| 110 | .geniv = "seqniv", | ||
| 106 | .icv_truncbits = 96, | 111 | .icv_truncbits = 96, |
| 107 | } | 112 | } |
| 108 | }, | 113 | }, |
| @@ -121,6 +126,7 @@ static struct xfrm_algo_desc aead_list[] = { | |||
| 121 | 126 | ||
| 122 | .uinfo = { | 127 | .uinfo = { |
| 123 | .aead = { | 128 | .aead = { |
| 129 | .geniv = "seqniv", | ||
| 124 | .icv_truncbits = 128, | 130 | .icv_truncbits = 128, |
| 125 | } | 131 | } |
| 126 | }, | 132 | }, |
| @@ -139,6 +145,7 @@ static struct xfrm_algo_desc aead_list[] = { | |||
| 139 | 145 | ||
| 140 | .uinfo = { | 146 | .uinfo = { |
| 141 | .aead = { | 147 | .aead = { |
| 148 | .geniv = "seqiv", | ||
| 142 | .icv_truncbits = 128, | 149 | .icv_truncbits = 128, |
| 143 | } | 150 | } |
| 144 | }, | 151 | }, |
| @@ -152,6 +159,18 @@ static struct xfrm_algo_desc aead_list[] = { | |||
| 152 | .sadb_alg_maxbits = 256 | 159 | .sadb_alg_maxbits = 256 |
| 153 | } | 160 | } |
| 154 | }, | 161 | }, |
| 162 | { | ||
| 163 | .name = "rfc7539esp(chacha20,poly1305)", | ||
| 164 | |||
| 165 | .uinfo = { | ||
| 166 | .aead = { | ||
| 167 | .geniv = "seqniv", | ||
| 168 | .icv_truncbits = 128, | ||
| 169 | } | ||
| 170 | }, | ||
| 171 | |||
| 172 | .pfkey_supported = 0, | ||
| 173 | }, | ||
| 155 | }; | 174 | }; |
| 156 | 175 | ||
| 157 | static struct xfrm_algo_desc aalg_list[] = { | 176 | static struct xfrm_algo_desc aalg_list[] = { |
| @@ -353,6 +372,7 @@ static struct xfrm_algo_desc ealg_list[] = { | |||
| 353 | 372 | ||
| 354 | .uinfo = { | 373 | .uinfo = { |
| 355 | .encr = { | 374 | .encr = { |
| 375 | .geniv = "echainiv", | ||
| 356 | .blockbits = 64, | 376 | .blockbits = 64, |
| 357 | .defkeybits = 64, | 377 | .defkeybits = 64, |
| 358 | } | 378 | } |
| @@ -373,6 +393,7 @@ static struct xfrm_algo_desc ealg_list[] = { | |||
| 373 | 393 | ||
| 374 | .uinfo = { | 394 | .uinfo = { |
| 375 | .encr = { | 395 | .encr = { |
| 396 | .geniv = "echainiv", | ||
| 376 | .blockbits = 64, | 397 | .blockbits = 64, |
| 377 | .defkeybits = 192, | 398 | .defkeybits = 192, |
| 378 | } | 399 | } |
| @@ -393,6 +414,7 @@ static struct xfrm_algo_desc ealg_list[] = { | |||
| 393 | 414 | ||
| 394 | .uinfo = { | 415 | .uinfo = { |
| 395 | .encr = { | 416 | .encr = { |
| 417 | .geniv = "echainiv", | ||
| 396 | .blockbits = 64, | 418 | .blockbits = 64, |
| 397 | .defkeybits = 128, | 419 | .defkeybits = 128, |
| 398 | } | 420 | } |
| @@ -413,6 +435,7 @@ static struct xfrm_algo_desc ealg_list[] = { | |||
| 413 | 435 | ||
| 414 | .uinfo = { | 436 | .uinfo = { |
| 415 | .encr = { | 437 | .encr = { |
| 438 | .geniv = "echainiv", | ||
| 416 | .blockbits = 64, | 439 | .blockbits = 64, |
| 417 | .defkeybits = 128, | 440 | .defkeybits = 128, |
| 418 | } | 441 | } |
| @@ -433,6 +456,7 @@ static struct xfrm_algo_desc ealg_list[] = { | |||
| 433 | 456 | ||
| 434 | .uinfo = { | 457 | .uinfo = { |
| 435 | .encr = { | 458 | .encr = { |
| 459 | .geniv = "echainiv", | ||
| 436 | .blockbits = 128, | 460 | .blockbits = 128, |
| 437 | .defkeybits = 128, | 461 | .defkeybits = 128, |
| 438 | } | 462 | } |
| @@ -453,6 +477,7 @@ static struct xfrm_algo_desc ealg_list[] = { | |||
| 453 | 477 | ||
| 454 | .uinfo = { | 478 | .uinfo = { |
| 455 | .encr = { | 479 | .encr = { |
| 480 | .geniv = "echainiv", | ||
| 456 | .blockbits = 128, | 481 | .blockbits = 128, |
| 457 | .defkeybits = 128, | 482 | .defkeybits = 128, |
| 458 | } | 483 | } |
| @@ -473,6 +498,7 @@ static struct xfrm_algo_desc ealg_list[] = { | |||
| 473 | 498 | ||
| 474 | .uinfo = { | 499 | .uinfo = { |
| 475 | .encr = { | 500 | .encr = { |
| 501 | .geniv = "echainiv", | ||
| 476 | .blockbits = 128, | 502 | .blockbits = 128, |
| 477 | .defkeybits = 128, | 503 | .defkeybits = 128, |
| 478 | } | 504 | } |
| @@ -493,6 +519,7 @@ static struct xfrm_algo_desc ealg_list[] = { | |||
| 493 | 519 | ||
| 494 | .uinfo = { | 520 | .uinfo = { |
| 495 | .encr = { | 521 | .encr = { |
| 522 | .geniv = "echainiv", | ||
| 496 | .blockbits = 128, | 523 | .blockbits = 128, |
| 497 | .defkeybits = 128, | 524 | .defkeybits = 128, |
| 498 | } | 525 | } |
| @@ -512,6 +539,7 @@ static struct xfrm_algo_desc ealg_list[] = { | |||
| 512 | 539 | ||
| 513 | .uinfo = { | 540 | .uinfo = { |
| 514 | .encr = { | 541 | .encr = { |
| 542 | .geniv = "seqiv", | ||
| 515 | .blockbits = 128, | 543 | .blockbits = 128, |
| 516 | .defkeybits = 160, /* 128-bit key + 32-bit nonce */ | 544 | .defkeybits = 160, /* 128-bit key + 32-bit nonce */ |
| 517 | } | 545 | } |
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 2091664295ba..bd16c6c7e1e7 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c | |||
| @@ -289,6 +289,31 @@ static int attach_one_algo(struct xfrm_algo **algpp, u8 *props, | |||
| 289 | return 0; | 289 | return 0; |
| 290 | } | 290 | } |
| 291 | 291 | ||
| 292 | static int attach_crypt(struct xfrm_state *x, struct nlattr *rta) | ||
| 293 | { | ||
| 294 | struct xfrm_algo *p, *ualg; | ||
| 295 | struct xfrm_algo_desc *algo; | ||
| 296 | |||
| 297 | if (!rta) | ||
| 298 | return 0; | ||
| 299 | |||
| 300 | ualg = nla_data(rta); | ||
| 301 | |||
| 302 | algo = xfrm_ealg_get_byname(ualg->alg_name, 1); | ||
| 303 | if (!algo) | ||
| 304 | return -ENOSYS; | ||
| 305 | x->props.ealgo = algo->desc.sadb_alg_id; | ||
| 306 | |||
| 307 | p = kmemdup(ualg, xfrm_alg_len(ualg), GFP_KERNEL); | ||
| 308 | if (!p) | ||
| 309 | return -ENOMEM; | ||
| 310 | |||
| 311 | strcpy(p->alg_name, algo->name); | ||
| 312 | x->ealg = p; | ||
| 313 | x->geniv = algo->uinfo.encr.geniv; | ||
| 314 | return 0; | ||
| 315 | } | ||
| 316 | |||
| 292 | static int attach_auth(struct xfrm_algo_auth **algpp, u8 *props, | 317 | static int attach_auth(struct xfrm_algo_auth **algpp, u8 *props, |
| 293 | struct nlattr *rta) | 318 | struct nlattr *rta) |
| 294 | { | 319 | { |
| @@ -349,8 +374,7 @@ static int attach_auth_trunc(struct xfrm_algo_auth **algpp, u8 *props, | |||
| 349 | return 0; | 374 | return 0; |
| 350 | } | 375 | } |
| 351 | 376 | ||
| 352 | static int attach_aead(struct xfrm_algo_aead **algpp, u8 *props, | 377 | static int attach_aead(struct xfrm_state *x, struct nlattr *rta) |
| 353 | struct nlattr *rta) | ||
| 354 | { | 378 | { |
| 355 | struct xfrm_algo_aead *p, *ualg; | 379 | struct xfrm_algo_aead *p, *ualg; |
| 356 | struct xfrm_algo_desc *algo; | 380 | struct xfrm_algo_desc *algo; |
| @@ -363,14 +387,15 @@ static int attach_aead(struct xfrm_algo_aead **algpp, u8 *props, | |||
| 363 | algo = xfrm_aead_get_byname(ualg->alg_name, ualg->alg_icv_len, 1); | 387 | algo = xfrm_aead_get_byname(ualg->alg_name, ualg->alg_icv_len, 1); |
| 364 | if (!algo) | 388 | if (!algo) |
| 365 | return -ENOSYS; | 389 | return -ENOSYS; |
| 366 | *props = algo->desc.sadb_alg_id; | 390 | x->props.ealgo = algo->desc.sadb_alg_id; |
| 367 | 391 | ||
| 368 | p = kmemdup(ualg, aead_len(ualg), GFP_KERNEL); | 392 | p = kmemdup(ualg, aead_len(ualg), GFP_KERNEL); |
| 369 | if (!p) | 393 | if (!p) |
| 370 | return -ENOMEM; | 394 | return -ENOMEM; |
| 371 | 395 | ||
| 372 | strcpy(p->alg_name, algo->name); | 396 | strcpy(p->alg_name, algo->name); |
| 373 | *algpp = p; | 397 | x->aead = p; |
| 398 | x->geniv = algo->uinfo.aead.geniv; | ||
| 374 | return 0; | 399 | return 0; |
| 375 | } | 400 | } |
| 376 | 401 | ||
| @@ -515,8 +540,7 @@ static struct xfrm_state *xfrm_state_construct(struct net *net, | |||
| 515 | if (attrs[XFRMA_SA_EXTRA_FLAGS]) | 540 | if (attrs[XFRMA_SA_EXTRA_FLAGS]) |
| 516 | x->props.extra_flags = nla_get_u32(attrs[XFRMA_SA_EXTRA_FLAGS]); | 541 | x->props.extra_flags = nla_get_u32(attrs[XFRMA_SA_EXTRA_FLAGS]); |
| 517 | 542 | ||
| 518 | if ((err = attach_aead(&x->aead, &x->props.ealgo, | 543 | if ((err = attach_aead(x, attrs[XFRMA_ALG_AEAD]))) |
| 519 | attrs[XFRMA_ALG_AEAD]))) | ||
| 520 | goto error; | 544 | goto error; |
| 521 | if ((err = attach_auth_trunc(&x->aalg, &x->props.aalgo, | 545 | if ((err = attach_auth_trunc(&x->aalg, &x->props.aalgo, |
| 522 | attrs[XFRMA_ALG_AUTH_TRUNC]))) | 546 | attrs[XFRMA_ALG_AUTH_TRUNC]))) |
| @@ -526,9 +550,7 @@ static struct xfrm_state *xfrm_state_construct(struct net *net, | |||
| 526 | attrs[XFRMA_ALG_AUTH]))) | 550 | attrs[XFRMA_ALG_AUTH]))) |
| 527 | goto error; | 551 | goto error; |
| 528 | } | 552 | } |
| 529 | if ((err = attach_one_algo(&x->ealg, &x->props.ealgo, | 553 | if ((err = attach_crypt(x, attrs[XFRMA_ALG_CRYPT]))) |
| 530 | xfrm_ealg_get_byname, | ||
| 531 | attrs[XFRMA_ALG_CRYPT]))) | ||
| 532 | goto error; | 554 | goto error; |
| 533 | if ((err = attach_one_algo(&x->calg, &x->props.calgo, | 555 | if ((err = attach_one_algo(&x->calg, &x->props.calgo, |
| 534 | xfrm_calg_get_byname, | 556 | xfrm_calg_get_byname, |