2009-06-11 07:10:39

by Huang, Ying

[permalink] [raw]
Subject: [RFC 1/7] crypto: Add GHASH digest algorithm for GCM

GHASH is implemented as a shash algorithm. The actual implementation
is copied from gcm.c. This makes it possible to add
architecture/hardware accelerated GHASH implementation.

Signed-off-by: Huang Ying <[email protected]>

---
crypto/Kconfig | 7 +
crypto/Makefile | 2
crypto/ghash-generic.c | 179 +++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 188 insertions(+)

--- /dev/null
+++ b/crypto/ghash-generic.c
@@ -0,0 +1,179 @@
+/*
+ * GHASH: digest algorithm for GCM (Galois/Counter Mode).
+ *
+ * Copyright (c) 2007 Nokia Siemens Networks - Mikko Herranen <[email protected]>
+ * Copyright (c) 2009 Intel Corp.
+ * Author: Huang Ying <[email protected]>
+ *
+ * The algorithm implementation is copied from gcm.c.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 as published
+ * by the Free Software Foundation.
+ */
+
+#include <linux/module.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
+#include <linux/crypto.h>
+#include <crypto/gf128mul.h>
+#include <crypto/algapi.h>
+#include <crypto/internal/hash.h>
+
+#define GHASH_BLOCK_SIZE 16
+#define GHASH_DIGEST_SIZE 16
+
+struct ghash_ctx {
+ struct gf128mul_4k *gf128;
+};
+
+struct ghash_desc_ctx {
+ u8 buffer[16];
+ u32 bytes;
+};
+
+static int ghash_init(struct shash_desc *desc)
+{
+ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
+
+ dctx->bytes = 0;
+ memset(dctx->buffer, 0, 16);
+
+ return 0;
+}
+
+static int ghash_setkey(struct crypto_shash *tfm,
+ const u8 *key, unsigned int keylen)
+{
+ struct ghash_ctx *ctx = crypto_shash_ctx(tfm);
+
+ if (keylen != 16) {
+ crypto_shash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ return -EINVAL;
+ }
+
+ if (ctx->gf128)
+ gf128mul_free_4k(ctx->gf128);
+ ctx->gf128 = gf128mul_init_4k_lle((be128 *)key);
+ if (!ctx->gf128)
+ return -ENOMEM;
+
+ return 0;
+}
+
+static int ghash_update(struct shash_desc *desc,
+ const u8 *src, unsigned int srclen)
+{
+ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
+ struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
+ u8 *dst = dctx->buffer;
+
+ if (dctx->bytes) {
+ int n = min(srclen, dctx->bytes);
+ u8 *pos = dst + (16 - dctx->bytes);
+
+ dctx->bytes -= n;
+ srclen -= n;
+
+ while (n--)
+ *pos++ ^= *src++;
+
+ if (!dctx->bytes)
+ gf128mul_4k_lle((be128 *)dst, ctx->gf128);
+ }
+
+ while (srclen >= 16) {
+ crypto_xor(dst, src, 16);
+ gf128mul_4k_lle((be128 *)dst, ctx->gf128);
+ src += 16;
+ srclen -= 16;
+ }
+
+ if (srclen) {
+ dctx->bytes = 16 - srclen;
+ while (srclen--)
+ *dst++ ^= *src++;
+ }
+
+ return 0;
+}
+
+static void ghash_flush(struct ghash_ctx *ctx, struct ghash_desc_ctx *dctx)
+{
+ u8 *dst = dctx->buffer;
+
+ if (dctx->bytes) {
+ u8 *tmp = dst + (16 - dctx->bytes);
+
+ while (dctx->bytes--)
+ *tmp++ ^= 0;
+
+ gf128mul_4k_lle((be128 *)dst, ctx->gf128);
+ }
+
+ dctx->bytes = 0;
+}
+
+static int ghash_final(struct shash_desc *desc, u8 *dst)
+{
+ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
+ struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
+ u8 *buf = dctx->buffer;
+
+ ghash_flush(ctx, dctx);
+ memcpy(dst, buf, 16);
+
+ return 0;
+}
+
+static int ghash_init_tfm(struct crypto_tfm *tfm)
+{
+ struct ghash_ctx *ctx = crypto_tfm_ctx(tfm);
+ ctx->gf128 = NULL;
+ return 0;
+}
+
+static void ghash_exit_tfm(struct crypto_tfm *tfm)
+{
+ struct ghash_ctx *ctx = crypto_tfm_ctx(tfm);
+ if (ctx->gf128)
+ gf128mul_free_4k(ctx->gf128);
+}
+
+static struct shash_alg ghash_alg = {
+ .digestsize = GHASH_DIGEST_SIZE,
+ .init = ghash_init,
+ .update = ghash_update,
+ .final = ghash_final,
+ .setkey = ghash_setkey,
+ .descsize = sizeof(struct ghash_desc_ctx),
+ .base = {
+ .cra_name = "ghash",
+ .cra_driver_name = "ghash-generic",
+ .cra_priority = 100,
+ .cra_flags = CRYPTO_ALG_TYPE_SHASH,
+ .cra_blocksize = GHASH_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct ghash_ctx),
+ .cra_module = THIS_MODULE,
+ .cra_list = LIST_HEAD_INIT(ghash_alg.base.cra_list),
+ .cra_init = ghash_init_tfm,
+ .cra_exit = ghash_exit_tfm,
+ },
+};
+
+static int __init ghash_mod_init(void)
+{
+ return crypto_register_shash(&ghash_alg);
+}
+
+static void __exit ghash_mod_exit(void)
+{
+ crypto_unregister_shash(&ghash_alg);
+}
+
+module_init(ghash_mod_init);
+module_exit(ghash_mod_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_DESCRIPTION("GHASH Message Digest Algorithm");
+MODULE_ALIAS("ghash");
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -419,6 +419,13 @@ config CRYPTO_WP512
See also:
<http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>

+config CRYPTO_GHASH
+ tristate "GHASH digest algorithm"
+ select CRYPTO_SHASH
+ select CRYPTO_GF128MUL
+ help
+ GHASH is message digest algorithm for GCM (Galois/Counter Mode).
+
comment "Ciphers"

config CRYPTO_AES
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -83,6 +83,8 @@ obj-$(CONFIG_CRYPTO_RNG2) += rng.o
obj-$(CONFIG_CRYPTO_RNG2) += krng.o
obj-$(CONFIG_CRYPTO_ANSI_CPRNG) += ansi_cprng.o
obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o
+obj-$(CONFIG_CRYPTO_MD5) += md5.o
+obj-$(CONFIG_CRYPTO_GHASH) += ghash-generic.o

#
# generic algorithms and the async_tx api




Subject: Re: [RFC 1/7] crypto: Add GHASH digest algorithm for GCM

* Huang Ying | 2009-06-11 15:10:26 [+0800]:

>GHASH is implemented as a shash algorithm. The actual implementation
>is copied from gcm.c. This makes it possible to add
>architecture/hardware accelerated GHASH implementation.
>
>Signed-off-by: Huang Ying <[email protected]>
>
>---
> crypto/Kconfig | 7 +
> crypto/Makefile | 2
> crypto/ghash-generic.c | 179 +++++++++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 188 insertions(+)
>
>--- /dev/null
>+++ b/crypto/ghash-generic.c
>@@ -0,0 +1,179 @@
>+/*
>+ * GHASH: digest algorithm for GCM (Galois/Counter Mode).
>+ *
>+ * Copyright (c) 2007 Nokia Siemens Networks - Mikko Herranen <[email protected]>
>+ * Copyright (c) 2009 Intel Corp.
>+ * Author: Huang Ying <[email protected]>
>+ *
>+ * The algorithm implementation is copied from gcm.c.
>+ *
>+ * This program is free software; you can redistribute it and/or modify it
>+ * under the terms of the GNU General Public License version 2 as published
>+ * by the Free Software Foundation.
>+ */
>+
>+#include <linux/module.h>
>+#include <linux/init.h>
>+#include <linux/kernel.h>
>+#include <linux/crypto.h>
>+#include <crypto/gf128mul.h>
>+#include <crypto/algapi.h>
>+#include <crypto/internal/hash.h>
Do you mind to sort them?

>+
>+#define GHASH_BLOCK_SIZE 16
>+#define GHASH_DIGEST_SIZE 16
>+
>+struct ghash_ctx {
>+ struct gf128mul_4k *gf128;
>+};
>+
>+struct ghash_desc_ctx {
>+ u8 buffer[16];
>+ u32 bytes;
>+};
>+
>+static int ghash_init(struct shash_desc *desc)
>+{
>+ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
>+
>+ dctx->bytes = 0;
>+ memset(dctx->buffer, 0, 16);
>+
you could memset() the whole struct at once

>+ return 0;
>+}
>+
>+static int ghash_setkey(struct crypto_shash *tfm,
>+ const u8 *key, unsigned int keylen)
>+{
>+ struct ghash_ctx *ctx = crypto_shash_ctx(tfm);
>+
>+ if (keylen != 16) {
>+ crypto_shash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
>+ return -EINVAL;
>+ }
>+
>+ if (ctx->gf128)
>+ gf128mul_free_4k(ctx->gf128);
>+ ctx->gf128 = gf128mul_init_4k_lle((be128 *)key);
>+ if (!ctx->gf128)
>+ return -ENOMEM;
>+
>+ return 0;
>+}
>+
>+static int ghash_update(struct shash_desc *desc,
>+ const u8 *src, unsigned int srclen)
>+{
>+ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
>+ struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
>+ u8 *dst = dctx->buffer;
>+
>+ if (dctx->bytes) {
>+ int n = min(srclen, dctx->bytes);
>+ u8 *pos = dst + (16 - dctx->bytes);
>+
>+ dctx->bytes -= n;
>+ srclen -= n;
>+
>+ while (n--)
>+ *pos++ ^= *src++;
>+
>+ if (!dctx->bytes)
>+ gf128mul_4k_lle((be128 *)dst, ctx->gf128);
>+ }
>+
>+ while (srclen >= 16) {
>+ crypto_xor(dst, src, 16);
>+ gf128mul_4k_lle((be128 *)dst, ctx->gf128);
>+ src += 16;
>+ srclen -= 16;
>+ }
>+
>+ if (srclen) {
>+ dctx->bytes = 16 - srclen;
>+ while (srclen--)
>+ *dst++ ^= *src++;
>+ }
>+
16 here looks like GHASH_BLOCK_SIZE to me

>+ return 0;
>+}
>+
>+static void ghash_flush(struct ghash_ctx *ctx, struct ghash_desc_ctx *dctx)
>+{
>+ u8 *dst = dctx->buffer;
>+
>+ if (dctx->bytes) {
>+ u8 *tmp = dst + (16 - dctx->bytes);
>+
>+ while (dctx->bytes--)
>+ *tmp++ ^= 0;
>+
>+ gf128mul_4k_lle((be128 *)dst, ctx->gf128);
>+ }
>+
>+ dctx->bytes = 0;
>+}
>+
>+static int ghash_final(struct shash_desc *desc, u8 *dst)
>+{
>+ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
>+ struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
>+ u8 *buf = dctx->buffer;
>+
>+ ghash_flush(ctx, dctx);
>+ memcpy(dst, buf, 16);
>+
>+ return 0;
>+}
>+
>+static int ghash_init_tfm(struct crypto_tfm *tfm)
>+{
>+ struct ghash_ctx *ctx = crypto_tfm_ctx(tfm);
>+ ctx->gf128 = NULL;

Unless I'm mistaken, this is called once on allocation and this ctx is
allocated via kzalloc().

>+ return 0;
>+}
>+
>+static void ghash_exit_tfm(struct crypto_tfm *tfm)
>+{
>+ struct ghash_ctx *ctx = crypto_tfm_ctx(tfm);
>+ if (ctx->gf128)
>+ gf128mul_free_4k(ctx->gf128);
>+}
>+
>+static struct shash_alg ghash_alg = {
>+ .digestsize = GHASH_DIGEST_SIZE,
>+ .init = ghash_init,
>+ .update = ghash_update,
>+ .final = ghash_final,
>+ .setkey = ghash_setkey,
>+ .descsize = sizeof(struct ghash_desc_ctx),
>+ .base = {
>+ .cra_name = "ghash",
>+ .cra_driver_name = "ghash-generic",
>+ .cra_priority = 100,
>+ .cra_flags = CRYPTO_ALG_TYPE_SHASH,
>+ .cra_blocksize = GHASH_BLOCK_SIZE,
>+ .cra_ctxsize = sizeof(struct ghash_ctx),
>+ .cra_module = THIS_MODULE,
>+ .cra_list = LIST_HEAD_INIT(ghash_alg.base.cra_list),
>+ .cra_init = ghash_init_tfm,
>+ .cra_exit = ghash_exit_tfm,
>+ },
>+};
>+
>+static int __init ghash_mod_init(void)
>+{
>+ return crypto_register_shash(&ghash_alg);
>+}
>+
>+static void __exit ghash_mod_exit(void)
>+{
>+ crypto_unregister_shash(&ghash_alg);
>+}
>+
>+module_init(ghash_mod_init);
>+module_exit(ghash_mod_exit);
>+
>+MODULE_LICENSE("GPL");
>+MODULE_DESCRIPTION("GHASH Message Digest Algorithm");
>+MODULE_ALIAS("ghash");
>--- a/crypto/Kconfig
>+++ b/crypto/Kconfig
>@@ -419,6 +419,13 @@ config CRYPTO_WP512
> See also:
> <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
>
>+config CRYPTO_GHASH
>+ tristate "GHASH digest algorithm"
>+ select CRYPTO_SHASH
>+ select CRYPTO_GF128MUL
>+ help
>+ GHASH is message digest algorithm for GCM (Galois/Counter Mode).
>+
Could you please move it to the 'G' section

> comment "Ciphers"
>
> config CRYPTO_AES
>--- a/crypto/Makefile
>+++ b/crypto/Makefile
>@@ -83,6 +83,8 @@ obj-$(CONFIG_CRYPTO_RNG2) += rng.o
> obj-$(CONFIG_CRYPTO_RNG2) += krng.o
> obj-$(CONFIG_CRYPTO_ANSI_CPRNG) += ansi_cprng.o
> obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o
>+obj-$(CONFIG_CRYPTO_MD5) += md5.o
md5?

>+obj-$(CONFIG_CRYPTO_GHASH) += ghash-generic.o
>
> #
> # generic algorithms and the async_tx api
>
>

Sebastian

2009-06-18 02:08:27

by Huang, Ying

[permalink] [raw]
Subject: Re: [RFC 1/7] crypto: Add GHASH digest algorithm for GCM

On Thu, 2009-06-18 at 04:04 +0800, Sebastian Andrzej Siewior wrote:
> * Huang Ying | 2009-06-11 15:10:26 [+0800]:
>
> >GHASH is implemented as a shash algorithm. The actual implementation
> >is copied from gcm.c. This makes it possible to add
> >architecture/hardware accelerated GHASH implementation.
> >
> >Signed-off-by: Huang Ying <[email protected]>
> >
> >---
> > crypto/Kconfig | 7 +
> > crypto/Makefile | 2
> > crypto/ghash-generic.c | 179 +++++++++++++++++++++++++++++++++++++++++++++++++
> > 3 files changed, 188 insertions(+)
> >
> >--- /dev/null
> >+++ b/crypto/ghash-generic.c
> >@@ -0,0 +1,179 @@
> >+/*
> >+ * GHASH: digest algorithm for GCM (Galois/Counter Mode).
> >+ *
> >+ * Copyright (c) 2007 Nokia Siemens Networks - Mikko Herranen <[email protected]>
> >+ * Copyright (c) 2009 Intel Corp.
> >+ * Author: Huang Ying <[email protected]>
> >+ *
> >+ * The algorithm implementation is copied from gcm.c.
> >+ *
> >+ * This program is free software; you can redistribute it and/or modify it
> >+ * under the terms of the GNU General Public License version 2 as published
> >+ * by the Free Software Foundation.
> >+ */
> >+
> >+#include <linux/module.h>
> >+#include <linux/init.h>
> >+#include <linux/kernel.h>
> >+#include <linux/crypto.h>
> >+#include <crypto/gf128mul.h>
> >+#include <crypto/algapi.h>
> >+#include <crypto/internal/hash.h>
> Do you mind to sort them?

Sorry, can you tell me what is the better order?

> >+
> >+#define GHASH_BLOCK_SIZE 16
> >+#define GHASH_DIGEST_SIZE 16
> >+
> >+struct ghash_ctx {
> >+ struct gf128mul_4k *gf128;
> >+};
> >+
> >+struct ghash_desc_ctx {
> >+ u8 buffer[16];
> >+ u32 bytes;
> >+};
> >+
> >+static int ghash_init(struct shash_desc *desc)
> >+{
> >+ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
> >+
> >+ dctx->bytes = 0;
> >+ memset(dctx->buffer, 0, 16);
> >+
> you could memset() the whole struct at once

Yes. That is better, you are right.

> >+ return 0;
> >+}
> >+
> >+static int ghash_setkey(struct crypto_shash *tfm,
> >+ const u8 *key, unsigned int keylen)
> >+{
> >+ struct ghash_ctx *ctx = crypto_shash_ctx(tfm);
> >+
> >+ if (keylen != 16) {
> >+ crypto_shash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
> >+ return -EINVAL;
> >+ }
> >+
> >+ if (ctx->gf128)
> >+ gf128mul_free_4k(ctx->gf128);
> >+ ctx->gf128 = gf128mul_init_4k_lle((be128 *)key);
> >+ if (!ctx->gf128)
> >+ return -ENOMEM;
> >+
> >+ return 0;
> >+}
> >+
> >+static int ghash_update(struct shash_desc *desc,
> >+ const u8 *src, unsigned int srclen)
> >+{
> >+ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
> >+ struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
> >+ u8 *dst = dctx->buffer;
> >+
> >+ if (dctx->bytes) {
> >+ int n = min(srclen, dctx->bytes);
> >+ u8 *pos = dst + (16 - dctx->bytes);
> >+
> >+ dctx->bytes -= n;
> >+ srclen -= n;
> >+
> >+ while (n--)
> >+ *pos++ ^= *src++;
> >+
> >+ if (!dctx->bytes)
> >+ gf128mul_4k_lle((be128 *)dst, ctx->gf128);
> >+ }
> >+
> >+ while (srclen >= 16) {
> >+ crypto_xor(dst, src, 16);
> >+ gf128mul_4k_lle((be128 *)dst, ctx->gf128);
> >+ src += 16;
> >+ srclen -= 16;
> >+ }
> >+
> >+ if (srclen) {
> >+ dctx->bytes = 16 - srclen;
> >+ while (srclen--)
> >+ *dst++ ^= *src++;
> >+ }
> >+
> 16 here looks like GHASH_BLOCK_SIZE to me

Yes. I will change most 16 to corresponding symbol name.

> >+ return 0;
> >+}
> >+
> >+static void ghash_flush(struct ghash_ctx *ctx, struct ghash_desc_ctx *dctx)
> >+{
> >+ u8 *dst = dctx->buffer;
> >+
> >+ if (dctx->bytes) {
> >+ u8 *tmp = dst + (16 - dctx->bytes);
> >+
> >+ while (dctx->bytes--)
> >+ *tmp++ ^= 0;
> >+
> >+ gf128mul_4k_lle((be128 *)dst, ctx->gf128);
> >+ }
> >+
> >+ dctx->bytes = 0;
> >+}
> >+
> >+static int ghash_final(struct shash_desc *desc, u8 *dst)
> >+{
> >+ struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
> >+ struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
> >+ u8 *buf = dctx->buffer;
> >+
> >+ ghash_flush(ctx, dctx);
> >+ memcpy(dst, buf, 16);
> >+
> >+ return 0;
> >+}
> >+
> >+static int ghash_init_tfm(struct crypto_tfm *tfm)
> >+{
> >+ struct ghash_ctx *ctx = crypto_tfm_ctx(tfm);
> >+ ctx->gf128 = NULL;
>
> Unless I'm mistaken, this is called once on allocation and this ctx is
> allocated via kzalloc().

Yes. it is alloced via kzalloc. Can we just rely on this? Should we add
that assumption to somewhere such as document of comments.

> >+ return 0;
> >+}
> >+
> >+static void ghash_exit_tfm(struct crypto_tfm *tfm)
> >+{
> >+ struct ghash_ctx *ctx = crypto_tfm_ctx(tfm);
> >+ if (ctx->gf128)
> >+ gf128mul_free_4k(ctx->gf128);
> >+}
> >+
> >+static struct shash_alg ghash_alg = {
> >+ .digestsize = GHASH_DIGEST_SIZE,
> >+ .init = ghash_init,
> >+ .update = ghash_update,
> >+ .final = ghash_final,
> >+ .setkey = ghash_setkey,
> >+ .descsize = sizeof(struct ghash_desc_ctx),
> >+ .base = {
> >+ .cra_name = "ghash",
> >+ .cra_driver_name = "ghash-generic",
> >+ .cra_priority = 100,
> >+ .cra_flags = CRYPTO_ALG_TYPE_SHASH,
> >+ .cra_blocksize = GHASH_BLOCK_SIZE,
> >+ .cra_ctxsize = sizeof(struct ghash_ctx),
> >+ .cra_module = THIS_MODULE,
> >+ .cra_list = LIST_HEAD_INIT(ghash_alg.base.cra_list),
> >+ .cra_init = ghash_init_tfm,
> >+ .cra_exit = ghash_exit_tfm,
> >+ },
> >+};
> >+
> >+static int __init ghash_mod_init(void)
> >+{
> >+ return crypto_register_shash(&ghash_alg);
> >+}
> >+
> >+static void __exit ghash_mod_exit(void)
> >+{
> >+ crypto_unregister_shash(&ghash_alg);
> >+}
> >+
> >+module_init(ghash_mod_init);
> >+module_exit(ghash_mod_exit);
> >+
> >+MODULE_LICENSE("GPL");
> >+MODULE_DESCRIPTION("GHASH Message Digest Algorithm");
> >+MODULE_ALIAS("ghash");
> >--- a/crypto/Kconfig
> >+++ b/crypto/Kconfig
> >@@ -419,6 +419,13 @@ config CRYPTO_WP512
> > See also:
> > <http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html>
> >
> >+config CRYPTO_GHASH
> >+ tristate "GHASH digest algorithm"
> >+ select CRYPTO_SHASH
> >+ select CRYPTO_GF128MUL
> >+ help
> >+ GHASH is message digest algorithm for GCM (Galois/Counter Mode).
> >+
> Could you please move it to the 'G' section

OK. I will do this.

> > comment "Ciphers"
> >
> > config CRYPTO_AES
> >--- a/crypto/Makefile
> >+++ b/crypto/Makefile
> >@@ -83,6 +83,8 @@ obj-$(CONFIG_CRYPTO_RNG2) += rng.o
> > obj-$(CONFIG_CRYPTO_RNG2) += krng.o
> > obj-$(CONFIG_CRYPTO_ANSI_CPRNG) += ansi_cprng.o
> > obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o
> >+obj-$(CONFIG_CRYPTO_MD5) += md5.o
> md5?

Sorry, I will remove this, and move GHASH line to appropriate position.

> >+obj-$(CONFIG_CRYPTO_GHASH) += ghash-generic.o
> >
> > #
> > # generic algorithms and the async_tx api
> >
> >

Best Regards,
Huang Ying


2009-06-18 02:43:51

by Herbert Xu

[permalink] [raw]
Subject: Re: [RFC 1/7] crypto: Add GHASH digest algorithm for GCM

On Thu, Jun 18, 2009 at 10:08:27AM +0800, Huang Ying wrote:
>
> > Unless I'm mistaken, this is called once on allocation and this ctx is
> > allocated via kzalloc().
>
> Yes. it is alloced via kzalloc. Can we just rely on this? Should we add
> that assumption to somewhere such as document of comments.

Yes you can rely on this.

Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Subject: Re: [RFC 1/7] crypto: Add GHASH digest algorithm for GCM

* Huang Ying | 2009-06-18 10:08:27 [+0800]:

>On Thu, 2009-06-18 at 04:04 +0800, Sebastian Andrzej Siewior wrote:
>> >+#include <linux/module.h>
>> >+#include <linux/init.h>
>> >+#include <linux/kernel.h>
>> >+#include <linux/crypto.h>
>> >+#include <crypto/gf128mul.h>
>> >+#include <crypto/algapi.h>
>> >+#include <crypto/internal/hash.h>
>> Do you mind to sort them?
>
>Sorry, can you tell me what is the better order?

For header files it shouldn't matter if you include linux/module.h
followed by linux/init.h or the other way around. If you have them in
one place and sorted you can easily find out where to put the next one
and tell whether a specific header file is allready included. You also
make it a little harder to include one header file twice. If you think
this does not happen, a quick grep over the scsi tree shows:

|$ fgrep -R '#include ' drivers/scsi/ | sort > sort.txt
|$ fgrep -R '#include ' drivers/scsi/ | sort -u > sort-u.txt
|$ diff -u sort.txt sort-u.txt
|--- sort.txt 2009-06-18 09:12:27.551876506 +0200
|+++ sort-u.txt 2009-06-18 09:12:36.226342283 +0200
|@@ -1347,7 +1347,6 @@
| drivers/scsi/fcoe/libfcoe.c:#include <linux/list.h>
| drivers/scsi/fcoe/libfcoe.c:#include <linux/module.h>
| drivers/scsi/fcoe/libfcoe.c:#include <linux/netdevice.h>
|-drivers/scsi/fcoe/libfcoe.c:#include <linux/netdevice.h>
| drivers/scsi/fcoe/libfcoe.c:#include <linux/spinlock.h>
| drivers/scsi/fcoe/libfcoe.c:#include <linux/timer.h>
| drivers/scsi/fcoe/libfcoe.c:#include <linux/types.h>
|@@ -1623,7 +1622,6 @@
| drivers/scsi/gdth.h:#include <linux/types.h>
| drivers/scsi/gdth_proc.c:#include <linux/completion.h>
| drivers/scsi/gvp11.c:#include "gvp11.h"
|-drivers/scsi/gvp11.c:#include "gvp11.h"
| drivers/scsi/gvp11.c:#include "scsi.h"
| drivers/scsi/gvp11.c:#include "scsi_module.c"
| drivers/scsi/gvp11.c:#include "wd33c93.h"
|@@ -1718,7 +1716,6 @@
| drivers/scsi/ibmvscsi/ibmvfc.h:#include <linux/types.h>
| drivers/scsi/ibmvscsi/ibmvscsi.c:#include "ibmvscsi.h"
| drivers/scsi/ibmvscsi/ibmvscsi.c:#include <asm/firmware.h>
|-drivers/scsi/ibmvscsi/ibmvscsi.c:#include <asm/firmware.h>
| drivers/scsi/ibmvscsi/ibmvscsi.c:#include <asm/vio.h>
| drivers/scsi/ibmvscsi/ibmvscsi.c:#include <linux/delay.h>
| drivers/scsi/ibmvscsi/ibmvscsi.c:#include <linux/dma-mapping.h>
|@@ -2633,7 +2630,6 @@
| drivers/scsi/mpt2sas/mpt2sas_transport.c:#include <scsi/scsi_host.h>
| drivers/scsi/mpt2sas/mpt2sas_transport.c:#include <scsi/scsi_transport_sas.h>
| drivers/scsi/mvme147.c:#include "mvme147.h"
|-drivers/scsi/mvme147.c:#include "mvme147.h"
| drivers/scsi/mvme147.c:#include "scsi.h"
| drivers/scsi/mvme147.c:#include "scsi_module.c"
| drivers/scsi/mvme147.c:#include "wd33c93.h"

SCSI was just a random example.

>Best Regards,
>Huang Ying

Sebastian

2009-06-18 07:32:42

by Huang, Ying

[permalink] [raw]
Subject: Re: [RFC 1/7] crypto: Add GHASH digest algorithm for GCM

On Thu, 2009-06-18 at 15:27 +0800, Sebastian Andrzej Siewior wrote:
> * Huang Ying | 2009-06-18 10:08:27 [+0800]:
>
> >On Thu, 2009-06-18 at 04:04 +0800, Sebastian Andrzej Siewior wrote:
> >> >+#include <linux/module.h>
> >> >+#include <linux/init.h>
> >> >+#include <linux/kernel.h>
> >> >+#include <linux/crypto.h>
> >> >+#include <crypto/gf128mul.h>
> >> >+#include <crypto/algapi.h>
> >> >+#include <crypto/internal/hash.h>
> >> Do you mind to sort them?
> >
> >Sorry, can you tell me what is the better order?
>
> For header files it shouldn't matter if you include linux/module.h
> followed by linux/init.h or the other way around. If you have them in
> one place and sorted you can easily find out where to put the next one
> and tell whether a specific header file is allready included. You also
> make it a little harder to include one header file twice. If you think
> this does not happen, a quick grep over the scsi tree shows:
>
> |$ fgrep -R '#include ' drivers/scsi/ | sort > sort.txt
> |$ fgrep -R '#include ' drivers/scsi/ | sort -u > sort-u.txt
> |$ diff -u sort.txt sort-u.txt
> |--- sort.txt 2009-06-18 09:12:27.551876506 +0200
> |+++ sort-u.txt 2009-06-18 09:12:36.226342283 +0200
> |@@ -1347,7 +1347,6 @@
> | drivers/scsi/fcoe/libfcoe.c:#include <linux/list.h>
> | drivers/scsi/fcoe/libfcoe.c:#include <linux/module.h>
> | drivers/scsi/fcoe/libfcoe.c:#include <linux/netdevice.h>
> |-drivers/scsi/fcoe/libfcoe.c:#include <linux/netdevice.h>
> | drivers/scsi/fcoe/libfcoe.c:#include <linux/spinlock.h>
> | drivers/scsi/fcoe/libfcoe.c:#include <linux/timer.h>
> | drivers/scsi/fcoe/libfcoe.c:#include <linux/types.h>
> |@@ -1623,7 +1622,6 @@
> | drivers/scsi/gdth.h:#include <linux/types.h>
> | drivers/scsi/gdth_proc.c:#include <linux/completion.h>
> | drivers/scsi/gvp11.c:#include "gvp11.h"
> |-drivers/scsi/gvp11.c:#include "gvp11.h"
> | drivers/scsi/gvp11.c:#include "scsi.h"
> | drivers/scsi/gvp11.c:#include "scsi_module.c"
> | drivers/scsi/gvp11.c:#include "wd33c93.h"
> |@@ -1718,7 +1716,6 @@
> | drivers/scsi/ibmvscsi/ibmvfc.h:#include <linux/types.h>
> | drivers/scsi/ibmvscsi/ibmvscsi.c:#include "ibmvscsi.h"
> | drivers/scsi/ibmvscsi/ibmvscsi.c:#include <asm/firmware.h>
> |-drivers/scsi/ibmvscsi/ibmvscsi.c:#include <asm/firmware.h>
> | drivers/scsi/ibmvscsi/ibmvscsi.c:#include <asm/vio.h>
> | drivers/scsi/ibmvscsi/ibmvscsi.c:#include <linux/delay.h>
> | drivers/scsi/ibmvscsi/ibmvscsi.c:#include <linux/dma-mapping.h>
> |@@ -2633,7 +2630,6 @@
> | drivers/scsi/mpt2sas/mpt2sas_transport.c:#include <scsi/scsi_host.h>
> | drivers/scsi/mpt2sas/mpt2sas_transport.c:#include <scsi/scsi_transport_sas.h>
> | drivers/scsi/mvme147.c:#include "mvme147.h"
> |-drivers/scsi/mvme147.c:#include "mvme147.h"
> | drivers/scsi/mvme147.c:#include "scsi.h"
> | drivers/scsi/mvme147.c:#include "scsi_module.c"
> | drivers/scsi/mvme147.c:#include "wd33c93.h"
>
> SCSI was just a random example.

Sounds reasonable. I will do that.

Best Regards,
Huang Ying