aboutsummaryrefslogtreecommitdiffstats
path: root/include
Commit message (Collapse)AuthorAge
* Merge branch 'for-linus' of ↵Linus Torvalds2008-01-25
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6: selinux: make mls_compute_sid always polyinstantiate security/selinux: constify function pointer tables and fields security: add a secctx_to_secid() hook security: call security_file_permission from rw_verify_area security: remove security_sb_post_mountroot hook Security: remove security.h include from mm.h Security: remove security_file_mmap hook sparse-warnings (NULL as 0). Security: add get, set, and cloning of superblock security information security/selinux: Add missing "space"
| * security/selinux: constify function pointer tables and fieldsJan Engelhardt2008-01-24
| | | | | | | | | | | | | | Constify function pointer tables and fields. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: James Morris <jmorris@namei.org>
| * security: add a secctx_to_secid() hookDavid Howells2008-01-24
| | | | | | | | | | | | | | | | | | | | Add a secctx_to_secid() LSM hook to go along with the existing secid_to_secctx() LSM hook. This patch also includes the SELinux implementation for this hook. Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
| * security: remove security_sb_post_mountroot hookH. Peter Anvin2008-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The security_sb_post_mountroot() hook is long-since obsolete, and is fundamentally broken: it is never invoked if someone uses initramfs. This is particularly damaging, because the existence of this hook has been used as motivation for not using initramfs. Stephen Smalley confirmed on 2007-07-19 that this hook was originally used by SELinux but can now be safely removed: http://marc.info/?l=linux-kernel&m=118485683612916&w=2 Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: James Morris <jmorris@namei.org> Cc: Eric Paris <eparis@parisplace.org> Cc: Chris Wright <chrisw@sous-sol.org> Signed-off-by: H. Peter Anvin <hpa@zytor.com> Signed-off-by: James Morris <jmorris@namei.org>
| * Security: remove security.h include from mm.hJames Morris2008-01-24
| | | | | | | | | | | | | | | | | | Remove security.h include from mm.h, as it is only needed for a single extern declaration, and pulls in all kinds of crud. Fine-by-me: David Chinner <dgc@sgi.com> Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
| * Security: add get, set, and cloning of superblock security informationEric Paris2008-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds security_get_sb_mnt_opts, security_set_sb_mnt_opts, and security_clont_sb_mnt_opts to the LSM and to SELinux. This will allow filesystems to directly own and control all of their mount options if they so choose. This interface deals only with option identifiers and strings so it should generic enough for any LSM which may come in the future. Filesystems which pass text mount data around in the kernel (almost all of them) need not currently make use of this interface when dealing with SELinux since it will still parse those strings as it always has. I assume future LSM's would do the same. NFS is the primary FS which does not use text mount data and thus must make use of this interface. An LSM would need to implement these functions only if they had mount time options, such as selinux has context= or fscontext=. If the LSM has no mount time options they could simply not implement and let the dummy ops take care of things. An LSM other than SELinux would need to define new option numbers in security.h and any FS which decides to own there own security options would need to be patched to use this new interface for every possible LSM. This is because it was stated to me very clearly that LSM's should not attempt to understand FS mount data and the burdon to understand security should be in the FS which owns the options. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen D. Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
* | Merge branch 'for-linus' of ↵Linus Torvalds2008-01-25
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/hskinnemoen/avr32-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hskinnemoen/avr32-2.6: [AVR32] extint: Set initial irq type to low level [AVR32] extint: change set_irq_type() handling [AVR32] NMI debugging [AVR32] constify function pointer tables [AVR32] ATNGW100: Update defconfig [AVR32] ATSTK1002: Update defconfig [AVR32] Kconfig: Choose daughterboard instead of CPU [AVR32] Add support for ATSTK1003 and ATSTK1004 [AVR32] Clean up external DAC setup code [AVR32] ATSTK1000: Move gpio-leds setup to setup.c [AVR32] Add support for AT32AP7001 and AT32AP7002 [AVR32] Provide more CPU information in /proc/cpuinfo and dmesg [AVR32] Oprofile support [AVR32] Include instrumentation menu Disable VGA text console for AVR32 architecture [AVR32] Enable debugging only when needed ptrace: Call arch_ptrace_attach() when request=PTRACE_TRACEME [AVR32] Remove redundant try_to_freeze() call from do_signal() [AVR32] Drop GFP_COMP for DMA memory allocations
| * | [AVR32] NMI debuggingHaavard Skinnemoen2008-01-25
| | | | | | | | | | | | | | | | | | | | | | | | Change the NMI handler to use the die notifier chain to signal anyone who cares. Add a simple "nmi debugger" which hooks into this chain and that may dump registers, task state, etc. when it happens. Signed-off-by: Haavard Skinnemoen <hskinnemoen@atmel.com>
| * | [AVR32] Add support for AT32AP7001 and AT32AP7002Haavard Skinnemoen2008-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | These are derivatives of the AT32AP7000 chip, which means that most of the code stays the same. Rename a few files, functions, definitions and config symbols to reflect that they apply to all AP700x chips, and exclude some platform devices from chips where they aren't present. Signed-off-by: Haavard Skinnemoen <hskinnemoen@atmel.com>
| * | [AVR32] Provide more CPU information in /proc/cpuinfo and dmesgHaavard Skinnemoen2008-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the following fields to /proc/cpuinfo: * chip type and revision (from the JTAG chip id) * cpu MHz (from clk_get_rate()) * features (from the CONFIG0 register) Also rename "cpu family" to "cpu arch" and "cpu type" to "cpu core" to remove some ambiguity. Show chip type and revision at bootup, and clarify that the other kinds of IDs that we're already printing are for the cpu core and architecture. Rename "AP7000" to "AP7" since that's the name of the core. Signed-off-by: Haavard Skinnemoen <hskinnemoen@atmel.com>
| * | [AVR32] Enable debugging only when neededHaavard Skinnemoen2008-01-25
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Keep track of processes being debugged (including the kernel itself) and turn the OCD system on and off as appropriate. Since enabling debugging turns off some optimizations in the CPU core, this fixes the issue that enabling KProbes support or simply running a program under gdbserver will reduce system performance significantly until the next reboot. The CPU performance will still be reduced for all processes while a process is being debugged, but this is a lot better than reducing the performance forever. Signed-off-by: Haavard Skinnemoen <hskinnemoen@atmel.com>
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6Linus Torvalds2008-01-25
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (125 commits) [CRYPTO] twofish: Merge common glue code [CRYPTO] hifn_795x: Fixup container_of() usage [CRYPTO] cast6: inline bloat-- [CRYPTO] api: Set default CRYPTO_MINALIGN to unsigned long long [CRYPTO] tcrypt: Make xcbc available as a standalone test [CRYPTO] xcbc: Remove bogus hash/cipher test [CRYPTO] xcbc: Fix algorithm leak when block size check fails [CRYPTO] tcrypt: Zero axbuf in the right function [CRYPTO] padlock: Only reset the key once for each CBC and ECB operation [CRYPTO] api: Include sched.h for cond_resched in scatterwalk.h [CRYPTO] salsa20-asm: Remove unnecessary dependency on CRYPTO_SALSA20 [CRYPTO] tcrypt: Add select of AEAD [CRYPTO] salsa20: Add x86-64 assembly version [CRYPTO] salsa20_i586: Salsa20 stream cipher algorithm (i586 version) [CRYPTO] gcm: Introduce rfc4106 [CRYPTO] api: Show async type [CRYPTO] chainiv: Avoid lock spinning where possible [CRYPTO] seqiv: Add select AEAD in Kconfig [CRYPTO] scatterwalk: Handle zero nbytes in scatterwalk_map_and_copy [CRYPTO] null: Allow setkey on digest_null ...
| * | [CRYPTO] api: Set default CRYPTO_MINALIGN to unsigned long longHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Thanks to David Miller for pointing out that the SLAB (or SLOB/SLUB) cache uses the alignment of unsigned long long if the architecture kmalloc/slab alignment macros are not defined. This patch changes the CRYPTO_MINALIGN so that it uses the same default value. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] api: Include sched.h for cond_resched in scatterwalk.hHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | As Andrew Morton correctly points out, we need to explicitly include sched.h as we use the function cond_resched in crypto/scatterwalk.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] chainiv: Avoid lock spinning where possibleHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes chainiv avoid spinning by postponing requests on lock contention if the user allows the use of asynchronous algorithms. If a synchronous algorithm is requested then we behave as before. This should improve IPsec performance on SMP when two CPUs attempt to transmit over the same SA. Currently one of them will spin doing nothing waiting for the other CPU to finish its encryption. This patch makes it postpone the request and get on with other work. If only one CPU is transmitting for a given SA, then we will process the request synchronously as before. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] null: Add null blkcipher algorithmHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds a null blkcipher algorithm called ecb(cipher_null) for backwards compatibility. Previously the null algorithm when used by IPsec copied the data byte by byte. This new algorithm optimises that to a straight memcpy which lets us better measure inherent overheads in our IPsec code. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] aead: Create default givcipher instancesHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes crypto_alloc_aead always return algorithms that is capable of generating their own IVs through givencrypt and givdecrypt. All existing AEAD algorithms already do. New ones must either supply their own or specify a generic IV generator with the geniv field. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] aead: Add aead_geniv_alloc/aead_geniv_freeHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | This patch creates the infrastructure to help the construction of IV generator templates that wrap around AEAD algorithms by adding an IV generator to them. This is useful for AEAD algorithms with no built-in IV generator or to replace their built-in generator. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] aead: Add top-level givencrypt/givdecrypt callsHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | This patch finally makes the givencrypt/givdecrypt operations available to users by adding crypto_aead_givencrypt and crypto_aead_givdecrypt. A suite of helpers to allocate and fill in the request is also available. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] aead: Add givcrypt operationsHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds the underlying givcrypt operations for aead and associated support elements. The rationale is identical to that of the skcipher givcrypt operations, i.e., sometimes only the algorithm knows how the IV should be generated. A new request type aead_givcrypt_request is added which contains an embedded aead_request structure with two new elements to support this operation. The new elements are seq and giv. The seq field should contain a strictly increasing 64-bit integer which may be used by certain IV generators as an input value. The giv field will be used to store the generated IV. It does not need to obey the alignment requirements of the algorithm because it's not used during the operation. The existing iv field must still be available as it will be used to store intermediate IVs and the output IV if chaining is desired. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] skcipher: Add top-level givencrypt/givdecrypt callsHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | This patch finally makes the givencrypt/givdecrypt operations available to users by adding crypto_skcipher_givencrypt and crypto_skcipher_givdecrypt. A suite of helpers to allocate and fill in the request is also available. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] skcipher: Remove crypto_spawn_ablkcipherHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | Now that gcm and authenc have been converted to crypto_spawn_skcipher, this patch removes the obsolete crypto_spawn_ablkcipher function. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] skcipher: Create default givcipher instancesHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes crypto_alloc_ablkcipher/crypto_grab_skcipher always return algorithms that are capable of generating their own IVs through givencrypt and givdecrypt. Each algorithm may specify its default IV generator through the geniv field. For algorithms that do not set the geniv field, the blkcipher layer will pick a default. Currently it's chainiv for synchronous algorithms and eseqiv for asynchronous algorithms. Note that if these wrappers do not work on an algorithm then that algorithm must specify its own geniv or it can't be used at all. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] skcipher: Added skcipher_givcrypt_completeHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | This patch adds the helper skcipher_givcrypt_complete which should be called when an ablkcipher algorithm has completed a givcrypt request. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] skcipher: Add skcipher_geniv_alloc/skcipher_geniv_freeHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | This patch creates the infrastructure to help the construction of givcipher templates that wrap around existing blkcipher/ablkcipher algorithms by adding an IV generator to them. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] skcipher: Added geniv fieldHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | This patch introduces the geniv field which indicates the default IV generator for each algorithm. It should point to a string that is not freed as long as the algorithm is registered. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] skcipher: Add givcrypt operations and givcipher typeHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Different block cipher modes have different requirements for intialisation vectors. For example, CBC can use a simple randomly generated IV while modes such as CTR must use an IV generation mechanisms that give a stronger guarantee on the lack of collisions. Furthermore, disk encryption modes have their own IV generation algorithms. Up until now IV generation has been left to the users of the symmetric key cipher API. This is inconvenient as the number of block cipher modes increase because the user needs to be aware of which mode is supposed to be paired with which IV generation algorithm. Therefore it makes sense to integrate the IV generation into the crypto API. This patch takes the first step in that direction by creating two new ablkcipher operations, givencrypt and givdecrypt that generates an IV before performing the actual encryption or decryption. The operations are currently not exposed to the user. That will be done once the underlying functionality has actually been implemented. It also creates the underlying givcipher type. Algorithms that directly generate IVs would use it instead of ablkcipher. All other algorithms (including all existing ones) would generate a givcipher algorithm upon registration. This givcipher algorithm will be constructed from the geniv string that's stored in every algorithm. That string will locate a template which is instantiated by the blkcipher/ablkcipher algorithm in question to give a givcipher algorithm. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] skcipher: Add crypto_grab_skcipher interfaceHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Note: From now on the collective of ablkcipher/blkcipher/givcipher will be known as skcipher, i.e., symmetric key cipher. The name blkcipher has always been much of a misnomer since it supports stream ciphers too. This patch adds the function crypto_grab_skcipher as a new way of getting an ablkcipher spawn. The problem is that previously we did this in two steps, first getting the algorithm and then calling crypto_init_spawn. This meant that each spawn user had to be aware of what type and mask to use for these two steps. This is difficult and also presents a problem when the type/mask changes as they're about to be for IV generators. The new interface does both steps together just like crypto_alloc_ablkcipher. As a side-effect this also allows us to be stronger on type enforcement for spawns. For now this is only done for ablkcipher but it's trivial to extend for other types. This patch also moves the type/mask logic for skcipher into the helpers crypto_skcipher_type and crypto_skcipher_mask. Finally this patch introduces the function crypto_require_sync to determine whether the user is specifically requesting a sync algorithm. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] ctr: Refactor into ctr and rfc3686Herbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As discussed previously, this patch moves the basic CTR functionality into a chainable algorithm called ctr. The IPsec-specific variant of it is now placed on top with the name rfc3686. So ctr(aes) gives a chainable cipher with IV size 16 while the IPsec variant will be called rfc3686(ctr(aes)). This patch also adjusts gcm accordingly. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] api: Add crypto_attr_alg_nameHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds a new helper crypto_attr_alg_name which is basically the first half of crypto_attr_alg. That is, it returns an algorithm name parameter as a string without looking it up. The caller can then look it up immediately or defer it until later. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] api: Sanitise mask when allocating ablkcipher/hashHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | When allocating ablkcipher/hash objects, we use a mask that's wider than the usual type mask. This patch sanitises the mask supplied by the user so we don't end up using a narrower mask which may lead to unintended results. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] scatterwalk: Restore custom sg chaining for nowHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | Unfortunately the generic chaining hasn't been ported to all architectures yet, and notably not s390. So this patch restores the chainging that we've been using previously which does work everywhere. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] scatterwalk: Move scatterwalk.h to linux/cryptoHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | The scatterwalk infrastructure is used by algorithms so it needs to move out of crypto for future users that may live in drivers/crypto or asm/*/crypto. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] authenc: Move enckeylen into key itselfHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Having enckeylen as a template parameter makes it a pain for hardware devices that implement ciphers with many key sizes since each one would have to be registered separately. Since the authenc algorithm is mainly used for legacy purposes where its key is going to be constructed out of two separate keys, we can in fact embed this value into the key itself. This patch does this by prepending an rtnetlink header to the key that contains the encryption key length. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] aead: Make authsize a run-time parameterHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As it is authsize is an algorithm paramter which cannot be changed at run-time. This is inconvenient because hardware that implements such algorithms would have to register each authsize that they support separately. Since authsize is a property common to all AEAD algorithms, we can add a function setauthsize that sets it at run-time, just like setkey. This patch does exactly that and also changes authenc so that authsize is no longer a parameter of its template. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] api: Add crypto_inc and crypto_xorHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With the addition of more stream ciphers we need to curb the proliferation of ad-hoc xor functions. This patch creates a generic pair of functions, crypto_inc and crypto_xor which does big-endian increment and exclusive or, respectively. For optimum performance, they both use u32 operations so alignment must be as that of u32 even though the arguments are of type u8 *. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [HWRNG]: move status polling loop to data_present callbacksPatrick McHardy2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | Handle waiting for new random within the drivers themselves, this allows to use better suited timeouts for the individual rngs. Signed-off-by: Patrick McHardy <kaber@trash.net> Acked-by: Michael Buesch <mb@bu3sch.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] ablkcipher: Add distinct ABLKCIPHER typeHerbert Xu2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Up until now we have ablkcipher algorithms have been identified as type BLKCIPHER with the ASYNC bit set. This is suboptimal because ablkcipher refers to two things. On the one hand it refers to the top-level ablkcipher interface with requests. On the other hand it refers to and algorithm type underneath. As it is you cannot request a synchronous block cipher algorithm with the ablkcipher interface on top. This is a problem because we want to be able to eventually phase out the blkcipher top-level interface. This patch fixes this by making ABLKCIPHER its own type, just as we have distinct types for HASH and DIGEST. The type it associated with the algorithm implementation only. Which top-level interface is used for synchronous block ciphers is then determined by the mask that's used. If it's a specific mask then the old blkcipher interface is given, otherwise we go with the new ablkcipher interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] sha256-generic: Extend sha256_generic.c to support SHA-224Jonathan Lynch2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Resubmitting this patch which extends sha256_generic.c to support SHA-224 as described in FIPS 180-2 and RFC 3874. HMAC-SHA-224 as described in RFC4231 is then supported through the hmac interface. Patch includes test vectors for SHA-224 and HMAC-SHA-224. SHA-224 chould be chosen as a hash algorithm when 112 bits of security strength is required. Patch generated against the 2.6.24-rc1 kernel and tested against 2.6.24-rc1-git14 which includes fix for scatter gather implementation for HMAC. Signed-off-by: Jonathan Lynch <jonathan.lynch@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] aes-generic: Make key generation exportableSebastian Siewior2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch exports four tables and the set_key() routine. This ressources can be shared by other AES implementations (aes-x86_64 for instance). The decryption key has been turned around (deckey[0] is the first piece of the key instead of deckey[keylen+20]). The encrypt/decrypt functions are looking now identical (except they are using different tables and key). Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] aes: Move common defines into a header fileSebastian Siewior2008-01-10
| | | | | | | | | | | | | | | | | | | | | This three defines are used in all AES related hardware. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * | [CRYPTO] des: Create header file for common macrosEvgeniy Polyakov2008-01-10
| | | | | | | | | | | | | | | | | | | | | | | | This patch creates include/crypto/des.h for common macros shared between DES implementations. Signed-off-by: Evgeniy Polyakov <johnpol@2ka.mipt.ru> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | | Kobject: fix coding style issues in kobject.hGreg Kroah-Hartman2008-01-25
| | | | | | | | | | | | | | | | | | Finally clean up the odd spaces and other mess in kobject.h Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* | | Driver core: fix coding style issues in device.hGreg Kroah-Hartman2008-01-25
| | | | | | | | | | | | | | | | | | Finally clean up the odd spaces and other mess in device.h Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* | | Driver Core: add class iteration apiDave Young2008-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the following class iteration functions for driver use: class_for_each_device class_find_device class_for_each_child class_find_child Signed-off-by: Dave Young <hidave.darkstar@gmail.com> Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* | | Driver Core: constify the name passed to platform_device_register_simpleStephen Rothwell2008-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | This name is just passed to platform_device_alloc which has its parameter declared const. Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* | | Driver core: change sysdev classes to use dynamic kobject namesKay Sievers2008-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | All kobjects require a dynamically allocated name now. We no longer need to keep track if the name is statically assigned, we can just unconditionally free() all kobject names on cleanup. Signed-off-by: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* | | Kobject: remove kobject_unregister() as no one uses it anymoreGreg Kroah-Hartman2008-01-24
| | | | | | | | | | | | | | | | | | | | | | | | There are no in-kernel users of kobject_unregister() so it should be removed. Cc: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* | | Kobject: auto-cleanup on final unrefKay Sievers2008-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We save the current state in the object itself, so we can do proper cleanup when the last reference is dropped. If the initial reference is dropped, the object will be removed from sysfs if needed, if an "add" event was sent, "remove" will be send, and the allocated resources are released. This allows us to clean up some driver core usage as well as allowing us to do other such changes to the rest of the kernel. Signed-off-by: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* | | Kset: remove kset_add functionGreg Kroah-Hartman2008-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | No one is calling this anymore, so just remove it and hard-code the one internal-use of it. Cc: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>