[+dm-devel]
On Tue, Feb 11, 2025 at 01:09:12PM +0100, Harald Freudenberger wrote:
> On 2025-01-15 17:22, Harald Freudenberger wrote:
> > Add support for protected key hmac ("phmac") for s390 arch.
> >
> > With the latest machine generation there is now support for
> > protected key (that is a key wrapped by a master key stored
> > in firmware) hmac for sha2 (sha224, sha256, sha384 and sha512)
> > for the s390 specific CPACF instruction kmac.
> >
> > This patch adds support via 4 new ahashes registered as
> > phmac(sha224), phmac(sha256), phmac(sha384) and phmac(sha512).
> >
> > Co-developed-by: Holger Dengler <dengler@xxxxxxxxxxxxx>
> > Signed-off-by: Holger Dengler <dengler@xxxxxxxxxxxxx>
> > Signed-off-by: Harald Freudenberger <freude@xxxxxxxxxxxxx>
> > ---
>
> ...
>
> > +
> > + Select this option if you want to use the phmac digests
> > + for example to use dm-integrity with secure/protected keys.
> > +
> > config S390_PRNG
> > tristate "Pseudo random number generator device driver"
> > depends on S390
>
> Hello Eric
>
> with your commit
> 7fa481734016 crypto: ahash - make hash walk functions private to ahash.c
> you move the crypto_hash_walk_* functions to private context into ahash.c.
> So for example my new phmac does not compile any more.
> What is the replacement for these functions then? Should I really do
> the scatter walk by my own now or is there a set of new functions to come?
This is just another ridiculous problem caused by trying to shoehorn CPU-based
crypto into ahash which is an interface designed for off-CPU offload.
I've already given the solution here:
https://lore.kernel.org/dm-devel/20250116080324.GA3910@sol.localdomain/
- Eric
