1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Cryptographic API for algorithms (i.e., low-level API).
5 * Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au>
8 #include <crypto/algapi.h>
10 #include <linux/errno.h>
11 #include <linux/fips.h>
12 #include <linux/init.h>
13 #include <linux/kernel.h>
14 #include <linux/list.h>
15 #include <linux/module.h>
16 #include <linux/rtnetlink.h>
17 #include <linux/slab.h>
18 #include <linux/string.h>
19 #include <linux/workqueue.h>
23 static LIST_HEAD(crypto_template_list);
25 static inline void crypto_check_module_sig(struct module *mod)
27 if (fips_enabled && mod && !module_sig_ok(mod))
28 panic("Module %s signature verification failed in FIPS mode\n",
32 static int crypto_check_alg(struct crypto_alg *alg)
34 crypto_check_module_sig(alg->cra_module);
36 if (!alg->cra_name[0] || !alg->cra_driver_name[0])
39 if (alg->cra_alignmask & (alg->cra_alignmask + 1))
42 /* General maximums for all algs. */
43 if (alg->cra_alignmask > MAX_ALGAPI_ALIGNMASK)
46 if (alg->cra_blocksize > MAX_ALGAPI_BLOCKSIZE)
49 /* Lower maximums for specific alg types. */
50 if (!alg->cra_type && (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) ==
51 CRYPTO_ALG_TYPE_CIPHER) {
52 if (alg->cra_alignmask > MAX_CIPHER_ALIGNMASK)
55 if (alg->cra_blocksize > MAX_CIPHER_BLOCKSIZE)
59 if (alg->cra_priority < 0)
62 refcount_set(&alg->cra_refcnt, 1);
67 static void crypto_free_instance(struct crypto_instance *inst)
69 inst->alg.cra_type->free(inst);
72 static void crypto_destroy_instance_workfn(struct work_struct *w)
74 struct crypto_instance *inst = container_of(w, struct crypto_instance,
76 struct crypto_template *tmpl = inst->tmpl;
78 crypto_free_instance(inst);
79 crypto_tmpl_put(tmpl);
82 static void crypto_destroy_instance(struct crypto_alg *alg)
84 struct crypto_instance *inst = container_of(alg,
85 struct crypto_instance,
88 INIT_WORK(&inst->free_work, crypto_destroy_instance_workfn);
89 schedule_work(&inst->free_work);
93 * This function adds a spawn to the list secondary_spawns which
94 * will be used at the end of crypto_remove_spawns to unregister
95 * instances, unless the spawn happens to be one that is depended
96 * on by the new algorithm (nalg in crypto_remove_spawns).
98 * This function is also responsible for resurrecting any algorithms
99 * in the dependency chain of nalg by unsetting n->dead.
101 static struct list_head *crypto_more_spawns(struct crypto_alg *alg,
102 struct list_head *stack,
103 struct list_head *top,
104 struct list_head *secondary_spawns)
106 struct crypto_spawn *spawn, *n;
108 spawn = list_first_entry_or_null(stack, struct crypto_spawn, list);
112 n = list_prev_entry(spawn, list);
113 list_move(&spawn->list, secondary_spawns);
115 if (list_is_last(&n->list, stack))
118 n = list_next_entry(n, list);
122 return &n->inst->alg.cra_users;
125 static void crypto_remove_instance(struct crypto_instance *inst,
126 struct list_head *list)
128 struct crypto_template *tmpl = inst->tmpl;
130 if (crypto_is_dead(&inst->alg))
133 inst->alg.cra_flags |= CRYPTO_ALG_DEAD;
135 if (!tmpl || !crypto_tmpl_get(tmpl))
138 list_move(&inst->alg.cra_list, list);
139 hlist_del(&inst->list);
140 inst->alg.cra_destroy = crypto_destroy_instance;
142 BUG_ON(!list_empty(&inst->alg.cra_users));
146 * Given an algorithm alg, remove all algorithms that depend on it
147 * through spawns. If nalg is not null, then exempt any algorithms
148 * that is depended on by nalg. This is useful when nalg itself
151 void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list,
152 struct crypto_alg *nalg)
154 u32 new_type = (nalg ?: alg)->cra_flags;
155 struct crypto_spawn *spawn, *n;
156 LIST_HEAD(secondary_spawns);
157 struct list_head *spawns;
161 spawns = &alg->cra_users;
162 list_for_each_entry_safe(spawn, n, spawns, list) {
163 if ((spawn->alg->cra_flags ^ new_type) & spawn->mask)
166 list_move(&spawn->list, &top);
170 * Perform a depth-first walk starting from alg through
171 * the cra_users tree. The list stack records the path
172 * from alg to the current spawn.
176 while (!list_empty(spawns)) {
177 struct crypto_instance *inst;
179 spawn = list_first_entry(spawns, struct crypto_spawn,
183 list_move(&spawn->list, &stack);
184 spawn->dead = !spawn->registered || &inst->alg != nalg;
186 if (!spawn->registered)
189 BUG_ON(&inst->alg == alg);
191 if (&inst->alg == nalg)
194 spawns = &inst->alg.cra_users;
197 * Even if spawn->registered is true, the
198 * instance itself may still be unregistered.
199 * This is because it may have failed during
200 * registration. Therefore we still need to
201 * make the following test.
203 * We may encounter an unregistered instance here, since
204 * an instance's spawns are set up prior to the instance
205 * being registered. An unregistered instance will have
206 * NULL ->cra_users.next, since ->cra_users isn't
207 * properly initialized until registration. But an
208 * unregistered instance cannot have any users, so treat
209 * it the same as ->cra_users being empty.
211 if (spawns->next == NULL)
214 } while ((spawns = crypto_more_spawns(alg, &stack, &top,
215 &secondary_spawns)));
218 * Remove all instances that are marked as dead. Also
219 * complete the resurrection of the others by moving them
220 * back to the cra_users list.
222 list_for_each_entry_safe(spawn, n, &secondary_spawns, list) {
224 list_move(&spawn->list, &spawn->alg->cra_users);
225 else if (spawn->registered)
226 crypto_remove_instance(spawn->inst, list);
229 EXPORT_SYMBOL_GPL(crypto_remove_spawns);
231 static struct crypto_larval *__crypto_register_alg(struct crypto_alg *alg)
233 struct crypto_alg *q;
234 struct crypto_larval *larval;
237 if (crypto_is_dead(alg))
240 INIT_LIST_HEAD(&alg->cra_users);
243 alg->cra_flags &= ~CRYPTO_ALG_TESTED;
247 list_for_each_entry(q, &crypto_alg_list, cra_list) {
251 if (crypto_is_moribund(q))
254 if (crypto_is_larval(q)) {
255 if (!strcmp(alg->cra_driver_name, q->cra_driver_name))
260 if (!strcmp(q->cra_driver_name, alg->cra_name) ||
261 !strcmp(q->cra_name, alg->cra_driver_name))
265 larval = crypto_larval_alloc(alg->cra_name,
266 alg->cra_flags | CRYPTO_ALG_TESTED, 0);
271 larval->adult = crypto_mod_get(alg);
275 refcount_set(&larval->alg.cra_refcnt, 1);
276 memcpy(larval->alg.cra_driver_name, alg->cra_driver_name,
277 CRYPTO_MAX_ALG_NAME);
278 larval->alg.cra_priority = alg->cra_priority;
280 list_add(&alg->cra_list, &crypto_alg_list);
281 list_add(&larval->alg.cra_list, &crypto_alg_list);
283 crypto_stats_init(alg);
291 larval = ERR_PTR(ret);
295 void crypto_alg_tested(const char *name, int err)
297 struct crypto_larval *test;
298 struct crypto_alg *alg;
299 struct crypto_alg *q;
303 down_write(&crypto_alg_sem);
304 list_for_each_entry(q, &crypto_alg_list, cra_list) {
305 if (crypto_is_moribund(q) || !crypto_is_larval(q))
308 test = (struct crypto_larval *)q;
310 if (!strcmp(q->cra_driver_name, name))
314 pr_err("alg: Unexpected test result for %s: %d\n", name, err);
318 q->cra_flags |= CRYPTO_ALG_DEAD;
320 if (err || list_empty(&alg->cra_list))
323 alg->cra_flags |= CRYPTO_ALG_TESTED;
325 /* Only satisfy larval waiters if we are the best. */
327 list_for_each_entry(q, &crypto_alg_list, cra_list) {
328 if (crypto_is_moribund(q) || !crypto_is_larval(q))
331 if (strcmp(alg->cra_name, q->cra_name))
334 if (q->cra_priority > alg->cra_priority) {
340 list_for_each_entry(q, &crypto_alg_list, cra_list) {
344 if (crypto_is_moribund(q))
347 if (crypto_is_larval(q)) {
348 struct crypto_larval *larval = (void *)q;
351 * Check to see if either our generic name or
352 * specific name can satisfy the name requested
353 * by the larval entry q.
355 if (strcmp(alg->cra_name, q->cra_name) &&
356 strcmp(alg->cra_driver_name, q->cra_name))
361 if ((q->cra_flags ^ alg->cra_flags) & larval->mask)
364 if (best && crypto_mod_get(alg))
367 larval->adult = ERR_PTR(-EAGAIN);
372 if (strcmp(alg->cra_name, q->cra_name))
375 if (strcmp(alg->cra_driver_name, q->cra_driver_name) &&
376 q->cra_priority > alg->cra_priority)
379 crypto_remove_spawns(q, &list, alg);
383 complete_all(&test->completion);
386 up_write(&crypto_alg_sem);
388 crypto_remove_final(&list);
390 EXPORT_SYMBOL_GPL(crypto_alg_tested);
392 void crypto_remove_final(struct list_head *list)
394 struct crypto_alg *alg;
395 struct crypto_alg *n;
397 list_for_each_entry_safe(alg, n, list, cra_list) {
398 list_del_init(&alg->cra_list);
402 EXPORT_SYMBOL_GPL(crypto_remove_final);
404 static void crypto_wait_for_test(struct crypto_larval *larval)
408 err = crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER, larval->adult);
409 if (err != NOTIFY_STOP) {
410 if (WARN_ON(err != NOTIFY_DONE))
412 crypto_alg_tested(larval->alg.cra_driver_name, 0);
415 err = wait_for_completion_killable(&larval->completion);
418 crypto_notify(CRYPTO_MSG_ALG_LOADED, larval);
421 crypto_larval_kill(&larval->alg);
424 int crypto_register_alg(struct crypto_alg *alg)
426 struct crypto_larval *larval;
429 alg->cra_flags &= ~CRYPTO_ALG_DEAD;
430 err = crypto_check_alg(alg);
434 down_write(&crypto_alg_sem);
435 larval = __crypto_register_alg(alg);
436 up_write(&crypto_alg_sem);
439 return PTR_ERR(larval);
441 crypto_wait_for_test(larval);
444 EXPORT_SYMBOL_GPL(crypto_register_alg);
446 static int crypto_remove_alg(struct crypto_alg *alg, struct list_head *list)
448 if (unlikely(list_empty(&alg->cra_list)))
451 alg->cra_flags |= CRYPTO_ALG_DEAD;
453 list_del_init(&alg->cra_list);
454 crypto_remove_spawns(alg, list, NULL);
459 void crypto_unregister_alg(struct crypto_alg *alg)
464 down_write(&crypto_alg_sem);
465 ret = crypto_remove_alg(alg, &list);
466 up_write(&crypto_alg_sem);
468 if (WARN(ret, "Algorithm %s is not registered", alg->cra_driver_name))
471 if (WARN_ON(refcount_read(&alg->cra_refcnt) != 1))
474 if (alg->cra_destroy)
475 alg->cra_destroy(alg);
477 crypto_remove_final(&list);
479 EXPORT_SYMBOL_GPL(crypto_unregister_alg);
481 int crypto_register_algs(struct crypto_alg *algs, int count)
485 for (i = 0; i < count; i++) {
486 ret = crypto_register_alg(&algs[i]);
494 for (--i; i >= 0; --i)
495 crypto_unregister_alg(&algs[i]);
499 EXPORT_SYMBOL_GPL(crypto_register_algs);
501 void crypto_unregister_algs(struct crypto_alg *algs, int count)
505 for (i = 0; i < count; i++)
506 crypto_unregister_alg(&algs[i]);
508 EXPORT_SYMBOL_GPL(crypto_unregister_algs);
510 int crypto_register_template(struct crypto_template *tmpl)
512 struct crypto_template *q;
515 down_write(&crypto_alg_sem);
517 crypto_check_module_sig(tmpl->module);
519 list_for_each_entry(q, &crypto_template_list, list) {
524 list_add(&tmpl->list, &crypto_template_list);
527 up_write(&crypto_alg_sem);
530 EXPORT_SYMBOL_GPL(crypto_register_template);
532 int crypto_register_templates(struct crypto_template *tmpls, int count)
536 for (i = 0; i < count; i++) {
537 err = crypto_register_template(&tmpls[i]);
544 for (--i; i >= 0; --i)
545 crypto_unregister_template(&tmpls[i]);
548 EXPORT_SYMBOL_GPL(crypto_register_templates);
550 void crypto_unregister_template(struct crypto_template *tmpl)
552 struct crypto_instance *inst;
553 struct hlist_node *n;
554 struct hlist_head *list;
557 down_write(&crypto_alg_sem);
559 BUG_ON(list_empty(&tmpl->list));
560 list_del_init(&tmpl->list);
562 list = &tmpl->instances;
563 hlist_for_each_entry(inst, list, list) {
564 int err = crypto_remove_alg(&inst->alg, &users);
569 up_write(&crypto_alg_sem);
571 hlist_for_each_entry_safe(inst, n, list, list) {
572 BUG_ON(refcount_read(&inst->alg.cra_refcnt) != 1);
573 crypto_free_instance(inst);
575 crypto_remove_final(&users);
577 EXPORT_SYMBOL_GPL(crypto_unregister_template);
579 void crypto_unregister_templates(struct crypto_template *tmpls, int count)
583 for (i = count - 1; i >= 0; --i)
584 crypto_unregister_template(&tmpls[i]);
586 EXPORT_SYMBOL_GPL(crypto_unregister_templates);
588 static struct crypto_template *__crypto_lookup_template(const char *name)
590 struct crypto_template *q, *tmpl = NULL;
592 down_read(&crypto_alg_sem);
593 list_for_each_entry(q, &crypto_template_list, list) {
594 if (strcmp(q->name, name))
596 if (unlikely(!crypto_tmpl_get(q)))
602 up_read(&crypto_alg_sem);
607 struct crypto_template *crypto_lookup_template(const char *name)
609 return try_then_request_module(__crypto_lookup_template(name),
612 EXPORT_SYMBOL_GPL(crypto_lookup_template);
614 int crypto_register_instance(struct crypto_template *tmpl,
615 struct crypto_instance *inst)
617 struct crypto_larval *larval;
618 struct crypto_spawn *spawn;
621 err = crypto_check_alg(&inst->alg);
625 inst->alg.cra_module = tmpl->module;
626 inst->alg.cra_flags |= CRYPTO_ALG_INSTANCE;
628 down_write(&crypto_alg_sem);
630 larval = ERR_PTR(-EAGAIN);
631 for (spawn = inst->spawns; spawn;) {
632 struct crypto_spawn *next;
639 spawn->registered = true;
641 crypto_mod_put(spawn->alg);
646 larval = __crypto_register_alg(&inst->alg);
650 hlist_add_head(&inst->list, &tmpl->instances);
654 up_write(&crypto_alg_sem);
656 err = PTR_ERR(larval);
660 crypto_wait_for_test(larval);
666 EXPORT_SYMBOL_GPL(crypto_register_instance);
668 void crypto_unregister_instance(struct crypto_instance *inst)
672 down_write(&crypto_alg_sem);
674 crypto_remove_spawns(&inst->alg, &list, NULL);
675 crypto_remove_instance(inst, &list);
677 up_write(&crypto_alg_sem);
679 crypto_remove_final(&list);
681 EXPORT_SYMBOL_GPL(crypto_unregister_instance);
683 int crypto_grab_spawn(struct crypto_spawn *spawn, struct crypto_instance *inst,
684 const char *name, u32 type, u32 mask)
686 struct crypto_alg *alg;
689 if (WARN_ON_ONCE(inst == NULL))
692 /* Allow the result of crypto_attr_alg_name() to be passed directly */
694 return PTR_ERR(name);
696 alg = crypto_find_alg(name, spawn->frontend, type, mask);
700 down_write(&crypto_alg_sem);
701 if (!crypto_is_moribund(alg)) {
702 list_add(&spawn->list, &alg->cra_users);
705 spawn->next = inst->spawns;
706 inst->spawns = spawn;
707 inst->alg.cra_flags |=
708 (alg->cra_flags & CRYPTO_ALG_INHERITED_FLAGS);
711 up_write(&crypto_alg_sem);
716 EXPORT_SYMBOL_GPL(crypto_grab_spawn);
718 void crypto_drop_spawn(struct crypto_spawn *spawn)
720 if (!spawn->alg) /* not yet initialized? */
723 down_write(&crypto_alg_sem);
725 list_del(&spawn->list);
726 up_write(&crypto_alg_sem);
728 if (!spawn->registered)
729 crypto_mod_put(spawn->alg);
731 EXPORT_SYMBOL_GPL(crypto_drop_spawn);
733 static struct crypto_alg *crypto_spawn_alg(struct crypto_spawn *spawn)
735 struct crypto_alg *alg = ERR_PTR(-EAGAIN);
736 struct crypto_alg *target;
739 down_read(&crypto_alg_sem);
742 if (!crypto_mod_get(alg)) {
743 target = crypto_alg_get(alg);
745 alg = ERR_PTR(-EAGAIN);
748 up_read(&crypto_alg_sem);
751 crypto_shoot_alg(target);
752 crypto_alg_put(target);
758 struct crypto_tfm *crypto_spawn_tfm(struct crypto_spawn *spawn, u32 type,
761 struct crypto_alg *alg;
762 struct crypto_tfm *tfm;
764 alg = crypto_spawn_alg(spawn);
766 return ERR_CAST(alg);
768 tfm = ERR_PTR(-EINVAL);
769 if (unlikely((alg->cra_flags ^ type) & mask))
772 tfm = __crypto_alloc_tfm(alg, type, mask);
782 EXPORT_SYMBOL_GPL(crypto_spawn_tfm);
784 void *crypto_spawn_tfm2(struct crypto_spawn *spawn)
786 struct crypto_alg *alg;
787 struct crypto_tfm *tfm;
789 alg = crypto_spawn_alg(spawn);
791 return ERR_CAST(alg);
793 tfm = crypto_create_tfm(alg, spawn->frontend);
803 EXPORT_SYMBOL_GPL(crypto_spawn_tfm2);
805 int crypto_register_notifier(struct notifier_block *nb)
807 return blocking_notifier_chain_register(&crypto_chain, nb);
809 EXPORT_SYMBOL_GPL(crypto_register_notifier);
811 int crypto_unregister_notifier(struct notifier_block *nb)
813 return blocking_notifier_chain_unregister(&crypto_chain, nb);
815 EXPORT_SYMBOL_GPL(crypto_unregister_notifier);
817 struct crypto_attr_type *crypto_get_attr_type(struct rtattr **tb)
819 struct rtattr *rta = tb[0];
820 struct crypto_attr_type *algt;
823 return ERR_PTR(-ENOENT);
824 if (RTA_PAYLOAD(rta) < sizeof(*algt))
825 return ERR_PTR(-EINVAL);
826 if (rta->rta_type != CRYPTOA_TYPE)
827 return ERR_PTR(-EINVAL);
829 algt = RTA_DATA(rta);
833 EXPORT_SYMBOL_GPL(crypto_get_attr_type);
836 * crypto_check_attr_type() - check algorithm type and compute inherited mask
837 * @tb: the template parameters
838 * @type: the algorithm type the template would be instantiated as
839 * @mask_ret: (output) the mask that should be passed to crypto_grab_*()
840 * to restrict the flags of any inner algorithms
842 * Validate that the algorithm type the user requested is compatible with the
843 * one the template would actually be instantiated as. E.g., if the user is
844 * doing crypto_alloc_shash("cbc(aes)", ...), this would return an error because
845 * the "cbc" template creates an "skcipher" algorithm, not an "shash" algorithm.
847 * Also compute the mask to use to restrict the flags of any inner algorithms.
849 * Return: 0 on success; -errno on failure
851 int crypto_check_attr_type(struct rtattr **tb, u32 type, u32 *mask_ret)
853 struct crypto_attr_type *algt;
855 algt = crypto_get_attr_type(tb);
857 return PTR_ERR(algt);
859 if ((algt->type ^ type) & algt->mask)
862 *mask_ret = crypto_algt_inherited_mask(algt);
865 EXPORT_SYMBOL_GPL(crypto_check_attr_type);
867 const char *crypto_attr_alg_name(struct rtattr *rta)
869 struct crypto_attr_alg *alga;
872 return ERR_PTR(-ENOENT);
873 if (RTA_PAYLOAD(rta) < sizeof(*alga))
874 return ERR_PTR(-EINVAL);
875 if (rta->rta_type != CRYPTOA_ALG)
876 return ERR_PTR(-EINVAL);
878 alga = RTA_DATA(rta);
879 alga->name[CRYPTO_MAX_ALG_NAME - 1] = 0;
883 EXPORT_SYMBOL_GPL(crypto_attr_alg_name);
885 int crypto_attr_u32(struct rtattr *rta, u32 *num)
887 struct crypto_attr_u32 *nu32;
891 if (RTA_PAYLOAD(rta) < sizeof(*nu32))
893 if (rta->rta_type != CRYPTOA_U32)
896 nu32 = RTA_DATA(rta);
901 EXPORT_SYMBOL_GPL(crypto_attr_u32);
903 int crypto_inst_setname(struct crypto_instance *inst, const char *name,
904 struct crypto_alg *alg)
906 if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, "%s(%s)", name,
907 alg->cra_name) >= CRYPTO_MAX_ALG_NAME)
908 return -ENAMETOOLONG;
910 if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s(%s)",
911 name, alg->cra_driver_name) >= CRYPTO_MAX_ALG_NAME)
912 return -ENAMETOOLONG;
916 EXPORT_SYMBOL_GPL(crypto_inst_setname);
918 void crypto_init_queue(struct crypto_queue *queue, unsigned int max_qlen)
920 INIT_LIST_HEAD(&queue->list);
921 queue->backlog = &queue->list;
923 queue->max_qlen = max_qlen;
925 EXPORT_SYMBOL_GPL(crypto_init_queue);
927 int crypto_enqueue_request(struct crypto_queue *queue,
928 struct crypto_async_request *request)
930 int err = -EINPROGRESS;
932 if (unlikely(queue->qlen >= queue->max_qlen)) {
933 if (!(request->flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) {
938 if (queue->backlog == &queue->list)
939 queue->backlog = &request->list;
943 list_add_tail(&request->list, &queue->list);
948 EXPORT_SYMBOL_GPL(crypto_enqueue_request);
950 void crypto_enqueue_request_head(struct crypto_queue *queue,
951 struct crypto_async_request *request)
954 list_add(&request->list, &queue->list);
956 EXPORT_SYMBOL_GPL(crypto_enqueue_request_head);
958 struct crypto_async_request *crypto_dequeue_request(struct crypto_queue *queue)
960 struct list_head *request;
962 if (unlikely(!queue->qlen))
967 if (queue->backlog != &queue->list)
968 queue->backlog = queue->backlog->next;
970 request = queue->list.next;
973 return list_entry(request, struct crypto_async_request, list);
975 EXPORT_SYMBOL_GPL(crypto_dequeue_request);
977 static inline void crypto_inc_byte(u8 *a, unsigned int size)
982 for (; size; size--) {
990 void crypto_inc(u8 *a, unsigned int size)
992 __be32 *b = (__be32 *)(a + size);
995 if (IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) ||
996 IS_ALIGNED((unsigned long)b, __alignof__(*b)))
997 for (; size >= 4; size -= 4) {
998 c = be32_to_cpu(*--b) + 1;
1004 crypto_inc_byte(a, size);
1006 EXPORT_SYMBOL_GPL(crypto_inc);
1008 void __crypto_xor(u8 *dst, const u8 *src1, const u8 *src2, unsigned int len)
1012 if (!IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)) {
1013 int size = sizeof(unsigned long);
1014 int d = (((unsigned long)dst ^ (unsigned long)src1) |
1015 ((unsigned long)dst ^ (unsigned long)src2)) &
1018 relalign = d ? 1 << __ffs(d) : size;
1021 * If we care about alignment, process as many bytes as
1022 * needed to advance dst and src to values whose alignments
1023 * equal their relative alignment. This will allow us to
1024 * process the remainder of the input using optimal strides.
1026 while (((unsigned long)dst & (relalign - 1)) && len > 0) {
1027 *dst++ = *src1++ ^ *src2++;
1032 while (IS_ENABLED(CONFIG_64BIT) && len >= 8 && !(relalign & 7)) {
1033 *(u64 *)dst = *(u64 *)src1 ^ *(u64 *)src2;
1040 while (len >= 4 && !(relalign & 3)) {
1041 *(u32 *)dst = *(u32 *)src1 ^ *(u32 *)src2;
1048 while (len >= 2 && !(relalign & 1)) {
1049 *(u16 *)dst = *(u16 *)src1 ^ *(u16 *)src2;
1057 *dst++ = *src1++ ^ *src2++;
1059 EXPORT_SYMBOL_GPL(__crypto_xor);
1061 unsigned int crypto_alg_extsize(struct crypto_alg *alg)
1063 return alg->cra_ctxsize +
1064 (alg->cra_alignmask & ~(crypto_tfm_ctx_alignment() - 1));
1066 EXPORT_SYMBOL_GPL(crypto_alg_extsize);
1068 int crypto_type_has_alg(const char *name, const struct crypto_type *frontend,
1072 struct crypto_alg *alg = crypto_find_alg(name, frontend, type, mask);
1075 crypto_mod_put(alg);
1081 EXPORT_SYMBOL_GPL(crypto_type_has_alg);
1083 #ifdef CONFIG_CRYPTO_STATS
1084 void crypto_stats_init(struct crypto_alg *alg)
1086 memset(&alg->stats, 0, sizeof(alg->stats));
1088 EXPORT_SYMBOL_GPL(crypto_stats_init);
1090 void crypto_stats_get(struct crypto_alg *alg)
1092 crypto_alg_get(alg);
1094 EXPORT_SYMBOL_GPL(crypto_stats_get);
1096 void crypto_stats_aead_encrypt(unsigned int cryptlen, struct crypto_alg *alg,
1099 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1100 atomic64_inc(&alg->stats.aead.err_cnt);
1102 atomic64_inc(&alg->stats.aead.encrypt_cnt);
1103 atomic64_add(cryptlen, &alg->stats.aead.encrypt_tlen);
1105 crypto_alg_put(alg);
1107 EXPORT_SYMBOL_GPL(crypto_stats_aead_encrypt);
1109 void crypto_stats_aead_decrypt(unsigned int cryptlen, struct crypto_alg *alg,
1112 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1113 atomic64_inc(&alg->stats.aead.err_cnt);
1115 atomic64_inc(&alg->stats.aead.decrypt_cnt);
1116 atomic64_add(cryptlen, &alg->stats.aead.decrypt_tlen);
1118 crypto_alg_put(alg);
1120 EXPORT_SYMBOL_GPL(crypto_stats_aead_decrypt);
1122 void crypto_stats_akcipher_encrypt(unsigned int src_len, int ret,
1123 struct crypto_alg *alg)
1125 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1126 atomic64_inc(&alg->stats.akcipher.err_cnt);
1128 atomic64_inc(&alg->stats.akcipher.encrypt_cnt);
1129 atomic64_add(src_len, &alg->stats.akcipher.encrypt_tlen);
1131 crypto_alg_put(alg);
1133 EXPORT_SYMBOL_GPL(crypto_stats_akcipher_encrypt);
1135 void crypto_stats_akcipher_decrypt(unsigned int src_len, int ret,
1136 struct crypto_alg *alg)
1138 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1139 atomic64_inc(&alg->stats.akcipher.err_cnt);
1141 atomic64_inc(&alg->stats.akcipher.decrypt_cnt);
1142 atomic64_add(src_len, &alg->stats.akcipher.decrypt_tlen);
1144 crypto_alg_put(alg);
1146 EXPORT_SYMBOL_GPL(crypto_stats_akcipher_decrypt);
1148 void crypto_stats_akcipher_sign(int ret, struct crypto_alg *alg)
1150 if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1151 atomic64_inc(&alg->stats.akcipher.err_cnt);
1153 atomic64_inc(&alg->stats.akcipher.sign_cnt);
1154 crypto_alg_put(alg);
1156 EXPORT_SYMBOL_GPL(crypto_stats_akcipher_sign);
1158 void crypto_stats_akcipher_verify(int ret, struct crypto_alg *alg)
1160 if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1161 atomic64_inc(&alg->stats.akcipher.err_cnt);
1163 atomic64_inc(&alg->stats.akcipher.verify_cnt);
1164 crypto_alg_put(alg);
1166 EXPORT_SYMBOL_GPL(crypto_stats_akcipher_verify);
1168 void crypto_stats_compress(unsigned int slen, int ret, struct crypto_alg *alg)
1170 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1171 atomic64_inc(&alg->stats.compress.err_cnt);
1173 atomic64_inc(&alg->stats.compress.compress_cnt);
1174 atomic64_add(slen, &alg->stats.compress.compress_tlen);
1176 crypto_alg_put(alg);
1178 EXPORT_SYMBOL_GPL(crypto_stats_compress);
1180 void crypto_stats_decompress(unsigned int slen, int ret, struct crypto_alg *alg)
1182 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1183 atomic64_inc(&alg->stats.compress.err_cnt);
1185 atomic64_inc(&alg->stats.compress.decompress_cnt);
1186 atomic64_add(slen, &alg->stats.compress.decompress_tlen);
1188 crypto_alg_put(alg);
1190 EXPORT_SYMBOL_GPL(crypto_stats_decompress);
1192 void crypto_stats_ahash_update(unsigned int nbytes, int ret,
1193 struct crypto_alg *alg)
1195 if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1196 atomic64_inc(&alg->stats.hash.err_cnt);
1198 atomic64_add(nbytes, &alg->stats.hash.hash_tlen);
1199 crypto_alg_put(alg);
1201 EXPORT_SYMBOL_GPL(crypto_stats_ahash_update);
1203 void crypto_stats_ahash_final(unsigned int nbytes, int ret,
1204 struct crypto_alg *alg)
1206 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1207 atomic64_inc(&alg->stats.hash.err_cnt);
1209 atomic64_inc(&alg->stats.hash.hash_cnt);
1210 atomic64_add(nbytes, &alg->stats.hash.hash_tlen);
1212 crypto_alg_put(alg);
1214 EXPORT_SYMBOL_GPL(crypto_stats_ahash_final);
1216 void crypto_stats_kpp_set_secret(struct crypto_alg *alg, int ret)
1219 atomic64_inc(&alg->stats.kpp.err_cnt);
1221 atomic64_inc(&alg->stats.kpp.setsecret_cnt);
1222 crypto_alg_put(alg);
1224 EXPORT_SYMBOL_GPL(crypto_stats_kpp_set_secret);
1226 void crypto_stats_kpp_generate_public_key(struct crypto_alg *alg, int ret)
1229 atomic64_inc(&alg->stats.kpp.err_cnt);
1231 atomic64_inc(&alg->stats.kpp.generate_public_key_cnt);
1232 crypto_alg_put(alg);
1234 EXPORT_SYMBOL_GPL(crypto_stats_kpp_generate_public_key);
1236 void crypto_stats_kpp_compute_shared_secret(struct crypto_alg *alg, int ret)
1239 atomic64_inc(&alg->stats.kpp.err_cnt);
1241 atomic64_inc(&alg->stats.kpp.compute_shared_secret_cnt);
1242 crypto_alg_put(alg);
1244 EXPORT_SYMBOL_GPL(crypto_stats_kpp_compute_shared_secret);
1246 void crypto_stats_rng_seed(struct crypto_alg *alg, int ret)
1248 if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1249 atomic64_inc(&alg->stats.rng.err_cnt);
1251 atomic64_inc(&alg->stats.rng.seed_cnt);
1252 crypto_alg_put(alg);
1254 EXPORT_SYMBOL_GPL(crypto_stats_rng_seed);
1256 void crypto_stats_rng_generate(struct crypto_alg *alg, unsigned int dlen,
1259 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1260 atomic64_inc(&alg->stats.rng.err_cnt);
1262 atomic64_inc(&alg->stats.rng.generate_cnt);
1263 atomic64_add(dlen, &alg->stats.rng.generate_tlen);
1265 crypto_alg_put(alg);
1267 EXPORT_SYMBOL_GPL(crypto_stats_rng_generate);
1269 void crypto_stats_skcipher_encrypt(unsigned int cryptlen, int ret,
1270 struct crypto_alg *alg)
1272 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1273 atomic64_inc(&alg->stats.cipher.err_cnt);
1275 atomic64_inc(&alg->stats.cipher.encrypt_cnt);
1276 atomic64_add(cryptlen, &alg->stats.cipher.encrypt_tlen);
1278 crypto_alg_put(alg);
1280 EXPORT_SYMBOL_GPL(crypto_stats_skcipher_encrypt);
1282 void crypto_stats_skcipher_decrypt(unsigned int cryptlen, int ret,
1283 struct crypto_alg *alg)
1285 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1286 atomic64_inc(&alg->stats.cipher.err_cnt);
1288 atomic64_inc(&alg->stats.cipher.decrypt_cnt);
1289 atomic64_add(cryptlen, &alg->stats.cipher.decrypt_tlen);
1291 crypto_alg_put(alg);
1293 EXPORT_SYMBOL_GPL(crypto_stats_skcipher_decrypt);
1296 static int __init crypto_algapi_init(void)
1302 static void __exit crypto_algapi_exit(void)
1307 module_init(crypto_algapi_init);
1308 module_exit(crypto_algapi_exit);
1310 MODULE_LICENSE("GPL");
1311 MODULE_DESCRIPTION("Cryptographic algorithms API");
1312 MODULE_SOFTDEP("pre: cryptomgr");
projects / releases.git / blob