5 files changed, 54 insertions, 40 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h
index 8ea19977ea53..2a5b3b8daee8 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -27,7 +27,6 @@
 #include <linux/cache.h>
 #include <linux/percpu.h>
 #include <linux/skbuff.h>
-#include <linux/crypto.h>
 #include <linux/cryptohash.h>
 #include <linux/kref.h>
 #include <linux/ktime.h>
@@ -1325,9 +1324,6 @@ static inline void tcp_clear_all_retrans_hints(struct tcp_sock *tp)
        tp->retransmit_skb_hint = NULL;
 }
-/* MD5 Signature */
-struct crypto_hash;
 union tcp_md5_addr {
        struct in_addr  a4;
 #if IS_ENABLED(CONFIG_IPV6)
@@ -1376,7 +1372,7 @@ union tcp_md5sum_block {
 /* - pool: digest algorithm, hash description and scratch buffer */
 struct tcp_md5sig_pool {
-        struct hash_desc        md5_desc;
+        struct ahash_request    *md5_req;
        union tcp_md5sum_block  md5_blk;
 };
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index fd17eec93525..91ffef3a55d2 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -247,6 +247,7 @@
 #define pr_fmt(fmt) "TCP: " fmt
+#include <crypto/hash.h>
 #include <linux/kernel.h>
 #include <linux/module.h>
 #include <linux/types.h>
@@ -266,7 +267,6 @@
 #include <linux/swap.h>
 #include <linux/cache.h>
 #include <linux/err.h>
-#include <linux/crypto.h>
 #include <linux/time.h>
 #include <linux/slab.h>
@@ -2939,17 +2939,26 @@ static bool tcp_md5sig_pool_populated = false;
 static void __tcp_alloc_md5sig_pool(void)
 {
+        struct crypto_ahash *hash;
        int cpu;
+        hash = crypto_alloc_ahash("md5", 0, CRYPTO_ALG_ASYNC);
+        if (IS_ERR_OR_NULL(hash))
+                return;
        for_each_possible_cpu(cpu) {
-                if (!per_cpu(tcp_md5sig_pool, cpu).md5_desc.tfm) {
+                struct ahash_request *req;
-                        struct crypto_hash *hash;
-                        hash = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);
+                if (per_cpu(tcp_md5sig_pool, cpu).md5_req)
-                        if (IS_ERR_OR_NULL(hash))
+                        continue;
-                                return;
-                        per_cpu(tcp_md5sig_pool, cpu).md5_desc.tfm = hash;
+                req = ahash_request_alloc(hash, GFP_KERNEL);
-                }
+                if (!req)
+                        return;
+                ahash_request_set_callback(req, 0, NULL, NULL);
+                per_cpu(tcp_md5sig_pool, cpu).md5_req = req;
        }
        /* before setting tcp_md5sig_pool_populated, we must commit all writes
         * to memory. See smp_rmb() in tcp_get_md5sig_pool()
@@ -2999,7 +3008,6 @@ int tcp_md5_hash_header(struct tcp_md5sig_pool *hp,
 {
        struct scatterlist sg;
        struct tcphdr hdr;
-        int err;
        /* We are not allowed to change tcphdr, make a local copy */
        memcpy(&hdr, th, sizeof(hdr));
@@ -3007,8 +3015,8 @@ int tcp_md5_hash_header(struct tcp_md5sig_pool *hp,
        /* options aren't included in the hash */
        sg_init_one(&sg, &hdr, sizeof(hdr));
-        err = crypto_hash_update(&hp->md5_desc, &sg, sizeof(hdr));
+        ahash_request_set_crypt(hp->md5_req, &sg, NULL, sizeof(hdr));
-        return err;
+        return crypto_ahash_update(hp->md5_req);
 }
 EXPORT_SYMBOL(tcp_md5_hash_header);
@@ -3017,7 +3025,7 @@ int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *hp,
 {
        struct scatterlist sg;
        const struct tcphdr *tp = tcp_hdr(skb);
-        struct hash_desc *desc = &hp->md5_desc;
+        struct ahash_request *req = hp->md5_req;
        unsigned int i;
        const unsigned int head_data_len = skb_headlen(skb) > header_len ?
                                           skb_headlen(skb) - header_len : 0;
@@ -3027,7 +3035,8 @@ int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *hp,
        sg_init_table(&sg, 1);
        sg_set_buf(&sg, ((u8 *) tp) + header_len, head_data_len);
-        if (crypto_hash_update(desc, &sg, head_data_len))
+        ahash_request_set_crypt(req, &sg, NULL, head_data_len);
+        if (crypto_ahash_update(req))
                return 1;
        for (i = 0; i < shi->nr_frags; ++i) {
@@ -3037,7 +3046,8 @@ int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *hp,
                sg_set_page(&sg, page, skb_frag_size(f),
                            offset_in_page(offset));
-                if (crypto_hash_update(desc, &sg, skb_frag_size(f)))
+                ahash_request_set_crypt(req, &sg, NULL, skb_frag_size(f));
+                if (crypto_ahash_update(req))
                        return 1;
        }
@@ -3054,7 +3064,8 @@ int tcp_md5_hash_key(struct tcp_md5sig_pool *hp, const struct tcp_md5sig_key *ke
        struct scatterlist sg;
        sg_init_one(&sg, key->key, key->keylen);
-        return crypto_hash_update(&hp->md5_desc, &sg, key->keylen);
+        ahash_request_set_crypt(hp->md5_req, &sg, NULL, key->keylen);
+        return crypto_ahash_update(hp->md5_req);
 }
 EXPORT_SYMBOL(tcp_md5_hash_key);
diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c
index 55be6ac70cff..4c65ca1a86d1 100644
--- a/net/ipv4/tcp_fastopen.c
+++ b/net/ipv4/tcp_fastopen.c
@@ -1,3 +1,4 @@
+#include <linux/crypto.h>
 #include <linux/err.h>
 #include <linux/init.h>
 #include <linux/kernel.h>
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 5ced3e4013e3..85854db3e094 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -81,7 +81,7 @@
 #include <linux/proc_fs.h>
 #include <linux/seq_file.h>
-#include <linux/crypto.h>
+#include <crypto/hash.h>
 #include <linux/scatterlist.h>
 int sysctl_tcp_tw_reuse __read_mostly;
@@ -1031,21 +1031,22 @@ static int tcp_v4_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
        bp->len = cpu_to_be16(nbytes);
        sg_init_one(&sg, bp, sizeof(*bp));
-        return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
+        ahash_request_set_crypt(hp->md5_req, &sg, NULL, sizeof(*bp));
+        return crypto_ahash_update(hp->md5_req);
 }
 static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
                               __be32 daddr, __be32 saddr, const struct tcphdr *th)
 {
        struct tcp_md5sig_pool *hp;
-        struct hash_desc *desc;
+        struct ahash_request *req;
        hp = tcp_get_md5sig_pool();
        if (!hp)
                goto clear_hash_noput;
-        desc = &hp->md5_desc;
+        req = hp->md5_req;
-        if (crypto_hash_init(desc))
+        if (crypto_ahash_init(req))
                goto clear_hash;
        if (tcp_v4_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
                goto clear_hash;
@@ -1053,7 +1054,8 @@ static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
                goto clear_hash;
        if (tcp_md5_hash_key(hp, key))
                goto clear_hash;
-        if (crypto_hash_final(desc, md5_hash))
+        ahash_request_set_crypt(req, NULL, md5_hash, 0);
+        if (crypto_ahash_final(req))
                goto clear_hash;
        tcp_put_md5sig_pool();
@@ -1071,7 +1073,7 @@ int tcp_v4_md5_hash_skb(char *md5_hash, const struct tcp_md5sig_key *key,
                        const struct sk_buff *skb)
 {
        struct tcp_md5sig_pool *hp;
-        struct hash_desc *desc;
+        struct ahash_request *req;
        const struct tcphdr *th = tcp_hdr(skb);
        __be32 saddr, daddr;
@@ -1087,9 +1089,9 @@ int tcp_v4_md5_hash_skb(char *md5_hash, const struct tcp_md5sig_key *key,
        hp = tcp_get_md5sig_pool();
        if (!hp)
                goto clear_hash_noput;
-        desc = &hp->md5_desc;
+        req = hp->md5_req;
-        if (crypto_hash_init(desc))
+        if (crypto_ahash_init(req))
                goto clear_hash;
        if (tcp_v4_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
@@ -1100,7 +1102,8 @@ int tcp_v4_md5_hash_skb(char *md5_hash, const struct tcp_md5sig_key *key,
                goto clear_hash;
        if (tcp_md5_hash_key(hp, key))
                goto clear_hash;
-        if (crypto_hash_final(desc, md5_hash))
+        ahash_request_set_crypt(req, NULL, md5_hash, 0);
+        if (crypto_ahash_final(req))
                goto clear_hash;
        tcp_put_md5sig_pool();
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
index 006396e31cb0..bd5597227b18 100644
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -66,7 +66,7 @@
 #include <linux/proc_fs.h>
 #include <linux/seq_file.h>
-#include <linux/crypto.h>
+#include <crypto/hash.h>
 #include <linux/scatterlist.h>
 static void     tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
@@ -540,7 +540,8 @@ static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
        bp->len = cpu_to_be32(nbytes);
        sg_init_one(&sg, bp, sizeof(*bp));
-        return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
+        ahash_request_set_crypt(hp->md5_req, &sg, NULL, sizeof(*bp));
+        return crypto_ahash_update(hp->md5_req);
 }
 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
@@ -548,14 +549,14 @@ static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
                               const struct tcphdr *th)
 {
        struct tcp_md5sig_pool *hp;
-        struct hash_desc *desc;
+        struct ahash_request *req;
        hp = tcp_get_md5sig_pool();
        if (!hp)
                goto clear_hash_noput;
-        desc = &hp->md5_desc;
+        req = hp->md5_req;
-        if (crypto_hash_init(desc))
+        if (crypto_ahash_init(req))
                goto clear_hash;
        if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
                goto clear_hash;
@@ -563,7 +564,8 @@ static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
                goto clear_hash;
        if (tcp_md5_hash_key(hp, key))
                goto clear_hash;
-        if (crypto_hash_final(desc, md5_hash))
+        ahash_request_set_crypt(req, NULL, md5_hash, 0);
+        if (crypto_ahash_final(req))
                goto clear_hash;
        tcp_put_md5sig_pool();
@@ -583,7 +585,7 @@ static int tcp_v6_md5_hash_skb(char *md5_hash,
 {
        const struct in6_addr *saddr, *daddr;
        struct tcp_md5sig_pool *hp;
-        struct hash_desc *desc;
+        struct ahash_request *req;
        const struct tcphdr *th = tcp_hdr(skb);
        if (sk) { /* valid for establish/request sockets */
@@ -598,9 +600,9 @@ static int tcp_v6_md5_hash_skb(char *md5_hash,
        hp = tcp_get_md5sig_pool();
        if (!hp)
                goto clear_hash_noput;
-        desc = &hp->md5_desc;
+        req = hp->md5_req;
-        if (crypto_hash_init(desc))
+        if (crypto_ahash_init(req))
                goto clear_hash;
        if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
@@ -611,7 +613,8 @@ static int tcp_v6_md5_hash_skb(char *md5_hash,
                goto clear_hash;
        if (tcp_md5_hash_key(hp, key))
                goto clear_hash;
-        if (crypto_hash_final(desc, md5_hash))
+        ahash_request_set_crypt(req, NULL, md5_hash, 0);
+        if (crypto_ahash_final(req))
                goto clear_hash;
        tcp_put_md5sig_pool();

diff --git a/include/net/tcp.h b/include/net/tcp.h index 8ea19977ea53..2a5b3b8daee8 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h
@@ -27,7 +27,6 @@
27	#include <linux/cache.h>	27	#include <linux/cache.h>
28	#include <linux/percpu.h>	28	#include <linux/percpu.h>
29	#include <linux/skbuff.h>	29	#include <linux/skbuff.h>
30	#include <linux/crypto.h>
31	#include <linux/cryptohash.h>	30	#include <linux/cryptohash.h>
32	#include <linux/kref.h>	31	#include <linux/kref.h>
33	#include <linux/ktime.h>	32	#include <linux/ktime.h>
@@ -1325,9 +1324,6 @@ static inline void tcp_clear_all_retrans_hints(struct tcp_sock *tp)
1325	tp->retransmit_skb_hint = NULL;	1324	tp->retransmit_skb_hint = NULL;
1326	}	1325	}
1327		1326
1328	/* MD5 Signature */
1329	struct crypto_hash;
1330
1331	union tcp_md5_addr {	1327	union tcp_md5_addr {
1332	struct in_addr a4;	1328	struct in_addr a4;
1333	#if IS_ENABLED(CONFIG_IPV6)	1329	#if IS_ENABLED(CONFIG_IPV6)
@@ -1376,7 +1372,7 @@ union tcp_md5sum_block {
1376		1372
1377	/* - pool: digest algorithm, hash description and scratch buffer */	1373	/* - pool: digest algorithm, hash description and scratch buffer */
1378	struct tcp_md5sig_pool {	1374	struct tcp_md5sig_pool {
1379	struct hash_desc md5_desc;	1375	struct ahash_request *md5_req;
1380	union tcp_md5sum_block md5_blk;	1376	union tcp_md5sum_block md5_blk;
1381	};	1377	};
1382		1378


diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index fd17eec93525..91ffef3a55d2 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c
@@ -247,6 +247,7 @@
247		247
248	#define pr_fmt(fmt) "TCP: " fmt	248	#define pr_fmt(fmt) "TCP: " fmt
249		249
		250	#include <crypto/hash.h>
250	#include <linux/kernel.h>	251	#include <linux/kernel.h>
251	#include <linux/module.h>	252	#include <linux/module.h>
252	#include <linux/types.h>	253	#include <linux/types.h>
@@ -266,7 +267,6 @@
266	#include <linux/swap.h>	267	#include <linux/swap.h>
267	#include <linux/cache.h>	268	#include <linux/cache.h>
268	#include <linux/err.h>	269	#include <linux/err.h>
269	#include <linux/crypto.h>
270	#include <linux/time.h>	270	#include <linux/time.h>
271	#include <linux/slab.h>	271	#include <linux/slab.h>
272		272
@@ -2939,17 +2939,26 @@ static bool tcp_md5sig_pool_populated = false;
2939		2939
2940	static void __tcp_alloc_md5sig_pool(void)	2940	static void __tcp_alloc_md5sig_pool(void)
2941	{	2941	{
		2942	struct crypto_ahash *hash;
2942	int cpu;	2943	int cpu;
2943		2944
		2945	hash = crypto_alloc_ahash("md5", 0, CRYPTO_ALG_ASYNC);
		2946	if (IS_ERR_OR_NULL(hash))
		2947	return;
		2948
2944	for_each_possible_cpu(cpu) {	2949	for_each_possible_cpu(cpu) {
2945	if (!per_cpu(tcp_md5sig_pool, cpu).md5_desc.tfm) {	2950	struct ahash_request *req;
2946	struct crypto_hash *hash;
2947		2951
2948	hash = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);	2952	if (per_cpu(tcp_md5sig_pool, cpu).md5_req)
2949	if (IS_ERR_OR_NULL(hash))	2953	continue;
2950	return;	2954
2951	per_cpu(tcp_md5sig_pool, cpu).md5_desc.tfm = hash;	2955	req = ahash_request_alloc(hash, GFP_KERNEL);
2952	}	2956	if (!req)
		2957	return;
		2958
		2959	ahash_request_set_callback(req, 0, NULL, NULL);
		2960
		2961	per_cpu(tcp_md5sig_pool, cpu).md5_req = req;
2953	}	2962	}
2954	/* before setting tcp_md5sig_pool_populated, we must commit all writes	2963	/* before setting tcp_md5sig_pool_populated, we must commit all writes
2955	* to memory. See smp_rmb() in tcp_get_md5sig_pool()	2964	* to memory. See smp_rmb() in tcp_get_md5sig_pool()
@@ -2999,7 +3008,6 @@ int tcp_md5_hash_header(struct tcp_md5sig_pool *hp,
2999	{	3008	{
3000	struct scatterlist sg;	3009	struct scatterlist sg;
3001	struct tcphdr hdr;	3010	struct tcphdr hdr;
3002	int err;
3003		3011
3004	/* We are not allowed to change tcphdr, make a local copy */	3012	/* We are not allowed to change tcphdr, make a local copy */
3005	memcpy(&hdr, th, sizeof(hdr));	3013	memcpy(&hdr, th, sizeof(hdr));
@@ -3007,8 +3015,8 @@ int tcp_md5_hash_header(struct tcp_md5sig_pool *hp,
3007		3015
3008	/* options aren't included in the hash */	3016	/* options aren't included in the hash */
3009	sg_init_one(&sg, &hdr, sizeof(hdr));	3017	sg_init_one(&sg, &hdr, sizeof(hdr));
3010	err = crypto_hash_update(&hp->md5_desc, &sg, sizeof(hdr));	3018	ahash_request_set_crypt(hp->md5_req, &sg, NULL, sizeof(hdr));
3011	return err;	3019	return crypto_ahash_update(hp->md5_req);
3012	}	3020	}
3013	EXPORT_SYMBOL(tcp_md5_hash_header);	3021	EXPORT_SYMBOL(tcp_md5_hash_header);
3014		3022
@@ -3017,7 +3025,7 @@ int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *hp,
3017	{	3025	{
3018	struct scatterlist sg;	3026	struct scatterlist sg;
3019	const struct tcphdr *tp = tcp_hdr(skb);	3027	const struct tcphdr *tp = tcp_hdr(skb);
3020	struct hash_desc *desc = &hp->md5_desc;	3028	struct ahash_request *req = hp->md5_req;
3021	unsigned int i;	3029	unsigned int i;
3022	const unsigned int head_data_len = skb_headlen(skb) > header_len ?	3030	const unsigned int head_data_len = skb_headlen(skb) > header_len ?
3023	skb_headlen(skb) - header_len : 0;	3031	skb_headlen(skb) - header_len : 0;
@@ -3027,7 +3035,8 @@ int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *hp,
3027	sg_init_table(&sg, 1);	3035	sg_init_table(&sg, 1);
3028		3036
3029	sg_set_buf(&sg, ((u8 *) tp) + header_len, head_data_len);	3037	sg_set_buf(&sg, ((u8 *) tp) + header_len, head_data_len);
3030	if (crypto_hash_update(desc, &sg, head_data_len))	3038	ahash_request_set_crypt(req, &sg, NULL, head_data_len);
		3039	if (crypto_ahash_update(req))
3031	return 1;	3040	return 1;
3032		3041
3033	for (i = 0; i < shi->nr_frags; ++i) {	3042	for (i = 0; i < shi->nr_frags; ++i) {
@@ -3037,7 +3046,8 @@ int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *hp,
3037		3046
3038	sg_set_page(&sg, page, skb_frag_size(f),	3047	sg_set_page(&sg, page, skb_frag_size(f),
3039	offset_in_page(offset));	3048	offset_in_page(offset));
3040	if (crypto_hash_update(desc, &sg, skb_frag_size(f)))	3049	ahash_request_set_crypt(req, &sg, NULL, skb_frag_size(f));
		3050	if (crypto_ahash_update(req))
3041	return 1;	3051	return 1;
3042	}	3052	}
3043		3053
@@ -3054,7 +3064,8 @@ int tcp_md5_hash_key(struct tcp_md5sig_pool hp, const struct tcp_md5sig_key ke
3054	struct scatterlist sg;	3064	struct scatterlist sg;
3055		3065
3056	sg_init_one(&sg, key->key, key->keylen);	3066	sg_init_one(&sg, key->key, key->keylen);
3057	return crypto_hash_update(&hp->md5_desc, &sg, key->keylen);	3067	ahash_request_set_crypt(hp->md5_req, &sg, NULL, key->keylen);
		3068	return crypto_ahash_update(hp->md5_req);
3058	}	3069	}
3059	EXPORT_SYMBOL(tcp_md5_hash_key);	3070	EXPORT_SYMBOL(tcp_md5_hash_key);
3060		3071


diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c index 55be6ac70cff..4c65ca1a86d1 100644 --- a/net/ipv4/tcp_fastopen.c +++ b/net/ipv4/tcp_fastopen.c
@@ -1,3 +1,4 @@
		1	#include <linux/crypto.h>
1	#include <linux/err.h>	2	#include <linux/err.h>
2	#include <linux/init.h>	3	#include <linux/init.h>
3	#include <linux/kernel.h>	4	#include <linux/kernel.h>


diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 5ced3e4013e3..85854db3e094 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c
@@ -81,7 +81,7 @@
81	#include <linux/proc_fs.h>	81	#include <linux/proc_fs.h>
82	#include <linux/seq_file.h>	82	#include <linux/seq_file.h>
83		83
84	#include <linux/crypto.h>	84	#include <crypto/hash.h>
85	#include <linux/scatterlist.h>	85	#include <linux/scatterlist.h>
86		86
87	int sysctl_tcp_tw_reuse __read_mostly;	87	int sysctl_tcp_tw_reuse __read_mostly;
@@ -1031,21 +1031,22 @@ static int tcp_v4_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
1031	bp->len = cpu_to_be16(nbytes);	1031	bp->len = cpu_to_be16(nbytes);
1032		1032
1033	sg_init_one(&sg, bp, sizeof(*bp));	1033	sg_init_one(&sg, bp, sizeof(*bp));
1034	return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));	1034	ahash_request_set_crypt(hp->md5_req, &sg, NULL, sizeof(*bp));
		1035	return crypto_ahash_update(hp->md5_req);
1035	}	1036	}
1036		1037
1037	static int tcp_v4_md5_hash_hdr(char md5_hash, const struct tcp_md5sig_key key,	1038	static int tcp_v4_md5_hash_hdr(char md5_hash, const struct tcp_md5sig_key key,
1038	__be32 daddr, __be32 saddr, const struct tcphdr *th)	1039	__be32 daddr, __be32 saddr, const struct tcphdr *th)
1039	{	1040	{
1040	struct tcp_md5sig_pool *hp;	1041	struct tcp_md5sig_pool *hp;
1041	struct hash_desc *desc;	1042	struct ahash_request *req;
1042		1043
1043	hp = tcp_get_md5sig_pool();	1044	hp = tcp_get_md5sig_pool();
1044	if (!hp)	1045	if (!hp)
1045	goto clear_hash_noput;	1046	goto clear_hash_noput;
1046	desc = &hp->md5_desc;	1047	req = hp->md5_req;
1047		1048
1048	if (crypto_hash_init(desc))	1049	if (crypto_ahash_init(req))
1049	goto clear_hash;	1050	goto clear_hash;
1050	if (tcp_v4_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))	1051	if (tcp_v4_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
1051	goto clear_hash;	1052	goto clear_hash;
@@ -1053,7 +1054,8 @@ static int tcp_v4_md5_hash_hdr(char md5_hash, const struct tcp_md5sig_key key,
1053	goto clear_hash;	1054	goto clear_hash;
1054	if (tcp_md5_hash_key(hp, key))	1055	if (tcp_md5_hash_key(hp, key))
1055	goto clear_hash;	1056	goto clear_hash;
1056	if (crypto_hash_final(desc, md5_hash))	1057	ahash_request_set_crypt(req, NULL, md5_hash, 0);
		1058	if (crypto_ahash_final(req))
1057	goto clear_hash;	1059	goto clear_hash;
1058		1060
1059	tcp_put_md5sig_pool();	1061	tcp_put_md5sig_pool();
@@ -1071,7 +1073,7 @@ int tcp_v4_md5_hash_skb(char md5_hash, const struct tcp_md5sig_key key,
1071	const struct sk_buff *skb)	1073	const struct sk_buff *skb)
1072	{	1074	{
1073	struct tcp_md5sig_pool *hp;	1075	struct tcp_md5sig_pool *hp;
1074	struct hash_desc *desc;	1076	struct ahash_request *req;
1075	const struct tcphdr *th = tcp_hdr(skb);	1077	const struct tcphdr *th = tcp_hdr(skb);
1076	__be32 saddr, daddr;	1078	__be32 saddr, daddr;
1077		1079
@@ -1087,9 +1089,9 @@ int tcp_v4_md5_hash_skb(char md5_hash, const struct tcp_md5sig_key key,
1087	hp = tcp_get_md5sig_pool();	1089	hp = tcp_get_md5sig_pool();
1088	if (!hp)	1090	if (!hp)
1089	goto clear_hash_noput;	1091	goto clear_hash_noput;
1090	desc = &hp->md5_desc;	1092	req = hp->md5_req;
1091		1093
1092	if (crypto_hash_init(desc))	1094	if (crypto_ahash_init(req))
1093	goto clear_hash;	1095	goto clear_hash;
1094		1096
1095	if (tcp_v4_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))	1097	if (tcp_v4_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
@@ -1100,7 +1102,8 @@ int tcp_v4_md5_hash_skb(char md5_hash, const struct tcp_md5sig_key key,
1100	goto clear_hash;	1102	goto clear_hash;
1101	if (tcp_md5_hash_key(hp, key))	1103	if (tcp_md5_hash_key(hp, key))
1102	goto clear_hash;	1104	goto clear_hash;
1103	if (crypto_hash_final(desc, md5_hash))	1105	ahash_request_set_crypt(req, NULL, md5_hash, 0);
		1106	if (crypto_ahash_final(req))
1104	goto clear_hash;	1107	goto clear_hash;
1105		1108
1106	tcp_put_md5sig_pool();	1109	tcp_put_md5sig_pool();


diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 006396e31cb0..bd5597227b18 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c
@@ -66,7 +66,7 @@
66	#include <linux/proc_fs.h>	66	#include <linux/proc_fs.h>
67	#include <linux/seq_file.h>	67	#include <linux/seq_file.h>
68		68
69	#include <linux/crypto.h>	69	#include <crypto/hash.h>
70	#include <linux/scatterlist.h>	70	#include <linux/scatterlist.h>
71		71
72	static void tcp_v6_send_reset(const struct sock sk, struct sk_buff skb);	72	static void tcp_v6_send_reset(const struct sock sk, struct sk_buff skb);
@@ -540,7 +540,8 @@ static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
540	bp->len = cpu_to_be32(nbytes);	540	bp->len = cpu_to_be32(nbytes);
541		541
542	sg_init_one(&sg, bp, sizeof(*bp));	542	sg_init_one(&sg, bp, sizeof(*bp));
543	return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));	543	ahash_request_set_crypt(hp->md5_req, &sg, NULL, sizeof(*bp));
		544	return crypto_ahash_update(hp->md5_req);
544	}	545	}
545		546
546	static int tcp_v6_md5_hash_hdr(char md5_hash, struct tcp_md5sig_key key,	547	static int tcp_v6_md5_hash_hdr(char md5_hash, struct tcp_md5sig_key key,
@@ -548,14 +549,14 @@ static int tcp_v6_md5_hash_hdr(char md5_hash, struct tcp_md5sig_key key,
548	const struct tcphdr *th)	549	const struct tcphdr *th)
549	{	550	{
550	struct tcp_md5sig_pool *hp;	551	struct tcp_md5sig_pool *hp;
551	struct hash_desc *desc;	552	struct ahash_request *req;
552		553
553	hp = tcp_get_md5sig_pool();	554	hp = tcp_get_md5sig_pool();
554	if (!hp)	555	if (!hp)
555	goto clear_hash_noput;	556	goto clear_hash_noput;
556	desc = &hp->md5_desc;	557	req = hp->md5_req;
557		558
558	if (crypto_hash_init(desc))	559	if (crypto_ahash_init(req))
559	goto clear_hash;	560	goto clear_hash;
560	if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))	561	if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
561	goto clear_hash;	562	goto clear_hash;
@@ -563,7 +564,8 @@ static int tcp_v6_md5_hash_hdr(char md5_hash, struct tcp_md5sig_key key,
563	goto clear_hash;	564	goto clear_hash;
564	if (tcp_md5_hash_key(hp, key))	565	if (tcp_md5_hash_key(hp, key))
565	goto clear_hash;	566	goto clear_hash;
566	if (crypto_hash_final(desc, md5_hash))	567	ahash_request_set_crypt(req, NULL, md5_hash, 0);
		568	if (crypto_ahash_final(req))
567	goto clear_hash;	569	goto clear_hash;
568		570
569	tcp_put_md5sig_pool();	571	tcp_put_md5sig_pool();
@@ -583,7 +585,7 @@ static int tcp_v6_md5_hash_skb(char *md5_hash,
583	{	585	{
584	const struct in6_addr saddr, daddr;	586	const struct in6_addr saddr, daddr;
585	struct tcp_md5sig_pool *hp;	587	struct tcp_md5sig_pool *hp;
586	struct hash_desc *desc;	588	struct ahash_request *req;
587	const struct tcphdr *th = tcp_hdr(skb);	589	const struct tcphdr *th = tcp_hdr(skb);
588		590
589	if (sk) { /* valid for establish/request sockets */	591	if (sk) { /* valid for establish/request sockets */
@@ -598,9 +600,9 @@ static int tcp_v6_md5_hash_skb(char *md5_hash,
598	hp = tcp_get_md5sig_pool();	600	hp = tcp_get_md5sig_pool();
599	if (!hp)	601	if (!hp)
600	goto clear_hash_noput;	602	goto clear_hash_noput;
601	desc = &hp->md5_desc;	603	req = hp->md5_req;
602		604
603	if (crypto_hash_init(desc))	605	if (crypto_ahash_init(req))
604	goto clear_hash;	606	goto clear_hash;
605		607
606	if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))	608	if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
@@ -611,7 +613,8 @@ static int tcp_v6_md5_hash_skb(char *md5_hash,
611	goto clear_hash;	613	goto clear_hash;
612	if (tcp_md5_hash_key(hp, key))	614	if (tcp_md5_hash_key(hp, key))
613	goto clear_hash;	615	goto clear_hash;
614	if (crypto_hash_final(desc, md5_hash))	616	ahash_request_set_crypt(req, NULL, md5_hash, 0);
		617	if (crypto_ahash_final(req))
615	goto clear_hash;	618	goto clear_hash;
616		619
617	tcp_put_md5sig_pool();	620	tcp_put_md5sig_pool();