Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: [HWRNG] omap: Minor updates [CRYPTO] kconfig: Ordering cleanup [CRYPTO] all: Clean up init()/fini() [CRYPTO] padlock-aes: Use generic setkey function [CRYPTO] aes: Export generic setkey [CRYPTO] api: Make the crypto subsystem fully modular [CRYPTO] cts: Add CTS mode required for Kerberos AES support [CRYPTO] lrw: Replace all adds to big endians variables with be*_add_cpu [CRYPTO] tcrypt: Change the XTEA test vectors [CRYPTO] tcrypt: Shrink the tcrypt module [CRYPTO] tcrypt: Change the usage of the test vectors [CRYPTO] api: Constify function pointer tables [CRYPTO] aes-x86-32: Remove unused return code [CRYPTO] tcrypt: Shrink speed templates [CRYPTO] tcrypt: Group common speed templates [CRYPTO] sha512: Rename sha512 to sha512_generic [CRYPTO] sha384: Hardware acceleration for s390 [CRYPTO] sha512: Hardware acceleration for s390 [CRYPTO] s390: Generic sha_update and sha_final [CRYPTO] api: Switch to proc_create()
author: Linus Torvalds <torvalds@linux-foundation.org> 2008-04-21 18:57:09 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2008-04-21 18:57:09 -0400
commit: 904e0ab54b7591b9cb01cfc0dbbedcc8bc0d949b (patch)
tree: 13a2fc98fc7b347fe0d18cc18d452f1f49bff582 /arch
parent: 98a1e95f9b5919b55c71a01546415074282d30d5 (diff)
parent: c49a7f182c44c31ea460093eb263110824f6c98e (diff)
8 files changed, 263 insertions, 174 deletions
diff --git a/arch/s390/crypto/Makefile b/arch/s390/crypto/Makefile
index 14e552c5cc43..6a1157fa4f98 100644
--- a/arch/s390/crypto/Makefile
+++ b/arch/s390/crypto/Makefile
@@ -2,8 +2,9 @@
 # Cryptographic API
 #
-obj-$(CONFIG_CRYPTO_SHA1_S390) += sha1_s390.o
+obj-$(CONFIG_CRYPTO_SHA1_S390) += sha1_s390.o sha_common.o
-obj-$(CONFIG_CRYPTO_SHA256_S390) += sha256_s390.o
+obj-$(CONFIG_CRYPTO_SHA256_S390) += sha256_s390.o sha_common.o
+obj-$(CONFIG_CRYPTO_SHA512_S390) += sha512_s390.o sha_common.o
 obj-$(CONFIG_CRYPTO_DES_S390) += des_s390.o des_check_key.o
 obj-$(CONFIG_CRYPTO_AES_S390) += aes_s390.o
 obj-$(CONFIG_S390_PRNG) += prng.o
diff --git a/arch/s390/crypto/crypt_s390.h b/arch/s390/crypto/crypt_s390.h
index 95f5160df27f..9992f95ef992 100644
--- a/arch/s390/crypto/crypt_s390.h
+++ b/arch/s390/crypto/crypt_s390.h
@@ -82,6 +82,7 @@ enum crypt_s390_kimd_func {
        KIMD_QUERY   = CRYPT_S390_KIMD | 0,
        KIMD_SHA_1   = CRYPT_S390_KIMD | 1,
        KIMD_SHA_256 = CRYPT_S390_KIMD | 2,
+        KIMD_SHA_512 = CRYPT_S390_KIMD | 3,
 };
 /*
@@ -92,6 +93,7 @@ enum crypt_s390_klmd_func {
        KLMD_QUERY   = CRYPT_S390_KLMD | 0,
        KLMD_SHA_1   = CRYPT_S390_KLMD | 1,
        KLMD_SHA_256 = CRYPT_S390_KLMD | 2,
+        KLMD_SHA_512 = CRYPT_S390_KLMD | 3,
 };
 /*
diff --git a/arch/s390/crypto/sha.h b/arch/s390/crypto/sha.h
new file mode 100644
index 000000000000..1ceafa571eab
--- /dev/null
+++ b/arch/s390/crypto/sha.h
@@ -0,0 +1,35 @@
+/*
+ * Cryptographic API.
+ *
+ * s390 generic implementation of the SHA Secure Hash Algorithms.
+ *
+ * Copyright IBM Corp. 2007
+ * Author(s): Jan Glauber (jang@de.ibm.com)
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ *
+ */
+#ifndef _CRYPTO_ARCH_S390_SHA_H
+#define _CRYPTO_ARCH_S390_SHA_H
+#include <linux/crypto.h>
+#include <crypto/sha.h>
+/* must be big enough for the largest SHA variant */
+#define SHA_MAX_STATE_SIZE      16
+#define SHA_MAX_BLOCK_SIZE      SHA512_BLOCK_SIZE
+struct s390_sha_ctx {
+        u64 count;              /* message length in bytes */
+        u32 state[SHA_MAX_STATE_SIZE];
+        u8 buf[2 * SHA_MAX_BLOCK_SIZE];
+        int func;               /* KIMD function to use */
+};
+void s390_sha_update(struct crypto_tfm *tfm, const u8 *data, unsigned int len);
+void s390_sha_final(struct crypto_tfm *tfm, u8 *out);
+#endif
diff --git a/arch/s390/crypto/sha1_s390.c b/arch/s390/crypto/sha1_s390.c
index 9cf9eca22747..b3cb5a89b00d 100644
--- a/arch/s390/crypto/sha1_s390.c
+++ b/arch/s390/crypto/sha1_s390.c
@@ -29,16 +29,11 @@
 #include <crypto/sha.h>
 #include "crypt_s390.h"
+#include "sha.h"
-struct s390_sha1_ctx {
-        u64 count;              /* message length */
-        u32 state[5];
-        u8 buf[2 * SHA1_BLOCK_SIZE];
-};
 static void sha1_init(struct crypto_tfm *tfm)
 {
-        struct s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm);
+        struct s390_sha_ctx *sctx = crypto_tfm_ctx(tfm);
        sctx->state[0] = SHA1_H0;
        sctx->state[1] = SHA1_H1;
@@ -46,79 +41,7 @@ static void sha1_init(struct crypto_tfm *tfm)
        sctx->state[3] = SHA1_H3;
        sctx->state[4] = SHA1_H4;
        sctx->count = 0;
-}
+        sctx->func = KIMD_SHA_1;
-static void sha1_update(struct crypto_tfm *tfm, const u8 *data,
-                        unsigned int len)
-{
-        struct s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm);
-        unsigned int index;
-        int ret;
-        /* how much is already in the buffer? */
-        index = sctx->count & 0x3f;
-        sctx->count += len;
-        if (index + len < SHA1_BLOCK_SIZE)
-                goto store;
-        /* process one stored block */
-        if (index) {
-                memcpy(sctx->buf + index, data, SHA1_BLOCK_SIZE - index);
-                ret = crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buf,
-                                      SHA1_BLOCK_SIZE);
-                BUG_ON(ret != SHA1_BLOCK_SIZE);
-                data += SHA1_BLOCK_SIZE - index;
-                len -= SHA1_BLOCK_SIZE - index;
-        }
-        /* process as many blocks as possible */
-        if (len >= SHA1_BLOCK_SIZE) {
-                ret = crypt_s390_kimd(KIMD_SHA_1, sctx->state, data,
-                                      len & ~(SHA1_BLOCK_SIZE - 1));
-                BUG_ON(ret != (len & ~(SHA1_BLOCK_SIZE - 1)));
-                data += ret;
-                len -= ret;
-        }
-store:
-        /* anything left? */
-        if (len)
-                memcpy(sctx->buf + index , data, len);
-}
-/* Add padding and return the message digest. */
-static void sha1_final(struct crypto_tfm *tfm, u8 *out)
-{
-        struct s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm);
-        u64 bits;
-        unsigned int index, end;
-        int ret;
-        /* must perform manual padding */
-        index = sctx->count & 0x3f;
-        end =  (index < 56) ? SHA1_BLOCK_SIZE : (2 * SHA1_BLOCK_SIZE);
-        /* start pad with 1 */
-        sctx->buf[index] = 0x80;
-        /* pad with zeros */
-        index++;
-        memset(sctx->buf + index, 0x00, end - index - 8);
-        /* append message length */
-        bits = sctx->count * 8;
-        memcpy(sctx->buf + end - 8, &bits, sizeof(bits));
-        ret = crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buf, end);
-        BUG_ON(ret != end);
-        /* copy digest to out */
-        memcpy(out, sctx->state, SHA1_DIGEST_SIZE);
-        /* wipe context */
-        memset(sctx, 0, sizeof *sctx);
 }
 static struct crypto_alg alg = {
@@ -127,21 +50,20 @@ static struct crypto_alg alg = {
        .cra_priority   =       CRYPT_S390_PRIORITY,
        .cra_flags      =       CRYPTO_ALG_TYPE_DIGEST,
        .cra_blocksize  =       SHA1_BLOCK_SIZE,
-        .cra_ctxsize    =       sizeof(struct s390_sha1_ctx),
+        .cra_ctxsize    =       sizeof(struct s390_sha_ctx),
        .cra_module     =       THIS_MODULE,
        .cra_list       =       LIST_HEAD_INIT(alg.cra_list),
        .cra_u          =       { .digest = {
        .dia_digestsize =       SHA1_DIGEST_SIZE,
        .dia_init       =       sha1_init,
-        .dia_update     =       sha1_update,
+        .dia_update     =       s390_sha_update,
-        .dia_final      =       sha1_final } }
+        .dia_final      =       s390_sha_final } }
 };
 static int __init sha1_s390_init(void)
 {
        if (!crypt_s390_func_available(KIMD_SHA_1))
                return -EOPNOTSUPP;
        return crypto_register_alg(&alg);
 }
@@ -154,6 +76,5 @@ module_init(sha1_s390_init);
 module_exit(sha1_s390_fini);
 MODULE_ALIAS("sha1");
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm");
diff --git a/arch/s390/crypto/sha256_s390.c b/arch/s390/crypto/sha256_s390.c
index 2a3d756b35d4..19c03fb6ba7e 100644
--- a/arch/s390/crypto/sha256_s390.c
+++ b/arch/s390/crypto/sha256_s390.c
@@ -22,16 +22,11 @@
 #include <crypto/sha.h>
 #include "crypt_s390.h"
+#include "sha.h"
-struct s390_sha256_ctx {
-        u64 count;              /* message length */
-        u32 state[8];
-        u8 buf[2 * SHA256_BLOCK_SIZE];
-};
 static void sha256_init(struct crypto_tfm *tfm)
 {
-        struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm);
+        struct s390_sha_ctx *sctx = crypto_tfm_ctx(tfm);
        sctx->state[0] = SHA256_H0;
        sctx->state[1] = SHA256_H1;
@@ -42,79 +37,7 @@ static void sha256_init(struct crypto_tfm *tfm)
        sctx->state[6] = SHA256_H6;
        sctx->state[7] = SHA256_H7;
        sctx->count = 0;
-}
+        sctx->func = KIMD_SHA_256;
-static void sha256_update(struct crypto_tfm *tfm, const u8 *data,
-                          unsigned int len)
-{
-        struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm);
-        unsigned int index;
-        int ret;
-        /* how much is already in the buffer? */
-        index = sctx->count & 0x3f;
-        sctx->count += len;
-        if ((index + len) < SHA256_BLOCK_SIZE)
-                goto store;
-        /* process one stored block */
-        if (index) {
-                memcpy(sctx->buf + index, data, SHA256_BLOCK_SIZE - index);
-                ret = crypt_s390_kimd(KIMD_SHA_256, sctx->state, sctx->buf,
-                                      SHA256_BLOCK_SIZE);
-                BUG_ON(ret != SHA256_BLOCK_SIZE);
-                data += SHA256_BLOCK_SIZE - index;
-                len -= SHA256_BLOCK_SIZE - index;
-        }
-        /* process as many blocks as possible */
-        if (len >= SHA256_BLOCK_SIZE) {
-                ret = crypt_s390_kimd(KIMD_SHA_256, sctx->state, data,
-                                      len & ~(SHA256_BLOCK_SIZE - 1));
-                BUG_ON(ret != (len & ~(SHA256_BLOCK_SIZE - 1)));
-                data += ret;
-                len -= ret;
-        }
-store:
-        /* anything left? */
-        if (len)
-                memcpy(sctx->buf + index , data, len);
-}
-/* Add padding and return the message digest */
-static void sha256_final(struct crypto_tfm *tfm, u8 *out)
-{
-        struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm);
-        u64 bits;
-        unsigned int index, end;
-        int ret;
-        /* must perform manual padding */
-        index = sctx->count & 0x3f;
-        end = (index < 56) ? SHA256_BLOCK_SIZE : (2 * SHA256_BLOCK_SIZE);
-        /* start pad with 1 */
-        sctx->buf[index] = 0x80;
-        /* pad with zeros */
-        index++;
-        memset(sctx->buf + index, 0x00, end - index - 8);
-        /* append message length */
-        bits = sctx->count * 8;
-        memcpy(sctx->buf + end - 8, &bits, sizeof(bits));
-        ret = crypt_s390_kimd(KIMD_SHA_256, sctx->state, sctx->buf, end);
-        BUG_ON(ret != end);
-        /* copy digest to out */
-        memcpy(out, sctx->state, SHA256_DIGEST_SIZE);
-        /* wipe context */
-        memset(sctx, 0, sizeof *sctx);
 }
 static struct crypto_alg alg = {
@@ -123,14 +46,14 @@ static struct crypto_alg alg = {
        .cra_priority   =       CRYPT_S390_PRIORITY,
        .cra_flags      =       CRYPTO_ALG_TYPE_DIGEST,
        .cra_blocksize  =       SHA256_BLOCK_SIZE,
-        .cra_ctxsize    =       sizeof(struct s390_sha256_ctx),
+        .cra_ctxsize    =       sizeof(struct s390_sha_ctx),
        .cra_module     =       THIS_MODULE,
        .cra_list       =       LIST_HEAD_INIT(alg.cra_list),
        .cra_u          =       { .digest = {
        .dia_digestsize =       SHA256_DIGEST_SIZE,
        .dia_init       =       sha256_init,
-        .dia_update     =       sha256_update,
+        .dia_update     =       s390_sha_update,
-        .dia_final      =       sha256_final } }
+        .dia_final      =       s390_sha_final } }
 };
 static int sha256_s390_init(void)
@@ -150,6 +73,5 @@ module_init(sha256_s390_init);
 module_exit(sha256_s390_fini);
 MODULE_ALIAS("sha256");
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("SHA256 Secure Hash Algorithm");
diff --git a/arch/s390/crypto/sha512_s390.c b/arch/s390/crypto/sha512_s390.c
new file mode 100644
index 000000000000..23c7861f6aeb
--- /dev/null
+++ b/arch/s390/crypto/sha512_s390.c
@@ -0,0 +1,114 @@
+/*
+ * Cryptographic API.
+ *
+ * s390 implementation of the SHA512 and SHA38 Secure Hash Algorithm.
+ *
+ * Copyright IBM Corp. 2007
+ * Author(s): Jan Glauber (jang@de.ibm.com)
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ *
+ */
+#include <linux/init.h>
+#include <linux/module.h>
+#include <linux/crypto.h>
+#include "sha.h"
+#include "crypt_s390.h"
+static void sha512_init(struct crypto_tfm *tfm)
+{
+        struct s390_sha_ctx *ctx = crypto_tfm_ctx(tfm);
+        *(__u64 *)&ctx->state[0] = 0x6a09e667f3bcc908ULL;
+        *(__u64 *)&ctx->state[2] = 0xbb67ae8584caa73bULL;
+        *(__u64 *)&ctx->state[4] = 0x3c6ef372fe94f82bULL;
+        *(__u64 *)&ctx->state[6] = 0xa54ff53a5f1d36f1ULL;
+        *(__u64 *)&ctx->state[8] = 0x510e527fade682d1ULL;
+        *(__u64 *)&ctx->state[10] = 0x9b05688c2b3e6c1fULL;
+        *(__u64 *)&ctx->state[12] = 0x1f83d9abfb41bd6bULL;
+        *(__u64 *)&ctx->state[14] = 0x5be0cd19137e2179ULL;
+        ctx->count = 0;
+        ctx->func = KIMD_SHA_512;
+}
+static struct crypto_alg sha512_alg = {
+        .cra_name       =       "sha512",
+        .cra_driver_name =      "sha512-s390",
+        .cra_priority   =       CRYPT_S390_PRIORITY,
+        .cra_flags      =       CRYPTO_ALG_TYPE_DIGEST,
+        .cra_blocksize  =       SHA512_BLOCK_SIZE,
+        .cra_ctxsize    =       sizeof(struct s390_sha_ctx),
+        .cra_module     =       THIS_MODULE,
+        .cra_list       =       LIST_HEAD_INIT(sha512_alg.cra_list),
+        .cra_u          =       { .digest = {
+        .dia_digestsize =       SHA512_DIGEST_SIZE,
+        .dia_init       =       sha512_init,
+        .dia_update     =       s390_sha_update,
+        .dia_final      =       s390_sha_final } }
+};
+MODULE_ALIAS("sha512");
+static void sha384_init(struct crypto_tfm *tfm)
+{
+        struct s390_sha_ctx *ctx = crypto_tfm_ctx(tfm);
+        *(__u64 *)&ctx->state[0] = 0xcbbb9d5dc1059ed8ULL;
+        *(__u64 *)&ctx->state[2] = 0x629a292a367cd507ULL;
+        *(__u64 *)&ctx->state[4] = 0x9159015a3070dd17ULL;
+        *(__u64 *)&ctx->state[6] = 0x152fecd8f70e5939ULL;
+        *(__u64 *)&ctx->state[8] = 0x67332667ffc00b31ULL;
+        *(__u64 *)&ctx->state[10] = 0x8eb44a8768581511ULL;
+        *(__u64 *)&ctx->state[12] = 0xdb0c2e0d64f98fa7ULL;
+        *(__u64 *)&ctx->state[14] = 0x47b5481dbefa4fa4ULL;
+        ctx->count = 0;
+        ctx->func = KIMD_SHA_512;
+}
+static struct crypto_alg sha384_alg = {
+        .cra_name       =       "sha384",
+        .cra_driver_name =      "sha384-s390",
+        .cra_priority   =       CRYPT_S390_PRIORITY,
+        .cra_flags      =       CRYPTO_ALG_TYPE_DIGEST,
+        .cra_blocksize  =       SHA384_BLOCK_SIZE,
+        .cra_ctxsize    =       sizeof(struct s390_sha_ctx),
+        .cra_module     =       THIS_MODULE,
+        .cra_list       =       LIST_HEAD_INIT(sha384_alg.cra_list),
+        .cra_u          =       { .digest = {
+        .dia_digestsize =       SHA384_DIGEST_SIZE,
+        .dia_init       =       sha384_init,
+        .dia_update     =       s390_sha_update,
+        .dia_final      =       s390_sha_final } }
+};
+MODULE_ALIAS("sha384");
+static int __init init(void)
+{
+        int ret;
+        if (!crypt_s390_func_available(KIMD_SHA_512))
+                return -EOPNOTSUPP;
+        if ((ret = crypto_register_alg(&sha512_alg)) < 0)
+                goto out;
+        if ((ret = crypto_register_alg(&sha384_alg)) < 0)
+                crypto_unregister_alg(&sha512_alg);
+out:
+        return ret;
+}
+static void __exit fini(void)
+{
+        crypto_unregister_alg(&sha512_alg);
+        crypto_unregister_alg(&sha384_alg);
+}
+module_init(init);
+module_exit(fini);
+MODULE_LICENSE("GPL");
+MODULE_DESCRIPTION("SHA512 and SHA-384 Secure Hash Algorithm");
diff --git a/arch/s390/crypto/sha_common.c b/arch/s390/crypto/sha_common.c
new file mode 100644
index 000000000000..9d6eb8c3d37e
--- /dev/null
+++ b/arch/s390/crypto/sha_common.c
@@ -0,0 +1,97 @@
+/*
+ * Cryptographic API.
+ *
+ * s390 generic implementation of the SHA Secure Hash Algorithms.
+ *
+ * Copyright IBM Corp. 2007
+ * Author(s): Jan Glauber (jang@de.ibm.com)
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ *
+ */
+#include <linux/crypto.h>
+#include "sha.h"
+#include "crypt_s390.h"
+void s390_sha_update(struct crypto_tfm *tfm, const u8 *data, unsigned int len)
+{
+        struct s390_sha_ctx *ctx = crypto_tfm_ctx(tfm);
+        unsigned int bsize = crypto_tfm_alg_blocksize(tfm);
+        unsigned int index;
+        int ret;
+        /* how much is already in the buffer? */
+        index = ctx->count & (bsize - 1);
+        ctx->count += len;
+        if ((index + len) < bsize)
+                goto store;
+        /* process one stored block */
+        if (index) {
+                memcpy(ctx->buf + index, data, bsize - index);
+                ret = crypt_s390_kimd(ctx->func, ctx->state, ctx->buf, bsize);
+                BUG_ON(ret != bsize);
+                data += bsize - index;
+                len -= bsize - index;
+        }
+        /* process as many blocks as possible */
+        if (len >= bsize) {
+                ret = crypt_s390_kimd(ctx->func, ctx->state, data,
+                                      len & ~(bsize - 1));
+                BUG_ON(ret != (len & ~(bsize - 1)));
+                data += ret;
+                len -= ret;
+        }
+store:
+        if (len)
+                memcpy(ctx->buf + index , data, len);
+}
+EXPORT_SYMBOL_GPL(s390_sha_update);
+void s390_sha_final(struct crypto_tfm *tfm, u8 *out)
+{
+        struct s390_sha_ctx *ctx = crypto_tfm_ctx(tfm);
+        unsigned int bsize = crypto_tfm_alg_blocksize(tfm);
+        u64 bits;
+        unsigned int index, end, plen;
+        int ret;
+        /* SHA-512 uses 128 bit padding length */
+        plen = (bsize > SHA256_BLOCK_SIZE) ? 16 : 8;
+        /* must perform manual padding */
+        index = ctx->count & (bsize - 1);
+        end = (index < bsize - plen) ? bsize : (2 * bsize);
+        /* start pad with 1 */
+        ctx->buf[index] = 0x80;
+        index++;
+        /* pad with zeros */
+        memset(ctx->buf + index, 0x00, end - index - 8);
+        /*
+         * Append message length. Well, SHA-512 wants a 128 bit lenght value,
+         * nevertheless we use u64, should be enough for now...
+         */
+        bits = ctx->count * 8;
+        memcpy(ctx->buf + end - 8, &bits, sizeof(bits));
+        ret = crypt_s390_kimd(ctx->func, ctx->state, ctx->buf, end);
+        BUG_ON(ret != end);
+        /* copy digest to out */
+        memcpy(out, ctx->state, crypto_hash_digestsize(crypto_hash_cast(tfm)));
+        /* wipe context */
+        memset(ctx, 0, sizeof *ctx);
+}
+EXPORT_SYMBOL_GPL(s390_sha_final);
+MODULE_LICENSE("GPL");
+MODULE_DESCRIPTION("s390 SHA cipher common functions");
diff --git a/arch/x86/crypto/aes-i586-asm_32.S b/arch/x86/crypto/aes-i586-asm_32.S
index 1093bede3e0a..e41b147f4509 100644
--- a/arch/x86/crypto/aes-i586-asm_32.S
+++ b/arch/x86/crypto/aes-i586-asm_32.S
@@ -289,7 +289,6 @@ aes_enc_blk:
        pop     %ebx
        mov     %r0,(%ebp)
        pop     %ebp
-        mov     $1,%eax
        ret
 // AES (Rijndael) Decryption Subroutine
@@ -365,6 +364,4 @@ aes_dec_blk:
        pop     %ebx
        mov     %r0,(%ebp)
        pop     %ebp
-        mov     $1,%eax
        ret
author	Linus Torvalds <torvalds@linux-foundation.org>	2008-04-21 18:57:09 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2008-04-21 18:57:09 -0400
commit	904e0ab54b7591b9cb01cfc0dbbedcc8bc0d949b (patch)
tree	13a2fc98fc7b347fe0d18cc18d452f1f49bff582 /arch
parent	98a1e95f9b5919b55c71a01546415074282d30d5 (diff)
parent	c49a7f182c44c31ea460093eb263110824f6c98e (diff)

diff --git a/arch/s390/crypto/Makefile b/arch/s390/crypto/Makefile index 14e552c5cc43..6a1157fa4f98 100644 --- a/arch/s390/crypto/Makefile +++ b/arch/s390/crypto/Makefile
@@ -2,8 +2,9 @@
2	# Cryptographic API	2	# Cryptographic API
3	#	3	#
4		4
5	obj-$(CONFIG_CRYPTO_SHA1_S390) += sha1_s390.o	5	obj-$(CONFIG_CRYPTO_SHA1_S390) += sha1_s390.o sha_common.o
6	obj-$(CONFIG_CRYPTO_SHA256_S390) += sha256_s390.o	6	obj-$(CONFIG_CRYPTO_SHA256_S390) += sha256_s390.o sha_common.o
		7	obj-$(CONFIG_CRYPTO_SHA512_S390) += sha512_s390.o sha_common.o
7	obj-$(CONFIG_CRYPTO_DES_S390) += des_s390.o des_check_key.o	8	obj-$(CONFIG_CRYPTO_DES_S390) += des_s390.o des_check_key.o
8	obj-$(CONFIG_CRYPTO_AES_S390) += aes_s390.o	9	obj-$(CONFIG_CRYPTO_AES_S390) += aes_s390.o
9	obj-$(CONFIG_S390_PRNG) += prng.o	10	obj-$(CONFIG_S390_PRNG) += prng.o


diff --git a/arch/s390/crypto/crypt_s390.h b/arch/s390/crypto/crypt_s390.h index 95f5160df27f..9992f95ef992 100644 --- a/arch/s390/crypto/crypt_s390.h +++ b/arch/s390/crypto/crypt_s390.h
@@ -82,6 +82,7 @@ enum crypt_s390_kimd_func {
82	KIMD_QUERY = CRYPT_S390_KIMD \| 0,	82	KIMD_QUERY = CRYPT_S390_KIMD \| 0,
83	KIMD_SHA_1 = CRYPT_S390_KIMD \| 1,	83	KIMD_SHA_1 = CRYPT_S390_KIMD \| 1,
84	KIMD_SHA_256 = CRYPT_S390_KIMD \| 2,	84	KIMD_SHA_256 = CRYPT_S390_KIMD \| 2,
		85	KIMD_SHA_512 = CRYPT_S390_KIMD \| 3,
85	};	86	};
86		87
87	/*	88	/*
@@ -92,6 +93,7 @@ enum crypt_s390_klmd_func {
92	KLMD_QUERY = CRYPT_S390_KLMD \| 0,	93	KLMD_QUERY = CRYPT_S390_KLMD \| 0,
93	KLMD_SHA_1 = CRYPT_S390_KLMD \| 1,	94	KLMD_SHA_1 = CRYPT_S390_KLMD \| 1,
94	KLMD_SHA_256 = CRYPT_S390_KLMD \| 2,	95	KLMD_SHA_256 = CRYPT_S390_KLMD \| 2,
		96	KLMD_SHA_512 = CRYPT_S390_KLMD \| 3,
95	};	97	};
96		98
97	/*	99	/*


diff --git a/arch/s390/crypto/sha.h b/arch/s390/crypto/sha.h new file mode 100644 index 000000000000..1ceafa571eab --- /dev/null +++ b/arch/s390/crypto/sha.h
@@ -0,0 +1,35 @@
		1	/*
		2	* Cryptographic API.
		3	*
		4	* s390 generic implementation of the SHA Secure Hash Algorithms.
		5	*
		6	* Copyright IBM Corp. 2007
		7	* Author(s): Jan Glauber (jang@de.ibm.com)
		8	*
		9	* This program is free software; you can redistribute it and/or modify it
		10	* under the terms of the GNU General Public License as published by the Free
		11	* Software Foundation; either version 2 of the License, or (at your option)
		12	* any later version.
		13	*
		14	*/
		15	#ifndef _CRYPTO_ARCH_S390_SHA_H
		16	#define _CRYPTO_ARCH_S390_SHA_H
		17
		18	#include <linux/crypto.h>
		19	#include <crypto/sha.h>
		20
		21	/* must be big enough for the largest SHA variant */
		22	#define SHA_MAX_STATE_SIZE 16
		23	#define SHA_MAX_BLOCK_SIZE SHA512_BLOCK_SIZE
		24
		25	struct s390_sha_ctx {
		26	u64 count; /* message length in bytes */
		27	u32 state[SHA_MAX_STATE_SIZE];
		28	u8 buf[2 * SHA_MAX_BLOCK_SIZE];
		29	int func; /* KIMD function to use */
		30	};
		31
		32	void s390_sha_update(struct crypto_tfm tfm, const u8 data, unsigned int len);
		33	void s390_sha_final(struct crypto_tfm tfm, u8 out);
		34
		35	#endif


diff --git a/arch/s390/crypto/sha1_s390.c b/arch/s390/crypto/sha1_s390.c index 9cf9eca22747..b3cb5a89b00d 100644 --- a/arch/s390/crypto/sha1_s390.c +++ b/arch/s390/crypto/sha1_s390.c
@@ -29,16 +29,11 @@
29	#include <crypto/sha.h>	29	#include <crypto/sha.h>
30		30
31	#include "crypt_s390.h"	31	#include "crypt_s390.h"
32		32	#include "sha.h"
33	struct s390_sha1_ctx {
34	u64 count; /* message length */
35	u32 state[5];
36	u8 buf[2 * SHA1_BLOCK_SIZE];
37	};
38		33
39	static void sha1_init(struct crypto_tfm *tfm)	34	static void sha1_init(struct crypto_tfm *tfm)
40	{	35	{
41	struct s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm);	36	struct s390_sha_ctx *sctx = crypto_tfm_ctx(tfm);
42		37
43	sctx->state[0] = SHA1_H0;	38	sctx->state[0] = SHA1_H0;
44	sctx->state[1] = SHA1_H1;	39	sctx->state[1] = SHA1_H1;
@@ -46,79 +41,7 @@ static void sha1_init(struct crypto_tfm *tfm)
46	sctx->state[3] = SHA1_H3;	41	sctx->state[3] = SHA1_H3;
47	sctx->state[4] = SHA1_H4;	42	sctx->state[4] = SHA1_H4;
48	sctx->count = 0;	43	sctx->count = 0;
49	}	44	sctx->func = KIMD_SHA_1;
50
51	static void sha1_update(struct crypto_tfm tfm, const u8 data,
52	unsigned int len)
53	{
54	struct s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm);
55	unsigned int index;
56	int ret;
57
58	/* how much is already in the buffer? */
59	index = sctx->count & 0x3f;
60
61	sctx->count += len;
62
63	if (index + len < SHA1_BLOCK_SIZE)
64	goto store;
65
66	/* process one stored block */
67	if (index) {
68	memcpy(sctx->buf + index, data, SHA1_BLOCK_SIZE - index);
69	ret = crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buf,
70	SHA1_BLOCK_SIZE);
71	BUG_ON(ret != SHA1_BLOCK_SIZE);
72	data += SHA1_BLOCK_SIZE - index;
73	len -= SHA1_BLOCK_SIZE - index;
74	}
75
76	/* process as many blocks as possible */
77	if (len >= SHA1_BLOCK_SIZE) {
78	ret = crypt_s390_kimd(KIMD_SHA_1, sctx->state, data,
79	len & ~(SHA1_BLOCK_SIZE - 1));
80	BUG_ON(ret != (len & ~(SHA1_BLOCK_SIZE - 1)));
81	data += ret;
82	len -= ret;
83	}
84
85	store:
86	/* anything left? */
87	if (len)
88	memcpy(sctx->buf + index , data, len);
89	}
90
91	/* Add padding and return the message digest. */
92	static void sha1_final(struct crypto_tfm tfm, u8 out)
93	{
94	struct s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm);
95	u64 bits;
96	unsigned int index, end;
97	int ret;
98
99	/* must perform manual padding */
100	index = sctx->count & 0x3f;
101	end = (index < 56) ? SHA1_BLOCK_SIZE : (2 * SHA1_BLOCK_SIZE);
102
103	/* start pad with 1 */
104	sctx->buf[index] = 0x80;
105
106	/* pad with zeros */
107	index++;
108	memset(sctx->buf + index, 0x00, end - index - 8);
109
110	/* append message length */
111	bits = sctx->count * 8;
112	memcpy(sctx->buf + end - 8, &bits, sizeof(bits));
113
114	ret = crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buf, end);
115	BUG_ON(ret != end);
116
117	/* copy digest to out */
118	memcpy(out, sctx->state, SHA1_DIGEST_SIZE);
119
120	/* wipe context */
121	memset(sctx, 0, sizeof *sctx);
122	}	45	}
123		46
124	static struct crypto_alg alg = {	47	static struct crypto_alg alg = {
@@ -127,21 +50,20 @@ static struct crypto_alg alg = {
127	.cra_priority = CRYPT_S390_PRIORITY,	50	.cra_priority = CRYPT_S390_PRIORITY,
128	.cra_flags = CRYPTO_ALG_TYPE_DIGEST,	51	.cra_flags = CRYPTO_ALG_TYPE_DIGEST,
129	.cra_blocksize = SHA1_BLOCK_SIZE,	52	.cra_blocksize = SHA1_BLOCK_SIZE,
130	.cra_ctxsize = sizeof(struct s390_sha1_ctx),	53	.cra_ctxsize = sizeof(struct s390_sha_ctx),
131	.cra_module = THIS_MODULE,	54	.cra_module = THIS_MODULE,
132	.cra_list = LIST_HEAD_INIT(alg.cra_list),	55	.cra_list = LIST_HEAD_INIT(alg.cra_list),
133	.cra_u = { .digest = {	56	.cra_u = { .digest = {
134	.dia_digestsize = SHA1_DIGEST_SIZE,	57	.dia_digestsize = SHA1_DIGEST_SIZE,
135	.dia_init = sha1_init,	58	.dia_init = sha1_init,
136	.dia_update = sha1_update,	59	.dia_update = s390_sha_update,
137	.dia_final = sha1_final } }	60	.dia_final = s390_sha_final } }
138	};	61	};
139		62
140	static int __init sha1_s390_init(void)	63	static int __init sha1_s390_init(void)
141	{	64	{
142	if (!crypt_s390_func_available(KIMD_SHA_1))	65	if (!crypt_s390_func_available(KIMD_SHA_1))
143	return -EOPNOTSUPP;	66	return -EOPNOTSUPP;
144
145	return crypto_register_alg(&alg);	67	return crypto_register_alg(&alg);
146	}	68	}
147		69
@@ -154,6 +76,5 @@ module_init(sha1_s390_init);
154	module_exit(sha1_s390_fini);	76	module_exit(sha1_s390_fini);
155		77
156	MODULE_ALIAS("sha1");	78	MODULE_ALIAS("sha1");
157
158	MODULE_LICENSE("GPL");	79	MODULE_LICENSE("GPL");
159	MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm");	80	MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm");


diff --git a/arch/s390/crypto/sha256_s390.c b/arch/s390/crypto/sha256_s390.c index 2a3d756b35d4..19c03fb6ba7e 100644 --- a/arch/s390/crypto/sha256_s390.c +++ b/arch/s390/crypto/sha256_s390.c
@@ -22,16 +22,11 @@
22	#include <crypto/sha.h>	22	#include <crypto/sha.h>
23		23
24	#include "crypt_s390.h"	24	#include "crypt_s390.h"
25		25	#include "sha.h"
26	struct s390_sha256_ctx {
27	u64 count; /* message length */
28	u32 state[8];
29	u8 buf[2 * SHA256_BLOCK_SIZE];
30	};
31		26
32	static void sha256_init(struct crypto_tfm *tfm)	27	static void sha256_init(struct crypto_tfm *tfm)
33	{	28	{
34	struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm);	29	struct s390_sha_ctx *sctx = crypto_tfm_ctx(tfm);
35		30
36	sctx->state[0] = SHA256_H0;	31	sctx->state[0] = SHA256_H0;
37	sctx->state[1] = SHA256_H1;	32	sctx->state[1] = SHA256_H1;
@@ -42,79 +37,7 @@ static void sha256_init(struct crypto_tfm *tfm)
42	sctx->state[6] = SHA256_H6;	37	sctx->state[6] = SHA256_H6;
43	sctx->state[7] = SHA256_H7;	38	sctx->state[7] = SHA256_H7;
44	sctx->count = 0;	39	sctx->count = 0;
45	}	40	sctx->func = KIMD_SHA_256;
46
47	static void sha256_update(struct crypto_tfm tfm, const u8 data,
48	unsigned int len)
49	{
50	struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm);
51	unsigned int index;
52	int ret;
53
54	/* how much is already in the buffer? */
55	index = sctx->count & 0x3f;
56
57	sctx->count += len;
58
59	if ((index + len) < SHA256_BLOCK_SIZE)
60	goto store;
61
62	/* process one stored block */
63	if (index) {
64	memcpy(sctx->buf + index, data, SHA256_BLOCK_SIZE - index);
65	ret = crypt_s390_kimd(KIMD_SHA_256, sctx->state, sctx->buf,
66	SHA256_BLOCK_SIZE);
67	BUG_ON(ret != SHA256_BLOCK_SIZE);
68	data += SHA256_BLOCK_SIZE - index;
69	len -= SHA256_BLOCK_SIZE - index;
70	}
71
72	/* process as many blocks as possible */
73	if (len >= SHA256_BLOCK_SIZE) {
74	ret = crypt_s390_kimd(KIMD_SHA_256, sctx->state, data,
75	len & ~(SHA256_BLOCK_SIZE - 1));
76	BUG_ON(ret != (len & ~(SHA256_BLOCK_SIZE - 1)));
77	data += ret;
78	len -= ret;
79	}
80
81	store:
82	/* anything left? */
83	if (len)
84	memcpy(sctx->buf + index , data, len);
85	}
86
87	/* Add padding and return the message digest */
88	static void sha256_final(struct crypto_tfm tfm, u8 out)
89	{
90	struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm);
91	u64 bits;
92	unsigned int index, end;
93	int ret;
94
95	/* must perform manual padding */
96	index = sctx->count & 0x3f;
97	end = (index < 56) ? SHA256_BLOCK_SIZE : (2 * SHA256_BLOCK_SIZE);
98
99	/* start pad with 1 */
100	sctx->buf[index] = 0x80;
101
102	/* pad with zeros */
103	index++;
104	memset(sctx->buf + index, 0x00, end - index - 8);
105
106	/* append message length */
107	bits = sctx->count * 8;
108	memcpy(sctx->buf + end - 8, &bits, sizeof(bits));
109
110	ret = crypt_s390_kimd(KIMD_SHA_256, sctx->state, sctx->buf, end);
111	BUG_ON(ret != end);
112
113	/* copy digest to out */
114	memcpy(out, sctx->state, SHA256_DIGEST_SIZE);
115
116	/* wipe context */
117	memset(sctx, 0, sizeof *sctx);
118	}	41	}
119		42
120	static struct crypto_alg alg = {	43	static struct crypto_alg alg = {
@@ -123,14 +46,14 @@ static struct crypto_alg alg = {
123	.cra_priority = CRYPT_S390_PRIORITY,	46	.cra_priority = CRYPT_S390_PRIORITY,
124	.cra_flags = CRYPTO_ALG_TYPE_DIGEST,	47	.cra_flags = CRYPTO_ALG_TYPE_DIGEST,
125	.cra_blocksize = SHA256_BLOCK_SIZE,	48	.cra_blocksize = SHA256_BLOCK_SIZE,
126	.cra_ctxsize = sizeof(struct s390_sha256_ctx),	49	.cra_ctxsize = sizeof(struct s390_sha_ctx),
127	.cra_module = THIS_MODULE,	50	.cra_module = THIS_MODULE,
128	.cra_list = LIST_HEAD_INIT(alg.cra_list),	51	.cra_list = LIST_HEAD_INIT(alg.cra_list),
129	.cra_u = { .digest = {	52	.cra_u = { .digest = {
130	.dia_digestsize = SHA256_DIGEST_SIZE,	53	.dia_digestsize = SHA256_DIGEST_SIZE,
131	.dia_init = sha256_init,	54	.dia_init = sha256_init,
132	.dia_update = sha256_update,	55	.dia_update = s390_sha_update,
133	.dia_final = sha256_final } }	56	.dia_final = s390_sha_final } }
134	};	57	};
135		58
136	static int sha256_s390_init(void)	59	static int sha256_s390_init(void)
@@ -150,6 +73,5 @@ module_init(sha256_s390_init);
150	module_exit(sha256_s390_fini);	73	module_exit(sha256_s390_fini);
151		74
152	MODULE_ALIAS("sha256");	75	MODULE_ALIAS("sha256");
153
154	MODULE_LICENSE("GPL");	76	MODULE_LICENSE("GPL");
155	MODULE_DESCRIPTION("SHA256 Secure Hash Algorithm");	77	MODULE_DESCRIPTION("SHA256 Secure Hash Algorithm");


diff --git a/arch/s390/crypto/sha512_s390.c b/arch/s390/crypto/sha512_s390.c new file mode 100644 index 000000000000..23c7861f6aeb --- /dev/null +++ b/arch/s390/crypto/sha512_s390.c
@@ -0,0 +1,114 @@
		1	/*
		2	* Cryptographic API.
		3	*
		4	* s390 implementation of the SHA512 and SHA38 Secure Hash Algorithm.
		5	*
		6	* Copyright IBM Corp. 2007
		7	* Author(s): Jan Glauber (jang@de.ibm.com)
		8	*
		9	* This program is free software; you can redistribute it and/or modify it
		10	* under the terms of the GNU General Public License as published by the Free
		11	* Software Foundation; either version 2 of the License, or (at your option)
		12	* any later version.
		13	*
		14	*/
		15	#include <linux/init.h>
		16	#include <linux/module.h>
		17	#include <linux/crypto.h>
		18
		19	#include "sha.h"
		20	#include "crypt_s390.h"
		21
		22	static void sha512_init(struct crypto_tfm *tfm)
		23	{
		24	struct s390_sha_ctx *ctx = crypto_tfm_ctx(tfm);
		25
		26	(__u64 )&ctx->state[0] = 0x6a09e667f3bcc908ULL;
		27	(__u64 )&ctx->state[2] = 0xbb67ae8584caa73bULL;
		28	(__u64 )&ctx->state[4] = 0x3c6ef372fe94f82bULL;
		29	(__u64 )&ctx->state[6] = 0xa54ff53a5f1d36f1ULL;
		30	(__u64 )&ctx->state[8] = 0x510e527fade682d1ULL;
		31	(__u64 )&ctx->state[10] = 0x9b05688c2b3e6c1fULL;
		32	(__u64 )&ctx->state[12] = 0x1f83d9abfb41bd6bULL;
		33	(__u64 )&ctx->state[14] = 0x5be0cd19137e2179ULL;
		34	ctx->count = 0;
		35	ctx->func = KIMD_SHA_512;
		36	}
		37
		38	static struct crypto_alg sha512_alg = {
		39	.cra_name = "sha512",
		40	.cra_driver_name = "sha512-s390",
		41	.cra_priority = CRYPT_S390_PRIORITY,
		42	.cra_flags = CRYPTO_ALG_TYPE_DIGEST,
		43	.cra_blocksize = SHA512_BLOCK_SIZE,
		44	.cra_ctxsize = sizeof(struct s390_sha_ctx),
		45	.cra_module = THIS_MODULE,
		46	.cra_list = LIST_HEAD_INIT(sha512_alg.cra_list),
		47	.cra_u = { .digest = {
		48	.dia_digestsize = SHA512_DIGEST_SIZE,
		49	.dia_init = sha512_init,
		50	.dia_update = s390_sha_update,
		51	.dia_final = s390_sha_final } }
		52	};
		53
		54	MODULE_ALIAS("sha512");
		55
		56	static void sha384_init(struct crypto_tfm *tfm)
		57	{
		58	struct s390_sha_ctx *ctx = crypto_tfm_ctx(tfm);
		59
		60	(__u64 )&ctx->state[0] = 0xcbbb9d5dc1059ed8ULL;
		61	(__u64 )&ctx->state[2] = 0x629a292a367cd507ULL;
		62	(__u64 )&ctx->state[4] = 0x9159015a3070dd17ULL;
		63	(__u64 )&ctx->state[6] = 0x152fecd8f70e5939ULL;
		64	(__u64 )&ctx->state[8] = 0x67332667ffc00b31ULL;
		65	(__u64 )&ctx->state[10] = 0x8eb44a8768581511ULL;
		66	(__u64 )&ctx->state[12] = 0xdb0c2e0d64f98fa7ULL;
		67	(__u64 )&ctx->state[14] = 0x47b5481dbefa4fa4ULL;
		68	ctx->count = 0;
		69	ctx->func = KIMD_SHA_512;
		70	}
		71
		72	static struct crypto_alg sha384_alg = {
		73	.cra_name = "sha384",
		74	.cra_driver_name = "sha384-s390",
		75	.cra_priority = CRYPT_S390_PRIORITY,
		76	.cra_flags = CRYPTO_ALG_TYPE_DIGEST,
		77	.cra_blocksize = SHA384_BLOCK_SIZE,
		78	.cra_ctxsize = sizeof(struct s390_sha_ctx),
		79	.cra_module = THIS_MODULE,
		80	.cra_list = LIST_HEAD_INIT(sha384_alg.cra_list),
		81	.cra_u = { .digest = {
		82	.dia_digestsize = SHA384_DIGEST_SIZE,
		83	.dia_init = sha384_init,
		84	.dia_update = s390_sha_update,
		85	.dia_final = s390_sha_final } }
		86	};
		87
		88	MODULE_ALIAS("sha384");
		89
		90	static int __init init(void)
		91	{
		92	int ret;
		93
		94	if (!crypt_s390_func_available(KIMD_SHA_512))
		95	return -EOPNOTSUPP;
		96	if ((ret = crypto_register_alg(&sha512_alg)) < 0)
		97	goto out;
		98	if ((ret = crypto_register_alg(&sha384_alg)) < 0)
		99	crypto_unregister_alg(&sha512_alg);
		100	out:
		101	return ret;
		102	}
		103
		104	static void __exit fini(void)
		105	{
		106	crypto_unregister_alg(&sha512_alg);
		107	crypto_unregister_alg(&sha384_alg);
		108	}
		109
		110	module_init(init);
		111	module_exit(fini);
		112
		113	MODULE_LICENSE("GPL");
		114	MODULE_DESCRIPTION("SHA512 and SHA-384 Secure Hash Algorithm");


diff --git a/arch/s390/crypto/sha_common.c b/arch/s390/crypto/sha_common.c new file mode 100644 index 000000000000..9d6eb8c3d37e --- /dev/null +++ b/arch/s390/crypto/sha_common.c
@@ -0,0 +1,97 @@
		1	/*
		2	* Cryptographic API.
		3	*
		4	* s390 generic implementation of the SHA Secure Hash Algorithms.
		5	*
		6	* Copyright IBM Corp. 2007
		7	* Author(s): Jan Glauber (jang@de.ibm.com)
		8	*
		9	* This program is free software; you can redistribute it and/or modify it
		10	* under the terms of the GNU General Public License as published by the Free
		11	* Software Foundation; either version 2 of the License, or (at your option)
		12	* any later version.
		13	*
		14	*/
		15
		16	#include <linux/crypto.h>
		17	#include "sha.h"
		18	#include "crypt_s390.h"
		19
		20	void s390_sha_update(struct crypto_tfm tfm, const u8 data, unsigned int len)
		21	{
		22	struct s390_sha_ctx *ctx = crypto_tfm_ctx(tfm);
		23	unsigned int bsize = crypto_tfm_alg_blocksize(tfm);
		24	unsigned int index;
		25	int ret;
		26
		27	/* how much is already in the buffer? */
		28	index = ctx->count & (bsize - 1);
		29	ctx->count += len;
		30
		31	if ((index + len) < bsize)
		32	goto store;
		33
		34	/* process one stored block */
		35	if (index) {
		36	memcpy(ctx->buf + index, data, bsize - index);
		37	ret = crypt_s390_kimd(ctx->func, ctx->state, ctx->buf, bsize);
		38	BUG_ON(ret != bsize);
		39	data += bsize - index;
		40	len -= bsize - index;
		41	}
		42
		43	/* process as many blocks as possible */
		44	if (len >= bsize) {
		45	ret = crypt_s390_kimd(ctx->func, ctx->state, data,
		46	len & ~(bsize - 1));
		47	BUG_ON(ret != (len & ~(bsize - 1)));
		48	data += ret;
		49	len -= ret;
		50	}
		51	store:
		52	if (len)
		53	memcpy(ctx->buf + index , data, len);
		54	}
		55	EXPORT_SYMBOL_GPL(s390_sha_update);
		56
		57	void s390_sha_final(struct crypto_tfm tfm, u8 out)
		58	{
		59	struct s390_sha_ctx *ctx = crypto_tfm_ctx(tfm);
		60	unsigned int bsize = crypto_tfm_alg_blocksize(tfm);
		61	u64 bits;
		62	unsigned int index, end, plen;
		63	int ret;
		64
		65	/* SHA-512 uses 128 bit padding length */
		66	plen = (bsize > SHA256_BLOCK_SIZE) ? 16 : 8;
		67
		68	/* must perform manual padding */
		69	index = ctx->count & (bsize - 1);
		70	end = (index < bsize - plen) ? bsize : (2 * bsize);
		71
		72	/* start pad with 1 */
		73	ctx->buf[index] = 0x80;
		74	index++;
		75
		76	/* pad with zeros */
		77	memset(ctx->buf + index, 0x00, end - index - 8);
		78
		79	/*
		80	* Append message length. Well, SHA-512 wants a 128 bit lenght value,
		81	* nevertheless we use u64, should be enough for now...
		82	*/
		83	bits = ctx->count * 8;
		84	memcpy(ctx->buf + end - 8, &bits, sizeof(bits));
		85
		86	ret = crypt_s390_kimd(ctx->func, ctx->state, ctx->buf, end);
		87	BUG_ON(ret != end);
		88
		89	/* copy digest to out */
		90	memcpy(out, ctx->state, crypto_hash_digestsize(crypto_hash_cast(tfm)));
		91	/* wipe context */
		92	memset(ctx, 0, sizeof *ctx);
		93	}
		94	EXPORT_SYMBOL_GPL(s390_sha_final);
		95
		96	MODULE_LICENSE("GPL");
		97	MODULE_DESCRIPTION("s390 SHA cipher common functions");


diff --git a/arch/x86/crypto/aes-i586-asm_32.S b/arch/x86/crypto/aes-i586-asm_32.S index 1093bede3e0a..e41b147f4509 100644 --- a/arch/x86/crypto/aes-i586-asm_32.S +++ b/arch/x86/crypto/aes-i586-asm_32.S
@@ -289,7 +289,6 @@ aes_enc_blk:
289	pop %ebx	289	pop %ebx
290	mov %r0,(%ebp)	290	mov %r0,(%ebp)
291	pop %ebp	291	pop %ebp
292	mov $1,%eax
293	ret	292	ret
294		293
295	// AES (Rijndael) Decryption Subroutine	294	// AES (Rijndael) Decryption Subroutine
@@ -365,6 +364,4 @@ aes_dec_blk:
365	pop %ebx	364	pop %ebx
366	mov %r0,(%ebp)	365	mov %r0,(%ebp)
367	pop %ebp	366	pop %ebp
368	mov $1,%eax
369	ret	367	ret
370