13 files changed, 37 insertions, 22 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 6a2e295ee227..403857ad06d4 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -826,8 +826,8 @@ config CRYPTO_ANSI_CPRNG
        help
          This option enables the generic pseudo random number generator
          for cryptographic modules.  Uses the Algorithm specified in
-          ANSI X9.31 A.2.4. Not this option must be enabled if CRYPTO_FIPS 
+          ANSI X9.31 A.2.4. Note that this option must be enabled if
-          is selected
+          CRYPTO_FIPS is selected
 source "drivers/crypto/Kconfig"
diff --git a/crypto/ahash.c b/crypto/ahash.c
index 33a4ff45f842..b8c59b889c6e 100644
--- a/crypto/ahash.c
+++ b/crypto/ahash.c
@@ -78,7 +78,6 @@ int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err)
        walk->data -= walk->offset;
        if (nbytes && walk->offset & alignmask && !err) {
-                walk->offset += alignmask - 1;
                walk->offset = ALIGN(walk->offset, alignmask + 1);
                walk->data += walk->offset;
diff --git a/crypto/algapi.c b/crypto/algapi.c
index d49d7091cecf..c3cf1a69a47a 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -17,6 +17,7 @@
 #include <linux/list.h>
 #include <linux/module.h>
 #include <linux/rtnetlink.h>
+#include <linux/slab.h>
 #include <linux/string.h>
 #include "internal.h"
diff --git a/crypto/algboss.c b/crypto/algboss.c
index 412241ce4cfa..c3c196b5823a 100644
--- a/crypto/algboss.c
+++ b/crypto/algboss.c
@@ -19,6 +19,7 @@
 #include <linux/notifier.h>
 #include <linux/rtnetlink.h>
 #include <linux/sched.h>
+#include <linux/slab.h>
 #include <linux/string.h>
 #include "internal.h"
diff --git a/crypto/async_tx/async_pq.c b/crypto/async_tx/async_pq.c
index ec87f53d5059..fdd8257d35d9 100644
--- a/crypto/async_tx/async_pq.c
+++ b/crypto/async_tx/async_pq.c
@@ -24,6 +24,7 @@
 #include <linux/dma-mapping.h>
 #include <linux/raid/pq.h>
 #include <linux/async_tx.h>
+#include <linux/gfp.h>
 /**
 * pq_scribble_page - space to hold throwaway P or Q buffer for
diff --git a/crypto/async_tx/raid6test.c b/crypto/async_tx/raid6test.c
index f84f6b4301d9..c1321935ebcc 100644
--- a/crypto/async_tx/raid6test.c
+++ b/crypto/async_tx/raid6test.c
@@ -20,6 +20,7 @@
 *
 */
 #include <linux/async_tx.h>
+#include <linux/gfp.h>
 #include <linux/random.h>
 #undef pr
diff --git a/crypto/authenc.c b/crypto/authenc.c
index 18870906ea06..05eb32e0d949 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -46,6 +46,12 @@ struct authenc_request_ctx {
        char tail[];
 };
+static void authenc_request_complete(struct aead_request *req, int err)
+{
+        if (err != -EINPROGRESS)
+                aead_request_complete(req, err);
+}
 static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key,
                                 unsigned int keylen)
 {
@@ -142,7 +148,7 @@ static void authenc_geniv_ahash_update_done(struct crypto_async_request *areq,
                                 crypto_aead_authsize(authenc), 1);
 out:
-        aead_request_complete(req, err);
+        authenc_request_complete(req, err);
 }
 static void authenc_geniv_ahash_done(struct crypto_async_request *areq, int err)
@@ -208,7 +214,7 @@ static void authenc_verify_ahash_update_done(struct crypto_async_request *areq,
        err = crypto_ablkcipher_decrypt(abreq);
 out:
-        aead_request_complete(req, err);
+        authenc_request_complete(req, err);
 }
 static void authenc_verify_ahash_done(struct crypto_async_request *areq,
@@ -245,7 +251,7 @@ static void authenc_verify_ahash_done(struct crypto_async_request *areq,
        err = crypto_ablkcipher_decrypt(abreq);
 out:
-        aead_request_complete(req, err);
+        authenc_request_complete(req, err);
 }
 static u8 *crypto_authenc_ahash_fb(struct aead_request *req, unsigned int flags)
@@ -379,18 +385,20 @@ static void crypto_authenc_encrypt_done(struct crypto_async_request *req,
                err = crypto_authenc_genicv(areq, iv, 0);
        }
-        aead_request_complete(areq, err);
+        authenc_request_complete(areq, err);
 }
 static int crypto_authenc_encrypt(struct aead_request *req)
 {
        struct crypto_aead *authenc = crypto_aead_reqtfm(req);
        struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
-        struct ablkcipher_request *abreq = aead_request_ctx(req);
+        struct authenc_request_ctx *areq_ctx = aead_request_ctx(req);
        struct crypto_ablkcipher *enc = ctx->enc;
        struct scatterlist *dst = req->dst;
        unsigned int cryptlen = req->cryptlen;
-        u8 *iv = (u8 *)(abreq + 1) + crypto_ablkcipher_reqsize(enc);
+        struct ablkcipher_request *abreq = (void *)(areq_ctx->tail
+                                                    + ctx->reqoff);
+        u8 *iv = (u8 *)abreq - crypto_ablkcipher_ivsize(enc);
        int err;
        ablkcipher_request_set_tfm(abreq, enc);
@@ -418,7 +426,7 @@ static void crypto_authenc_givencrypt_done(struct crypto_async_request *req,
                err = crypto_authenc_genicv(areq, greq->giv, 0);
        }
-        aead_request_complete(areq, err);
+        authenc_request_complete(areq, err);
 }
 static int crypto_authenc_givencrypt(struct aead_givcrypt_request *req)
@@ -454,7 +462,7 @@ static int crypto_authenc_verify(struct aead_request *req,
        unsigned int authsize;
        areq_ctx->complete = authenc_verify_ahash_done;
-        areq_ctx->complete = authenc_verify_ahash_update_done;
+        areq_ctx->update_complete = authenc_verify_ahash_update_done;
        ohash = authenc_ahash_fn(req, CRYPTO_TFM_REQ_MAY_SLEEP);
        if (IS_ERR(ohash))
@@ -546,10 +554,6 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
        if (IS_ERR(auth))
                return PTR_ERR(auth);
-        ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
-                            crypto_ahash_alignmask(auth),
-                            crypto_ahash_alignmask(auth) + 1);
        enc = crypto_spawn_skcipher(&ictx->enc);
        err = PTR_ERR(enc);
        if (IS_ERR(enc))
@@ -558,13 +562,18 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
        ctx->auth = auth;
        ctx->enc = enc;
-        tfm->crt_aead.reqsize = max_t(unsigned int,
+        ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
-                                crypto_ahash_reqsize(auth) + ctx->reqoff +
+                            crypto_ahash_alignmask(auth),
-                                sizeof(struct authenc_request_ctx) +
+                            crypto_ahash_alignmask(auth) + 1) +
+                      crypto_ablkcipher_ivsize(enc);
+        tfm->crt_aead.reqsize = sizeof(struct authenc_request_ctx) +
+                                ctx->reqoff +
+                                max_t(unsigned int,
+                                crypto_ahash_reqsize(auth) +
                                sizeof(struct ahash_request),
                                sizeof(struct skcipher_givcrypt_request) +
-                                crypto_ablkcipher_reqsize(enc) +
+                                crypto_ablkcipher_reqsize(enc));
-                                crypto_ablkcipher_ivsize(enc));
        return 0;
diff --git a/crypto/hmac.c b/crypto/hmac.c
index 15c2eb534541..8d9544cf8169 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -23,7 +23,6 @@
 #include <linux/kernel.h>
 #include <linux/module.h>
 #include <linux/scatterlist.h>
-#include <linux/slab.h>
 #include <linux/string.h>
 struct hmac_ctx {
diff --git a/crypto/md5.c b/crypto/md5.c
index 9fda213a592e..30efc7dad891 100644
--- a/crypto/md5.c
+++ b/crypto/md5.c
@@ -234,6 +234,7 @@ static struct shash_alg alg = {
        .export         =       md5_export,
        .import         =       md5_import,
        .descsize       =       sizeof(struct md5_state),
+        .statesize      =       sizeof(struct md5_state),
        .base           =       {
                .cra_name       =       "md5",
                .cra_flags      =       CRYPTO_ALG_TYPE_SHASH,
diff --git a/crypto/rng.c b/crypto/rng.c
index ba05e7380e76..f93cb5311182 100644
--- a/crypto/rng.c
+++ b/crypto/rng.c
@@ -19,6 +19,7 @@
 #include <linux/mutex.h>
 #include <linux/random.h>
 #include <linux/seq_file.h>
+#include <linux/slab.h>
 #include <linux/string.h>
 static DEFINE_MUTEX(crypto_default_rng_lock);
diff --git a/crypto/seqiv.c b/crypto/seqiv.c
index 5a013a8bf87a..4c4491229417 100644
--- a/crypto/seqiv.c
+++ b/crypto/seqiv.c
@@ -20,6 +20,7 @@
 #include <linux/init.h>
 #include <linux/kernel.h>
 #include <linux/module.h>
+#include <linux/slab.h>
 #include <linux/spinlock.h>
 #include <linux/string.h>
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 0b7a8435255b..ea610ad45aa1 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -18,8 +18,8 @@
 #include <crypto/hash.h>
 #include <linux/err.h>
 #include <linux/init.h>
+#include <linux/gfp.h>
 #include <linux/module.h>
-#include <linux/slab.h>
 #include <linux/scatterlist.h>
 #include <linux/string.h>
 #include <linux/moduleparam.h>
diff --git a/crypto/xor.c b/crypto/xor.c
index fc5b836f3430..b75182d8ab14 100644
--- a/crypto/xor.c
+++ b/crypto/xor.c
@@ -18,6 +18,7 @@
 #define BH_TRACE 0
 #include <linux/module.h>
+#include <linux/gfp.h>
 #include <linux/raid/xor.h>
 #include <linux/jiffies.h>
 #include <asm/xor.h>