SRC_URI += " \
file://0001-Disable-installing-header-file-provided-by-another-p.patch \
-file://0001-ioctl.c-Fix-build-with-linux-4.13.patch \
-file://0001-ioctl.c-Fix-build-with-linux-4.17.patch \
-file://0001-refactoring-split-big-function-to-simplify-maintaina.patch \
-file://0002-refactoring-relocate-code-to-simplify-later-patches.patch \
-file://0003-convert-to-new-AEAD-interface-in-kernels-v4.2.patch \
"
EXTRA_OEMAKE='KERNEL_DIR="${STAGING_KERNEL_DIR}" PREFIX="${D}"'
SRC_URI += " \
file://0001-Add-the-compile-and-install-rules-for-cryptodev-test.patch \
-file://0001-Port-tests-to-openssl-1.1.patch \
"
EXTRA_OEMAKE='KERNEL_DIR="${STAGING_EXECPREFIXDIR}" PREFIX="${D}"'
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
SRC_URI = "git://github.com/cryptodev-linux/cryptodev-linux"
-SRCREV = "87d959d9a279c055b361de8e730fab6a7144edd7"
+SRCREV = "fd8b15ef1c8398a69a37932ee48c74ab40329a29"
S = "${WORKDIR}/git"
+++ /dev/null
-From 2fe4bdeb8cdd0b0f46d9caed807812855d51ea56 Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin <alex.kanavin@gmail.com>
-Date: Wed, 28 Mar 2018 20:11:05 +0300
-Subject: [PATCH] Port tests to openssl 1.1
-
-Upstream-Status: Accepted [https://github.com/cryptodev-linux/cryptodev-linux/pull/36]
-Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
-
----
- tests/openssl_wrapper.c | 33 +++++++++++++++++++++++++++++++++
- 1 file changed, 33 insertions(+)
-
-diff --git a/tests/openssl_wrapper.c b/tests/openssl_wrapper.c
-index 038c58f..dea2496 100644
---- a/tests/openssl_wrapper.c
-+++ b/tests/openssl_wrapper.c
-@@ -4,6 +4,7 @@
- #include <openssl/aes.h>
- #include <openssl/evp.h>
- #include <openssl/hmac.h>
-+#include <openssl/opensslv.h>
-
- //#define DEBUG
-
-@@ -23,10 +24,17 @@ enum ctx_type {
- ctx_type_md,
- };
-
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+union openssl_ctx {
-+ HMAC_CTX *hmac;
-+ EVP_MD_CTX *md;
-+};
-+#else
- union openssl_ctx {
- HMAC_CTX hmac;
- EVP_MD_CTX md;
- };
-+#endif
-
- struct ctx_mapping {
- __u32 ses;
-@@ -63,6 +71,16 @@ static void remove_mapping(__u32 ses)
- switch (mapping->type) {
- case ctx_type_none:
- break;
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+ case ctx_type_hmac:
-+ dbgp("%s: calling HMAC_CTX_free\n", __func__);
-+ HMAC_CTX_free(mapping->ctx.hmac);
-+ break;
-+ case ctx_type_md:
-+ dbgp("%s: calling EVP_MD_CTX_free\n", __func__);
-+ EVP_MD_CTX_free(mapping->ctx.md);
-+ break;
-+#else
- case ctx_type_hmac:
- dbgp("%s: calling HMAC_CTX_cleanup\n", __func__);
- HMAC_CTX_cleanup(&mapping->ctx.hmac);
-@@ -71,6 +89,7 @@ static void remove_mapping(__u32 ses)
- dbgp("%s: calling EVP_MD_CTX_cleanup\n", __func__);
- EVP_MD_CTX_cleanup(&mapping->ctx.md);
- break;
-+#endif
- }
- memset(mapping, 0, sizeof(*mapping));
- }
-@@ -127,10 +146,17 @@ static int openssl_hmac(struct session_op *sess, struct crypt_op *cop)
-
- mapping->ses = sess->ses;
- mapping->type = ctx_type_hmac;
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+ ctx = mapping->ctx.hmac;
-+
-+ dbgp("calling HMAC_CTX_new");
-+ ctx = HMAC_CTX_new();
-+#else
- ctx = &mapping->ctx.hmac;
-
- dbgp("calling HMAC_CTX_init");
- HMAC_CTX_init(ctx);
-+#endif
- dbgp("calling HMAC_Init_ex");
- if (!HMAC_Init_ex(ctx, sess->mackey, sess->mackeylen,
- sess_to_evp_md(sess), NULL)) {
-@@ -172,10 +198,17 @@ static int openssl_md(struct session_op *sess, struct crypt_op *cop)
-
- mapping->ses = sess->ses;
- mapping->type = ctx_type_md;
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+ ctx = mapping->ctx.md;
-+
-+ dbgp("calling EVP_MD_CTX_new");
-+ ctx = EVP_MD_CTX_new();
-+#else
- ctx = &mapping->ctx.md;
-
- dbgp("calling EVP_MD_CTX_init");
- EVP_MD_CTX_init(ctx);
-+#endif
- dbgp("calling EVP_DigestInit");
- EVP_DigestInit(ctx, sess_to_evp_md(sess));
- }
+++ /dev/null
-From f0d69774afb27ffc62bf353465fba145e70cb85a Mon Sep 17 00:00:00 2001
-From: Ricardo Ribalda Delgado <ricardo.ribalda@gmail.com>
-Date: Mon, 4 Sep 2017 11:05:08 +0200
-Subject: [PATCH] ioctl.c: Fix build with linux 4.13
-
-git/ioctl.c:1127:3: error: positional initialization of field in 'struct' declared with 'designated_init' attribute [-Werror=designated-init]
- {0, },
- ^
-note: (near initialization for 'verbosity_ctl_dir[1]')
-git/ioctl.c:1136:3: error: positional initialization of field in 'struct' declared with 'designated_init' attribute [-Werror=designated-init]
- {0, },
- ^
-
-Linux kernel has added -Werror=designated-init around 4.11 (c834f0e8a8b)
-triggering build errors with gcc 5 and 6 (but not with gcc 4)
-
-Upstream-Status: Backport
-
-Signed-off-by: Ricardo Ribalda Delgado <ricardo.ribalda@gmail.com>
-Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
----
- ioctl.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/ioctl.c b/ioctl.c
-index 0385203..8d4a162 100644
---- a/ioctl.c
-+++ b/ioctl.c
-@@ -1124,7 +1124,7 @@ static struct ctl_table verbosity_ctl_dir[] = {
- .mode = 0644,
- .proc_handler = proc_dointvec,
- },
-- {0, },
-+ {},
- };
-
- static struct ctl_table verbosity_ctl_root[] = {
-@@ -1133,7 +1133,7 @@ static struct ctl_table verbosity_ctl_root[] = {
- .mode = 0555,
- .child = verbosity_ctl_dir,
- },
-- {0, },
-+ {},
- };
- static struct ctl_table_header *verbosity_sysctl_header;
- static int __init init_cryptodev(void)
---
-2.7.4
-
+++ /dev/null
-From f60aa08c63fc02780554a0a12180a478ca27d49f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Horia=20Geant=C4=83?= <horia.geanta@nxp.com>
-Date: Wed, 23 May 2018 18:43:39 +0300
-Subject: [PATCH] ioctl.c: Fix build with linux 4.17
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Since kernel 4.17-rc1, sys_* syscalls can no longer be called directly:
-819671ff849b ("syscalls: define and explain goal to not call syscalls in the kernel")
-
-Since cryptodev uses sys_close() - and this has been removed in commit:
-2ca2a09d6215 ("fs: add ksys_close() wrapper; remove in-kernel calls to sys_close()")
-cryptodev has to be updated to use the ksys_close() wrapper.
-
-Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
-
-Upstream-Status: Backport
-
-Signed-off-by: He Zhe <zhe.he@windriver.com>
----
- ioctl.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/ioctl.c b/ioctl.c
-index d831b0c..2571034 100644
---- a/ioctl.c
-+++ b/ioctl.c
-@@ -828,7 +828,11 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
- fd = clonefd(filp);
- ret = put_user(fd, p);
- if (unlikely(ret)) {
-+#if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 17, 0))
- sys_close(fd);
-+#else
-+ ksys_close(fd);
-+#endif
- return ret;
- }
- return ret;
---
-2.7.4
-
+++ /dev/null
-From 20dcf071bc3076ee7db9d603cfbe6a06e86c7d5f Mon Sep 17 00:00:00 2001
-From: Cristian Stoica <cristian.stoica@nxp.com>
-Date: Thu, 4 May 2017 15:06:20 +0300
-Subject: [PATCH 1/3] refactoring: split big function to simplify maintainance
-
-The setup of auth_buf in tls and aead is now duplicated but this
-is temporary and allows necessary corrections for the aead case
-with v4.2+ kernels.
-
-Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
-
-Upstream-Status: Backport
-
-Commit ID: 20dcf071bc3076ee7db9d603c
-
-Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
----
- authenc.c | 197 ++++++++++++++++++++++++++++++++++++++++----------------------
- 1 file changed, 126 insertions(+), 71 deletions(-)
-
-diff --git a/authenc.c b/authenc.c
-index 1bd7377..28eb0f9 100644
---- a/authenc.c
-+++ b/authenc.c
-@@ -609,96 +609,151 @@ auth_n_crypt(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop,
- return 0;
- }
-
--/* This is the main crypto function - zero-copy edition */
--static int
--__crypto_auth_run_zc(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop)
-+static int crypto_auth_zc_srtp(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop)
- {
-- struct scatterlist *dst_sg, *auth_sg, *src_sg;
-+ struct scatterlist *dst_sg, *auth_sg;
- struct crypt_auth_op *caop = &kcaop->caop;
-- int ret = 0;
-+ int ret;
-
-- if (caop->flags & COP_FLAG_AEAD_SRTP_TYPE) {
-- if (unlikely(ses_ptr->cdata.init != 0 &&
-- (ses_ptr->cdata.stream == 0 ||
-- ses_ptr->cdata.aead != 0))) {
-- derr(0, "Only stream modes are allowed in SRTP mode (but not AEAD)");
-- return -EINVAL;
-- }
-+ if (unlikely(ses_ptr->cdata.init != 0 &&
-+ (ses_ptr->cdata.stream == 0 || ses_ptr->cdata.aead != 0))) {
-+ derr(0, "Only stream modes are allowed in SRTP mode (but not AEAD)");
-+ return -EINVAL;
-+ }
-
-- ret = get_userbuf_srtp(ses_ptr, kcaop, &auth_sg, &dst_sg);
-- if (unlikely(ret)) {
-- derr(1, "get_userbuf_srtp(): Error getting user pages.");
-- return ret;
-- }
-+ ret = get_userbuf_srtp(ses_ptr, kcaop, &auth_sg, &dst_sg);
-+ if (unlikely(ret)) {
-+ derr(1, "get_userbuf_srtp(): Error getting user pages.");
-+ return ret;
-+ }
-
-- ret = srtp_auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
-- dst_sg, caop->len);
-+ ret = srtp_auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
-+ dst_sg, caop->len);
-
-- release_user_pages(ses_ptr);
-- } else { /* TLS and normal cases. Here auth data are usually small
-- * so we just copy them to a free page, instead of trying
-- * to map them.
-- */
-- unsigned char *auth_buf = NULL;
-- struct scatterlist tmp;
-+ release_user_pages(ses_ptr);
-
-- if (unlikely(caop->auth_len > PAGE_SIZE)) {
-- derr(1, "auth data len is excessive.");
-- return -EINVAL;
-- }
-+ return ret;
-+}
-
-- auth_buf = (char *)__get_free_page(GFP_KERNEL);
-- if (unlikely(!auth_buf)) {
-- derr(1, "unable to get a free page.");
-- return -ENOMEM;
-- }
-+static int crypto_auth_zc_tls(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop)
-+{
-+ struct crypt_auth_op *caop = &kcaop->caop;
-+ struct scatterlist *dst_sg, *auth_sg;
-+ unsigned char *auth_buf = NULL;
-+ struct scatterlist tmp;
-+ int ret;
-
-- if (caop->auth_src && caop->auth_len > 0) {
-- if (unlikely(copy_from_user(auth_buf, caop->auth_src, caop->auth_len))) {
-- derr(1, "unable to copy auth data from userspace.");
-- ret = -EFAULT;
-- goto free_auth_buf;
-- }
-+ if (unlikely(ses_ptr->cdata.aead != 0)) {
-+ return -EINVAL;
-+ }
-+
-+ if (unlikely(caop->auth_len > PAGE_SIZE)) {
-+ derr(1, "auth data len is excessive.");
-+ return -EINVAL;
-+ }
-+
-+ auth_buf = (char *)__get_free_page(GFP_KERNEL);
-+ if (unlikely(!auth_buf)) {
-+ derr(1, "unable to get a free page.");
-+ return -ENOMEM;
-+ }
-
-- sg_init_one(&tmp, auth_buf, caop->auth_len);
-- auth_sg = &tmp;
-- } else {
-- auth_sg = NULL;
-+ if (caop->auth_src && caop->auth_len > 0) {
-+ if (unlikely(copy_from_user(auth_buf, caop->auth_src, caop->auth_len))) {
-+ derr(1, "unable to copy auth data from userspace.");
-+ ret = -EFAULT;
-+ goto free_auth_buf;
- }
-
-- if (caop->flags & COP_FLAG_AEAD_TLS_TYPE && ses_ptr->cdata.aead == 0) {
-- ret = get_userbuf_tls(ses_ptr, kcaop, &dst_sg);
-- if (unlikely(ret)) {
-- derr(1, "get_userbuf_tls(): Error getting user pages.");
-- goto free_auth_buf;
-- }
-+ sg_init_one(&tmp, auth_buf, caop->auth_len);
-+ auth_sg = &tmp;
-+ } else {
-+ auth_sg = NULL;
-+ }
-
-- ret = tls_auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
-- dst_sg, caop->len);
-- } else {
-- if (unlikely(ses_ptr->cdata.init == 0 ||
-- (ses_ptr->cdata.stream == 0 &&
-- ses_ptr->cdata.aead == 0))) {
-- derr(0, "Only stream and AEAD ciphers are allowed for authenc");
-- ret = -EINVAL;
-- goto free_auth_buf;
-- }
-+ ret = get_userbuf_tls(ses_ptr, kcaop, &dst_sg);
-+ if (unlikely(ret)) {
-+ derr(1, "get_userbuf_tls(): Error getting user pages.");
-+ goto free_auth_buf;
-+ }
-
-- ret = get_userbuf(ses_ptr, caop->src, caop->len, caop->dst, kcaop->dst_len,
-- kcaop->task, kcaop->mm, &src_sg, &dst_sg);
-- if (unlikely(ret)) {
-- derr(1, "get_userbuf(): Error getting user pages.");
-- goto free_auth_buf;
-- }
-+ ret = tls_auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
-+ dst_sg, caop->len);
-+ release_user_pages(ses_ptr);
-+
-+free_auth_buf:
-+ free_page((unsigned long)auth_buf);
-+ return ret;
-+}
-+
-+static int crypto_auth_zc_aead(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop)
-+{
-+ struct scatterlist *dst_sg, *auth_sg, *src_sg;
-+ struct crypt_auth_op *caop = &kcaop->caop;
-+ unsigned char *auth_buf = NULL;
-+ struct scatterlist tmp;
-+ int ret;
-
-- ret = auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
-- src_sg, dst_sg, caop->len);
-+ if (unlikely(ses_ptr->cdata.init == 0 ||
-+ (ses_ptr->cdata.stream == 0 && ses_ptr->cdata.aead == 0))) {
-+ derr(0, "Only stream and AEAD ciphers are allowed for authenc");
-+ return -EINVAL;
-+ }
-+
-+ if (unlikely(caop->auth_len > PAGE_SIZE)) {
-+ derr(1, "auth data len is excessive.");
-+ return -EINVAL;
-+ }
-+
-+ auth_buf = (char *)__get_free_page(GFP_KERNEL);
-+ if (unlikely(!auth_buf)) {
-+ derr(1, "unable to get a free page.");
-+ return -ENOMEM;
-+ }
-+
-+ if (caop->auth_src && caop->auth_len > 0) {
-+ if (unlikely(copy_from_user(auth_buf, caop->auth_src, caop->auth_len))) {
-+ derr(1, "unable to copy auth data from userspace.");
-+ ret = -EFAULT;
-+ goto free_auth_buf;
- }
-
-- release_user_pages(ses_ptr);
-+ sg_init_one(&tmp, auth_buf, caop->auth_len);
-+ auth_sg = &tmp;
-+ } else {
-+ auth_sg = NULL;
-+ }
-+
-+ ret = get_userbuf(ses_ptr, caop->src, caop->len, caop->dst, kcaop->dst_len,
-+ kcaop->task, kcaop->mm, &src_sg, &dst_sg);
-+ if (unlikely(ret)) {
-+ derr(1, "get_userbuf(): Error getting user pages.");
-+ goto free_auth_buf;
-+ }
-+
-+ ret = auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
-+ src_sg, dst_sg, caop->len);
-+
-+ release_user_pages(ses_ptr);
-
- free_auth_buf:
-- free_page((unsigned long)auth_buf);
-+ free_page((unsigned long)auth_buf);
-+
-+ return ret;
-+}
-+
-+static int
-+__crypto_auth_run_zc(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop)
-+{
-+ struct crypt_auth_op *caop = &kcaop->caop;
-+ int ret;
-+
-+ if (caop->flags & COP_FLAG_AEAD_SRTP_TYPE) {
-+ ret = crypto_auth_zc_srtp(ses_ptr, kcaop);
-+ } else if (caop->flags & COP_FLAG_AEAD_TLS_TYPE) {
-+ ret = crypto_auth_zc_tls(ses_ptr, kcaop);
-+ } else {
-+ ret = crypto_auth_zc_aead(ses_ptr, kcaop);
- }
-
- return ret;
---
-2.11.0
-
+++ /dev/null
-From c2bf0e42b1d9fda60cde4a3a682784d349ef1c0b Mon Sep 17 00:00:00 2001
-From: Cristian Stoica <cristian.stoica@nxp.com>
-Date: Thu, 4 May 2017 15:06:21 +0300
-Subject: [PATCH 2/3] refactoring: relocate code to simplify later patches
-
-This code move will simplify the conversion to new AEAD interface in
-next patches
-
-Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
-
-Upstream-Status: Backport
-
-Commit ID: c2bf0e42b1d9fda
-
-Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
----
- authenc.c | 17 +++++++++--------
- 1 file changed, 9 insertions(+), 8 deletions(-)
-
-diff --git a/authenc.c b/authenc.c
-index 28eb0f9..95727b4 100644
---- a/authenc.c
-+++ b/authenc.c
-@@ -711,11 +711,18 @@ static int crypto_auth_zc_aead(struct csession *ses_ptr, struct kernel_crypt_aut
- return -ENOMEM;
- }
-
-+ ret = get_userbuf(ses_ptr, caop->src, caop->len, caop->dst, kcaop->dst_len,
-+ kcaop->task, kcaop->mm, &src_sg, &dst_sg);
-+ if (unlikely(ret)) {
-+ derr(1, "get_userbuf(): Error getting user pages.");
-+ goto free_auth_buf;
-+ }
-+
- if (caop->auth_src && caop->auth_len > 0) {
- if (unlikely(copy_from_user(auth_buf, caop->auth_src, caop->auth_len))) {
- derr(1, "unable to copy auth data from userspace.");
- ret = -EFAULT;
-- goto free_auth_buf;
-+ goto free_pages;
- }
-
- sg_init_one(&tmp, auth_buf, caop->auth_len);
-@@ -724,16 +731,10 @@ static int crypto_auth_zc_aead(struct csession *ses_ptr, struct kernel_crypt_aut
- auth_sg = NULL;
- }
-
-- ret = get_userbuf(ses_ptr, caop->src, caop->len, caop->dst, kcaop->dst_len,
-- kcaop->task, kcaop->mm, &src_sg, &dst_sg);
-- if (unlikely(ret)) {
-- derr(1, "get_userbuf(): Error getting user pages.");
-- goto free_auth_buf;
-- }
--
- ret = auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
- src_sg, dst_sg, caop->len);
-
-+free_pages:
- release_user_pages(ses_ptr);
-
- free_auth_buf:
---
-2.11.0
-
+++ /dev/null
-From a705360197260d28535746ae98c461ba2cfb7a9e Mon Sep 17 00:00:00 2001
-From: Cristian Stoica <cristian.stoica@nxp.com>
-Date: Thu, 4 May 2017 15:06:22 +0300
-Subject: [PATCH 3/3] convert to new AEAD interface in kernels v4.2+
-
-The crypto API for AEAD ciphers changed in recent kernels so that
-associated data is now part of both source and destination scatter
-gathers. The source, destination and associated data buffers need
-to be stiched accordingly for the operations to succeed:
-
-src_sg: auth_buf + src_buf
-dst_sg: auth_buf + (dst_buf + tag space)
-
-This patch fixes a kernel crash observed with cipher-gcm test.
-
-See also kernel patch: 81c4c35eb61a69c229871c490b011c1171511d5a
- crypto: ccm - Convert to new AEAD interface
-
-Reported-by: Phil Sutter <phil@nwl.cc>
-Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
-
-Upstream-Status: Backport
-
-Commit ID: a705360197260d2853574
-
-Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
----
- authenc.c | 40 ++++++++++++++++++++++++++++++++++++++--
- 1 file changed, 38 insertions(+), 2 deletions(-)
-
-diff --git a/authenc.c b/authenc.c
-index 95727b4..692951f 100644
---- a/authenc.c
-+++ b/authenc.c
-@@ -688,12 +688,20 @@ free_auth_buf:
-
- static int crypto_auth_zc_aead(struct csession *ses_ptr, struct kernel_crypt_auth_op *kcaop)
- {
-- struct scatterlist *dst_sg, *auth_sg, *src_sg;
-+ struct scatterlist *dst_sg;
-+ struct scatterlist *src_sg;
- struct crypt_auth_op *caop = &kcaop->caop;
- unsigned char *auth_buf = NULL;
-- struct scatterlist tmp;
- int ret;
-
-+#if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 2, 0))
-+ struct scatterlist tmp;
-+ struct scatterlist *auth_sg;
-+#else
-+ struct scatterlist auth1[2];
-+ struct scatterlist auth2[2];
-+#endif
-+
- if (unlikely(ses_ptr->cdata.init == 0 ||
- (ses_ptr->cdata.stream == 0 && ses_ptr->cdata.aead == 0))) {
- derr(0, "Only stream and AEAD ciphers are allowed for authenc");
-@@ -718,6 +726,7 @@ static int crypto_auth_zc_aead(struct csession *ses_ptr, struct kernel_crypt_aut
- goto free_auth_buf;
- }
-
-+#if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 2, 0))
- if (caop->auth_src && caop->auth_len > 0) {
- if (unlikely(copy_from_user(auth_buf, caop->auth_src, caop->auth_len))) {
- derr(1, "unable to copy auth data from userspace.");
-@@ -733,6 +742,33 @@ static int crypto_auth_zc_aead(struct csession *ses_ptr, struct kernel_crypt_aut
-
- ret = auth_n_crypt(ses_ptr, kcaop, auth_sg, caop->auth_len,
- src_sg, dst_sg, caop->len);
-+#else
-+ if (caop->auth_src && caop->auth_len > 0) {
-+ if (unlikely(copy_from_user(auth_buf, caop->auth_src, caop->auth_len))) {
-+ derr(1, "unable to copy auth data from userspace.");
-+ ret = -EFAULT;
-+ goto free_pages;
-+ }
-+
-+ sg_init_table(auth1, 2);
-+ sg_set_buf(auth1, auth_buf, caop->auth_len);
-+ sg_chain(auth1, 2, src_sg);
-+
-+ if (src_sg == dst_sg) {
-+ src_sg = auth1;
-+ dst_sg = auth1;
-+ } else {
-+ sg_init_table(auth2, 2);
-+ sg_set_buf(auth2, auth_buf, caop->auth_len);
-+ sg_chain(auth2, 2, dst_sg);
-+ src_sg = auth1;
-+ dst_sg = auth2;
-+ }
-+ }
-+
-+ ret = auth_n_crypt(ses_ptr, kcaop, NULL, caop->auth_len,
-+ src_sg, dst_sg, caop->len);
-+#endif
-
- free_pages:
- release_user_pages(ses_ptr);
---
-2.11.0
-
