aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2013-07-05 15:12:33 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2013-07-05 15:12:33 -0400
commitb2c311075db578f1433d9b303698491bfa21279a (patch)
tree41d5f1b5ad6f45be7211f524328de81f7e9754be /crypto
parent45175476ae2dbebc860d5cf486f2916044343513 (diff)
parent02c0241b600e4ab8a732c89749e252165145d60c (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto update from Herbert Xu: - Do not idle omap device between crypto operations in one session. - Added sha224/sha384 shims for SSSE3. - More optimisations for camellia-aesni-avx2. - Removed defunct blowfish/twofish AVX2 implementations. - Added unaligned buffer self-tests. - Added PCLMULQDQ optimisation for CRCT10DIF. - Added support for Freescale's DCP co-processor - Misc fixes. * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (44 commits) crypto: testmgr - test hash implementations with unaligned buffers crypto: testmgr - test AEADs with unaligned buffers crypto: testmgr - test skciphers with unaligned buffers crypto: testmgr - check that entries in alg_test_descs are in correct order Revert "crypto: twofish - add AVX2/x86_64 assembler implementation of twofish cipher" Revert "crypto: blowfish - add AVX2/x86_64 implementation of blowfish cipher" crypto: camellia-aesni-avx2 - tune assembly code for more performance hwrng: bcm2835 - fix MODULE_LICENSE tag hwrng: nomadik - use clk_prepare_enable() crypto: picoxcell - replace strict_strtoul() with kstrtoul() crypto: dcp - Staticize local symbols crypto: dcp - Use NULL instead of 0 crypto: dcp - Use devm_* APIs crypto: dcp - Remove redundant platform_set_drvdata() hwrng: use platform_{get,set}_drvdata() crypto: omap-aes - Don't idle/start AES device between Encrypt operations crypto: crct10dif - Use PTR_RET crypto: ux500 - Cocci spatch "resource_size.spatch" crypto: sha256_ssse3 - add sha224 support crypto: sha512_ssse3 - add sha384 support ...
Diffstat (limited to 'crypto')
-rw-r--r--crypto/Kconfig63
-rw-r--r--crypto/Makefile1
-rw-r--r--crypto/crct10dif.c178
-rw-r--r--crypto/sha512_generic.c2
-rw-r--r--crypto/tcrypt.c8
-rw-r--r--crypto/testmgr.c176
-rw-r--r--crypto/testmgr.h33
7 files changed, 381 insertions, 80 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig
index bf8148e74e73..904ffe838567 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -376,6 +376,25 @@ config CRYPTO_CRC32_PCLMUL
376 which will enable any routine to use the CRC-32-IEEE 802.3 checksum 376 which will enable any routine to use the CRC-32-IEEE 802.3 checksum
377 and gain better performance as compared with the table implementation. 377 and gain better performance as compared with the table implementation.
378 378
379config CRYPTO_CRCT10DIF
380 tristate "CRCT10DIF algorithm"
381 select CRYPTO_HASH
382 help
383 CRC T10 Data Integrity Field computation is being cast as
384 a crypto transform. This allows for faster crc t10 diff
385 transforms to be used if they are available.
386
387config CRYPTO_CRCT10DIF_PCLMUL
388 tristate "CRCT10DIF PCLMULQDQ hardware acceleration"
389 depends on X86 && 64BIT && CRC_T10DIF
390 select CRYPTO_HASH
391 help
392 For x86_64 processors with SSE4.2 and PCLMULQDQ supported,
393 CRC T10 DIF PCLMULQDQ computation can be hardware
394 accelerated PCLMULQDQ instruction. This option will create
395 'crct10dif-plcmul' module, which is faster when computing the
396 crct10dif checksum as compared with the generic table implementation.
397
379config CRYPTO_GHASH 398config CRYPTO_GHASH
380 tristate "GHASH digest algorithm" 399 tristate "GHASH digest algorithm"
381 select CRYPTO_GF128MUL 400 select CRYPTO_GF128MUL
@@ -820,25 +839,6 @@ config CRYPTO_BLOWFISH_X86_64
820 See also: 839 See also:
821 <http://www.schneier.com/blowfish.html> 840 <http://www.schneier.com/blowfish.html>
822 841
823config CRYPTO_BLOWFISH_AVX2_X86_64
824 tristate "Blowfish cipher algorithm (x86_64/AVX2)"
825 depends on X86 && 64BIT
826 depends on BROKEN
827 select CRYPTO_ALGAPI
828 select CRYPTO_CRYPTD
829 select CRYPTO_ABLK_HELPER_X86
830 select CRYPTO_BLOWFISH_COMMON
831 select CRYPTO_BLOWFISH_X86_64
832 help
833 Blowfish cipher algorithm (x86_64/AVX2), by Bruce Schneier.
834
835 This is a variable key length cipher which can use keys from 32
836 bits to 448 bits in length. It's fast, simple and specifically
837 designed for use on "large microprocessors".
838
839 See also:
840 <http://www.schneier.com/blowfish.html>
841
842config CRYPTO_CAMELLIA 842config CRYPTO_CAMELLIA
843 tristate "Camellia cipher algorithms" 843 tristate "Camellia cipher algorithms"
844 depends on CRYPTO 844 depends on CRYPTO
@@ -1297,31 +1297,6 @@ config CRYPTO_TWOFISH_AVX_X86_64
1297 See also: 1297 See also:
1298 <http://www.schneier.com/twofish.html> 1298 <http://www.schneier.com/twofish.html>
1299 1299
1300config CRYPTO_TWOFISH_AVX2_X86_64
1301 tristate "Twofish cipher algorithm (x86_64/AVX2)"
1302 depends on X86 && 64BIT
1303 depends on BROKEN
1304 select CRYPTO_ALGAPI
1305 select CRYPTO_CRYPTD
1306 select CRYPTO_ABLK_HELPER_X86
1307 select CRYPTO_GLUE_HELPER_X86
1308 select CRYPTO_TWOFISH_COMMON
1309 select CRYPTO_TWOFISH_X86_64
1310 select CRYPTO_TWOFISH_X86_64_3WAY
1311 select CRYPTO_TWOFISH_AVX_X86_64
1312 select CRYPTO_LRW
1313 select CRYPTO_XTS
1314 help
1315 Twofish cipher algorithm (x86_64/AVX2).
1316
1317 Twofish was submitted as an AES (Advanced Encryption Standard)
1318 candidate cipher by researchers at CounterPane Systems. It is a
1319 16 round block cipher supporting key sizes of 128, 192, and 256
1320 bits.
1321
1322 See also:
1323 <http://www.schneier.com/twofish.html>
1324
1325comment "Compression" 1300comment "Compression"
1326 1301
1327config CRYPTO_DEFLATE 1302config CRYPTO_DEFLATE
diff --git a/crypto/Makefile b/crypto/Makefile
index a8e9b0fefbe9..62af87df8729 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -83,6 +83,7 @@ obj-$(CONFIG_CRYPTO_ZLIB) += zlib.o
83obj-$(CONFIG_CRYPTO_MICHAEL_MIC) += michael_mic.o 83obj-$(CONFIG_CRYPTO_MICHAEL_MIC) += michael_mic.o
84obj-$(CONFIG_CRYPTO_CRC32C) += crc32c.o 84obj-$(CONFIG_CRYPTO_CRC32C) += crc32c.o
85obj-$(CONFIG_CRYPTO_CRC32) += crc32.o 85obj-$(CONFIG_CRYPTO_CRC32) += crc32.o
86obj-$(CONFIG_CRYPTO_CRCT10DIF) += crct10dif.o
86obj-$(CONFIG_CRYPTO_AUTHENC) += authenc.o authencesn.o 87obj-$(CONFIG_CRYPTO_AUTHENC) += authenc.o authencesn.o
87obj-$(CONFIG_CRYPTO_LZO) += lzo.o 88obj-$(CONFIG_CRYPTO_LZO) += lzo.o
88obj-$(CONFIG_CRYPTO_842) += 842.o 89obj-$(CONFIG_CRYPTO_842) += 842.o
diff --git a/crypto/crct10dif.c b/crypto/crct10dif.c
new file mode 100644
index 000000000000..92aca96d6b98
--- /dev/null
+++ b/crypto/crct10dif.c
@@ -0,0 +1,178 @@
1/*
2 * Cryptographic API.
3 *
4 * T10 Data Integrity Field CRC16 Crypto Transform
5 *
6 * Copyright (c) 2007 Oracle Corporation. All rights reserved.
7 * Written by Martin K. Petersen <martin.petersen@oracle.com>
8 * Copyright (C) 2013 Intel Corporation
9 * Author: Tim Chen <tim.c.chen@linux.intel.com>
10 *
11 * This program is free software; you can redistribute it and/or modify it
12 * under the terms of the GNU General Public License as published by the Free
13 * Software Foundation; either version 2 of the License, or (at your option)
14 * any later version.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
20 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
21 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
22 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 * SOFTWARE.
24 *
25 */
26
27#include <linux/types.h>
28#include <linux/module.h>
29#include <linux/crc-t10dif.h>
30#include <crypto/internal/hash.h>
31#include <linux/init.h>
32#include <linux/string.h>
33#include <linux/kernel.h>
34
35struct chksum_desc_ctx {
36 __u16 crc;
37};
38
39/* Table generated using the following polynomium:
40 * x^16 + x^15 + x^11 + x^9 + x^8 + x^7 + x^5 + x^4 + x^2 + x + 1
41 * gt: 0x8bb7
42 */
43static const __u16 t10_dif_crc_table[256] = {
44 0x0000, 0x8BB7, 0x9CD9, 0x176E, 0xB205, 0x39B2, 0x2EDC, 0xA56B,
45 0xEFBD, 0x640A, 0x7364, 0xF8D3, 0x5DB8, 0xD60F, 0xC161, 0x4AD6,
46 0x54CD, 0xDF7A, 0xC814, 0x43A3, 0xE6C8, 0x6D7F, 0x7A11, 0xF1A6,
47 0xBB70, 0x30C7, 0x27A9, 0xAC1E, 0x0975, 0x82C2, 0x95AC, 0x1E1B,
48 0xA99A, 0x222D, 0x3543, 0xBEF4, 0x1B9F, 0x9028, 0x8746, 0x0CF1,
49 0x4627, 0xCD90, 0xDAFE, 0x5149, 0xF422, 0x7F95, 0x68FB, 0xE34C,
50 0xFD57, 0x76E0, 0x618E, 0xEA39, 0x4F52, 0xC4E5, 0xD38B, 0x583C,
51 0x12EA, 0x995D, 0x8E33, 0x0584, 0xA0EF, 0x2B58, 0x3C36, 0xB781,
52 0xD883, 0x5334, 0x445A, 0xCFED, 0x6A86, 0xE131, 0xF65F, 0x7DE8,
53 0x373E, 0xBC89, 0xABE7, 0x2050, 0x853B, 0x0E8C, 0x19E2, 0x9255,
54 0x8C4E, 0x07F9, 0x1097, 0x9B20, 0x3E4B, 0xB5FC, 0xA292, 0x2925,
55 0x63F3, 0xE844, 0xFF2A, 0x749D, 0xD1F6, 0x5A41, 0x4D2F, 0xC698,
56 0x7119, 0xFAAE, 0xEDC0, 0x6677, 0xC31C, 0x48AB, 0x5FC5, 0xD472,
57 0x9EA4, 0x1513, 0x027D, 0x89CA, 0x2CA1, 0xA716, 0xB078, 0x3BCF,
58 0x25D4, 0xAE63, 0xB90D, 0x32BA, 0x97D1, 0x1C66, 0x0B08, 0x80BF,
59 0xCA69, 0x41DE, 0x56B0, 0xDD07, 0x786C, 0xF3DB, 0xE4B5, 0x6F02,
60 0x3AB1, 0xB106, 0xA668, 0x2DDF, 0x88B4, 0x0303, 0x146D, 0x9FDA,
61 0xD50C, 0x5EBB, 0x49D5, 0xC262, 0x6709, 0xECBE, 0xFBD0, 0x7067,
62 0x6E7C, 0xE5CB, 0xF2A5, 0x7912, 0xDC79, 0x57CE, 0x40A0, 0xCB17,
63 0x81C1, 0x0A76, 0x1D18, 0x96AF, 0x33C4, 0xB873, 0xAF1D, 0x24AA,
64 0x932B, 0x189C, 0x0FF2, 0x8445, 0x212E, 0xAA99, 0xBDF7, 0x3640,
65 0x7C96, 0xF721, 0xE04F, 0x6BF8, 0xCE93, 0x4524, 0x524A, 0xD9FD,
66 0xC7E6, 0x4C51, 0x5B3F, 0xD088, 0x75E3, 0xFE54, 0xE93A, 0x628D,
67 0x285B, 0xA3EC, 0xB482, 0x3F35, 0x9A5E, 0x11E9, 0x0687, 0x8D30,
68 0xE232, 0x6985, 0x7EEB, 0xF55C, 0x5037, 0xDB80, 0xCCEE, 0x4759,
69 0x0D8F, 0x8638, 0x9156, 0x1AE1, 0xBF8A, 0x343D, 0x2353, 0xA8E4,
70 0xB6FF, 0x3D48, 0x2A26, 0xA191, 0x04FA, 0x8F4D, 0x9823, 0x1394,
71 0x5942, 0xD2F5, 0xC59B, 0x4E2C, 0xEB47, 0x60F0, 0x779E, 0xFC29,
72 0x4BA8, 0xC01F, 0xD771, 0x5CC6, 0xF9AD, 0x721A, 0x6574, 0xEEC3,
73 0xA415, 0x2FA2, 0x38CC, 0xB37B, 0x1610, 0x9DA7, 0x8AC9, 0x017E,
74 0x1F65, 0x94D2, 0x83BC, 0x080B, 0xAD60, 0x26D7, 0x31B9, 0xBA0E,
75 0xF0D8, 0x7B6F, 0x6C01, 0xE7B6, 0x42DD, 0xC96A, 0xDE04, 0x55B3
76};
77
78__u16 crc_t10dif_generic(__u16 crc, const unsigned char *buffer, size_t len)
79{
80 unsigned int i;
81
82 for (i = 0 ; i < len ; i++)
83 crc = (crc << 8) ^ t10_dif_crc_table[((crc >> 8) ^ buffer[i]) & 0xff];
84
85 return crc;
86}
87EXPORT_SYMBOL(crc_t10dif_generic);
88
89/*
90 * Steps through buffer one byte at at time, calculates reflected
91 * crc using table.
92 */
93
94static int chksum_init(struct shash_desc *desc)
95{
96 struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
97
98 ctx->crc = 0;
99
100 return 0;
101}
102
103static int chksum_update(struct shash_desc *desc, const u8 *data,
104 unsigned int length)
105{
106 struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
107
108 ctx->crc = crc_t10dif_generic(ctx->crc, data, length);
109 return 0;
110}
111
112static int chksum_final(struct shash_desc *desc, u8 *out)
113{
114 struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
115
116 *(__u16 *)out = ctx->crc;
117 return 0;
118}
119
120static int __chksum_finup(__u16 *crcp, const u8 *data, unsigned int len,
121 u8 *out)
122{
123 *(__u16 *)out = crc_t10dif_generic(*crcp, data, len);
124 return 0;
125}
126
127static int chksum_finup(struct shash_desc *desc, const u8 *data,
128 unsigned int len, u8 *out)
129{
130 struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
131
132 return __chksum_finup(&ctx->crc, data, len, out);
133}
134
135static int chksum_digest(struct shash_desc *desc, const u8 *data,
136 unsigned int length, u8 *out)
137{
138 struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
139
140 return __chksum_finup(&ctx->crc, data, length, out);
141}
142
143static struct shash_alg alg = {
144 .digestsize = CRC_T10DIF_DIGEST_SIZE,
145 .init = chksum_init,
146 .update = chksum_update,
147 .final = chksum_final,
148 .finup = chksum_finup,
149 .digest = chksum_digest,
150 .descsize = sizeof(struct chksum_desc_ctx),
151 .base = {
152 .cra_name = "crct10dif",
153 .cra_driver_name = "crct10dif-generic",
154 .cra_priority = 100,
155 .cra_blocksize = CRC_T10DIF_BLOCK_SIZE,
156 .cra_module = THIS_MODULE,
157 }
158};
159
160static int __init crct10dif_mod_init(void)
161{
162 int ret;
163
164 ret = crypto_register_shash(&alg);
165 return ret;
166}
167
168static void __exit crct10dif_mod_fini(void)
169{
170 crypto_unregister_shash(&alg);
171}
172
173module_init(crct10dif_mod_init);
174module_exit(crct10dif_mod_fini);
175
176MODULE_AUTHOR("Tim Chen <tim.c.chen@linux.intel.com>");
177MODULE_DESCRIPTION("T10 DIF CRC calculation.");
178MODULE_LICENSE("GPL");
diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c
index 4c5862095679..6ed124f3ea0f 100644
--- a/crypto/sha512_generic.c
+++ b/crypto/sha512_generic.c
@@ -251,6 +251,7 @@ static struct shash_alg sha512_algs[2] = { {
251 .descsize = sizeof(struct sha512_state), 251 .descsize = sizeof(struct sha512_state),
252 .base = { 252 .base = {
253 .cra_name = "sha512", 253 .cra_name = "sha512",
254 .cra_driver_name = "sha512-generic",
254 .cra_flags = CRYPTO_ALG_TYPE_SHASH, 255 .cra_flags = CRYPTO_ALG_TYPE_SHASH,
255 .cra_blocksize = SHA512_BLOCK_SIZE, 256 .cra_blocksize = SHA512_BLOCK_SIZE,
256 .cra_module = THIS_MODULE, 257 .cra_module = THIS_MODULE,
@@ -263,6 +264,7 @@ static struct shash_alg sha512_algs[2] = { {
263 .descsize = sizeof(struct sha512_state), 264 .descsize = sizeof(struct sha512_state),
264 .base = { 265 .base = {
265 .cra_name = "sha384", 266 .cra_name = "sha384",
267 .cra_driver_name = "sha384-generic",
266 .cra_flags = CRYPTO_ALG_TYPE_SHASH, 268 .cra_flags = CRYPTO_ALG_TYPE_SHASH,
267 .cra_blocksize = SHA384_BLOCK_SIZE, 269 .cra_blocksize = SHA384_BLOCK_SIZE,
268 .cra_module = THIS_MODULE, 270 .cra_module = THIS_MODULE,
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 66d254ce0d11..25a5934f0e50 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -1174,6 +1174,10 @@ static int do_test(int m)
1174 ret += tcrypt_test("ghash"); 1174 ret += tcrypt_test("ghash");
1175 break; 1175 break;
1176 1176
1177 case 47:
1178 ret += tcrypt_test("crct10dif");
1179 break;
1180
1177 case 100: 1181 case 100:
1178 ret += tcrypt_test("hmac(md5)"); 1182 ret += tcrypt_test("hmac(md5)");
1179 break; 1183 break;
@@ -1498,6 +1502,10 @@ static int do_test(int m)
1498 test_hash_speed("crc32c", sec, generic_hash_speed_template); 1502 test_hash_speed("crc32c", sec, generic_hash_speed_template);
1499 if (mode > 300 && mode < 400) break; 1503 if (mode > 300 && mode < 400) break;
1500 1504
1505 case 320:
1506 test_hash_speed("crct10dif", sec, generic_hash_speed_template);
1507 if (mode > 300 && mode < 400) break;
1508
1501 case 399: 1509 case 399:
1502 break; 1510 break;
1503 1511
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 5823735cf381..2f00607039e2 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -184,8 +184,9 @@ static int do_one_async_hash_op(struct ahash_request *req,
184 return ret; 184 return ret;
185} 185}
186 186
187static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template, 187static int __test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
188 unsigned int tcount, bool use_digest) 188 unsigned int tcount, bool use_digest,
189 const int align_offset)
189{ 190{
190 const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm)); 191 const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm));
191 unsigned int i, j, k, temp; 192 unsigned int i, j, k, temp;
@@ -216,10 +217,15 @@ static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
216 if (template[i].np) 217 if (template[i].np)
217 continue; 218 continue;
218 219
220 ret = -EINVAL;
221 if (WARN_ON(align_offset + template[i].psize > PAGE_SIZE))
222 goto out;
223
219 j++; 224 j++;
220 memset(result, 0, 64); 225 memset(result, 0, 64);
221 226
222 hash_buff = xbuf[0]; 227 hash_buff = xbuf[0];
228 hash_buff += align_offset;
223 229
224 memcpy(hash_buff, template[i].plaintext, template[i].psize); 230 memcpy(hash_buff, template[i].plaintext, template[i].psize);
225 sg_init_one(&sg[0], hash_buff, template[i].psize); 231 sg_init_one(&sg[0], hash_buff, template[i].psize);
@@ -281,6 +287,10 @@ static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
281 287
282 j = 0; 288 j = 0;
283 for (i = 0; i < tcount; i++) { 289 for (i = 0; i < tcount; i++) {
290 /* alignment tests are only done with continuous buffers */
291 if (align_offset != 0)
292 break;
293
284 if (template[i].np) { 294 if (template[i].np) {
285 j++; 295 j++;
286 memset(result, 0, 64); 296 memset(result, 0, 64);
@@ -358,9 +368,36 @@ out_nobuf:
358 return ret; 368 return ret;
359} 369}
360 370
371static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
372 unsigned int tcount, bool use_digest)
373{
374 unsigned int alignmask;
375 int ret;
376
377 ret = __test_hash(tfm, template, tcount, use_digest, 0);
378 if (ret)
379 return ret;
380
381 /* test unaligned buffers, check with one byte offset */
382 ret = __test_hash(tfm, template, tcount, use_digest, 1);
383 if (ret)
384 return ret;
385
386 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
387 if (alignmask) {
388 /* Check if alignment mask for tfm is correctly set. */
389 ret = __test_hash(tfm, template, tcount, use_digest,
390 alignmask + 1);
391 if (ret)
392 return ret;
393 }
394
395 return 0;
396}
397
361static int __test_aead(struct crypto_aead *tfm, int enc, 398static int __test_aead(struct crypto_aead *tfm, int enc,
362 struct aead_testvec *template, unsigned int tcount, 399 struct aead_testvec *template, unsigned int tcount,
363 const bool diff_dst) 400 const bool diff_dst, const int align_offset)
364{ 401{
365 const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)); 402 const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
366 unsigned int i, j, k, n, temp; 403 unsigned int i, j, k, n, temp;
@@ -423,15 +460,16 @@ static int __test_aead(struct crypto_aead *tfm, int enc,
423 if (!template[i].np) { 460 if (!template[i].np) {
424 j++; 461 j++;
425 462
426 /* some tepmplates have no input data but they will 463 /* some templates have no input data but they will
427 * touch input 464 * touch input
428 */ 465 */
429 input = xbuf[0]; 466 input = xbuf[0];
467 input += align_offset;
430 assoc = axbuf[0]; 468 assoc = axbuf[0];
431 469
432 ret = -EINVAL; 470 ret = -EINVAL;
433 if (WARN_ON(template[i].ilen > PAGE_SIZE || 471 if (WARN_ON(align_offset + template[i].ilen >
434 template[i].alen > PAGE_SIZE)) 472 PAGE_SIZE || template[i].alen > PAGE_SIZE))
435 goto out; 473 goto out;
436 474
437 memcpy(input, template[i].input, template[i].ilen); 475 memcpy(input, template[i].input, template[i].ilen);
@@ -470,6 +508,7 @@ static int __test_aead(struct crypto_aead *tfm, int enc,
470 508
471 if (diff_dst) { 509 if (diff_dst) {
472 output = xoutbuf[0]; 510 output = xoutbuf[0];
511 output += align_offset;
473 sg_init_one(&sgout[0], output, 512 sg_init_one(&sgout[0], output,
474 template[i].ilen + 513 template[i].ilen +
475 (enc ? authsize : 0)); 514 (enc ? authsize : 0));
@@ -530,6 +569,10 @@ static int __test_aead(struct crypto_aead *tfm, int enc,
530 } 569 }
531 570
532 for (i = 0, j = 0; i < tcount; i++) { 571 for (i = 0, j = 0; i < tcount; i++) {
572 /* alignment tests are only done with continuous buffers */
573 if (align_offset != 0)
574 break;
575
533 if (template[i].np) { 576 if (template[i].np) {
534 j++; 577 j++;
535 578
@@ -732,15 +775,34 @@ out_noxbuf:
732static int test_aead(struct crypto_aead *tfm, int enc, 775static int test_aead(struct crypto_aead *tfm, int enc,
733 struct aead_testvec *template, unsigned int tcount) 776 struct aead_testvec *template, unsigned int tcount)
734{ 777{
778 unsigned int alignmask;
735 int ret; 779 int ret;
736 780
737 /* test 'dst == src' case */ 781 /* test 'dst == src' case */
738 ret = __test_aead(tfm, enc, template, tcount, false); 782 ret = __test_aead(tfm, enc, template, tcount, false, 0);
739 if (ret) 783 if (ret)
740 return ret; 784 return ret;
741 785
742 /* test 'dst != src' case */ 786 /* test 'dst != src' case */
743 return __test_aead(tfm, enc, template, tcount, true); 787 ret = __test_aead(tfm, enc, template, tcount, true, 0);
788 if (ret)
789 return ret;
790
791 /* test unaligned buffers, check with one byte offset */
792 ret = __test_aead(tfm, enc, template, tcount, true, 1);
793 if (ret)
794 return ret;
795
796 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
797 if (alignmask) {
798 /* Check if alignment mask for tfm is correctly set. */
799 ret = __test_aead(tfm, enc, template, tcount, true,
800 alignmask + 1);
801 if (ret)
802 return ret;
803 }
804
805 return 0;
744} 806}
745 807
746static int test_cipher(struct crypto_cipher *tfm, int enc, 808static int test_cipher(struct crypto_cipher *tfm, int enc,
@@ -820,7 +882,7 @@ out_nobuf:
820 882
821static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc, 883static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc,
822 struct cipher_testvec *template, unsigned int tcount, 884 struct cipher_testvec *template, unsigned int tcount,
823 const bool diff_dst) 885 const bool diff_dst, const int align_offset)
824{ 886{
825 const char *algo = 887 const char *algo =
826 crypto_tfm_alg_driver_name(crypto_ablkcipher_tfm(tfm)); 888 crypto_tfm_alg_driver_name(crypto_ablkcipher_tfm(tfm));
@@ -876,10 +938,12 @@ static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc,
876 j++; 938 j++;
877 939
878 ret = -EINVAL; 940 ret = -EINVAL;
879 if (WARN_ON(template[i].ilen > PAGE_SIZE)) 941 if (WARN_ON(align_offset + template[i].ilen >
942 PAGE_SIZE))
880 goto out; 943 goto out;
881 944
882 data = xbuf[0]; 945 data = xbuf[0];
946 data += align_offset;
883 memcpy(data, template[i].input, template[i].ilen); 947 memcpy(data, template[i].input, template[i].ilen);
884 948
885 crypto_ablkcipher_clear_flags(tfm, ~0); 949 crypto_ablkcipher_clear_flags(tfm, ~0);
@@ -900,6 +964,7 @@ static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc,
900 sg_init_one(&sg[0], data, template[i].ilen); 964 sg_init_one(&sg[0], data, template[i].ilen);
901 if (diff_dst) { 965 if (diff_dst) {
902 data = xoutbuf[0]; 966 data = xoutbuf[0];
967 data += align_offset;
903 sg_init_one(&sgout[0], data, template[i].ilen); 968 sg_init_one(&sgout[0], data, template[i].ilen);
904 } 969 }
905 970
@@ -941,6 +1006,9 @@ static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc,
941 1006
942 j = 0; 1007 j = 0;
943 for (i = 0; i < tcount; i++) { 1008 for (i = 0; i < tcount; i++) {
1009 /* alignment tests are only done with continuous buffers */
1010 if (align_offset != 0)
1011 break;
944 1012
945 if (template[i].iv) 1013 if (template[i].iv)
946 memcpy(iv, template[i].iv, MAX_IVLEN); 1014 memcpy(iv, template[i].iv, MAX_IVLEN);
@@ -1075,15 +1143,34 @@ out_nobuf:
1075static int test_skcipher(struct crypto_ablkcipher *tfm, int enc, 1143static int test_skcipher(struct crypto_ablkcipher *tfm, int enc,
1076 struct cipher_testvec *template, unsigned int tcount) 1144 struct cipher_testvec *template, unsigned int tcount)
1077{ 1145{
1146 unsigned int alignmask;
1078 int ret; 1147 int ret;
1079 1148
1080 /* test 'dst == src' case */ 1149 /* test 'dst == src' case */
1081 ret = __test_skcipher(tfm, enc, template, tcount, false); 1150 ret = __test_skcipher(tfm, enc, template, tcount, false, 0);
1082 if (ret) 1151 if (ret)
1083 return ret; 1152 return ret;
1084 1153
1085 /* test 'dst != src' case */ 1154 /* test 'dst != src' case */
1086 return __test_skcipher(tfm, enc, template, tcount, true); 1155 ret = __test_skcipher(tfm, enc, template, tcount, true, 0);
1156 if (ret)
1157 return ret;
1158
1159 /* test unaligned buffers, check with one byte offset */
1160 ret = __test_skcipher(tfm, enc, template, tcount, true, 1);
1161 if (ret)
1162 return ret;
1163
1164 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
1165 if (alignmask) {
1166 /* Check if alignment mask for tfm is correctly set. */
1167 ret = __test_skcipher(tfm, enc, template, tcount, true,
1168 alignmask + 1);
1169 if (ret)
1170 return ret;
1171 }
1172
1173 return 0;
1087} 1174}
1088 1175
1089static int test_comp(struct crypto_comp *tfm, struct comp_testvec *ctemplate, 1176static int test_comp(struct crypto_comp *tfm, struct comp_testvec *ctemplate,
@@ -1654,16 +1741,10 @@ static const struct alg_test_desc alg_test_descs[] = {
1654 .alg = "__cbc-twofish-avx", 1741 .alg = "__cbc-twofish-avx",
1655 .test = alg_test_null, 1742 .test = alg_test_null,
1656 }, { 1743 }, {
1657 .alg = "__cbc-twofish-avx2",
1658 .test = alg_test_null,
1659 }, {
1660 .alg = "__driver-cbc-aes-aesni", 1744 .alg = "__driver-cbc-aes-aesni",
1661 .test = alg_test_null, 1745 .test = alg_test_null,
1662 .fips_allowed = 1, 1746 .fips_allowed = 1,
1663 }, { 1747 }, {
1664 .alg = "__driver-cbc-blowfish-avx2",
1665 .test = alg_test_null,
1666 }, {
1667 .alg = "__driver-cbc-camellia-aesni", 1748 .alg = "__driver-cbc-camellia-aesni",
1668 .test = alg_test_null, 1749 .test = alg_test_null,
1669 }, { 1750 }, {
@@ -1688,16 +1769,10 @@ static const struct alg_test_desc alg_test_descs[] = {
1688 .alg = "__driver-cbc-twofish-avx", 1769 .alg = "__driver-cbc-twofish-avx",
1689 .test = alg_test_null, 1770 .test = alg_test_null,
1690 }, { 1771 }, {
1691 .alg = "__driver-cbc-twofish-avx2",
1692 .test = alg_test_null,
1693 }, {
1694 .alg = "__driver-ecb-aes-aesni", 1772 .alg = "__driver-ecb-aes-aesni",
1695 .test = alg_test_null, 1773 .test = alg_test_null,
1696 .fips_allowed = 1, 1774 .fips_allowed = 1,
1697 }, { 1775 }, {
1698 .alg = "__driver-ecb-blowfish-avx2",
1699 .test = alg_test_null,
1700 }, {
1701 .alg = "__driver-ecb-camellia-aesni", 1776 .alg = "__driver-ecb-camellia-aesni",
1702 .test = alg_test_null, 1777 .test = alg_test_null,
1703 }, { 1778 }, {
@@ -1722,9 +1797,6 @@ static const struct alg_test_desc alg_test_descs[] = {
1722 .alg = "__driver-ecb-twofish-avx", 1797 .alg = "__driver-ecb-twofish-avx",
1723 .test = alg_test_null, 1798 .test = alg_test_null,
1724 }, { 1799 }, {
1725 .alg = "__driver-ecb-twofish-avx2",
1726 .test = alg_test_null,
1727 }, {
1728 .alg = "__ghash-pclmulqdqni", 1800 .alg = "__ghash-pclmulqdqni",
1729 .test = alg_test_null, 1801 .test = alg_test_null,
1730 .fips_allowed = 1, 1802 .fips_allowed = 1,
@@ -1974,12 +2046,19 @@ static const struct alg_test_desc alg_test_descs[] = {
1974 } 2046 }
1975 } 2047 }
1976 }, { 2048 }, {
1977 .alg = "cryptd(__driver-cbc-aes-aesni)", 2049 .alg = "crct10dif",
1978 .test = alg_test_null, 2050 .test = alg_test_hash,
1979 .fips_allowed = 1, 2051 .fips_allowed = 1,
2052 .suite = {
2053 .hash = {
2054 .vecs = crct10dif_tv_template,
2055 .count = CRCT10DIF_TEST_VECTORS
2056 }
2057 }
1980 }, { 2058 }, {
1981 .alg = "cryptd(__driver-cbc-blowfish-avx2)", 2059 .alg = "cryptd(__driver-cbc-aes-aesni)",
1982 .test = alg_test_null, 2060 .test = alg_test_null,
2061 .fips_allowed = 1,
1983 }, { 2062 }, {
1984 .alg = "cryptd(__driver-cbc-camellia-aesni)", 2063 .alg = "cryptd(__driver-cbc-camellia-aesni)",
1985 .test = alg_test_null, 2064 .test = alg_test_null,
@@ -1994,9 +2073,6 @@ static const struct alg_test_desc alg_test_descs[] = {
1994 .test = alg_test_null, 2073 .test = alg_test_null,
1995 .fips_allowed = 1, 2074 .fips_allowed = 1,
1996 }, { 2075 }, {
1997 .alg = "cryptd(__driver-ecb-blowfish-avx2)",
1998 .test = alg_test_null,
1999 }, {
2000 .alg = "cryptd(__driver-ecb-camellia-aesni)", 2076 .alg = "cryptd(__driver-ecb-camellia-aesni)",
2001 .test = alg_test_null, 2077 .test = alg_test_null,
2002 }, { 2078 }, {
@@ -2021,9 +2097,6 @@ static const struct alg_test_desc alg_test_descs[] = {
2021 .alg = "cryptd(__driver-ecb-twofish-avx)", 2097 .alg = "cryptd(__driver-ecb-twofish-avx)",
2022 .test = alg_test_null, 2098 .test = alg_test_null,
2023 }, { 2099 }, {
2024 .alg = "cryptd(__driver-ecb-twofish-avx2)",
2025 .test = alg_test_null,
2026 }, {
2027 .alg = "cryptd(__driver-gcm-aes-aesni)", 2100 .alg = "cryptd(__driver-gcm-aes-aesni)",
2028 .test = alg_test_null, 2101 .test = alg_test_null,
2029 .fips_allowed = 1, 2102 .fips_allowed = 1,
@@ -3068,6 +3141,35 @@ static const struct alg_test_desc alg_test_descs[] = {
3068 } 3141 }
3069}; 3142};
3070 3143
3144static bool alg_test_descs_checked;
3145
3146static void alg_test_descs_check_order(void)
3147{
3148 int i;
3149
3150 /* only check once */
3151 if (alg_test_descs_checked)
3152 return;
3153
3154 alg_test_descs_checked = true;
3155
3156 for (i = 1; i < ARRAY_SIZE(alg_test_descs); i++) {
3157 int diff = strcmp(alg_test_descs[i - 1].alg,
3158 alg_test_descs[i].alg);
3159
3160 if (WARN_ON(diff > 0)) {
3161 pr_warn("testmgr: alg_test_descs entries in wrong order: '%s' before '%s'\n",
3162 alg_test_descs[i - 1].alg,
3163 alg_test_descs[i].alg);
3164 }
3165
3166 if (WARN_ON(diff == 0)) {
3167 pr_warn("testmgr: duplicate alg_test_descs entry: '%s'\n",
3168 alg_test_descs[i].alg);
3169 }
3170 }
3171}
3172
3071static int alg_find_test(const char *alg) 3173static int alg_find_test(const char *alg)
3072{ 3174{
3073 int start = 0; 3175 int start = 0;
@@ -3099,6 +3201,8 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
3099 int j; 3201 int j;
3100 int rc; 3202 int rc;
3101 3203
3204 alg_test_descs_check_order();
3205
3102 if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) { 3206 if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) {
3103 char nalg[CRYPTO_MAX_ALG_NAME]; 3207 char nalg[CRYPTO_MAX_ALG_NAME];
3104 3208
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 1e701bc075b9..7d44aa3d6b44 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -450,6 +450,39 @@ static struct hash_testvec rmd320_tv_template[] = {
450 } 450 }
451}; 451};
452 452
453#define CRCT10DIF_TEST_VECTORS 3
454static struct hash_testvec crct10dif_tv_template[] = {
455 {
456 .plaintext = "abc",
457 .psize = 3,
458#ifdef __LITTLE_ENDIAN
459 .digest = "\x3b\x44",
460#else
461 .digest = "\x44\x3b",
462#endif
463 }, {
464 .plaintext = "1234567890123456789012345678901234567890"
465 "123456789012345678901234567890123456789",
466 .psize = 79,
467#ifdef __LITTLE_ENDIAN
468 .digest = "\x70\x4b",
469#else
470 .digest = "\x4b\x70",
471#endif
472 }, {
473 .plaintext =
474 "abcddddddddddddddddddddddddddddddddddddddddddddddddddddd",
475 .psize = 56,
476#ifdef __LITTLE_ENDIAN
477 .digest = "\xe3\x9c",
478#else
479 .digest = "\x9c\xe3",
480#endif
481 .np = 2,
482 .tap = { 28, 28 }
483 }
484};
485
453/* 486/*
454 * SHA1 test vectors from from FIPS PUB 180-1 487 * SHA1 test vectors from from FIPS PUB 180-1
455 * Long vector from CAVS 5.0 488 * Long vector from CAVS 5.0
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-17 11:00:46 -0500