This patch adds the new type of block ciphers.  Unlike current cipher
algorithms which operate on a single block at a time, block ciphers
operate on an arbitrarily long linear area of data.  As it is block-based,
it will skip any data remaining at the end which cannot form a block.

The block cipher has one major difference when compared to the existing
block cipher implementation.  The sg walking is now performed by the
algorithm rather than the cipher mid-layer.  This is needed for drivers
that directly support sg lists.  It also improves performance for all
algorithms as it reduces the total number of indirect calls by one.

In future the existing cipher algorithm will be converted to only have
a single-block interface.  This will be done after all existing users
have switched over to the new block cipher type.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch prepares the scatterwalk code for use by the new block cipher
type.

Firstly it halves the size of scatter_walk on 32-bit platforms.  This
is important as we allocate at least two of these objects on the stack
for each block cipher operation.

It also exports the symbols since the block cipher code can be built as
a module.

Finally there is a hack in scatterwalk_unmap that relies on progress
being made.  Unfortunately, for hardware crypto we can't guarantee
progress to be made since the hardware can fail.

So this also gets rid of the hack by not advancing the address returned
by scatterwalk_map.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds two new operations for the simple cipher that encrypts or
decrypts a single block at a time.  This will be the main interface after
the existing block operations have moved over to the new block ciphers.

It also adds the crypto_cipher type which is currently only used on the
new operations but will be extended to setkey as well once existing users
have been converted to use block ciphers where applicable.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds the crypto_type structure which will be used for all new
crypto algorithm types, beginning with block ciphers.

The primary purpose of this abstraction is to allow different crypto_type
objects for crypto algorithms of the same type, in particular, there will
be a different crypto_type objects for asynchronous algorithms.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Up until now all crypto transforms have been of the same type, struct
crypto_tfm, regardless of whether they are ciphers, digests, or other
types.  As a result of that, we check the types at run-time before
each crypto operation.

This is rather cumbersome.  We could instead use different C types for
each crypto type to ensure that the correct types are used at compile
time.  That is, we would have crypto_cipher/crypto_digest instead of
just crypto_tfm.  The appropriate type would then be required for the
actual operations such as crypto_digest_digest.

Now that we have the type/mask fields when looking up algorithms, it
is easy to request for an algorithm of the precise type that the user
wants.  However, crypto_alloc_tfm currently does not expose these new
attributes.

This patch introduces the function crypto_alloc_base which will carry
these new parameters.  It will be renamed to crypto_alloc_tfm once
all existing users have been converted.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds the asynchronous flag and changes all existing users to
only look up algorithms that are synchronous.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds the helpers crypto_get_attr_alg and crypto_alloc_instance
which can be used by simple one-argument templates like hmac to process
input parameters and allocate instances.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch makes IV operations on ECB fail through nocrypt_iv rather than
calling BUG().  This is needed to generalise CBC/ECB using the template
mechanism.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Now that the tfm is passed directly to setkey instead of the ctx, we no
longer need to pass the &tfm->crt_flags pointer.

This patch also gets rid of a few unnecessary checks on the key length
for ciphers as the cipher layer guarantees that the key length is within
the bounds specified by the algorithm.

Rather than testing dia_setkey every time, this patch does it only once
during crypto_alloc_tfm.  The redundant check from crypto_digest_setkey
is also removed.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Add missing accessors for cra_driver_name and cra_priority.
Signed-off-by: NMichal Ludvig <michal@logix.cz>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Spawns lock a specific crypto algorithm in place.  They can then be used
with crypto_spawn_tfm to allocate a tfm for that algorithm.  When the base
algorithm of a spawn is deregistered, all its spawns will be automatically
removed.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

The cryptomgr module is a simple manager of crypto algorithm instances.
It ensures that parameterised algorithms of the type tmpl(alg) (e.g.,
cbc(aes)) are always created.

This is meant to satisfy the needs for most users.  For more complex
cases such as deeper combinations or multiple parameters, a netlink
module will be created which allows arbitrary expressions to be parsed
in user-space.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

This patch adds a notifier chain for algorithm/template registration events.
This will be used to register compound algorithms such as cbc(aes).  In
future this will also be passed onto user-space through netlink.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

A crypto_template generates a crypto_alg object when given a set of
parameters.  this patch adds the basic data structure fo templates
and code to handle their registration/deregistration.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

The crypto API is made up of the part facing users such as IPsec and the
low-level part which is used by cryptographic entities such as algorithms.
This patch splits out the latter so that the two APIs are more clearly
delineated.  As a bonus the low-level API can now be modularised if all
algorithms are built as modules.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The header file linux/crypto.h is only needed by a few files so including
it in net/xfrm.h (which is included by half of the networking stack) is a
waste.  This patch moves it out of net/xfrm.h and into the specific header
files that actually need it.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Up until now we've relied on module reference counting to ensure that the
crypto_alg structures don't disappear from under us.  This was good enough
as long as each crypto_alg came from exactly one module.

However, with parameterised crypto algorithms a crypto_alg object may need
two or more modules to operate.  This means that we need to count the
references to the crypto_alg object directly.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

This patch splits up the twofish crypto routine into a common part ( key
setup  ) which will be uses by all twofish crypto modules ( generic-c , i586
assembler and x86_64 assembler ) and generic-c part. It also creates a new
header file which will be used by all 3 modules.

This eliminates all code duplication.

Correctness was verified with the tcrypt module and automated test scripts.
Signed-off-by: NJoachim Fritschi <jfritschi@freenet.de>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Previously the __aligned__ attribute was added to the crypto_tfm context
member to ensure it is alinged correctly on architectures such as arm.
Unfortunately kmalloc does not use the same minimum alignment rules as
gcc so this is useless.

This patch changes it to use kmalloc's minimum alignment.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Remove definitions of PAGE_* from the user view
Delete unnecessary comments referring to the size of pages
Only include <asm-generic> if we're in __KERNEL__
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Signed-off-by: NMatthew Wilcox <matthew@wil.cx>
Signed-off-by: NKyle McMartin <kyle@parisc-linux.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

Fix 'make headers_check' on m68k
Signed-off-by: NGeert Uytterhoeven <geert@linux-m68k.org>
Cc: Roman Zippel <zippel@linux-m68k.org>
Cc: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

(And reset it on new thread creation)

It turns out that eflags is important to save and restore not just
because of iopl, but due to the magic bits like the NT bit, which we
don't want leaking between different threads.
Tested-by: NMike Galbraith <efault@gmx.de>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

Move kernel-only #includes into #ifdef __KERNEL__, so that
headers_install target can be used on ARM.
Signed-off-by: NRalph Siemsen <ralphs@netwinder.org>
Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>

This patch includes xt_SECMARK.h and xt_CONNSECMARK.h to the kernel
headers which are exported via 'make headers_install'.  This is needed to
allow userland code to be built correctly with these features.

Please apply, and consider for inclusion with 2.6.18 as a bugfix.
Signed-off-by: NJames Morris <jmorris@redhat.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Alpha currently fails 'make headers_check' in the 2.6.18-rc kernels.  This
patch fixes it, by moving the existing #ifdef __KERNEL__ in asm/page.h so that
it covers everything that userspace shouldn't so, and by adding asm/compiler.h
to the list of exported files so that its use within asm/byteorder.h is
successful.

[ Note that at least with GCC 4, <linux/compiler.h> doesn't do the forced
  inlining about which there are nasty comments (and a workaround) in
  <asm/compiler.h>, unless you set CONFIG_FORCED_INLINING.  Rather than keep
  the mess you have in <asm/compiler.h> you could perhaps just make sure
  CONFIG_FORCED_INLINING=n is also honoured with GCC3, and make sure it cannot
  be set for Alpha? ]
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Cc: Sam Ravnborg <sam@ravnborg.org>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

On Tue, 2006-09-12 at 17:44 +0100, David Woodhouse wrote:
> asm-x86_64/elf.h requires asm/processor.h, which does not exist
> asm-x86_64/signal.h requires linux/linkage.h, which does not exist
> asm-x86_64/unistd.h requires linux/linkage.h, which does not exist
> asm-x86_64/vsyscall.h requires linux/seqlock.h, which does not exist

Again, move stuff which shouldn't be visible inside (mostly already existing)
#ifdef __KERNEL__.

This fixes a bunch of mislabelled and unlabelled #endifs in unistd.h and also
cleans that up to conform with what's visible on other architectures, since
the minimal fix for the error reported about would have involved a more
intrusive patch, renesting other ifdefs.
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Cc: Sam Ravnborg <sam@ravnborg.org>
Cc: Andi Kleen <ak@suse.de>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

This brings i386 asm/unistd.h into consistency with other architectures by not
exporting functionality which is not necessary.
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

On Tue, 2006-09-12 at 17:44 +0100, David Woodhouse wrote:
> asm-ia64/ptrace.h requires asm/asm-offsets.h, which does not exist
> asm-ia64/resource.h requires asm/ustack.h, which does not exist

Hide parts which shouldn't be visible to userspace.
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Cc: Sam Ravnborg <sam@ravnborg.org>
Cc: "Luck, Tony" <tony.luck@intel.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

On Tue, 2006-09-12 at 17:44 +0100, David Woodhouse wrote:
> asm-s390/debug.h requires linux/string.h, which does not exist
> asm-s390/elf.h requires asm/system.h, which does not exist

Move things around slightly so the right things end up within
#ifdef __KERNEL__ and thus don't pollute the exported headers.
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Cc: Sam Ravnborg <sam@ravnborg.org>
Acked-by: NMartin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

Patch from Ben Dooks

Fix the idle code on the s3c2412 as the default
code is using bits in the CLKCON register that are
no-longer there.

Provide an override for the idle code, and ensure
that the power configuration is set to allow idle
instead of stop or sleep.
Signed-off-by: NBen Dooks <ben-linux@fluff.org>
Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>

MIPS asm/page.h unconditionally includes <asm-generic/memory_model.h>, which
doesn't exist in userspace.  Move an #endif /* __KERNEL__ */ down a few lines
to prevent that.

Also, remove the broken definition of PAGE_SIZE which is never going to be
correct -- in the absence of PAGE_SIZE, non-broken userspace will fall back to
using sysconf() or getpagesize() instead.
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Cc: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

The header file <linux/pfn.h> doesn't exist in userspace and probably
shouldn't -- but it's used unconditionally in <asm-i386/setup.h>.  Protect it
with #ifdef __KERNEL__ and move setup.h from $(header-y) to $(unifdef-y) in
Kbuild accordingly.
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

Some files which don't exist in userspace were being included unconditionally
in asm-i386/elf.h.  Move the offending #includes down a few lines so that
they're protected by #ifdef __KERNEL__

In fact, we probably want to kill off all userspace use of asm/elf.h -- but we
aren't there yet, so we should at least make it possible to include it for
now.
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

Because <linux/linkage.h> doesn't exist in userspace, it should be only
included from within #ifdef __KERNEL__.  Move the corresponding #include
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

There's useful stuff in <linux/timex.h> but <asm/timex.h> has nothing for
userspace.  Stop exporting it, and include it only from within the existing
#ifdef __KERNEL__ part of <linux/timex.h>

This fixes a 'make headers_check' failure on i386 because asm-i386/timex.h
includes both asm-i386/tsc.h and asm-i386/processor.h, neither of which are
exported to userspace.  It's not entirely clear _why_ it includes either of
these, but it does.
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

We don't need any of this crap included from the user-visible part of nfs_fs.h
-- remove it all.

In fact, we probably don't need anything but NFS_SUPER_MAGIC to be defined; is
there any need for anything else?  And magic numbers should probably move to
<linux/magic.h> rather than being strewn across various fs-specific include
files which exist in userspace for solely that purpose.

With this patch, 'make header_check' works again at least on PowerPC.
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

This changes the writeX family of functions to have a sync instruction
before the MMIO store rather than after, because the generally expected
behaviour is that the device receiving the MMIO store can be guaranteed
to see the effects of any preceding writes to normal memory.

To preserve ordering between writeX and readX, and to preserve ordering
between preceding stores and the readX, the readX family of functions
have had an sync added before the load.

Although writeX followed by spin_unlock is not officially guaranteed
to keep the writeX inside the spin-locked region unless an mmiowb()
is used, there are currently drivers that depend on the previous
behaviour on powerpc, which was that the mmiowb wasn't actually required.
Therefore we have a per-cpu flag that is set by writeX, cleared by
__raw_spin_lock and mmiowb, and tested by __raw_spin_unlock.  If it is
set, __raw_spin_unlock does a sync and clears it.

This changes both 32-bit and 64-bit readX/writeX.  32-bit already has a
sync in __raw_spin_unlock (since lwsync doesn't exist on 32-bit), and thus
doesn't need the per-cpu flag.

Tested on G5 (PPC970) and POWER5.
Signed-off-by: NPaul Mackerras <paulus@samba.org>

This is required to generate proper core files using kdump on ppc64.

Create a backup region of 64K size irrespective of the PAGE SIZE.
At present 32K was used as backup size. In the case of 64K page size,
second PT_LOAD segments starts at 32K and the first one is not page
aligned.  __ioremap() (crash_dump.c) fails if pfn = 0 which is the
case for the second PT_LOAD segment. This is not an issue for 4K page
size because the the first page (32K backup) is copied to second
kernel memory and thus referencing with the second kernel pfn.
Signed-off-by: NSachin Sant <sachinp@in.ibm.com>
Signed-off-by: NPaul Mackerras <paulus@samba.org>

The sys_[gs]et_robust_list() syscalls were wired up on PowerPC but
didn't work correctly because futex_atomic_cmpxchg_inatomic() wasn't
implemented.  Implement it, based on __cmpxchg_u32().
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Signed-off-by: NPaul Mackerras <paulus@samba.org>

sh64 doesn't need to do anything special for BUG_ON() or
WARN_ON(), use the generic versions.
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>