1. 10 7月, 2008 2 次提交
  2. 21 4月, 2008 3 次提交
  3. 23 2月, 2008 1 次提交
  4. 11 1月, 2008 9 次提交
  5. 11 10月, 2007 8 次提交
    • S
      [CRYPTO] sha: Load the SHA[1|256] module by an alias · ad5d2789
      Sebastian Siewior 提交于
      Loading the crypto algorithm by the alias instead of by module directly
      has the advantage that all possible implementations of this algorithm
      are loaded automatically and the crypto API can choose the best one
      depending on its priority.
      
      Additionally it ensures that the generic implementation as well as the
      HW driver (if available) is loaded in case the HW driver needs the
      generic version as fallback in corner cases.
      
      Also remove the probe for sha1 in padlock's init code.
      
      Quote from Herbert:
        The probe is actually pointless since we can always probe when
        the algorithm is actually used which does not lead to dead-locks
        like this.
      Signed-off-by: NSebastian Siewior <sebastian@breakpoint.cc>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      ad5d2789
    • S
      [CRYPTO] aes: Rename aes to aes-generic · f8246af0
      Sebastian Siewior 提交于
      Loading the crypto algorithm by the alias instead of by module directly
      has the advantage that all possible implementations of this algorithm
      are loaded automatically and the crypto API can choose the best one
      depending on its priority.
      
      Additionally it ensures that the generic implementation as well as the
      HW driver (if available) is loaded in case the HW driver needs the
      generic version as fallback in corner cases.
      Signed-off-by: NSebastian Siewior <sebastian@breakpoint.cc>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      f8246af0
    • S
      [CRYPTO] des: Rename des to des-generic · c5a511f1
      Sebastian Siewior 提交于
      Loading the crypto algorithm by the alias instead of by module directly
      has the advantage that all possible implementations of this algorithm
      are loaded automatically and the crypto API can choose the best one
      depending on its priority.
      Signed-off-by: NSebastian Siewior <sebastian@breakpoint.cc>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      c5a511f1
    • R
      [CRYPTO] xts: XTS blockcipher mode implementation without partial blocks · f19f5111
      Rik Snel 提交于
      XTS currently considered to be the successor of the LRW mode by the IEEE1619
      workgroup. LRW was discarded, because it was not secure if the encyption key
      itself is encrypted with LRW.
      
      XTS does not have this problem. The implementation is pretty straightforward,
      a new function was added to gf128mul to handle GF(128) elements in ble format.
      Four testvectors from the specification
      	http://grouper.ieee.org/groups/1619/email/pdf00086.pdf
      were added, and they verify on my system.
      Signed-off-by: NRik Snel <rsnel@cube.dyndns.org>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      f19f5111
    • H
      [CRYPTO] aead: Add authenc · 3c09f17c
      Herbert Xu 提交于
      This patch adds the authenc algorithm which constructs an AEAD algorithm
      from an asynchronous block cipher and a hash.  The construction is done
      by concatenating the encrypted result from the cipher with the output
      from the hash, as is used by the IPsec ESP protocol.
      
      The authenc algorithm exists as a template with four parameters:
      
      	authenc(auth, authsize, enc, enckeylen).
      
      The authentication algorithm, the authentication size (i.e., truncating
      the output of the authentication algorithm), the encryption algorithm,
      and the encryption key length.  Both the size field and the key length
      field are in bytes.  For example, AES-128 with SHA1-HMAC would be
      represented by
      
      	authenc(hmac(sha1), 12, cbc(aes), 16)
      
      The key for the authenc algorithm is the concatenation of the keys for
      the authentication algorithm with the encryption algorithm.  For the
      above example, if a key of length 36 bytes is given, then hmac(sha1)
      would receive the first 20 bytes while the last 16 would be given to
      cbc(aes).
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      3c09f17c
    • H
      [CRYPTO] api: Move scatterwalk into algapi · e962a653
      Herbert Xu 提交于
      The scatterwalk code is only used by algorithms that can be built as
      a module.  Therefore we can move it into algapi.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      e962a653
    • H
      [CRYPTO] api: Add aead crypto type · 1ae97820
      Herbert Xu 提交于
      This patch adds crypto_aead which is the interface for AEAD
      (Authenticated Encryption with Associated Data) algorithms.
      
      AEAD algorithms perform authentication and encryption in one
      step.  Traditionally users (such as IPsec) would use two
      different crypto algorithms to perform these.  With AEAD
      this comes down to one algorithm and one operation.
      
      Of course if traditional algorithms were used we'd still
      be doing two operations underneath.  However, real AEAD
      algorithms may allow the underlying operations to be
      optimised as well.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      1ae97820
    • H
      [CRYPTO] seed: New cipher algorithm · e2ee95b8
      Hye-Shik Chang 提交于
      This patch adds support for the SEED cipher (RFC4269).
      
      This patch have been used in few VPN appliance vendors in Korea for
      several years.  And it was verified by KISA, who developed the
      algorithm itself.
      
      As its importance in Korean banking industry, it would be great
      if linux incorporates the support.
      Signed-off-by: NHye-Shik Chang <perky@FreeBSD.org>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      e2ee95b8
  6. 13 7月, 2007 2 次提交
    • D
      async_tx: add the async_tx api · 9bc89cd8
      Dan Williams 提交于
      The async_tx api provides methods for describing a chain of asynchronous
      bulk memory transfers/transforms with support for inter-transactional
      dependencies.  It is implemented as a dmaengine client that smooths over
      the details of different hardware offload engine implementations.  Code
      that is written to the api can optimize for asynchronous operation and the
      api will fit the chain of operations to the available offload resources. 
       
      	I imagine that any piece of ADMA hardware would register with the
      	'async_*' subsystem, and a call to async_X would be routed as
      	appropriate, or be run in-line. - Neil Brown
      
      async_tx exploits the capabilities of struct dma_async_tx_descriptor to
      provide an api of the following general format:
      
      struct dma_async_tx_descriptor *
      async_<operation>(..., struct dma_async_tx_descriptor *depend_tx,
      			dma_async_tx_callback cb_fn, void *cb_param)
      {
      	struct dma_chan *chan = async_tx_find_channel(depend_tx, <operation>);
      	struct dma_device *device = chan ? chan->device : NULL;
      	int int_en = cb_fn ? 1 : 0;
      	struct dma_async_tx_descriptor *tx = device ?
      		device->device_prep_dma_<operation>(chan, len, int_en) : NULL;
      
      	if (tx) { /* run <operation> asynchronously */
      		...
      		tx->tx_set_dest(addr, tx, index);
      		...
      		tx->tx_set_src(addr, tx, index);
      		...
      		async_tx_submit(chan, tx, flags, depend_tx, cb_fn, cb_param);
      	} else { /* run <operation> synchronously */
      		...
      		<operation>
      		...
      		async_tx_sync_epilog(flags, depend_tx, cb_fn, cb_param);
      	}
      
      	return tx;
      }
      
      async_tx_find_channel() returns a capable channel from its pool.  The
      channel pool is organized as a per-cpu array of channel pointers.  The
      async_tx_rebalance() routine is tasked with managing these arrays.  In the
      uniprocessor case async_tx_rebalance() tries to spread responsibility
      evenly over channels of similar capabilities.  For example if there are two
      copy+xor channels, one will handle copy operations and the other will
      handle xor.  In the SMP case async_tx_rebalance() attempts to spread the
      operations evenly over the cpus, e.g. cpu0 gets copy channel0 and xor
      channel0 while cpu1 gets copy channel 1 and xor channel 1.  When a
      dependency is specified async_tx_find_channel defaults to keeping the
      operation on the same channel.  A xor->copy->xor chain will stay on one
      channel if it supports both operation types, otherwise the transaction will
      transition between a copy and a xor resource.
      
      Currently the raid5 implementation in the MD raid456 driver has been
      converted to the async_tx api.  A driver for the offload engines on the
      Intel Xscale series of I/O processors, iop-adma, is provided in a later
      commit.  With the iop-adma driver and async_tx, raid456 is able to offload
      copy, xor, and xor-zero-sum operations to hardware engines.
       
      On iop342 tiobench showed higher throughput for sequential writes (20 - 30%
      improvement) and sequential reads to a degraded array (40 - 55%
      improvement).  For the other cases performance was roughly equal, +/- a few
      percentage points.  On a x86-smp platform the performance of the async_tx
      implementation (in synchronous mode) was also +/- a few percentage points
      of the original implementation.  According to 'top' on iop342 CPU
      utilization drops from ~50% to ~15% during a 'resync' while the speed
      according to /proc/mdstat doubles from ~25 MB/s to ~50 MB/s.
       
      The tiobench command line used for testing was: tiobench --size 2048
      --block 4096 --block 131072 --dir /mnt/raid --numruns 5
      * iop342 had 1GB of memory available
      
      Details:
      * if CONFIG_DMA_ENGINE=n the asynchronous path is compiled away by making
        async_tx_find_channel a static inline routine that always returns NULL
      * when a callback is specified for a given transaction an interrupt will
        fire at operation completion time and the callback will occur in a
        tasklet.  if the the channel does not support interrupts then a live
        polling wait will be performed
      * the api is written as a dmaengine client that requests all available
        channels
      * In support of dependencies the api implicitly schedules channel-switch
        interrupts.  The interrupt triggers the cleanup tasklet which causes
        pending operations to be scheduled on the next channel
      * Xor engines treat an xor destination address differently than a software
        xor routine.  To the software routine the destination address is an implied
        source, whereas engines treat it as a write-only destination.  This patch
        modifies the xor_blocks routine to take a an explicit destination address
        to mirror the hardware.
      
      Changelog:
      * fixed a leftover debug print
      * don't allow callbacks in async_interrupt_cond
      * fixed xor_block changes
      * fixed usage of ASYNC_TX_XOR_DROP_DEST
      * drop dma mapping methods, suggested by Chris Leech
      * printk warning fixups from Andrew Morton
      * don't use inline in C files, Adrian Bunk
      * select the API when MD is enabled
      * BUG_ON xor source counts <= 1
      * implicitly handle hardware concerns like channel switching and
        interrupts, Neil Brown
      * remove the per operation type list, and distribute operation capabilities
        evenly amongst the available channels
      * simplify async_tx_find_channel to optimize the fast path
      * introduce the channel_table_initialized flag to prevent early calls to
        the api
      * reorganize the code to mimic crypto
      * include mm.h as not all archs include it in dma-mapping.h
      * make the Kconfig options non-user visible, Adrian Bunk
      * move async_tx under crypto since it is meant as 'core' functionality, and
        the two may share algorithms in the future
      * move large inline functions into c files
      * checkpatch.pl fixes
      * gpl v2 only correction
      
      Cc: Herbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: NDan Williams <dan.j.williams@intel.com>
      Acked-By: NNeilBrown <neilb@suse.de>
      9bc89cd8
    • D
      xor: make 'xor_blocks' a library routine for use with async_tx · 685784aa
      Dan Williams 提交于
      The async_tx api tries to use a dma engine for an operation, but will fall
      back to an optimized software routine otherwise.  Xor support is
      implemented using the raid5 xor routines.  For organizational purposes this
      routine is moved to a common area.
      
      The following fixes are also made:
      * rename xor_block => xor_blocks, suggested by Adrian Bunk
      * ensure that xor.o initializes before md.o in the built-in case
      * checkpatch.pl fixes
      * mark calibrate_xor_blocks __init, Adrian Bunk
      
      Cc: Adrian Bunk <bunk@stusta.de>
      Cc: NeilBrown <neilb@suse.de>
      Cc: Herbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: NDan Williams <dan.j.williams@intel.com>
      685784aa
  7. 02 5月, 2007 2 次提交
  8. 07 2月, 2007 3 次提交
  9. 07 12月, 2006 3 次提交
  10. 21 9月, 2006 6 次提交
    • H
      [CRYPTO] digest: Added user API for new hash type · 055bcee3
      Herbert Xu 提交于
      The existing digest user interface is inadequate for support asynchronous
      operations.  For one it doesn't return a value to indicate success or
      failure, nor does it take a per-operation descriptor which is essential
      for the issuing of requests while other requests are still outstanding.
      
      This patch is the first in a series of steps to remodel the interface
      for asynchronous operations.
      
      For the ease of transition the new interface will be known as "hash"
      while the old one will remain as "digest".
      
      This patch also changes sg_next to allow chaining.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      055bcee3
    • H
      [CRYPTO] cipher: Added block ciphers for CBC/ECB · db131ef9
      Herbert Xu 提交于
      This patch adds two block cipher algorithms, CBC and ECB.  These
      are implemented as templates on top of existing single-block cipher
      algorithms.  They invoke the single-block cipher through the new
      encrypt_one/decrypt_one interface.
      
      This also optimises the in-place encryption and decryption to remove
      the cost of an IV copy each round.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      db131ef9
    • H
      [CRYPTO] cipher: Added block cipher type · 5cde0af2
      Herbert Xu 提交于
      This patch adds the new type of block ciphers.  Unlike current cipher
      algorithms which operate on a single block at a time, block ciphers
      operate on an arbitrarily long linear area of data.  As it is block-based,
      it will skip any data remaining at the end which cannot form a block.
      
      The block cipher has one major difference when compared to the existing
      block cipher implementation.  The sg walking is now performed by the
      algorithm rather than the cipher mid-layer.  This is needed for drivers
      that directly support sg lists.  It also improves performance for all
      algorithms as it reduces the total number of indirect calls by one.
      
      In future the existing cipher algorithm will be converted to only have
      a single-block interface.  This will be done after all existing users
      have switched over to the new block cipher type.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      5cde0af2
    • H
      [CRYPTO] api: Add cryptomgr · 2b8c19db
      Herbert Xu 提交于
      The cryptomgr module is a simple manager of crypto algorithm instances.
      It ensures that parameterised algorithms of the type tmpl(alg) (e.g.,
      cbc(aes)) are always created.
      
      This is meant to satisfy the needs for most users.  For more complex
      cases such as deeper combinations or multiple parameters, a netlink
      module will be created which allows arbitrary expressions to be parsed
      in user-space.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      2b8c19db
    • H
      [CRYPTO] api: Split out low-level API · cce9e06d
      Herbert Xu 提交于
      The crypto API is made up of the part facing users such as IPsec and the
      low-level part which is used by cryptographic entities such as algorithms.
      This patch splits out the latter so that the two APIs are more clearly
      delineated.  As a bonus the low-level API can now be modularised if all
      algorithms are built as modules.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      cce9e06d
    • J
      [CRYPTO] twofish: Split out common c code · 2729bb42
      Joachim Fritschi 提交于
      This patch splits up the twofish crypto routine into a common part ( key
      setup  ) which will be uses by all twofish crypto modules ( generic-c , i586
      assembler and x86_64 assembler ) and generic-c part. It also creates a new
      header file which will be used by all 3 modules.
      
      This eliminates all code duplication.
      
      Correctness was verified with the tcrypt module and automated test scripts.
      Signed-off-by: NJoachim Fritschi <jfritschi@freenet.de>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      2729bb42
  11. 17 4月, 2005 1 次提交
    • L
      Linux-2.6.12-rc2 · 1da177e4
      Linus Torvalds 提交于
      Initial git repository build. I'm not bothering with the full history,
      even though we have it. We can create a separate "historical" git
      archive of that later if we want to, and in the meantime it's about
      3.2GB when imported into git - space that would just make the early
      git days unnecessarily complicated, when we don't have a lot of good
      infrastructure for it.
      
      Let it rip!
      1da177e4