On Mon, 2009-01-12 at 18:43 +0800, Herbert Xu wrote:
> On Mon, Jan 12, 2009 at 02:55:10PM +0800, Huang Ying wrote:
> >
> > I use a "shell" cbc(aes) algorithm which chooses between
> > cryptd(__cbc-aes-aesni) and __cbc-aes-aesni according to context. But
> > the struct ablkcipher_request passed in can not be used for cryptd(*).
> > This can be resolved by allocating another struct ablkcipher_request for
> > cryptd(*) for each incoming struct ablkcipher_request. But is there any
> > better solution?
>
> You should include that other ablkcipher_request as part of the
> context of your ablkcipher_request.
>
> See for example how aead embeds it.
Thank you! I take a look at gcm.c, and know how to implement it.
I have another idea, the sample code is as follow. In short, just relay
the request to cryptd_tfm, and change tfm before/after.
struct async_aes_ctx {
struct crypto_ablkcipher *cryptd_tfm;
};
struct async_aes_req_ctx {
struct crypto_ablkcipher *ablk_tfm;
crypto_completion_t complete;
};
static inline struct async_aes_req_ctx *ablk_aes_req_ctx(
struct ablkcipher_request *req,
struct crypto_ablkcipher *ablk_tfm) {
return ablkcipher_request_ctx(req) +
ablk_tfm->base.crt_ablkcipher.reqsize;
}
static void ablk_complete(struct crypto_async_request *req, int err)
{
struct ablkcipher_request *ablk_req = ablkcipher_request_cast(req);
struct async_aes_req_ctx *req_ctx =
ablk_aes_req_ctx(ablk_req, crypto_ablkcipher_reqtfm(ablk_req));
ablkcipher_request_set_tfm(ablk_req, req_ctx->ablk_tfm);
req_ctx->complete(req, err);
}
static int ablk_encrypt(struct ablkcipher_request *req)
{
struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req);
struct async_aes_ctx *ctx = crypto_ablkcipher_ctx(tfm);
if (kernel_fpu_using()) {
struct async_aes_req_ctx *req_ctx =
ablk_aes_req_ctx(req, ctx->cryptd_tfm);
req_ctx->ablk_tfm = tfm;
ablkcipher_request_set_tfm(req, ctx->cryptd_tfm);
req_ctx->complete = req->base.complete;
req->base.complete = ablk_complete;
return crypto_ablkcipher_encrypt(req);
} else {
struct blkcipher_desc desc;
desc.tfm = cryptd_ablkcipher_child(ctx->cryptd_tfm);
desc.info = req->info;
desc.flags = 0;
return crypto_blkcipher_encrypt(&desc, req->dst, req->src,
req->nbytes);
}
}
static void ablk_init_common(struct crypto_tfm *tfm,
struct crypto_ablkcipher *cryptd_tfm)
{
struct async_aes_ctx *ctx = crypto_tfm_ctx(tfm);
ctx->cryptd_tfm = cryptd_tfm;
tfm->crt_ablkcipher.reqsize = cryptd_tfm->base.crt_ablkcipher.reqsize +
sizeof(struct async_aes_req_ctx);
}
static int ablk_ecb_init(struct crypto_tfm *tfm)
{
struct crypto_ablkcipher *cryptd_tfm;
cryptd_tfm = cryptd_alloc_ablkcipher("__ecb-aes-aesni", 0, 0);
if (IS_ERR(cryptd_tfm))
return PTR_ERR(cryptd_tfm);
ablk_init_common(tfm, cryptd_tfm);
return 0;
}
Best Regards,
Huang Ying
Attachment:
signature.asc
Description: This is a digitally signed message part
