[meta-freescale.git] /

From 20dcf071bc3076ee7db9d603cfbe6a06e86c7d5f Mon Sep 17 00:00:00 2001
From: Cristian Stoica <cristian.stoica@nxp.com>
Date: Thu, 4 May 2017 15:06:20 +0300
Subject: [PATCH 1/9] refactoring: split big function to simplify maintainance

The setup of auth_buf in tls and aead is now duplicated but this
is temporary and allows necessary corrections for the aead case
with v4.2+ kernels.

Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
---
 authenc.c | 197 ++++++++++++++++++++++++++++++++++++++++----------------------
 1 file changed, 126 insertions(+), 71 deletions(-)

diff --git a/authenc.c b/authenc.c
index 1bd7377..28eb0f9 100644
--- a/authenc.c
+++ b/authenc.c
@@ -609,96 +609,151 @@ auth_n_crypt(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop,
        return 0;
 }
 
-/* This is the main crypto function - zero-copy edition */
-static int
-__crypto_auth_run_zc(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop)
+static int crypto_auth_zc_srtp(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop)
 {
-       struct scatterlist *dst_sg, *auth_sg, *src_sg;
+       struct scatterlist *dst_sg, *auth_sg;
        struct crypt_auth_op *caop = &kcaop->caop;
-       int ret = 0;
+       int ret;
 
-       if (caop->flags & COP_FLAG_AEAD_SRTP_TYPE) {
-               if (unlikely(ses_ptr->cdata.init != 0 &&
-                            (ses_ptr->cdata.stream == 0 ||
-                             ses_ptr->cdata.aead != 0))) {
-                       derr(0, "Only stream modes are allowed in SRTP mode (but not AEAD)");
-                       return -EINVAL;
-               }
+       if (unlikely(ses_ptr->cdata.init != 0 &&
+               (ses_ptr->cdata.stream == 0 || ses_ptr->cdata.aead != 0))) {
+               derr(0, "Only stream modes are allowed in SRTP mode (but not AEAD)");
+               return -EINVAL;
+       }
 
-               ret = get_userbuf_srtp(ses_ptr, kcaop, &auth_sg, &dst_sg);
-               if (unlikely(ret)) {
-                       derr(1, "get_userbuf_srtp(): Error getting user pages.");
-                       return ret;
-               }
+       ret = get_userbuf_srtp(ses_ptr, kcaop, &auth_sg, &dst_sg);
+       if (unlikely(ret)) {
+               derr(1, "get_userbuf_srtp(): Error getting user pages.");
+               return ret;
+       }
 
-               ret = srtp_auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
-                          dst_sg, caop->len);
+       ret = srtp_auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
+                       dst_sg, caop->len);
 
-               release_user_pages(ses_ptr);
-       } else { /* TLS and normal cases. Here auth data are usually small
-                 * so we just copy them to a free page, instead of trying
-                 * to map them.
-                 */
-               unsigned char *auth_buf = NULL;
-               struct scatterlist tmp;
+       release_user_pages(ses_ptr);
 
-               if (unlikely(caop->auth_len > PAGE_SIZE)) {
-                       derr(1, "auth data len is excessive.");
-                       return -EINVAL;
-               }
+       return ret;
+}
 
-               auth_buf = (char *)__get_free_page(GFP_KERNEL);
-               if (unlikely(!auth_buf)) {
-                       derr(1, "unable to get a free page.");
-                       return -ENOMEM;
-               }
+static int crypto_auth_zc_tls(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop)
+{
+       struct crypt_auth_op *caop = &kcaop->caop;
+       struct scatterlist *dst_sg, *auth_sg;
+       unsigned char *auth_buf = NULL;
+       struct scatterlist tmp;
+       int ret;
 
-               if (caop->auth_src && caop->auth_len > 0) {
-                       if (unlikely(copy_from_user(auth_buf, caop->auth_src, caop->auth_len))) {
-                               derr(1, "unable to copy auth data from userspace.");
-                               ret = -EFAULT;
-                               goto free_auth_buf;
-                       }
+       if (unlikely(ses_ptr->cdata.aead != 0)) {
+               return -EINVAL;
+       }
+
+       if (unlikely(caop->auth_len > PAGE_SIZE)) {
+               derr(1, "auth data len is excessive.");
+               return -EINVAL;
+       }
+
+       auth_buf = (char *)__get_free_page(GFP_KERNEL);
+       if (unlikely(!auth_buf)) {
+               derr(1, "unable to get a free page.");
+               return -ENOMEM;
+       }
 
-                       sg_init_one(&tmp, auth_buf, caop->auth_len);
-                       auth_sg = &tmp;
-               } else {
-                       auth_sg = NULL;
+       if (caop->auth_src && caop->auth_len > 0) {
+               if (unlikely(copy_from_user(auth_buf, caop->auth_src, caop->auth_len))) {
+                       derr(1, "unable to copy auth data from userspace.");
+                       ret = -EFAULT;
+                       goto free_auth_buf;
                }
 
-               if (caop->flags & COP_FLAG_AEAD_TLS_TYPE && ses_ptr->cdata.aead == 0) {
-                       ret = get_userbuf_tls(ses_ptr, kcaop, &dst_sg);
-                       if (unlikely(ret)) {
-                               derr(1, "get_userbuf_tls(): Error getting user pages.");
-                               goto free_auth_buf;
-                       }
+               sg_init_one(&tmp, auth_buf, caop->auth_len);
+               auth_sg = &tmp;
+       } else {
+               auth_sg = NULL;
+       }
 
-                       ret = tls_auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
-                                  dst_sg, caop->len);
-               } else {
-                       if (unlikely(ses_ptr->cdata.init == 0 ||
-                                    (ses_ptr->cdata.stream == 0 &&
-                                     ses_ptr->cdata.aead == 0))) {
-                               derr(0, "Only stream and AEAD ciphers are allowed for authenc");
-                               ret = -EINVAL;
-                               goto free_auth_buf;
-                       }
+       ret = get_userbuf_tls(ses_ptr, kcaop, &dst_sg);
+       if (unlikely(ret)) {
+               derr(1, "get_userbuf_tls(): Error getting user pages.");
+               goto free_auth_buf;
+       }
 
-                       ret = get_userbuf(ses_ptr, caop->src, caop->len, caop->dst, kcaop->dst_len,
-                                         kcaop->task, kcaop->mm, &src_sg, &dst_sg);
-                       if (unlikely(ret)) {
-                               derr(1, "get_userbuf(): Error getting user pages.");
-                               goto free_auth_buf;
-                       }
+       ret = tls_auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
+                       dst_sg, caop->len);
+       release_user_pages(ses_ptr);
+
+free_auth_buf:
+       free_page((unsigned long)auth_buf);
+       return ret;
+}
+
+static int crypto_auth_zc_aead(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop)
+{
+       struct scatterlist *dst_sg, *auth_sg, *src_sg;
+       struct crypt_auth_op *caop = &kcaop->caop;
+       unsigned char *auth_buf = NULL;
+       struct scatterlist tmp;
+       int ret;
 
-                       ret = auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
-                                          src_sg, dst_sg, caop->len);
+       if (unlikely(ses_ptr->cdata.init == 0 ||
+               (ses_ptr->cdata.stream == 0 && ses_ptr->cdata.aead == 0))) {
+               derr(0, "Only stream and AEAD ciphers are allowed for authenc");
+               return -EINVAL;
+       }
+
+       if (unlikely(caop->auth_len > PAGE_SIZE)) {
+               derr(1, "auth data len is excessive.");
+               return -EINVAL;
+       }
+
+       auth_buf = (char *)__get_free_page(GFP_KERNEL);
+       if (unlikely(!auth_buf)) {
+               derr(1, "unable to get a free page.");
+               return -ENOMEM;
+       }
+
+       if (caop->auth_src && caop->auth_len > 0) {
+               if (unlikely(copy_from_user(auth_buf, caop->auth_src, caop->auth_len))) {
+                       derr(1, "unable to copy auth data from userspace.");
+                       ret = -EFAULT;
+                       goto free_auth_buf;
                }
 
-               release_user_pages(ses_ptr);
+               sg_init_one(&tmp, auth_buf, caop->auth_len);
+               auth_sg = &tmp;
+       } else {
+               auth_sg = NULL;
+       }
+
+       ret = get_userbuf(ses_ptr, caop->src, caop->len, caop->dst, kcaop->dst_len,
+                       kcaop->task, kcaop->mm, &src_sg, &dst_sg);
+       if (unlikely(ret)) {
+               derr(1, "get_userbuf(): Error getting user pages.");
+               goto free_auth_buf;
+       }
+
+       ret = auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
+                       src_sg, dst_sg, caop->len);
+
+       release_user_pages(ses_ptr);
 
 free_auth_buf:
-               free_page((unsigned long)auth_buf);
+       free_page((unsigned long)auth_buf);
+
+       return ret;
+}
+
+static int
+__crypto_auth_run_zc(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop)
+{
+       struct crypt_auth_op *caop = &kcaop->caop;
+       int ret;
+
+       if (caop->flags & COP_FLAG_AEAD_SRTP_TYPE) {
+               ret = crypto_auth_zc_srtp(ses_ptr, kcaop);
+       } else if (caop->flags & COP_FLAG_AEAD_TLS_TYPE) {
+               ret = crypto_auth_zc_tls(ses_ptr, kcaop);
+       } else {
+               ret = crypto_auth_zc_aead(ses_ptr, kcaop);
        }
 
        return ret;
-- 
2.7.4