aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--arch/arm/mach-nomadik/cpu-8815.c8
-rw-r--r--arch/s390/crypto/aes_s390.c6
-rw-r--r--crypto/Kconfig10
-rw-r--r--crypto/Makefile1
-rw-r--r--crypto/ablkcipher.c4
-rw-r--r--crypto/aead.c4
-rw-r--r--crypto/aes_generic.c4
-rw-r--r--crypto/algapi.c4
-rw-r--r--crypto/anubis.c22
-rw-r--r--crypto/api.c13
-rw-r--r--crypto/authenc.c10
-rw-r--r--crypto/blowfish.c18
-rw-r--r--crypto/camellia.c616
-rw-r--r--crypto/cast5.c14
-rw-r--r--crypto/cast6.c122
-rw-r--r--crypto/cipher.c2
-rw-r--r--crypto/compress.c4
-rw-r--r--crypto/crc32c.c6
-rw-r--r--crypto/crypto_null.c8
-rw-r--r--crypto/deflate.c20
-rw-r--r--crypto/des_generic.c3
-rw-r--r--crypto/ecb.c2
-rw-r--r--crypto/fcrypt.c6
-rw-r--r--crypto/gcm.c287
-rw-r--r--crypto/md5.c40
-rw-r--r--crypto/pcrypt.c445
-rw-r--r--crypto/testmgr.c84
-rw-r--r--drivers/char/hw_random/Kconfig12
-rw-r--r--drivers/char/hw_random/Makefile1
-rw-r--r--drivers/char/hw_random/nomadik-rng.c103
-rw-r--r--drivers/crypto/amcc/crypto4xx_core.c2
-rw-r--r--drivers/crypto/geode-aes.c8
-rw-r--r--drivers/crypto/talitos.c2
-rw-r--r--include/crypto/md5.h17
-rw-r--r--include/crypto/pcrypt.h51
-rw-r--r--include/linux/padata.h88
-rw-r--r--include/linux/pfkeyv2.h1
-rw-r--r--init/Kconfig4
-rw-r--r--kernel/Makefile1
-rw-r--r--kernel/padata.c690
-rw-r--r--net/xfrm/xfrm_algo.c16
41 files changed, 2293 insertions, 466 deletions
diff --git a/arch/arm/mach-nomadik/cpu-8815.c b/arch/arm/mach-nomadik/cpu-8815.c
index f93c59634191..9bf33b30a025 100644
--- a/arch/arm/mach-nomadik/cpu-8815.c
+++ b/arch/arm/mach-nomadik/cpu-8815.c
@@ -86,11 +86,19 @@ static struct amba_device cpu8815_amba_gpio[] = {
86 }, 86 },
87}; 87};
88 88
89static struct amba_device cpu8815_amba_rng = {
90 .dev = {
91 .init_name = "rng",
92 },
93 __MEM_4K_RESOURCE(NOMADIK_RNG_BASE),
94};
95
89static struct amba_device *amba_devs[] __initdata = { 96static struct amba_device *amba_devs[] __initdata = {
90 cpu8815_amba_gpio + 0, 97 cpu8815_amba_gpio + 0,
91 cpu8815_amba_gpio + 1, 98 cpu8815_amba_gpio + 1,
92 cpu8815_amba_gpio + 2, 99 cpu8815_amba_gpio + 2,
93 cpu8815_amba_gpio + 3, 100 cpu8815_amba_gpio + 3,
101 &cpu8815_amba_rng
94}; 102};
95 103
96static int __init cpu8815_init(void) 104static int __init cpu8815_init(void)
diff --git a/arch/s390/crypto/aes_s390.c b/arch/s390/crypto/aes_s390.c
index 6be4503201ac..58f46734465f 100644
--- a/arch/s390/crypto/aes_s390.c
+++ b/arch/s390/crypto/aes_s390.c
@@ -78,14 +78,14 @@ static int setkey_fallback_cip(struct crypto_tfm *tfm, const u8 *in_key,
78 struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm); 78 struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
79 int ret; 79 int ret;
80 80
81 sctx->fallback.blk->base.crt_flags &= ~CRYPTO_TFM_REQ_MASK; 81 sctx->fallback.cip->base.crt_flags &= ~CRYPTO_TFM_REQ_MASK;
82 sctx->fallback.blk->base.crt_flags |= (tfm->crt_flags & 82 sctx->fallback.cip->base.crt_flags |= (tfm->crt_flags &
83 CRYPTO_TFM_REQ_MASK); 83 CRYPTO_TFM_REQ_MASK);
84 84
85 ret = crypto_cipher_setkey(sctx->fallback.cip, in_key, key_len); 85 ret = crypto_cipher_setkey(sctx->fallback.cip, in_key, key_len);
86 if (ret) { 86 if (ret) {
87 tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK; 87 tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
88 tfm->crt_flags |= (sctx->fallback.blk->base.crt_flags & 88 tfm->crt_flags |= (sctx->fallback.cip->base.crt_flags &
89 CRYPTO_TFM_RES_MASK); 89 CRYPTO_TFM_RES_MASK);
90 } 90 }
91 return ret; 91 return ret;
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 81c185a6971f..6a2e295ee227 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -114,6 +114,16 @@ config CRYPTO_NULL
114 help 114 help
115 These are 'Null' algorithms, used by IPsec, which do nothing. 115 These are 'Null' algorithms, used by IPsec, which do nothing.
116 116
117config CRYPTO_PCRYPT
118 tristate "Parallel crypto engine (EXPERIMENTAL)"
119 depends on SMP && EXPERIMENTAL
120 select PADATA
121 select CRYPTO_MANAGER
122 select CRYPTO_AEAD
123 help
124 This converts an arbitrary crypto algorithm into a parallel
125 algorithm that executes in kernel threads.
126
117config CRYPTO_WORKQUEUE 127config CRYPTO_WORKQUEUE
118 tristate 128 tristate
119 129
diff --git a/crypto/Makefile b/crypto/Makefile
index 9e8f61908cb5..d7e6441df7fe 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -56,6 +56,7 @@ obj-$(CONFIG_CRYPTO_XTS) += xts.o
56obj-$(CONFIG_CRYPTO_CTR) += ctr.o 56obj-$(CONFIG_CRYPTO_CTR) += ctr.o
57obj-$(CONFIG_CRYPTO_GCM) += gcm.o 57obj-$(CONFIG_CRYPTO_GCM) += gcm.o
58obj-$(CONFIG_CRYPTO_CCM) += ccm.o 58obj-$(CONFIG_CRYPTO_CCM) += ccm.o
59obj-$(CONFIG_CRYPTO_PCRYPT) += pcrypt.o
59obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o 60obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o
60obj-$(CONFIG_CRYPTO_DES) += des_generic.o 61obj-$(CONFIG_CRYPTO_DES) += des_generic.o
61obj-$(CONFIG_CRYPTO_FCRYPT) += fcrypt.o 62obj-$(CONFIG_CRYPTO_FCRYPT) += fcrypt.o
diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c
index f6f08336df5d..fe980dae1727 100644
--- a/crypto/ablkcipher.c
+++ b/crypto/ablkcipher.c
@@ -1,6 +1,6 @@
1/* 1/*
2 * Asynchronous block chaining cipher operations. 2 * Asynchronous block chaining cipher operations.
3 * 3 *
4 * This is the asynchronous version of blkcipher.c indicating completion 4 * This is the asynchronous version of blkcipher.c indicating completion
5 * via a callback. 5 * via a callback.
6 * 6 *
@@ -8,7 +8,7 @@
8 * 8 *
9 * This program is free software; you can redistribute it and/or modify it 9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the Free 10 * under the terms of the GNU General Public License as published by the Free
11 * Software Foundation; either version 2 of the License, or (at your option) 11 * Software Foundation; either version 2 of the License, or (at your option)
12 * any later version. 12 * any later version.
13 * 13 *
14 */ 14 */
diff --git a/crypto/aead.c b/crypto/aead.c
index 0a55da70845e..6729e8ff68e7 100644
--- a/crypto/aead.c
+++ b/crypto/aead.c
@@ -1,13 +1,13 @@
1/* 1/*
2 * AEAD: Authenticated Encryption with Associated Data 2 * AEAD: Authenticated Encryption with Associated Data
3 * 3 *
4 * This file provides API support for AEAD algorithms. 4 * This file provides API support for AEAD algorithms.
5 * 5 *
6 * Copyright (c) 2007 Herbert Xu <herbert@gondor.apana.org.au> 6 * Copyright (c) 2007 Herbert Xu <herbert@gondor.apana.org.au>
7 * 7 *
8 * This program is free software; you can redistribute it and/or modify it 8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the Free 9 * under the terms of the GNU General Public License as published by the Free
10 * Software Foundation; either version 2 of the License, or (at your option) 10 * Software Foundation; either version 2 of the License, or (at your option)
11 * any later version. 11 * any later version.
12 * 12 *
13 */ 13 */
diff --git a/crypto/aes_generic.c b/crypto/aes_generic.c
index e78b7ee44a74..a68c73dae15a 100644
--- a/crypto/aes_generic.c
+++ b/crypto/aes_generic.c
@@ -1,4 +1,4 @@
1/* 1/*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * AES Cipher Algorithm. 4 * AES Cipher Algorithm.
@@ -1127,7 +1127,7 @@ EXPORT_SYMBOL_GPL(crypto_il_tab);
1127 1127
1128#define star_x(x) (((x) & 0x7f7f7f7f) << 1) ^ ((((x) & 0x80808080) >> 7) * 0x1b) 1128#define star_x(x) (((x) & 0x7f7f7f7f) << 1) ^ ((((x) & 0x80808080) >> 7) * 0x1b)
1129 1129
1130#define imix_col(y,x) do { \ 1130#define imix_col(y, x) do { \
1131 u = star_x(x); \ 1131 u = star_x(x); \
1132 v = star_x(u); \ 1132 v = star_x(u); \
1133 w = star_x(v); \ 1133 w = star_x(v); \
diff --git a/crypto/algapi.c b/crypto/algapi.c
index f149b1c8b76d..3e4524e6139b 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -230,7 +230,7 @@ static struct crypto_larval *__crypto_register_alg(struct crypto_alg *alg)
230 list_add(&alg->cra_list, &crypto_alg_list); 230 list_add(&alg->cra_list, &crypto_alg_list);
231 list_add(&larval->alg.cra_list, &crypto_alg_list); 231 list_add(&larval->alg.cra_list, &crypto_alg_list);
232 232
233out: 233out:
234 return larval; 234 return larval;
235 235
236free_larval: 236free_larval:
@@ -388,7 +388,7 @@ int crypto_unregister_alg(struct crypto_alg *alg)
388{ 388{
389 int ret; 389 int ret;
390 LIST_HEAD(list); 390 LIST_HEAD(list);
391 391
392 down_write(&crypto_alg_sem); 392 down_write(&crypto_alg_sem);
393 ret = crypto_remove_alg(alg, &list); 393 ret = crypto_remove_alg(alg, &list);
394 up_write(&crypto_alg_sem); 394 up_write(&crypto_alg_sem);
diff --git a/crypto/anubis.c b/crypto/anubis.c
index e42c3a8ba4aa..77530d571c96 100644
--- a/crypto/anubis.c
+++ b/crypto/anubis.c
@@ -469,14 +469,13 @@ static int anubis_setkey(struct crypto_tfm *tfm, const u8 *in_key,
469 u32 kappa[ANUBIS_MAX_N]; 469 u32 kappa[ANUBIS_MAX_N];
470 u32 inter[ANUBIS_MAX_N]; 470 u32 inter[ANUBIS_MAX_N];
471 471
472 switch (key_len) 472 switch (key_len) {
473 {
474 case 16: case 20: case 24: case 28: 473 case 16: case 20: case 24: case 28:
475 case 32: case 36: case 40: 474 case 32: case 36: case 40:
476 break; 475 break;
477 default: 476 default:
478 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; 477 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
479 return - EINVAL; 478 return -EINVAL;
480 } 479 }
481 480
482 ctx->key_len = key_len * 8; 481 ctx->key_len = key_len * 8;
@@ -530,23 +529,24 @@ static int anubis_setkey(struct crypto_tfm *tfm, const u8 *in_key,
530 /* 529 /*
531 * compute kappa^{r+1} from kappa^r: 530 * compute kappa^{r+1} from kappa^r:
532 */ 531 */
533 if (r == R) { 532 if (r == R)
534 break; 533 break;
535 }
536 for (i = 0; i < N; i++) { 534 for (i = 0; i < N; i++) {
537 int j = i; 535 int j = i;
538 inter[i] = T0[(kappa[j--] >> 24) ]; 536 inter[i] = T0[(kappa[j--] >> 24) ];
539 if (j < 0) j = N - 1; 537 if (j < 0)
538 j = N - 1;
540 inter[i] ^= T1[(kappa[j--] >> 16) & 0xff]; 539 inter[i] ^= T1[(kappa[j--] >> 16) & 0xff];
541 if (j < 0) j = N - 1; 540 if (j < 0)
541 j = N - 1;
542 inter[i] ^= T2[(kappa[j--] >> 8) & 0xff]; 542 inter[i] ^= T2[(kappa[j--] >> 8) & 0xff];
543 if (j < 0) j = N - 1; 543 if (j < 0)
544 j = N - 1;
544 inter[i] ^= T3[(kappa[j ] ) & 0xff]; 545 inter[i] ^= T3[(kappa[j ] ) & 0xff];
545 } 546 }
546 kappa[0] = inter[0] ^ rc[r]; 547 kappa[0] = inter[0] ^ rc[r];
547 for (i = 1; i < N; i++) { 548 for (i = 1; i < N; i++)
548 kappa[i] = inter[i]; 549 kappa[i] = inter[i];
549 }
550 } 550 }
551 551
552 /* 552 /*
@@ -690,7 +690,7 @@ static struct crypto_alg anubis_alg = {
690static int __init anubis_mod_init(void) 690static int __init anubis_mod_init(void)
691{ 691{
692 int ret = 0; 692 int ret = 0;
693 693
694 ret = crypto_register_alg(&anubis_alg); 694 ret = crypto_register_alg(&anubis_alg);
695 return ret; 695 return ret;
696} 696}
diff --git a/crypto/api.c b/crypto/api.c
index 798526d90538..033a7147e5eb 100644
--- a/crypto/api.c
+++ b/crypto/api.c
@@ -10,7 +10,7 @@
10 * 10 *
11 * This program is free software; you can redistribute it and/or modify it 11 * This program is free software; you can redistribute it and/or modify it
12 * under the terms of the GNU General Public License as published by the Free 12 * under the terms of the GNU General Public License as published by the Free
13 * Software Foundation; either version 2 of the License, or (at your option) 13 * Software Foundation; either version 2 of the License, or (at your option)
14 * any later version. 14 * any later version.
15 * 15 *
16 */ 16 */
@@ -288,11 +288,11 @@ static int crypto_init_ops(struct crypto_tfm *tfm, u32 type, u32 mask)
288 288
289 case CRYPTO_ALG_TYPE_COMPRESS: 289 case CRYPTO_ALG_TYPE_COMPRESS:
290 return crypto_init_compress_ops(tfm); 290 return crypto_init_compress_ops(tfm);
291 291
292 default: 292 default:
293 break; 293 break;
294 } 294 }
295 295
296 BUG(); 296 BUG();
297 return -EINVAL; 297 return -EINVAL;
298} 298}
@@ -315,10 +315,9 @@ static void crypto_exit_ops(struct crypto_tfm *tfm)
315 case CRYPTO_ALG_TYPE_COMPRESS: 315 case CRYPTO_ALG_TYPE_COMPRESS:
316 crypto_exit_compress_ops(tfm); 316 crypto_exit_compress_ops(tfm);
317 break; 317 break;
318 318
319 default: 319 default:
320 BUG(); 320 BUG();
321
322 } 321 }
323} 322}
324 323
@@ -593,12 +592,12 @@ int crypto_has_alg(const char *name, u32 type, u32 mask)
593{ 592{
594 int ret = 0; 593 int ret = 0;
595 struct crypto_alg *alg = crypto_alg_mod_lookup(name, type, mask); 594 struct crypto_alg *alg = crypto_alg_mod_lookup(name, type, mask);
596 595
597 if (!IS_ERR(alg)) { 596 if (!IS_ERR(alg)) {
598 crypto_mod_put(alg); 597 crypto_mod_put(alg);
599 ret = 1; 598 ret = 1;
600 } 599 }
601 600
602 return ret; 601 return ret;
603} 602}
604EXPORT_SYMBOL_GPL(crypto_has_alg); 603EXPORT_SYMBOL_GPL(crypto_has_alg);
diff --git a/crypto/authenc.c b/crypto/authenc.c
index 4d6f49a5daeb..18870906ea06 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -194,7 +194,7 @@ static void authenc_verify_ahash_update_done(struct crypto_async_request *areq,
194 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen, 194 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen,
195 authsize, 0); 195 authsize, 0);
196 196
197 err = memcmp(ihash, ahreq->result, authsize) ? -EBADMSG: 0; 197 err = memcmp(ihash, ahreq->result, authsize) ? -EBADMSG : 0;
198 if (err) 198 if (err)
199 goto out; 199 goto out;
200 200
@@ -231,7 +231,7 @@ static void authenc_verify_ahash_done(struct crypto_async_request *areq,
231 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen, 231 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen,
232 authsize, 0); 232 authsize, 0);
233 233
234 err = memcmp(ihash, ahreq->result, authsize) ? -EBADMSG: 0; 234 err = memcmp(ihash, ahreq->result, authsize) ? -EBADMSG : 0;
235 if (err) 235 if (err)
236 goto out; 236 goto out;
237 237
@@ -464,7 +464,7 @@ static int crypto_authenc_verify(struct aead_request *req,
464 ihash = ohash + authsize; 464 ihash = ohash + authsize;
465 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen, 465 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen,
466 authsize, 0); 466 authsize, 0);
467 return memcmp(ihash, ohash, authsize) ? -EBADMSG: 0; 467 return memcmp(ihash, ohash, authsize) ? -EBADMSG : 0;
468} 468}
469 469
470static int crypto_authenc_iverify(struct aead_request *req, u8 *iv, 470static int crypto_authenc_iverify(struct aead_request *req, u8 *iv,
@@ -557,11 +557,11 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
557 557
558 ctx->auth = auth; 558 ctx->auth = auth;
559 ctx->enc = enc; 559 ctx->enc = enc;
560 560
561 tfm->crt_aead.reqsize = max_t(unsigned int, 561 tfm->crt_aead.reqsize = max_t(unsigned int,
562 crypto_ahash_reqsize(auth) + ctx->reqoff + 562 crypto_ahash_reqsize(auth) + ctx->reqoff +
563 sizeof(struct authenc_request_ctx) + 563 sizeof(struct authenc_request_ctx) +
564 sizeof(struct ahash_request), 564 sizeof(struct ahash_request),
565 sizeof(struct skcipher_givcrypt_request) + 565 sizeof(struct skcipher_givcrypt_request) +
566 crypto_ablkcipher_reqsize(enc) + 566 crypto_ablkcipher_reqsize(enc) +
567 crypto_ablkcipher_ivsize(enc)); 567 crypto_ablkcipher_ivsize(enc));
diff --git a/crypto/blowfish.c b/crypto/blowfish.c
index 6f5b48731922..a67d52ee0580 100644
--- a/crypto/blowfish.c
+++ b/crypto/blowfish.c
@@ -1,4 +1,4 @@
1/* 1/*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * Blowfish Cipher Algorithm, by Bruce Schneier. 4 * Blowfish Cipher Algorithm, by Bruce Schneier.
@@ -299,7 +299,7 @@ static const u32 bf_sbox[256 * 4] = {
299 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6, 299 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6,
300}; 300};
301 301
302/* 302/*
303 * Round loop unrolling macros, S is a pointer to a S-Box array 303 * Round loop unrolling macros, S is a pointer to a S-Box array
304 * organized in 4 unsigned longs at a row. 304 * organized in 4 unsigned longs at a row.
305 */ 305 */
@@ -315,7 +315,7 @@ static const u32 bf_sbox[256 * 4] = {
315 315
316/* 316/*
317 * The blowfish encipher, processes 64-bit blocks. 317 * The blowfish encipher, processes 64-bit blocks.
318 * NOTE: This function MUSTN'T respect endianess 318 * NOTE: This function MUSTN'T respect endianess
319 */ 319 */
320static void encrypt_block(struct bf_ctx *bctx, u32 *dst, u32 *src) 320static void encrypt_block(struct bf_ctx *bctx, u32 *dst, u32 *src)
321{ 321{
@@ -395,7 +395,7 @@ static void bf_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
395 out_blk[1] = cpu_to_be32(yl); 395 out_blk[1] = cpu_to_be32(yl);
396} 396}
397 397
398/* 398/*
399 * Calculates the blowfish S and P boxes for encryption and decryption. 399 * Calculates the blowfish S and P boxes for encryption and decryption.
400 */ 400 */
401static int bf_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) 401static int bf_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
@@ -417,10 +417,10 @@ static int bf_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
417 417
418 /* Actual subkey generation */ 418 /* Actual subkey generation */
419 for (j = 0, i = 0; i < 16 + 2; i++) { 419 for (j = 0, i = 0; i < 16 + 2; i++) {
420 temp = (((u32 )key[j] << 24) | 420 temp = (((u32)key[j] << 24) |
421 ((u32 )key[(j + 1) % keylen] << 16) | 421 ((u32)key[(j + 1) % keylen] << 16) |
422 ((u32 )key[(j + 2) % keylen] << 8) | 422 ((u32)key[(j + 2) % keylen] << 8) |
423 ((u32 )key[(j + 3) % keylen])); 423 ((u32)key[(j + 3) % keylen]));
424 424
425 P[i] = P[i] ^ temp; 425 P[i] = P[i] ^ temp;
426 j = (j + 4) % keylen; 426 j = (j + 4) % keylen;
@@ -444,7 +444,7 @@ static int bf_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
444 S[count + 1] = data[1]; 444 S[count + 1] = data[1];
445 } 445 }
446 } 446 }
447 447
448 /* Bruce says not to bother with the weak key check. */ 448 /* Bruce says not to bother with the weak key check. */
449 return 0; 449 return 0;
450} 450}
diff --git a/crypto/camellia.c b/crypto/camellia.c
index 964635d163f4..64cff46ea5e4 100644
--- a/crypto/camellia.c
+++ b/crypto/camellia.c
@@ -39,271 +39,271 @@
39#include <asm/unaligned.h> 39#include <asm/unaligned.h>
40 40
41static const u32 camellia_sp1110[256] = { 41static const u32 camellia_sp1110[256] = {
42 0x70707000,0x82828200,0x2c2c2c00,0xececec00, 42 0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00,
43 0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500, 43 0xb3b3b300, 0x27272700, 0xc0c0c000, 0xe5e5e500,
44 0xe4e4e400,0x85858500,0x57575700,0x35353500, 44 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
45 0xeaeaea00,0x0c0c0c00,0xaeaeae00,0x41414100, 45 0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100,
46 0x23232300,0xefefef00,0x6b6b6b00,0x93939300, 46 0x23232300, 0xefefef00, 0x6b6b6b00, 0x93939300,
47 0x45454500,0x19191900,0xa5a5a500,0x21212100, 47 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
48 0xededed00,0x0e0e0e00,0x4f4f4f00,0x4e4e4e00, 48 0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00,
49 0x1d1d1d00,0x65656500,0x92929200,0xbdbdbd00, 49 0x1d1d1d00, 0x65656500, 0x92929200, 0xbdbdbd00,
50 0x86868600,0xb8b8b800,0xafafaf00,0x8f8f8f00, 50 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
51 0x7c7c7c00,0xebebeb00,0x1f1f1f00,0xcecece00, 51 0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00,
52 0x3e3e3e00,0x30303000,0xdcdcdc00,0x5f5f5f00, 52 0x3e3e3e00, 0x30303000, 0xdcdcdc00, 0x5f5f5f00,
53 0x5e5e5e00,0xc5c5c500,0x0b0b0b00,0x1a1a1a00, 53 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
54 0xa6a6a600,0xe1e1e100,0x39393900,0xcacaca00, 54 0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00,
55 0xd5d5d500,0x47474700,0x5d5d5d00,0x3d3d3d00, 55 0xd5d5d500, 0x47474700, 0x5d5d5d00, 0x3d3d3d00,
56 0xd9d9d900,0x01010100,0x5a5a5a00,0xd6d6d600, 56 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
57 0x51515100,0x56565600,0x6c6c6c00,0x4d4d4d00, 57 0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00,
58 0x8b8b8b00,0x0d0d0d00,0x9a9a9a00,0x66666600, 58 0x8b8b8b00, 0x0d0d0d00, 0x9a9a9a00, 0x66666600,
59 0xfbfbfb00,0xcccccc00,0xb0b0b000,0x2d2d2d00, 59 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
60 0x74747400,0x12121200,0x2b2b2b00,0x20202000, 60 0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000,
61 0xf0f0f000,0xb1b1b100,0x84848400,0x99999900, 61 0xf0f0f000, 0xb1b1b100, 0x84848400, 0x99999900,
62 0xdfdfdf00,0x4c4c4c00,0xcbcbcb00,0xc2c2c200, 62 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
63 0x34343400,0x7e7e7e00,0x76767600,0x05050500, 63 0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500,
64 0x6d6d6d00,0xb7b7b700,0xa9a9a900,0x31313100, 64 0x6d6d6d00, 0xb7b7b700, 0xa9a9a900, 0x31313100,
65 0xd1d1d100,0x17171700,0x04040400,0xd7d7d700, 65 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
66 0x14141400,0x58585800,0x3a3a3a00,0x61616100, 66 0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100,
67 0xdedede00,0x1b1b1b00,0x11111100,0x1c1c1c00, 67 0xdedede00, 0x1b1b1b00, 0x11111100, 0x1c1c1c00,
68 0x32323200,0x0f0f0f00,0x9c9c9c00,0x16161600, 68 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
69 0x53535300,0x18181800,0xf2f2f200,0x22222200, 69 0x53535300, 0x18181800, 0xf2f2f200, 0x22222200,
70 0xfefefe00,0x44444400,0xcfcfcf00,0xb2b2b200, 70 0xfefefe00, 0x44444400, 0xcfcfcf00, 0xb2b2b200,
71 0xc3c3c300,0xb5b5b500,0x7a7a7a00,0x91919100, 71 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
72 0x24242400,0x08080800,0xe8e8e800,0xa8a8a800, 72 0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800,
73 0x60606000,0xfcfcfc00,0x69696900,0x50505000, 73 0x60606000, 0xfcfcfc00, 0x69696900, 0x50505000,
74 0xaaaaaa00,0xd0d0d000,0xa0a0a000,0x7d7d7d00, 74 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
75 0xa1a1a100,0x89898900,0x62626200,0x97979700, 75 0xa1a1a100, 0x89898900, 0x62626200, 0x97979700,
76 0x54545400,0x5b5b5b00,0x1e1e1e00,0x95959500, 76 0x54545400, 0x5b5b5b00, 0x1e1e1e00, 0x95959500,
77 0xe0e0e000,0xffffff00,0x64646400,0xd2d2d200, 77 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
78 0x10101000,0xc4c4c400,0x00000000,0x48484800, 78 0x10101000, 0xc4c4c400, 0x00000000, 0x48484800,
79 0xa3a3a300,0xf7f7f700,0x75757500,0xdbdbdb00, 79 0xa3a3a300, 0xf7f7f700, 0x75757500, 0xdbdbdb00,
80 0x8a8a8a00,0x03030300,0xe6e6e600,0xdadada00, 80 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
81 0x09090900,0x3f3f3f00,0xdddddd00,0x94949400, 81 0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400,
82 0x87878700,0x5c5c5c00,0x83838300,0x02020200, 82 0x87878700, 0x5c5c5c00, 0x83838300, 0x02020200,
83 0xcdcdcd00,0x4a4a4a00,0x90909000,0x33333300, 83 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
84 0x73737300,0x67676700,0xf6f6f600,0xf3f3f300, 84 0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300,
85 0x9d9d9d00,0x7f7f7f00,0xbfbfbf00,0xe2e2e200, 85 0x9d9d9d00, 0x7f7f7f00, 0xbfbfbf00, 0xe2e2e200,
86 0x52525200,0x9b9b9b00,0xd8d8d800,0x26262600, 86 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
87 0xc8c8c800,0x37373700,0xc6c6c600,0x3b3b3b00, 87 0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00,
88 0x81818100,0x96969600,0x6f6f6f00,0x4b4b4b00, 88 0x81818100, 0x96969600, 0x6f6f6f00, 0x4b4b4b00,
89 0x13131300,0xbebebe00,0x63636300,0x2e2e2e00, 89 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
90 0xe9e9e900,0x79797900,0xa7a7a700,0x8c8c8c00, 90 0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00,
91 0x9f9f9f00,0x6e6e6e00,0xbcbcbc00,0x8e8e8e00, 91 0x9f9f9f00, 0x6e6e6e00, 0xbcbcbc00, 0x8e8e8e00,
92 0x29292900,0xf5f5f500,0xf9f9f900,0xb6b6b600, 92 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
93 0x2f2f2f00,0xfdfdfd00,0xb4b4b400,0x59595900, 93 0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900,
94 0x78787800,0x98989800,0x06060600,0x6a6a6a00, 94 0x78787800, 0x98989800, 0x06060600, 0x6a6a6a00,
95 0xe7e7e700,0x46464600,0x71717100,0xbababa00, 95 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
96 0xd4d4d400,0x25252500,0xababab00,0x42424200, 96 0xd4d4d400, 0x25252500, 0xababab00, 0x42424200,
97 0x88888800,0xa2a2a200,0x8d8d8d00,0xfafafa00, 97 0x88888800, 0xa2a2a200, 0x8d8d8d00, 0xfafafa00,
98 0x72727200,0x07070700,0xb9b9b900,0x55555500, 98 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
99 0xf8f8f800,0xeeeeee00,0xacacac00,0x0a0a0a00, 99 0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00,
100 0x36363600,0x49494900,0x2a2a2a00,0x68686800, 100 0x36363600, 0x49494900, 0x2a2a2a00, 0x68686800,
101 0x3c3c3c00,0x38383800,0xf1f1f100,0xa4a4a400, 101 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
102 0x40404000,0x28282800,0xd3d3d300,0x7b7b7b00, 102 0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00,
103 0xbbbbbb00,0xc9c9c900,0x43434300,0xc1c1c100, 103 0xbbbbbb00, 0xc9c9c900, 0x43434300, 0xc1c1c100,
104 0x15151500,0xe3e3e300,0xadadad00,0xf4f4f400, 104 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
105 0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00, 105 0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00,
106}; 106};
107 107
108static const u32 camellia_sp0222[256] = { 108static const u32 camellia_sp0222[256] = {
109 0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9, 109 0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9,
110 0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb, 110 0x00676767, 0x004e4e4e, 0x00818181, 0x00cbcbcb,
111 0x00c9c9c9,0x000b0b0b,0x00aeaeae,0x006a6a6a, 111 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
112 0x00d5d5d5,0x00181818,0x005d5d5d,0x00828282, 112 0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282,
113 0x00464646,0x00dfdfdf,0x00d6d6d6,0x00272727, 113 0x00464646, 0x00dfdfdf, 0x00d6d6d6, 0x00272727,
114 0x008a8a8a,0x00323232,0x004b4b4b,0x00424242, 114 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
115 0x00dbdbdb,0x001c1c1c,0x009e9e9e,0x009c9c9c, 115 0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c,
116 0x003a3a3a,0x00cacaca,0x00252525,0x007b7b7b, 116 0x003a3a3a, 0x00cacaca, 0x00252525, 0x007b7b7b,
117 0x000d0d0d,0x00717171,0x005f5f5f,0x001f1f1f, 117 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
118 0x00f8f8f8,0x00d7d7d7,0x003e3e3e,0x009d9d9d, 118 0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d,
119 0x007c7c7c,0x00606060,0x00b9b9b9,0x00bebebe, 119 0x007c7c7c, 0x00606060, 0x00b9b9b9, 0x00bebebe,
120 0x00bcbcbc,0x008b8b8b,0x00161616,0x00343434, 120 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
121 0x004d4d4d,0x00c3c3c3,0x00727272,0x00959595, 121 0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595,
122 0x00ababab,0x008e8e8e,0x00bababa,0x007a7a7a, 122 0x00ababab, 0x008e8e8e, 0x00bababa, 0x007a7a7a,
123 0x00b3b3b3,0x00020202,0x00b4b4b4,0x00adadad, 123 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
124 0x00a2a2a2,0x00acacac,0x00d8d8d8,0x009a9a9a, 124 0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a,
125 0x00171717,0x001a1a1a,0x00353535,0x00cccccc, 125 0x00171717, 0x001a1a1a, 0x00353535, 0x00cccccc,
126 0x00f7f7f7,0x00999999,0x00616161,0x005a5a5a, 126 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
127 0x00e8e8e8,0x00242424,0x00565656,0x00404040, 127 0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040,
128 0x00e1e1e1,0x00636363,0x00090909,0x00333333, 128 0x00e1e1e1, 0x00636363, 0x00090909, 0x00333333,
129 0x00bfbfbf,0x00989898,0x00979797,0x00858585, 129 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
130 0x00686868,0x00fcfcfc,0x00ececec,0x000a0a0a, 130 0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a,
131 0x00dadada,0x006f6f6f,0x00535353,0x00626262, 131 0x00dadada, 0x006f6f6f, 0x00535353, 0x00626262,
132 0x00a3a3a3,0x002e2e2e,0x00080808,0x00afafaf, 132 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
133 0x00282828,0x00b0b0b0,0x00747474,0x00c2c2c2, 133 0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2,
134 0x00bdbdbd,0x00363636,0x00222222,0x00383838, 134 0x00bdbdbd, 0x00363636, 0x00222222, 0x00383838,
135 0x00646464,0x001e1e1e,0x00393939,0x002c2c2c, 135 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
136 0x00a6a6a6,0x00303030,0x00e5e5e5,0x00444444, 136 0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444,
137 0x00fdfdfd,0x00888888,0x009f9f9f,0x00656565, 137 0x00fdfdfd, 0x00888888, 0x009f9f9f, 0x00656565,
138 0x00878787,0x006b6b6b,0x00f4f4f4,0x00232323, 138 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
139 0x00484848,0x00101010,0x00d1d1d1,0x00515151, 139 0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151,
140 0x00c0c0c0,0x00f9f9f9,0x00d2d2d2,0x00a0a0a0, 140 0x00c0c0c0, 0x00f9f9f9, 0x00d2d2d2, 0x00a0a0a0,
141 0x00555555,0x00a1a1a1,0x00414141,0x00fafafa, 141 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
142 0x00434343,0x00131313,0x00c4c4c4,0x002f2f2f, 142 0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f,
143 0x00a8a8a8,0x00b6b6b6,0x003c3c3c,0x002b2b2b, 143 0x00a8a8a8, 0x00b6b6b6, 0x003c3c3c, 0x002b2b2b,
144 0x00c1c1c1,0x00ffffff,0x00c8c8c8,0x00a5a5a5, 144 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
145 0x00202020,0x00898989,0x00000000,0x00909090, 145 0x00202020, 0x00898989, 0x00000000, 0x00909090,
146 0x00474747,0x00efefef,0x00eaeaea,0x00b7b7b7, 146 0x00474747, 0x00efefef, 0x00eaeaea, 0x00b7b7b7,
147 0x00151515,0x00060606,0x00cdcdcd,0x00b5b5b5, 147 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
148 0x00121212,0x007e7e7e,0x00bbbbbb,0x00292929, 148 0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929,
149 0x000f0f0f,0x00b8b8b8,0x00070707,0x00040404, 149 0x000f0f0f, 0x00b8b8b8, 0x00070707, 0x00040404,
150 0x009b9b9b,0x00949494,0x00212121,0x00666666, 150 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
151 0x00e6e6e6,0x00cecece,0x00ededed,0x00e7e7e7, 151 0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7,
152 0x003b3b3b,0x00fefefe,0x007f7f7f,0x00c5c5c5, 152 0x003b3b3b, 0x00fefefe, 0x007f7f7f, 0x00c5c5c5,
153 0x00a4a4a4,0x00373737,0x00b1b1b1,0x004c4c4c, 153 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
154 0x00919191,0x006e6e6e,0x008d8d8d,0x00767676, 154 0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676,
155 0x00030303,0x002d2d2d,0x00dedede,0x00969696, 155 0x00030303, 0x002d2d2d, 0x00dedede, 0x00969696,
156 0x00262626,0x007d7d7d,0x00c6c6c6,0x005c5c5c, 156 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
157 0x00d3d3d3,0x00f2f2f2,0x004f4f4f,0x00191919, 157 0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919,
158 0x003f3f3f,0x00dcdcdc,0x00797979,0x001d1d1d, 158 0x003f3f3f, 0x00dcdcdc, 0x00797979, 0x001d1d1d,
159 0x00525252,0x00ebebeb,0x00f3f3f3,0x006d6d6d, 159 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
160 0x005e5e5e,0x00fbfbfb,0x00696969,0x00b2b2b2, 160 0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2,
161 0x00f0f0f0,0x00313131,0x000c0c0c,0x00d4d4d4, 161 0x00f0f0f0, 0x00313131, 0x000c0c0c, 0x00d4d4d4,
162 0x00cfcfcf,0x008c8c8c,0x00e2e2e2,0x00757575, 162 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
163 0x00a9a9a9,0x004a4a4a,0x00575757,0x00848484, 163 0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484,
164 0x00111111,0x00454545,0x001b1b1b,0x00f5f5f5, 164 0x00111111, 0x00454545, 0x001b1b1b, 0x00f5f5f5,
165 0x00e4e4e4,0x000e0e0e,0x00737373,0x00aaaaaa, 165 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
166 0x00f1f1f1,0x00dddddd,0x00595959,0x00141414, 166 0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414,
167 0x006c6c6c,0x00929292,0x00545454,0x00d0d0d0, 167 0x006c6c6c, 0x00929292, 0x00545454, 0x00d0d0d0,
168 0x00787878,0x00707070,0x00e3e3e3,0x00494949, 168 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
169 0x00808080,0x00505050,0x00a7a7a7,0x00f6f6f6, 169 0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6,
170 0x00777777,0x00939393,0x00868686,0x00838383, 170 0x00777777, 0x00939393, 0x00868686, 0x00838383,
171 0x002a2a2a,0x00c7c7c7,0x005b5b5b,0x00e9e9e9, 171 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
172 0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d, 172 0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d,
173}; 173};
174 174
175static const u32 camellia_sp3033[256] = { 175static const u32 camellia_sp3033[256] = {
176 0x38003838,0x41004141,0x16001616,0x76007676, 176 0x38003838, 0x41004141, 0x16001616, 0x76007676,
177 0xd900d9d9,0x93009393,0x60006060,0xf200f2f2, 177 0xd900d9d9, 0x93009393, 0x60006060, 0xf200f2f2,
178 0x72007272,0xc200c2c2,0xab00abab,0x9a009a9a, 178 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
179 0x75007575,0x06000606,0x57005757,0xa000a0a0, 179 0x75007575, 0x06000606, 0x57005757, 0xa000a0a0,
180 0x91009191,0xf700f7f7,0xb500b5b5,0xc900c9c9, 180 0x91009191, 0xf700f7f7, 0xb500b5b5, 0xc900c9c9,
181 0xa200a2a2,0x8c008c8c,0xd200d2d2,0x90009090, 181 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
182 0xf600f6f6,0x07000707,0xa700a7a7,0x27002727, 182 0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727,
183 0x8e008e8e,0xb200b2b2,0x49004949,0xde00dede, 183 0x8e008e8e, 0xb200b2b2, 0x49004949, 0xde00dede,
184 0x43004343,0x5c005c5c,0xd700d7d7,0xc700c7c7, 184 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
185 0x3e003e3e,0xf500f5f5,0x8f008f8f,0x67006767, 185 0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767,
186 0x1f001f1f,0x18001818,0x6e006e6e,0xaf00afaf, 186 0x1f001f1f, 0x18001818, 0x6e006e6e, 0xaf00afaf,
187 0x2f002f2f,0xe200e2e2,0x85008585,0x0d000d0d, 187 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
188 0x53005353,0xf000f0f0,0x9c009c9c,0x65006565, 188 0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565,
189 0xea00eaea,0xa300a3a3,0xae00aeae,0x9e009e9e, 189 0xea00eaea, 0xa300a3a3, 0xae00aeae, 0x9e009e9e,
190 0xec00ecec,0x80008080,0x2d002d2d,0x6b006b6b, 190 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
191 0xa800a8a8,0x2b002b2b,0x36003636,0xa600a6a6, 191 0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6,
192 0xc500c5c5,0x86008686,0x4d004d4d,0x33003333, 192 0xc500c5c5, 0x86008686, 0x4d004d4d, 0x33003333,
193 0xfd00fdfd,0x66006666,0x58005858,0x96009696, 193 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
194 0x3a003a3a,0x09000909,0x95009595,0x10001010, 194 0x3a003a3a, 0x09000909, 0x95009595, 0x10001010,
195 0x78007878,0xd800d8d8,0x42004242,0xcc00cccc, 195 0x78007878, 0xd800d8d8, 0x42004242, 0xcc00cccc,
196 0xef00efef,0x26002626,0xe500e5e5,0x61006161, 196 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
197 0x1a001a1a,0x3f003f3f,0x3b003b3b,0x82008282, 197 0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282,
198 0xb600b6b6,0xdb00dbdb,0xd400d4d4,0x98009898, 198 0xb600b6b6, 0xdb00dbdb, 0xd400d4d4, 0x98009898,
199 0xe800e8e8,0x8b008b8b,0x02000202,0xeb00ebeb, 199 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
200 0x0a000a0a,0x2c002c2c,0x1d001d1d,0xb000b0b0, 200 0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0,
201 0x6f006f6f,0x8d008d8d,0x88008888,0x0e000e0e, 201 0x6f006f6f, 0x8d008d8d, 0x88008888, 0x0e000e0e,
202 0x19001919,0x87008787,0x4e004e4e,0x0b000b0b, 202 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
203 0xa900a9a9,0x0c000c0c,0x79007979,0x11001111, 203 0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111,
204 0x7f007f7f,0x22002222,0xe700e7e7,0x59005959, 204 0x7f007f7f, 0x22002222, 0xe700e7e7, 0x59005959,
205 0xe100e1e1,0xda00dada,0x3d003d3d,0xc800c8c8, 205 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
206 0x12001212,0x04000404,0x74007474,0x54005454, 206 0x12001212, 0x04000404, 0x74007474, 0x54005454,
207 0x30003030,0x7e007e7e,0xb400b4b4,0x28002828, 207 0x30003030, 0x7e007e7e, 0xb400b4b4, 0x28002828,
208 0x55005555,0x68006868,0x50005050,0xbe00bebe, 208 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
209 0xd000d0d0,0xc400c4c4,0x31003131,0xcb00cbcb, 209 0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb,
210 0x2a002a2a,0xad00adad,0x0f000f0f,0xca00caca, 210 0x2a002a2a, 0xad00adad, 0x0f000f0f, 0xca00caca,
211 0x70007070,0xff00ffff,0x32003232,0x69006969, 211 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
212 0x08000808,0x62006262,0x00000000,0x24002424, 212 0x08000808, 0x62006262, 0x00000000, 0x24002424,
213 0xd100d1d1,0xfb00fbfb,0xba00baba,0xed00eded, 213 0xd100d1d1, 0xfb00fbfb, 0xba00baba, 0xed00eded,
214 0x45004545,0x81008181,0x73007373,0x6d006d6d, 214 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
215 0x84008484,0x9f009f9f,0xee00eeee,0x4a004a4a, 215 0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a,
216 0xc300c3c3,0x2e002e2e,0xc100c1c1,0x01000101, 216 0xc300c3c3, 0x2e002e2e, 0xc100c1c1, 0x01000101,
217 0xe600e6e6,0x25002525,0x48004848,0x99009999, 217 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
218 0xb900b9b9,0xb300b3b3,0x7b007b7b,0xf900f9f9, 218 0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9,
219 0xce00cece,0xbf00bfbf,0xdf00dfdf,0x71007171, 219 0xce00cece, 0xbf00bfbf, 0xdf00dfdf, 0x71007171,
220 0x29002929,0xcd00cdcd,0x6c006c6c,0x13001313, 220 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
221 0x64006464,0x9b009b9b,0x63006363,0x9d009d9d, 221 0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d,
222 0xc000c0c0,0x4b004b4b,0xb700b7b7,0xa500a5a5, 222 0xc000c0c0, 0x4b004b4b, 0xb700b7b7, 0xa500a5a5,
223 0x89008989,0x5f005f5f,0xb100b1b1,0x17001717, 223 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
224 0xf400f4f4,0xbc00bcbc,0xd300d3d3,0x46004646, 224 0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646,
225 0xcf00cfcf,0x37003737,0x5e005e5e,0x47004747, 225 0xcf00cfcf, 0x37003737, 0x5e005e5e, 0x47004747,
226 0x94009494,0xfa00fafa,0xfc00fcfc,0x5b005b5b, 226 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
227 0x97009797,0xfe00fefe,0x5a005a5a,0xac00acac, 227 0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac,
228 0x3c003c3c,0x4c004c4c,0x03000303,0x35003535, 228 0x3c003c3c, 0x4c004c4c, 0x03000303, 0x35003535,
229 0xf300f3f3,0x23002323,0xb800b8b8,0x5d005d5d, 229 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
230 0x6a006a6a,0x92009292,0xd500d5d5,0x21002121, 230 0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121,
231 0x44004444,0x51005151,0xc600c6c6,0x7d007d7d, 231 0x44004444, 0x51005151, 0xc600c6c6, 0x7d007d7d,
232 0x39003939,0x83008383,0xdc00dcdc,0xaa00aaaa, 232 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
233 0x7c007c7c,0x77007777,0x56005656,0x05000505, 233 0x7c007c7c, 0x77007777, 0x56005656, 0x05000505,
234 0x1b001b1b,0xa400a4a4,0x15001515,0x34003434, 234 0x1b001b1b, 0xa400a4a4, 0x15001515, 0x34003434,
235 0x1e001e1e,0x1c001c1c,0xf800f8f8,0x52005252, 235 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
236 0x20002020,0x14001414,0xe900e9e9,0xbd00bdbd, 236 0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd,
237 0xdd00dddd,0xe400e4e4,0xa100a1a1,0xe000e0e0, 237 0xdd00dddd, 0xe400e4e4, 0xa100a1a1, 0xe000e0e0,
238 0x8a008a8a,0xf100f1f1,0xd600d6d6,0x7a007a7a, 238 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
239 0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f, 239 0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f,
240}; 240};
241 241
242static const u32 camellia_sp4404[256] = { 242static const u32 camellia_sp4404[256] = {
243 0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0, 243 0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0,
244 0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae, 244 0xe4e400e4, 0x57570057, 0xeaea00ea, 0xaeae00ae,
245 0x23230023,0x6b6b006b,0x45450045,0xa5a500a5, 245 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
246 0xeded00ed,0x4f4f004f,0x1d1d001d,0x92920092, 246 0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092,
247 0x86860086,0xafaf00af,0x7c7c007c,0x1f1f001f, 247 0x86860086, 0xafaf00af, 0x7c7c007c, 0x1f1f001f,
248 0x3e3e003e,0xdcdc00dc,0x5e5e005e,0x0b0b000b, 248 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
249 0xa6a600a6,0x39390039,0xd5d500d5,0x5d5d005d, 249 0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d,
250 0xd9d900d9,0x5a5a005a,0x51510051,0x6c6c006c, 250 0xd9d900d9, 0x5a5a005a, 0x51510051, 0x6c6c006c,
251 0x8b8b008b,0x9a9a009a,0xfbfb00fb,0xb0b000b0, 251 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
252 0x74740074,0x2b2b002b,0xf0f000f0,0x84840084, 252 0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084,
253 0xdfdf00df,0xcbcb00cb,0x34340034,0x76760076, 253 0xdfdf00df, 0xcbcb00cb, 0x34340034, 0x76760076,
254 0x6d6d006d,0xa9a900a9,0xd1d100d1,0x04040004, 254 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
255 0x14140014,0x3a3a003a,0xdede00de,0x11110011, 255 0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011,
256 0x32320032,0x9c9c009c,0x53530053,0xf2f200f2, 256 0x32320032, 0x9c9c009c, 0x53530053, 0xf2f200f2,
257 0xfefe00fe,0xcfcf00cf,0xc3c300c3,0x7a7a007a, 257 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
258 0x24240024,0xe8e800e8,0x60600060,0x69690069, 258 0x24240024, 0xe8e800e8, 0x60600060, 0x69690069,
259 0xaaaa00aa,0xa0a000a0,0xa1a100a1,0x62620062, 259 0xaaaa00aa, 0xa0a000a0, 0xa1a100a1, 0x62620062,
260 0x54540054,0x1e1e001e,0xe0e000e0,0x64640064, 260 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
261 0x10100010,0x00000000,0xa3a300a3,0x75750075, 261 0x10100010, 0x00000000, 0xa3a300a3, 0x75750075,
262 0x8a8a008a,0xe6e600e6,0x09090009,0xdddd00dd, 262 0x8a8a008a, 0xe6e600e6, 0x09090009, 0xdddd00dd,
263 0x87870087,0x83830083,0xcdcd00cd,0x90900090, 263 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
264 0x73730073,0xf6f600f6,0x9d9d009d,0xbfbf00bf, 264 0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf,
265 0x52520052,0xd8d800d8,0xc8c800c8,0xc6c600c6, 265 0x52520052, 0xd8d800d8, 0xc8c800c8, 0xc6c600c6,
266 0x81810081,0x6f6f006f,0x13130013,0x63630063, 266 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
267 0xe9e900e9,0xa7a700a7,0x9f9f009f,0xbcbc00bc, 267 0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc,
268 0x29290029,0xf9f900f9,0x2f2f002f,0xb4b400b4, 268 0x29290029, 0xf9f900f9, 0x2f2f002f, 0xb4b400b4,
269 0x78780078,0x06060006,0xe7e700e7,0x71710071, 269 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
270 0xd4d400d4,0xabab00ab,0x88880088,0x8d8d008d, 270 0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d,
271 0x72720072,0xb9b900b9,0xf8f800f8,0xacac00ac, 271 0x72720072, 0xb9b900b9, 0xf8f800f8, 0xacac00ac,
272 0x36360036,0x2a2a002a,0x3c3c003c,0xf1f100f1, 272 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
273 0x40400040,0xd3d300d3,0xbbbb00bb,0x43430043, 273 0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043,
274 0x15150015,0xadad00ad,0x77770077,0x80800080, 274 0x15150015, 0xadad00ad, 0x77770077, 0x80800080,
275 0x82820082,0xecec00ec,0x27270027,0xe5e500e5, 275 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
276 0x85850085,0x35350035,0x0c0c000c,0x41410041, 276 0x85850085, 0x35350035, 0x0c0c000c, 0x41410041,
277 0xefef00ef,0x93930093,0x19190019,0x21210021, 277 0xefef00ef, 0x93930093, 0x19190019, 0x21210021,
278 0x0e0e000e,0x4e4e004e,0x65650065,0xbdbd00bd, 278 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
279 0xb8b800b8,0x8f8f008f,0xebeb00eb,0xcece00ce, 279 0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce,
280 0x30300030,0x5f5f005f,0xc5c500c5,0x1a1a001a, 280 0x30300030, 0x5f5f005f, 0xc5c500c5, 0x1a1a001a,
281 0xe1e100e1,0xcaca00ca,0x47470047,0x3d3d003d, 281 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
282 0x01010001,0xd6d600d6,0x56560056,0x4d4d004d, 282 0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d,
283 0x0d0d000d,0x66660066,0xcccc00cc,0x2d2d002d, 283 0x0d0d000d, 0x66660066, 0xcccc00cc, 0x2d2d002d,
284 0x12120012,0x20200020,0xb1b100b1,0x99990099, 284 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
285 0x4c4c004c,0xc2c200c2,0x7e7e007e,0x05050005, 285 0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005,
286 0xb7b700b7,0x31310031,0x17170017,0xd7d700d7, 286 0xb7b700b7, 0x31310031, 0x17170017, 0xd7d700d7,
287 0x58580058,0x61610061,0x1b1b001b,0x1c1c001c, 287 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
288 0x0f0f000f,0x16160016,0x18180018,0x22220022, 288 0x0f0f000f, 0x16160016, 0x18180018, 0x22220022,
289 0x44440044,0xb2b200b2,0xb5b500b5,0x91910091, 289 0x44440044, 0xb2b200b2, 0xb5b500b5, 0x91910091,
290 0x08080008,0xa8a800a8,0xfcfc00fc,0x50500050, 290 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
291 0xd0d000d0,0x7d7d007d,0x89890089,0x97970097, 291 0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097,
292 0x5b5b005b,0x95950095,0xffff00ff,0xd2d200d2, 292 0x5b5b005b, 0x95950095, 0xffff00ff, 0xd2d200d2,
293 0xc4c400c4,0x48480048,0xf7f700f7,0xdbdb00db, 293 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
294 0x03030003,0xdada00da,0x3f3f003f,0x94940094, 294 0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094,
295 0x5c5c005c,0x02020002,0x4a4a004a,0x33330033, 295 0x5c5c005c, 0x02020002, 0x4a4a004a, 0x33330033,
296 0x67670067,0xf3f300f3,0x7f7f007f,0xe2e200e2, 296 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
297 0x9b9b009b,0x26260026,0x37370037,0x3b3b003b, 297 0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b,
298 0x96960096,0x4b4b004b,0xbebe00be,0x2e2e002e, 298 0x96960096, 0x4b4b004b, 0xbebe00be, 0x2e2e002e,
299 0x79790079,0x8c8c008c,0x6e6e006e,0x8e8e008e, 299 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
300 0xf5f500f5,0xb6b600b6,0xfdfd00fd,0x59590059, 300 0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059,
301 0x98980098,0x6a6a006a,0x46460046,0xbaba00ba, 301 0x98980098, 0x6a6a006a, 0x46460046, 0xbaba00ba,
302 0x25250025,0x42420042,0xa2a200a2,0xfafa00fa, 302 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
303 0x07070007,0x55550055,0xeeee00ee,0x0a0a000a, 303 0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a,
304 0x49490049,0x68680068,0x38380038,0xa4a400a4, 304 0x49490049, 0x68680068, 0x38380038, 0xa4a400a4,
305 0x28280028,0x7b7b007b,0xc9c900c9,0xc1c100c1, 305 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
306 0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e, 306 0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e,
307}; 307};
308 308
309 309
@@ -344,7 +344,7 @@ static const u32 camellia_sp4404[256] = {
344 lr = (lr << bits) + (rl >> (32 - bits)); \ 344 lr = (lr << bits) + (rl >> (32 - bits)); \
345 rl = (rl << bits) + (rr >> (32 - bits)); \ 345 rl = (rl << bits) + (rr >> (32 - bits)); \
346 rr = (rr << bits) + (w0 >> (32 - bits)); \ 346 rr = (rr << bits) + (w0 >> (32 - bits)); \
347 } while(0) 347 } while (0)
348 348
349#define ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \ 349#define ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \
350 do { \ 350 do { \
@@ -354,7 +354,7 @@ static const u32 camellia_sp4404[256] = {
354 lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \ 354 lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \
355 rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \ 355 rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \
356 rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ 356 rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \
357 } while(0) 357 } while (0)
358 358
359#define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ 359#define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \
360 do { \ 360 do { \
@@ -373,7 +373,7 @@ static const u32 camellia_sp4404[256] = {
373 yl ^= yr; \ 373 yl ^= yr; \
374 yr = ror32(yr, 8); \ 374 yr = ror32(yr, 8); \
375 yr ^= yl; \ 375 yr ^= yl; \
376 } while(0) 376 } while (0)
377 377
378#define SUBKEY_L(INDEX) (subkey[(INDEX)*2]) 378#define SUBKEY_L(INDEX) (subkey[(INDEX)*2])
379#define SUBKEY_R(INDEX) (subkey[(INDEX)*2 + 1]) 379#define SUBKEY_R(INDEX) (subkey[(INDEX)*2 + 1])
@@ -835,7 +835,7 @@ static void camellia_setup256(const unsigned char *key, u32 *subkey)
835static void camellia_setup192(const unsigned char *key, u32 *subkey) 835static void camellia_setup192(const unsigned char *key, u32 *subkey)
836{ 836{
837 unsigned char kk[32]; 837 unsigned char kk[32];
838 u32 krll, krlr, krrl,krrr; 838 u32 krll, krlr, krrl, krrr;
839 839
840 memcpy(kk, key, 24); 840 memcpy(kk, key, 24);
841 memcpy((unsigned char *)&krll, key+16, 4); 841 memcpy((unsigned char *)&krll, key+16, 4);
@@ -865,7 +865,7 @@ static void camellia_setup192(const unsigned char *key, u32 *subkey)
865 t1 |= lr; \ 865 t1 |= lr; \
866 ll ^= t1; \ 866 ll ^= t1; \
867 rr ^= rol32(t3, 1); \ 867 rr ^= rol32(t3, 1); \
868 } while(0) 868 } while (0)
869 869
870#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir) \ 870#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir) \
871 do { \ 871 do { \
@@ -881,12 +881,12 @@ static void camellia_setup192(const unsigned char *key, u32 *subkey)
881 ir ^= il ^ kr; \ 881 ir ^= il ^ kr; \
882 yl ^= ir; \ 882 yl ^= ir; \
883 yr ^= ror32(il, 8) ^ ir; \ 883 yr ^= ror32(il, 8) ^ ir; \
884 } while(0) 884 } while (0)
885 885
886/* max = 24: 128bit encrypt, max = 32: 256bit encrypt */ 886/* max = 24: 128bit encrypt, max = 32: 256bit encrypt */
887static void camellia_do_encrypt(const u32 *subkey, u32 *io, unsigned max) 887static void camellia_do_encrypt(const u32 *subkey, u32 *io, unsigned max)
888{ 888{
889 u32 il,ir,t0,t1; /* temporary variables */ 889 u32 il, ir, t0, t1; /* temporary variables */
890 890
891 /* pre whitening but absorb kw2 */ 891 /* pre whitening but absorb kw2 */
892 io[0] ^= SUBKEY_L(0); 892 io[0] ^= SUBKEY_L(0);
@@ -894,30 +894,30 @@ static void camellia_do_encrypt(const u32 *subkey, u32 *io, unsigned max)
894 894
895 /* main iteration */ 895 /* main iteration */
896#define ROUNDS(i) do { \ 896#define ROUNDS(i) do { \
897 CAMELLIA_ROUNDSM(io[0],io[1], \ 897 CAMELLIA_ROUNDSM(io[0], io[1], \
898 SUBKEY_L(i + 2),SUBKEY_R(i + 2), \ 898 SUBKEY_L(i + 2), SUBKEY_R(i + 2), \
899 io[2],io[3],il,ir); \ 899 io[2], io[3], il, ir); \
900 CAMELLIA_ROUNDSM(io[2],io[3], \ 900 CAMELLIA_ROUNDSM(io[2], io[3], \
901 SUBKEY_L(i + 3),SUBKEY_R(i + 3), \ 901 SUBKEY_L(i + 3), SUBKEY_R(i + 3), \
902 io[0],io[1],il,ir); \ 902 io[0], io[1], il, ir); \
903 CAMELLIA_ROUNDSM(io[0],io[1], \ 903 CAMELLIA_ROUNDSM(io[0], io[1], \
904 SUBKEY_L(i + 4),SUBKEY_R(i + 4), \ 904 SUBKEY_L(i + 4), SUBKEY_R(i + 4), \
905 io[2],io[3],il,ir); \ 905 io[2], io[3], il, ir); \
906 CAMELLIA_ROUNDSM(io[2],io[3], \ 906 CAMELLIA_ROUNDSM(io[2], io[3], \
907 SUBKEY_L(i + 5),SUBKEY_R(i + 5), \ 907 SUBKEY_L(i + 5), SUBKEY_R(i + 5), \
908 io[0],io[1],il,ir); \ 908 io[0], io[1], il, ir); \
909 CAMELLIA_ROUNDSM(io[0],io[1], \ 909 CAMELLIA_ROUNDSM(io[0], io[1], \
910 SUBKEY_L(i + 6),SUBKEY_R(i + 6), \ 910 SUBKEY_L(i + 6), SUBKEY_R(i + 6), \
911 io[2],io[3],il,ir); \ 911 io[2], io[3], il, ir); \
912 CAMELLIA_ROUNDSM(io[2],io[3], \ 912 CAMELLIA_ROUNDSM(io[2], io[3], \
913 SUBKEY_L(i + 7),SUBKEY_R(i + 7), \ 913 SUBKEY_L(i + 7), SUBKEY_R(i + 7), \
914 io[0],io[1],il,ir); \ 914 io[0], io[1], il, ir); \
915} while (0) 915} while (0)
916#define FLS(i) do { \ 916#define FLS(i) do { \
917 CAMELLIA_FLS(io[0],io[1],io[2],io[3], \ 917 CAMELLIA_FLS(io[0], io[1], io[2], io[3], \
918 SUBKEY_L(i + 0),SUBKEY_R(i + 0), \ 918 SUBKEY_L(i + 0), SUBKEY_R(i + 0), \
919 SUBKEY_L(i + 1),SUBKEY_R(i + 1), \ 919 SUBKEY_L(i + 1), SUBKEY_R(i + 1), \
920 t0,t1,il,ir); \ 920 t0, t1, il, ir); \
921} while (0) 921} while (0)
922 922
923 ROUNDS(0); 923 ROUNDS(0);
@@ -941,7 +941,7 @@ static void camellia_do_encrypt(const u32 *subkey, u32 *io, unsigned max)
941 941
942static void camellia_do_decrypt(const u32 *subkey, u32 *io, unsigned i) 942static void camellia_do_decrypt(const u32 *subkey, u32 *io, unsigned i)
943{ 943{
944 u32 il,ir,t0,t1; /* temporary variables */ 944 u32 il, ir, t0, t1; /* temporary variables */
945 945
946 /* pre whitening but absorb kw2 */ 946 /* pre whitening but absorb kw2 */
947 io[0] ^= SUBKEY_L(i); 947 io[0] ^= SUBKEY_L(i);
@@ -949,30 +949,30 @@ static void camellia_do_decrypt(const u32 *subkey, u32 *io, unsigned i)
949 949
950 /* main iteration */ 950 /* main iteration */
951#define ROUNDS(i) do { \ 951#define ROUNDS(i) do { \
952 CAMELLIA_ROUNDSM(io[0],io[1], \ 952 CAMELLIA_ROUNDSM(io[0], io[1], \
953 SUBKEY_L(i + 7),SUBKEY_R(i + 7), \ 953 SUBKEY_L(i + 7), SUBKEY_R(i + 7), \
954 io[2],io[3],il,ir); \ 954 io[2], io[3], il, ir); \
955 CAMELLIA_ROUNDSM(io[2],io[3], \ 955 CAMELLIA_ROUNDSM(io[2], io[3], \
956 SUBKEY_L(i + 6),SUBKEY_R(i + 6), \ 956 SUBKEY_L(i + 6), SUBKEY_R(i + 6), \
957 io[0],io[1],il,ir); \ 957 io[0], io[1], il, ir); \
958 CAMELLIA_ROUNDSM(io[0],io[1], \ 958 CAMELLIA_ROUNDSM(io[0], io[1], \
959 SUBKEY_L(i + 5),SUBKEY_R(i + 5), \ 959 SUBKEY_L(i + 5), SUBKEY_R(i + 5), \
960 io[2],io[3],il,ir); \ 960 io[2], io[3], il, ir); \
961 CAMELLIA_ROUNDSM(io[2],io[3], \ 961 CAMELLIA_ROUNDSM(io[2], io[3], \
962 SUBKEY_L(i + 4),SUBKEY_R(i + 4), \ 962 SUBKEY_L(i + 4), SUBKEY_R(i + 4), \
963 io[0],io[1],il,ir); \ 963 io[0], io[1], il, ir); \
964 CAMELLIA_ROUNDSM(io[0],io[1], \ 964 CAMELLIA_ROUNDSM(io[0], io[1], \
965 SUBKEY_L(i + 3),SUBKEY_R(i + 3), \ 965 SUBKEY_L(i + 3), SUBKEY_R(i + 3), \
966 io[2],io[3],il,ir); \ 966 io[2], io[3], il, ir); \
967 CAMELLIA_ROUNDSM(io[2],io[3], \ 967 CAMELLIA_ROUNDSM(io[2], io[3], \
968 SUBKEY_L(i + 2),SUBKEY_R(i + 2), \ 968 SUBKEY_L(i + 2), SUBKEY_R(i + 2), \
969 io[0],io[1],il,ir); \ 969 io[0], io[1], il, ir); \
970} while (0) 970} while (0)
971#define FLS(i) do { \ 971#define FLS(i) do { \
972 CAMELLIA_FLS(io[0],io[1],io[2],io[3], \ 972 CAMELLIA_FLS(io[0], io[1], io[2], io[3], \
973 SUBKEY_L(i + 1),SUBKEY_R(i + 1), \ 973 SUBKEY_L(i + 1), SUBKEY_R(i + 1), \
974 SUBKEY_L(i + 0),SUBKEY_R(i + 0), \ 974 SUBKEY_L(i + 0), SUBKEY_R(i + 0), \
975 t0,t1,il,ir); \ 975 t0, t1, il, ir); \
976} while (0) 976} while (0)
977 977
978 if (i == 32) { 978 if (i == 32) {
diff --git a/crypto/cast5.c b/crypto/cast5.c
index 8cbe28fa0e0c..a1d2294b50ad 100644
--- a/crypto/cast5.c
+++ b/crypto/cast5.c
@@ -569,12 +569,12 @@ static const u32 sb8[256] = {
569 0xeaee6801, 0x8db2a283, 0xea8bf59e 569 0xeaee6801, 0x8db2a283, 0xea8bf59e
570}; 570};
571 571
572#define F1(D,m,r) ( (I = ((m) + (D))), (I=rol32(I,(r))), \ 572#define F1(D, m, r) ((I = ((m) + (D))), (I = rol32(I, (r))), \
573 (((s1[I >> 24] ^ s2[(I>>16)&0xff]) - s3[(I>>8)&0xff]) + s4[I&0xff]) ) 573 (((s1[I >> 24] ^ s2[(I>>16)&0xff]) - s3[(I>>8)&0xff]) + s4[I&0xff]))
574#define F2(D,m,r) ( (I = ((m) ^ (D))), (I=rol32(I,(r))), \ 574#define F2(D, m, r) ((I = ((m) ^ (D))), (I = rol32(I, (r))), \
575 (((s1[I >> 24] - s2[(I>>16)&0xff]) + s3[(I>>8)&0xff]) ^ s4[I&0xff]) ) 575 (((s1[I >> 24] - s2[(I>>16)&0xff]) + s3[(I>>8)&0xff]) ^ s4[I&0xff]))
576#define F3(D,m,r) ( (I = ((m) - (D))), (I=rol32(I,(r))), \ 576#define F3(D, m, r) ((I = ((m) - (D))), (I = rol32(I, (r))), \
577 (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]) ) 577 (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]))
578 578
579 579
580static void cast5_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf) 580static void cast5_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
@@ -694,7 +694,7 @@ static void cast5_decrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
694 dst[1] = cpu_to_be32(l); 694 dst[1] = cpu_to_be32(l);
695} 695}
696 696
697static void key_schedule(u32 * x, u32 * z, u32 * k) 697static void key_schedule(u32 *x, u32 *z, u32 *k)
698{ 698{
699 699
700#define xi(i) ((x[(i)/4] >> (8*(3-((i)%4)))) & 0xff) 700#define xi(i) ((x[(i)/4] >> (8*(3-((i)%4)))) & 0xff)
diff --git a/crypto/cast6.c b/crypto/cast6.c
index 007d02beed67..e0c15a6c7c34 100644
--- a/crypto/cast6.c
+++ b/crypto/cast6.c
@@ -11,7 +11,7 @@
11 * under the terms of GNU General Public License as published by the Free 11 * under the terms of GNU General Public License as published by the Free
12 * Software Foundation; either version 2 of the License, or (at your option) 12 * Software Foundation; either version 2 of the License, or (at your option)
13 * any later version. 13 * any later version.
14 * 14 *
15 * You should have received a copy of the GNU General Public License 15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software 16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
@@ -35,12 +35,12 @@ struct cast6_ctx {
35 u8 Kr[12][4]; 35 u8 Kr[12][4];
36}; 36};
37 37
38#define F1(D,r,m) ( (I = ((m) + (D))), (I=rol32(I,(r))), \ 38#define F1(D, r, m) ((I = ((m) + (D))), (I = rol32(I, (r))), \
39 (((s1[I >> 24] ^ s2[(I>>16)&0xff]) - s3[(I>>8)&0xff]) + s4[I&0xff]) ) 39 (((s1[I >> 24] ^ s2[(I>>16)&0xff]) - s3[(I>>8)&0xff]) + s4[I&0xff]))
40#define F2(D,r,m) ( (I = ((m) ^ (D))), (I=rol32(I,(r))), \ 40#define F2(D, r, m) ((I = ((m) ^ (D))), (I = rol32(I, (r))), \
41 (((s1[I >> 24] - s2[(I>>16)&0xff]) + s3[(I>>8)&0xff]) ^ s4[I&0xff]) ) 41 (((s1[I >> 24] - s2[(I>>16)&0xff]) + s3[(I>>8)&0xff]) ^ s4[I&0xff]))
42#define F3(D,r,m) ( (I = ((m) - (D))), (I=rol32(I,(r))), \ 42#define F3(D, r, m) ((I = ((m) - (D))), (I = rol32(I, (r))), \
43 (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]) ) 43 (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]))
44 44
45static const u32 s1[256] = { 45static const u32 s1[256] = {
46 0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, 46 0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f,
@@ -312,7 +312,7 @@ static const u32 s4[256] = {
312 312
313static const u32 Tm[24][8] = { 313static const u32 Tm[24][8] = {
314 { 0x5a827999, 0xc95c653a, 0x383650db, 0xa7103c7c, 0x15ea281d, 314 { 0x5a827999, 0xc95c653a, 0x383650db, 0xa7103c7c, 0x15ea281d,
315 0x84c413be, 0xf39dff5f, 0x6277eb00 } , 315 0x84c413be, 0xf39dff5f, 0x6277eb00 } ,
316 { 0xd151d6a1, 0x402bc242, 0xaf05ade3, 0x1ddf9984, 0x8cb98525, 316 { 0xd151d6a1, 0x402bc242, 0xaf05ade3, 0x1ddf9984, 0x8cb98525,
317 0xfb9370c6, 0x6a6d5c67, 0xd9474808 } , 317 0xfb9370c6, 0x6a6d5c67, 0xd9474808 } ,
318 { 0x482133a9, 0xb6fb1f4a, 0x25d50aeb, 0x94aef68c, 0x0388e22d, 318 { 0x482133a9, 0xb6fb1f4a, 0x25d50aeb, 0x94aef68c, 0x0388e22d,
@@ -369,7 +369,8 @@ static const u8 Tr[4][8] = {
369}; 369};
370 370
371/* forward octave */ 371/* forward octave */
372static void W(u32 *key, unsigned int i) { 372static void W(u32 *key, unsigned int i)
373{
373 u32 I; 374 u32 I;
374 key[6] ^= F1(key[7], Tr[i % 4][0], Tm[i][0]); 375 key[6] ^= F1(key[7], Tr[i % 4][0], Tm[i][0]);
375 key[5] ^= F2(key[6], Tr[i % 4][1], Tm[i][1]); 376 key[5] ^= F2(key[6], Tr[i % 4][1], Tm[i][1]);
@@ -377,7 +378,7 @@ static void W(u32 *key, unsigned int i) {
377 key[3] ^= F1(key[4], Tr[i % 4][3], Tm[i][3]); 378 key[3] ^= F1(key[4], Tr[i % 4][3], Tm[i][3]);
378 key[2] ^= F2(key[3], Tr[i % 4][4], Tm[i][4]); 379 key[2] ^= F2(key[3], Tr[i % 4][4], Tm[i][4]);
379 key[1] ^= F3(key[2], Tr[i % 4][5], Tm[i][5]); 380 key[1] ^= F3(key[2], Tr[i % 4][5], Tm[i][5]);
380 key[0] ^= F1(key[1], Tr[i % 4][6], Tm[i][6]); 381 key[0] ^= F1(key[1], Tr[i % 4][6], Tm[i][6]);
381 key[7] ^= F2(key[0], Tr[i % 4][7], Tm[i][7]); 382 key[7] ^= F2(key[0], Tr[i % 4][7], Tm[i][7]);
382} 383}
383 384
@@ -393,11 +394,11 @@ static int cast6_setkey(struct crypto_tfm *tfm, const u8 *in_key,
393 if (key_len % 4 != 0) { 394 if (key_len % 4 != 0) {
394 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; 395 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
395 return -EINVAL; 396 return -EINVAL;
396 } 397 }
398
399 memset(p_key, 0, 32);
400 memcpy(p_key, in_key, key_len);
397 401
398 memset (p_key, 0, 32);
399 memcpy (p_key, in_key, key_len);
400
401 key[0] = be32_to_cpu(p_key[0]); /* A */ 402 key[0] = be32_to_cpu(p_key[0]); /* A */
402 key[1] = be32_to_cpu(p_key[1]); /* B */ 403 key[1] = be32_to_cpu(p_key[1]); /* B */
403 key[2] = be32_to_cpu(p_key[2]); /* C */ 404 key[2] = be32_to_cpu(p_key[2]); /* C */
@@ -406,18 +407,16 @@ static int cast6_setkey(struct crypto_tfm *tfm, const u8 *in_key,
406 key[5] = be32_to_cpu(p_key[5]); /* F */ 407 key[5] = be32_to_cpu(p_key[5]); /* F */
407 key[6] = be32_to_cpu(p_key[6]); /* G */ 408 key[6] = be32_to_cpu(p_key[6]); /* G */
408 key[7] = be32_to_cpu(p_key[7]); /* H */ 409 key[7] = be32_to_cpu(p_key[7]); /* H */
409
410
411 410
412 for (i = 0; i < 12; i++) { 411 for (i = 0; i < 12; i++) {
413 W (key, 2 * i); 412 W(key, 2 * i);
414 W (key, 2 * i + 1); 413 W(key, 2 * i + 1);
415 414
416 c->Kr[i][0] = key[0] & 0x1f; 415 c->Kr[i][0] = key[0] & 0x1f;
417 c->Kr[i][1] = key[2] & 0x1f; 416 c->Kr[i][1] = key[2] & 0x1f;
418 c->Kr[i][2] = key[4] & 0x1f; 417 c->Kr[i][2] = key[4] & 0x1f;
419 c->Kr[i][3] = key[6] & 0x1f; 418 c->Kr[i][3] = key[6] & 0x1f;
420 419
421 c->Km[i][0] = key[7]; 420 c->Km[i][0] = key[7];
422 c->Km[i][1] = key[5]; 421 c->Km[i][1] = key[5];
423 c->Km[i][2] = key[3]; 422 c->Km[i][2] = key[3];
@@ -428,21 +427,23 @@ static int cast6_setkey(struct crypto_tfm *tfm, const u8 *in_key,
428} 427}
429 428
430/*forward quad round*/ 429/*forward quad round*/
431static void Q (u32 * block, u8 * Kr, u32 * Km) { 430static void Q(u32 *block, u8 *Kr, u32 *Km)
431{
432 u32 I; 432 u32 I;
433 block[2] ^= F1(block[3], Kr[0], Km[0]); 433 block[2] ^= F1(block[3], Kr[0], Km[0]);
434 block[1] ^= F2(block[2], Kr[1], Km[1]); 434 block[1] ^= F2(block[2], Kr[1], Km[1]);
435 block[0] ^= F3(block[1], Kr[2], Km[2]); 435 block[0] ^= F3(block[1], Kr[2], Km[2]);
436 block[3] ^= F1(block[0], Kr[3], Km[3]); 436 block[3] ^= F1(block[0], Kr[3], Km[3]);
437} 437}
438 438
439/*reverse quad round*/ 439/*reverse quad round*/
440static void QBAR (u32 * block, u8 * Kr, u32 * Km) { 440static void QBAR(u32 *block, u8 *Kr, u32 *Km)
441{
441 u32 I; 442 u32 I;
442 block[3] ^= F1(block[0], Kr[3], Km[3]); 443 block[3] ^= F1(block[0], Kr[3], Km[3]);
443 block[0] ^= F3(block[1], Kr[2], Km[2]); 444 block[0] ^= F3(block[1], Kr[2], Km[2]);
444 block[1] ^= F2(block[2], Kr[1], Km[1]); 445 block[1] ^= F2(block[2], Kr[1], Km[1]);
445 block[2] ^= F1(block[3], Kr[0], Km[0]); 446 block[2] ^= F1(block[3], Kr[0], Km[0]);
446} 447}
447 448
448static void cast6_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf) 449static void cast6_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
@@ -451,64 +452,65 @@ static void cast6_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
451 const __be32 *src = (const __be32 *)inbuf; 452 const __be32 *src = (const __be32 *)inbuf;
452 __be32 *dst = (__be32 *)outbuf; 453 __be32 *dst = (__be32 *)outbuf;
453 u32 block[4]; 454 u32 block[4];
454 u32 * Km; 455 u32 *Km;
455 u8 * Kr; 456 u8 *Kr;
456 457
457 block[0] = be32_to_cpu(src[0]); 458 block[0] = be32_to_cpu(src[0]);
458 block[1] = be32_to_cpu(src[1]); 459 block[1] = be32_to_cpu(src[1]);
459 block[2] = be32_to_cpu(src[2]); 460 block[2] = be32_to_cpu(src[2]);
460 block[3] = be32_to_cpu(src[3]); 461 block[3] = be32_to_cpu(src[3]);
461 462
462 Km = c->Km[0]; Kr = c->Kr[0]; Q (block, Kr, Km); 463 Km = c->Km[0]; Kr = c->Kr[0]; Q(block, Kr, Km);
463 Km = c->Km[1]; Kr = c->Kr[1]; Q (block, Kr, Km); 464 Km = c->Km[1]; Kr = c->Kr[1]; Q(block, Kr, Km);
464 Km = c->Km[2]; Kr = c->Kr[2]; Q (block, Kr, Km); 465 Km = c->Km[2]; Kr = c->Kr[2]; Q(block, Kr, Km);
465 Km = c->Km[3]; Kr = c->Kr[3]; Q (block, Kr, Km); 466 Km = c->Km[3]; Kr = c->Kr[3]; Q(block, Kr, Km);
466 Km = c->Km[4]; Kr = c->Kr[4]; Q (block, Kr, Km); 467 Km = c->Km[4]; Kr = c->Kr[4]; Q(block, Kr, Km);
467 Km = c->Km[5]; Kr = c->Kr[5]; Q (block, Kr, Km); 468 Km = c->Km[5]; Kr = c->Kr[5]; Q(block, Kr, Km);
468 Km = c->Km[6]; Kr = c->Kr[6]; QBAR (block, Kr, Km); 469 Km = c->Km[6]; Kr = c->Kr[6]; QBAR(block, Kr, Km);
469 Km = c->Km[7]; Kr = c->Kr[7]; QBAR (block, Kr, Km); 470 Km = c->Km[7]; Kr = c->Kr[7]; QBAR(block, Kr, Km);
470 Km = c->Km[8]; Kr = c->Kr[8]; QBAR (block, Kr, Km); 471 Km = c->Km[8]; Kr = c->Kr[8]; QBAR(block, Kr, Km);
471 Km = c->Km[9]; Kr = c->Kr[9]; QBAR (block, Kr, Km); 472 Km = c->Km[9]; Kr = c->Kr[9]; QBAR(block, Kr, Km);
472 Km = c->Km[10]; Kr = c->Kr[10]; QBAR (block, Kr, Km); 473 Km = c->Km[10]; Kr = c->Kr[10]; QBAR(block, Kr, Km);
473 Km = c->Km[11]; Kr = c->Kr[11]; QBAR (block, Kr, Km); 474 Km = c->Km[11]; Kr = c->Kr[11]; QBAR(block, Kr, Km);
474 475
475 dst[0] = cpu_to_be32(block[0]); 476 dst[0] = cpu_to_be32(block[0]);
476 dst[1] = cpu_to_be32(block[1]); 477 dst[1] = cpu_to_be32(block[1]);
477 dst[2] = cpu_to_be32(block[2]); 478 dst[2] = cpu_to_be32(block[2]);
478 dst[3] = cpu_to_be32(block[3]); 479 dst[3] = cpu_to_be32(block[3]);
479} 480}
480 481
481static void cast6_decrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf) { 482static void cast6_decrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
482 struct cast6_ctx * c = crypto_tfm_ctx(tfm); 483{
484 struct cast6_ctx *c = crypto_tfm_ctx(tfm);
483 const __be32 *src = (const __be32 *)inbuf; 485 const __be32 *src = (const __be32 *)inbuf;
484 __be32 *dst = (__be32 *)outbuf; 486 __be32 *dst = (__be32 *)outbuf;
485 u32 block[4]; 487 u32 block[4];
486 u32 * Km; 488 u32 *Km;
487 u8 * Kr; 489 u8 *Kr;
488 490
489 block[0] = be32_to_cpu(src[0]); 491 block[0] = be32_to_cpu(src[0]);
490 block[1] = be32_to_cpu(src[1]); 492 block[1] = be32_to_cpu(src[1]);
491 block[2] = be32_to_cpu(src[2]); 493 block[2] = be32_to_cpu(src[2]);
492 block[3] = be32_to_cpu(src[3]); 494 block[3] = be32_to_cpu(src[3]);
493 495
494 Km = c->Km[11]; Kr = c->Kr[11]; Q (block, Kr, Km); 496 Km = c->Km[11]; Kr = c->Kr[11]; Q(block, Kr, Km);
495 Km = c->Km[10]; Kr = c->Kr[10]; Q (block, Kr, Km); 497 Km = c->Km[10]; Kr = c->Kr[10]; Q(block, Kr, Km);
496 Km = c->Km[9]; Kr = c->Kr[9]; Q (block, Kr, Km); 498 Km = c->Km[9]; Kr = c->Kr[9]; Q(block, Kr, Km);
497 Km = c->Km[8]; Kr = c->Kr[8]; Q (block, Kr, Km); 499 Km = c->Km[8]; Kr = c->Kr[8]; Q(block, Kr, Km);
498 Km = c->Km[7]; Kr = c->Kr[7]; Q (block, Kr, Km); 500 Km = c->Km[7]; Kr = c->Kr[7]; Q(block, Kr, Km);
499 Km = c->Km[6]; Kr = c->Kr[6]; Q (block, Kr, Km); 501 Km = c->Km[6]; Kr = c->Kr[6]; Q(block, Kr, Km);
500 Km = c->Km[5]; Kr = c->Kr[5]; QBAR (block, Kr, Km); 502 Km = c->Km[5]; Kr = c->Kr[5]; QBAR(block, Kr, Km);
501 Km = c->Km[4]; Kr = c->Kr[4]; QBAR (block, Kr, Km); 503 Km = c->Km[4]; Kr = c->Kr[4]; QBAR(block, Kr, Km);
502 Km = c->Km[3]; Kr = c->Kr[3]; QBAR (block, Kr, Km); 504 Km = c->Km[3]; Kr = c->Kr[3]; QBAR(block, Kr, Km);
503 Km = c->Km[2]; Kr = c->Kr[2]; QBAR (block, Kr, Km); 505 Km = c->Km[2]; Kr = c->Kr[2]; QBAR(block, Kr, Km);
504 Km = c->Km[1]; Kr = c->Kr[1]; QBAR (block, Kr, Km); 506 Km = c->Km[1]; Kr = c->Kr[1]; QBAR(block, Kr, Km);
505 Km = c->Km[0]; Kr = c->Kr[0]; QBAR (block, Kr, Km); 507 Km = c->Km[0]; Kr = c->Kr[0]; QBAR(block, Kr, Km);
506 508
507 dst[0] = cpu_to_be32(block[0]); 509 dst[0] = cpu_to_be32(block[0]);
508 dst[1] = cpu_to_be32(block[1]); 510 dst[1] = cpu_to_be32(block[1]);
509 dst[2] = cpu_to_be32(block[2]); 511 dst[2] = cpu_to_be32(block[2]);
510 dst[3] = cpu_to_be32(block[3]); 512 dst[3] = cpu_to_be32(block[3]);
511} 513}
512 514
513static struct crypto_alg alg = { 515static struct crypto_alg alg = {
514 .cra_name = "cast6", 516 .cra_name = "cast6",
diff --git a/crypto/cipher.c b/crypto/cipher.c
index 9a1a7316eeac..39541e0e537d 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -8,7 +8,7 @@
8 * 8 *
9 * This program is free software; you can redistribute it and/or modify it 9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the Free 10 * under the terms of the GNU General Public License as published by the Free
11 * Software Foundation; either version 2 of the License, or (at your option) 11 * Software Foundation; either version 2 of the License, or (at your option)
12 * any later version. 12 * any later version.
13 * 13 *
14 */ 14 */
diff --git a/crypto/compress.c b/crypto/compress.c
index 1ee357085d3a..c33f0763a956 100644
--- a/crypto/compress.c
+++ b/crypto/compress.c
@@ -7,7 +7,7 @@
7 * 7 *
8 * This program is free software; you can redistribute it and/or modify it 8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the Free 9 * under the terms of the GNU General Public License as published by the Free
10 * Software Foundation; either version 2 of the License, or (at your option) 10 * Software Foundation; either version 2 of the License, or (at your option)
11 * any later version. 11 * any later version.
12 * 12 *
13 */ 13 */
@@ -39,7 +39,7 @@ int crypto_init_compress_ops(struct crypto_tfm *tfm)
39 39
40 ops->cot_compress = crypto_compress; 40 ops->cot_compress = crypto_compress;
41 ops->cot_decompress = crypto_decompress; 41 ops->cot_decompress = crypto_decompress;
42 42
43 return 0; 43 return 0;
44} 44}
45 45
diff --git a/crypto/crc32c.c b/crypto/crc32c.c
index 973bc2cfab2e..de9e55c29794 100644
--- a/crypto/crc32c.c
+++ b/crypto/crc32c.c
@@ -1,4 +1,4 @@
1/* 1/*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * CRC32C chksum 4 * CRC32C chksum
@@ -30,7 +30,7 @@
30 * 30 *
31 * This program is free software; you can redistribute it and/or modify it 31 * This program is free software; you can redistribute it and/or modify it
32 * under the terms of the GNU General Public License as published by the Free 32 * under the terms of the GNU General Public License as published by the Free
33 * Software Foundation; either version 2 of the License, or (at your option) 33 * Software Foundation; either version 2 of the License, or (at your option)
34 * any later version. 34 * any later version.
35 * 35 *
36 */ 36 */
@@ -142,7 +142,7 @@ static u32 crc32c(u32 crc, const u8 *data, unsigned int length)
142} 142}
143 143
144/* 144/*
145 * Steps through buffer one byte at at time, calculates reflected 145 * Steps through buffer one byte at at time, calculates reflected
146 * crc using table. 146 * crc using table.
147 */ 147 */
148 148
diff --git a/crypto/crypto_null.c b/crypto/crypto_null.c
index cb71c9122bc0..07a8a96d46fc 100644
--- a/crypto/crypto_null.c
+++ b/crypto/crypto_null.c
@@ -1,11 +1,11 @@
1/* 1/*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * Null algorithms, aka Much Ado About Nothing. 4 * Null algorithms, aka Much Ado About Nothing.
5 * 5 *
6 * These are needed for IPsec, and may be useful in general for 6 * These are needed for IPsec, and may be useful in general for
7 * testing & debugging. 7 * testing & debugging.
8 * 8 *
9 * The null cipher is compliant with RFC2410. 9 * The null cipher is compliant with RFC2410.
10 * 10 *
11 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> 11 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
@@ -163,7 +163,7 @@ MODULE_ALIAS("cipher_null");
163static int __init crypto_null_mod_init(void) 163static int __init crypto_null_mod_init(void)
164{ 164{
165 int ret = 0; 165 int ret = 0;
166 166
167 ret = crypto_register_alg(&cipher_null); 167 ret = crypto_register_alg(&cipher_null);
168 if (ret < 0) 168 if (ret < 0)
169 goto out; 169 goto out;
@@ -180,7 +180,7 @@ static int __init crypto_null_mod_init(void)
180 if (ret < 0) 180 if (ret < 0)
181 goto out_unregister_digest; 181 goto out_unregister_digest;
182 182
183out: 183out:
184 return ret; 184 return ret;
185 185
186out_unregister_digest: 186out_unregister_digest:
diff --git a/crypto/deflate.c b/crypto/deflate.c
index 9128da44e953..463dc859aa05 100644
--- a/crypto/deflate.c
+++ b/crypto/deflate.c
@@ -1,14 +1,14 @@
1/* 1/*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * Deflate algorithm (RFC 1951), implemented here primarily for use 4 * Deflate algorithm (RFC 1951), implemented here primarily for use
5 * by IPCOMP (RFC 3173 & RFC 2394). 5 * by IPCOMP (RFC 3173 & RFC 2394).
6 * 6 *
7 * Copyright (c) 2003 James Morris <jmorris@intercode.com.au> 7 * Copyright (c) 2003 James Morris <jmorris@intercode.com.au>
8 * 8 *
9 * This program is free software; you can redistribute it and/or modify it 9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the Free 10 * under the terms of the GNU General Public License as published by the Free
11 * Software Foundation; either version 2 of the License, or (at your option) 11 * Software Foundation; either version 2 of the License, or (at your option)
12 * any later version. 12 * any later version.
13 * 13 *
14 * FIXME: deflate transforms will require up to a total of about 436k of kernel 14 * FIXME: deflate transforms will require up to a total of about 436k of kernel
@@ -49,7 +49,7 @@ static int deflate_comp_init(struct deflate_ctx *ctx)
49 struct z_stream_s *stream = &ctx->comp_stream; 49 struct z_stream_s *stream = &ctx->comp_stream;
50 50
51 stream->workspace = vmalloc(zlib_deflate_workspacesize()); 51 stream->workspace = vmalloc(zlib_deflate_workspacesize());
52 if (!stream->workspace ) { 52 if (!stream->workspace) {
53 ret = -ENOMEM; 53 ret = -ENOMEM;
54 goto out; 54 goto out;
55 } 55 }
@@ -61,7 +61,7 @@ static int deflate_comp_init(struct deflate_ctx *ctx)
61 ret = -EINVAL; 61 ret = -EINVAL;
62 goto out_free; 62 goto out_free;
63 } 63 }
64out: 64out:
65 return ret; 65 return ret;
66out_free: 66out_free:
67 vfree(stream->workspace); 67 vfree(stream->workspace);
@@ -74,7 +74,7 @@ static int deflate_decomp_init(struct deflate_ctx *ctx)
74 struct z_stream_s *stream = &ctx->decomp_stream; 74 struct z_stream_s *stream = &ctx->decomp_stream;
75 75
76 stream->workspace = kzalloc(zlib_inflate_workspacesize(), GFP_KERNEL); 76 stream->workspace = kzalloc(zlib_inflate_workspacesize(), GFP_KERNEL);
77 if (!stream->workspace ) { 77 if (!stream->workspace) {
78 ret = -ENOMEM; 78 ret = -ENOMEM;
79 goto out; 79 goto out;
80 } 80 }
@@ -106,7 +106,7 @@ static int deflate_init(struct crypto_tfm *tfm)
106{ 106{
107 struct deflate_ctx *ctx = crypto_tfm_ctx(tfm); 107 struct deflate_ctx *ctx = crypto_tfm_ctx(tfm);
108 int ret; 108 int ret;
109 109
110 ret = deflate_comp_init(ctx); 110 ret = deflate_comp_init(ctx);
111 if (ret) 111 if (ret)
112 goto out; 112 goto out;
@@ -153,11 +153,11 @@ static int deflate_compress(struct crypto_tfm *tfm, const u8 *src,
153out: 153out:
154 return ret; 154 return ret;
155} 155}
156 156
157static int deflate_decompress(struct crypto_tfm *tfm, const u8 *src, 157static int deflate_decompress(struct crypto_tfm *tfm, const u8 *src,
158 unsigned int slen, u8 *dst, unsigned int *dlen) 158 unsigned int slen, u8 *dst, unsigned int *dlen)
159{ 159{
160 160
161 int ret = 0; 161 int ret = 0;
162 struct deflate_ctx *dctx = crypto_tfm_ctx(tfm); 162 struct deflate_ctx *dctx = crypto_tfm_ctx(tfm);
163 struct z_stream_s *stream = &dctx->decomp_stream; 163 struct z_stream_s *stream = &dctx->decomp_stream;
@@ -182,7 +182,7 @@ static int deflate_decompress(struct crypto_tfm *tfm, const u8 *src,
182 if (ret == Z_OK && !stream->avail_in && stream->avail_out) { 182 if (ret == Z_OK && !stream->avail_in && stream->avail_out) {
183 u8 zerostuff = 0; 183 u8 zerostuff = 0;
184 stream->next_in = &zerostuff; 184 stream->next_in = &zerostuff;
185 stream->avail_in = 1; 185 stream->avail_in = 1;
186 ret = zlib_inflate(stream, Z_FINISH); 186 ret = zlib_inflate(stream, Z_FINISH);
187 } 187 }
188 if (ret != Z_STREAM_END) { 188 if (ret != Z_STREAM_END) {
diff --git a/crypto/des_generic.c b/crypto/des_generic.c
index 5bd3ee345a64..249f903cc453 100644
--- a/crypto/des_generic.c
+++ b/crypto/des_generic.c
@@ -869,8 +869,7 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key,
869 869
870 if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || 870 if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
871 !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && 871 !((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
872 (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) 872 (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
873 {
874 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 873 *flags |= CRYPTO_TFM_RES_WEAK_KEY;
875 return -EINVAL; 874 return -EINVAL;
876 } 875 }
diff --git a/crypto/ecb.c b/crypto/ecb.c
index a46838e98a71..935cfef4aa84 100644
--- a/crypto/ecb.c
+++ b/crypto/ecb.c
@@ -55,7 +55,7 @@ static int crypto_ecb_crypt(struct blkcipher_desc *desc,
55 55
56 do { 56 do {
57 fn(crypto_cipher_tfm(tfm), wdst, wsrc); 57 fn(crypto_cipher_tfm(tfm), wdst, wsrc);
58 58
59 wsrc += bsize; 59 wsrc += bsize;
60 wdst += bsize; 60 wdst += bsize;
61 } while ((nbytes -= bsize) >= bsize); 61 } while ((nbytes -= bsize) >= bsize);
diff --git a/crypto/fcrypt.c b/crypto/fcrypt.c
index b82d61f4e26c..c33107e340b6 100644
--- a/crypto/fcrypt.c
+++ b/crypto/fcrypt.c
@@ -60,13 +60,13 @@ do { \
60 u32 t = lo & ((1 << n) - 1); \ 60 u32 t = lo & ((1 << n) - 1); \
61 lo = (lo >> n) | ((hi & ((1 << n) - 1)) << (32 - n)); \ 61 lo = (lo >> n) | ((hi & ((1 << n) - 1)) << (32 - n)); \
62 hi = (hi >> n) | (t << (24-n)); \ 62 hi = (hi >> n) | (t << (24-n)); \
63} while(0) 63} while (0)
64 64
65/* Rotate right one 64 bit number as a 56 bit number */ 65/* Rotate right one 64 bit number as a 56 bit number */
66#define ror56_64(k, n) \ 66#define ror56_64(k, n) \
67do { \ 67do { \
68 k = (k >> n) | ((k & ((1 << n) - 1)) << (56 - n)); \ 68 k = (k >> n) | ((k & ((1 << n) - 1)) << (56 - n)); \
69} while(0) 69} while (0)
70 70
71/* 71/*
72 * Sboxes for Feistel network derived from 72 * Sboxes for Feistel network derived from
@@ -228,7 +228,7 @@ do { \
228 union lc4 { __be32 l; u8 c[4]; } u; \ 228 union lc4 { __be32 l; u8 c[4]; } u; \
229 u.l = sched ^ R; \ 229 u.l = sched ^ R; \
230 L ^= sbox0[u.c[0]] ^ sbox1[u.c[1]] ^ sbox2[u.c[2]] ^ sbox3[u.c[3]]; \ 230 L ^= sbox0[u.c[0]] ^ sbox1[u.c[1]] ^ sbox2[u.c[2]] ^ sbox3[u.c[3]]; \
231} while(0) 231} while (0)
232 232
233/* 233/*
234 * encryptor 234 * encryptor
diff --git a/crypto/gcm.c b/crypto/gcm.c
index c6547130624c..2f5fbba6576c 100644
--- a/crypto/gcm.c
+++ b/crypto/gcm.c
@@ -37,6 +37,19 @@ struct crypto_rfc4106_ctx {
37 u8 nonce[4]; 37 u8 nonce[4];
38}; 38};
39 39
40struct crypto_rfc4543_ctx {
41 struct crypto_aead *child;
42 u8 nonce[4];
43};
44
45struct crypto_rfc4543_req_ctx {
46 u8 auth_tag[16];
47 struct scatterlist cipher[1];
48 struct scatterlist payload[2];
49 struct scatterlist assoc[2];
50 struct aead_request subreq;
51};
52
40struct crypto_gcm_ghash_ctx { 53struct crypto_gcm_ghash_ctx {
41 unsigned int cryptlen; 54 unsigned int cryptlen;
42 struct scatterlist *src; 55 struct scatterlist *src;
@@ -1047,6 +1060,272 @@ static struct crypto_template crypto_rfc4106_tmpl = {
1047 .module = THIS_MODULE, 1060 .module = THIS_MODULE,
1048}; 1061};
1049 1062
1063static inline struct crypto_rfc4543_req_ctx *crypto_rfc4543_reqctx(
1064 struct aead_request *req)
1065{
1066 unsigned long align = crypto_aead_alignmask(crypto_aead_reqtfm(req));
1067
1068 return (void *)PTR_ALIGN((u8 *)aead_request_ctx(req), align + 1);
1069}
1070
1071static int crypto_rfc4543_setkey(struct crypto_aead *parent, const u8 *key,
1072 unsigned int keylen)
1073{
1074 struct crypto_rfc4543_ctx *ctx = crypto_aead_ctx(parent);
1075 struct crypto_aead *child = ctx->child;
1076 int err;
1077
1078 if (keylen < 4)
1079 return -EINVAL;
1080
1081 keylen -= 4;
1082 memcpy(ctx->nonce, key + keylen, 4);
1083
1084 crypto_aead_clear_flags(child, CRYPTO_TFM_REQ_MASK);
1085 crypto_aead_set_flags(child, crypto_aead_get_flags(parent) &
1086 CRYPTO_TFM_REQ_MASK);
1087 err = crypto_aead_setkey(child, key, keylen);
1088 crypto_aead_set_flags(parent, crypto_aead_get_flags(child) &
1089 CRYPTO_TFM_RES_MASK);
1090
1091 return err;
1092}
1093
1094static int crypto_rfc4543_setauthsize(struct crypto_aead *parent,
1095 unsigned int authsize)
1096{
1097 struct crypto_rfc4543_ctx *ctx = crypto_aead_ctx(parent);
1098
1099 if (authsize != 16)
1100 return -EINVAL;
1101
1102 return crypto_aead_setauthsize(ctx->child, authsize);
1103}
1104
1105/* this is the same as crypto_authenc_chain */
1106static void crypto_rfc4543_chain(struct scatterlist *head,
1107 struct scatterlist *sg, int chain)
1108{
1109 if (chain) {
1110 head->length += sg->length;
1111 sg = scatterwalk_sg_next(sg);
1112 }
1113
1114 if (sg)
1115 scatterwalk_sg_chain(head, 2, sg);
1116 else
1117 sg_mark_end(head);
1118}
1119
1120static struct aead_request *crypto_rfc4543_crypt(struct aead_request *req,
1121 int enc)
1122{
1123 struct crypto_aead *aead = crypto_aead_reqtfm(req);
1124 struct crypto_rfc4543_ctx *ctx = crypto_aead_ctx(aead);
1125 struct crypto_rfc4543_req_ctx *rctx = crypto_rfc4543_reqctx(req);
1126 struct aead_request *subreq = &rctx->subreq;
1127 struct scatterlist *dst = req->dst;
1128 struct scatterlist *cipher = rctx->cipher;
1129 struct scatterlist *payload = rctx->payload;
1130 struct scatterlist *assoc = rctx->assoc;
1131 unsigned int authsize = crypto_aead_authsize(aead);
1132 unsigned int assoclen = req->assoclen;
1133 struct page *dstp;
1134 u8 *vdst;
1135 u8 *iv = PTR_ALIGN((u8 *)(rctx + 1) + crypto_aead_reqsize(ctx->child),
1136 crypto_aead_alignmask(ctx->child) + 1);
1137
1138 memcpy(iv, ctx->nonce, 4);
1139 memcpy(iv + 4, req->iv, 8);
1140
1141 /* construct cipher/plaintext */
1142 if (enc)
1143 memset(rctx->auth_tag, 0, authsize);
1144 else
1145 scatterwalk_map_and_copy(rctx->auth_tag, dst,
1146 req->cryptlen - authsize,
1147 authsize, 0);
1148
1149 sg_init_one(cipher, rctx->auth_tag, authsize);
1150
1151 /* construct the aad */
1152 dstp = sg_page(dst);
1153 vdst = PageHighMem(dstp) ? NULL : page_address(dstp) + dst->offset;
1154
1155 sg_init_table(payload, 2);
1156 sg_set_buf(payload, req->iv, 8);
1157 crypto_rfc4543_chain(payload, dst, vdst == req->iv + 8);
1158 assoclen += 8 + req->cryptlen - (enc ? 0 : authsize);
1159
1160 sg_init_table(assoc, 2);
1161 sg_set_page(assoc, sg_page(req->assoc), req->assoc->length,
1162 req->assoc->offset);
1163 crypto_rfc4543_chain(assoc, payload, 0);
1164
1165 aead_request_set_tfm(subreq, ctx->child);
1166 aead_request_set_callback(subreq, req->base.flags, req->base.complete,
1167 req->base.data);
1168 aead_request_set_crypt(subreq, cipher, cipher, enc ? 0 : authsize, iv);
1169 aead_request_set_assoc(subreq, assoc, assoclen);
1170
1171 return subreq;
1172}
1173
1174static int crypto_rfc4543_encrypt(struct aead_request *req)
1175{
1176 struct crypto_aead *aead = crypto_aead_reqtfm(req);
1177 struct crypto_rfc4543_req_ctx *rctx = crypto_rfc4543_reqctx(req);
1178 struct aead_request *subreq;
1179 int err;
1180
1181 subreq = crypto_rfc4543_crypt(req, 1);
1182 err = crypto_aead_encrypt(subreq);
1183 if (err)
1184 return err;
1185
1186 scatterwalk_map_and_copy(rctx->auth_tag, req->dst, req->cryptlen,
1187 crypto_aead_authsize(aead), 1);
1188
1189 return 0;
1190}
1191
1192static int crypto_rfc4543_decrypt(struct aead_request *req)
1193{
1194 req = crypto_rfc4543_crypt(req, 0);
1195
1196 return crypto_aead_decrypt(req);
1197}
1198
1199static int crypto_rfc4543_init_tfm(struct crypto_tfm *tfm)
1200{
1201 struct crypto_instance *inst = (void *)tfm->__crt_alg;
1202 struct crypto_aead_spawn *spawn = crypto_instance_ctx(inst);
1203 struct crypto_rfc4543_ctx *ctx = crypto_tfm_ctx(tfm);
1204 struct crypto_aead *aead;
1205 unsigned long align;
1206
1207 aead = crypto_spawn_aead(spawn);
1208 if (IS_ERR(aead))
1209 return PTR_ERR(aead);
1210
1211 ctx->child = aead;
1212
1213 align = crypto_aead_alignmask(aead);
1214 align &= ~(crypto_tfm_ctx_alignment() - 1);
1215 tfm->crt_aead.reqsize = sizeof(struct crypto_rfc4543_req_ctx) +
1216 ALIGN(crypto_aead_reqsize(aead),
1217 crypto_tfm_ctx_alignment()) +
1218 align + 16;
1219
1220 return 0;
1221}
1222
1223static void crypto_rfc4543_exit_tfm(struct crypto_tfm *tfm)
1224{
1225 struct crypto_rfc4543_ctx *ctx = crypto_tfm_ctx(tfm);
1226
1227 crypto_free_aead(ctx->child);
1228}
1229
1230static struct crypto_instance *crypto_rfc4543_alloc(struct rtattr **tb)
1231{
1232 struct crypto_attr_type *algt;
1233 struct crypto_instance *inst;
1234 struct crypto_aead_spawn *spawn;
1235 struct crypto_alg *alg;
1236 const char *ccm_name;
1237 int err;
1238
1239 algt = crypto_get_attr_type(tb);
1240 err = PTR_ERR(algt);
1241 if (IS_ERR(algt))
1242 return ERR_PTR(err);
1243
1244 if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & algt->mask)
1245 return ERR_PTR(-EINVAL);
1246
1247 ccm_name = crypto_attr_alg_name(tb[1]);
1248 err = PTR_ERR(ccm_name);
1249 if (IS_ERR(ccm_name))
1250 return ERR_PTR(err);
1251
1252 inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL);
1253 if (!inst)
1254 return ERR_PTR(-ENOMEM);
1255
1256 spawn = crypto_instance_ctx(inst);
1257 crypto_set_aead_spawn(spawn, inst);
1258 err = crypto_grab_aead(spawn, ccm_name, 0,
1259 crypto_requires_sync(algt->type, algt->mask));
1260 if (err)
1261 goto out_free_inst;
1262
1263 alg = crypto_aead_spawn_alg(spawn);
1264
1265 err = -EINVAL;
1266
1267 /* We only support 16-byte blocks. */
1268 if (alg->cra_aead.ivsize != 16)
1269 goto out_drop_alg;
1270
1271 /* Not a stream cipher? */
1272 if (alg->cra_blocksize != 1)
1273 goto out_drop_alg;
1274
1275 err = -ENAMETOOLONG;
1276 if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME,
1277 "rfc4543(%s)", alg->cra_name) >= CRYPTO_MAX_ALG_NAME ||
1278 snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME,
1279 "rfc4543(%s)", alg->cra_driver_name) >=
1280 CRYPTO_MAX_ALG_NAME)
1281 goto out_drop_alg;
1282
1283 inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD;
1284 inst->alg.cra_flags |= alg->cra_flags & CRYPTO_ALG_ASYNC;
1285 inst->alg.cra_priority = alg->cra_priority;
1286 inst->alg.cra_blocksize = 1;
1287 inst->alg.cra_alignmask = alg->cra_alignmask;
1288 inst->alg.cra_type = &crypto_nivaead_type;
1289
1290 inst->alg.cra_aead.ivsize = 8;
1291 inst->alg.cra_aead.maxauthsize = 16;
1292
1293 inst->alg.cra_ctxsize = sizeof(struct crypto_rfc4543_ctx);
1294
1295 inst->alg.cra_init = crypto_rfc4543_init_tfm;
1296 inst->alg.cra_exit = crypto_rfc4543_exit_tfm;
1297
1298 inst->alg.cra_aead.setkey = crypto_rfc4543_setkey;
1299 inst->alg.cra_aead.setauthsize = crypto_rfc4543_setauthsize;
1300 inst->alg.cra_aead.encrypt = crypto_rfc4543_encrypt;
1301 inst->alg.cra_aead.decrypt = crypto_rfc4543_decrypt;
1302
1303 inst->alg.cra_aead.geniv = "seqiv";
1304
1305out:
1306 return inst;
1307
1308out_drop_alg:
1309 crypto_drop_aead(spawn);
1310out_free_inst:
1311 kfree(inst);
1312 inst = ERR_PTR(err);
1313 goto out;
1314}
1315
1316static void crypto_rfc4543_free(struct crypto_instance *inst)
1317{
1318 crypto_drop_spawn(crypto_instance_ctx(inst));
1319 kfree(inst);
1320}
1321
1322static struct crypto_template crypto_rfc4543_tmpl = {
1323 .name = "rfc4543",
1324 .alloc = crypto_rfc4543_alloc,
1325 .free = crypto_rfc4543_free,
1326 .module = THIS_MODULE,
1327};
1328
1050static int __init crypto_gcm_module_init(void) 1329static int __init crypto_gcm_module_init(void)
1051{ 1330{
1052 int err; 1331 int err;
@@ -1067,8 +1346,14 @@ static int __init crypto_gcm_module_init(void)
1067 if (err) 1346 if (err)
1068 goto out_undo_gcm; 1347 goto out_undo_gcm;
1069 1348
1349 err = crypto_register_template(&crypto_rfc4543_tmpl);
1350 if (err)
1351 goto out_undo_rfc4106;
1352
1070 return 0; 1353 return 0;
1071 1354
1355out_undo_rfc4106:
1356 crypto_unregister_template(&crypto_rfc4106_tmpl);
1072out_undo_gcm: 1357out_undo_gcm:
1073 crypto_unregister_template(&crypto_gcm_tmpl); 1358 crypto_unregister_template(&crypto_gcm_tmpl);
1074out_undo_base: 1359out_undo_base:
@@ -1081,6 +1366,7 @@ out:
1081static void __exit crypto_gcm_module_exit(void) 1366static void __exit crypto_gcm_module_exit(void)
1082{ 1367{
1083 kfree(gcm_zeroes); 1368 kfree(gcm_zeroes);
1369 crypto_unregister_template(&crypto_rfc4543_tmpl);
1084 crypto_unregister_template(&crypto_rfc4106_tmpl); 1370 crypto_unregister_template(&crypto_rfc4106_tmpl);
1085 crypto_unregister_template(&crypto_gcm_tmpl); 1371 crypto_unregister_template(&crypto_gcm_tmpl);
1086 crypto_unregister_template(&crypto_gcm_base_tmpl); 1372 crypto_unregister_template(&crypto_gcm_base_tmpl);
@@ -1094,3 +1380,4 @@ MODULE_DESCRIPTION("Galois/Counter Mode");
1094MODULE_AUTHOR("Mikko Herranen <mh1@iki.fi>"); 1380MODULE_AUTHOR("Mikko Herranen <mh1@iki.fi>");
1095MODULE_ALIAS("gcm_base"); 1381MODULE_ALIAS("gcm_base");
1096MODULE_ALIAS("rfc4106"); 1382MODULE_ALIAS("rfc4106");
1383MODULE_ALIAS("rfc4543");
diff --git a/crypto/md5.c b/crypto/md5.c
index 83eb52961750..9fda213a592e 100644
--- a/crypto/md5.c
+++ b/crypto/md5.c
@@ -16,17 +16,13 @@
16 * 16 *
17 */ 17 */
18#include <crypto/internal/hash.h> 18#include <crypto/internal/hash.h>
19#include <crypto/md5.h>
19#include <linux/init.h> 20#include <linux/init.h>
20#include <linux/module.h> 21#include <linux/module.h>
21#include <linux/string.h> 22#include <linux/string.h>
22#include <linux/types.h> 23#include <linux/types.h>
23#include <asm/byteorder.h> 24#include <asm/byteorder.h>
24 25
25#define MD5_DIGEST_SIZE 16
26#define MD5_HMAC_BLOCK_SIZE 64
27#define MD5_BLOCK_WORDS 16
28#define MD5_HASH_WORDS 4
29
30#define F1(x, y, z) (z ^ (x & (y ^ z))) 26#define F1(x, y, z) (z ^ (x & (y ^ z)))
31#define F2(x, y, z) F1(z, x, y) 27#define F2(x, y, z) F1(z, x, y)
32#define F3(x, y, z) (x ^ y ^ z) 28#define F3(x, y, z) (x ^ y ^ z)
@@ -35,12 +31,6 @@
35#define MD5STEP(f, w, x, y, z, in, s) \ 31#define MD5STEP(f, w, x, y, z, in, s) \
36 (w += f(x, y, z) + in, w = (w<<s | w>>(32-s)) + x) 32 (w += f(x, y, z) + in, w = (w<<s | w>>(32-s)) + x)
37 33
38struct md5_ctx {
39 u32 hash[MD5_HASH_WORDS];
40 u32 block[MD5_BLOCK_WORDS];
41 u64 byte_count;
42};
43
44static void md5_transform(u32 *hash, u32 const *in) 34static void md5_transform(u32 *hash, u32 const *in)
45{ 35{
46 u32 a, b, c, d; 36 u32 a, b, c, d;
@@ -141,7 +131,7 @@ static inline void cpu_to_le32_array(u32 *buf, unsigned int words)
141 } 131 }
142} 132}
143 133
144static inline void md5_transform_helper(struct md5_ctx *ctx) 134static inline void md5_transform_helper(struct md5_state *ctx)
145{ 135{
146 le32_to_cpu_array(ctx->block, sizeof(ctx->block) / sizeof(u32)); 136 le32_to_cpu_array(ctx->block, sizeof(ctx->block) / sizeof(u32));
147 md5_transform(ctx->hash, ctx->block); 137 md5_transform(ctx->hash, ctx->block);
@@ -149,7 +139,7 @@ static inline void md5_transform_helper(struct md5_ctx *ctx)
149 139
150static int md5_init(struct shash_desc *desc) 140static int md5_init(struct shash_desc *desc)
151{ 141{
152 struct md5_ctx *mctx = shash_desc_ctx(desc); 142 struct md5_state *mctx = shash_desc_ctx(desc);
153 143
154 mctx->hash[0] = 0x67452301; 144 mctx->hash[0] = 0x67452301;
155 mctx->hash[1] = 0xefcdab89; 145 mctx->hash[1] = 0xefcdab89;
@@ -162,7 +152,7 @@ static int md5_init(struct shash_desc *desc)
162 152
163static int md5_update(struct shash_desc *desc, const u8 *data, unsigned int len) 153static int md5_update(struct shash_desc *desc, const u8 *data, unsigned int len)
164{ 154{
165 struct md5_ctx *mctx = shash_desc_ctx(desc); 155 struct md5_state *mctx = shash_desc_ctx(desc);
166 const u32 avail = sizeof(mctx->block) - (mctx->byte_count & 0x3f); 156 const u32 avail = sizeof(mctx->block) - (mctx->byte_count & 0x3f);
167 157
168 mctx->byte_count += len; 158 mctx->byte_count += len;
@@ -194,7 +184,7 @@ static int md5_update(struct shash_desc *desc, const u8 *data, unsigned int len)
194 184
195static int md5_final(struct shash_desc *desc, u8 *out) 185static int md5_final(struct shash_desc *desc, u8 *out)
196{ 186{
197 struct md5_ctx *mctx = shash_desc_ctx(desc); 187 struct md5_state *mctx = shash_desc_ctx(desc);
198 const unsigned int offset = mctx->byte_count & 0x3f; 188 const unsigned int offset = mctx->byte_count & 0x3f;
199 char *p = (char *)mctx->block + offset; 189 char *p = (char *)mctx->block + offset;
200 int padding = 56 - (offset + 1); 190 int padding = 56 - (offset + 1);
@@ -220,12 +210,30 @@ static int md5_final(struct shash_desc *desc, u8 *out)
220 return 0; 210 return 0;
221} 211}
222 212
213static int md5_export(struct shash_desc *desc, void *out)
214{
215 struct md5_state *ctx = shash_desc_ctx(desc);
216
217 memcpy(out, ctx, sizeof(*ctx));
218 return 0;
219}
220
221static int md5_import(struct shash_desc *desc, const void *in)
222{
223 struct md5_state *ctx = shash_desc_ctx(desc);
224
225 memcpy(ctx, in, sizeof(*ctx));
226 return 0;
227}
228
223static struct shash_alg alg = { 229static struct shash_alg alg = {
224 .digestsize = MD5_DIGEST_SIZE, 230 .digestsize = MD5_DIGEST_SIZE,
225 .init = md5_init, 231 .init = md5_init,
226 .update = md5_update, 232 .update = md5_update,
227 .final = md5_final, 233 .final = md5_final,
228 .descsize = sizeof(struct md5_ctx), 234 .export = md5_export,
235 .import = md5_import,
236 .descsize = sizeof(struct md5_state),
229 .base = { 237 .base = {
230 .cra_name = "md5", 238 .cra_name = "md5",
231 .cra_flags = CRYPTO_ALG_TYPE_SHASH, 239 .cra_flags = CRYPTO_ALG_TYPE_SHASH,
diff --git a/crypto/pcrypt.c b/crypto/pcrypt.c
new file mode 100644
index 000000000000..80201241b698
--- /dev/null
+++ b/crypto/pcrypt.c
@@ -0,0 +1,445 @@
1/*
2 * pcrypt - Parallel crypto wrapper.
3 *
4 * Copyright (C) 2009 secunet Security Networks AG
5 * Copyright (C) 2009 Steffen Klassert <steffen.klassert@secunet.com>
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms and conditions of the GNU General Public License,
9 * version 2, as published by the Free Software Foundation.
10 *
11 * This program is distributed in the hope it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 * more details.
15 *
16 * You should have received a copy of the GNU General Public License along with
17 * this program; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
19 */
20
21#include <crypto/algapi.h>
22#include <crypto/internal/aead.h>
23#include <linux/err.h>
24#include <linux/init.h>
25#include <linux/module.h>
26#include <linux/slab.h>
27#include <crypto/pcrypt.h>
28
29static struct padata_instance *pcrypt_enc_padata;
30static struct padata_instance *pcrypt_dec_padata;
31static struct workqueue_struct *encwq;
32static struct workqueue_struct *decwq;
33
34struct pcrypt_instance_ctx {
35 struct crypto_spawn spawn;
36 unsigned int tfm_count;
37};
38
39struct pcrypt_aead_ctx {
40 struct crypto_aead *child;
41 unsigned int cb_cpu;
42};
43
44static int pcrypt_do_parallel(struct padata_priv *padata, unsigned int *cb_cpu,
45 struct padata_instance *pinst)
46{
47 unsigned int cpu_index, cpu, i;
48
49 cpu = *cb_cpu;
50
51 if (cpumask_test_cpu(cpu, cpu_active_mask))
52 goto out;
53
54 cpu_index = cpu % cpumask_weight(cpu_active_mask);
55
56 cpu = cpumask_first(cpu_active_mask);
57 for (i = 0; i < cpu_index; i++)
58 cpu = cpumask_next(cpu, cpu_active_mask);
59
60 *cb_cpu = cpu;
61
62out:
63 return padata_do_parallel(pinst, padata, cpu);
64}
65
66static int pcrypt_aead_setkey(struct crypto_aead *parent,
67 const u8 *key, unsigned int keylen)
68{
69 struct pcrypt_aead_ctx *ctx = crypto_aead_ctx(parent);
70
71 return crypto_aead_setkey(ctx->child, key, keylen);
72}
73
74static int pcrypt_aead_setauthsize(struct crypto_aead *parent,
75 unsigned int authsize)
76{
77 struct pcrypt_aead_ctx *ctx = crypto_aead_ctx(parent);
78
79 return crypto_aead_setauthsize(ctx->child, authsize);
80}
81
82static void pcrypt_aead_serial(struct padata_priv *padata)
83{
84 struct pcrypt_request *preq = pcrypt_padata_request(padata);
85 struct aead_request *req = pcrypt_request_ctx(preq);
86
87 aead_request_complete(req->base.data, padata->info);
88}
89
90static void pcrypt_aead_giv_serial(struct padata_priv *padata)
91{
92 struct pcrypt_request *preq = pcrypt_padata_request(padata);
93 struct aead_givcrypt_request *req = pcrypt_request_ctx(preq);
94
95 aead_request_complete(req->areq.base.data, padata->info);
96}
97
98static void pcrypt_aead_done(struct crypto_async_request *areq, int err)
99{
100 struct aead_request *req = areq->data;
101 struct pcrypt_request *preq = aead_request_ctx(req);
102 struct padata_priv *padata = pcrypt_request_padata(preq);
103
104 padata->info = err;
105 req->base.flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
106
107 padata_do_serial(padata);
108}
109
110static void pcrypt_aead_enc(struct padata_priv *padata)
111{
112 struct pcrypt_request *preq = pcrypt_padata_request(padata);
113 struct aead_request *req = pcrypt_request_ctx(preq);
114
115 padata->info = crypto_aead_encrypt(req);
116
117 if (padata->info == -EINPROGRESS)
118 return;
119
120 padata_do_serial(padata);
121}
122
123static int pcrypt_aead_encrypt(struct aead_request *req)
124{
125 int err;
126 struct pcrypt_request *preq = aead_request_ctx(req);
127 struct aead_request *creq = pcrypt_request_ctx(preq);
128 struct padata_priv *padata = pcrypt_request_padata(preq);
129 struct crypto_aead *aead = crypto_aead_reqtfm(req);
130 struct pcrypt_aead_ctx *ctx = crypto_aead_ctx(aead);
131 u32 flags = aead_request_flags(req);
132
133 memset(padata, 0, sizeof(struct padata_priv));
134
135 padata->parallel = pcrypt_aead_enc;
136 padata->serial = pcrypt_aead_serial;
137
138 aead_request_set_tfm(creq, ctx->child);
139 aead_request_set_callback(creq, flags & ~CRYPTO_TFM_REQ_MAY_SLEEP,
140 pcrypt_aead_done, req);
141 aead_request_set_crypt(creq, req->src, req->dst,
142 req->cryptlen, req->iv);
143 aead_request_set_assoc(creq, req->assoc, req->assoclen);
144
145 err = pcrypt_do_parallel(padata, &ctx->cb_cpu, pcrypt_enc_padata);
146 if (err)
147 return err;
148 else
149 err = crypto_aead_encrypt(creq);
150
151 return err;
152}
153
154static void pcrypt_aead_dec(struct padata_priv *padata)
155{
156 struct pcrypt_request *preq = pcrypt_padata_request(padata);
157 struct aead_request *req = pcrypt_request_ctx(preq);
158
159 padata->info = crypto_aead_decrypt(req);
160
161 if (padata->info == -EINPROGRESS)
162 return;
163
164 padata_do_serial(padata);
165}
166
167static int pcrypt_aead_decrypt(struct aead_request *req)
168{
169 int err;
170 struct pcrypt_request *preq = aead_request_ctx(req);
171 struct aead_request *creq = pcrypt_request_ctx(preq);
172 struct padata_priv *padata = pcrypt_request_padata(preq);
173 struct crypto_aead *aead = crypto_aead_reqtfm(req);
174 struct pcrypt_aead_ctx *ctx = crypto_aead_ctx(aead);
175 u32 flags = aead_request_flags(req);
176
177 memset(padata, 0, sizeof(struct padata_priv));
178
179 padata->parallel = pcrypt_aead_dec;
180 padata->serial = pcrypt_aead_serial;
181
182 aead_request_set_tfm(creq, ctx->child);
183 aead_request_set_callback(creq, flags & ~CRYPTO_TFM_REQ_MAY_SLEEP,
184 pcrypt_aead_done, req);
185 aead_request_set_crypt(creq, req->src, req->dst,
186 req->cryptlen, req->iv);
187 aead_request_set_assoc(creq, req->assoc, req->assoclen);
188
189 err = pcrypt_do_parallel(padata, &ctx->cb_cpu, pcrypt_dec_padata);
190 if (err)
191 return err;
192 else
193 err = crypto_aead_decrypt(creq);
194
195 return err;
196}
197
198static void pcrypt_aead_givenc(struct padata_priv *padata)
199{
200 struct pcrypt_request *preq = pcrypt_padata_request(padata);
201 struct aead_givcrypt_request *req = pcrypt_request_ctx(preq);
202
203 padata->info = crypto_aead_givencrypt(req);
204
205 if (padata->info == -EINPROGRESS)
206 return;
207
208 padata_do_serial(padata);
209}
210
211static int pcrypt_aead_givencrypt(struct aead_givcrypt_request *req)
212{
213 int err;
214 struct aead_request *areq = &req->areq;
215 struct pcrypt_request *preq = aead_request_ctx(areq);
216 struct aead_givcrypt_request *creq = pcrypt_request_ctx(preq);
217 struct padata_priv *padata = pcrypt_request_padata(preq);
218 struct crypto_aead *aead = aead_givcrypt_reqtfm(req);
219 struct pcrypt_aead_ctx *ctx = crypto_aead_ctx(aead);
220 u32 flags = aead_request_flags(areq);
221
222 memset(padata, 0, sizeof(struct padata_priv));
223
224 padata->parallel = pcrypt_aead_givenc;
225 padata->serial = pcrypt_aead_giv_serial;
226
227 aead_givcrypt_set_tfm(creq, ctx->child);
228 aead_givcrypt_set_callback(creq, flags & ~CRYPTO_TFM_REQ_MAY_SLEEP,
229 pcrypt_aead_done, areq);
230 aead_givcrypt_set_crypt(creq, areq->src, areq->dst,
231 areq->cryptlen, areq->iv);
232 aead_givcrypt_set_assoc(creq, areq->assoc, areq->assoclen);
233 aead_givcrypt_set_giv(creq, req->giv, req->seq);
234
235 err = pcrypt_do_parallel(padata, &ctx->cb_cpu, pcrypt_enc_padata);
236 if (err)
237 return err;
238 else
239 err = crypto_aead_givencrypt(creq);
240
241 return err;
242}
243
244static int pcrypt_aead_init_tfm(struct crypto_tfm *tfm)
245{
246 int cpu, cpu_index;
247 struct crypto_instance *inst = crypto_tfm_alg_instance(tfm);
248 struct pcrypt_instance_ctx *ictx = crypto_instance_ctx(inst);
249 struct pcrypt_aead_ctx *ctx = crypto_tfm_ctx(tfm);
250 struct crypto_aead *cipher;
251
252 ictx->tfm_count++;
253
254 cpu_index = ictx->tfm_count % cpumask_weight(cpu_active_mask);
255
256 ctx->cb_cpu = cpumask_first(cpu_active_mask);
257 for (cpu = 0; cpu < cpu_index; cpu++)
258 ctx->cb_cpu = cpumask_next(ctx->cb_cpu, cpu_active_mask);
259
260 cipher = crypto_spawn_aead(crypto_instance_ctx(inst));
261
262 if (IS_ERR(cipher))
263 return PTR_ERR(cipher);
264
265 ctx->child = cipher;
266 tfm->crt_aead.reqsize = sizeof(struct pcrypt_request)
267 + sizeof(struct aead_givcrypt_request)
268 + crypto_aead_reqsize(cipher);
269
270 return 0;
271}
272
273static void pcrypt_aead_exit_tfm(struct crypto_tfm *tfm)
274{
275 struct pcrypt_aead_ctx *ctx = crypto_tfm_ctx(tfm);
276
277 crypto_free_aead(ctx->child);
278}
279
280static struct crypto_instance *pcrypt_alloc_instance(struct crypto_alg *alg)
281{
282 struct crypto_instance *inst;
283 struct pcrypt_instance_ctx *ctx;
284 int err;
285
286 inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL);
287 if (!inst) {
288 inst = ERR_PTR(-ENOMEM);
289 goto out;
290 }
291
292 err = -ENAMETOOLONG;
293 if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME,
294 "pcrypt(%s)", alg->cra_driver_name) >= CRYPTO_MAX_ALG_NAME)
295 goto out_free_inst;
296
297 memcpy(inst->alg.cra_name, alg->cra_name, CRYPTO_MAX_ALG_NAME);
298
299 ctx = crypto_instance_ctx(inst);
300 err = crypto_init_spawn(&ctx->spawn, alg, inst,
301 CRYPTO_ALG_TYPE_MASK);
302 if (err)
303 goto out_free_inst;
304
305 inst->alg.cra_priority = alg->cra_priority + 100;
306 inst->alg.cra_blocksize = alg->cra_blocksize;
307 inst->alg.cra_alignmask = alg->cra_alignmask;
308
309out:
310 return inst;
311
312out_free_inst:
313 kfree(inst);
314 inst = ERR_PTR(err);
315 goto out;
316}
317
318static struct crypto_instance *pcrypt_alloc_aead(struct rtattr **tb)
319{
320 struct crypto_instance *inst;
321 struct crypto_alg *alg;
322 struct crypto_attr_type *algt;
323
324 algt = crypto_get_attr_type(tb);
325
326 alg = crypto_get_attr_alg(tb, algt->type,
327 (algt->mask & CRYPTO_ALG_TYPE_MASK));
328 if (IS_ERR(alg))
329 return ERR_CAST(alg);
330
331 inst = pcrypt_alloc_instance(alg);
332 if (IS_ERR(inst))
333 goto out_put_alg;
334
335 inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC;
336 inst->alg.cra_type = &crypto_aead_type;
337
338 inst->alg.cra_aead.ivsize = alg->cra_aead.ivsize;
339 inst->alg.cra_aead.geniv = alg->cra_aead.geniv;
340 inst->alg.cra_aead.maxauthsize = alg->cra_aead.maxauthsize;
341
342 inst->alg.cra_ctxsize = sizeof(struct pcrypt_aead_ctx);
343
344 inst->alg.cra_init = pcrypt_aead_init_tfm;
345 inst->alg.cra_exit = pcrypt_aead_exit_tfm;
346
347 inst->alg.cra_aead.setkey = pcrypt_aead_setkey;
348 inst->alg.cra_aead.setauthsize = pcrypt_aead_setauthsize;
349 inst->alg.cra_aead.encrypt = pcrypt_aead_encrypt;
350 inst->alg.cra_aead.decrypt = pcrypt_aead_decrypt;
351 inst->alg.cra_aead.givencrypt = pcrypt_aead_givencrypt;
352
353out_put_alg:
354 crypto_mod_put(alg);
355 return inst;
356}
357
358static struct crypto_instance *pcrypt_alloc(struct rtattr **tb)
359{
360 struct crypto_attr_type *algt;
361
362 algt = crypto_get_attr_type(tb);
363 if (IS_ERR(algt))
364 return ERR_CAST(algt);
365
366 switch (algt->type & algt->mask & CRYPTO_ALG_TYPE_MASK) {
367 case CRYPTO_ALG_TYPE_AEAD:
368 return pcrypt_alloc_aead(tb);
369 }
370
371 return ERR_PTR(-EINVAL);
372}
373
374static void pcrypt_free(struct crypto_instance *inst)
375{
376 struct pcrypt_instance_ctx *ctx = crypto_instance_ctx(inst);
377
378 crypto_drop_spawn(&ctx->spawn);
379 kfree(inst);
380}
381
382static struct crypto_template pcrypt_tmpl = {
383 .name = "pcrypt",
384 .alloc = pcrypt_alloc,
385 .free = pcrypt_free,
386 .module = THIS_MODULE,
387};
388
389static int __init pcrypt_init(void)
390{
391 encwq = create_workqueue("pencrypt");
392 if (!encwq)
393 goto err;
394
395 decwq = create_workqueue("pdecrypt");
396 if (!decwq)
397 goto err_destroy_encwq;
398
399
400 pcrypt_enc_padata = padata_alloc(cpu_possible_mask, encwq);
401 if (!pcrypt_enc_padata)
402 goto err_destroy_decwq;
403
404 pcrypt_dec_padata = padata_alloc(cpu_possible_mask, decwq);
405 if (!pcrypt_dec_padata)
406 goto err_free_padata;
407
408 padata_start(pcrypt_enc_padata);
409 padata_start(pcrypt_dec_padata);
410
411 return crypto_register_template(&pcrypt_tmpl);
412
413err_free_padata:
414 padata_free(pcrypt_enc_padata);
415
416err_destroy_decwq:
417 destroy_workqueue(decwq);
418
419err_destroy_encwq:
420 destroy_workqueue(encwq);
421
422err:
423 return -ENOMEM;
424}
425
426static void __exit pcrypt_exit(void)
427{
428 padata_stop(pcrypt_enc_padata);
429 padata_stop(pcrypt_dec_padata);
430
431 destroy_workqueue(encwq);
432 destroy_workqueue(decwq);
433
434 padata_free(pcrypt_enc_padata);
435 padata_free(pcrypt_dec_padata);
436
437 crypto_unregister_template(&pcrypt_tmpl);
438}
439
440module_init(pcrypt_init);
441module_exit(pcrypt_exit);
442
443MODULE_LICENSE("GPL");
444MODULE_AUTHOR("Steffen Klassert <steffen.klassert@secunet.com>");
445MODULE_DESCRIPTION("Parallel crypto wrapper");
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 7620bfce92f2..c494d7610be1 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1477,9 +1477,54 @@ static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver,
1477 return err; 1477 return err;
1478} 1478}
1479 1479
1480static int alg_test_null(const struct alg_test_desc *desc,
1481 const char *driver, u32 type, u32 mask)
1482{
1483 return 0;
1484}
1485
1480/* Please keep this list sorted by algorithm name. */ 1486/* Please keep this list sorted by algorithm name. */
1481static const struct alg_test_desc alg_test_descs[] = { 1487static const struct alg_test_desc alg_test_descs[] = {
1482 { 1488 {
1489 .alg = "__driver-cbc-aes-aesni",
1490 .test = alg_test_null,
1491 .suite = {
1492 .cipher = {
1493 .enc = {
1494 .vecs = NULL,
1495 .count = 0
1496 },
1497 .dec = {
1498 .vecs = NULL,
1499 .count = 0
1500 }
1501 }
1502 }
1503 }, {
1504 .alg = "__driver-ecb-aes-aesni",
1505 .test = alg_test_null,
1506 .suite = {
1507 .cipher = {
1508 .enc = {
1509 .vecs = NULL,
1510 .count = 0
1511 },
1512 .dec = {
1513 .vecs = NULL,
1514 .count = 0
1515 }
1516 }
1517 }
1518 }, {
1519 .alg = "__ghash-pclmulqdqni",
1520 .test = alg_test_null,
1521 .suite = {
1522 .hash = {
1523 .vecs = NULL,
1524 .count = 0
1525 }
1526 }
1527 }, {
1483 .alg = "ansi_cprng", 1528 .alg = "ansi_cprng",
1484 .test = alg_test_cprng, 1529 .test = alg_test_cprng,
1485 .fips_allowed = 1, 1530 .fips_allowed = 1,
@@ -1623,6 +1668,30 @@ static const struct alg_test_desc alg_test_descs[] = {
1623 } 1668 }
1624 } 1669 }
1625 }, { 1670 }, {
1671 .alg = "cryptd(__driver-ecb-aes-aesni)",
1672 .test = alg_test_null,
1673 .suite = {
1674 .cipher = {
1675 .enc = {
1676 .vecs = NULL,
1677 .count = 0
1678 },
1679 .dec = {
1680 .vecs = NULL,
1681 .count = 0
1682 }
1683 }
1684 }
1685 }, {
1686 .alg = "cryptd(__ghash-pclmulqdqni)",
1687 .test = alg_test_null,
1688 .suite = {
1689 .hash = {
1690 .vecs = NULL,
1691 .count = 0
1692 }
1693 }
1694 }, {
1626 .alg = "ctr(aes)", 1695 .alg = "ctr(aes)",
1627 .test = alg_test_skcipher, 1696 .test = alg_test_skcipher,
1628 .fips_allowed = 1, 1697 .fips_allowed = 1,
@@ -1669,6 +1738,21 @@ static const struct alg_test_desc alg_test_descs[] = {
1669 } 1738 }
1670 } 1739 }
1671 }, { 1740 }, {
1741 .alg = "ecb(__aes-aesni)",
1742 .test = alg_test_null,
1743 .suite = {
1744 .cipher = {
1745 .enc = {
1746 .vecs = NULL,
1747 .count = 0
1748 },
1749 .dec = {
1750 .vecs = NULL,
1751 .count = 0
1752 }
1753 }
1754 }
1755 }, {
1672 .alg = "ecb(aes)", 1756 .alg = "ecb(aes)",
1673 .test = alg_test_skcipher, 1757 .test = alg_test_skcipher,
1674 .fips_allowed = 1, 1758 .fips_allowed = 1,
diff --git a/drivers/char/hw_random/Kconfig b/drivers/char/hw_random/Kconfig
index 87060266ef91..6ea1014697d1 100644
--- a/drivers/char/hw_random/Kconfig
+++ b/drivers/char/hw_random/Kconfig
@@ -186,3 +186,15 @@ config HW_RANDOM_MXC_RNGA
186 module will be called mxc-rnga. 186 module will be called mxc-rnga.
187 187
188 If unsure, say Y. 188 If unsure, say Y.
189
190config HW_RANDOM_NOMADIK
191 tristate "ST-Ericsson Nomadik Random Number Generator support"
192 depends on HW_RANDOM && PLAT_NOMADIK
193 ---help---
194 This driver provides kernel-side support for the Random Number
195 Generator hardware found on ST-Ericsson SoCs (8815 and 8500).
196
197 To compile this driver as a module, choose M here: the
198 module will be called nomadik-rng.
199
200 If unsure, say Y.
diff --git a/drivers/char/hw_random/Makefile b/drivers/char/hw_random/Makefile
index 5eeb1303f0d0..4273308aa1e3 100644
--- a/drivers/char/hw_random/Makefile
+++ b/drivers/char/hw_random/Makefile
@@ -18,3 +18,4 @@ obj-$(CONFIG_HW_RANDOM_VIRTIO) += virtio-rng.o
18obj-$(CONFIG_HW_RANDOM_TX4939) += tx4939-rng.o 18obj-$(CONFIG_HW_RANDOM_TX4939) += tx4939-rng.o
19obj-$(CONFIG_HW_RANDOM_MXC_RNGA) += mxc-rnga.o 19obj-$(CONFIG_HW_RANDOM_MXC_RNGA) += mxc-rnga.o
20obj-$(CONFIG_HW_RANDOM_OCTEON) += octeon-rng.o 20obj-$(CONFIG_HW_RANDOM_OCTEON) += octeon-rng.o
21obj-$(CONFIG_HW_RANDOM_NOMADIK) += nomadik-rng.o
diff --git a/drivers/char/hw_random/nomadik-rng.c b/drivers/char/hw_random/nomadik-rng.c
new file mode 100644
index 000000000000..a8b4c4010144
--- /dev/null
+++ b/drivers/char/hw_random/nomadik-rng.c
@@ -0,0 +1,103 @@
1/*
2 * Nomadik RNG support
3 * Copyright 2009 Alessandro Rubini
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 */
10
11#include <linux/kernel.h>
12#include <linux/module.h>
13#include <linux/init.h>
14#include <linux/device.h>
15#include <linux/amba/bus.h>
16#include <linux/hw_random.h>
17#include <linux/io.h>
18
19static int nmk_rng_read(struct hwrng *rng, void *data, size_t max, bool wait)
20{
21 void __iomem *base = (void __iomem *)rng->priv;
22
23 /*
24 * The register is 32 bits and gives 16 random bits (low half).
25 * A subsequent read will delay the core for 400ns, so we just read
26 * once and accept the very unlikely very small delay, even if wait==0.
27 */
28 *(u16 *)data = __raw_readl(base + 8) & 0xffff;
29 return 2;
30}
31
32/* we have at most one RNG per machine, granted */
33static struct hwrng nmk_rng = {
34 .name = "nomadik",
35 .read = nmk_rng_read,
36};
37
38static int nmk_rng_probe(struct amba_device *dev, struct amba_id *id)
39{
40 void __iomem *base;
41 int ret;
42
43 ret = amba_request_regions(dev, dev->dev.init_name);
44 if (ret)
45 return ret;
46 ret = -ENOMEM;
47 base = ioremap(dev->res.start, resource_size(&dev->res));
48 if (!base)
49 goto out_release;
50 nmk_rng.priv = (unsigned long)base;
51 ret = hwrng_register(&nmk_rng);
52 if (ret)
53 goto out_unmap;
54 return 0;
55
56out_unmap:
57 iounmap(base);
58out_release:
59 amba_release_regions(dev);
60 return ret;
61}
62
63static int nmk_rng_remove(struct amba_device *dev)
64{
65 void __iomem *base = (void __iomem *)nmk_rng.priv;
66 hwrng_unregister(&nmk_rng);
67 iounmap(base);
68 amba_release_regions(dev);
69 return 0;
70}
71
72static struct amba_id nmk_rng_ids[] = {
73 {
74 .id = 0x000805e1,
75 .mask = 0x000fffff, /* top bits are rev and cfg: accept all */
76 },
77 {0, 0},
78};
79
80static struct amba_driver nmk_rng_driver = {
81 .drv = {
82 .owner = THIS_MODULE,
83 .name = "rng",
84 },
85 .probe = nmk_rng_probe,
86 .remove = nmk_rng_remove,
87 .id_table = nmk_rng_ids,
88};
89
90static int __init nmk_rng_init(void)
91{
92 return amba_driver_register(&nmk_rng_driver);
93}
94
95static void __devexit nmk_rng_exit(void)
96{
97 amba_driver_unregister(&nmk_rng_driver);
98}
99
100module_init(nmk_rng_init);
101module_exit(nmk_rng_exit);
102
103MODULE_LICENSE("GPL");
diff --git a/drivers/crypto/amcc/crypto4xx_core.c b/drivers/crypto/amcc/crypto4xx_core.c
index 46e899ac924e..1c3849f6b7a2 100644
--- a/drivers/crypto/amcc/crypto4xx_core.c
+++ b/drivers/crypto/amcc/crypto4xx_core.c
@@ -1274,7 +1274,7 @@ static int __exit crypto4xx_remove(struct of_device *ofdev)
1274 return 0; 1274 return 0;
1275} 1275}
1276 1276
1277static struct of_device_id crypto4xx_match[] = { 1277static const struct of_device_id crypto4xx_match[] = {
1278 { .compatible = "amcc,ppc4xx-crypto",}, 1278 { .compatible = "amcc,ppc4xx-crypto",},
1279 { }, 1279 { },
1280}; 1280};
diff --git a/drivers/crypto/geode-aes.c b/drivers/crypto/geode-aes.c
index 4801162919d9..c7a5a43ba691 100644
--- a/drivers/crypto/geode-aes.c
+++ b/drivers/crypto/geode-aes.c
@@ -135,13 +135,13 @@ static int geode_setkey_cip(struct crypto_tfm *tfm, const u8 *key,
135 /* 135 /*
136 * The requested key size is not supported by HW, do a fallback 136 * The requested key size is not supported by HW, do a fallback
137 */ 137 */
138 op->fallback.blk->base.crt_flags &= ~CRYPTO_TFM_REQ_MASK; 138 op->fallback.cip->base.crt_flags &= ~CRYPTO_TFM_REQ_MASK;
139 op->fallback.blk->base.crt_flags |= (tfm->crt_flags & CRYPTO_TFM_REQ_MASK); 139 op->fallback.cip->base.crt_flags |= (tfm->crt_flags & CRYPTO_TFM_REQ_MASK);
140 140
141 ret = crypto_cipher_setkey(op->fallback.cip, key, len); 141 ret = crypto_cipher_setkey(op->fallback.cip, key, len);
142 if (ret) { 142 if (ret) {
143 tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK; 143 tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
144 tfm->crt_flags |= (op->fallback.blk->base.crt_flags & CRYPTO_TFM_RES_MASK); 144 tfm->crt_flags |= (op->fallback.cip->base.crt_flags & CRYPTO_TFM_RES_MASK);
145 } 145 }
146 return ret; 146 return ret;
147} 147}
@@ -263,7 +263,7 @@ static int fallback_init_cip(struct crypto_tfm *tfm)
263 263
264 if (IS_ERR(op->fallback.cip)) { 264 if (IS_ERR(op->fallback.cip)) {
265 printk(KERN_ERR "Error allocating fallback algo %s\n", name); 265 printk(KERN_ERR "Error allocating fallback algo %s\n", name);
266 return PTR_ERR(op->fallback.blk); 266 return PTR_ERR(op->fallback.cip);
267 } 267 }
268 268
269 return 0; 269 return 0;
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index c47ffe8a73ef..fd529d68c5ba 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1958,7 +1958,7 @@ err_out:
1958 return err; 1958 return err;
1959} 1959}
1960 1960
1961static struct of_device_id talitos_match[] = { 1961static const struct of_device_id talitos_match[] = {
1962 { 1962 {
1963 .compatible = "fsl,sec2.0", 1963 .compatible = "fsl,sec2.0",
1964 }, 1964 },
diff --git a/include/crypto/md5.h b/include/crypto/md5.h
new file mode 100644
index 000000000000..65f299b08b0d
--- /dev/null
+++ b/include/crypto/md5.h
@@ -0,0 +1,17 @@
1#ifndef _CRYPTO_MD5_H
2#define _CRYPTO_MD5_H
3
4#include <linux/types.h>
5
6#define MD5_DIGEST_SIZE 16
7#define MD5_HMAC_BLOCK_SIZE 64
8#define MD5_BLOCK_WORDS 16
9#define MD5_HASH_WORDS 4
10
11struct md5_state {
12 u32 hash[MD5_HASH_WORDS];
13 u32 block[MD5_BLOCK_WORDS];
14 u64 byte_count;
15};
16
17#endif
diff --git a/include/crypto/pcrypt.h b/include/crypto/pcrypt.h
new file mode 100644
index 000000000000..d7d8bd8c6edc
--- /dev/null
+++ b/include/crypto/pcrypt.h
@@ -0,0 +1,51 @@
1/*
2 * pcrypt - Parallel crypto engine.
3 *
4 * Copyright (C) 2009 secunet Security Networks AG
5 * Copyright (C) 2009 Steffen Klassert <steffen.klassert@secunet.com>
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms and conditions of the GNU General Public License,
9 * version 2, as published by the Free Software Foundation.
10 *
11 * This program is distributed in the hope it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 * more details.
15 *
16 * You should have received a copy of the GNU General Public License along with
17 * this program; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
19 */
20
21#ifndef _CRYPTO_PCRYPT_H
22#define _CRYPTO_PCRYPT_H
23
24#include <linux/crypto.h>
25#include <linux/kernel.h>
26#include <linux/padata.h>
27
28struct pcrypt_request {
29 struct padata_priv padata;
30 void *data;
31 void *__ctx[] CRYPTO_MINALIGN_ATTR;
32};
33
34static inline void *pcrypt_request_ctx(struct pcrypt_request *req)
35{
36 return req->__ctx;
37}
38
39static inline
40struct padata_priv *pcrypt_request_padata(struct pcrypt_request *req)
41{
42 return &req->padata;
43}
44
45static inline
46struct pcrypt_request *pcrypt_padata_request(struct padata_priv *padata)
47{
48 return container_of(padata, struct pcrypt_request, padata);
49}
50
51#endif
diff --git a/include/linux/padata.h b/include/linux/padata.h
new file mode 100644
index 000000000000..51611da9c498
--- /dev/null
+++ b/include/linux/padata.h
@@ -0,0 +1,88 @@
1/*
2 * padata.h - header for the padata parallelization interface
3 *
4 * Copyright (C) 2008, 2009 secunet Security Networks AG
5 * Copyright (C) 2008, 2009 Steffen Klassert <steffen.klassert@secunet.com>
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms and conditions of the GNU General Public License,
9 * version 2, as published by the Free Software Foundation.
10 *
11 * This program is distributed in the hope it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 * more details.
15 *
16 * You should have received a copy of the GNU General Public License along with
17 * this program; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
19 */
20
21#ifndef PADATA_H
22#define PADATA_H
23
24#include <linux/workqueue.h>
25#include <linux/spinlock.h>
26#include <linux/list.h>
27
28struct padata_priv {
29 struct list_head list;
30 struct parallel_data *pd;
31 int cb_cpu;
32 int seq_nr;
33 int info;
34 void (*parallel)(struct padata_priv *padata);
35 void (*serial)(struct padata_priv *padata);
36};
37
38struct padata_list {
39 struct list_head list;
40 spinlock_t lock;
41};
42
43struct padata_queue {
44 struct padata_list parallel;
45 struct padata_list reorder;
46 struct padata_list serial;
47 struct work_struct pwork;
48 struct work_struct swork;
49 struct parallel_data *pd;
50 atomic_t num_obj;
51 int cpu_index;
52};
53
54struct parallel_data {
55 struct padata_instance *pinst;
56 struct padata_queue *queue;
57 atomic_t seq_nr;
58 atomic_t reorder_objects;
59 atomic_t refcnt;
60 unsigned int max_seq_nr;
61 cpumask_var_t cpumask;
62 spinlock_t lock;
63};
64
65struct padata_instance {
66 struct notifier_block cpu_notifier;
67 struct workqueue_struct *wq;
68 struct parallel_data *pd;
69 cpumask_var_t cpumask;
70 struct mutex lock;
71 u8 flags;
72#define PADATA_INIT 1
73#define PADATA_RESET 2
74};
75
76extern struct padata_instance *padata_alloc(const struct cpumask *cpumask,
77 struct workqueue_struct *wq);
78extern void padata_free(struct padata_instance *pinst);
79extern int padata_do_parallel(struct padata_instance *pinst,
80 struct padata_priv *padata, int cb_cpu);
81extern void padata_do_serial(struct padata_priv *padata);
82extern int padata_set_cpumask(struct padata_instance *pinst,
83 cpumask_var_t cpumask);
84extern int padata_add_cpu(struct padata_instance *pinst, int cpu);
85extern int padata_remove_cpu(struct padata_instance *pinst, int cpu);
86extern void padata_start(struct padata_instance *pinst);
87extern void padata_stop(struct padata_instance *pinst);
88#endif
diff --git a/include/linux/pfkeyv2.h b/include/linux/pfkeyv2.h
index 228b0b6306b0..0b80c806631f 100644
--- a/include/linux/pfkeyv2.h
+++ b/include/linux/pfkeyv2.h
@@ -315,6 +315,7 @@ struct sadb_x_kmaddress {
315#define SADB_X_EALG_AES_GCM_ICV12 19 315#define SADB_X_EALG_AES_GCM_ICV12 19
316#define SADB_X_EALG_AES_GCM_ICV16 20 316#define SADB_X_EALG_AES_GCM_ICV16 20
317#define SADB_X_EALG_CAMELLIACBC 22 317#define SADB_X_EALG_CAMELLIACBC 22
318#define SADB_X_EALG_NULL_AES_GMAC 23
318#define SADB_EALG_MAX 253 /* last EALG */ 319#define SADB_EALG_MAX 253 /* last EALG */
319/* private allocations should use 249-255 (RFC2407) */ 320/* private allocations should use 249-255 (RFC2407) */
320#define SADB_X_EALG_SERPENTCBC 252 /* draft-ietf-ipsec-ciph-aes-cbc-00 */ 321#define SADB_X_EALG_SERPENTCBC 252 /* draft-ietf-ipsec-ciph-aes-cbc-00 */
diff --git a/init/Kconfig b/init/Kconfig
index d95ca7cd5d45..1510e17a2902 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1262,4 +1262,8 @@ source "block/Kconfig"
1262config PREEMPT_NOTIFIERS 1262config PREEMPT_NOTIFIERS
1263 bool 1263 bool
1264 1264
1265config PADATA
1266 depends on SMP
1267 bool
1268
1265source "kernel/Kconfig.locks" 1269source "kernel/Kconfig.locks"
diff --git a/kernel/Makefile b/kernel/Makefile
index 864ff75d65f2..6aebdeb2aa34 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -100,6 +100,7 @@ obj-$(CONFIG_SLOW_WORK_DEBUG) += slow-work-debugfs.o
100obj-$(CONFIG_PERF_EVENTS) += perf_event.o 100obj-$(CONFIG_PERF_EVENTS) += perf_event.o
101obj-$(CONFIG_HAVE_HW_BREAKPOINT) += hw_breakpoint.o 101obj-$(CONFIG_HAVE_HW_BREAKPOINT) += hw_breakpoint.o
102obj-$(CONFIG_USER_RETURN_NOTIFIER) += user-return-notifier.o 102obj-$(CONFIG_USER_RETURN_NOTIFIER) += user-return-notifier.o
103obj-$(CONFIG_PADATA) += padata.o
103 104
104ifneq ($(CONFIG_SCHED_OMIT_FRAME_POINTER),y) 105ifneq ($(CONFIG_SCHED_OMIT_FRAME_POINTER),y)
105# According to Alan Modra <alan@linuxcare.com.au>, the -fno-omit-frame-pointer is 106# According to Alan Modra <alan@linuxcare.com.au>, the -fno-omit-frame-pointer is
diff --git a/kernel/padata.c b/kernel/padata.c
new file mode 100644
index 000000000000..6f9bcb8313d6
--- /dev/null
+++ b/kernel/padata.c
@@ -0,0 +1,690 @@
1/*
2 * padata.c - generic interface to process data streams in parallel
3 *
4 * Copyright (C) 2008, 2009 secunet Security Networks AG
5 * Copyright (C) 2008, 2009 Steffen Klassert <steffen.klassert@secunet.com>
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms and conditions of the GNU General Public License,
9 * version 2, as published by the Free Software Foundation.
10 *
11 * This program is distributed in the hope it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 * more details.
15 *
16 * You should have received a copy of the GNU General Public License along with
17 * this program; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
19 */
20
21#include <linux/module.h>
22#include <linux/cpumask.h>
23#include <linux/err.h>
24#include <linux/cpu.h>
25#include <linux/padata.h>
26#include <linux/mutex.h>
27#include <linux/sched.h>
28#include <linux/rcupdate.h>
29
30#define MAX_SEQ_NR INT_MAX - NR_CPUS
31#define MAX_OBJ_NUM 10000 * NR_CPUS
32
33static int padata_index_to_cpu(struct parallel_data *pd, int cpu_index)
34{
35 int cpu, target_cpu;
36
37 target_cpu = cpumask_first(pd->cpumask);
38 for (cpu = 0; cpu < cpu_index; cpu++)
39 target_cpu = cpumask_next(target_cpu, pd->cpumask);
40
41 return target_cpu;
42}
43
44static int padata_cpu_hash(struct padata_priv *padata)
45{
46 int cpu_index;
47 struct parallel_data *pd;
48
49 pd = padata->pd;
50
51 /*
52 * Hash the sequence numbers to the cpus by taking
53 * seq_nr mod. number of cpus in use.
54 */
55 cpu_index = padata->seq_nr % cpumask_weight(pd->cpumask);
56
57 return padata_index_to_cpu(pd, cpu_index);
58}
59
60static void padata_parallel_worker(struct work_struct *work)
61{
62 struct padata_queue *queue;
63 struct parallel_data *pd;
64 struct padata_instance *pinst;
65 LIST_HEAD(local_list);
66
67 local_bh_disable();
68 queue = container_of(work, struct padata_queue, pwork);
69 pd = queue->pd;
70 pinst = pd->pinst;
71
72 spin_lock(&queue->parallel.lock);
73 list_replace_init(&queue->parallel.list, &local_list);
74 spin_unlock(&queue->parallel.lock);
75
76 while (!list_empty(&local_list)) {
77 struct padata_priv *padata;
78
79 padata = list_entry(local_list.next,
80 struct padata_priv, list);
81
82 list_del_init(&padata->list);
83
84 padata->parallel(padata);
85 }
86
87 local_bh_enable();
88}
89
90/*
91 * padata_do_parallel - padata parallelization function
92 *
93 * @pinst: padata instance
94 * @padata: object to be parallelized
95 * @cb_cpu: cpu the serialization callback function will run on,
96 * must be in the cpumask of padata.
97 *
98 * The parallelization callback function will run with BHs off.
99 * Note: Every object which is parallelized by padata_do_parallel
100 * must be seen by padata_do_serial.
101 */
102int padata_do_parallel(struct padata_instance *pinst,
103 struct padata_priv *padata, int cb_cpu)
104{
105 int target_cpu, err;
106 struct padata_queue *queue;
107 struct parallel_data *pd;
108
109 rcu_read_lock_bh();
110
111 pd = rcu_dereference(pinst->pd);
112
113 err = 0;
114 if (!(pinst->flags & PADATA_INIT))
115 goto out;
116
117 err = -EBUSY;
118 if ((pinst->flags & PADATA_RESET))
119 goto out;
120
121 if (atomic_read(&pd->refcnt) >= MAX_OBJ_NUM)
122 goto out;
123
124 err = -EINVAL;
125 if (!cpumask_test_cpu(cb_cpu, pd->cpumask))
126 goto out;
127
128 err = -EINPROGRESS;
129 atomic_inc(&pd->refcnt);
130 padata->pd = pd;
131 padata->cb_cpu = cb_cpu;
132
133 if (unlikely(atomic_read(&pd->seq_nr) == pd->max_seq_nr))
134 atomic_set(&pd->seq_nr, -1);
135
136 padata->seq_nr = atomic_inc_return(&pd->seq_nr);
137
138 target_cpu = padata_cpu_hash(padata);
139 queue = per_cpu_ptr(pd->queue, target_cpu);
140
141 spin_lock(&queue->parallel.lock);
142 list_add_tail(&padata->list, &queue->parallel.list);
143 spin_unlock(&queue->parallel.lock);
144
145 queue_work_on(target_cpu, pinst->wq, &queue->pwork);
146
147out:
148 rcu_read_unlock_bh();
149
150 return err;
151}
152EXPORT_SYMBOL(padata_do_parallel);
153
154static struct padata_priv *padata_get_next(struct parallel_data *pd)
155{
156 int cpu, num_cpus, empty, calc_seq_nr;
157 int seq_nr, next_nr, overrun, next_overrun;
158 struct padata_queue *queue, *next_queue;
159 struct padata_priv *padata;
160 struct padata_list *reorder;
161
162 empty = 0;
163 next_nr = -1;
164 next_overrun = 0;
165 next_queue = NULL;
166
167 num_cpus = cpumask_weight(pd->cpumask);
168
169 for_each_cpu(cpu, pd->cpumask) {
170 queue = per_cpu_ptr(pd->queue, cpu);
171 reorder = &queue->reorder;
172
173 /*
174 * Calculate the seq_nr of the object that should be
175 * next in this queue.
176 */
177 overrun = 0;
178 calc_seq_nr = (atomic_read(&queue->num_obj) * num_cpus)
179 + queue->cpu_index;
180
181 if (unlikely(calc_seq_nr > pd->max_seq_nr)) {
182 calc_seq_nr = calc_seq_nr - pd->max_seq_nr - 1;
183 overrun = 1;
184 }
185
186 if (!list_empty(&reorder->list)) {
187 padata = list_entry(reorder->list.next,
188 struct padata_priv, list);
189
190 seq_nr = padata->seq_nr;
191 BUG_ON(calc_seq_nr != seq_nr);
192 } else {
193 seq_nr = calc_seq_nr;
194 empty++;
195 }
196
197 if (next_nr < 0 || seq_nr < next_nr
198 || (next_overrun && !overrun)) {
199 next_nr = seq_nr;
200 next_overrun = overrun;
201 next_queue = queue;
202 }
203 }
204
205 padata = NULL;
206
207 if (empty == num_cpus)
208 goto out;
209
210 reorder = &next_queue->reorder;
211
212 if (!list_empty(&reorder->list)) {
213 padata = list_entry(reorder->list.next,
214 struct padata_priv, list);
215
216 if (unlikely(next_overrun)) {
217 for_each_cpu(cpu, pd->cpumask) {
218 queue = per_cpu_ptr(pd->queue, cpu);
219 atomic_set(&queue->num_obj, 0);
220 }
221 }
222
223 spin_lock(&reorder->lock);
224 list_del_init(&padata->list);
225 atomic_dec(&pd->reorder_objects);
226 spin_unlock(&reorder->lock);
227
228 atomic_inc(&next_queue->num_obj);
229
230 goto out;
231 }
232
233 if (next_nr % num_cpus == next_queue->cpu_index) {
234 padata = ERR_PTR(-ENODATA);
235 goto out;
236 }
237
238 padata = ERR_PTR(-EINPROGRESS);
239out:
240 return padata;
241}
242
243static void padata_reorder(struct parallel_data *pd)
244{
245 struct padata_priv *padata;
246 struct padata_queue *queue;
247 struct padata_instance *pinst = pd->pinst;
248
249try_again:
250 if (!spin_trylock_bh(&pd->lock))
251 goto out;
252
253 while (1) {
254 padata = padata_get_next(pd);
255
256 if (!padata || PTR_ERR(padata) == -EINPROGRESS)
257 break;
258
259 if (PTR_ERR(padata) == -ENODATA) {
260 spin_unlock_bh(&pd->lock);
261 goto out;
262 }
263
264 queue = per_cpu_ptr(pd->queue, padata->cb_cpu);
265
266 spin_lock(&queue->serial.lock);
267 list_add_tail(&padata->list, &queue->serial.list);
268 spin_unlock(&queue->serial.lock);
269
270 queue_work_on(padata->cb_cpu, pinst->wq, &queue->swork);
271 }
272
273 spin_unlock_bh(&pd->lock);
274
275 if (atomic_read(&pd->reorder_objects))
276 goto try_again;
277
278out:
279 return;
280}
281
282static void padata_serial_worker(struct work_struct *work)
283{
284 struct padata_queue *queue;
285 struct parallel_data *pd;
286 LIST_HEAD(local_list);
287
288 local_bh_disable();
289 queue = container_of(work, struct padata_queue, swork);
290 pd = queue->pd;
291
292 spin_lock(&queue->serial.lock);
293 list_replace_init(&queue->serial.list, &local_list);
294 spin_unlock(&queue->serial.lock);
295
296 while (!list_empty(&local_list)) {
297 struct padata_priv *padata;
298
299 padata = list_entry(local_list.next,
300 struct padata_priv, list);
301
302 list_del_init(&padata->list);
303
304 padata->serial(padata);
305 atomic_dec(&pd->refcnt);
306 }
307 local_bh_enable();
308}
309
310/*
311 * padata_do_serial - padata serialization function
312 *
313 * @padata: object to be serialized.
314 *
315 * padata_do_serial must be called for every parallelized object.
316 * The serialization callback function will run with BHs off.
317 */
318void padata_do_serial(struct padata_priv *padata)
319{
320 int cpu;
321 struct padata_queue *queue;
322 struct parallel_data *pd;
323
324 pd = padata->pd;
325
326 cpu = get_cpu();
327 queue = per_cpu_ptr(pd->queue, cpu);
328
329 spin_lock(&queue->reorder.lock);
330 atomic_inc(&pd->reorder_objects);
331 list_add_tail(&padata->list, &queue->reorder.list);
332 spin_unlock(&queue->reorder.lock);
333
334 put_cpu();
335
336 padata_reorder(pd);
337}
338EXPORT_SYMBOL(padata_do_serial);
339
340static struct parallel_data *padata_alloc_pd(struct padata_instance *pinst,
341 const struct cpumask *cpumask)
342{
343 int cpu, cpu_index, num_cpus;
344 struct padata_queue *queue;
345 struct parallel_data *pd;
346
347 cpu_index = 0;
348
349 pd = kzalloc(sizeof(struct parallel_data), GFP_KERNEL);
350 if (!pd)
351 goto err;
352
353 pd->queue = alloc_percpu(struct padata_queue);
354 if (!pd->queue)
355 goto err_free_pd;
356
357 if (!alloc_cpumask_var(&pd->cpumask, GFP_KERNEL))
358 goto err_free_queue;
359
360 for_each_possible_cpu(cpu) {
361 queue = per_cpu_ptr(pd->queue, cpu);
362
363 queue->pd = pd;
364
365 if (cpumask_test_cpu(cpu, cpumask)
366 && cpumask_test_cpu(cpu, cpu_active_mask)) {
367 queue->cpu_index = cpu_index;
368 cpu_index++;
369 } else
370 queue->cpu_index = -1;
371
372 INIT_LIST_HEAD(&queue->reorder.list);
373 INIT_LIST_HEAD(&queue->parallel.list);
374 INIT_LIST_HEAD(&queue->serial.list);
375 spin_lock_init(&queue->reorder.lock);
376 spin_lock_init(&queue->parallel.lock);
377 spin_lock_init(&queue->serial.lock);
378
379 INIT_WORK(&queue->pwork, padata_parallel_worker);
380 INIT_WORK(&queue->swork, padata_serial_worker);
381 atomic_set(&queue->num_obj, 0);
382 }
383
384 cpumask_and(pd->cpumask, cpumask, cpu_active_mask);
385
386 num_cpus = cpumask_weight(pd->cpumask);
387 pd->max_seq_nr = (MAX_SEQ_NR / num_cpus) * num_cpus - 1;
388
389 atomic_set(&pd->seq_nr, -1);
390 atomic_set(&pd->reorder_objects, 0);
391 atomic_set(&pd->refcnt, 0);
392 pd->pinst = pinst;
393 spin_lock_init(&pd->lock);
394
395 return pd;
396
397err_free_queue:
398 free_percpu(pd->queue);
399err_free_pd:
400 kfree(pd);
401err:
402 return NULL;
403}
404
405static void padata_free_pd(struct parallel_data *pd)
406{
407 free_cpumask_var(pd->cpumask);
408 free_percpu(pd->queue);
409 kfree(pd);
410}
411
412static void padata_replace(struct padata_instance *pinst,
413 struct parallel_data *pd_new)
414{
415 struct parallel_data *pd_old = pinst->pd;
416
417 pinst->flags |= PADATA_RESET;
418
419 rcu_assign_pointer(pinst->pd, pd_new);
420
421 synchronize_rcu();
422
423 while (atomic_read(&pd_old->refcnt) != 0)
424 yield();
425
426 flush_workqueue(pinst->wq);
427
428 padata_free_pd(pd_old);
429
430 pinst->flags &= ~PADATA_RESET;
431}
432
433/*
434 * padata_set_cpumask - set the cpumask that padata should use
435 *
436 * @pinst: padata instance
437 * @cpumask: the cpumask to use
438 */
439int padata_set_cpumask(struct padata_instance *pinst,
440 cpumask_var_t cpumask)
441{
442 struct parallel_data *pd;
443 int err = 0;
444
445 might_sleep();
446
447 mutex_lock(&pinst->lock);
448
449 pd = padata_alloc_pd(pinst, cpumask);
450 if (!pd) {
451 err = -ENOMEM;
452 goto out;
453 }
454
455 cpumask_copy(pinst->cpumask, cpumask);
456
457 padata_replace(pinst, pd);
458
459out:
460 mutex_unlock(&pinst->lock);
461
462 return err;
463}
464EXPORT_SYMBOL(padata_set_cpumask);
465
466static int __padata_add_cpu(struct padata_instance *pinst, int cpu)
467{
468 struct parallel_data *pd;
469
470 if (cpumask_test_cpu(cpu, cpu_active_mask)) {
471 pd = padata_alloc_pd(pinst, pinst->cpumask);
472 if (!pd)
473 return -ENOMEM;
474
475 padata_replace(pinst, pd);
476 }
477
478 return 0;
479}
480
481/*
482 * padata_add_cpu - add a cpu to the padata cpumask
483 *
484 * @pinst: padata instance
485 * @cpu: cpu to add
486 */
487int padata_add_cpu(struct padata_instance *pinst, int cpu)
488{
489 int err;
490
491 might_sleep();
492
493 mutex_lock(&pinst->lock);
494
495 cpumask_set_cpu(cpu, pinst->cpumask);
496 err = __padata_add_cpu(pinst, cpu);
497
498 mutex_unlock(&pinst->lock);
499
500 return err;
501}
502EXPORT_SYMBOL(padata_add_cpu);
503
504static int __padata_remove_cpu(struct padata_instance *pinst, int cpu)
505{
506 struct parallel_data *pd;
507
508 if (cpumask_test_cpu(cpu, cpu_online_mask)) {
509 pd = padata_alloc_pd(pinst, pinst->cpumask);
510 if (!pd)
511 return -ENOMEM;
512
513 padata_replace(pinst, pd);
514 }
515
516 return 0;
517}
518
519/*
520 * padata_remove_cpu - remove a cpu from the padata cpumask
521 *
522 * @pinst: padata instance
523 * @cpu: cpu to remove
524 */
525int padata_remove_cpu(struct padata_instance *pinst, int cpu)
526{
527 int err;
528
529 might_sleep();
530
531 mutex_lock(&pinst->lock);
532
533 cpumask_clear_cpu(cpu, pinst->cpumask);
534 err = __padata_remove_cpu(pinst, cpu);
535
536 mutex_unlock(&pinst->lock);
537
538 return err;
539}
540EXPORT_SYMBOL(padata_remove_cpu);
541
542/*
543 * padata_start - start the parallel processing
544 *
545 * @pinst: padata instance to start
546 */
547void padata_start(struct padata_instance *pinst)
548{
549 might_sleep();
550
551 mutex_lock(&pinst->lock);
552 pinst->flags |= PADATA_INIT;
553 mutex_unlock(&pinst->lock);
554}
555EXPORT_SYMBOL(padata_start);
556
557/*
558 * padata_stop - stop the parallel processing
559 *
560 * @pinst: padata instance to stop
561 */
562void padata_stop(struct padata_instance *pinst)
563{
564 might_sleep();
565
566 mutex_lock(&pinst->lock);
567 pinst->flags &= ~PADATA_INIT;
568 mutex_unlock(&pinst->lock);
569}
570EXPORT_SYMBOL(padata_stop);
571
572static int __cpuinit padata_cpu_callback(struct notifier_block *nfb,
573 unsigned long action, void *hcpu)
574{
575 int err;
576 struct padata_instance *pinst;
577 int cpu = (unsigned long)hcpu;
578
579 pinst = container_of(nfb, struct padata_instance, cpu_notifier);
580
581 switch (action) {
582 case CPU_ONLINE:
583 case CPU_ONLINE_FROZEN:
584 if (!cpumask_test_cpu(cpu, pinst->cpumask))
585 break;
586 mutex_lock(&pinst->lock);
587 err = __padata_add_cpu(pinst, cpu);
588 mutex_unlock(&pinst->lock);
589 if (err)
590 return NOTIFY_BAD;
591 break;
592
593 case CPU_DOWN_PREPARE:
594 case CPU_DOWN_PREPARE_FROZEN:
595 if (!cpumask_test_cpu(cpu, pinst->cpumask))
596 break;
597 mutex_lock(&pinst->lock);
598 err = __padata_remove_cpu(pinst, cpu);
599 mutex_unlock(&pinst->lock);
600 if (err)
601 return NOTIFY_BAD;
602 break;
603
604 case CPU_UP_CANCELED:
605 case CPU_UP_CANCELED_FROZEN:
606 if (!cpumask_test_cpu(cpu, pinst->cpumask))
607 break;
608 mutex_lock(&pinst->lock);
609 __padata_remove_cpu(pinst, cpu);
610 mutex_unlock(&pinst->lock);
611
612 case CPU_DOWN_FAILED:
613 case CPU_DOWN_FAILED_FROZEN:
614 if (!cpumask_test_cpu(cpu, pinst->cpumask))
615 break;
616 mutex_lock(&pinst->lock);
617 __padata_add_cpu(pinst, cpu);
618 mutex_unlock(&pinst->lock);
619 }
620
621 return NOTIFY_OK;
622}
623
624/*
625 * padata_alloc - allocate and initialize a padata instance
626 *
627 * @cpumask: cpumask that padata uses for parallelization
628 * @wq: workqueue to use for the allocated padata instance
629 */
630struct padata_instance *padata_alloc(const struct cpumask *cpumask,
631 struct workqueue_struct *wq)
632{
633 int err;
634 struct padata_instance *pinst;
635 struct parallel_data *pd;
636
637 pinst = kzalloc(sizeof(struct padata_instance), GFP_KERNEL);
638 if (!pinst)
639 goto err;
640
641 pd = padata_alloc_pd(pinst, cpumask);
642 if (!pd)
643 goto err_free_inst;
644
645 rcu_assign_pointer(pinst->pd, pd);
646
647 pinst->wq = wq;
648
649 cpumask_copy(pinst->cpumask, cpumask);
650
651 pinst->flags = 0;
652
653 pinst->cpu_notifier.notifier_call = padata_cpu_callback;
654 pinst->cpu_notifier.priority = 0;
655 err = register_hotcpu_notifier(&pinst->cpu_notifier);
656 if (err)
657 goto err_free_pd;
658
659 mutex_init(&pinst->lock);
660
661 return pinst;
662
663err_free_pd:
664 padata_free_pd(pd);
665err_free_inst:
666 kfree(pinst);
667err:
668 return NULL;
669}
670EXPORT_SYMBOL(padata_alloc);
671
672/*
673 * padata_free - free a padata instance
674 *
675 * @ padata_inst: padata instance to free
676 */
677void padata_free(struct padata_instance *pinst)
678{
679 padata_stop(pinst);
680
681 synchronize_rcu();
682
683 while (atomic_read(&pinst->pd->refcnt) != 0)
684 yield();
685
686 unregister_hotcpu_notifier(&pinst->cpu_notifier);
687 padata_free_pd(pinst->pd);
688 kfree(pinst);
689}
690EXPORT_SYMBOL(padata_free);
diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c
index 743c0134a6a9..8b4d6e3246e5 100644
--- a/net/xfrm/xfrm_algo.c
+++ b/net/xfrm/xfrm_algo.c
@@ -125,6 +125,22 @@ static struct xfrm_algo_desc aead_list[] = {
125 .sadb_alg_maxbits = 256 125 .sadb_alg_maxbits = 256
126 } 126 }
127}, 127},
128{
129 .name = "rfc4543(gcm(aes))",
130
131 .uinfo = {
132 .aead = {
133 .icv_truncbits = 128,
134 }
135 },
136
137 .desc = {
138 .sadb_alg_id = SADB_X_EALG_NULL_AES_GMAC,
139 .sadb_alg_ivlen = 8,
140 .sadb_alg_minbits = 128,
141 .sadb_alg_maxbits = 256
142 }
143},
128}; 144};
129 145
130static struct xfrm_algo_desc aalg_list[] = { 146static struct xfrm_algo_desc aalg_list[] = {