Re: [PATCH] crypto: x86 - remove SHA multibuffer routines and mcryptd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 08/22/2018 01:51 AM, Ard Biesheuvel wrote:
> As it turns out, the AVX2 multibuffer SHA routines are currently
> broken [0], in a way that would have likely been noticed if this
> code were in wide use. Since the code is too complicated to be
> maintained by anyone except the original authors, and since the
> performance benefits for real-world use cases are debatable to
> begin with, it is better to drop it entirely for the moment.
> 
> [0] https://marc.info/?l=linux-crypto-vger&m=153476243825350&w=2

Sorry I was out of the loop for a while and haven't been following
the code too closely.

Megha is maintaining the code now.  Before we pull the code,
please give us a chance to fix it first.

Thanks.

Tim

> 
> Suggested-by: Eric Biggers <ebiggers@xxxxxxxxxx>
> Cc: Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> Cc: Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> Cc: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
> Cc: Martin Schwidefsky <schwidefsky@xxxxxxxxxx>
> Cc: Heiko Carstens <heiko.carstens@xxxxxxxxxx>
> Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> Cc: Ingo Molnar <mingo@xxxxxxxxxx>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
> ---
>  MAINTAINERS                                   |    8 -
>  arch/m68k/configs/amiga_defconfig             |    1 -
>  arch/m68k/configs/apollo_defconfig            |    1 -
>  arch/m68k/configs/atari_defconfig             |    1 -
>  arch/m68k/configs/bvme6000_defconfig          |    1 -
>  arch/m68k/configs/hp300_defconfig             |    1 -
>  arch/m68k/configs/mac_defconfig               |    1 -
>  arch/m68k/configs/multi_defconfig             |    1 -
>  arch/m68k/configs/mvme147_defconfig           |    1 -
>  arch/m68k/configs/mvme16x_defconfig           |    1 -
>  arch/m68k/configs/q40_defconfig               |    1 -
>  arch/m68k/configs/sun3_defconfig              |    1 -
>  arch/m68k/configs/sun3x_defconfig             |    1 -
>  arch/s390/configs/debug_defconfig             |    1 -
>  arch/s390/configs/performance_defconfig       |    1 -
>  arch/x86/crypto/Makefile                      |    3 -
>  arch/x86/crypto/sha1-mb/Makefile              |   14 -
>  arch/x86/crypto/sha1-mb/sha1_mb.c             | 1011 ----------------
>  arch/x86/crypto/sha1-mb/sha1_mb_ctx.h         |  134 ---
>  arch/x86/crypto/sha1-mb/sha1_mb_mgr.h         |  110 --
>  .../crypto/sha1-mb/sha1_mb_mgr_datastruct.S   |  287 -----
>  .../crypto/sha1-mb/sha1_mb_mgr_flush_avx2.S   |  304 -----
>  .../crypto/sha1-mb/sha1_mb_mgr_init_avx2.c    |   64 -
>  .../crypto/sha1-mb/sha1_mb_mgr_submit_avx2.S  |  209 ----
>  arch/x86/crypto/sha1-mb/sha1_x8_avx2.S        |  492 --------
>  arch/x86/crypto/sha256-mb/Makefile            |   14 -
>  arch/x86/crypto/sha256-mb/sha256_mb.c         | 1013 ----------------
>  arch/x86/crypto/sha256-mb/sha256_mb_ctx.h     |  134 ---
>  arch/x86/crypto/sha256-mb/sha256_mb_mgr.h     |  108 --
>  .../sha256-mb/sha256_mb_mgr_datastruct.S      |  304 -----
>  .../sha256-mb/sha256_mb_mgr_flush_avx2.S      |  307 -----
>  .../sha256-mb/sha256_mb_mgr_init_avx2.c       |   65 -
>  .../sha256-mb/sha256_mb_mgr_submit_avx2.S     |  214 ----
>  arch/x86/crypto/sha256-mb/sha256_x8_avx2.S    |  598 ----------
>  arch/x86/crypto/sha512-mb/Makefile            |   12 -
>  arch/x86/crypto/sha512-mb/sha512_mb.c         | 1047 -----------------
>  arch/x86/crypto/sha512-mb/sha512_mb_ctx.h     |  128 --
>  arch/x86/crypto/sha512-mb/sha512_mb_mgr.h     |  104 --
>  .../sha512-mb/sha512_mb_mgr_datastruct.S      |  281 -----
>  .../sha512-mb/sha512_mb_mgr_flush_avx2.S      |  297 -----
>  .../sha512-mb/sha512_mb_mgr_init_avx2.c       |   69 --
>  .../sha512-mb/sha512_mb_mgr_submit_avx2.S     |  224 ----
>  arch/x86/crypto/sha512-mb/sha512_x4_avx2.S    |  531 ---------
>  crypto/Kconfig                                |   62 -
>  crypto/Makefile                               |    1 -
>  crypto/mcryptd.c                              |  675 -----------
>  include/crypto/mcryptd.h                      |  114 --
>  47 files changed, 8952 deletions(-)
>  delete mode 100644 arch/x86/crypto/sha1-mb/Makefile
>  delete mode 100644 arch/x86/crypto/sha1-mb/sha1_mb.c
>  delete mode 100644 arch/x86/crypto/sha1-mb/sha1_mb_ctx.h
>  delete mode 100644 arch/x86/crypto/sha1-mb/sha1_mb_mgr.h
>  delete mode 100644 arch/x86/crypto/sha1-mb/sha1_mb_mgr_datastruct.S
>  delete mode 100644 arch/x86/crypto/sha1-mb/sha1_mb_mgr_flush_avx2.S
>  delete mode 100644 arch/x86/crypto/sha1-mb/sha1_mb_mgr_init_avx2.c
>  delete mode 100644 arch/x86/crypto/sha1-mb/sha1_mb_mgr_submit_avx2.S
>  delete mode 100644 arch/x86/crypto/sha1-mb/sha1_x8_avx2.S
>  delete mode 100644 arch/x86/crypto/sha256-mb/Makefile
>  delete mode 100644 arch/x86/crypto/sha256-mb/sha256_mb.c
>  delete mode 100644 arch/x86/crypto/sha256-mb/sha256_mb_ctx.h
>  delete mode 100644 arch/x86/crypto/sha256-mb/sha256_mb_mgr.h
>  delete mode 100644 arch/x86/crypto/sha256-mb/sha256_mb_mgr_datastruct.S
>  delete mode 100644 arch/x86/crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S
>  delete mode 100644 arch/x86/crypto/sha256-mb/sha256_mb_mgr_init_avx2.c
>  delete mode 100644 arch/x86/crypto/sha256-mb/sha256_mb_mgr_submit_avx2.S
>  delete mode 100644 arch/x86/crypto/sha256-mb/sha256_x8_avx2.S
>  delete mode 100644 arch/x86/crypto/sha512-mb/Makefile
>  delete mode 100644 arch/x86/crypto/sha512-mb/sha512_mb.c
>  delete mode 100644 arch/x86/crypto/sha512-mb/sha512_mb_ctx.h
>  delete mode 100644 arch/x86/crypto/sha512-mb/sha512_mb_mgr.h
>  delete mode 100644 arch/x86/crypto/sha512-mb/sha512_mb_mgr_datastruct.S
>  delete mode 100644 arch/x86/crypto/sha512-mb/sha512_mb_mgr_flush_avx2.S
>  delete mode 100644 arch/x86/crypto/sha512-mb/sha512_mb_mgr_init_avx2.c
>  delete mode 100644 arch/x86/crypto/sha512-mb/sha512_mb_mgr_submit_avx2.S
>  delete mode 100644 arch/x86/crypto/sha512-mb/sha512_x4_avx2.S
>  delete mode 100644 crypto/mcryptd.c
>  delete mode 100644 include/crypto/mcryptd.h
> 
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 24b200d91b30..05747b8ac88e 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -7487,14 +7487,6 @@ S:	Supported
>  F:	drivers/infiniband/hw/i40iw/
>  F:	include/uapi/rdma/i40iw-abi.h
>  
> -INTEL SHA MULTIBUFFER DRIVER
> -M:	Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> -R:	Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> -L:	linux-crypto@xxxxxxxxxxxxxxx
> -S:	Supported
> -F:	arch/x86/crypto/sha*-mb/
> -F:	crypto/mcryptd.c
> -
>  INTEL TELEMETRY DRIVER
>  M:	Souvik Kumar Chakravarty <souvik.k.chakravarty@xxxxxxxxx>
>  L:	platform-driver-x86@xxxxxxxxxxxxxxx
> diff --git a/arch/m68k/configs/amiga_defconfig b/arch/m68k/configs/amiga_defconfig
> index 1d5483f6e457..70b10d712624 100644
> --- a/arch/m68k/configs/amiga_defconfig
> +++ b/arch/m68k/configs/amiga_defconfig
> @@ -621,7 +621,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/m68k/configs/apollo_defconfig b/arch/m68k/configs/apollo_defconfig
> index 52a0af127951..211eec5859e8 100644
> --- a/arch/m68k/configs/apollo_defconfig
> +++ b/arch/m68k/configs/apollo_defconfig
> @@ -578,7 +578,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/m68k/configs/atari_defconfig b/arch/m68k/configs/atari_defconfig
> index b3103e51268a..0da45c6084f7 100644
> --- a/arch/m68k/configs/atari_defconfig
> +++ b/arch/m68k/configs/atari_defconfig
> @@ -599,7 +599,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/m68k/configs/bvme6000_defconfig b/arch/m68k/configs/bvme6000_defconfig
> index fb7d651a4cab..c09ae7219416 100644
> --- a/arch/m68k/configs/bvme6000_defconfig
> +++ b/arch/m68k/configs/bvme6000_defconfig
> @@ -570,7 +570,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/m68k/configs/hp300_defconfig b/arch/m68k/configs/hp300_defconfig
> index 6b37f5537c39..8c4775b30748 100644
> --- a/arch/m68k/configs/hp300_defconfig
> +++ b/arch/m68k/configs/hp300_defconfig
> @@ -580,7 +580,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/m68k/configs/mac_defconfig b/arch/m68k/configs/mac_defconfig
> index c717bf879449..48ad520e2f2d 100644
> --- a/arch/m68k/configs/mac_defconfig
> +++ b/arch/m68k/configs/mac_defconfig
> @@ -602,7 +602,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/m68k/configs/multi_defconfig b/arch/m68k/configs/multi_defconfig
> index 226c994ce794..3a3cccb9f625 100644
> --- a/arch/m68k/configs/multi_defconfig
> +++ b/arch/m68k/configs/multi_defconfig
> @@ -684,7 +684,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/m68k/configs/mvme147_defconfig b/arch/m68k/configs/mvme147_defconfig
> index b383327fd77a..63dc311f94ff 100644
> --- a/arch/m68k/configs/mvme147_defconfig
> +++ b/arch/m68k/configs/mvme147_defconfig
> @@ -570,7 +570,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/m68k/configs/mvme16x_defconfig b/arch/m68k/configs/mvme16x_defconfig
> index 9783d3deb9e9..1ae39d1f9bb5 100644
> --- a/arch/m68k/configs/mvme16x_defconfig
> +++ b/arch/m68k/configs/mvme16x_defconfig
> @@ -570,7 +570,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/m68k/configs/q40_defconfig b/arch/m68k/configs/q40_defconfig
> index a35d10ee10cb..ba2f351811da 100644
> --- a/arch/m68k/configs/q40_defconfig
> +++ b/arch/m68k/configs/q40_defconfig
> @@ -593,7 +593,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/m68k/configs/sun3_defconfig b/arch/m68k/configs/sun3_defconfig
> index 573bf922d448..544b7475ff6a 100644
> --- a/arch/m68k/configs/sun3_defconfig
> +++ b/arch/m68k/configs/sun3_defconfig
> @@ -571,7 +571,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/m68k/configs/sun3x_defconfig b/arch/m68k/configs/sun3x_defconfig
> index efb27a7fcc55..149edafbb9f9 100644
> --- a/arch/m68k/configs/sun3x_defconfig
> +++ b/arch/m68k/configs/sun3x_defconfig
> @@ -572,7 +572,6 @@ CONFIG_CRYPTO_ECDH=m
>  CONFIG_CRYPTO_MANAGER=y
>  CONFIG_CRYPTO_USER=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_AEGIS128=m
> diff --git a/arch/s390/configs/debug_defconfig b/arch/s390/configs/debug_defconfig
> index 941d8cc6c9f5..259d1698ac50 100644
> --- a/arch/s390/configs/debug_defconfig
> +++ b/arch/s390/configs/debug_defconfig
> @@ -668,7 +668,6 @@ CONFIG_CRYPTO_USER=m
>  # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
>  CONFIG_CRYPTO_PCRYPT=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_LRW=m
> diff --git a/arch/s390/configs/performance_defconfig b/arch/s390/configs/performance_defconfig
> index eb6f75f24208..37fd60c20e22 100644
> --- a/arch/s390/configs/performance_defconfig
> +++ b/arch/s390/configs/performance_defconfig
> @@ -610,7 +610,6 @@ CONFIG_CRYPTO_USER=m
>  # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
>  CONFIG_CRYPTO_PCRYPT=m
>  CONFIG_CRYPTO_CRYPTD=m
> -CONFIG_CRYPTO_MCRYPTD=m
>  CONFIG_CRYPTO_TEST=m
>  CONFIG_CRYPTO_CHACHA20POLY1305=m
>  CONFIG_CRYPTO_LRW=m
> diff --git a/arch/x86/crypto/Makefile b/arch/x86/crypto/Makefile
> index a450ad573dcb..9edfa5469f9f 100644
> --- a/arch/x86/crypto/Makefile
> +++ b/arch/x86/crypto/Makefile
> @@ -60,9 +60,6 @@ endif
>  ifeq ($(avx2_supported),yes)
>  	obj-$(CONFIG_CRYPTO_CAMELLIA_AESNI_AVX2_X86_64) += camellia-aesni-avx2.o
>  	obj-$(CONFIG_CRYPTO_SERPENT_AVX2_X86_64) += serpent-avx2.o
> -	obj-$(CONFIG_CRYPTO_SHA1_MB) += sha1-mb/
> -	obj-$(CONFIG_CRYPTO_SHA256_MB) += sha256-mb/
> -	obj-$(CONFIG_CRYPTO_SHA512_MB) += sha512-mb/
>  
>  	obj-$(CONFIG_CRYPTO_MORUS1280_AVX2) += morus1280-avx2.o
>  endif
> diff --git a/arch/x86/crypto/sha1-mb/Makefile b/arch/x86/crypto/sha1-mb/Makefile
> deleted file mode 100644
> index 815ded3ba90e..000000000000
> --- a/arch/x86/crypto/sha1-mb/Makefile
> +++ /dev/null
> @@ -1,14 +0,0 @@
> -# SPDX-License-Identifier: GPL-2.0
> -#
> -# Arch-specific CryptoAPI modules.
> -#
> -
> -OBJECT_FILES_NON_STANDARD := y
> -
> -avx2_supported := $(call as-instr,vpgatherdd %ymm0$(comma)(%eax$(comma)%ymm1\
> -                                $(comma)4)$(comma)%ymm2,yes,no)
> -ifeq ($(avx2_supported),yes)
> -	obj-$(CONFIG_CRYPTO_SHA1_MB) += sha1-mb.o
> -	sha1-mb-y := sha1_mb.o sha1_mb_mgr_flush_avx2.o \
> -	     sha1_mb_mgr_init_avx2.o sha1_mb_mgr_submit_avx2.o sha1_x8_avx2.o
> -endif
> diff --git a/arch/x86/crypto/sha1-mb/sha1_mb.c b/arch/x86/crypto/sha1-mb/sha1_mb.c
> deleted file mode 100644
> index b93805664c1d..000000000000
> --- a/arch/x86/crypto/sha1-mb/sha1_mb.c
> +++ /dev/null
> @@ -1,1011 +0,0 @@
> -/*
> - * Multi buffer SHA1 algorithm Glue Code
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *	Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#define pr_fmt(fmt)	KBUILD_MODNAME ": " fmt
> -
> -#include <crypto/internal/hash.h>
> -#include <linux/init.h>
> -#include <linux/module.h>
> -#include <linux/mm.h>
> -#include <linux/cryptohash.h>
> -#include <linux/types.h>
> -#include <linux/list.h>
> -#include <crypto/scatterwalk.h>
> -#include <crypto/sha.h>
> -#include <crypto/mcryptd.h>
> -#include <crypto/crypto_wq.h>
> -#include <asm/byteorder.h>
> -#include <linux/hardirq.h>
> -#include <asm/fpu/api.h>
> -#include "sha1_mb_ctx.h"
> -
> -#define FLUSH_INTERVAL 1000 /* in usec */
> -
> -static struct mcryptd_alg_state sha1_mb_alg_state;
> -
> -struct sha1_mb_ctx {
> -	struct mcryptd_ahash *mcryptd_tfm;
> -};
> -
> -static inline struct mcryptd_hash_request_ctx
> -		*cast_hash_to_mcryptd_ctx(struct sha1_hash_ctx *hash_ctx)
> -{
> -	struct ahash_request *areq;
> -
> -	areq = container_of((void *) hash_ctx, struct ahash_request, __ctx);
> -	return container_of(areq, struct mcryptd_hash_request_ctx, areq);
> -}
> -
> -static inline struct ahash_request
> -		*cast_mcryptd_ctx_to_req(struct mcryptd_hash_request_ctx *ctx)
> -{
> -	return container_of((void *) ctx, struct ahash_request, __ctx);
> -}
> -
> -static void req_ctx_init(struct mcryptd_hash_request_ctx *rctx,
> -				struct ahash_request *areq)
> -{
> -	rctx->flag = HASH_UPDATE;
> -}
> -
> -static asmlinkage void (*sha1_job_mgr_init)(struct sha1_mb_mgr *state);
> -static asmlinkage struct job_sha1* (*sha1_job_mgr_submit)
> -			(struct sha1_mb_mgr *state, struct job_sha1 *job);
> -static asmlinkage struct job_sha1* (*sha1_job_mgr_flush)
> -						(struct sha1_mb_mgr *state);
> -static asmlinkage struct job_sha1* (*sha1_job_mgr_get_comp_job)
> -						(struct sha1_mb_mgr *state);
> -
> -static inline uint32_t sha1_pad(uint8_t padblock[SHA1_BLOCK_SIZE * 2],
> -			 uint64_t total_len)
> -{
> -	uint32_t i = total_len & (SHA1_BLOCK_SIZE - 1);
> -
> -	memset(&padblock[i], 0, SHA1_BLOCK_SIZE);
> -	padblock[i] = 0x80;
> -
> -	i += ((SHA1_BLOCK_SIZE - 1) &
> -	      (0 - (total_len + SHA1_PADLENGTHFIELD_SIZE + 1)))
> -	     + 1 + SHA1_PADLENGTHFIELD_SIZE;
> -
> -#if SHA1_PADLENGTHFIELD_SIZE == 16
> -	*((uint64_t *) &padblock[i - 16]) = 0;
> -#endif
> -
> -	*((uint64_t *) &padblock[i - 8]) = cpu_to_be64(total_len << 3);
> -
> -	/* Number of extra blocks to hash */
> -	return i >> SHA1_LOG2_BLOCK_SIZE;
> -}
> -
> -static struct sha1_hash_ctx *sha1_ctx_mgr_resubmit(struct sha1_ctx_mgr *mgr,
> -						struct sha1_hash_ctx *ctx)
> -{
> -	while (ctx) {
> -		if (ctx->status & HASH_CTX_STS_COMPLETE) {
> -			/* Clear PROCESSING bit */
> -			ctx->status = HASH_CTX_STS_COMPLETE;
> -			return ctx;
> -		}
> -
> -		/*
> -		 * If the extra blocks are empty, begin hashing what remains
> -		 * in the user's buffer.
> -		 */
> -		if (ctx->partial_block_buffer_length == 0 &&
> -		    ctx->incoming_buffer_length) {
> -
> -			const void *buffer = ctx->incoming_buffer;
> -			uint32_t len = ctx->incoming_buffer_length;
> -			uint32_t copy_len;
> -
> -			/*
> -			 * Only entire blocks can be hashed.
> -			 * Copy remainder to extra blocks buffer.
> -			 */
> -			copy_len = len & (SHA1_BLOCK_SIZE-1);
> -
> -			if (copy_len) {
> -				len -= copy_len;
> -				memcpy(ctx->partial_block_buffer,
> -				       ((const char *) buffer + len),
> -				       copy_len);
> -				ctx->partial_block_buffer_length = copy_len;
> -			}
> -
> -			ctx->incoming_buffer_length = 0;
> -
> -			/* len should be a multiple of the block size now */
> -			assert((len % SHA1_BLOCK_SIZE) == 0);
> -
> -			/* Set len to the number of blocks to be hashed */
> -			len >>= SHA1_LOG2_BLOCK_SIZE;
> -
> -			if (len) {
> -
> -				ctx->job.buffer = (uint8_t *) buffer;
> -				ctx->job.len = len;
> -				ctx = (struct sha1_hash_ctx *)sha1_job_mgr_submit(&mgr->mgr,
> -										&ctx->job);
> -				continue;
> -			}
> -		}
> -
> -		/*
> -		 * If the extra blocks are not empty, then we are
> -		 * either on the last block(s) or we need more
> -		 * user input before continuing.
> -		 */
> -		if (ctx->status & HASH_CTX_STS_LAST) {
> -
> -			uint8_t *buf = ctx->partial_block_buffer;
> -			uint32_t n_extra_blocks =
> -					sha1_pad(buf, ctx->total_length);
> -
> -			ctx->status = (HASH_CTX_STS_PROCESSING |
> -				       HASH_CTX_STS_COMPLETE);
> -			ctx->job.buffer = buf;
> -			ctx->job.len = (uint32_t) n_extra_blocks;
> -			ctx = (struct sha1_hash_ctx *)
> -				sha1_job_mgr_submit(&mgr->mgr, &ctx->job);
> -			continue;
> -		}
> -
> -		ctx->status = HASH_CTX_STS_IDLE;
> -		return ctx;
> -	}
> -
> -	return NULL;
> -}
> -
> -static struct sha1_hash_ctx
> -			*sha1_ctx_mgr_get_comp_ctx(struct sha1_ctx_mgr *mgr)
> -{
> -	/*
> -	 * If get_comp_job returns NULL, there are no jobs complete.
> -	 * If get_comp_job returns a job, verify that it is safe to return to
> -	 * the user.
> -	 * If it is not ready, resubmit the job to finish processing.
> -	 * If sha1_ctx_mgr_resubmit returned a job, it is ready to be returned.
> -	 * Otherwise, all jobs currently being managed by the hash_ctx_mgr
> -	 * still need processing.
> -	 */
> -	struct sha1_hash_ctx *ctx;
> -
> -	ctx = (struct sha1_hash_ctx *) sha1_job_mgr_get_comp_job(&mgr->mgr);
> -	return sha1_ctx_mgr_resubmit(mgr, ctx);
> -}
> -
> -static void sha1_ctx_mgr_init(struct sha1_ctx_mgr *mgr)
> -{
> -	sha1_job_mgr_init(&mgr->mgr);
> -}
> -
> -static struct sha1_hash_ctx *sha1_ctx_mgr_submit(struct sha1_ctx_mgr *mgr,
> -					  struct sha1_hash_ctx *ctx,
> -					  const void *buffer,
> -					  uint32_t len,
> -					  int flags)
> -{
> -	if (flags & ~(HASH_UPDATE | HASH_LAST)) {
> -		/* User should not pass anything other than UPDATE or LAST */
> -		ctx->error = HASH_CTX_ERROR_INVALID_FLAGS;
> -		return ctx;
> -	}
> -
> -	if (ctx->status & HASH_CTX_STS_PROCESSING) {
> -		/* Cannot submit to a currently processing job. */
> -		ctx->error = HASH_CTX_ERROR_ALREADY_PROCESSING;
> -		return ctx;
> -	}
> -
> -	if (ctx->status & HASH_CTX_STS_COMPLETE) {
> -		/* Cannot update a finished job. */
> -		ctx->error = HASH_CTX_ERROR_ALREADY_COMPLETED;
> -		return ctx;
> -	}
> -
> -	/*
> -	 * If we made it here, there were no errors during this call to
> -	 * submit
> -	 */
> -	ctx->error = HASH_CTX_ERROR_NONE;
> -
> -	/* Store buffer ptr info from user */
> -	ctx->incoming_buffer = buffer;
> -	ctx->incoming_buffer_length = len;
> -
> -	/*
> -	 * Store the user's request flags and mark this ctx as currently
> -	 * being processed.
> -	 */
> -	ctx->status = (flags & HASH_LAST) ?
> -			(HASH_CTX_STS_PROCESSING | HASH_CTX_STS_LAST) :
> -			HASH_CTX_STS_PROCESSING;
> -
> -	/* Advance byte counter */
> -	ctx->total_length += len;
> -
> -	/*
> -	 * If there is anything currently buffered in the extra blocks,
> -	 * append to it until it contains a whole block.
> -	 * Or if the user's buffer contains less than a whole block,
> -	 * append as much as possible to the extra block.
> -	 */
> -	if (ctx->partial_block_buffer_length || len < SHA1_BLOCK_SIZE) {
> -		/*
> -		 * Compute how many bytes to copy from user buffer into
> -		 * extra block
> -		 */
> -		uint32_t copy_len = SHA1_BLOCK_SIZE -
> -					ctx->partial_block_buffer_length;
> -		if (len < copy_len)
> -			copy_len = len;
> -
> -		if (copy_len) {
> -			/* Copy and update relevant pointers and counters */
> -			memcpy(&ctx->partial_block_buffer[ctx->partial_block_buffer_length],
> -				buffer, copy_len);
> -
> -			ctx->partial_block_buffer_length += copy_len;
> -			ctx->incoming_buffer = (const void *)
> -					((const char *)buffer + copy_len);
> -			ctx->incoming_buffer_length = len - copy_len;
> -		}
> -
> -		/*
> -		 * The extra block should never contain more than 1 block
> -		 * here
> -		 */
> -		assert(ctx->partial_block_buffer_length <= SHA1_BLOCK_SIZE);
> -
> -		/*
> -		 * If the extra block buffer contains exactly 1 block, it can
> -		 * be hashed.
> -		 */
> -		if (ctx->partial_block_buffer_length >= SHA1_BLOCK_SIZE) {
> -			ctx->partial_block_buffer_length = 0;
> -
> -			ctx->job.buffer = ctx->partial_block_buffer;
> -			ctx->job.len = 1;
> -			ctx = (struct sha1_hash_ctx *)
> -				sha1_job_mgr_submit(&mgr->mgr, &ctx->job);
> -		}
> -	}
> -
> -	return sha1_ctx_mgr_resubmit(mgr, ctx);
> -}
> -
> -static struct sha1_hash_ctx *sha1_ctx_mgr_flush(struct sha1_ctx_mgr *mgr)
> -{
> -	struct sha1_hash_ctx *ctx;
> -
> -	while (1) {
> -		ctx = (struct sha1_hash_ctx *) sha1_job_mgr_flush(&mgr->mgr);
> -
> -		/* If flush returned 0, there are no more jobs in flight. */
> -		if (!ctx)
> -			return NULL;
> -
> -		/*
> -		 * If flush returned a job, resubmit the job to finish
> -		 * processing.
> -		 */
> -		ctx = sha1_ctx_mgr_resubmit(mgr, ctx);
> -
> -		/*
> -		 * If sha1_ctx_mgr_resubmit returned a job, it is ready to be
> -		 * returned. Otherwise, all jobs currently being managed by the
> -		 * sha1_ctx_mgr still need processing. Loop.
> -		 */
> -		if (ctx)
> -			return ctx;
> -	}
> -}
> -
> -static int sha1_mb_init(struct ahash_request *areq)
> -{
> -	struct sha1_hash_ctx *sctx = ahash_request_ctx(areq);
> -
> -	hash_ctx_init(sctx);
> -	sctx->job.result_digest[0] = SHA1_H0;
> -	sctx->job.result_digest[1] = SHA1_H1;
> -	sctx->job.result_digest[2] = SHA1_H2;
> -	sctx->job.result_digest[3] = SHA1_H3;
> -	sctx->job.result_digest[4] = SHA1_H4;
> -	sctx->total_length = 0;
> -	sctx->partial_block_buffer_length = 0;
> -	sctx->status = HASH_CTX_STS_IDLE;
> -
> -	return 0;
> -}
> -
> -static int sha1_mb_set_results(struct mcryptd_hash_request_ctx *rctx)
> -{
> -	int	i;
> -	struct	sha1_hash_ctx *sctx = ahash_request_ctx(&rctx->areq);
> -	__be32	*dst = (__be32 *) rctx->out;
> -
> -	for (i = 0; i < 5; ++i)
> -		dst[i] = cpu_to_be32(sctx->job.result_digest[i]);
> -
> -	return 0;
> -}
> -
> -static int sha_finish_walk(struct mcryptd_hash_request_ctx **ret_rctx,
> -			struct mcryptd_alg_cstate *cstate, bool flush)
> -{
> -	int	flag = HASH_UPDATE;
> -	int	nbytes, err = 0;
> -	struct mcryptd_hash_request_ctx *rctx = *ret_rctx;
> -	struct sha1_hash_ctx *sha_ctx;
> -
> -	/* more work ? */
> -	while (!(rctx->flag & HASH_DONE)) {
> -		nbytes = crypto_ahash_walk_done(&rctx->walk, 0);
> -		if (nbytes < 0) {
> -			err = nbytes;
> -			goto out;
> -		}
> -		/* check if the walk is done */
> -		if (crypto_ahash_walk_last(&rctx->walk)) {
> -			rctx->flag |= HASH_DONE;
> -			if (rctx->flag & HASH_FINAL)
> -				flag |= HASH_LAST;
> -
> -		}
> -		sha_ctx = (struct sha1_hash_ctx *)
> -						ahash_request_ctx(&rctx->areq);
> -		kernel_fpu_begin();
> -		sha_ctx = sha1_ctx_mgr_submit(cstate->mgr, sha_ctx,
> -						rctx->walk.data, nbytes, flag);
> -		if (!sha_ctx) {
> -			if (flush)
> -				sha_ctx = sha1_ctx_mgr_flush(cstate->mgr);
> -		}
> -		kernel_fpu_end();
> -		if (sha_ctx)
> -			rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		else {
> -			rctx = NULL;
> -			goto out;
> -		}
> -	}
> -
> -	/* copy the results */
> -	if (rctx->flag & HASH_FINAL)
> -		sha1_mb_set_results(rctx);
> -
> -out:
> -	*ret_rctx = rctx;
> -	return err;
> -}
> -
> -static int sha_complete_job(struct mcryptd_hash_request_ctx *rctx,
> -			    struct mcryptd_alg_cstate *cstate,
> -			    int err)
> -{
> -	struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
> -	struct sha1_hash_ctx *sha_ctx;
> -	struct mcryptd_hash_request_ctx *req_ctx;
> -	int ret;
> -
> -	/* remove from work list */
> -	spin_lock(&cstate->work_lock);
> -	list_del(&rctx->waiter);
> -	spin_unlock(&cstate->work_lock);
> -
> -	if (irqs_disabled())
> -		rctx->complete(&req->base, err);
> -	else {
> -		local_bh_disable();
> -		rctx->complete(&req->base, err);
> -		local_bh_enable();
> -	}
> -
> -	/* check to see if there are other jobs that are done */
> -	sha_ctx = sha1_ctx_mgr_get_comp_ctx(cstate->mgr);
> -	while (sha_ctx) {
> -		req_ctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		ret = sha_finish_walk(&req_ctx, cstate, false);
> -		if (req_ctx) {
> -			spin_lock(&cstate->work_lock);
> -			list_del(&req_ctx->waiter);
> -			spin_unlock(&cstate->work_lock);
> -
> -			req = cast_mcryptd_ctx_to_req(req_ctx);
> -			if (irqs_disabled())
> -				req_ctx->complete(&req->base, ret);
> -			else {
> -				local_bh_disable();
> -				req_ctx->complete(&req->base, ret);
> -				local_bh_enable();
> -			}
> -		}
> -		sha_ctx = sha1_ctx_mgr_get_comp_ctx(cstate->mgr);
> -	}
> -
> -	return 0;
> -}
> -
> -static void sha1_mb_add_list(struct mcryptd_hash_request_ctx *rctx,
> -			     struct mcryptd_alg_cstate *cstate)
> -{
> -	unsigned long next_flush;
> -	unsigned long delay = usecs_to_jiffies(FLUSH_INTERVAL);
> -
> -	/* initialize tag */
> -	rctx->tag.arrival = jiffies;    /* tag the arrival time */
> -	rctx->tag.seq_num = cstate->next_seq_num++;
> -	next_flush = rctx->tag.arrival + delay;
> -	rctx->tag.expire = next_flush;
> -
> -	spin_lock(&cstate->work_lock);
> -	list_add_tail(&rctx->waiter, &cstate->work_list);
> -	spin_unlock(&cstate->work_lock);
> -
> -	mcryptd_arm_flusher(cstate, delay);
> -}
> -
> -static int sha1_mb_update(struct ahash_request *areq)
> -{
> -	struct mcryptd_hash_request_ctx *rctx =
> -		container_of(areq, struct mcryptd_hash_request_ctx, areq);
> -	struct mcryptd_alg_cstate *cstate =
> -				this_cpu_ptr(sha1_mb_alg_state.alg_cstate);
> -
> -	struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
> -	struct sha1_hash_ctx *sha_ctx;
> -	int ret = 0, nbytes;
> -
> -
> -	/* sanity check */
> -	if (rctx->tag.cpu != smp_processor_id()) {
> -		pr_err("mcryptd error: cpu clash\n");
> -		goto done;
> -	}
> -
> -	/* need to init context */
> -	req_ctx_init(rctx, areq);
> -
> -	nbytes = crypto_ahash_walk_first(req, &rctx->walk);
> -
> -	if (nbytes < 0) {
> -		ret = nbytes;
> -		goto done;
> -	}
> -
> -	if (crypto_ahash_walk_last(&rctx->walk))
> -		rctx->flag |= HASH_DONE;
> -
> -	/* submit */
> -	sha_ctx = (struct sha1_hash_ctx *) ahash_request_ctx(areq);
> -	sha1_mb_add_list(rctx, cstate);
> -	kernel_fpu_begin();
> -	sha_ctx = sha1_ctx_mgr_submit(cstate->mgr, sha_ctx, rctx->walk.data,
> -							nbytes, HASH_UPDATE);
> -	kernel_fpu_end();
> -
> -	/* check if anything is returned */
> -	if (!sha_ctx)
> -		return -EINPROGRESS;
> -
> -	if (sha_ctx->error) {
> -		ret = sha_ctx->error;
> -		rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		goto done;
> -	}
> -
> -	rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -	ret = sha_finish_walk(&rctx, cstate, false);
> -
> -	if (!rctx)
> -		return -EINPROGRESS;
> -done:
> -	sha_complete_job(rctx, cstate, ret);
> -	return ret;
> -}
> -
> -static int sha1_mb_finup(struct ahash_request *areq)
> -{
> -	struct mcryptd_hash_request_ctx *rctx =
> -		container_of(areq, struct mcryptd_hash_request_ctx, areq);
> -	struct mcryptd_alg_cstate *cstate =
> -				this_cpu_ptr(sha1_mb_alg_state.alg_cstate);
> -
> -	struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
> -	struct sha1_hash_ctx *sha_ctx;
> -	int ret = 0, flag = HASH_UPDATE, nbytes;
> -
> -	/* sanity check */
> -	if (rctx->tag.cpu != smp_processor_id()) {
> -		pr_err("mcryptd error: cpu clash\n");
> -		goto done;
> -	}
> -
> -	/* need to init context */
> -	req_ctx_init(rctx, areq);
> -
> -	nbytes = crypto_ahash_walk_first(req, &rctx->walk);
> -
> -	if (nbytes < 0) {
> -		ret = nbytes;
> -		goto done;
> -	}
> -
> -	if (crypto_ahash_walk_last(&rctx->walk)) {
> -		rctx->flag |= HASH_DONE;
> -		flag = HASH_LAST;
> -	}
> -
> -	/* submit */
> -	rctx->flag |= HASH_FINAL;
> -	sha_ctx = (struct sha1_hash_ctx *) ahash_request_ctx(areq);
> -	sha1_mb_add_list(rctx, cstate);
> -
> -	kernel_fpu_begin();
> -	sha_ctx = sha1_ctx_mgr_submit(cstate->mgr, sha_ctx, rctx->walk.data,
> -								nbytes, flag);
> -	kernel_fpu_end();
> -
> -	/* check if anything is returned */
> -	if (!sha_ctx)
> -		return -EINPROGRESS;
> -
> -	if (sha_ctx->error) {
> -		ret = sha_ctx->error;
> -		goto done;
> -	}
> -
> -	rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -	ret = sha_finish_walk(&rctx, cstate, false);
> -	if (!rctx)
> -		return -EINPROGRESS;
> -done:
> -	sha_complete_job(rctx, cstate, ret);
> -	return ret;
> -}
> -
> -static int sha1_mb_final(struct ahash_request *areq)
> -{
> -	struct mcryptd_hash_request_ctx *rctx =
> -		container_of(areq, struct mcryptd_hash_request_ctx, areq);
> -	struct mcryptd_alg_cstate *cstate =
> -				this_cpu_ptr(sha1_mb_alg_state.alg_cstate);
> -
> -	struct sha1_hash_ctx *sha_ctx;
> -	int ret = 0;
> -	u8 data;
> -
> -	/* sanity check */
> -	if (rctx->tag.cpu != smp_processor_id()) {
> -		pr_err("mcryptd error: cpu clash\n");
> -		goto done;
> -	}
> -
> -	/* need to init context */
> -	req_ctx_init(rctx, areq);
> -
> -	rctx->flag |= HASH_DONE | HASH_FINAL;
> -
> -	sha_ctx = (struct sha1_hash_ctx *) ahash_request_ctx(areq);
> -	/* flag HASH_FINAL and 0 data size */
> -	sha1_mb_add_list(rctx, cstate);
> -	kernel_fpu_begin();
> -	sha_ctx = sha1_ctx_mgr_submit(cstate->mgr, sha_ctx, &data, 0,
> -								HASH_LAST);
> -	kernel_fpu_end();
> -
> -	/* check if anything is returned */
> -	if (!sha_ctx)
> -		return -EINPROGRESS;
> -
> -	if (sha_ctx->error) {
> -		ret = sha_ctx->error;
> -		rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		goto done;
> -	}
> -
> -	rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -	ret = sha_finish_walk(&rctx, cstate, false);
> -	if (!rctx)
> -		return -EINPROGRESS;
> -done:
> -	sha_complete_job(rctx, cstate, ret);
> -	return ret;
> -}
> -
> -static int sha1_mb_export(struct ahash_request *areq, void *out)
> -{
> -	struct sha1_hash_ctx *sctx = ahash_request_ctx(areq);
> -
> -	memcpy(out, sctx, sizeof(*sctx));
> -
> -	return 0;
> -}
> -
> -static int sha1_mb_import(struct ahash_request *areq, const void *in)
> -{
> -	struct sha1_hash_ctx *sctx = ahash_request_ctx(areq);
> -
> -	memcpy(sctx, in, sizeof(*sctx));
> -
> -	return 0;
> -}
> -
> -static int sha1_mb_async_init_tfm(struct crypto_tfm *tfm)
> -{
> -	struct mcryptd_ahash *mcryptd_tfm;
> -	struct sha1_mb_ctx *ctx = crypto_tfm_ctx(tfm);
> -	struct mcryptd_hash_ctx *mctx;
> -
> -	mcryptd_tfm = mcryptd_alloc_ahash("__intel_sha1-mb",
> -						CRYPTO_ALG_INTERNAL,
> -						CRYPTO_ALG_INTERNAL);
> -	if (IS_ERR(mcryptd_tfm))
> -		return PTR_ERR(mcryptd_tfm);
> -	mctx = crypto_ahash_ctx(&mcryptd_tfm->base);
> -	mctx->alg_state = &sha1_mb_alg_state;
> -	ctx->mcryptd_tfm = mcryptd_tfm;
> -	crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
> -				sizeof(struct ahash_request) +
> -				crypto_ahash_reqsize(&mcryptd_tfm->base));
> -
> -	return 0;
> -}
> -
> -static void sha1_mb_async_exit_tfm(struct crypto_tfm *tfm)
> -{
> -	struct sha1_mb_ctx *ctx = crypto_tfm_ctx(tfm);
> -
> -	mcryptd_free_ahash(ctx->mcryptd_tfm);
> -}
> -
> -static int sha1_mb_areq_init_tfm(struct crypto_tfm *tfm)
> -{
> -	crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
> -				sizeof(struct ahash_request) +
> -				sizeof(struct sha1_hash_ctx));
> -
> -	return 0;
> -}
> -
> -static void sha1_mb_areq_exit_tfm(struct crypto_tfm *tfm)
> -{
> -	struct sha1_mb_ctx *ctx = crypto_tfm_ctx(tfm);
> -
> -	mcryptd_free_ahash(ctx->mcryptd_tfm);
> -}
> -
> -static struct ahash_alg sha1_mb_areq_alg = {
> -	.init		=	sha1_mb_init,
> -	.update		=	sha1_mb_update,
> -	.final		=	sha1_mb_final,
> -	.finup		=	sha1_mb_finup,
> -	.export		=	sha1_mb_export,
> -	.import		=	sha1_mb_import,
> -	.halg		=	{
> -		.digestsize	=	SHA1_DIGEST_SIZE,
> -		.statesize	=	sizeof(struct sha1_hash_ctx),
> -		.base		=	{
> -			.cra_name	 = "__sha1-mb",
> -			.cra_driver_name = "__intel_sha1-mb",
> -			.cra_priority	 = 100,
> -			/*
> -			 * use ASYNC flag as some buffers in multi-buffer
> -			 * algo may not have completed before hashing thread
> -			 * sleep
> -			 */
> -			.cra_flags	= CRYPTO_ALG_ASYNC |
> -					  CRYPTO_ALG_INTERNAL,
> -			.cra_blocksize	= SHA1_BLOCK_SIZE,
> -			.cra_module	= THIS_MODULE,
> -			.cra_list	= LIST_HEAD_INIT
> -					(sha1_mb_areq_alg.halg.base.cra_list),
> -			.cra_init	= sha1_mb_areq_init_tfm,
> -			.cra_exit	= sha1_mb_areq_exit_tfm,
> -			.cra_ctxsize	= sizeof(struct sha1_hash_ctx),
> -		}
> -	}
> -};
> -
> -static int sha1_mb_async_init(struct ahash_request *req)
> -{
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha1_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_init(mcryptd_req);
> -}
> -
> -static int sha1_mb_async_update(struct ahash_request *req)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha1_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_update(mcryptd_req);
> -}
> -
> -static int sha1_mb_async_finup(struct ahash_request *req)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha1_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_finup(mcryptd_req);
> -}
> -
> -static int sha1_mb_async_final(struct ahash_request *req)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha1_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_final(mcryptd_req);
> -}
> -
> -static int sha1_mb_async_digest(struct ahash_request *req)
> -{
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha1_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_digest(mcryptd_req);
> -}
> -
> -static int sha1_mb_async_export(struct ahash_request *req, void *out)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha1_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_export(mcryptd_req, out);
> -}
> -
> -static int sha1_mb_async_import(struct ahash_request *req, const void *in)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha1_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -	struct crypto_ahash *child = mcryptd_ahash_child(mcryptd_tfm);
> -	struct mcryptd_hash_request_ctx *rctx;
> -	struct ahash_request *areq;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	rctx = ahash_request_ctx(mcryptd_req);
> -	areq = &rctx->areq;
> -
> -	ahash_request_set_tfm(areq, child);
> -	ahash_request_set_callback(areq, CRYPTO_TFM_REQ_MAY_SLEEP,
> -					rctx->complete, req);
> -
> -	return crypto_ahash_import(mcryptd_req, in);
> -}
> -
> -static struct ahash_alg sha1_mb_async_alg = {
> -	.init           = sha1_mb_async_init,
> -	.update         = sha1_mb_async_update,
> -	.final          = sha1_mb_async_final,
> -	.finup          = sha1_mb_async_finup,
> -	.digest         = sha1_mb_async_digest,
> -	.export		= sha1_mb_async_export,
> -	.import		= sha1_mb_async_import,
> -	.halg = {
> -		.digestsize     = SHA1_DIGEST_SIZE,
> -		.statesize	= sizeof(struct sha1_hash_ctx),
> -		.base = {
> -			.cra_name               = "sha1",
> -			.cra_driver_name        = "sha1_mb",
> -			/*
> -			 * Low priority, since with few concurrent hash requests
> -			 * this is extremely slow due to the flush delay.  Users
> -			 * whose workloads would benefit from this can request
> -			 * it explicitly by driver name, or can increase its
> -			 * priority at runtime using NETLINK_CRYPTO.
> -			 */
> -			.cra_priority           = 50,
> -			.cra_flags              = CRYPTO_ALG_ASYNC,
> -			.cra_blocksize          = SHA1_BLOCK_SIZE,
> -			.cra_module             = THIS_MODULE,
> -			.cra_list               = LIST_HEAD_INIT(sha1_mb_async_alg.halg.base.cra_list),
> -			.cra_init               = sha1_mb_async_init_tfm,
> -			.cra_exit               = sha1_mb_async_exit_tfm,
> -			.cra_ctxsize		= sizeof(struct sha1_mb_ctx),
> -			.cra_alignmask		= 0,
> -		},
> -	},
> -};
> -
> -static unsigned long sha1_mb_flusher(struct mcryptd_alg_cstate *cstate)
> -{
> -	struct mcryptd_hash_request_ctx *rctx;
> -	unsigned long cur_time;
> -	unsigned long next_flush = 0;
> -	struct sha1_hash_ctx *sha_ctx;
> -
> -
> -	cur_time = jiffies;
> -
> -	while (!list_empty(&cstate->work_list)) {
> -		rctx = list_entry(cstate->work_list.next,
> -				struct mcryptd_hash_request_ctx, waiter);
> -		if (time_before(cur_time, rctx->tag.expire))
> -			break;
> -		kernel_fpu_begin();
> -		sha_ctx = (struct sha1_hash_ctx *)
> -					sha1_ctx_mgr_flush(cstate->mgr);
> -		kernel_fpu_end();
> -		if (!sha_ctx) {
> -			pr_err("sha1_mb error: nothing got flushed for non-empty list\n");
> -			break;
> -		}
> -		rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		sha_finish_walk(&rctx, cstate, true);
> -		sha_complete_job(rctx, cstate, 0);
> -	}
> -
> -	if (!list_empty(&cstate->work_list)) {
> -		rctx = list_entry(cstate->work_list.next,
> -				struct mcryptd_hash_request_ctx, waiter);
> -		/* get the hash context and then flush time */
> -		next_flush = rctx->tag.expire;
> -		mcryptd_arm_flusher(cstate, get_delay(next_flush));
> -	}
> -	return next_flush;
> -}
> -
> -static int __init sha1_mb_mod_init(void)
> -{
> -
> -	int cpu;
> -	int err;
> -	struct mcryptd_alg_cstate *cpu_state;
> -
> -	/* check for dependent cpu features */
> -	if (!boot_cpu_has(X86_FEATURE_AVX2) ||
> -	    !boot_cpu_has(X86_FEATURE_BMI2))
> -		return -ENODEV;
> -
> -	/* initialize multibuffer structures */
> -	sha1_mb_alg_state.alg_cstate = alloc_percpu(struct mcryptd_alg_cstate);
> -
> -	sha1_job_mgr_init = sha1_mb_mgr_init_avx2;
> -	sha1_job_mgr_submit = sha1_mb_mgr_submit_avx2;
> -	sha1_job_mgr_flush = sha1_mb_mgr_flush_avx2;
> -	sha1_job_mgr_get_comp_job = sha1_mb_mgr_get_comp_job_avx2;
> -
> -	if (!sha1_mb_alg_state.alg_cstate)
> -		return -ENOMEM;
> -	for_each_possible_cpu(cpu) {
> -		cpu_state = per_cpu_ptr(sha1_mb_alg_state.alg_cstate, cpu);
> -		cpu_state->next_flush = 0;
> -		cpu_state->next_seq_num = 0;
> -		cpu_state->flusher_engaged = false;
> -		INIT_DELAYED_WORK(&cpu_state->flush, mcryptd_flusher);
> -		cpu_state->cpu = cpu;
> -		cpu_state->alg_state = &sha1_mb_alg_state;
> -		cpu_state->mgr = kzalloc(sizeof(struct sha1_ctx_mgr),
> -					GFP_KERNEL);
> -		if (!cpu_state->mgr)
> -			goto err2;
> -		sha1_ctx_mgr_init(cpu_state->mgr);
> -		INIT_LIST_HEAD(&cpu_state->work_list);
> -		spin_lock_init(&cpu_state->work_lock);
> -	}
> -	sha1_mb_alg_state.flusher = &sha1_mb_flusher;
> -
> -	err = crypto_register_ahash(&sha1_mb_areq_alg);
> -	if (err)
> -		goto err2;
> -	err = crypto_register_ahash(&sha1_mb_async_alg);
> -	if (err)
> -		goto err1;
> -
> -
> -	return 0;
> -err1:
> -	crypto_unregister_ahash(&sha1_mb_areq_alg);
> -err2:
> -	for_each_possible_cpu(cpu) {
> -		cpu_state = per_cpu_ptr(sha1_mb_alg_state.alg_cstate, cpu);
> -		kfree(cpu_state->mgr);
> -	}
> -	free_percpu(sha1_mb_alg_state.alg_cstate);
> -	return -ENODEV;
> -}
> -
> -static void __exit sha1_mb_mod_fini(void)
> -{
> -	int cpu;
> -	struct mcryptd_alg_cstate *cpu_state;
> -
> -	crypto_unregister_ahash(&sha1_mb_async_alg);
> -	crypto_unregister_ahash(&sha1_mb_areq_alg);
> -	for_each_possible_cpu(cpu) {
> -		cpu_state = per_cpu_ptr(sha1_mb_alg_state.alg_cstate, cpu);
> -		kfree(cpu_state->mgr);
> -	}
> -	free_percpu(sha1_mb_alg_state.alg_cstate);
> -}
> -
> -module_init(sha1_mb_mod_init);
> -module_exit(sha1_mb_mod_fini);
> -
> -MODULE_LICENSE("GPL");
> -MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm, multi buffer accelerated");
> -
> -MODULE_ALIAS_CRYPTO("sha1");
> diff --git a/arch/x86/crypto/sha1-mb/sha1_mb_ctx.h b/arch/x86/crypto/sha1-mb/sha1_mb_ctx.h
> deleted file mode 100644
> index 9454bd16f9f8..000000000000
> --- a/arch/x86/crypto/sha1-mb/sha1_mb_ctx.h
> +++ /dev/null
> @@ -1,134 +0,0 @@
> -/*
> - * Header file for multi buffer SHA context
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *	Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#ifndef _SHA_MB_CTX_INTERNAL_H
> -#define _SHA_MB_CTX_INTERNAL_H
> -
> -#include "sha1_mb_mgr.h"
> -
> -#define HASH_UPDATE          0x00
> -#define HASH_LAST            0x01
> -#define HASH_DONE	     0x02
> -#define HASH_FINAL	     0x04
> -
> -#define HASH_CTX_STS_IDLE       0x00
> -#define HASH_CTX_STS_PROCESSING 0x01
> -#define HASH_CTX_STS_LAST       0x02
> -#define HASH_CTX_STS_COMPLETE   0x04
> -
> -enum hash_ctx_error {
> -	HASH_CTX_ERROR_NONE               =  0,
> -	HASH_CTX_ERROR_INVALID_FLAGS      = -1,
> -	HASH_CTX_ERROR_ALREADY_PROCESSING = -2,
> -	HASH_CTX_ERROR_ALREADY_COMPLETED  = -3,
> -
> -#ifdef HASH_CTX_DEBUG
> -	HASH_CTX_ERROR_DEBUG_DIGEST_MISMATCH = -4,
> -#endif
> -};
> -
> -
> -#define hash_ctx_user_data(ctx)  ((ctx)->user_data)
> -#define hash_ctx_digest(ctx)     ((ctx)->job.result_digest)
> -#define hash_ctx_processing(ctx) ((ctx)->status & HASH_CTX_STS_PROCESSING)
> -#define hash_ctx_complete(ctx)   ((ctx)->status == HASH_CTX_STS_COMPLETE)
> -#define hash_ctx_status(ctx)     ((ctx)->status)
> -#define hash_ctx_error(ctx)      ((ctx)->error)
> -#define hash_ctx_init(ctx) \
> -	do { \
> -		(ctx)->error = HASH_CTX_ERROR_NONE; \
> -		(ctx)->status = HASH_CTX_STS_COMPLETE; \
> -	} while (0)
> -
> -
> -/* Hash Constants and Typedefs */
> -#define SHA1_DIGEST_LENGTH          5
> -#define SHA1_LOG2_BLOCK_SIZE        6
> -
> -#define SHA1_PADLENGTHFIELD_SIZE    8
> -
> -#ifdef SHA_MB_DEBUG
> -#define assert(expr) \
> -do { \
> -	if (unlikely(!(expr))) { \
> -		printk(KERN_ERR "Assertion failed! %s,%s,%s,line=%d\n", \
> -		#expr, __FILE__, __func__, __LINE__); \
> -	} \
> -} while (0)
> -#else
> -#define assert(expr) do {} while (0)
> -#endif
> -
> -struct sha1_ctx_mgr {
> -	struct sha1_mb_mgr mgr;
> -};
> -
> -/* typedef struct sha1_ctx_mgr sha1_ctx_mgr; */
> -
> -struct sha1_hash_ctx {
> -	/* Must be at struct offset 0 */
> -	struct job_sha1       job;
> -	/* status flag */
> -	int status;
> -	/* error flag */
> -	int error;
> -
> -	uint64_t	total_length;
> -	const void	*incoming_buffer;
> -	uint32_t	incoming_buffer_length;
> -	uint8_t		partial_block_buffer[SHA1_BLOCK_SIZE * 2];
> -	uint32_t	partial_block_buffer_length;
> -	void		*user_data;
> -};
> -
> -#endif
> diff --git a/arch/x86/crypto/sha1-mb/sha1_mb_mgr.h b/arch/x86/crypto/sha1-mb/sha1_mb_mgr.h
> deleted file mode 100644
> index 08ad1a9acfd7..000000000000
> --- a/arch/x86/crypto/sha1-mb/sha1_mb_mgr.h
> +++ /dev/null
> @@ -1,110 +0,0 @@
> -/*
> - * Header file for multi buffer SHA1 algorithm manager
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *      James Guilford <james.guilford@xxxxxxxxx>
> - *	Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -#ifndef __SHA_MB_MGR_H
> -#define __SHA_MB_MGR_H
> -
> -
> -#include <linux/types.h>
> -
> -#define NUM_SHA1_DIGEST_WORDS 5
> -
> -enum job_sts {	STS_UNKNOWN = 0,
> -		STS_BEING_PROCESSED = 1,
> -		STS_COMPLETED = 2,
> -		STS_INTERNAL_ERROR = 3,
> -		STS_ERROR = 4
> -};
> -
> -struct job_sha1 {
> -	u8	*buffer;
> -	u32	len;
> -	u32	result_digest[NUM_SHA1_DIGEST_WORDS] __aligned(32);
> -	enum	job_sts status;
> -	void	*user_data;
> -};
> -
> -/* SHA1 out-of-order scheduler */
> -
> -/* typedef uint32_t sha1_digest_array[5][8]; */
> -
> -struct sha1_args_x8 {
> -	uint32_t	digest[5][8];
> -	uint8_t		*data_ptr[8];
> -};
> -
> -struct sha1_lane_data {
> -	struct job_sha1 *job_in_lane;
> -};
> -
> -struct sha1_mb_mgr {
> -	struct sha1_args_x8 args;
> -
> -	uint32_t lens[8];
> -
> -	/* each byte is index (0...7) of unused lanes */
> -	uint64_t unused_lanes;
> -	/* byte 4 is set to FF as a flag */
> -	struct sha1_lane_data ldata[8];
> -};
> -
> -
> -#define SHA1_MB_MGR_NUM_LANES_AVX2 8
> -
> -void sha1_mb_mgr_init_avx2(struct sha1_mb_mgr *state);
> -struct job_sha1 *sha1_mb_mgr_submit_avx2(struct sha1_mb_mgr *state,
> -					 struct job_sha1 *job);
> -struct job_sha1 *sha1_mb_mgr_flush_avx2(struct sha1_mb_mgr *state);
> -struct job_sha1 *sha1_mb_mgr_get_comp_job_avx2(struct sha1_mb_mgr *state);
> -
> -#endif
> diff --git a/arch/x86/crypto/sha1-mb/sha1_mb_mgr_datastruct.S b/arch/x86/crypto/sha1-mb/sha1_mb_mgr_datastruct.S
> deleted file mode 100644
> index 86688c6e7a25..000000000000
> --- a/arch/x86/crypto/sha1-mb/sha1_mb_mgr_datastruct.S
> +++ /dev/null
> @@ -1,287 +0,0 @@
> -/*
> - * Header file for multi buffer SHA1 algorithm data structure
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *      James Guilford <james.guilford@xxxxxxxxx>
> - *	Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -# Macros for defining data structures
> -
> -# Usage example
> -
> -#START_FIELDS	# JOB_AES
> -###	name		size	align
> -#FIELD	_plaintext,	8,	8	# pointer to plaintext
> -#FIELD	_ciphertext,	8,	8	# pointer to ciphertext
> -#FIELD	_IV,		16,	8	# IV
> -#FIELD	_keys,		8,	8	# pointer to keys
> -#FIELD	_len,		4,	4	# length in bytes
> -#FIELD	_status,	4,	4	# status enumeration
> -#FIELD	_user_data,	8,	8	# pointer to user data
> -#UNION  _union,         size1,  align1, \
> -#	                size2,  align2, \
> -#	                size3,  align3, \
> -#	                ...
> -#END_FIELDS
> -#%assign _JOB_AES_size	_FIELD_OFFSET
> -#%assign _JOB_AES_align	_STRUCT_ALIGN
> -
> -#########################################################################
> -
> -# Alternate "struc-like" syntax:
> -#	STRUCT job_aes2
> -#	RES_Q	.plaintext,	1
> -#	RES_Q	.ciphertext,	1
> -#	RES_DQ	.IV,		1
> -#	RES_B	.nested,	_JOB_AES_SIZE, _JOB_AES_ALIGN
> -#	RES_U	.union,		size1, align1, \
> -#				size2, align2, \
> -#				...
> -#	ENDSTRUCT
> -#	# Following only needed if nesting
> -#	%assign job_aes2_size	_FIELD_OFFSET
> -#	%assign job_aes2_align	_STRUCT_ALIGN
> -#
> -# RES_* macros take a name, a count and an optional alignment.
> -# The count in in terms of the base size of the macro, and the
> -# default alignment is the base size.
> -# The macros are:
> -# Macro    Base size
> -# RES_B	    1
> -# RES_W	    2
> -# RES_D     4
> -# RES_Q     8
> -# RES_DQ   16
> -# RES_Y    32
> -# RES_Z    64
> -#
> -# RES_U defines a union. It's arguments are a name and two or more
> -# pairs of "size, alignment"
> -#
> -# The two assigns are only needed if this structure is being nested
> -# within another. Even if the assigns are not done, one can still use
> -# STRUCT_NAME_size as the size of the structure.
> -#
> -# Note that for nesting, you still need to assign to STRUCT_NAME_size.
> -#
> -# The differences between this and using "struc" directly are that each
> -# type is implicitly aligned to its natural length (although this can be
> -# over-ridden with an explicit third parameter), and that the structure
> -# is padded at the end to its overall alignment.
> -#
> -
> -#########################################################################
> -
> -#ifndef _SHA1_MB_MGR_DATASTRUCT_ASM_
> -#define _SHA1_MB_MGR_DATASTRUCT_ASM_
> -
> -## START_FIELDS
> -.macro START_FIELDS
> - _FIELD_OFFSET = 0
> - _STRUCT_ALIGN = 0
> -.endm
> -
> -## FIELD name size align
> -.macro FIELD name size align
> - _FIELD_OFFSET = (_FIELD_OFFSET + (\align) - 1) & (~ ((\align)-1))
> - \name	= _FIELD_OFFSET
> - _FIELD_OFFSET = _FIELD_OFFSET + (\size)
> -.if (\align > _STRUCT_ALIGN)
> - _STRUCT_ALIGN = \align
> -.endif
> -.endm
> -
> -## END_FIELDS
> -.macro END_FIELDS
> - _FIELD_OFFSET = (_FIELD_OFFSET + _STRUCT_ALIGN-1) & (~ (_STRUCT_ALIGN-1))
> -.endm
> -
> -########################################################################
> -
> -.macro STRUCT p1
> -START_FIELDS
> -.struc \p1
> -.endm
> -
> -.macro ENDSTRUCT
> - tmp = _FIELD_OFFSET
> - END_FIELDS
> - tmp = (_FIELD_OFFSET - %%tmp)
> -.if (tmp > 0)
> -	.lcomm	tmp
> -.endif
> -.endstruc
> -.endm
> -
> -## RES_int name size align
> -.macro RES_int p1 p2 p3
> - name = \p1
> - size = \p2
> - align = .\p3
> -
> - _FIELD_OFFSET = (_FIELD_OFFSET + (align) - 1) & (~ ((align)-1))
> -.align align
> -.lcomm name size
> - _FIELD_OFFSET = _FIELD_OFFSET + (size)
> -.if (align > _STRUCT_ALIGN)
> - _STRUCT_ALIGN = align
> -.endif
> -.endm
> -
> -
> -
> -# macro RES_B name, size [, align]
> -.macro RES_B _name, _size, _align=1
> -RES_int _name _size _align
> -.endm
> -
> -# macro RES_W name, size [, align]
> -.macro RES_W _name, _size, _align=2
> -RES_int _name 2*(_size) _align
> -.endm
> -
> -# macro RES_D name, size [, align]
> -.macro RES_D _name, _size, _align=4
> -RES_int _name 4*(_size) _align
> -.endm
> -
> -# macro RES_Q name, size [, align]
> -.macro RES_Q _name, _size, _align=8
> -RES_int _name 8*(_size) _align
> -.endm
> -
> -# macro RES_DQ name, size [, align]
> -.macro RES_DQ _name, _size, _align=16
> -RES_int _name 16*(_size) _align
> -.endm
> -
> -# macro RES_Y name, size [, align]
> -.macro RES_Y _name, _size, _align=32
> -RES_int _name 32*(_size) _align
> -.endm
> -
> -# macro RES_Z name, size [, align]
> -.macro RES_Z _name, _size, _align=64
> -RES_int _name 64*(_size) _align
> -.endm
> -
> -
> -#endif
> -
> -########################################################################
> -#### Define constants
> -########################################################################
> -
> -########################################################################
> -#### Define SHA1 Out Of Order Data Structures
> -########################################################################
> -
> -START_FIELDS    # LANE_DATA
> -###     name            size    align
> -FIELD   _job_in_lane,   8,      8       # pointer to job object
> -END_FIELDS
> -
> -_LANE_DATA_size = _FIELD_OFFSET
> -_LANE_DATA_align = _STRUCT_ALIGN
> -
> -########################################################################
> -
> -START_FIELDS    # SHA1_ARGS_X8
> -###     name            size    align
> -FIELD   _digest,        4*5*8,  16      # transposed digest
> -FIELD   _data_ptr,      8*8,    8       # array of pointers to data
> -END_FIELDS
> -
> -_SHA1_ARGS_X4_size =     _FIELD_OFFSET
> -_SHA1_ARGS_X4_align =    _STRUCT_ALIGN
> -_SHA1_ARGS_X8_size =     _FIELD_OFFSET
> -_SHA1_ARGS_X8_align =    _STRUCT_ALIGN
> -
> -########################################################################
> -
> -START_FIELDS    # MB_MGR
> -###     name            size    align
> -FIELD   _args,          _SHA1_ARGS_X4_size, _SHA1_ARGS_X4_align
> -FIELD   _lens,          4*8,    8
> -FIELD   _unused_lanes,  8,      8
> -FIELD   _ldata,         _LANE_DATA_size*8, _LANE_DATA_align
> -END_FIELDS
> -
> -_MB_MGR_size =   _FIELD_OFFSET
> -_MB_MGR_align =  _STRUCT_ALIGN
> -
> -_args_digest    =     _args + _digest
> -_args_data_ptr  =     _args + _data_ptr
> -
> -
> -########################################################################
> -#### Define constants
> -########################################################################
> -
> -#define STS_UNKNOWN             0
> -#define STS_BEING_PROCESSED     1
> -#define STS_COMPLETED           2
> -
> -########################################################################
> -#### Define JOB_SHA1 structure
> -########################################################################
> -
> -START_FIELDS    # JOB_SHA1
> -
> -###     name                            size    align
> -FIELD   _buffer,                        8,      8       # pointer to buffer
> -FIELD   _len,                           4,      4       # length in bytes
> -FIELD   _result_digest,                 5*4,    32      # Digest (output)
> -FIELD   _status,                        4,      4
> -FIELD   _user_data,                     8,      8
> -END_FIELDS
> -
> -_JOB_SHA1_size =  _FIELD_OFFSET
> -_JOB_SHA1_align = _STRUCT_ALIGN
> diff --git a/arch/x86/crypto/sha1-mb/sha1_mb_mgr_flush_avx2.S b/arch/x86/crypto/sha1-mb/sha1_mb_mgr_flush_avx2.S
> deleted file mode 100644
> index 7cfba738f104..000000000000
> --- a/arch/x86/crypto/sha1-mb/sha1_mb_mgr_flush_avx2.S
> +++ /dev/null
> @@ -1,304 +0,0 @@
> -/*
> - * Flush routine for SHA1 multibuffer
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *      James Guilford <james.guilford@xxxxxxxxx>
> - *	Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -#include <linux/linkage.h>
> -#include <asm/frame.h>
> -#include "sha1_mb_mgr_datastruct.S"
> -
> -
> -.extern sha1_x8_avx2
> -
> -# LINUX register definitions
> -#define arg1    %rdi
> -#define arg2    %rsi
> -
> -# Common definitions
> -#define state   arg1
> -#define job     arg2
> -#define len2    arg2
> -
> -# idx must be a register not clobbered by sha1_x8_avx2
> -#define idx		%r8
> -#define DWORD_idx	%r8d
> -
> -#define unused_lanes    %rbx
> -#define lane_data       %rbx
> -#define tmp2            %rbx
> -#define tmp2_w		%ebx
> -
> -#define job_rax         %rax
> -#define tmp1            %rax
> -#define size_offset     %rax
> -#define tmp             %rax
> -#define start_offset    %rax
> -
> -#define tmp3            %arg1
> -
> -#define extra_blocks    %arg2
> -#define p               %arg2
> -
> -.macro LABEL prefix n
> -\prefix\n\():
> -.endm
> -
> -.macro JNE_SKIP i
> -jne     skip_\i
> -.endm
> -
> -.altmacro
> -.macro SET_OFFSET _offset
> -offset = \_offset
> -.endm
> -.noaltmacro
> -
> -# JOB* sha1_mb_mgr_flush_avx2(MB_MGR *state)
> -# arg 1 : rcx : state
> -ENTRY(sha1_mb_mgr_flush_avx2)
> -	FRAME_BEGIN
> -	push	%rbx
> -
> -	# If bit (32+3) is set, then all lanes are empty
> -	mov     _unused_lanes(state), unused_lanes
> -	bt      $32+3, unused_lanes
> -	jc      return_null
> -
> -	# find a lane with a non-null job
> -	xor     idx, idx
> -	offset = (_ldata + 1 * _LANE_DATA_size + _job_in_lane)
> -	cmpq    $0, offset(state)
> -	cmovne  one(%rip), idx
> -	offset = (_ldata + 2 * _LANE_DATA_size + _job_in_lane)
> -	cmpq    $0, offset(state)
> -	cmovne  two(%rip), idx
> -	offset = (_ldata + 3 * _LANE_DATA_size + _job_in_lane)
> -	cmpq    $0, offset(state)
> -	cmovne  three(%rip), idx
> -	offset = (_ldata + 4 * _LANE_DATA_size + _job_in_lane)
> -	cmpq    $0, offset(state)
> -	cmovne  four(%rip), idx
> -	offset = (_ldata + 5 * _LANE_DATA_size + _job_in_lane)
> -	cmpq    $0, offset(state)
> -	cmovne  five(%rip), idx
> -	offset = (_ldata + 6 * _LANE_DATA_size + _job_in_lane)
> -	cmpq    $0, offset(state)
> -	cmovne  six(%rip), idx
> -	offset = (_ldata + 7 * _LANE_DATA_size + _job_in_lane)
> -	cmpq    $0, offset(state)
> -	cmovne  seven(%rip), idx
> -
> -	# copy idx to empty lanes
> -copy_lane_data:
> -	offset =  (_args + _data_ptr)
> -	mov     offset(state,idx,8), tmp
> -
> -	I = 0
> -.rep 8
> -	offset =  (_ldata + I * _LANE_DATA_size + _job_in_lane)
> -	cmpq    $0, offset(state)
> -.altmacro
> -	JNE_SKIP %I
> -	offset =  (_args + _data_ptr + 8*I)
> -	mov     tmp, offset(state)
> -	offset =  (_lens + 4*I)
> -	movl    $0xFFFFFFFF, offset(state)
> -LABEL skip_ %I
> -	I = (I+1)
> -.noaltmacro
> -.endr
> -
> -	# Find min length
> -	vmovdqu _lens+0*16(state), %xmm0
> -	vmovdqu _lens+1*16(state), %xmm1
> -
> -	vpminud %xmm1, %xmm0, %xmm2     # xmm2 has {D,C,B,A}
> -	vpalignr $8, %xmm2, %xmm3, %xmm3   # xmm3 has {x,x,D,C}
> -	vpminud %xmm3, %xmm2, %xmm2        # xmm2 has {x,x,E,F}
> -	vpalignr $4, %xmm2, %xmm3, %xmm3    # xmm3 has {x,x,x,E}
> -	vpminud %xmm3, %xmm2, %xmm2        # xmm2 has min value in low dword
> -
> -	vmovd   %xmm2, DWORD_idx
> -	mov	idx, len2
> -	and	$0xF, idx
> -	shr	$4, len2
> -	jz	len_is_0
> -
> -	vpand   clear_low_nibble(%rip), %xmm2, %xmm2
> -	vpshufd $0, %xmm2, %xmm2
> -
> -	vpsubd  %xmm2, %xmm0, %xmm0
> -	vpsubd  %xmm2, %xmm1, %xmm1
> -
> -	vmovdqu %xmm0, _lens+0*16(state)
> -	vmovdqu %xmm1, _lens+1*16(state)
> -
> -	# "state" and "args" are the same address, arg1
> -	# len is arg2
> -	call	sha1_x8_avx2
> -	# state and idx are intact
> -
> -
> -len_is_0:
> -	# process completed job "idx"
> -	imul    $_LANE_DATA_size, idx, lane_data
> -	lea     _ldata(state, lane_data), lane_data
> -
> -	mov     _job_in_lane(lane_data), job_rax
> -	movq    $0, _job_in_lane(lane_data)
> -	movl    $STS_COMPLETED, _status(job_rax)
> -	mov     _unused_lanes(state), unused_lanes
> -	shl     $4, unused_lanes
> -	or      idx, unused_lanes
> -	mov     unused_lanes, _unused_lanes(state)
> -
> -	movl	$0xFFFFFFFF, _lens(state, idx, 4)
> -
> -	vmovd    _args_digest(state , idx, 4) , %xmm0
> -	vpinsrd  $1, _args_digest+1*32(state, idx, 4), %xmm0, %xmm0
> -	vpinsrd  $2, _args_digest+2*32(state, idx, 4), %xmm0, %xmm0
> -	vpinsrd  $3, _args_digest+3*32(state, idx, 4), %xmm0, %xmm0
> -	movl    _args_digest+4*32(state, idx, 4), tmp2_w
> -
> -	vmovdqu  %xmm0, _result_digest(job_rax)
> -	offset =  (_result_digest + 1*16)
> -	mov     tmp2_w, offset(job_rax)
> -
> -return:
> -	pop	%rbx
> -	FRAME_END
> -	ret
> -
> -return_null:
> -	xor     job_rax, job_rax
> -	jmp     return
> -ENDPROC(sha1_mb_mgr_flush_avx2)
> -
> -
> -#################################################################
> -
> -.align 16
> -ENTRY(sha1_mb_mgr_get_comp_job_avx2)
> -	push    %rbx
> -
> -	## if bit 32+3 is set, then all lanes are empty
> -	mov     _unused_lanes(state), unused_lanes
> -	bt      $(32+3), unused_lanes
> -	jc      .return_null
> -
> -	# Find min length
> -	vmovdqu _lens(state), %xmm0
> -	vmovdqu _lens+1*16(state), %xmm1
> -
> -	vpminud %xmm1, %xmm0, %xmm2        # xmm2 has {D,C,B,A}
> -	vpalignr $8, %xmm2, %xmm3, %xmm3   # xmm3 has {x,x,D,C}
> -	vpminud %xmm3, %xmm2, %xmm2        # xmm2 has {x,x,E,F}
> -	vpalignr $4, %xmm2, %xmm3, %xmm3    # xmm3 has {x,x,x,E}
> -	vpminud %xmm3, %xmm2, %xmm2        # xmm2 has min value in low dword
> -
> -	vmovd   %xmm2, DWORD_idx
> -	test    $~0xF, idx
> -	jnz     .return_null
> -
> -	# process completed job "idx"
> -	imul    $_LANE_DATA_size, idx, lane_data
> -	lea     _ldata(state, lane_data), lane_data
> -
> -	mov     _job_in_lane(lane_data), job_rax
> -	movq    $0,  _job_in_lane(lane_data)
> -	movl    $STS_COMPLETED, _status(job_rax)
> -	mov     _unused_lanes(state), unused_lanes
> -	shl     $4, unused_lanes
> -	or      idx, unused_lanes
> -	mov     unused_lanes, _unused_lanes(state)
> -
> -	movl    $0xFFFFFFFF, _lens(state,  idx, 4)
> -
> -	vmovd   _args_digest(state, idx, 4), %xmm0
> -	vpinsrd $1, _args_digest+1*32(state, idx, 4), %xmm0, %xmm0
> -	vpinsrd $2, _args_digest+2*32(state, idx, 4), %xmm0, %xmm0
> -	vpinsrd $3, _args_digest+3*32(state, idx, 4), %xmm0, %xmm0
> -	movl    _args_digest+4*32(state, idx, 4), tmp2_w
> -
> -	vmovdqu %xmm0, _result_digest(job_rax)
> -	movl    tmp2_w, _result_digest+1*16(job_rax)
> -
> -	pop     %rbx
> -
> -	ret
> -
> -.return_null:
> -	xor     job_rax, job_rax
> -	pop     %rbx
> -	ret
> -ENDPROC(sha1_mb_mgr_get_comp_job_avx2)
> -
> -.section	.rodata.cst16.clear_low_nibble, "aM", @progbits, 16
> -.align 16
> -clear_low_nibble:
> -.octa	0x000000000000000000000000FFFFFFF0
> -
> -.section	.rodata.cst8, "aM", @progbits, 8
> -.align 8
> -one:
> -.quad  1
> -two:
> -.quad  2
> -three:
> -.quad  3
> -four:
> -.quad  4
> -five:
> -.quad  5
> -six:
> -.quad  6
> -seven:
> -.quad  7
> diff --git a/arch/x86/crypto/sha1-mb/sha1_mb_mgr_init_avx2.c b/arch/x86/crypto/sha1-mb/sha1_mb_mgr_init_avx2.c
> deleted file mode 100644
> index d2add0d35f43..000000000000
> --- a/arch/x86/crypto/sha1-mb/sha1_mb_mgr_init_avx2.c
> +++ /dev/null
> @@ -1,64 +0,0 @@
> -/*
> - * Initialization code for multi buffer SHA1 algorithm for AVX2
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *	Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#include "sha1_mb_mgr.h"
> -
> -void sha1_mb_mgr_init_avx2(struct sha1_mb_mgr *state)
> -{
> -	unsigned int j;
> -	state->unused_lanes = 0xF76543210ULL;
> -	for (j = 0; j < 8; j++) {
> -		state->lens[j] = 0xFFFFFFFF;
> -		state->ldata[j].job_in_lane = NULL;
> -	}
> -}
> diff --git a/arch/x86/crypto/sha1-mb/sha1_mb_mgr_submit_avx2.S b/arch/x86/crypto/sha1-mb/sha1_mb_mgr_submit_avx2.S
> deleted file mode 100644
> index 7a93b1c0d69a..000000000000
> --- a/arch/x86/crypto/sha1-mb/sha1_mb_mgr_submit_avx2.S
> +++ /dev/null
> @@ -1,209 +0,0 @@
> -/*
> - * Buffer submit code for multi buffer SHA1 algorithm
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *      James Guilford <james.guilford@xxxxxxxxx>
> - *	Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#include <linux/linkage.h>
> -#include <asm/frame.h>
> -#include "sha1_mb_mgr_datastruct.S"
> -
> -
> -.extern sha1_x8_avx
> -
> -# LINUX register definitions
> -arg1    = %rdi
> -arg2    = %rsi
> -size_offset	= %rcx
> -tmp2		= %rcx
> -extra_blocks	= %rdx
> -
> -# Common definitions
> -#define state   arg1
> -#define job     %rsi
> -#define len2    arg2
> -#define p2      arg2
> -
> -# idx must be a register not clobberred by sha1_x8_avx2
> -idx		= %r8
> -DWORD_idx	= %r8d
> -last_len	= %r8
> -
> -p               = %r11
> -start_offset    = %r11
> -
> -unused_lanes    = %rbx
> -BYTE_unused_lanes = %bl
> -
> -job_rax         = %rax
> -len             = %rax
> -DWORD_len	= %eax
> -
> -lane            = %r12
> -tmp3            = %r12
> -
> -tmp             = %r9
> -DWORD_tmp	= %r9d
> -
> -lane_data       = %r10
> -
> -# JOB* submit_mb_mgr_submit_avx2(MB_MGR *state, job_sha1 *job)
> -# arg 1 : rcx : state
> -# arg 2 : rdx : job
> -ENTRY(sha1_mb_mgr_submit_avx2)
> -	FRAME_BEGIN
> -	push	%rbx
> -	push	%r12
> -
> -	mov     _unused_lanes(state), unused_lanes
> -	mov	unused_lanes, lane
> -	and	$0xF, lane
> -	shr     $4, unused_lanes
> -	imul    $_LANE_DATA_size, lane, lane_data
> -	movl    $STS_BEING_PROCESSED, _status(job)
> -	lea     _ldata(state, lane_data), lane_data
> -	mov     unused_lanes, _unused_lanes(state)
> -	movl    _len(job),  DWORD_len
> -
> -	mov	job, _job_in_lane(lane_data)
> -	shl	$4, len
> -	or	lane, len
> -
> -	movl    DWORD_len,  _lens(state , lane, 4)
> -
> -	# Load digest words from result_digest
> -	vmovdqu	_result_digest(job), %xmm0
> -	mov	_result_digest+1*16(job), DWORD_tmp
> -	vmovd    %xmm0, _args_digest(state, lane, 4)
> -	vpextrd  $1, %xmm0, _args_digest+1*32(state , lane, 4)
> -	vpextrd  $2, %xmm0, _args_digest+2*32(state , lane, 4)
> -	vpextrd  $3, %xmm0, _args_digest+3*32(state , lane, 4)
> -	movl    DWORD_tmp, _args_digest+4*32(state , lane, 4)
> -
> -	mov     _buffer(job), p
> -	mov     p, _args_data_ptr(state, lane, 8)
> -
> -	cmp     $0xF, unused_lanes
> -	jne     return_null
> -
> -start_loop:
> -	# Find min length
> -	vmovdqa _lens(state), %xmm0
> -	vmovdqa _lens+1*16(state), %xmm1
> -
> -	vpminud %xmm1, %xmm0, %xmm2        # xmm2 has {D,C,B,A}
> -	vpalignr $8, %xmm2, %xmm3, %xmm3   # xmm3 has {x,x,D,C}
> -	vpminud %xmm3, %xmm2, %xmm2        # xmm2 has {x,x,E,F}
> -	vpalignr $4, %xmm2, %xmm3, %xmm3   # xmm3 has {x,x,x,E}
> -	vpminud %xmm3, %xmm2, %xmm2        # xmm2 has min value in low dword
> -
> -	vmovd   %xmm2, DWORD_idx
> -	mov    idx, len2
> -	and    $0xF, idx
> -	shr    $4, len2
> -	jz     len_is_0
> -
> -	vpand   clear_low_nibble(%rip), %xmm2, %xmm2
> -	vpshufd $0, %xmm2, %xmm2
> -
> -	vpsubd  %xmm2, %xmm0, %xmm0
> -	vpsubd  %xmm2, %xmm1, %xmm1
> -
> -	vmovdqa %xmm0, _lens + 0*16(state)
> -	vmovdqa %xmm1, _lens + 1*16(state)
> -
> -
> -	# "state" and "args" are the same address, arg1
> -	# len is arg2
> -	call    sha1_x8_avx2
> -
> -	# state and idx are intact
> -
> -len_is_0:
> -	# process completed job "idx"
> -	imul    $_LANE_DATA_size, idx, lane_data
> -	lea     _ldata(state, lane_data), lane_data
> -
> -	mov     _job_in_lane(lane_data), job_rax
> -	mov     _unused_lanes(state), unused_lanes
> -	movq    $0, _job_in_lane(lane_data)
> -	movl    $STS_COMPLETED, _status(job_rax)
> -	shl     $4, unused_lanes
> -	or      idx, unused_lanes
> -	mov     unused_lanes, _unused_lanes(state)
> -
> -	movl	$0xFFFFFFFF, _lens(state, idx, 4)
> -
> -	vmovd    _args_digest(state, idx, 4), %xmm0
> -	vpinsrd  $1, _args_digest+1*32(state , idx, 4), %xmm0, %xmm0
> -	vpinsrd  $2, _args_digest+2*32(state , idx, 4), %xmm0, %xmm0
> -	vpinsrd  $3, _args_digest+3*32(state , idx, 4), %xmm0, %xmm0
> -	movl     _args_digest+4*32(state, idx, 4), DWORD_tmp
> -
> -	vmovdqu  %xmm0, _result_digest(job_rax)
> -	movl    DWORD_tmp, _result_digest+1*16(job_rax)
> -
> -return:
> -	pop	%r12
> -	pop	%rbx
> -	FRAME_END
> -	ret
> -
> -return_null:
> -	xor     job_rax, job_rax
> -	jmp     return
> -
> -ENDPROC(sha1_mb_mgr_submit_avx2)
> -
> -.section	.rodata.cst16.clear_low_nibble, "aM", @progbits, 16
> -.align 16
> -clear_low_nibble:
> -	.octa	0x000000000000000000000000FFFFFFF0
> diff --git a/arch/x86/crypto/sha1-mb/sha1_x8_avx2.S b/arch/x86/crypto/sha1-mb/sha1_x8_avx2.S
> deleted file mode 100644
> index 20f77aa633de..000000000000
> --- a/arch/x86/crypto/sha1-mb/sha1_x8_avx2.S
> +++ /dev/null
> @@ -1,492 +0,0 @@
> -/*
> - * Multi-buffer SHA1 algorithm hash compute routine
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *      James Guilford <james.guilford@xxxxxxxxx>
> - *	Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2014 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#include <linux/linkage.h>
> -#include "sha1_mb_mgr_datastruct.S"
> -
> -## code to compute oct SHA1 using SSE-256
> -## outer calling routine takes care of save and restore of XMM registers
> -
> -## Function clobbers: rax, rcx, rdx,   rbx, rsi, rdi, r9-r15# ymm0-15
> -##
> -## Linux clobbers:    rax rbx rcx rdx rsi            r9 r10 r11 r12 r13 r14 r15
> -## Linux preserves:                       rdi rbp r8
> -##
> -## clobbers ymm0-15
> -
> -
> -# TRANSPOSE8 r0, r1, r2, r3, r4, r5, r6, r7, t0, t1
> -# "transpose" data in {r0...r7} using temps {t0...t1}
> -# Input looks like: {r0 r1 r2 r3 r4 r5 r6 r7}
> -# r0 = {a7 a6 a5 a4   a3 a2 a1 a0}
> -# r1 = {b7 b6 b5 b4   b3 b2 b1 b0}
> -# r2 = {c7 c6 c5 c4   c3 c2 c1 c0}
> -# r3 = {d7 d6 d5 d4   d3 d2 d1 d0}
> -# r4 = {e7 e6 e5 e4   e3 e2 e1 e0}
> -# r5 = {f7 f6 f5 f4   f3 f2 f1 f0}
> -# r6 = {g7 g6 g5 g4   g3 g2 g1 g0}
> -# r7 = {h7 h6 h5 h4   h3 h2 h1 h0}
> -#
> -# Output looks like: {r0 r1 r2 r3 r4 r5 r6 r7}
> -# r0 = {h0 g0 f0 e0   d0 c0 b0 a0}
> -# r1 = {h1 g1 f1 e1   d1 c1 b1 a1}
> -# r2 = {h2 g2 f2 e2   d2 c2 b2 a2}
> -# r3 = {h3 g3 f3 e3   d3 c3 b3 a3}
> -# r4 = {h4 g4 f4 e4   d4 c4 b4 a4}
> -# r5 = {h5 g5 f5 e5   d5 c5 b5 a5}
> -# r6 = {h6 g6 f6 e6   d6 c6 b6 a6}
> -# r7 = {h7 g7 f7 e7   d7 c7 b7 a7}
> -#
> -
> -.macro TRANSPOSE8 r0 r1 r2 r3 r4 r5 r6 r7 t0 t1
> -	# process top half (r0..r3) {a...d}
> -	vshufps  $0x44, \r1, \r0, \t0 # t0 = {b5 b4 a5 a4   b1 b0 a1 a0}
> -	vshufps  $0xEE, \r1, \r0, \r0 # r0 = {b7 b6 a7 a6   b3 b2 a3 a2}
> -	vshufps  $0x44, \r3, \r2, \t1 # t1 = {d5 d4 c5 c4   d1 d0 c1 c0}
> -	vshufps  $0xEE, \r3, \r2, \r2 # r2 = {d7 d6 c7 c6   d3 d2 c3 c2}
> -	vshufps  $0xDD, \t1, \t0, \r3 # r3 = {d5 c5 b5 a5   d1 c1 b1 a1}
> -	vshufps  $0x88, \r2, \r0, \r1 # r1 = {d6 c6 b6 a6   d2 c2 b2 a2}
> -	vshufps  $0xDD, \r2, \r0, \r0 # r0 = {d7 c7 b7 a7   d3 c3 b3 a3}
> -	vshufps  $0x88, \t1, \t0, \t0 # t0 = {d4 c4 b4 a4   d0 c0 b0 a0}
> -
> -	# use r2 in place of t0
> -	# process bottom half (r4..r7) {e...h}
> -	vshufps  $0x44, \r5, \r4, \r2 # r2 = {f5 f4 e5 e4   f1 f0 e1 e0}
> -	vshufps  $0xEE, \r5, \r4, \r4 # r4 = {f7 f6 e7 e6   f3 f2 e3 e2}
> -	vshufps  $0x44, \r7, \r6, \t1 # t1 = {h5 h4 g5 g4   h1 h0 g1 g0}
> -	vshufps  $0xEE, \r7, \r6, \r6 # r6 = {h7 h6 g7 g6   h3 h2 g3 g2}
> -	vshufps  $0xDD, \t1, \r2, \r7 # r7 = {h5 g5 f5 e5   h1 g1 f1 e1}
> -	vshufps  $0x88, \r6, \r4, \r5 # r5 = {h6 g6 f6 e6   h2 g2 f2 e2}
> -	vshufps  $0xDD, \r6, \r4, \r4 # r4 = {h7 g7 f7 e7   h3 g3 f3 e3}
> -	vshufps  $0x88, \t1, \r2, \t1 # t1 = {h4 g4 f4 e4   h0 g0 f0 e0}
> -
> -	vperm2f128      $0x13, \r1, \r5, \r6  # h6...a6
> -	vperm2f128      $0x02, \r1, \r5, \r2  # h2...a2
> -	vperm2f128      $0x13, \r3, \r7, \r5  # h5...a5
> -	vperm2f128      $0x02, \r3, \r7, \r1  # h1...a1
> -	vperm2f128      $0x13, \r0, \r4, \r7  # h7...a7
> -	vperm2f128      $0x02, \r0, \r4, \r3  # h3...a3
> -	vperm2f128      $0x13, \t0, \t1, \r4  # h4...a4
> -	vperm2f128      $0x02, \t0, \t1, \r0  # h0...a0
> -
> -.endm
> -##
> -## Magic functions defined in FIPS 180-1
> -##
> -# macro MAGIC_F0 F,B,C,D,T   ## F = (D ^ (B & (C ^ D)))
> -.macro MAGIC_F0 regF regB regC regD regT
> -    vpxor \regD, \regC, \regF
> -    vpand \regB, \regF, \regF
> -    vpxor \regD, \regF, \regF
> -.endm
> -
> -# macro MAGIC_F1 F,B,C,D,T   ## F = (B ^ C ^ D)
> -.macro MAGIC_F1 regF regB regC regD regT
> -    vpxor  \regC, \regD, \regF
> -    vpxor  \regB, \regF, \regF
> -.endm
> -
> -# macro MAGIC_F2 F,B,C,D,T   ## F = ((B & C) | (B & D) | (C & D))
> -.macro MAGIC_F2 regF regB regC regD regT
> -    vpor  \regC, \regB, \regF
> -    vpand \regC, \regB, \regT
> -    vpand \regD, \regF, \regF
> -    vpor  \regT, \regF, \regF
> -.endm
> -
> -# macro MAGIC_F3 F,B,C,D,T   ## F = (B ^ C ^ D)
> -.macro MAGIC_F3 regF regB regC regD regT
> -    MAGIC_F1 \regF,\regB,\regC,\regD,\regT
> -.endm
> -
> -# PROLD reg, imm, tmp
> -.macro PROLD reg imm tmp
> -	vpsrld  $(32-\imm), \reg, \tmp
> -	vpslld  $\imm, \reg, \reg
> -	vpor    \tmp, \reg, \reg
> -.endm
> -
> -.macro PROLD_nd reg imm tmp src
> -	vpsrld  $(32-\imm), \src, \tmp
> -	vpslld  $\imm, \src, \reg
> -	vpor	\tmp, \reg, \reg
> -.endm
> -
> -.macro SHA1_STEP_00_15 regA regB regC regD regE regT regF memW immCNT MAGIC
> -	vpaddd	\immCNT, \regE, \regE
> -	vpaddd	\memW*32(%rsp), \regE, \regE
> -	PROLD_nd \regT, 5, \regF, \regA
> -	vpaddd	\regT, \regE, \regE
> -	\MAGIC  \regF, \regB, \regC, \regD, \regT
> -        PROLD   \regB, 30, \regT
> -        vpaddd  \regF, \regE, \regE
> -.endm
> -
> -.macro SHA1_STEP_16_79 regA regB regC regD regE regT regF memW immCNT MAGIC
> -	vpaddd	\immCNT, \regE, \regE
> -	offset = ((\memW - 14) & 15) * 32
> -	vmovdqu offset(%rsp), W14
> -	vpxor	W14, W16, W16
> -	offset = ((\memW -  8) & 15) * 32
> -	vpxor	offset(%rsp), W16, W16
> -	offset = ((\memW -  3) & 15) * 32
> -	vpxor	offset(%rsp), W16, W16
> -	vpsrld	$(32-1), W16, \regF
> -	vpslld	$1, W16, W16
> -	vpor	W16, \regF, \regF
> -
> -	ROTATE_W
> -
> -	offset = ((\memW - 0) & 15) * 32
> -	vmovdqu	\regF, offset(%rsp)
> -	vpaddd	\regF, \regE, \regE
> -	PROLD_nd \regT, 5, \regF, \regA
> -	vpaddd	\regT, \regE, \regE
> -	\MAGIC \regF,\regB,\regC,\regD,\regT      ## FUN  = MAGIC_Fi(B,C,D)
> -	PROLD   \regB,30, \regT
> -	vpaddd  \regF, \regE, \regE
> -.endm
> -
> -########################################################################
> -########################################################################
> -########################################################################
> -
> -## FRAMESZ plus pushes must be an odd multiple of 8
> -YMM_SAVE = (15-15)*32
> -FRAMESZ = 32*16 + YMM_SAVE
> -_YMM  =   FRAMESZ - YMM_SAVE
> -
> -#define VMOVPS   vmovups
> -
> -IDX  = %rax
> -inp0 = %r9
> -inp1 = %r10
> -inp2 = %r11
> -inp3 = %r12
> -inp4 = %r13
> -inp5 = %r14
> -inp6 = %r15
> -inp7 = %rcx
> -arg1 = %rdi
> -arg2 = %rsi
> -RSP_SAVE = %rdx
> -
> -# ymm0 A
> -# ymm1 B
> -# ymm2 C
> -# ymm3 D
> -# ymm4 E
> -# ymm5         F       AA
> -# ymm6         T0      BB
> -# ymm7         T1      CC
> -# ymm8         T2      DD
> -# ymm9         T3      EE
> -# ymm10                T4      TMP
> -# ymm11                T5      FUN
> -# ymm12                T6      K
> -# ymm13                T7      W14
> -# ymm14                T8      W15
> -# ymm15                T9      W16
> -
> -
> -A  =     %ymm0
> -B  =     %ymm1
> -C  =     %ymm2
> -D  =     %ymm3
> -E  =     %ymm4
> -F  =     %ymm5
> -T0 =	 %ymm6
> -T1 =     %ymm7
> -T2 =     %ymm8
> -T3 =     %ymm9
> -T4 =     %ymm10
> -T5 =     %ymm11
> -T6 =     %ymm12
> -T7 =     %ymm13
> -T8  =     %ymm14
> -T9  =     %ymm15
> -
> -AA  =     %ymm5
> -BB  =     %ymm6
> -CC  =     %ymm7
> -DD  =     %ymm8
> -EE  =     %ymm9
> -TMP =     %ymm10
> -FUN =     %ymm11
> -K   =     %ymm12
> -W14 =     %ymm13
> -W15 =     %ymm14
> -W16 =     %ymm15
> -
> -.macro ROTATE_ARGS
> - TMP_ = E
> - E = D
> - D = C
> - C = B
> - B = A
> - A = TMP_
> -.endm
> -
> -.macro ROTATE_W
> -TMP_  = W16
> -W16  = W15
> -W15  = W14
> -W14  = TMP_
> -.endm
> -
> -# 8 streams x 5 32bit words per digest x 4 bytes per word
> -#define DIGEST_SIZE (8*5*4)
> -
> -.align 32
> -
> -# void sha1_x8_avx2(void **input_data, UINT128 *digest, UINT32 size)
> -# arg 1 : pointer to array[4] of pointer to input data
> -# arg 2 : size (in blocks) ;; assumed to be >= 1
> -#
> -ENTRY(sha1_x8_avx2)
> -
> -	# save callee-saved clobbered registers to comply with C function ABI
> -	push	%r12
> -	push	%r13
> -	push	%r14
> -	push	%r15
> -
> -	#save rsp
> -	mov	%rsp, RSP_SAVE
> -	sub     $FRAMESZ, %rsp
> -
> -	#align rsp to 32 Bytes
> -	and	$~0x1F, %rsp
> -
> -	## Initialize digests
> -	vmovdqu  0*32(arg1), A
> -	vmovdqu  1*32(arg1), B
> -	vmovdqu  2*32(arg1), C
> -	vmovdqu  3*32(arg1), D
> -	vmovdqu  4*32(arg1), E
> -
> -	## transpose input onto stack
> -	mov     _data_ptr+0*8(arg1),inp0
> -	mov     _data_ptr+1*8(arg1),inp1
> -	mov     _data_ptr+2*8(arg1),inp2
> -	mov     _data_ptr+3*8(arg1),inp3
> -	mov     _data_ptr+4*8(arg1),inp4
> -	mov     _data_ptr+5*8(arg1),inp5
> -	mov     _data_ptr+6*8(arg1),inp6
> -	mov     _data_ptr+7*8(arg1),inp7
> -
> -	xor     IDX, IDX
> -lloop:
> -	vmovdqu  PSHUFFLE_BYTE_FLIP_MASK(%rip), F
> -	I=0
> -.rep 2
> -	VMOVPS   (inp0, IDX), T0
> -	VMOVPS   (inp1, IDX), T1
> -	VMOVPS   (inp2, IDX), T2
> -	VMOVPS   (inp3, IDX), T3
> -	VMOVPS   (inp4, IDX), T4
> -	VMOVPS   (inp5, IDX), T5
> -	VMOVPS   (inp6, IDX), T6
> -	VMOVPS   (inp7, IDX), T7
> -
> -	TRANSPOSE8       T0, T1, T2, T3, T4, T5, T6, T7, T8, T9
> -	vpshufb  F, T0, T0
> -	vmovdqu  T0, (I*8)*32(%rsp)
> -	vpshufb  F, T1, T1
> -	vmovdqu  T1, (I*8+1)*32(%rsp)
> -	vpshufb  F, T2, T2
> -	vmovdqu  T2, (I*8+2)*32(%rsp)
> -	vpshufb  F, T3, T3
> -	vmovdqu  T3, (I*8+3)*32(%rsp)
> -	vpshufb  F, T4, T4
> -	vmovdqu  T4, (I*8+4)*32(%rsp)
> -	vpshufb  F, T5, T5
> -	vmovdqu  T5, (I*8+5)*32(%rsp)
> -	vpshufb  F, T6, T6
> -	vmovdqu  T6, (I*8+6)*32(%rsp)
> -	vpshufb  F, T7, T7
> -	vmovdqu  T7, (I*8+7)*32(%rsp)
> -	add     $32, IDX
> -	I = (I+1)
> -.endr
> -	# save old digests
> -	vmovdqu  A,AA
> -	vmovdqu  B,BB
> -	vmovdqu  C,CC
> -	vmovdqu  D,DD
> -	vmovdqu  E,EE
> -
> -##
> -## perform 0-79 steps
> -##
> -	vmovdqu  K00_19(%rip), K
> -## do rounds 0...15
> -	I = 0
> -.rep 16
> -	SHA1_STEP_00_15 A,B,C,D,E, TMP,FUN, I, K, MAGIC_F0
> -	ROTATE_ARGS
> -	I = (I+1)
> -.endr
> -
> -## do rounds 16...19
> -	vmovdqu  ((16 - 16) & 15) * 32 (%rsp), W16
> -	vmovdqu  ((16 - 15) & 15) * 32 (%rsp), W15
> -.rep 4
> -	SHA1_STEP_16_79 A,B,C,D,E, TMP,FUN, I, K, MAGIC_F0
> -	ROTATE_ARGS
> -	I = (I+1)
> -.endr
> -
> -## do rounds 20...39
> -	vmovdqu  K20_39(%rip), K
> -.rep 20
> -	SHA1_STEP_16_79 A,B,C,D,E, TMP,FUN, I, K, MAGIC_F1
> -	ROTATE_ARGS
> -	I = (I+1)
> -.endr
> -
> -## do rounds 40...59
> -	vmovdqu  K40_59(%rip), K
> -.rep 20
> -	SHA1_STEP_16_79 A,B,C,D,E, TMP,FUN, I, K, MAGIC_F2
> -	ROTATE_ARGS
> -	I = (I+1)
> -.endr
> -
> -## do rounds 60...79
> -	vmovdqu  K60_79(%rip), K
> -.rep 20
> -	SHA1_STEP_16_79 A,B,C,D,E, TMP,FUN, I, K, MAGIC_F3
> -	ROTATE_ARGS
> -	I = (I+1)
> -.endr
> -
> -	vpaddd   AA,A,A
> -	vpaddd   BB,B,B
> -	vpaddd   CC,C,C
> -	vpaddd   DD,D,D
> -	vpaddd   EE,E,E
> -
> -	sub     $1, arg2
> -	jne     lloop
> -
> -	# write out digests
> -	vmovdqu  A, 0*32(arg1)
> -	vmovdqu  B, 1*32(arg1)
> -	vmovdqu  C, 2*32(arg1)
> -	vmovdqu  D, 3*32(arg1)
> -	vmovdqu  E, 4*32(arg1)
> -
> -	# update input pointers
> -	add     IDX, inp0
> -	add     IDX, inp1
> -	add     IDX, inp2
> -	add     IDX, inp3
> -	add     IDX, inp4
> -	add     IDX, inp5
> -	add     IDX, inp6
> -	add     IDX, inp7
> -	mov     inp0, _data_ptr (arg1)
> -	mov     inp1, _data_ptr + 1*8(arg1)
> -	mov     inp2, _data_ptr + 2*8(arg1)
> -	mov     inp3, _data_ptr + 3*8(arg1)
> -	mov     inp4, _data_ptr + 4*8(arg1)
> -	mov     inp5, _data_ptr + 5*8(arg1)
> -	mov     inp6, _data_ptr + 6*8(arg1)
> -	mov     inp7, _data_ptr + 7*8(arg1)
> -
> -	################
> -	## Postamble
> -
> -	mov     RSP_SAVE, %rsp
> -
> -	# restore callee-saved clobbered registers
> -	pop	%r15
> -	pop	%r14
> -	pop	%r13
> -	pop	%r12
> -
> -	ret
> -ENDPROC(sha1_x8_avx2)
> -
> -
> -.section	.rodata.cst32.K00_19, "aM", @progbits, 32
> -.align 32
> -K00_19:
> -.octa 0x5A8279995A8279995A8279995A827999
> -.octa 0x5A8279995A8279995A8279995A827999
> -
> -.section	.rodata.cst32.K20_39, "aM", @progbits, 32
> -.align 32
> -K20_39:
> -.octa 0x6ED9EBA16ED9EBA16ED9EBA16ED9EBA1
> -.octa 0x6ED9EBA16ED9EBA16ED9EBA16ED9EBA1
> -
> -.section	.rodata.cst32.K40_59, "aM", @progbits, 32
> -.align 32
> -K40_59:
> -.octa 0x8F1BBCDC8F1BBCDC8F1BBCDC8F1BBCDC
> -.octa 0x8F1BBCDC8F1BBCDC8F1BBCDC8F1BBCDC
> -
> -.section	.rodata.cst32.K60_79, "aM", @progbits, 32
> -.align 32
> -K60_79:
> -.octa 0xCA62C1D6CA62C1D6CA62C1D6CA62C1D6
> -.octa 0xCA62C1D6CA62C1D6CA62C1D6CA62C1D6
> -
> -.section	.rodata.cst32.PSHUFFLE_BYTE_FLIP_MASK, "aM", @progbits, 32
> -.align 32
> -PSHUFFLE_BYTE_FLIP_MASK:
> -.octa 0x0c0d0e0f08090a0b0405060700010203
> -.octa 0x0c0d0e0f08090a0b0405060700010203
> diff --git a/arch/x86/crypto/sha256-mb/Makefile b/arch/x86/crypto/sha256-mb/Makefile
> deleted file mode 100644
> index 53ad6e7db747..000000000000
> --- a/arch/x86/crypto/sha256-mb/Makefile
> +++ /dev/null
> @@ -1,14 +0,0 @@
> -# SPDX-License-Identifier: GPL-2.0
> -#
> -# Arch-specific CryptoAPI modules.
> -#
> -
> -OBJECT_FILES_NON_STANDARD := y
> -
> -avx2_supported := $(call as-instr,vpgatherdd %ymm0$(comma)(%eax$(comma)%ymm1\
> -                                $(comma)4)$(comma)%ymm2,yes,no)
> -ifeq ($(avx2_supported),yes)
> -	obj-$(CONFIG_CRYPTO_SHA256_MB) += sha256-mb.o
> -	sha256-mb-y := sha256_mb.o sha256_mb_mgr_flush_avx2.o \
> -	     sha256_mb_mgr_init_avx2.o sha256_mb_mgr_submit_avx2.o sha256_x8_avx2.o
> -endif
> diff --git a/arch/x86/crypto/sha256-mb/sha256_mb.c b/arch/x86/crypto/sha256-mb/sha256_mb.c
> deleted file mode 100644
> index 97c5fc43e115..000000000000
> --- a/arch/x86/crypto/sha256-mb/sha256_mb.c
> +++ /dev/null
> @@ -1,1013 +0,0 @@
> -/*
> - * Multi buffer SHA256 algorithm Glue Code
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *	Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#define pr_fmt(fmt)	KBUILD_MODNAME ": " fmt
> -
> -#include <crypto/internal/hash.h>
> -#include <linux/init.h>
> -#include <linux/module.h>
> -#include <linux/mm.h>
> -#include <linux/cryptohash.h>
> -#include <linux/types.h>
> -#include <linux/list.h>
> -#include <crypto/scatterwalk.h>
> -#include <crypto/sha.h>
> -#include <crypto/mcryptd.h>
> -#include <crypto/crypto_wq.h>
> -#include <asm/byteorder.h>
> -#include <linux/hardirq.h>
> -#include <asm/fpu/api.h>
> -#include "sha256_mb_ctx.h"
> -
> -#define FLUSH_INTERVAL 1000 /* in usec */
> -
> -static struct mcryptd_alg_state sha256_mb_alg_state;
> -
> -struct sha256_mb_ctx {
> -	struct mcryptd_ahash *mcryptd_tfm;
> -};
> -
> -static inline struct mcryptd_hash_request_ctx
> -		*cast_hash_to_mcryptd_ctx(struct sha256_hash_ctx *hash_ctx)
> -{
> -	struct ahash_request *areq;
> -
> -	areq = container_of((void *) hash_ctx, struct ahash_request, __ctx);
> -	return container_of(areq, struct mcryptd_hash_request_ctx, areq);
> -}
> -
> -static inline struct ahash_request
> -		*cast_mcryptd_ctx_to_req(struct mcryptd_hash_request_ctx *ctx)
> -{
> -	return container_of((void *) ctx, struct ahash_request, __ctx);
> -}
> -
> -static void req_ctx_init(struct mcryptd_hash_request_ctx *rctx,
> -				struct ahash_request *areq)
> -{
> -	rctx->flag = HASH_UPDATE;
> -}
> -
> -static asmlinkage void (*sha256_job_mgr_init)(struct sha256_mb_mgr *state);
> -static asmlinkage struct job_sha256* (*sha256_job_mgr_submit)
> -			(struct sha256_mb_mgr *state, struct job_sha256 *job);
> -static asmlinkage struct job_sha256* (*sha256_job_mgr_flush)
> -			(struct sha256_mb_mgr *state);
> -static asmlinkage struct job_sha256* (*sha256_job_mgr_get_comp_job)
> -			(struct sha256_mb_mgr *state);
> -
> -inline uint32_t sha256_pad(uint8_t padblock[SHA256_BLOCK_SIZE * 2],
> -			 uint64_t total_len)
> -{
> -	uint32_t i = total_len & (SHA256_BLOCK_SIZE - 1);
> -
> -	memset(&padblock[i], 0, SHA256_BLOCK_SIZE);
> -	padblock[i] = 0x80;
> -
> -	i += ((SHA256_BLOCK_SIZE - 1) &
> -	      (0 - (total_len + SHA256_PADLENGTHFIELD_SIZE + 1)))
> -	     + 1 + SHA256_PADLENGTHFIELD_SIZE;
> -
> -#if SHA256_PADLENGTHFIELD_SIZE == 16
> -	*((uint64_t *) &padblock[i - 16]) = 0;
> -#endif
> -
> -	*((uint64_t *) &padblock[i - 8]) = cpu_to_be64(total_len << 3);
> -
> -	/* Number of extra blocks to hash */
> -	return i >> SHA256_LOG2_BLOCK_SIZE;
> -}
> -
> -static struct sha256_hash_ctx
> -		*sha256_ctx_mgr_resubmit(struct sha256_ctx_mgr *mgr,
> -					struct sha256_hash_ctx *ctx)
> -{
> -	while (ctx) {
> -		if (ctx->status & HASH_CTX_STS_COMPLETE) {
> -			/* Clear PROCESSING bit */
> -			ctx->status = HASH_CTX_STS_COMPLETE;
> -			return ctx;
> -		}
> -
> -		/*
> -		 * If the extra blocks are empty, begin hashing what remains
> -		 * in the user's buffer.
> -		 */
> -		if (ctx->partial_block_buffer_length == 0 &&
> -		    ctx->incoming_buffer_length) {
> -
> -			const void *buffer = ctx->incoming_buffer;
> -			uint32_t len = ctx->incoming_buffer_length;
> -			uint32_t copy_len;
> -
> -			/*
> -			 * Only entire blocks can be hashed.
> -			 * Copy remainder to extra blocks buffer.
> -			 */
> -			copy_len = len & (SHA256_BLOCK_SIZE-1);
> -
> -			if (copy_len) {
> -				len -= copy_len;
> -				memcpy(ctx->partial_block_buffer,
> -				       ((const char *) buffer + len),
> -				       copy_len);
> -				ctx->partial_block_buffer_length = copy_len;
> -			}
> -
> -			ctx->incoming_buffer_length = 0;
> -
> -			/* len should be a multiple of the block size now */
> -			assert((len % SHA256_BLOCK_SIZE) == 0);
> -
> -			/* Set len to the number of blocks to be hashed */
> -			len >>= SHA256_LOG2_BLOCK_SIZE;
> -
> -			if (len) {
> -
> -				ctx->job.buffer = (uint8_t *) buffer;
> -				ctx->job.len = len;
> -				ctx = (struct sha256_hash_ctx *)
> -				sha256_job_mgr_submit(&mgr->mgr, &ctx->job);
> -				continue;
> -			}
> -		}
> -
> -		/*
> -		 * If the extra blocks are not empty, then we are
> -		 * either on the last block(s) or we need more
> -		 * user input before continuing.
> -		 */
> -		if (ctx->status & HASH_CTX_STS_LAST) {
> -
> -			uint8_t *buf = ctx->partial_block_buffer;
> -			uint32_t n_extra_blocks =
> -				sha256_pad(buf, ctx->total_length);
> -
> -			ctx->status = (HASH_CTX_STS_PROCESSING |
> -				       HASH_CTX_STS_COMPLETE);
> -			ctx->job.buffer = buf;
> -			ctx->job.len = (uint32_t) n_extra_blocks;
> -			ctx = (struct sha256_hash_ctx *)
> -				sha256_job_mgr_submit(&mgr->mgr, &ctx->job);
> -			continue;
> -		}
> -
> -		ctx->status = HASH_CTX_STS_IDLE;
> -		return ctx;
> -	}
> -
> -	return NULL;
> -}
> -
> -static struct sha256_hash_ctx
> -		*sha256_ctx_mgr_get_comp_ctx(struct sha256_ctx_mgr *mgr)
> -{
> -	/*
> -	 * If get_comp_job returns NULL, there are no jobs complete.
> -	 * If get_comp_job returns a job, verify that it is safe to return to
> -	 * the user. If it is not ready, resubmit the job to finish processing.
> -	 * If sha256_ctx_mgr_resubmit returned a job, it is ready to be
> -	 * returned. Otherwise, all jobs currently being managed by the
> -	 * hash_ctx_mgr still need processing.
> -	 */
> -	struct sha256_hash_ctx *ctx;
> -
> -	ctx = (struct sha256_hash_ctx *) sha256_job_mgr_get_comp_job(&mgr->mgr);
> -	return sha256_ctx_mgr_resubmit(mgr, ctx);
> -}
> -
> -static void sha256_ctx_mgr_init(struct sha256_ctx_mgr *mgr)
> -{
> -	sha256_job_mgr_init(&mgr->mgr);
> -}
> -
> -static struct sha256_hash_ctx *sha256_ctx_mgr_submit(struct sha256_ctx_mgr *mgr,
> -					  struct sha256_hash_ctx *ctx,
> -					  const void *buffer,
> -					  uint32_t len,
> -					  int flags)
> -{
> -	if (flags & ~(HASH_UPDATE | HASH_LAST)) {
> -		/* User should not pass anything other than UPDATE or LAST */
> -		ctx->error = HASH_CTX_ERROR_INVALID_FLAGS;
> -		return ctx;
> -	}
> -
> -	if (ctx->status & HASH_CTX_STS_PROCESSING) {
> -		/* Cannot submit to a currently processing job. */
> -		ctx->error = HASH_CTX_ERROR_ALREADY_PROCESSING;
> -		return ctx;
> -	}
> -
> -	if (ctx->status & HASH_CTX_STS_COMPLETE) {
> -		/* Cannot update a finished job. */
> -		ctx->error = HASH_CTX_ERROR_ALREADY_COMPLETED;
> -		return ctx;
> -	}
> -
> -	/* If we made it here, there was no error during this call to submit */
> -	ctx->error = HASH_CTX_ERROR_NONE;
> -
> -	/* Store buffer ptr info from user */
> -	ctx->incoming_buffer = buffer;
> -	ctx->incoming_buffer_length = len;
> -
> -	/*
> -	 * Store the user's request flags and mark this ctx as currently
> -	 * being processed.
> -	 */
> -	ctx->status = (flags & HASH_LAST) ?
> -			(HASH_CTX_STS_PROCESSING | HASH_CTX_STS_LAST) :
> -			HASH_CTX_STS_PROCESSING;
> -
> -	/* Advance byte counter */
> -	ctx->total_length += len;
> -
> -	/*
> -	 * If there is anything currently buffered in the extra blocks,
> -	 * append to it until it contains a whole block.
> -	 * Or if the user's buffer contains less than a whole block,
> -	 * append as much as possible to the extra block.
> -	 */
> -	if (ctx->partial_block_buffer_length || len < SHA256_BLOCK_SIZE) {
> -		/*
> -		 * Compute how many bytes to copy from user buffer into
> -		 * extra block
> -		 */
> -		uint32_t copy_len = SHA256_BLOCK_SIZE -
> -					ctx->partial_block_buffer_length;
> -		if (len < copy_len)
> -			copy_len = len;
> -
> -		if (copy_len) {
> -			/* Copy and update relevant pointers and counters */
> -			memcpy(
> -		&ctx->partial_block_buffer[ctx->partial_block_buffer_length],
> -				buffer, copy_len);
> -
> -			ctx->partial_block_buffer_length += copy_len;
> -			ctx->incoming_buffer = (const void *)
> -					((const char *)buffer + copy_len);
> -			ctx->incoming_buffer_length = len - copy_len;
> -		}
> -
> -		/* The extra block should never contain more than 1 block */
> -		assert(ctx->partial_block_buffer_length <= SHA256_BLOCK_SIZE);
> -
> -		/*
> -		 * If the extra block buffer contains exactly 1 block,
> -		 * it can be hashed.
> -		 */
> -		if (ctx->partial_block_buffer_length >= SHA256_BLOCK_SIZE) {
> -			ctx->partial_block_buffer_length = 0;
> -
> -			ctx->job.buffer = ctx->partial_block_buffer;
> -			ctx->job.len = 1;
> -			ctx = (struct sha256_hash_ctx *)
> -				sha256_job_mgr_submit(&mgr->mgr, &ctx->job);
> -		}
> -	}
> -
> -	return sha256_ctx_mgr_resubmit(mgr, ctx);
> -}
> -
> -static struct sha256_hash_ctx *sha256_ctx_mgr_flush(struct sha256_ctx_mgr *mgr)
> -{
> -	struct sha256_hash_ctx *ctx;
> -
> -	while (1) {
> -		ctx = (struct sha256_hash_ctx *)
> -					sha256_job_mgr_flush(&mgr->mgr);
> -
> -		/* If flush returned 0, there are no more jobs in flight. */
> -		if (!ctx)
> -			return NULL;
> -
> -		/*
> -		 * If flush returned a job, resubmit the job to finish
> -		 * processing.
> -		 */
> -		ctx = sha256_ctx_mgr_resubmit(mgr, ctx);
> -
> -		/*
> -		 * If sha256_ctx_mgr_resubmit returned a job, it is ready to
> -		 * be returned. Otherwise, all jobs currently being managed by
> -		 * the sha256_ctx_mgr still need processing. Loop.
> -		 */
> -		if (ctx)
> -			return ctx;
> -	}
> -}
> -
> -static int sha256_mb_init(struct ahash_request *areq)
> -{
> -	struct sha256_hash_ctx *sctx = ahash_request_ctx(areq);
> -
> -	hash_ctx_init(sctx);
> -	sctx->job.result_digest[0] = SHA256_H0;
> -	sctx->job.result_digest[1] = SHA256_H1;
> -	sctx->job.result_digest[2] = SHA256_H2;
> -	sctx->job.result_digest[3] = SHA256_H3;
> -	sctx->job.result_digest[4] = SHA256_H4;
> -	sctx->job.result_digest[5] = SHA256_H5;
> -	sctx->job.result_digest[6] = SHA256_H6;
> -	sctx->job.result_digest[7] = SHA256_H7;
> -	sctx->total_length = 0;
> -	sctx->partial_block_buffer_length = 0;
> -	sctx->status = HASH_CTX_STS_IDLE;
> -
> -	return 0;
> -}
> -
> -static int sha256_mb_set_results(struct mcryptd_hash_request_ctx *rctx)
> -{
> -	int	i;
> -	struct	sha256_hash_ctx *sctx = ahash_request_ctx(&rctx->areq);
> -	__be32	*dst = (__be32 *) rctx->out;
> -
> -	for (i = 0; i < 8; ++i)
> -		dst[i] = cpu_to_be32(sctx->job.result_digest[i]);
> -
> -	return 0;
> -}
> -
> -static int sha_finish_walk(struct mcryptd_hash_request_ctx **ret_rctx,
> -			struct mcryptd_alg_cstate *cstate, bool flush)
> -{
> -	int	flag = HASH_UPDATE;
> -	int	nbytes, err = 0;
> -	struct mcryptd_hash_request_ctx *rctx = *ret_rctx;
> -	struct sha256_hash_ctx *sha_ctx;
> -
> -	/* more work ? */
> -	while (!(rctx->flag & HASH_DONE)) {
> -		nbytes = crypto_ahash_walk_done(&rctx->walk, 0);
> -		if (nbytes < 0) {
> -			err = nbytes;
> -			goto out;
> -		}
> -		/* check if the walk is done */
> -		if (crypto_ahash_walk_last(&rctx->walk)) {
> -			rctx->flag |= HASH_DONE;
> -			if (rctx->flag & HASH_FINAL)
> -				flag |= HASH_LAST;
> -
> -		}
> -		sha_ctx = (struct sha256_hash_ctx *)
> -						ahash_request_ctx(&rctx->areq);
> -		kernel_fpu_begin();
> -		sha_ctx = sha256_ctx_mgr_submit(cstate->mgr, sha_ctx,
> -						rctx->walk.data, nbytes, flag);
> -		if (!sha_ctx) {
> -			if (flush)
> -				sha_ctx = sha256_ctx_mgr_flush(cstate->mgr);
> -		}
> -		kernel_fpu_end();
> -		if (sha_ctx)
> -			rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		else {
> -			rctx = NULL;
> -			goto out;
> -		}
> -	}
> -
> -	/* copy the results */
> -	if (rctx->flag & HASH_FINAL)
> -		sha256_mb_set_results(rctx);
> -
> -out:
> -	*ret_rctx = rctx;
> -	return err;
> -}
> -
> -static int sha_complete_job(struct mcryptd_hash_request_ctx *rctx,
> -			    struct mcryptd_alg_cstate *cstate,
> -			    int err)
> -{
> -	struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
> -	struct sha256_hash_ctx *sha_ctx;
> -	struct mcryptd_hash_request_ctx *req_ctx;
> -	int ret;
> -
> -	/* remove from work list */
> -	spin_lock(&cstate->work_lock);
> -	list_del(&rctx->waiter);
> -	spin_unlock(&cstate->work_lock);
> -
> -	if (irqs_disabled())
> -		rctx->complete(&req->base, err);
> -	else {
> -		local_bh_disable();
> -		rctx->complete(&req->base, err);
> -		local_bh_enable();
> -	}
> -
> -	/* check to see if there are other jobs that are done */
> -	sha_ctx = sha256_ctx_mgr_get_comp_ctx(cstate->mgr);
> -	while (sha_ctx) {
> -		req_ctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		ret = sha_finish_walk(&req_ctx, cstate, false);
> -		if (req_ctx) {
> -			spin_lock(&cstate->work_lock);
> -			list_del(&req_ctx->waiter);
> -			spin_unlock(&cstate->work_lock);
> -
> -			req = cast_mcryptd_ctx_to_req(req_ctx);
> -			if (irqs_disabled())
> -				req_ctx->complete(&req->base, ret);
> -			else {
> -				local_bh_disable();
> -				req_ctx->complete(&req->base, ret);
> -				local_bh_enable();
> -			}
> -		}
> -		sha_ctx = sha256_ctx_mgr_get_comp_ctx(cstate->mgr);
> -	}
> -
> -	return 0;
> -}
> -
> -static void sha256_mb_add_list(struct mcryptd_hash_request_ctx *rctx,
> -			     struct mcryptd_alg_cstate *cstate)
> -{
> -	unsigned long next_flush;
> -	unsigned long delay = usecs_to_jiffies(FLUSH_INTERVAL);
> -
> -	/* initialize tag */
> -	rctx->tag.arrival = jiffies;    /* tag the arrival time */
> -	rctx->tag.seq_num = cstate->next_seq_num++;
> -	next_flush = rctx->tag.arrival + delay;
> -	rctx->tag.expire = next_flush;
> -
> -	spin_lock(&cstate->work_lock);
> -	list_add_tail(&rctx->waiter, &cstate->work_list);
> -	spin_unlock(&cstate->work_lock);
> -
> -	mcryptd_arm_flusher(cstate, delay);
> -}
> -
> -static int sha256_mb_update(struct ahash_request *areq)
> -{
> -	struct mcryptd_hash_request_ctx *rctx =
> -		container_of(areq, struct mcryptd_hash_request_ctx, areq);
> -	struct mcryptd_alg_cstate *cstate =
> -				this_cpu_ptr(sha256_mb_alg_state.alg_cstate);
> -
> -	struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
> -	struct sha256_hash_ctx *sha_ctx;
> -	int ret = 0, nbytes;
> -
> -	/* sanity check */
> -	if (rctx->tag.cpu != smp_processor_id()) {
> -		pr_err("mcryptd error: cpu clash\n");
> -		goto done;
> -	}
> -
> -	/* need to init context */
> -	req_ctx_init(rctx, areq);
> -
> -	nbytes = crypto_ahash_walk_first(req, &rctx->walk);
> -
> -	if (nbytes < 0) {
> -		ret = nbytes;
> -		goto done;
> -	}
> -
> -	if (crypto_ahash_walk_last(&rctx->walk))
> -		rctx->flag |= HASH_DONE;
> -
> -	/* submit */
> -	sha_ctx = (struct sha256_hash_ctx *) ahash_request_ctx(areq);
> -	sha256_mb_add_list(rctx, cstate);
> -	kernel_fpu_begin();
> -	sha_ctx = sha256_ctx_mgr_submit(cstate->mgr, sha_ctx, rctx->walk.data,
> -							nbytes, HASH_UPDATE);
> -	kernel_fpu_end();
> -
> -	/* check if anything is returned */
> -	if (!sha_ctx)
> -		return -EINPROGRESS;
> -
> -	if (sha_ctx->error) {
> -		ret = sha_ctx->error;
> -		rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		goto done;
> -	}
> -
> -	rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -	ret = sha_finish_walk(&rctx, cstate, false);
> -
> -	if (!rctx)
> -		return -EINPROGRESS;
> -done:
> -	sha_complete_job(rctx, cstate, ret);
> -	return ret;
> -}
> -
> -static int sha256_mb_finup(struct ahash_request *areq)
> -{
> -	struct mcryptd_hash_request_ctx *rctx =
> -		container_of(areq, struct mcryptd_hash_request_ctx, areq);
> -	struct mcryptd_alg_cstate *cstate =
> -				this_cpu_ptr(sha256_mb_alg_state.alg_cstate);
> -
> -	struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
> -	struct sha256_hash_ctx *sha_ctx;
> -	int ret = 0, flag = HASH_UPDATE, nbytes;
> -
> -	/* sanity check */
> -	if (rctx->tag.cpu != smp_processor_id()) {
> -		pr_err("mcryptd error: cpu clash\n");
> -		goto done;
> -	}
> -
> -	/* need to init context */
> -	req_ctx_init(rctx, areq);
> -
> -	nbytes = crypto_ahash_walk_first(req, &rctx->walk);
> -
> -	if (nbytes < 0) {
> -		ret = nbytes;
> -		goto done;
> -	}
> -
> -	if (crypto_ahash_walk_last(&rctx->walk)) {
> -		rctx->flag |= HASH_DONE;
> -		flag = HASH_LAST;
> -	}
> -
> -	/* submit */
> -	rctx->flag |= HASH_FINAL;
> -	sha_ctx = (struct sha256_hash_ctx *) ahash_request_ctx(areq);
> -	sha256_mb_add_list(rctx, cstate);
> -
> -	kernel_fpu_begin();
> -	sha_ctx = sha256_ctx_mgr_submit(cstate->mgr, sha_ctx, rctx->walk.data,
> -								nbytes, flag);
> -	kernel_fpu_end();
> -
> -	/* check if anything is returned */
> -	if (!sha_ctx)
> -		return -EINPROGRESS;
> -
> -	if (sha_ctx->error) {
> -		ret = sha_ctx->error;
> -		goto done;
> -	}
> -
> -	rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -	ret = sha_finish_walk(&rctx, cstate, false);
> -	if (!rctx)
> -		return -EINPROGRESS;
> -done:
> -	sha_complete_job(rctx, cstate, ret);
> -	return ret;
> -}
> -
> -static int sha256_mb_final(struct ahash_request *areq)
> -{
> -	struct mcryptd_hash_request_ctx *rctx =
> -			container_of(areq, struct mcryptd_hash_request_ctx,
> -			areq);
> -	struct mcryptd_alg_cstate *cstate =
> -				this_cpu_ptr(sha256_mb_alg_state.alg_cstate);
> -
> -	struct sha256_hash_ctx *sha_ctx;
> -	int ret = 0;
> -	u8 data;
> -
> -	/* sanity check */
> -	if (rctx->tag.cpu != smp_processor_id()) {
> -		pr_err("mcryptd error: cpu clash\n");
> -		goto done;
> -	}
> -
> -	/* need to init context */
> -	req_ctx_init(rctx, areq);
> -
> -	rctx->flag |= HASH_DONE | HASH_FINAL;
> -
> -	sha_ctx = (struct sha256_hash_ctx *) ahash_request_ctx(areq);
> -	/* flag HASH_FINAL and 0 data size */
> -	sha256_mb_add_list(rctx, cstate);
> -	kernel_fpu_begin();
> -	sha_ctx = sha256_ctx_mgr_submit(cstate->mgr, sha_ctx, &data, 0,
> -								HASH_LAST);
> -	kernel_fpu_end();
> -
> -	/* check if anything is returned */
> -	if (!sha_ctx)
> -		return -EINPROGRESS;
> -
> -	if (sha_ctx->error) {
> -		ret = sha_ctx->error;
> -		rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		goto done;
> -	}
> -
> -	rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -	ret = sha_finish_walk(&rctx, cstate, false);
> -	if (!rctx)
> -		return -EINPROGRESS;
> -done:
> -	sha_complete_job(rctx, cstate, ret);
> -	return ret;
> -}
> -
> -static int sha256_mb_export(struct ahash_request *areq, void *out)
> -{
> -	struct sha256_hash_ctx *sctx = ahash_request_ctx(areq);
> -
> -	memcpy(out, sctx, sizeof(*sctx));
> -
> -	return 0;
> -}
> -
> -static int sha256_mb_import(struct ahash_request *areq, const void *in)
> -{
> -	struct sha256_hash_ctx *sctx = ahash_request_ctx(areq);
> -
> -	memcpy(sctx, in, sizeof(*sctx));
> -
> -	return 0;
> -}
> -
> -static int sha256_mb_async_init_tfm(struct crypto_tfm *tfm)
> -{
> -	struct mcryptd_ahash *mcryptd_tfm;
> -	struct sha256_mb_ctx *ctx = crypto_tfm_ctx(tfm);
> -	struct mcryptd_hash_ctx *mctx;
> -
> -	mcryptd_tfm = mcryptd_alloc_ahash("__intel_sha256-mb",
> -						CRYPTO_ALG_INTERNAL,
> -						CRYPTO_ALG_INTERNAL);
> -	if (IS_ERR(mcryptd_tfm))
> -		return PTR_ERR(mcryptd_tfm);
> -	mctx = crypto_ahash_ctx(&mcryptd_tfm->base);
> -	mctx->alg_state = &sha256_mb_alg_state;
> -	ctx->mcryptd_tfm = mcryptd_tfm;
> -	crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
> -				sizeof(struct ahash_request) +
> -				crypto_ahash_reqsize(&mcryptd_tfm->base));
> -
> -	return 0;
> -}
> -
> -static void sha256_mb_async_exit_tfm(struct crypto_tfm *tfm)
> -{
> -	struct sha256_mb_ctx *ctx = crypto_tfm_ctx(tfm);
> -
> -	mcryptd_free_ahash(ctx->mcryptd_tfm);
> -}
> -
> -static int sha256_mb_areq_init_tfm(struct crypto_tfm *tfm)
> -{
> -	crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
> -				sizeof(struct ahash_request) +
> -				sizeof(struct sha256_hash_ctx));
> -
> -	return 0;
> -}
> -
> -static void sha256_mb_areq_exit_tfm(struct crypto_tfm *tfm)
> -{
> -	struct sha256_mb_ctx *ctx = crypto_tfm_ctx(tfm);
> -
> -	mcryptd_free_ahash(ctx->mcryptd_tfm);
> -}
> -
> -static struct ahash_alg sha256_mb_areq_alg = {
> -	.init		=	sha256_mb_init,
> -	.update		=	sha256_mb_update,
> -	.final		=	sha256_mb_final,
> -	.finup		=	sha256_mb_finup,
> -	.export		=	sha256_mb_export,
> -	.import		=	sha256_mb_import,
> -	.halg		=	{
> -	.digestsize	=	SHA256_DIGEST_SIZE,
> -	.statesize	=	sizeof(struct sha256_hash_ctx),
> -		.base		=	{
> -			.cra_name	 = "__sha256-mb",
> -			.cra_driver_name = "__intel_sha256-mb",
> -			.cra_priority	 = 100,
> -			/*
> -			 * use ASYNC flag as some buffers in multi-buffer
> -			 * algo may not have completed before hashing thread
> -			 * sleep
> -			 */
> -			.cra_flags	= CRYPTO_ALG_ASYNC |
> -					  CRYPTO_ALG_INTERNAL,
> -			.cra_blocksize	= SHA256_BLOCK_SIZE,
> -			.cra_module	= THIS_MODULE,
> -			.cra_list	= LIST_HEAD_INIT
> -					(sha256_mb_areq_alg.halg.base.cra_list),
> -			.cra_init	= sha256_mb_areq_init_tfm,
> -			.cra_exit	= sha256_mb_areq_exit_tfm,
> -			.cra_ctxsize	= sizeof(struct sha256_hash_ctx),
> -		}
> -	}
> -};
> -
> -static int sha256_mb_async_init(struct ahash_request *req)
> -{
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_init(mcryptd_req);
> -}
> -
> -static int sha256_mb_async_update(struct ahash_request *req)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_update(mcryptd_req);
> -}
> -
> -static int sha256_mb_async_finup(struct ahash_request *req)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_finup(mcryptd_req);
> -}
> -
> -static int sha256_mb_async_final(struct ahash_request *req)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_final(mcryptd_req);
> -}
> -
> -static int sha256_mb_async_digest(struct ahash_request *req)
> -{
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_digest(mcryptd_req);
> -}
> -
> -static int sha256_mb_async_export(struct ahash_request *req, void *out)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_export(mcryptd_req, out);
> -}
> -
> -static int sha256_mb_async_import(struct ahash_request *req, const void *in)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha256_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -	struct crypto_ahash *child = mcryptd_ahash_child(mcryptd_tfm);
> -	struct mcryptd_hash_request_ctx *rctx;
> -	struct ahash_request *areq;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	rctx = ahash_request_ctx(mcryptd_req);
> -	areq = &rctx->areq;
> -
> -	ahash_request_set_tfm(areq, child);
> -	ahash_request_set_callback(areq, CRYPTO_TFM_REQ_MAY_SLEEP,
> -					rctx->complete, req);
> -
> -	return crypto_ahash_import(mcryptd_req, in);
> -}
> -
> -static struct ahash_alg sha256_mb_async_alg = {
> -	.init           = sha256_mb_async_init,
> -	.update         = sha256_mb_async_update,
> -	.final          = sha256_mb_async_final,
> -	.finup          = sha256_mb_async_finup,
> -	.export         = sha256_mb_async_export,
> -	.import         = sha256_mb_async_import,
> -	.digest         = sha256_mb_async_digest,
> -	.halg = {
> -		.digestsize     = SHA256_DIGEST_SIZE,
> -		.statesize      = sizeof(struct sha256_hash_ctx),
> -		.base = {
> -			.cra_name               = "sha256",
> -			.cra_driver_name        = "sha256_mb",
> -			/*
> -			 * Low priority, since with few concurrent hash requests
> -			 * this is extremely slow due to the flush delay.  Users
> -			 * whose workloads would benefit from this can request
> -			 * it explicitly by driver name, or can increase its
> -			 * priority at runtime using NETLINK_CRYPTO.
> -			 */
> -			.cra_priority           = 50,
> -			.cra_flags              = CRYPTO_ALG_ASYNC,
> -			.cra_blocksize          = SHA256_BLOCK_SIZE,
> -			.cra_module             = THIS_MODULE,
> -			.cra_list               = LIST_HEAD_INIT
> -				(sha256_mb_async_alg.halg.base.cra_list),
> -			.cra_init               = sha256_mb_async_init_tfm,
> -			.cra_exit               = sha256_mb_async_exit_tfm,
> -			.cra_ctxsize		= sizeof(struct sha256_mb_ctx),
> -			.cra_alignmask		= 0,
> -		},
> -	},
> -};
> -
> -static unsigned long sha256_mb_flusher(struct mcryptd_alg_cstate *cstate)
> -{
> -	struct mcryptd_hash_request_ctx *rctx;
> -	unsigned long cur_time;
> -	unsigned long next_flush = 0;
> -	struct sha256_hash_ctx *sha_ctx;
> -
> -
> -	cur_time = jiffies;
> -
> -	while (!list_empty(&cstate->work_list)) {
> -		rctx = list_entry(cstate->work_list.next,
> -				struct mcryptd_hash_request_ctx, waiter);
> -		if (time_before(cur_time, rctx->tag.expire))
> -			break;
> -		kernel_fpu_begin();
> -		sha_ctx = (struct sha256_hash_ctx *)
> -					sha256_ctx_mgr_flush(cstate->mgr);
> -		kernel_fpu_end();
> -		if (!sha_ctx) {
> -			pr_err("sha256_mb error: nothing got"
> -					" flushed for non-empty list\n");
> -			break;
> -		}
> -		rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		sha_finish_walk(&rctx, cstate, true);
> -		sha_complete_job(rctx, cstate, 0);
> -	}
> -
> -	if (!list_empty(&cstate->work_list)) {
> -		rctx = list_entry(cstate->work_list.next,
> -				struct mcryptd_hash_request_ctx, waiter);
> -		/* get the hash context and then flush time */
> -		next_flush = rctx->tag.expire;
> -		mcryptd_arm_flusher(cstate, get_delay(next_flush));
> -	}
> -	return next_flush;
> -}
> -
> -static int __init sha256_mb_mod_init(void)
> -{
> -
> -	int cpu;
> -	int err;
> -	struct mcryptd_alg_cstate *cpu_state;
> -
> -	/* check for dependent cpu features */
> -	if (!boot_cpu_has(X86_FEATURE_AVX2) ||
> -	    !boot_cpu_has(X86_FEATURE_BMI2))
> -		return -ENODEV;
> -
> -	/* initialize multibuffer structures */
> -	sha256_mb_alg_state.alg_cstate = alloc_percpu
> -						(struct mcryptd_alg_cstate);
> -
> -	sha256_job_mgr_init = sha256_mb_mgr_init_avx2;
> -	sha256_job_mgr_submit = sha256_mb_mgr_submit_avx2;
> -	sha256_job_mgr_flush = sha256_mb_mgr_flush_avx2;
> -	sha256_job_mgr_get_comp_job = sha256_mb_mgr_get_comp_job_avx2;
> -
> -	if (!sha256_mb_alg_state.alg_cstate)
> -		return -ENOMEM;
> -	for_each_possible_cpu(cpu) {
> -		cpu_state = per_cpu_ptr(sha256_mb_alg_state.alg_cstate, cpu);
> -		cpu_state->next_flush = 0;
> -		cpu_state->next_seq_num = 0;
> -		cpu_state->flusher_engaged = false;
> -		INIT_DELAYED_WORK(&cpu_state->flush, mcryptd_flusher);
> -		cpu_state->cpu = cpu;
> -		cpu_state->alg_state = &sha256_mb_alg_state;
> -		cpu_state->mgr = kzalloc(sizeof(struct sha256_ctx_mgr),
> -					GFP_KERNEL);
> -		if (!cpu_state->mgr)
> -			goto err2;
> -		sha256_ctx_mgr_init(cpu_state->mgr);
> -		INIT_LIST_HEAD(&cpu_state->work_list);
> -		spin_lock_init(&cpu_state->work_lock);
> -	}
> -	sha256_mb_alg_state.flusher = &sha256_mb_flusher;
> -
> -	err = crypto_register_ahash(&sha256_mb_areq_alg);
> -	if (err)
> -		goto err2;
> -	err = crypto_register_ahash(&sha256_mb_async_alg);
> -	if (err)
> -		goto err1;
> -
> -
> -	return 0;
> -err1:
> -	crypto_unregister_ahash(&sha256_mb_areq_alg);
> -err2:
> -	for_each_possible_cpu(cpu) {
> -		cpu_state = per_cpu_ptr(sha256_mb_alg_state.alg_cstate, cpu);
> -		kfree(cpu_state->mgr);
> -	}
> -	free_percpu(sha256_mb_alg_state.alg_cstate);
> -	return -ENODEV;
> -}
> -
> -static void __exit sha256_mb_mod_fini(void)
> -{
> -	int cpu;
> -	struct mcryptd_alg_cstate *cpu_state;
> -
> -	crypto_unregister_ahash(&sha256_mb_async_alg);
> -	crypto_unregister_ahash(&sha256_mb_areq_alg);
> -	for_each_possible_cpu(cpu) {
> -		cpu_state = per_cpu_ptr(sha256_mb_alg_state.alg_cstate, cpu);
> -		kfree(cpu_state->mgr);
> -	}
> -	free_percpu(sha256_mb_alg_state.alg_cstate);
> -}
> -
> -module_init(sha256_mb_mod_init);
> -module_exit(sha256_mb_mod_fini);
> -
> -MODULE_LICENSE("GPL");
> -MODULE_DESCRIPTION("SHA256 Secure Hash Algorithm, multi buffer accelerated");
> -
> -MODULE_ALIAS_CRYPTO("sha256");
> diff --git a/arch/x86/crypto/sha256-mb/sha256_mb_ctx.h b/arch/x86/crypto/sha256-mb/sha256_mb_ctx.h
> deleted file mode 100644
> index 7c432543dc7f..000000000000
> --- a/arch/x86/crypto/sha256-mb/sha256_mb_ctx.h
> +++ /dev/null
> @@ -1,134 +0,0 @@
> -/*
> - * Header file for multi buffer SHA256 context
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *	Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#ifndef _SHA_MB_CTX_INTERNAL_H
> -#define _SHA_MB_CTX_INTERNAL_H
> -
> -#include "sha256_mb_mgr.h"
> -
> -#define HASH_UPDATE          0x00
> -#define HASH_LAST            0x01
> -#define HASH_DONE	     0x02
> -#define HASH_FINAL	     0x04
> -
> -#define HASH_CTX_STS_IDLE       0x00
> -#define HASH_CTX_STS_PROCESSING 0x01
> -#define HASH_CTX_STS_LAST       0x02
> -#define HASH_CTX_STS_COMPLETE   0x04
> -
> -enum hash_ctx_error {
> -	HASH_CTX_ERROR_NONE               =  0,
> -	HASH_CTX_ERROR_INVALID_FLAGS      = -1,
> -	HASH_CTX_ERROR_ALREADY_PROCESSING = -2,
> -	HASH_CTX_ERROR_ALREADY_COMPLETED  = -3,
> -
> -#ifdef HASH_CTX_DEBUG
> -	HASH_CTX_ERROR_DEBUG_DIGEST_MISMATCH = -4,
> -#endif
> -};
> -
> -
> -#define hash_ctx_user_data(ctx)  ((ctx)->user_data)
> -#define hash_ctx_digest(ctx)     ((ctx)->job.result_digest)
> -#define hash_ctx_processing(ctx) ((ctx)->status & HASH_CTX_STS_PROCESSING)
> -#define hash_ctx_complete(ctx)   ((ctx)->status == HASH_CTX_STS_COMPLETE)
> -#define hash_ctx_status(ctx)     ((ctx)->status)
> -#define hash_ctx_error(ctx)      ((ctx)->error)
> -#define hash_ctx_init(ctx) \
> -	do { \
> -		(ctx)->error = HASH_CTX_ERROR_NONE; \
> -		(ctx)->status = HASH_CTX_STS_COMPLETE; \
> -	} while (0)
> -
> -
> -/* Hash Constants and Typedefs */
> -#define SHA256_DIGEST_LENGTH        8
> -#define SHA256_LOG2_BLOCK_SIZE        6
> -
> -#define SHA256_PADLENGTHFIELD_SIZE    8
> -
> -#ifdef SHA_MB_DEBUG
> -#define assert(expr) \
> -do { \
> -	if (unlikely(!(expr))) { \
> -		printk(KERN_ERR "Assertion failed! %s,%s,%s,line=%d\n", \
> -		#expr, __FILE__, __func__, __LINE__); \
> -	} \
> -} while (0)
> -#else
> -#define assert(expr) do {} while (0)
> -#endif
> -
> -struct sha256_ctx_mgr {
> -	struct sha256_mb_mgr mgr;
> -};
> -
> -/* typedef struct sha256_ctx_mgr sha256_ctx_mgr; */
> -
> -struct sha256_hash_ctx {
> -	/* Must be at struct offset 0 */
> -	struct job_sha256       job;
> -	/* status flag */
> -	int status;
> -	/* error flag */
> -	int error;
> -
> -	uint64_t	total_length;
> -	const void	*incoming_buffer;
> -	uint32_t	incoming_buffer_length;
> -	uint8_t		partial_block_buffer[SHA256_BLOCK_SIZE * 2];
> -	uint32_t	partial_block_buffer_length;
> -	void		*user_data;
> -};
> -
> -#endif
> diff --git a/arch/x86/crypto/sha256-mb/sha256_mb_mgr.h b/arch/x86/crypto/sha256-mb/sha256_mb_mgr.h
> deleted file mode 100644
> index b01ae408c56d..000000000000
> --- a/arch/x86/crypto/sha256-mb/sha256_mb_mgr.h
> +++ /dev/null
> @@ -1,108 +0,0 @@
> -/*
> - * Header file for multi buffer SHA256 algorithm manager
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *	Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -#ifndef __SHA_MB_MGR_H
> -#define __SHA_MB_MGR_H
> -
> -#include <linux/types.h>
> -
> -#define NUM_SHA256_DIGEST_WORDS 8
> -
> -enum job_sts {	STS_UNKNOWN = 0,
> -		STS_BEING_PROCESSED = 1,
> -		STS_COMPLETED = 2,
> -		STS_INTERNAL_ERROR = 3,
> -		STS_ERROR = 4
> -};
> -
> -struct job_sha256 {
> -	u8	*buffer;
> -	u32	len;
> -	u32	result_digest[NUM_SHA256_DIGEST_WORDS] __aligned(32);
> -	enum	job_sts status;
> -	void	*user_data;
> -};
> -
> -/* SHA256 out-of-order scheduler */
> -
> -/* typedef uint32_t sha8_digest_array[8][8]; */
> -
> -struct sha256_args_x8 {
> -	uint32_t	digest[8][8];
> -	uint8_t		*data_ptr[8];
> -};
> -
> -struct sha256_lane_data {
> -	struct job_sha256 *job_in_lane;
> -};
> -
> -struct sha256_mb_mgr {
> -	struct sha256_args_x8 args;
> -
> -	uint32_t lens[8];
> -
> -	/* each byte is index (0...7) of unused lanes */
> -	uint64_t unused_lanes;
> -	/* byte 4 is set to FF as a flag */
> -	struct sha256_lane_data ldata[8];
> -};
> -
> -
> -#define SHA256_MB_MGR_NUM_LANES_AVX2 8
> -
> -void sha256_mb_mgr_init_avx2(struct sha256_mb_mgr *state);
> -struct job_sha256 *sha256_mb_mgr_submit_avx2(struct sha256_mb_mgr *state,
> -					 struct job_sha256 *job);
> -struct job_sha256 *sha256_mb_mgr_flush_avx2(struct sha256_mb_mgr *state);
> -struct job_sha256 *sha256_mb_mgr_get_comp_job_avx2(struct sha256_mb_mgr *state);
> -
> -#endif
> diff --git a/arch/x86/crypto/sha256-mb/sha256_mb_mgr_datastruct.S b/arch/x86/crypto/sha256-mb/sha256_mb_mgr_datastruct.S
> deleted file mode 100644
> index 5c377bac21d0..000000000000
> --- a/arch/x86/crypto/sha256-mb/sha256_mb_mgr_datastruct.S
> +++ /dev/null
> @@ -1,304 +0,0 @@
> -/*
> - * Header file for multi buffer SHA256 algorithm data structure
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * This program is free software; you can redistribute it and/or modify
> - * it under the terms of version 2 of the GNU General Public License as
> - * published by the Free Software Foundation.
> - *
> - * This program is distributed in the hope that it will be useful, but
> - * WITHOUT ANY WARRANTY; without even the implied warranty of
> - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - * General Public License for more details.
> - *
> - * Contact Information:
> - *     Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - * BSD LICENSE
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * Redistribution and use in source and binary forms, with or without
> - * modification, are permitted provided that the following conditions
> - * are met:
> - *
> - *   * Redistributions of source code must retain the above copyright
> - *     notice, this list of conditions and the following disclaimer.
> - *   * Redistributions in binary form must reproduce the above copyright
> - *     notice, this list of conditions and the following disclaimer in
> - *     the documentation and/or other materials provided with the
> - *     distribution.
> - *   * Neither the name of Intel Corporation nor the names of its
> - *     contributors may be used to endorse or promote products derived
> - *     from this software without specific prior written permission.
> - *
> - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -# Macros for defining data structures
> -
> -# Usage example
> -
> -#START_FIELDS	# JOB_AES
> -###	name		size	align
> -#FIELD	_plaintext,	8,	8	# pointer to plaintext
> -#FIELD	_ciphertext,	8,	8	# pointer to ciphertext
> -#FIELD	_IV,		16,	8	# IV
> -#FIELD	_keys,		8,	8	# pointer to keys
> -#FIELD	_len,		4,	4	# length in bytes
> -#FIELD	_status,	4,	4	# status enumeration
> -#FIELD	_user_data,	8,	8	# pointer to user data
> -#UNION  _union,         size1,  align1, \
> -#	                size2,  align2, \
> -#	                size3,  align3, \
> -#	                ...
> -#END_FIELDS
> -#%assign _JOB_AES_size	_FIELD_OFFSET
> -#%assign _JOB_AES_align	_STRUCT_ALIGN
> -
> -#########################################################################
> -
> -# Alternate "struc-like" syntax:
> -#	STRUCT job_aes2
> -#	RES_Q	.plaintext,	1
> -#	RES_Q	.ciphertext, 	1
> -#	RES_DQ	.IV,		1
> -#	RES_B	.nested,	_JOB_AES_SIZE, _JOB_AES_ALIGN
> -#	RES_U	.union,		size1, align1, \
> -#				size2, align2, \
> -#				...
> -#	ENDSTRUCT
> -#	# Following only needed if nesting
> -#	%assign job_aes2_size	_FIELD_OFFSET
> -#	%assign job_aes2_align	_STRUCT_ALIGN
> -#
> -# RES_* macros take a name, a count and an optional alignment.
> -# The count in in terms of the base size of the macro, and the
> -# default alignment is the base size.
> -# The macros are:
> -# Macro    Base size
> -# RES_B	    1
> -# RES_W	    2
> -# RES_D     4
> -# RES_Q     8
> -# RES_DQ   16
> -# RES_Y    32
> -# RES_Z    64
> -#
> -# RES_U defines a union. It's arguments are a name and two or more
> -# pairs of "size, alignment"
> -#
> -# The two assigns are only needed if this structure is being nested
> -# within another. Even if the assigns are not done, one can still use
> -# STRUCT_NAME_size as the size of the structure.
> -#
> -# Note that for nesting, you still need to assign to STRUCT_NAME_size.
> -#
> -# The differences between this and using "struc" directly are that each
> -# type is implicitly aligned to its natural length (although this can be
> -# over-ridden with an explicit third parameter), and that the structure
> -# is padded at the end to its overall alignment.
> -#
> -
> -#########################################################################
> -
> -#ifndef _DATASTRUCT_ASM_
> -#define _DATASTRUCT_ASM_
> -
> -#define SZ8			8*SHA256_DIGEST_WORD_SIZE
> -#define ROUNDS			64*SZ8
> -#define PTR_SZ                  8
> -#define SHA256_DIGEST_WORD_SIZE 4
> -#define MAX_SHA256_LANES        8
> -#define SHA256_DIGEST_WORDS 8
> -#define SHA256_DIGEST_ROW_SIZE  (MAX_SHA256_LANES * SHA256_DIGEST_WORD_SIZE)
> -#define SHA256_DIGEST_SIZE      (SHA256_DIGEST_ROW_SIZE * SHA256_DIGEST_WORDS)
> -#define SHA256_BLK_SZ           64
> -
> -# START_FIELDS
> -.macro START_FIELDS
> - _FIELD_OFFSET = 0
> - _STRUCT_ALIGN = 0
> -.endm
> -
> -# FIELD name size align
> -.macro FIELD name size align
> - _FIELD_OFFSET = (_FIELD_OFFSET + (\align) - 1) & (~ ((\align)-1))
> - \name	= _FIELD_OFFSET
> - _FIELD_OFFSET = _FIELD_OFFSET + (\size)
> -.if (\align > _STRUCT_ALIGN)
> - _STRUCT_ALIGN = \align
> -.endif
> -.endm
> -
> -# END_FIELDS
> -.macro END_FIELDS
> - _FIELD_OFFSET = (_FIELD_OFFSET + _STRUCT_ALIGN-1) & (~ (_STRUCT_ALIGN-1))
> -.endm
> -
> -########################################################################
> -
> -.macro STRUCT p1
> -START_FIELDS
> -.struc \p1
> -.endm
> -
> -.macro ENDSTRUCT
> - tmp = _FIELD_OFFSET
> - END_FIELDS
> - tmp = (_FIELD_OFFSET - %%tmp)
> -.if (tmp > 0)
> -	.lcomm	tmp
> -.endif
> -.endstruc
> -.endm
> -
> -## RES_int name size align
> -.macro RES_int p1 p2 p3
> - name = \p1
> - size = \p2
> - align = .\p3
> -
> - _FIELD_OFFSET = (_FIELD_OFFSET + (align) - 1) & (~ ((align)-1))
> -.align align
> -.lcomm name size
> - _FIELD_OFFSET = _FIELD_OFFSET + (size)
> -.if (align > _STRUCT_ALIGN)
> - _STRUCT_ALIGN = align
> -.endif
> -.endm
> -
> -# macro RES_B name, size [, align]
> -.macro RES_B _name, _size, _align=1
> -RES_int _name _size _align
> -.endm
> -
> -# macro RES_W name, size [, align]
> -.macro RES_W _name, _size, _align=2
> -RES_int _name 2*(_size) _align
> -.endm
> -
> -# macro RES_D name, size [, align]
> -.macro RES_D _name, _size, _align=4
> -RES_int _name 4*(_size) _align
> -.endm
> -
> -# macro RES_Q name, size [, align]
> -.macro RES_Q _name, _size, _align=8
> -RES_int _name 8*(_size) _align
> -.endm
> -
> -# macro RES_DQ name, size [, align]
> -.macro RES_DQ _name, _size, _align=16
> -RES_int _name 16*(_size) _align
> -.endm
> -
> -# macro RES_Y name, size [, align]
> -.macro RES_Y _name, _size, _align=32
> -RES_int _name 32*(_size) _align
> -.endm
> -
> -# macro RES_Z name, size [, align]
> -.macro RES_Z _name, _size, _align=64
> -RES_int _name 64*(_size) _align
> -.endm
> -
> -#endif
> -
> -
> -########################################################################
> -#### Define SHA256 Out Of Order Data Structures
> -########################################################################
> -
> -START_FIELDS    # LANE_DATA
> -###     name            size    align
> -FIELD   _job_in_lane,   8,      8       # pointer to job object
> -END_FIELDS
> -
> - _LANE_DATA_size = _FIELD_OFFSET
> - _LANE_DATA_align = _STRUCT_ALIGN
> -
> -########################################################################
> -
> -START_FIELDS    # SHA256_ARGS_X4
> -###     name            size    align
> -FIELD   _digest,        4*8*8,  4       # transposed digest
> -FIELD   _data_ptr,      8*8,    8       # array of pointers to data
> -END_FIELDS
> -
> - _SHA256_ARGS_X4_size  =  _FIELD_OFFSET
> - _SHA256_ARGS_X4_align = _STRUCT_ALIGN
> - _SHA256_ARGS_X8_size  =	_FIELD_OFFSET
> - _SHA256_ARGS_X8_align =	_STRUCT_ALIGN
> -
> -#######################################################################
> -
> -START_FIELDS    # MB_MGR
> -###     name            size    align
> -FIELD   _args,          _SHA256_ARGS_X4_size, _SHA256_ARGS_X4_align
> -FIELD   _lens,          4*8,    8
> -FIELD   _unused_lanes,  8,      8
> -FIELD   _ldata,         _LANE_DATA_size*8, _LANE_DATA_align
> -END_FIELDS
> -
> - _MB_MGR_size  =  _FIELD_OFFSET
> - _MB_MGR_align =  _STRUCT_ALIGN
> -
> -_args_digest   =     _args + _digest
> -_args_data_ptr =     _args + _data_ptr
> -
> -#######################################################################
> -
> -START_FIELDS    #STACK_FRAME
> -###     name            size    align
> -FIELD   _data,		16*SZ8,   1       # transposed digest
> -FIELD   _digest,         8*SZ8,   1       # array of pointers to data
> -FIELD   _ytmp,           4*SZ8,   1
> -FIELD   _rsp,            8,       1
> -END_FIELDS
> -
> - _STACK_FRAME_size  =  _FIELD_OFFSET
> - _STACK_FRAME_align =  _STRUCT_ALIGN
> -
> -#######################################################################
> -
> -########################################################################
> -#### Define constants
> -########################################################################
> -
> -#define STS_UNKNOWN             0
> -#define STS_BEING_PROCESSED     1
> -#define STS_COMPLETED           2
> -
> -########################################################################
> -#### Define JOB_SHA256 structure
> -########################################################################
> -
> -START_FIELDS    # JOB_SHA256
> -
> -###     name                            size    align
> -FIELD   _buffer,                        8,      8       # pointer to buffer
> -FIELD   _len,                           8,      8       # length in bytes
> -FIELD   _result_digest,                 8*4,    32      # Digest (output)
> -FIELD   _status,                        4,      4
> -FIELD   _user_data,                     8,      8
> -END_FIELDS
> -
> - _JOB_SHA256_size = _FIELD_OFFSET
> - _JOB_SHA256_align = _STRUCT_ALIGN
> diff --git a/arch/x86/crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S b/arch/x86/crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S
> deleted file mode 100644
> index d2364c55bbde..000000000000
> --- a/arch/x86/crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S
> +++ /dev/null
> @@ -1,307 +0,0 @@
> -/*
> - * Flush routine for SHA256 multibuffer
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *      Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -#include <linux/linkage.h>
> -#include <asm/frame.h>
> -#include "sha256_mb_mgr_datastruct.S"
> -
> -.extern sha256_x8_avx2
> -
> -#LINUX register definitions
> -#define arg1	%rdi
> -#define arg2	%rsi
> -
> -# Common register definitions
> -#define state	arg1
> -#define job	arg2
> -#define len2	arg2
> -
> -# idx must be a register not clobberred by sha1_mult
> -#define idx		%r8
> -#define DWORD_idx	%r8d
> -
> -#define unused_lanes	%rbx
> -#define lane_data	%rbx
> -#define tmp2		%rbx
> -#define tmp2_w		%ebx
> -
> -#define job_rax		%rax
> -#define tmp1		%rax
> -#define size_offset	%rax
> -#define tmp		%rax
> -#define start_offset	%rax
> -
> -#define tmp3		%arg1
> -
> -#define extra_blocks	%arg2
> -#define p		%arg2
> -
> -.macro LABEL prefix n
> -\prefix\n\():
> -.endm
> -
> -.macro JNE_SKIP i
> -jne     skip_\i
> -.endm
> -
> -.altmacro
> -.macro SET_OFFSET _offset
> -offset = \_offset
> -.endm
> -.noaltmacro
> -
> -# JOB_SHA256* sha256_mb_mgr_flush_avx2(MB_MGR *state)
> -# arg 1 : rcx : state
> -ENTRY(sha256_mb_mgr_flush_avx2)
> -	FRAME_BEGIN
> -        push    %rbx
> -
> -	# If bit (32+3) is set, then all lanes are empty
> -	mov	_unused_lanes(state), unused_lanes
> -	bt	$32+3, unused_lanes
> -	jc	return_null
> -
> -	# find a lane with a non-null job
> -	xor	idx, idx
> -	offset = (_ldata + 1 * _LANE_DATA_size + _job_in_lane)
> -	cmpq	$0, offset(state)
> -	cmovne	one(%rip), idx
> -	offset = (_ldata + 2 * _LANE_DATA_size + _job_in_lane)
> -	cmpq	$0, offset(state)
> -	cmovne	two(%rip), idx
> -	offset = (_ldata + 3 * _LANE_DATA_size + _job_in_lane)
> -	cmpq	$0, offset(state)
> -	cmovne	three(%rip), idx
> -	offset = (_ldata + 4 * _LANE_DATA_size + _job_in_lane)
> -	cmpq	$0, offset(state)
> -	cmovne	four(%rip), idx
> -	offset = (_ldata + 5 * _LANE_DATA_size + _job_in_lane)
> -	cmpq	$0, offset(state)
> -	cmovne	five(%rip), idx
> -	offset = (_ldata + 6 * _LANE_DATA_size + _job_in_lane)
> -	cmpq	$0, offset(state)
> -	cmovne	six(%rip), idx
> -	offset = (_ldata + 7 * _LANE_DATA_size + _job_in_lane)
> -	cmpq	$0, offset(state)
> -	cmovne	seven(%rip), idx
> -
> -	# copy idx to empty lanes
> -copy_lane_data:
> -	offset =  (_args + _data_ptr)
> -	mov	offset(state,idx,8), tmp
> -
> -	I = 0
> -.rep 8
> -	offset = (_ldata + I * _LANE_DATA_size + _job_in_lane)
> -	cmpq	$0, offset(state)
> -.altmacro
> -	JNE_SKIP %I
> -	offset =  (_args + _data_ptr + 8*I)
> -	mov	tmp, offset(state)
> -	offset =  (_lens + 4*I)
> -	movl	$0xFFFFFFFF, offset(state)
> -LABEL skip_ %I
> -	I = (I+1)
> -.noaltmacro
> -.endr
> -
> -	# Find min length
> -	vmovdqu _lens+0*16(state), %xmm0
> -	vmovdqu _lens+1*16(state), %xmm1
> -
> -	vpminud %xmm1, %xmm0, %xmm2		# xmm2 has {D,C,B,A}
> -	vpalignr $8, %xmm2, %xmm3, %xmm3	# xmm3 has {x,x,D,C}
> -	vpminud %xmm3, %xmm2, %xmm2		# xmm2 has {x,x,E,F}
> -	vpalignr $4, %xmm2, %xmm3, %xmm3	# xmm3 has {x,x,x,E}
> -	vpminud %xmm3, %xmm2, %xmm2		# xmm2 has min val in low dword
> -
> -	vmovd	%xmm2, DWORD_idx
> -	mov	idx, len2
> -	and	$0xF, idx
> -	shr	$4, len2
> -	jz	len_is_0
> -
> -	vpand	clear_low_nibble(%rip), %xmm2, %xmm2
> -	vpshufd	$0, %xmm2, %xmm2
> -
> -	vpsubd	%xmm2, %xmm0, %xmm0
> -	vpsubd	%xmm2, %xmm1, %xmm1
> -
> -	vmovdqu	%xmm0, _lens+0*16(state)
> -	vmovdqu	%xmm1, _lens+1*16(state)
> -
> -	# "state" and "args" are the same address, arg1
> -	# len is arg2
> -	call	sha256_x8_avx2
> -	# state and idx are intact
> -
> -len_is_0:
> -	# process completed job "idx"
> -	imul	$_LANE_DATA_size, idx, lane_data
> -	lea	_ldata(state, lane_data), lane_data
> -
> -	mov	_job_in_lane(lane_data), job_rax
> -	movq	$0, _job_in_lane(lane_data)
> -	movl	$STS_COMPLETED, _status(job_rax)
> -	mov	_unused_lanes(state), unused_lanes
> -	shl	$4, unused_lanes
> -	or	idx, unused_lanes
> -
> -	mov	unused_lanes, _unused_lanes(state)
> -	movl	$0xFFFFFFFF, _lens(state,idx,4)
> -
> -	vmovd	_args_digest(state , idx, 4) , %xmm0
> -	vpinsrd	$1, _args_digest+1*32(state, idx, 4), %xmm0, %xmm0
> -	vpinsrd	$2, _args_digest+2*32(state, idx, 4), %xmm0, %xmm0
> -	vpinsrd	$3, _args_digest+3*32(state, idx, 4), %xmm0, %xmm0
> -	vmovd	_args_digest+4*32(state, idx, 4), %xmm1
> -	vpinsrd	$1, _args_digest+5*32(state, idx, 4), %xmm1, %xmm1
> -	vpinsrd	$2, _args_digest+6*32(state, idx, 4), %xmm1, %xmm1
> -	vpinsrd	$3, _args_digest+7*32(state, idx, 4), %xmm1, %xmm1
> -
> -	vmovdqu	%xmm0, _result_digest(job_rax)
> -	offset =  (_result_digest + 1*16)
> -	vmovdqu	%xmm1, offset(job_rax)
> -
> -return:
> -	pop     %rbx
> -	FRAME_END
> -	ret
> -
> -return_null:
> -	xor	job_rax, job_rax
> -	jmp	return
> -ENDPROC(sha256_mb_mgr_flush_avx2)
> -
> -##############################################################################
> -
> -.align 16
> -ENTRY(sha256_mb_mgr_get_comp_job_avx2)
> -	push	%rbx
> -
> -	## if bit 32+3 is set, then all lanes are empty
> -	mov	_unused_lanes(state), unused_lanes
> -	bt	$(32+3), unused_lanes
> -	jc	.return_null
> -
> -	# Find min length
> -	vmovdqu	_lens(state), %xmm0
> -	vmovdqu	_lens+1*16(state), %xmm1
> -
> -	vpminud	%xmm1, %xmm0, %xmm2		# xmm2 has {D,C,B,A}
> -	vpalignr $8, %xmm2, %xmm3, %xmm3	# xmm3 has {x,x,D,C}
> -	vpminud	%xmm3, %xmm2, %xmm2		# xmm2 has {x,x,E,F}
> -	vpalignr $4, %xmm2, %xmm3, %xmm3	# xmm3 has {x,x,x,E}
> -	vpminud	%xmm3, %xmm2, %xmm2		# xmm2 has min val in low dword
> -
> -	vmovd	%xmm2, DWORD_idx
> -	test	$~0xF, idx
> -	jnz	.return_null
> -
> -	# process completed job "idx"
> -	imul	$_LANE_DATA_size, idx, lane_data
> -	lea	_ldata(state, lane_data), lane_data
> -
> -	mov	_job_in_lane(lane_data), job_rax
> -	movq	$0,  _job_in_lane(lane_data)
> -	movl	$STS_COMPLETED, _status(job_rax)
> -	mov	_unused_lanes(state), unused_lanes
> -	shl	$4, unused_lanes
> -	or	idx, unused_lanes
> -	mov	unused_lanes, _unused_lanes(state)
> -
> -	movl	$0xFFFFFFFF, _lens(state,  idx, 4)
> -
> -	vmovd	_args_digest(state, idx, 4), %xmm0
> -	vpinsrd	$1, _args_digest+1*32(state, idx, 4), %xmm0, %xmm0
> -	vpinsrd	$2, _args_digest+2*32(state, idx, 4), %xmm0, %xmm0
> -	vpinsrd	$3, _args_digest+3*32(state, idx, 4), %xmm0, %xmm0
> -	vmovd	_args_digest+4*32(state, idx, 4), %xmm1
> -	vpinsrd	$1, _args_digest+5*32(state, idx, 4), %xmm1, %xmm1
> -	vpinsrd	$2, _args_digest+6*32(state, idx, 4), %xmm1, %xmm1
> -	vpinsrd	$3, _args_digest+7*32(state, idx, 4), %xmm1, %xmm1
> -
> -        vmovdqu %xmm0, _result_digest(job_rax)
> -        offset =  (_result_digest + 1*16)
> -        vmovdqu %xmm1, offset(job_rax)
> -
> -	pop	%rbx
> -
> -	ret
> -
> -.return_null:
> -	xor	job_rax, job_rax
> -	pop	%rbx
> -	ret
> -ENDPROC(sha256_mb_mgr_get_comp_job_avx2)
> -
> -.section	.rodata.cst16.clear_low_nibble, "aM", @progbits, 16
> -.align 16
> -clear_low_nibble:
> -.octa	0x000000000000000000000000FFFFFFF0
> -
> -.section	.rodata.cst8, "aM", @progbits, 8
> -.align 8
> -one:
> -.quad	1
> -two:
> -.quad	2
> -three:
> -.quad	3
> -four:
> -.quad	4
> -five:
> -.quad	5
> -six:
> -.quad	6
> -seven:
> -.quad  7
> diff --git a/arch/x86/crypto/sha256-mb/sha256_mb_mgr_init_avx2.c b/arch/x86/crypto/sha256-mb/sha256_mb_mgr_init_avx2.c
> deleted file mode 100644
> index b0c498371e67..000000000000
> --- a/arch/x86/crypto/sha256-mb/sha256_mb_mgr_init_avx2.c
> +++ /dev/null
> @@ -1,65 +0,0 @@
> -/*
> - * Initialization code for multi buffer SHA256 algorithm for AVX2
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *      Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#include "sha256_mb_mgr.h"
> -
> -void sha256_mb_mgr_init_avx2(struct sha256_mb_mgr *state)
> -{
> -	unsigned int j;
> -
> -	state->unused_lanes = 0xF76543210ULL;
> -	for (j = 0; j < 8; j++) {
> -		state->lens[j] = 0xFFFFFFFF;
> -		state->ldata[j].job_in_lane = NULL;
> -	}
> -}
> diff --git a/arch/x86/crypto/sha256-mb/sha256_mb_mgr_submit_avx2.S b/arch/x86/crypto/sha256-mb/sha256_mb_mgr_submit_avx2.S
> deleted file mode 100644
> index b36ae7454084..000000000000
> --- a/arch/x86/crypto/sha256-mb/sha256_mb_mgr_submit_avx2.S
> +++ /dev/null
> @@ -1,214 +0,0 @@
> -/*
> - * Buffer submit code for multi buffer SHA256 algorithm
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *      Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#include <linux/linkage.h>
> -#include <asm/frame.h>
> -#include "sha256_mb_mgr_datastruct.S"
> -
> -.extern sha256_x8_avx2
> -
> -# LINUX register definitions
> -arg1		= %rdi
> -arg2		= %rsi
> -size_offset	= %rcx
> -tmp2		= %rcx
> -extra_blocks	= %rdx
> -
> -# Common definitions
> -#define state	arg1
> -#define job	%rsi
> -#define len2	arg2
> -#define p2	arg2
> -
> -# idx must be a register not clobberred by sha1_x8_avx2
> -idx		= %r8
> -DWORD_idx	= %r8d
> -last_len	= %r8
> -
> -p		= %r11
> -start_offset	= %r11
> -
> -unused_lanes	= %rbx
> -BYTE_unused_lanes = %bl
> -
> -job_rax		= %rax
> -len		= %rax
> -DWORD_len	= %eax
> -
> -lane		= %r12
> -tmp3		= %r12
> -
> -tmp		= %r9
> -DWORD_tmp	= %r9d
> -
> -lane_data	= %r10
> -
> -# JOB* sha256_mb_mgr_submit_avx2(MB_MGR *state, JOB_SHA256 *job)
> -# arg 1 : rcx : state
> -# arg 2 : rdx : job
> -ENTRY(sha256_mb_mgr_submit_avx2)
> -	FRAME_BEGIN
> -	push	%rbx
> -	push	%r12
> -
> -	mov	_unused_lanes(state), unused_lanes
> -	mov	unused_lanes, lane
> -	and	$0xF, lane
> -	shr	$4, unused_lanes
> -	imul	$_LANE_DATA_size, lane, lane_data
> -	movl	$STS_BEING_PROCESSED, _status(job)
> -	lea	_ldata(state, lane_data), lane_data
> -	mov	unused_lanes, _unused_lanes(state)
> -	movl	_len(job),  DWORD_len
> -
> -	mov	job, _job_in_lane(lane_data)
> -	shl	$4, len
> -	or	lane, len
> -
> -	movl	DWORD_len,  _lens(state , lane, 4)
> -
> -	# Load digest words from result_digest
> -	vmovdqu	_result_digest(job), %xmm0
> -	vmovdqu	_result_digest+1*16(job), %xmm1
> -	vmovd	%xmm0, _args_digest(state, lane, 4)
> -	vpextrd	$1, %xmm0, _args_digest+1*32(state , lane, 4)
> -	vpextrd	$2, %xmm0, _args_digest+2*32(state , lane, 4)
> -	vpextrd	$3, %xmm0, _args_digest+3*32(state , lane, 4)
> -	vmovd	%xmm1, _args_digest+4*32(state , lane, 4)
> -
> -	vpextrd	$1, %xmm1, _args_digest+5*32(state , lane, 4)
> -	vpextrd	$2, %xmm1, _args_digest+6*32(state , lane, 4)
> -	vpextrd	$3, %xmm1, _args_digest+7*32(state , lane, 4)
> -
> -	mov	_buffer(job), p
> -	mov	p, _args_data_ptr(state, lane, 8)
> -
> -	cmp	$0xF, unused_lanes
> -	jne	return_null
> -
> -start_loop:
> -	# Find min length
> -	vmovdqa	_lens(state), %xmm0
> -	vmovdqa	_lens+1*16(state), %xmm1
> -
> -	vpminud	%xmm1, %xmm0, %xmm2		# xmm2 has {D,C,B,A}
> -	vpalignr $8, %xmm2, %xmm3, %xmm3	# xmm3 has {x,x,D,C}
> -	vpminud	%xmm3, %xmm2, %xmm2		# xmm2 has {x,x,E,F}
> -	vpalignr $4, %xmm2, %xmm3, %xmm3	# xmm3 has {x,x,x,E}
> -	vpminud	%xmm3, %xmm2, %xmm2		# xmm2 has min val in low dword
> -
> -	vmovd	%xmm2, DWORD_idx
> -	mov	idx, len2
> -	and	$0xF, idx
> -	shr	$4, len2
> -	jz	len_is_0
> -
> -	vpand	clear_low_nibble(%rip), %xmm2, %xmm2
> -	vpshufd	$0, %xmm2, %xmm2
> -
> -	vpsubd	%xmm2, %xmm0, %xmm0
> -	vpsubd	%xmm2, %xmm1, %xmm1
> -
> -	vmovdqa	%xmm0, _lens + 0*16(state)
> -	vmovdqa	%xmm1, _lens + 1*16(state)
> -
> -	# "state" and "args" are the same address, arg1
> -	# len is arg2
> -	call	sha256_x8_avx2
> -
> -	# state and idx are intact
> -
> -len_is_0:
> -	# process completed job "idx"
> -	imul	$_LANE_DATA_size, idx, lane_data
> -	lea	_ldata(state, lane_data), lane_data
> -
> -	mov	_job_in_lane(lane_data), job_rax
> -	mov	_unused_lanes(state), unused_lanes
> -	movq	$0, _job_in_lane(lane_data)
> -	movl	$STS_COMPLETED, _status(job_rax)
> -	shl	$4, unused_lanes
> -	or	idx, unused_lanes
> -	mov	unused_lanes, _unused_lanes(state)
> -
> -	movl	$0xFFFFFFFF, _lens(state,idx,4)
> -
> -	vmovd	_args_digest(state, idx, 4), %xmm0
> -	vpinsrd	$1, _args_digest+1*32(state , idx, 4), %xmm0, %xmm0
> -	vpinsrd	$2, _args_digest+2*32(state , idx, 4), %xmm0, %xmm0
> -	vpinsrd	$3, _args_digest+3*32(state , idx, 4), %xmm0, %xmm0
> -	vmovd	_args_digest+4*32(state, idx, 4), %xmm1
> -
> -	vpinsrd	$1, _args_digest+5*32(state , idx, 4), %xmm1, %xmm1
> -	vpinsrd	$2, _args_digest+6*32(state , idx, 4), %xmm1, %xmm1
> -	vpinsrd	$3, _args_digest+7*32(state , idx, 4), %xmm1, %xmm1
> -
> -	vmovdqu	%xmm0, _result_digest(job_rax)
> -	vmovdqu	%xmm1, _result_digest+1*16(job_rax)
> -
> -return:
> -	pop     %r12
> -        pop     %rbx
> -        FRAME_END
> -	ret
> -
> -return_null:
> -	xor	job_rax, job_rax
> -	jmp	return
> -
> -ENDPROC(sha256_mb_mgr_submit_avx2)
> -
> -.section	.rodata.cst16.clear_low_nibble, "aM", @progbits, 16
> -.align 16
> -clear_low_nibble:
> -	.octa	0x000000000000000000000000FFFFFFF0
> diff --git a/arch/x86/crypto/sha256-mb/sha256_x8_avx2.S b/arch/x86/crypto/sha256-mb/sha256_x8_avx2.S
> deleted file mode 100644
> index 1687c80c5995..000000000000
> --- a/arch/x86/crypto/sha256-mb/sha256_x8_avx2.S
> +++ /dev/null
> @@ -1,598 +0,0 @@
> -/*
> - * Multi-buffer SHA256 algorithm hash compute routine
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *	Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#include <linux/linkage.h>
> -#include "sha256_mb_mgr_datastruct.S"
> -
> -## code to compute oct SHA256 using SSE-256
> -## outer calling routine takes care of save and restore of XMM registers
> -## Logic designed/laid out by JDG
> -
> -## Function clobbers: rax, rcx, rdx,   rbx, rsi, rdi, r9-r15; %ymm0-15
> -## Linux clobbers:    rax rbx rcx rdx rsi            r9 r10 r11 r12 r13 r14 r15
> -## Linux preserves:                       rdi rbp r8
> -##
> -## clobbers %ymm0-15
> -
> -arg1 = %rdi
> -arg2 = %rsi
> -reg3 = %rcx
> -reg4 = %rdx
> -
> -# Common definitions
> -STATE = arg1
> -INP_SIZE = arg2
> -
> -IDX = %rax
> -ROUND = %rbx
> -TBL = reg3
> -
> -inp0 = %r9
> -inp1 = %r10
> -inp2 = %r11
> -inp3 = %r12
> -inp4 = %r13
> -inp5 = %r14
> -inp6 = %r15
> -inp7 = reg4
> -
> -a = %ymm0
> -b = %ymm1
> -c = %ymm2
> -d = %ymm3
> -e = %ymm4
> -f = %ymm5
> -g = %ymm6
> -h = %ymm7
> -
> -T1 = %ymm8
> -
> -a0 = %ymm12
> -a1 = %ymm13
> -a2 = %ymm14
> -TMP = %ymm15
> -TMP0 = %ymm6
> -TMP1 = %ymm7
> -
> -TT0 = %ymm8
> -TT1 = %ymm9
> -TT2 = %ymm10
> -TT3 = %ymm11
> -TT4 = %ymm12
> -TT5 = %ymm13
> -TT6 = %ymm14
> -TT7 = %ymm15
> -
> -# Define stack usage
> -
> -# Assume stack aligned to 32 bytes before call
> -# Therefore FRAMESZ mod 32 must be 32-8 = 24
> -
> -#define FRAMESZ	0x388
> -
> -#define VMOVPS	vmovups
> -
> -# TRANSPOSE8 r0, r1, r2, r3, r4, r5, r6, r7, t0, t1
> -# "transpose" data in {r0...r7} using temps {t0...t1}
> -# Input looks like: {r0 r1 r2 r3 r4 r5 r6 r7}
> -# r0 = {a7 a6 a5 a4   a3 a2 a1 a0}
> -# r1 = {b7 b6 b5 b4   b3 b2 b1 b0}
> -# r2 = {c7 c6 c5 c4   c3 c2 c1 c0}
> -# r3 = {d7 d6 d5 d4   d3 d2 d1 d0}
> -# r4 = {e7 e6 e5 e4   e3 e2 e1 e0}
> -# r5 = {f7 f6 f5 f4   f3 f2 f1 f0}
> -# r6 = {g7 g6 g5 g4   g3 g2 g1 g0}
> -# r7 = {h7 h6 h5 h4   h3 h2 h1 h0}
> -#
> -# Output looks like: {r0 r1 r2 r3 r4 r5 r6 r7}
> -# r0 = {h0 g0 f0 e0   d0 c0 b0 a0}
> -# r1 = {h1 g1 f1 e1   d1 c1 b1 a1}
> -# r2 = {h2 g2 f2 e2   d2 c2 b2 a2}
> -# r3 = {h3 g3 f3 e3   d3 c3 b3 a3}
> -# r4 = {h4 g4 f4 e4   d4 c4 b4 a4}
> -# r5 = {h5 g5 f5 e5   d5 c5 b5 a5}
> -# r6 = {h6 g6 f6 e6   d6 c6 b6 a6}
> -# r7 = {h7 g7 f7 e7   d7 c7 b7 a7}
> -#
> -
> -.macro TRANSPOSE8 r0 r1 r2 r3 r4 r5 r6 r7 t0 t1
> -	# process top half (r0..r3) {a...d}
> -	vshufps	$0x44, \r1, \r0, \t0 # t0 = {b5 b4 a5 a4   b1 b0 a1 a0}
> -	vshufps	$0xEE, \r1, \r0, \r0 # r0 = {b7 b6 a7 a6   b3 b2 a3 a2}
> -	vshufps	$0x44, \r3, \r2, \t1 # t1 = {d5 d4 c5 c4   d1 d0 c1 c0}
> -	vshufps	$0xEE, \r3, \r2, \r2 # r2 = {d7 d6 c7 c6   d3 d2 c3 c2}
> -	vshufps	$0xDD, \t1, \t0, \r3 # r3 = {d5 c5 b5 a5   d1 c1 b1 a1}
> -	vshufps	$0x88, \r2, \r0, \r1 # r1 = {d6 c6 b6 a6   d2 c2 b2 a2}
> -	vshufps	$0xDD, \r2, \r0, \r0 # r0 = {d7 c7 b7 a7   d3 c3 b3 a3}
> -	vshufps	$0x88, \t1, \t0, \t0 # t0 = {d4 c4 b4 a4   d0 c0 b0 a0}
> -
> -	# use r2 in place of t0
> -	# process bottom half (r4..r7) {e...h}
> -	vshufps	$0x44, \r5, \r4, \r2 # r2 = {f5 f4 e5 e4   f1 f0 e1 e0}
> -	vshufps	$0xEE, \r5, \r4, \r4 # r4 = {f7 f6 e7 e6   f3 f2 e3 e2}
> -	vshufps	$0x44, \r7, \r6, \t1 # t1 = {h5 h4 g5 g4   h1 h0 g1 g0}
> -	vshufps	$0xEE, \r7, \r6, \r6 # r6 = {h7 h6 g7 g6   h3 h2 g3 g2}
> -	vshufps	$0xDD, \t1, \r2, \r7 # r7 = {h5 g5 f5 e5   h1 g1 f1 e1}
> -	vshufps	$0x88, \r6, \r4, \r5 # r5 = {h6 g6 f6 e6   h2 g2 f2 e2}
> -	vshufps	$0xDD, \r6, \r4, \r4 # r4 = {h7 g7 f7 e7   h3 g3 f3 e3}
> -	vshufps	$0x88, \t1, \r2, \t1 # t1 = {h4 g4 f4 e4   h0 g0 f0 e0}
> -
> -	vperm2f128	$0x13, \r1, \r5, \r6  # h6...a6
> -	vperm2f128	$0x02, \r1, \r5, \r2  # h2...a2
> -	vperm2f128	$0x13, \r3, \r7, \r5  # h5...a5
> -	vperm2f128	$0x02, \r3, \r7, \r1  # h1...a1
> -	vperm2f128	$0x13, \r0, \r4, \r7  # h7...a7
> -	vperm2f128	$0x02, \r0, \r4, \r3  # h3...a3
> -	vperm2f128	$0x13, \t0, \t1, \r4  # h4...a4
> -	vperm2f128	$0x02, \t0, \t1, \r0  # h0...a0
> -
> -.endm
> -
> -.macro ROTATE_ARGS
> -TMP_ = h
> -h = g
> -g = f
> -f = e
> -e = d
> -d = c
> -c = b
> -b = a
> -a = TMP_
> -.endm
> -
> -.macro _PRORD reg imm tmp
> -	vpslld	$(32-\imm),\reg,\tmp
> -	vpsrld	$\imm,\reg, \reg
> -	vpor	\tmp,\reg, \reg
> -.endm
> -
> -# PRORD_nd reg, imm, tmp, src
> -.macro _PRORD_nd reg imm tmp src
> -	vpslld	$(32-\imm), \src, \tmp
> -	vpsrld	$\imm, \src, \reg
> -	vpor	\tmp, \reg, \reg
> -.endm
> -
> -# PRORD dst/src, amt
> -.macro PRORD reg imm
> -	_PRORD	\reg,\imm,TMP
> -.endm
> -
> -# PRORD_nd dst, src, amt
> -.macro PRORD_nd reg tmp imm
> -	_PRORD_nd	\reg, \imm, TMP, \tmp
> -.endm
> -
> -# arguments passed implicitly in preprocessor symbols i, a...h
> -.macro ROUND_00_15 _T1 i
> -	PRORD_nd	a0,e,5	# sig1: a0 = (e >> 5)
> -
> -	vpxor	g, f, a2	# ch: a2 = f^g
> -	vpand	e,a2, a2	# ch: a2 = (f^g)&e
> -	vpxor	g, a2, a2	# a2 = ch
> -
> -	PRORD_nd	a1,e,25	# sig1: a1 = (e >> 25)
> -
> -	vmovdqu	\_T1,(SZ8*(\i & 0xf))(%rsp)
> -	vpaddd	(TBL,ROUND,1), \_T1, \_T1	# T1 = W + K
> -	vpxor	e,a0, a0	# sig1: a0 = e ^ (e >> 5)
> -	PRORD	a0, 6		# sig1: a0 = (e >> 6) ^ (e >> 11)
> -	vpaddd	a2, h, h	# h = h + ch
> -	PRORD_nd	a2,a,11	# sig0: a2 = (a >> 11)
> -	vpaddd	\_T1,h, h 	# h = h + ch + W + K
> -	vpxor	a1, a0, a0	# a0 = sigma1
> -	PRORD_nd	a1,a,22	# sig0: a1 = (a >> 22)
> -	vpxor	c, a, \_T1	# maj: T1 = a^c
> -	add	$SZ8, ROUND	# ROUND++
> -	vpand	b, \_T1, \_T1	# maj: T1 = (a^c)&b
> -	vpaddd	a0, h, h
> -	vpaddd	h, d, d
> -	vpxor	a, a2, a2	# sig0: a2 = a ^ (a >> 11)
> -	PRORD	a2,2		# sig0: a2 = (a >> 2) ^ (a >> 13)
> -	vpxor	a1, a2, a2	# a2 = sig0
> -	vpand	c, a, a1	# maj: a1 = a&c
> -	vpor	\_T1, a1, a1 	# a1 = maj
> -	vpaddd	a1, h, h	# h = h + ch + W + K + maj
> -	vpaddd	a2, h, h	# h = h + ch + W + K + maj + sigma0
> -	ROTATE_ARGS
> -.endm
> -
> -# arguments passed implicitly in preprocessor symbols i, a...h
> -.macro ROUND_16_XX _T1 i
> -	vmovdqu	(SZ8*((\i-15)&0xf))(%rsp), \_T1
> -	vmovdqu	(SZ8*((\i-2)&0xf))(%rsp), a1
> -	vmovdqu	\_T1, a0
> -	PRORD	\_T1,11
> -	vmovdqu	a1, a2
> -	PRORD	a1,2
> -	vpxor	a0, \_T1, \_T1
> -	PRORD	\_T1, 7
> -	vpxor	a2, a1, a1
> -	PRORD	a1, 17
> -	vpsrld	$3, a0, a0
> -	vpxor	a0, \_T1, \_T1
> -	vpsrld	$10, a2, a2
> -	vpxor	a2, a1, a1
> -	vpaddd	(SZ8*((\i-16)&0xf))(%rsp), \_T1, \_T1
> -	vpaddd	(SZ8*((\i-7)&0xf))(%rsp), a1, a1
> -	vpaddd	a1, \_T1, \_T1
> -
> -	ROUND_00_15 \_T1,\i
> -.endm
> -
> -# SHA256_ARGS:
> -#   UINT128 digest[8];  // transposed digests
> -#   UINT8  *data_ptr[4];
> -
> -# void sha256_x8_avx2(SHA256_ARGS *args, UINT64 bytes);
> -# arg 1 : STATE : pointer to array of pointers to input data
> -# arg 2 : INP_SIZE  : size of input in blocks
> -	# general registers preserved in outer calling routine
> -	# outer calling routine saves all the XMM registers
> -	# save rsp, allocate 32-byte aligned for local variables
> -ENTRY(sha256_x8_avx2)
> -
> -	# save callee-saved clobbered registers to comply with C function ABI
> -	push    %r12
> -	push    %r13
> -	push    %r14
> -	push    %r15
> -
> -	mov	%rsp, IDX
> -	sub	$FRAMESZ, %rsp
> -	and	$~0x1F, %rsp
> -	mov	IDX, _rsp(%rsp)
> -
> -	# Load the pre-transposed incoming digest.
> -	vmovdqu	0*SHA256_DIGEST_ROW_SIZE(STATE),a
> -	vmovdqu	1*SHA256_DIGEST_ROW_SIZE(STATE),b
> -	vmovdqu	2*SHA256_DIGEST_ROW_SIZE(STATE),c
> -	vmovdqu	3*SHA256_DIGEST_ROW_SIZE(STATE),d
> -	vmovdqu	4*SHA256_DIGEST_ROW_SIZE(STATE),e
> -	vmovdqu	5*SHA256_DIGEST_ROW_SIZE(STATE),f
> -	vmovdqu	6*SHA256_DIGEST_ROW_SIZE(STATE),g
> -	vmovdqu	7*SHA256_DIGEST_ROW_SIZE(STATE),h
> -
> -	lea	K256_8(%rip),TBL
> -
> -	# load the address of each of the 4 message lanes
> -	# getting ready to transpose input onto stack
> -	mov	_args_data_ptr+0*PTR_SZ(STATE),inp0
> -	mov	_args_data_ptr+1*PTR_SZ(STATE),inp1
> -	mov	_args_data_ptr+2*PTR_SZ(STATE),inp2
> -	mov	_args_data_ptr+3*PTR_SZ(STATE),inp3
> -	mov	_args_data_ptr+4*PTR_SZ(STATE),inp4
> -	mov	_args_data_ptr+5*PTR_SZ(STATE),inp5
> -	mov	_args_data_ptr+6*PTR_SZ(STATE),inp6
> -	mov	_args_data_ptr+7*PTR_SZ(STATE),inp7
> -
> -	xor	IDX, IDX
> -lloop:
> -	xor	ROUND, ROUND
> -
> -	# save old digest
> -	vmovdqu	a, _digest(%rsp)
> -	vmovdqu	b, _digest+1*SZ8(%rsp)
> -	vmovdqu	c, _digest+2*SZ8(%rsp)
> -	vmovdqu	d, _digest+3*SZ8(%rsp)
> -	vmovdqu	e, _digest+4*SZ8(%rsp)
> -	vmovdqu	f, _digest+5*SZ8(%rsp)
> -	vmovdqu	g, _digest+6*SZ8(%rsp)
> -	vmovdqu	h, _digest+7*SZ8(%rsp)
> -	i = 0
> -.rep 2
> -	VMOVPS	i*32(inp0, IDX), TT0
> -	VMOVPS	i*32(inp1, IDX), TT1
> -	VMOVPS	i*32(inp2, IDX), TT2
> -	VMOVPS	i*32(inp3, IDX), TT3
> -	VMOVPS	i*32(inp4, IDX), TT4
> -	VMOVPS	i*32(inp5, IDX), TT5
> -	VMOVPS	i*32(inp6, IDX), TT6
> -	VMOVPS	i*32(inp7, IDX), TT7
> -	vmovdqu	g, _ytmp(%rsp)
> -	vmovdqu	h, _ytmp+1*SZ8(%rsp)
> -	TRANSPOSE8	TT0, TT1, TT2, TT3, TT4, TT5, TT6, TT7,   TMP0, TMP1
> -	vmovdqu	PSHUFFLE_BYTE_FLIP_MASK(%rip), TMP1
> -	vmovdqu	_ytmp(%rsp), g
> -	vpshufb	TMP1, TT0, TT0
> -	vpshufb	TMP1, TT1, TT1
> -	vpshufb	TMP1, TT2, TT2
> -	vpshufb	TMP1, TT3, TT3
> -	vpshufb	TMP1, TT4, TT4
> -	vpshufb	TMP1, TT5, TT5
> -	vpshufb	TMP1, TT6, TT6
> -	vpshufb	TMP1, TT7, TT7
> -	vmovdqu	_ytmp+1*SZ8(%rsp), h
> -	vmovdqu	TT4, _ytmp(%rsp)
> -	vmovdqu	TT5, _ytmp+1*SZ8(%rsp)
> -	vmovdqu	TT6, _ytmp+2*SZ8(%rsp)
> -	vmovdqu	TT7, _ytmp+3*SZ8(%rsp)
> -	ROUND_00_15	TT0,(i*8+0)
> -	vmovdqu	_ytmp(%rsp), TT0
> -	ROUND_00_15	TT1,(i*8+1)
> -	vmovdqu	_ytmp+1*SZ8(%rsp), TT1
> -	ROUND_00_15	TT2,(i*8+2)
> -	vmovdqu	_ytmp+2*SZ8(%rsp), TT2
> -	ROUND_00_15	TT3,(i*8+3)
> -	vmovdqu	_ytmp+3*SZ8(%rsp), TT3
> -	ROUND_00_15	TT0,(i*8+4)
> -	ROUND_00_15	TT1,(i*8+5)
> -	ROUND_00_15	TT2,(i*8+6)
> -	ROUND_00_15	TT3,(i*8+7)
> -	i = (i+1)
> -.endr
> -	add	$64, IDX
> -	i = (i*8)
> -
> -	jmp	Lrounds_16_xx
> -.align 16
> -Lrounds_16_xx:
> -.rep 16
> -	ROUND_16_XX	T1, i
> -	i = (i+1)
> -.endr
> -
> -	cmp	$ROUNDS,ROUND
> -	jb	Lrounds_16_xx
> -
> -	# add old digest
> -	vpaddd	_digest+0*SZ8(%rsp), a, a
> -	vpaddd	_digest+1*SZ8(%rsp), b, b
> -	vpaddd	_digest+2*SZ8(%rsp), c, c
> -	vpaddd	_digest+3*SZ8(%rsp), d, d
> -	vpaddd	_digest+4*SZ8(%rsp), e, e
> -	vpaddd	_digest+5*SZ8(%rsp), f, f
> -	vpaddd	_digest+6*SZ8(%rsp), g, g
> -	vpaddd	_digest+7*SZ8(%rsp), h, h
> -
> -	sub	$1, INP_SIZE  # unit is blocks
> -	jne	lloop
> -
> -	# write back to memory (state object) the transposed digest
> -	vmovdqu	a, 0*SHA256_DIGEST_ROW_SIZE(STATE)
> -	vmovdqu	b, 1*SHA256_DIGEST_ROW_SIZE(STATE)
> -	vmovdqu	c, 2*SHA256_DIGEST_ROW_SIZE(STATE)
> -	vmovdqu	d, 3*SHA256_DIGEST_ROW_SIZE(STATE)
> -	vmovdqu	e, 4*SHA256_DIGEST_ROW_SIZE(STATE)
> -	vmovdqu	f, 5*SHA256_DIGEST_ROW_SIZE(STATE)
> -	vmovdqu	g, 6*SHA256_DIGEST_ROW_SIZE(STATE)
> -	vmovdqu	h, 7*SHA256_DIGEST_ROW_SIZE(STATE)
> -
> -	# update input pointers
> -	add	IDX, inp0
> -	mov	inp0, _args_data_ptr+0*8(STATE)
> -	add	IDX, inp1
> -	mov	inp1, _args_data_ptr+1*8(STATE)
> -	add	IDX, inp2
> -	mov	inp2, _args_data_ptr+2*8(STATE)
> -	add	IDX, inp3
> -	mov	inp3, _args_data_ptr+3*8(STATE)
> -	add	IDX, inp4
> -	mov	inp4, _args_data_ptr+4*8(STATE)
> -	add	IDX, inp5
> -	mov	inp5, _args_data_ptr+5*8(STATE)
> -	add	IDX, inp6
> -	mov	inp6, _args_data_ptr+6*8(STATE)
> -	add	IDX, inp7
> -	mov	inp7, _args_data_ptr+7*8(STATE)
> -
> -	# Postamble
> -	mov	_rsp(%rsp), %rsp
> -
> -	# restore callee-saved clobbered registers
> -	pop     %r15
> -	pop     %r14
> -	pop     %r13
> -	pop     %r12
> -
> -	ret
> -ENDPROC(sha256_x8_avx2)
> -
> -.section	.rodata.K256_8, "a", @progbits
> -.align 64
> -K256_8:
> -	.octa	0x428a2f98428a2f98428a2f98428a2f98
> -	.octa	0x428a2f98428a2f98428a2f98428a2f98
> -	.octa	0x71374491713744917137449171374491
> -	.octa	0x71374491713744917137449171374491
> -	.octa	0xb5c0fbcfb5c0fbcfb5c0fbcfb5c0fbcf
> -	.octa	0xb5c0fbcfb5c0fbcfb5c0fbcfb5c0fbcf
> -	.octa	0xe9b5dba5e9b5dba5e9b5dba5e9b5dba5
> -	.octa	0xe9b5dba5e9b5dba5e9b5dba5e9b5dba5
> -	.octa	0x3956c25b3956c25b3956c25b3956c25b
> -	.octa	0x3956c25b3956c25b3956c25b3956c25b
> -	.octa	0x59f111f159f111f159f111f159f111f1
> -	.octa	0x59f111f159f111f159f111f159f111f1
> -	.octa	0x923f82a4923f82a4923f82a4923f82a4
> -	.octa	0x923f82a4923f82a4923f82a4923f82a4
> -	.octa	0xab1c5ed5ab1c5ed5ab1c5ed5ab1c5ed5
> -	.octa	0xab1c5ed5ab1c5ed5ab1c5ed5ab1c5ed5
> -	.octa	0xd807aa98d807aa98d807aa98d807aa98
> -	.octa	0xd807aa98d807aa98d807aa98d807aa98
> -	.octa	0x12835b0112835b0112835b0112835b01
> -	.octa	0x12835b0112835b0112835b0112835b01
> -	.octa	0x243185be243185be243185be243185be
> -	.octa	0x243185be243185be243185be243185be
> -	.octa	0x550c7dc3550c7dc3550c7dc3550c7dc3
> -	.octa	0x550c7dc3550c7dc3550c7dc3550c7dc3
> -	.octa	0x72be5d7472be5d7472be5d7472be5d74
> -	.octa	0x72be5d7472be5d7472be5d7472be5d74
> -	.octa	0x80deb1fe80deb1fe80deb1fe80deb1fe
> -	.octa	0x80deb1fe80deb1fe80deb1fe80deb1fe
> -	.octa	0x9bdc06a79bdc06a79bdc06a79bdc06a7
> -	.octa	0x9bdc06a79bdc06a79bdc06a79bdc06a7
> -	.octa	0xc19bf174c19bf174c19bf174c19bf174
> -	.octa	0xc19bf174c19bf174c19bf174c19bf174
> -	.octa	0xe49b69c1e49b69c1e49b69c1e49b69c1
> -	.octa	0xe49b69c1e49b69c1e49b69c1e49b69c1
> -	.octa	0xefbe4786efbe4786efbe4786efbe4786
> -	.octa	0xefbe4786efbe4786efbe4786efbe4786
> -	.octa	0x0fc19dc60fc19dc60fc19dc60fc19dc6
> -	.octa	0x0fc19dc60fc19dc60fc19dc60fc19dc6
> -	.octa	0x240ca1cc240ca1cc240ca1cc240ca1cc
> -	.octa	0x240ca1cc240ca1cc240ca1cc240ca1cc
> -	.octa	0x2de92c6f2de92c6f2de92c6f2de92c6f
> -	.octa	0x2de92c6f2de92c6f2de92c6f2de92c6f
> -	.octa	0x4a7484aa4a7484aa4a7484aa4a7484aa
> -	.octa	0x4a7484aa4a7484aa4a7484aa4a7484aa
> -	.octa	0x5cb0a9dc5cb0a9dc5cb0a9dc5cb0a9dc
> -	.octa	0x5cb0a9dc5cb0a9dc5cb0a9dc5cb0a9dc
> -	.octa	0x76f988da76f988da76f988da76f988da
> -	.octa	0x76f988da76f988da76f988da76f988da
> -	.octa	0x983e5152983e5152983e5152983e5152
> -	.octa	0x983e5152983e5152983e5152983e5152
> -	.octa	0xa831c66da831c66da831c66da831c66d
> -	.octa	0xa831c66da831c66da831c66da831c66d
> -	.octa	0xb00327c8b00327c8b00327c8b00327c8
> -	.octa	0xb00327c8b00327c8b00327c8b00327c8
> -	.octa	0xbf597fc7bf597fc7bf597fc7bf597fc7
> -	.octa	0xbf597fc7bf597fc7bf597fc7bf597fc7
> -	.octa	0xc6e00bf3c6e00bf3c6e00bf3c6e00bf3
> -	.octa	0xc6e00bf3c6e00bf3c6e00bf3c6e00bf3
> -	.octa	0xd5a79147d5a79147d5a79147d5a79147
> -	.octa	0xd5a79147d5a79147d5a79147d5a79147
> -	.octa	0x06ca635106ca635106ca635106ca6351
> -	.octa	0x06ca635106ca635106ca635106ca6351
> -	.octa	0x14292967142929671429296714292967
> -	.octa	0x14292967142929671429296714292967
> -	.octa	0x27b70a8527b70a8527b70a8527b70a85
> -	.octa	0x27b70a8527b70a8527b70a8527b70a85
> -	.octa	0x2e1b21382e1b21382e1b21382e1b2138
> -	.octa	0x2e1b21382e1b21382e1b21382e1b2138
> -	.octa	0x4d2c6dfc4d2c6dfc4d2c6dfc4d2c6dfc
> -	.octa	0x4d2c6dfc4d2c6dfc4d2c6dfc4d2c6dfc
> -	.octa	0x53380d1353380d1353380d1353380d13
> -	.octa	0x53380d1353380d1353380d1353380d13
> -	.octa	0x650a7354650a7354650a7354650a7354
> -	.octa	0x650a7354650a7354650a7354650a7354
> -	.octa	0x766a0abb766a0abb766a0abb766a0abb
> -	.octa	0x766a0abb766a0abb766a0abb766a0abb
> -	.octa	0x81c2c92e81c2c92e81c2c92e81c2c92e
> -	.octa	0x81c2c92e81c2c92e81c2c92e81c2c92e
> -	.octa	0x92722c8592722c8592722c8592722c85
> -	.octa	0x92722c8592722c8592722c8592722c85
> -	.octa	0xa2bfe8a1a2bfe8a1a2bfe8a1a2bfe8a1
> -	.octa	0xa2bfe8a1a2bfe8a1a2bfe8a1a2bfe8a1
> -	.octa	0xa81a664ba81a664ba81a664ba81a664b
> -	.octa	0xa81a664ba81a664ba81a664ba81a664b
> -	.octa	0xc24b8b70c24b8b70c24b8b70c24b8b70
> -	.octa	0xc24b8b70c24b8b70c24b8b70c24b8b70
> -	.octa	0xc76c51a3c76c51a3c76c51a3c76c51a3
> -	.octa	0xc76c51a3c76c51a3c76c51a3c76c51a3
> -	.octa	0xd192e819d192e819d192e819d192e819
> -	.octa	0xd192e819d192e819d192e819d192e819
> -	.octa	0xd6990624d6990624d6990624d6990624
> -	.octa	0xd6990624d6990624d6990624d6990624
> -	.octa	0xf40e3585f40e3585f40e3585f40e3585
> -	.octa	0xf40e3585f40e3585f40e3585f40e3585
> -	.octa	0x106aa070106aa070106aa070106aa070
> -	.octa	0x106aa070106aa070106aa070106aa070
> -	.octa	0x19a4c11619a4c11619a4c11619a4c116
> -	.octa	0x19a4c11619a4c11619a4c11619a4c116
> -	.octa	0x1e376c081e376c081e376c081e376c08
> -	.octa	0x1e376c081e376c081e376c081e376c08
> -	.octa	0x2748774c2748774c2748774c2748774c
> -	.octa	0x2748774c2748774c2748774c2748774c
> -	.octa	0x34b0bcb534b0bcb534b0bcb534b0bcb5
> -	.octa	0x34b0bcb534b0bcb534b0bcb534b0bcb5
> -	.octa	0x391c0cb3391c0cb3391c0cb3391c0cb3
> -	.octa	0x391c0cb3391c0cb3391c0cb3391c0cb3
> -	.octa	0x4ed8aa4a4ed8aa4a4ed8aa4a4ed8aa4a
> -	.octa	0x4ed8aa4a4ed8aa4a4ed8aa4a4ed8aa4a
> -	.octa	0x5b9cca4f5b9cca4f5b9cca4f5b9cca4f
> -	.octa	0x5b9cca4f5b9cca4f5b9cca4f5b9cca4f
> -	.octa	0x682e6ff3682e6ff3682e6ff3682e6ff3
> -	.octa	0x682e6ff3682e6ff3682e6ff3682e6ff3
> -	.octa	0x748f82ee748f82ee748f82ee748f82ee
> -	.octa	0x748f82ee748f82ee748f82ee748f82ee
> -	.octa	0x78a5636f78a5636f78a5636f78a5636f
> -	.octa	0x78a5636f78a5636f78a5636f78a5636f
> -	.octa	0x84c8781484c8781484c8781484c87814
> -	.octa	0x84c8781484c8781484c8781484c87814
> -	.octa	0x8cc702088cc702088cc702088cc70208
> -	.octa	0x8cc702088cc702088cc702088cc70208
> -	.octa	0x90befffa90befffa90befffa90befffa
> -	.octa	0x90befffa90befffa90befffa90befffa
> -	.octa	0xa4506ceba4506ceba4506ceba4506ceb
> -	.octa	0xa4506ceba4506ceba4506ceba4506ceb
> -	.octa	0xbef9a3f7bef9a3f7bef9a3f7bef9a3f7
> -	.octa	0xbef9a3f7bef9a3f7bef9a3f7bef9a3f7
> -	.octa	0xc67178f2c67178f2c67178f2c67178f2
> -	.octa	0xc67178f2c67178f2c67178f2c67178f2
> -
> -.section	.rodata.cst32.PSHUFFLE_BYTE_FLIP_MASK, "aM", @progbits, 32
> -.align 32
> -PSHUFFLE_BYTE_FLIP_MASK:
> -.octa 0x0c0d0e0f08090a0b0405060700010203
> -.octa 0x0c0d0e0f08090a0b0405060700010203
> -
> -.section	.rodata.cst256.K256, "aM", @progbits, 256
> -.align 64
> -.global K256
> -K256:
> -	.int	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
> -	.int	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
> -	.int	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
> -	.int	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
> -	.int	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
> -	.int	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
> -	.int	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
> -	.int	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
> -	.int	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
> -	.int	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
> -	.int	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
> -	.int	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
> -	.int	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
> -	.int	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
> -	.int	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
> -	.int	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
> diff --git a/arch/x86/crypto/sha512-mb/Makefile b/arch/x86/crypto/sha512-mb/Makefile
> deleted file mode 100644
> index 90f1ef69152e..000000000000
> --- a/arch/x86/crypto/sha512-mb/Makefile
> +++ /dev/null
> @@ -1,12 +0,0 @@
> -# SPDX-License-Identifier: GPL-2.0
> -#
> -# Arch-specific CryptoAPI modules.
> -#
> -
> -avx2_supported := $(call as-instr,vpgatherdd %ymm0$(comma)(%eax$(comma)%ymm1\
> -                                $(comma)4)$(comma)%ymm2,yes,no)
> -ifeq ($(avx2_supported),yes)
> -	obj-$(CONFIG_CRYPTO_SHA512_MB) += sha512-mb.o
> -	sha512-mb-y := sha512_mb.o sha512_mb_mgr_flush_avx2.o \
> -	     sha512_mb_mgr_init_avx2.o sha512_mb_mgr_submit_avx2.o sha512_x4_avx2.o
> -endif
> diff --git a/arch/x86/crypto/sha512-mb/sha512_mb.c b/arch/x86/crypto/sha512-mb/sha512_mb.c
> deleted file mode 100644
> index 26b85678012d..000000000000
> --- a/arch/x86/crypto/sha512-mb/sha512_mb.c
> +++ /dev/null
> @@ -1,1047 +0,0 @@
> -/*
> - * Multi buffer SHA512 algorithm Glue Code
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * This program is free software; you can redistribute it and/or modify
> - * it under the terms of version 2 of the GNU General Public License as
> - * published by the Free Software Foundation.
> - *
> - * This program is distributed in the hope that it will be useful, but
> - * WITHOUT ANY WARRANTY; without even the implied warranty of
> - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - * General Public License for more details.
> - *
> - * Contact Information:
> - *	Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - * BSD LICENSE
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * Redistribution and use in source and binary forms, with or without
> - * modification, are permitted provided that the following conditions
> - * are met:
> - *
> - *   * Redistributions of source code must retain the above copyright
> - *     notice, this list of conditions and the following disclaimer.
> - *   * Redistributions in binary form must reproduce the above copyright
> - *     notice, this list of conditions and the following disclaimer in
> - *     the documentation and/or other materials provided with the
> - *     distribution.
> - *   * Neither the name of Intel Corporation nor the names of its
> - *     contributors may be used to endorse or promote products derived
> - *     from this software without specific prior written permission.
> - *
> - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#define pr_fmt(fmt)	KBUILD_MODNAME ": " fmt
> -
> -#include <crypto/internal/hash.h>
> -#include <linux/init.h>
> -#include <linux/module.h>
> -#include <linux/mm.h>
> -#include <linux/cryptohash.h>
> -#include <linux/types.h>
> -#include <linux/list.h>
> -#include <crypto/scatterwalk.h>
> -#include <crypto/sha.h>
> -#include <crypto/mcryptd.h>
> -#include <crypto/crypto_wq.h>
> -#include <asm/byteorder.h>
> -#include <linux/hardirq.h>
> -#include <asm/fpu/api.h>
> -#include "sha512_mb_ctx.h"
> -
> -#define FLUSH_INTERVAL 1000 /* in usec */
> -
> -static struct mcryptd_alg_state sha512_mb_alg_state;
> -
> -struct sha512_mb_ctx {
> -	struct mcryptd_ahash *mcryptd_tfm;
> -};
> -
> -static inline struct mcryptd_hash_request_ctx
> -		*cast_hash_to_mcryptd_ctx(struct sha512_hash_ctx *hash_ctx)
> -{
> -	struct ahash_request *areq;
> -
> -	areq = container_of((void *) hash_ctx, struct ahash_request, __ctx);
> -	return container_of(areq, struct mcryptd_hash_request_ctx, areq);
> -}
> -
> -static inline struct ahash_request
> -		*cast_mcryptd_ctx_to_req(struct mcryptd_hash_request_ctx *ctx)
> -{
> -	return container_of((void *) ctx, struct ahash_request, __ctx);
> -}
> -
> -static void req_ctx_init(struct mcryptd_hash_request_ctx *rctx,
> -				struct ahash_request *areq)
> -{
> -	rctx->flag = HASH_UPDATE;
> -}
> -
> -static asmlinkage void (*sha512_job_mgr_init)(struct sha512_mb_mgr *state);
> -static asmlinkage struct job_sha512* (*sha512_job_mgr_submit)
> -						(struct sha512_mb_mgr *state,
> -						struct job_sha512 *job);
> -static asmlinkage struct job_sha512* (*sha512_job_mgr_flush)
> -						(struct sha512_mb_mgr *state);
> -static asmlinkage struct job_sha512* (*sha512_job_mgr_get_comp_job)
> -						(struct sha512_mb_mgr *state);
> -
> -inline uint32_t sha512_pad(uint8_t padblock[SHA512_BLOCK_SIZE * 2],
> -			 uint64_t total_len)
> -{
> -	uint32_t i = total_len & (SHA512_BLOCK_SIZE - 1);
> -
> -	memset(&padblock[i], 0, SHA512_BLOCK_SIZE);
> -	padblock[i] = 0x80;
> -
> -	i += ((SHA512_BLOCK_SIZE - 1) &
> -	      (0 - (total_len + SHA512_PADLENGTHFIELD_SIZE + 1)))
> -	     + 1 + SHA512_PADLENGTHFIELD_SIZE;
> -
> -#if SHA512_PADLENGTHFIELD_SIZE == 16
> -	*((uint64_t *) &padblock[i - 16]) = 0;
> -#endif
> -
> -	*((uint64_t *) &padblock[i - 8]) = cpu_to_be64(total_len << 3);
> -
> -	/* Number of extra blocks to hash */
> -	return i >> SHA512_LOG2_BLOCK_SIZE;
> -}
> -
> -static struct sha512_hash_ctx *sha512_ctx_mgr_resubmit
> -		(struct sha512_ctx_mgr *mgr, struct sha512_hash_ctx *ctx)
> -{
> -	while (ctx) {
> -		if (ctx->status & HASH_CTX_STS_COMPLETE) {
> -			/* Clear PROCESSING bit */
> -			ctx->status = HASH_CTX_STS_COMPLETE;
> -			return ctx;
> -		}
> -
> -		/*
> -		 * If the extra blocks are empty, begin hashing what remains
> -		 * in the user's buffer.
> -		 */
> -		if (ctx->partial_block_buffer_length == 0 &&
> -		    ctx->incoming_buffer_length) {
> -
> -			const void *buffer = ctx->incoming_buffer;
> -			uint32_t len = ctx->incoming_buffer_length;
> -			uint32_t copy_len;
> -
> -			/*
> -			 * Only entire blocks can be hashed.
> -			 * Copy remainder to extra blocks buffer.
> -			 */
> -			copy_len = len & (SHA512_BLOCK_SIZE-1);
> -
> -			if (copy_len) {
> -				len -= copy_len;
> -				memcpy(ctx->partial_block_buffer,
> -				       ((const char *) buffer + len),
> -				       copy_len);
> -				ctx->partial_block_buffer_length = copy_len;
> -			}
> -
> -			ctx->incoming_buffer_length = 0;
> -
> -			/* len should be a multiple of the block size now */
> -			assert((len % SHA512_BLOCK_SIZE) == 0);
> -
> -			/* Set len to the number of blocks to be hashed */
> -			len >>= SHA512_LOG2_BLOCK_SIZE;
> -
> -			if (len) {
> -
> -				ctx->job.buffer = (uint8_t *) buffer;
> -				ctx->job.len = len;
> -				ctx = (struct sha512_hash_ctx *)
> -					sha512_job_mgr_submit(&mgr->mgr,
> -					&ctx->job);
> -				continue;
> -			}
> -		}
> -
> -		/*
> -		 * If the extra blocks are not empty, then we are
> -		 * either on the last block(s) or we need more
> -		 * user input before continuing.
> -		 */
> -		if (ctx->status & HASH_CTX_STS_LAST) {
> -
> -			uint8_t *buf = ctx->partial_block_buffer;
> -			uint32_t n_extra_blocks =
> -					sha512_pad(buf, ctx->total_length);
> -
> -			ctx->status = (HASH_CTX_STS_PROCESSING |
> -				       HASH_CTX_STS_COMPLETE);
> -			ctx->job.buffer = buf;
> -			ctx->job.len = (uint32_t) n_extra_blocks;
> -			ctx = (struct sha512_hash_ctx *)
> -				sha512_job_mgr_submit(&mgr->mgr, &ctx->job);
> -			continue;
> -		}
> -
> -		if (ctx)
> -			ctx->status = HASH_CTX_STS_IDLE;
> -		return ctx;
> -	}
> -
> -	return NULL;
> -}
> -
> -static struct sha512_hash_ctx
> -		*sha512_ctx_mgr_get_comp_ctx(struct mcryptd_alg_cstate *cstate)
> -{
> -	/*
> -	 * If get_comp_job returns NULL, there are no jobs complete.
> -	 * If get_comp_job returns a job, verify that it is safe to return to
> -	 * the user.
> -	 * If it is not ready, resubmit the job to finish processing.
> -	 * If sha512_ctx_mgr_resubmit returned a job, it is ready to be
> -	 * returned.
> -	 * Otherwise, all jobs currently being managed by the hash_ctx_mgr
> -	 * still need processing.
> -	 */
> -	struct sha512_ctx_mgr *mgr;
> -	struct sha512_hash_ctx *ctx;
> -	unsigned long flags;
> -
> -	mgr = cstate->mgr;
> -	spin_lock_irqsave(&cstate->work_lock, flags);
> -	ctx = (struct sha512_hash_ctx *)
> -				sha512_job_mgr_get_comp_job(&mgr->mgr);
> -	ctx = sha512_ctx_mgr_resubmit(mgr, ctx);
> -	spin_unlock_irqrestore(&cstate->work_lock, flags);
> -	return ctx;
> -}
> -
> -static void sha512_ctx_mgr_init(struct sha512_ctx_mgr *mgr)
> -{
> -	sha512_job_mgr_init(&mgr->mgr);
> -}
> -
> -static struct sha512_hash_ctx
> -			*sha512_ctx_mgr_submit(struct mcryptd_alg_cstate *cstate,
> -					  struct sha512_hash_ctx *ctx,
> -					  const void *buffer,
> -					  uint32_t len,
> -					  int flags)
> -{
> -	struct sha512_ctx_mgr *mgr;
> -	unsigned long irqflags;
> -
> -	mgr = cstate->mgr;
> -	spin_lock_irqsave(&cstate->work_lock, irqflags);
> -	if (flags & ~(HASH_UPDATE | HASH_LAST)) {
> -		/* User should not pass anything other than UPDATE or LAST */
> -		ctx->error = HASH_CTX_ERROR_INVALID_FLAGS;
> -		goto unlock;
> -	}
> -
> -	if (ctx->status & HASH_CTX_STS_PROCESSING) {
> -		/* Cannot submit to a currently processing job. */
> -		ctx->error = HASH_CTX_ERROR_ALREADY_PROCESSING;
> -		goto unlock;
> -	}
> -
> -	if (ctx->status & HASH_CTX_STS_COMPLETE) {
> -		/* Cannot update a finished job. */
> -		ctx->error = HASH_CTX_ERROR_ALREADY_COMPLETED;
> -		goto unlock;
> -	}
> -
> -	/*
> -	 * If we made it here, there were no errors during this call to
> -	 * submit
> -	 */
> -	ctx->error = HASH_CTX_ERROR_NONE;
> -
> -	/* Store buffer ptr info from user */
> -	ctx->incoming_buffer = buffer;
> -	ctx->incoming_buffer_length = len;
> -
> -	/*
> -	 * Store the user's request flags and mark this ctx as currently being
> -	 * processed.
> -	 */
> -	ctx->status = (flags & HASH_LAST) ?
> -			(HASH_CTX_STS_PROCESSING | HASH_CTX_STS_LAST) :
> -			HASH_CTX_STS_PROCESSING;
> -
> -	/* Advance byte counter */
> -	ctx->total_length += len;
> -
> -	/*
> -	 * If there is anything currently buffered in the extra blocks,
> -	 * append to it until it contains a whole block.
> -	 * Or if the user's buffer contains less than a whole block,
> -	 * append as much as possible to the extra block.
> -	 */
> -	if (ctx->partial_block_buffer_length || len < SHA512_BLOCK_SIZE) {
> -		/* Compute how many bytes to copy from user buffer into extra
> -		 * block
> -		 */
> -		uint32_t copy_len = SHA512_BLOCK_SIZE -
> -					ctx->partial_block_buffer_length;
> -		if (len < copy_len)
> -			copy_len = len;
> -
> -		if (copy_len) {
> -			/* Copy and update relevant pointers and counters */
> -			memcpy
> -		(&ctx->partial_block_buffer[ctx->partial_block_buffer_length],
> -				buffer, copy_len);
> -
> -			ctx->partial_block_buffer_length += copy_len;
> -			ctx->incoming_buffer = (const void *)
> -					((const char *)buffer + copy_len);
> -			ctx->incoming_buffer_length = len - copy_len;
> -		}
> -
> -		/* The extra block should never contain more than 1 block
> -		 * here
> -		 */
> -		assert(ctx->partial_block_buffer_length <= SHA512_BLOCK_SIZE);
> -
> -		/* If the extra block buffer contains exactly 1 block, it can
> -		 * be hashed.
> -		 */
> -		if (ctx->partial_block_buffer_length >= SHA512_BLOCK_SIZE) {
> -			ctx->partial_block_buffer_length = 0;
> -
> -			ctx->job.buffer = ctx->partial_block_buffer;
> -			ctx->job.len = 1;
> -			ctx = (struct sha512_hash_ctx *)
> -				sha512_job_mgr_submit(&mgr->mgr, &ctx->job);
> -		}
> -	}
> -
> -	ctx = sha512_ctx_mgr_resubmit(mgr, ctx);
> -unlock:
> -	spin_unlock_irqrestore(&cstate->work_lock, irqflags);
> -	return ctx;
> -}
> -
> -static struct sha512_hash_ctx *sha512_ctx_mgr_flush(struct mcryptd_alg_cstate *cstate)
> -{
> -	struct sha512_ctx_mgr *mgr;
> -	struct sha512_hash_ctx *ctx;
> -	unsigned long flags;
> -
> -	mgr = cstate->mgr;
> -	spin_lock_irqsave(&cstate->work_lock, flags);
> -	while (1) {
> -		ctx = (struct sha512_hash_ctx *)
> -					sha512_job_mgr_flush(&mgr->mgr);
> -
> -		/* If flush returned 0, there are no more jobs in flight. */
> -		if (!ctx)
> -			break;
> -
> -		/*
> -		 * If flush returned a job, resubmit the job to finish
> -		 * processing.
> -		 */
> -		ctx = sha512_ctx_mgr_resubmit(mgr, ctx);
> -
> -		/*
> -		 * If sha512_ctx_mgr_resubmit returned a job, it is ready to
> -		 * be returned. Otherwise, all jobs currently being managed by
> -		 * the sha512_ctx_mgr still need processing. Loop.
> -		 */
> -		if (ctx)
> -			break;
> -	}
> -	spin_unlock_irqrestore(&cstate->work_lock, flags);
> -	return ctx;
> -}
> -
> -static int sha512_mb_init(struct ahash_request *areq)
> -{
> -	struct sha512_hash_ctx *sctx = ahash_request_ctx(areq);
> -
> -	hash_ctx_init(sctx);
> -	sctx->job.result_digest[0] = SHA512_H0;
> -	sctx->job.result_digest[1] = SHA512_H1;
> -	sctx->job.result_digest[2] = SHA512_H2;
> -	sctx->job.result_digest[3] = SHA512_H3;
> -	sctx->job.result_digest[4] = SHA512_H4;
> -	sctx->job.result_digest[5] = SHA512_H5;
> -	sctx->job.result_digest[6] = SHA512_H6;
> -	sctx->job.result_digest[7] = SHA512_H7;
> -	sctx->total_length = 0;
> -	sctx->partial_block_buffer_length = 0;
> -	sctx->status = HASH_CTX_STS_IDLE;
> -
> -	return 0;
> -}
> -
> -static int sha512_mb_set_results(struct mcryptd_hash_request_ctx *rctx)
> -{
> -	int	i;
> -	struct	sha512_hash_ctx *sctx = ahash_request_ctx(&rctx->areq);
> -	__be64	*dst = (__be64 *) rctx->out;
> -
> -	for (i = 0; i < 8; ++i)
> -		dst[i] = cpu_to_be64(sctx->job.result_digest[i]);
> -
> -	return 0;
> -}
> -
> -static int sha_finish_walk(struct mcryptd_hash_request_ctx **ret_rctx,
> -			struct mcryptd_alg_cstate *cstate, bool flush)
> -{
> -	int	flag = HASH_UPDATE;
> -	int	nbytes, err = 0;
> -	struct mcryptd_hash_request_ctx *rctx = *ret_rctx;
> -	struct sha512_hash_ctx *sha_ctx;
> -
> -	/* more work ? */
> -	while (!(rctx->flag & HASH_DONE)) {
> -		nbytes = crypto_ahash_walk_done(&rctx->walk, 0);
> -		if (nbytes < 0) {
> -			err = nbytes;
> -			goto out;
> -		}
> -		/* check if the walk is done */
> -		if (crypto_ahash_walk_last(&rctx->walk)) {
> -			rctx->flag |= HASH_DONE;
> -			if (rctx->flag & HASH_FINAL)
> -				flag |= HASH_LAST;
> -
> -		}
> -		sha_ctx = (struct sha512_hash_ctx *)
> -						ahash_request_ctx(&rctx->areq);
> -		kernel_fpu_begin();
> -		sha_ctx = sha512_ctx_mgr_submit(cstate, sha_ctx,
> -						rctx->walk.data, nbytes, flag);
> -		if (!sha_ctx) {
> -			if (flush)
> -				sha_ctx = sha512_ctx_mgr_flush(cstate);
> -		}
> -		kernel_fpu_end();
> -		if (sha_ctx)
> -			rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		else {
> -			rctx = NULL;
> -			goto out;
> -		}
> -	}
> -
> -	/* copy the results */
> -	if (rctx->flag & HASH_FINAL)
> -		sha512_mb_set_results(rctx);
> -
> -out:
> -	*ret_rctx = rctx;
> -	return err;
> -}
> -
> -static int sha_complete_job(struct mcryptd_hash_request_ctx *rctx,
> -			    struct mcryptd_alg_cstate *cstate,
> -			    int err)
> -{
> -	struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
> -	struct sha512_hash_ctx *sha_ctx;
> -	struct mcryptd_hash_request_ctx *req_ctx;
> -	int ret;
> -	unsigned long flags;
> -
> -	/* remove from work list */
> -	spin_lock_irqsave(&cstate->work_lock, flags);
> -	list_del(&rctx->waiter);
> -	spin_unlock_irqrestore(&cstate->work_lock, flags);
> -
> -	if (irqs_disabled())
> -		rctx->complete(&req->base, err);
> -	else {
> -		local_bh_disable();
> -		rctx->complete(&req->base, err);
> -		local_bh_enable();
> -	}
> -
> -	/* check to see if there are other jobs that are done */
> -	sha_ctx = sha512_ctx_mgr_get_comp_ctx(cstate);
> -	while (sha_ctx) {
> -		req_ctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		ret = sha_finish_walk(&req_ctx, cstate, false);
> -		if (req_ctx) {
> -			spin_lock_irqsave(&cstate->work_lock, flags);
> -			list_del(&req_ctx->waiter);
> -			spin_unlock_irqrestore(&cstate->work_lock, flags);
> -
> -			req = cast_mcryptd_ctx_to_req(req_ctx);
> -			if (irqs_disabled())
> -				req_ctx->complete(&req->base, ret);
> -			else {
> -				local_bh_disable();
> -				req_ctx->complete(&req->base, ret);
> -				local_bh_enable();
> -			}
> -		}
> -		sha_ctx = sha512_ctx_mgr_get_comp_ctx(cstate);
> -	}
> -
> -	return 0;
> -}
> -
> -static void sha512_mb_add_list(struct mcryptd_hash_request_ctx *rctx,
> -			     struct mcryptd_alg_cstate *cstate)
> -{
> -	unsigned long next_flush;
> -	unsigned long delay = usecs_to_jiffies(FLUSH_INTERVAL);
> -	unsigned long flags;
> -
> -	/* initialize tag */
> -	rctx->tag.arrival = jiffies;    /* tag the arrival time */
> -	rctx->tag.seq_num = cstate->next_seq_num++;
> -	next_flush = rctx->tag.arrival + delay;
> -	rctx->tag.expire = next_flush;
> -
> -	spin_lock_irqsave(&cstate->work_lock, flags);
> -	list_add_tail(&rctx->waiter, &cstate->work_list);
> -	spin_unlock_irqrestore(&cstate->work_lock, flags);
> -
> -	mcryptd_arm_flusher(cstate, delay);
> -}
> -
> -static int sha512_mb_update(struct ahash_request *areq)
> -{
> -	struct mcryptd_hash_request_ctx *rctx =
> -			container_of(areq, struct mcryptd_hash_request_ctx,
> -									areq);
> -	struct mcryptd_alg_cstate *cstate =
> -				this_cpu_ptr(sha512_mb_alg_state.alg_cstate);
> -
> -	struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
> -	struct sha512_hash_ctx *sha_ctx;
> -	int ret = 0, nbytes;
> -
> -
> -	/* sanity check */
> -	if (rctx->tag.cpu != smp_processor_id()) {
> -		pr_err("mcryptd error: cpu clash\n");
> -		goto done;
> -	}
> -
> -	/* need to init context */
> -	req_ctx_init(rctx, areq);
> -
> -	nbytes = crypto_ahash_walk_first(req, &rctx->walk);
> -
> -	if (nbytes < 0) {
> -		ret = nbytes;
> -		goto done;
> -	}
> -
> -	if (crypto_ahash_walk_last(&rctx->walk))
> -		rctx->flag |= HASH_DONE;
> -
> -	/* submit */
> -	sha_ctx = (struct sha512_hash_ctx *) ahash_request_ctx(areq);
> -	sha512_mb_add_list(rctx, cstate);
> -	kernel_fpu_begin();
> -	sha_ctx = sha512_ctx_mgr_submit(cstate, sha_ctx, rctx->walk.data,
> -							nbytes, HASH_UPDATE);
> -	kernel_fpu_end();
> -
> -	/* check if anything is returned */
> -	if (!sha_ctx)
> -		return -EINPROGRESS;
> -
> -	if (sha_ctx->error) {
> -		ret = sha_ctx->error;
> -		rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		goto done;
> -	}
> -
> -	rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -	ret = sha_finish_walk(&rctx, cstate, false);
> -
> -	if (!rctx)
> -		return -EINPROGRESS;
> -done:
> -	sha_complete_job(rctx, cstate, ret);
> -	return ret;
> -}
> -
> -static int sha512_mb_finup(struct ahash_request *areq)
> -{
> -	struct mcryptd_hash_request_ctx *rctx =
> -			container_of(areq, struct mcryptd_hash_request_ctx,
> -									areq);
> -	struct mcryptd_alg_cstate *cstate =
> -				this_cpu_ptr(sha512_mb_alg_state.alg_cstate);
> -
> -	struct ahash_request *req = cast_mcryptd_ctx_to_req(rctx);
> -	struct sha512_hash_ctx *sha_ctx;
> -	int ret = 0, flag = HASH_UPDATE, nbytes;
> -
> -	/* sanity check */
> -	if (rctx->tag.cpu != smp_processor_id()) {
> -		pr_err("mcryptd error: cpu clash\n");
> -		goto done;
> -	}
> -
> -	/* need to init context */
> -	req_ctx_init(rctx, areq);
> -
> -	nbytes = crypto_ahash_walk_first(req, &rctx->walk);
> -
> -	if (nbytes < 0) {
> -		ret = nbytes;
> -		goto done;
> -	}
> -
> -	if (crypto_ahash_walk_last(&rctx->walk)) {
> -		rctx->flag |= HASH_DONE;
> -		flag = HASH_LAST;
> -	}
> -
> -	/* submit */
> -	rctx->flag |= HASH_FINAL;
> -	sha_ctx = (struct sha512_hash_ctx *) ahash_request_ctx(areq);
> -	sha512_mb_add_list(rctx, cstate);
> -
> -	kernel_fpu_begin();
> -	sha_ctx = sha512_ctx_mgr_submit(cstate, sha_ctx, rctx->walk.data,
> -								nbytes, flag);
> -	kernel_fpu_end();
> -
> -	/* check if anything is returned */
> -	if (!sha_ctx)
> -		return -EINPROGRESS;
> -
> -	if (sha_ctx->error) {
> -		ret = sha_ctx->error;
> -		goto done;
> -	}
> -
> -	rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -	ret = sha_finish_walk(&rctx, cstate, false);
> -	if (!rctx)
> -		return -EINPROGRESS;
> -done:
> -	sha_complete_job(rctx, cstate, ret);
> -	return ret;
> -}
> -
> -static int sha512_mb_final(struct ahash_request *areq)
> -{
> -	struct mcryptd_hash_request_ctx *rctx =
> -			container_of(areq, struct mcryptd_hash_request_ctx,
> -									areq);
> -	struct mcryptd_alg_cstate *cstate =
> -				this_cpu_ptr(sha512_mb_alg_state.alg_cstate);
> -
> -	struct sha512_hash_ctx *sha_ctx;
> -	int ret = 0;
> -	u8 data;
> -
> -	/* sanity check */
> -	if (rctx->tag.cpu != smp_processor_id()) {
> -		pr_err("mcryptd error: cpu clash\n");
> -		goto done;
> -	}
> -
> -	/* need to init context */
> -	req_ctx_init(rctx, areq);
> -
> -	rctx->flag |= HASH_DONE | HASH_FINAL;
> -
> -	sha_ctx = (struct sha512_hash_ctx *) ahash_request_ctx(areq);
> -	/* flag HASH_FINAL and 0 data size */
> -	sha512_mb_add_list(rctx, cstate);
> -	kernel_fpu_begin();
> -	sha_ctx = sha512_ctx_mgr_submit(cstate, sha_ctx, &data, 0, HASH_LAST);
> -	kernel_fpu_end();
> -
> -	/* check if anything is returned */
> -	if (!sha_ctx)
> -		return -EINPROGRESS;
> -
> -	if (sha_ctx->error) {
> -		ret = sha_ctx->error;
> -		rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		goto done;
> -	}
> -
> -	rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -	ret = sha_finish_walk(&rctx, cstate, false);
> -	if (!rctx)
> -		return -EINPROGRESS;
> -done:
> -	sha_complete_job(rctx, cstate, ret);
> -	return ret;
> -}
> -
> -static int sha512_mb_export(struct ahash_request *areq, void *out)
> -{
> -	struct sha512_hash_ctx *sctx = ahash_request_ctx(areq);
> -
> -	memcpy(out, sctx, sizeof(*sctx));
> -
> -	return 0;
> -}
> -
> -static int sha512_mb_import(struct ahash_request *areq, const void *in)
> -{
> -	struct sha512_hash_ctx *sctx = ahash_request_ctx(areq);
> -
> -	memcpy(sctx, in, sizeof(*sctx));
> -
> -	return 0;
> -}
> -
> -static int sha512_mb_async_init_tfm(struct crypto_tfm *tfm)
> -{
> -	struct mcryptd_ahash *mcryptd_tfm;
> -	struct sha512_mb_ctx *ctx = crypto_tfm_ctx(tfm);
> -	struct mcryptd_hash_ctx *mctx;
> -
> -	mcryptd_tfm = mcryptd_alloc_ahash("__intel_sha512-mb",
> -						CRYPTO_ALG_INTERNAL,
> -						CRYPTO_ALG_INTERNAL);
> -	if (IS_ERR(mcryptd_tfm))
> -		return PTR_ERR(mcryptd_tfm);
> -	mctx = crypto_ahash_ctx(&mcryptd_tfm->base);
> -	mctx->alg_state = &sha512_mb_alg_state;
> -	ctx->mcryptd_tfm = mcryptd_tfm;
> -	crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
> -				sizeof(struct ahash_request) +
> -				crypto_ahash_reqsize(&mcryptd_tfm->base));
> -
> -	return 0;
> -}
> -
> -static void sha512_mb_async_exit_tfm(struct crypto_tfm *tfm)
> -{
> -	struct sha512_mb_ctx *ctx = crypto_tfm_ctx(tfm);
> -
> -	mcryptd_free_ahash(ctx->mcryptd_tfm);
> -}
> -
> -static int sha512_mb_areq_init_tfm(struct crypto_tfm *tfm)
> -{
> -	crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
> -				sizeof(struct ahash_request) +
> -				sizeof(struct sha512_hash_ctx));
> -
> -	return 0;
> -}
> -
> -static void sha512_mb_areq_exit_tfm(struct crypto_tfm *tfm)
> -{
> -	struct sha512_mb_ctx *ctx = crypto_tfm_ctx(tfm);
> -
> -	mcryptd_free_ahash(ctx->mcryptd_tfm);
> -}
> -
> -static struct ahash_alg sha512_mb_areq_alg = {
> -	.init		=	sha512_mb_init,
> -	.update		=	sha512_mb_update,
> -	.final		=	sha512_mb_final,
> -	.finup		=	sha512_mb_finup,
> -	.export		=	sha512_mb_export,
> -	.import		=	sha512_mb_import,
> -	.halg		=	{
> -	.digestsize	=	SHA512_DIGEST_SIZE,
> -	.statesize	=	sizeof(struct sha512_hash_ctx),
> -	.base		=	{
> -			.cra_name	 = "__sha512-mb",
> -			.cra_driver_name = "__intel_sha512-mb",
> -			.cra_priority	 = 100,
> -			/*
> -			 * use ASYNC flag as some buffers in multi-buffer
> -			 * algo may not have completed before hashing thread
> -			 * sleep
> -			 */
> -			.cra_flags	= CRYPTO_ALG_ASYNC |
> -					  CRYPTO_ALG_INTERNAL,
> -			.cra_blocksize	= SHA512_BLOCK_SIZE,
> -			.cra_module	= THIS_MODULE,
> -			.cra_list	= LIST_HEAD_INIT
> -					(sha512_mb_areq_alg.halg.base.cra_list),
> -			.cra_init	= sha512_mb_areq_init_tfm,
> -			.cra_exit	= sha512_mb_areq_exit_tfm,
> -			.cra_ctxsize	= sizeof(struct sha512_hash_ctx),
> -		}
> -	}
> -};
> -
> -static int sha512_mb_async_init(struct ahash_request *req)
> -{
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha512_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_init(mcryptd_req);
> -}
> -
> -static int sha512_mb_async_update(struct ahash_request *req)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha512_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_update(mcryptd_req);
> -}
> -
> -static int sha512_mb_async_finup(struct ahash_request *req)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha512_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_finup(mcryptd_req);
> -}
> -
> -static int sha512_mb_async_final(struct ahash_request *req)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha512_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_final(mcryptd_req);
> -}
> -
> -static int sha512_mb_async_digest(struct ahash_request *req)
> -{
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha512_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_digest(mcryptd_req);
> -}
> -
> -static int sha512_mb_async_export(struct ahash_request *req, void *out)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha512_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	return crypto_ahash_export(mcryptd_req, out);
> -}
> -
> -static int sha512_mb_async_import(struct ahash_request *req, const void *in)
> -{
> -	struct ahash_request *mcryptd_req = ahash_request_ctx(req);
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct sha512_mb_ctx *ctx = crypto_ahash_ctx(tfm);
> -	struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
> -	struct crypto_ahash *child = mcryptd_ahash_child(mcryptd_tfm);
> -	struct mcryptd_hash_request_ctx *rctx;
> -	struct ahash_request *areq;
> -
> -	memcpy(mcryptd_req, req, sizeof(*req));
> -	ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
> -	rctx = ahash_request_ctx(mcryptd_req);
> -
> -	areq = &rctx->areq;
> -
> -	ahash_request_set_tfm(areq, child);
> -	ahash_request_set_callback(areq, CRYPTO_TFM_REQ_MAY_SLEEP,
> -					rctx->complete, req);
> -
> -	return crypto_ahash_import(mcryptd_req, in);
> -}
> -
> -static struct ahash_alg sha512_mb_async_alg = {
> -	.init           = sha512_mb_async_init,
> -	.update         = sha512_mb_async_update,
> -	.final          = sha512_mb_async_final,
> -	.finup          = sha512_mb_async_finup,
> -	.digest         = sha512_mb_async_digest,
> -	.export		= sha512_mb_async_export,
> -	.import		= sha512_mb_async_import,
> -	.halg = {
> -		.digestsize     = SHA512_DIGEST_SIZE,
> -		.statesize      = sizeof(struct sha512_hash_ctx),
> -		.base = {
> -			.cra_name               = "sha512",
> -			.cra_driver_name        = "sha512_mb",
> -			/*
> -			 * Low priority, since with few concurrent hash requests
> -			 * this is extremely slow due to the flush delay.  Users
> -			 * whose workloads would benefit from this can request
> -			 * it explicitly by driver name, or can increase its
> -			 * priority at runtime using NETLINK_CRYPTO.
> -			 */
> -			.cra_priority           = 50,
> -			.cra_flags              = CRYPTO_ALG_ASYNC,
> -			.cra_blocksize          = SHA512_BLOCK_SIZE,
> -			.cra_module             = THIS_MODULE,
> -			.cra_list               = LIST_HEAD_INIT
> -				(sha512_mb_async_alg.halg.base.cra_list),
> -			.cra_init               = sha512_mb_async_init_tfm,
> -			.cra_exit               = sha512_mb_async_exit_tfm,
> -			.cra_ctxsize		= sizeof(struct sha512_mb_ctx),
> -			.cra_alignmask		= 0,
> -		},
> -	},
> -};
> -
> -static unsigned long sha512_mb_flusher(struct mcryptd_alg_cstate *cstate)
> -{
> -	struct mcryptd_hash_request_ctx *rctx;
> -	unsigned long cur_time;
> -	unsigned long next_flush = 0;
> -	struct sha512_hash_ctx *sha_ctx;
> -
> -
> -	cur_time = jiffies;
> -
> -	while (!list_empty(&cstate->work_list)) {
> -		rctx = list_entry(cstate->work_list.next,
> -				struct mcryptd_hash_request_ctx, waiter);
> -		if time_before(cur_time, rctx->tag.expire)
> -			break;
> -		kernel_fpu_begin();
> -		sha_ctx = (struct sha512_hash_ctx *)
> -					sha512_ctx_mgr_flush(cstate);
> -		kernel_fpu_end();
> -		if (!sha_ctx) {
> -			pr_err("sha512_mb error: nothing got flushed for"
> -							" non-empty list\n");
> -			break;
> -		}
> -		rctx = cast_hash_to_mcryptd_ctx(sha_ctx);
> -		sha_finish_walk(&rctx, cstate, true);
> -		sha_complete_job(rctx, cstate, 0);
> -	}
> -
> -	if (!list_empty(&cstate->work_list)) {
> -		rctx = list_entry(cstate->work_list.next,
> -				struct mcryptd_hash_request_ctx, waiter);
> -		/* get the hash context and then flush time */
> -		next_flush = rctx->tag.expire;
> -		mcryptd_arm_flusher(cstate, get_delay(next_flush));
> -	}
> -	return next_flush;
> -}
> -
> -static int __init sha512_mb_mod_init(void)
> -{
> -
> -	int cpu;
> -	int err;
> -	struct mcryptd_alg_cstate *cpu_state;
> -
> -	/* check for dependent cpu features */
> -	if (!boot_cpu_has(X86_FEATURE_AVX2) ||
> -	    !boot_cpu_has(X86_FEATURE_BMI2))
> -		return -ENODEV;
> -
> -	/* initialize multibuffer structures */
> -	sha512_mb_alg_state.alg_cstate =
> -				alloc_percpu(struct mcryptd_alg_cstate);
> -
> -	sha512_job_mgr_init = sha512_mb_mgr_init_avx2;
> -	sha512_job_mgr_submit = sha512_mb_mgr_submit_avx2;
> -	sha512_job_mgr_flush = sha512_mb_mgr_flush_avx2;
> -	sha512_job_mgr_get_comp_job = sha512_mb_mgr_get_comp_job_avx2;
> -
> -	if (!sha512_mb_alg_state.alg_cstate)
> -		return -ENOMEM;
> -	for_each_possible_cpu(cpu) {
> -		cpu_state = per_cpu_ptr(sha512_mb_alg_state.alg_cstate, cpu);
> -		cpu_state->next_flush = 0;
> -		cpu_state->next_seq_num = 0;
> -		cpu_state->flusher_engaged = false;
> -		INIT_DELAYED_WORK(&cpu_state->flush, mcryptd_flusher);
> -		cpu_state->cpu = cpu;
> -		cpu_state->alg_state = &sha512_mb_alg_state;
> -		cpu_state->mgr = kzalloc(sizeof(struct sha512_ctx_mgr),
> -								GFP_KERNEL);
> -		if (!cpu_state->mgr)
> -			goto err2;
> -		sha512_ctx_mgr_init(cpu_state->mgr);
> -		INIT_LIST_HEAD(&cpu_state->work_list);
> -		spin_lock_init(&cpu_state->work_lock);
> -	}
> -	sha512_mb_alg_state.flusher = &sha512_mb_flusher;
> -
> -	err = crypto_register_ahash(&sha512_mb_areq_alg);
> -	if (err)
> -		goto err2;
> -	err = crypto_register_ahash(&sha512_mb_async_alg);
> -	if (err)
> -		goto err1;
> -
> -
> -	return 0;
> -err1:
> -	crypto_unregister_ahash(&sha512_mb_areq_alg);
> -err2:
> -	for_each_possible_cpu(cpu) {
> -		cpu_state = per_cpu_ptr(sha512_mb_alg_state.alg_cstate, cpu);
> -		kfree(cpu_state->mgr);
> -	}
> -	free_percpu(sha512_mb_alg_state.alg_cstate);
> -	return -ENODEV;
> -}
> -
> -static void __exit sha512_mb_mod_fini(void)
> -{
> -	int cpu;
> -	struct mcryptd_alg_cstate *cpu_state;
> -
> -	crypto_unregister_ahash(&sha512_mb_async_alg);
> -	crypto_unregister_ahash(&sha512_mb_areq_alg);
> -	for_each_possible_cpu(cpu) {
> -		cpu_state = per_cpu_ptr(sha512_mb_alg_state.alg_cstate, cpu);
> -		kfree(cpu_state->mgr);
> -	}
> -	free_percpu(sha512_mb_alg_state.alg_cstate);
> -}
> -
> -module_init(sha512_mb_mod_init);
> -module_exit(sha512_mb_mod_fini);
> -
> -MODULE_LICENSE("GPL");
> -MODULE_DESCRIPTION("SHA512 Secure Hash Algorithm, multi buffer accelerated");
> -
> -MODULE_ALIAS("sha512");
> diff --git a/arch/x86/crypto/sha512-mb/sha512_mb_ctx.h b/arch/x86/crypto/sha512-mb/sha512_mb_ctx.h
> deleted file mode 100644
> index e5c465bd821e..000000000000
> --- a/arch/x86/crypto/sha512-mb/sha512_mb_ctx.h
> +++ /dev/null
> @@ -1,128 +0,0 @@
> -/*
> - * Header file for multi buffer SHA512 context
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *      Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#ifndef _SHA_MB_CTX_INTERNAL_H
> -#define _SHA_MB_CTX_INTERNAL_H
> -
> -#include "sha512_mb_mgr.h"
> -
> -#define HASH_UPDATE          0x00
> -#define HASH_LAST            0x01
> -#define HASH_DONE            0x02
> -#define HASH_FINAL           0x04
> -
> -#define HASH_CTX_STS_IDLE       0x00
> -#define HASH_CTX_STS_PROCESSING 0x01
> -#define HASH_CTX_STS_LAST       0x02
> -#define HASH_CTX_STS_COMPLETE   0x04
> -
> -enum hash_ctx_error {
> -	HASH_CTX_ERROR_NONE               =  0,
> -	HASH_CTX_ERROR_INVALID_FLAGS      = -1,
> -	HASH_CTX_ERROR_ALREADY_PROCESSING = -2,
> -	HASH_CTX_ERROR_ALREADY_COMPLETED  = -3,
> -};
> -
> -#define hash_ctx_user_data(ctx)  ((ctx)->user_data)
> -#define hash_ctx_digest(ctx)     ((ctx)->job.result_digest)
> -#define hash_ctx_processing(ctx) ((ctx)->status & HASH_CTX_STS_PROCESSING)
> -#define hash_ctx_complete(ctx)   ((ctx)->status == HASH_CTX_STS_COMPLETE)
> -#define hash_ctx_status(ctx)     ((ctx)->status)
> -#define hash_ctx_error(ctx)      ((ctx)->error)
> -#define hash_ctx_init(ctx) \
> -	do { \
> -		(ctx)->error = HASH_CTX_ERROR_NONE; \
> -		(ctx)->status = HASH_CTX_STS_COMPLETE; \
> -	} while (0)
> -
> -/* Hash Constants and Typedefs */
> -#define SHA512_DIGEST_LENGTH          8
> -#define SHA512_LOG2_BLOCK_SIZE        7
> -
> -#define SHA512_PADLENGTHFIELD_SIZE    16
> -
> -#ifdef SHA_MB_DEBUG
> -#define assert(expr) \
> -do { \
> -	if (unlikely(!(expr))) { \
> -		printk(KERN_ERR "Assertion failed! %s,%s,%s,line=%d\n", \
> -		#expr, __FILE__, __func__, __LINE__); \
> -	} \
> -} while (0)
> -#else
> -#define assert(expr) do {} while (0)
> -#endif
> -
> -struct sha512_ctx_mgr {
> -	struct sha512_mb_mgr mgr;
> -};
> -
> -/* typedef struct sha512_ctx_mgr sha512_ctx_mgr; */
> -
> -struct sha512_hash_ctx {
> -	/* Must be at struct offset 0 */
> -	struct job_sha512       job;
> -	/* status flag */
> -	int status;
> -	/* error flag */
> -	int error;
> -
> -	uint64_t        total_length;
> -	const void      *incoming_buffer;
> -	uint32_t        incoming_buffer_length;
> -	uint8_t         partial_block_buffer[SHA512_BLOCK_SIZE * 2];
> -	uint32_t        partial_block_buffer_length;
> -	void            *user_data;
> -};
> -
> -#endif
> diff --git a/arch/x86/crypto/sha512-mb/sha512_mb_mgr.h b/arch/x86/crypto/sha512-mb/sha512_mb_mgr.h
> deleted file mode 100644
> index 178f17eef382..000000000000
> --- a/arch/x86/crypto/sha512-mb/sha512_mb_mgr.h
> +++ /dev/null
> @@ -1,104 +0,0 @@
> -/*
> - * Header file for multi buffer SHA512 algorithm manager
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *      Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#ifndef __SHA_MB_MGR_H
> -#define __SHA_MB_MGR_H
> -
> -#include <linux/types.h>
> -
> -#define NUM_SHA512_DIGEST_WORDS 8
> -
> -enum job_sts {STS_UNKNOWN = 0,
> -	STS_BEING_PROCESSED = 1,
> -	STS_COMPLETED =       2,
> -	STS_INTERNAL_ERROR = 3,
> -	STS_ERROR = 4
> -};
> -
> -struct job_sha512 {
> -	u8  *buffer;
> -	u64  len;
> -	u64  result_digest[NUM_SHA512_DIGEST_WORDS] __aligned(32);
> -	enum job_sts status;
> -	void   *user_data;
> -};
> -
> -struct sha512_args_x4 {
> -	uint64_t        digest[8][4];
> -	uint8_t         *data_ptr[4];
> -};
> -
> -struct sha512_lane_data {
> -	struct job_sha512 *job_in_lane;
> -};
> -
> -struct sha512_mb_mgr {
> -	struct sha512_args_x4 args;
> -
> -	uint64_t lens[4];
> -
> -	/* each byte is index (0...7) of unused lanes */
> -	uint64_t unused_lanes;
> -	/* byte 4 is set to FF as a flag */
> -	struct sha512_lane_data ldata[4];
> -};
> -
> -#define SHA512_MB_MGR_NUM_LANES_AVX2 4
> -
> -void sha512_mb_mgr_init_avx2(struct sha512_mb_mgr *state);
> -struct job_sha512 *sha512_mb_mgr_submit_avx2(struct sha512_mb_mgr *state,
> -						struct job_sha512 *job);
> -struct job_sha512 *sha512_mb_mgr_flush_avx2(struct sha512_mb_mgr *state);
> -struct job_sha512 *sha512_mb_mgr_get_comp_job_avx2(struct sha512_mb_mgr *state);
> -
> -#endif
> diff --git a/arch/x86/crypto/sha512-mb/sha512_mb_mgr_datastruct.S b/arch/x86/crypto/sha512-mb/sha512_mb_mgr_datastruct.S
> deleted file mode 100644
> index cf2636d4c9ba..000000000000
> --- a/arch/x86/crypto/sha512-mb/sha512_mb_mgr_datastruct.S
> +++ /dev/null
> @@ -1,281 +0,0 @@
> -/*
> - * Header file for multi buffer SHA256 algorithm data structure
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  This program is free software; you can redistribute it and/or modify
> - *  it under the terms of version 2 of the GNU General Public License as
> - *  published by the Free Software Foundation.
> - *
> - *  This program is distributed in the hope that it will be useful, but
> - *  WITHOUT ANY WARRANTY; without even the implied warranty of
> - *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - *  General Public License for more details.
> - *
> - *  Contact Information:
> - *      Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - *  BSD LICENSE
> - *
> - *  Copyright(c) 2016 Intel Corporation.
> - *
> - *  Redistribution and use in source and binary forms, with or without
> - *  modification, are permitted provided that the following conditions
> - *  are met:
> - *
> - *    * Redistributions of source code must retain the above copyright
> - *      notice, this list of conditions and the following disclaimer.
> - *    * Redistributions in binary form must reproduce the above copyright
> - *      notice, this list of conditions and the following disclaimer in
> - *      the documentation and/or other materials provided with the
> - *      distribution.
> - *    * Neither the name of Intel Corporation nor the names of its
> - *      contributors may be used to endorse or promote products derived
> - *      from this software without specific prior written permission.
> - *
> - *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -# Macros for defining data structures
> -
> -# Usage example
> -
> -#START_FIELDS   # JOB_AES
> -###     name            size    align
> -#FIELD  _plaintext,     8,      8       # pointer to plaintext
> -#FIELD  _ciphertext,    8,      8       # pointer to ciphertext
> -#FIELD  _IV,            16,     8       # IV
> -#FIELD  _keys,          8,      8       # pointer to keys
> -#FIELD  _len,           4,      4       # length in bytes
> -#FIELD  _status,        4,      4       # status enumeration
> -#FIELD  _user_data,     8,      8       # pointer to user data
> -#UNION  _union,         size1,  align1, \
> -#                       size2,  align2, \
> -#                       size3,  align3, \
> -#                       ...
> -#END_FIELDS
> -#%assign _JOB_AES_size  _FIELD_OFFSET
> -#%assign _JOB_AES_align _STRUCT_ALIGN
> -
> -#########################################################################
> -
> -# Alternate "struc-like" syntax:
> -#       STRUCT job_aes2
> -#       RES_Q   .plaintext,     1
> -#       RES_Q   .ciphertext,    1
> -#       RES_DQ  .IV,            1
> -#       RES_B   .nested,        _JOB_AES_SIZE, _JOB_AES_ALIGN
> -#       RES_U   .union,         size1, align1, \
> -#                               size2, align2, \
> -#                               ...
> -#       ENDSTRUCT
> -#       # Following only needed if nesting
> -#       %assign job_aes2_size   _FIELD_OFFSET
> -#       %assign job_aes2_align  _STRUCT_ALIGN
> -#
> -# RES_* macros take a name, a count and an optional alignment.
> -# The count in in terms of the base size of the macro, and the
> -# default alignment is the base size.
> -# The macros are:
> -# Macro    Base size
> -# RES_B     1
> -# RES_W     2
> -# RES_D     4
> -# RES_Q     8
> -# RES_DQ   16
> -# RES_Y    32
> -# RES_Z    64
> -#
> -# RES_U defines a union. It's arguments are a name and two or more
> -# pairs of "size, alignment"
> -#
> -# The two assigns are only needed if this structure is being nested
> -# within another. Even if the assigns are not done, one can still use
> -# STRUCT_NAME_size as the size of the structure.
> -#
> -# Note that for nesting, you still need to assign to STRUCT_NAME_size.
> -#
> -# The differences between this and using "struc" directly are that each
> -# type is implicitly aligned to its natural length (although this can be
> -# over-ridden with an explicit third parameter), and that the structure
> -# is padded at the end to its overall alignment.
> -#
> -
> -#########################################################################
> -
> -#ifndef _DATASTRUCT_ASM_
> -#define _DATASTRUCT_ASM_
> -
> -#define PTR_SZ                  8
> -#define SHA512_DIGEST_WORD_SIZE 8
> -#define SHA512_MB_MGR_NUM_LANES_AVX2 4
> -#define NUM_SHA512_DIGEST_WORDS 8
> -#define SZ4                     4*SHA512_DIGEST_WORD_SIZE
> -#define ROUNDS                  80*SZ4
> -#define SHA512_DIGEST_ROW_SIZE  (SHA512_MB_MGR_NUM_LANES_AVX2 * 8)
> -
> -# START_FIELDS
> -.macro START_FIELDS
> - _FIELD_OFFSET = 0
> - _STRUCT_ALIGN = 0
> -.endm
> -
> -# FIELD name size align
> -.macro FIELD name size align
> - _FIELD_OFFSET = (_FIELD_OFFSET + (\align) - 1) & (~ ((\align)-1))
> - \name  = _FIELD_OFFSET
> - _FIELD_OFFSET = _FIELD_OFFSET + (\size)
> -.if (\align > _STRUCT_ALIGN)
> - _STRUCT_ALIGN = \align
> -.endif
> -.endm
> -
> -# END_FIELDS
> -.macro END_FIELDS
> - _FIELD_OFFSET = (_FIELD_OFFSET + _STRUCT_ALIGN-1) & (~ (_STRUCT_ALIGN-1))
> -.endm
> -
> -.macro STRUCT p1
> -START_FIELDS
> -.struc \p1
> -.endm
> -
> -.macro ENDSTRUCT
> - tmp = _FIELD_OFFSET
> - END_FIELDS
> - tmp = (_FIELD_OFFSET - ##tmp)
> -.if (tmp > 0)
> -        .lcomm  tmp
> -.endm
> -
> -## RES_int name size align
> -.macro RES_int p1 p2 p3
> - name = \p1
> - size = \p2
> - align = .\p3
> -
> - _FIELD_OFFSET = (_FIELD_OFFSET + (align) - 1) & (~ ((align)-1))
> -.align align
> -.lcomm name size
> - _FIELD_OFFSET = _FIELD_OFFSET + (size)
> -.if (align > _STRUCT_ALIGN)
> - _STRUCT_ALIGN = align
> -.endif
> -.endm
> -
> -# macro RES_B name, size [, align]
> -.macro RES_B _name, _size, _align=1
> -RES_int _name _size _align
> -.endm
> -
> -# macro RES_W name, size [, align]
> -.macro RES_W _name, _size, _align=2
> -RES_int _name 2*(_size) _align
> -.endm
> -
> -# macro RES_D name, size [, align]
> -.macro RES_D _name, _size, _align=4
> -RES_int _name 4*(_size) _align
> -.endm
> -
> -# macro RES_Q name, size [, align]
> -.macro RES_Q _name, _size, _align=8
> -RES_int _name 8*(_size) _align
> -.endm
> -
> -# macro RES_DQ name, size [, align]
> -.macro RES_DQ _name, _size, _align=16
> -RES_int _name 16*(_size) _align
> -.endm
> -
> -# macro RES_Y name, size [, align]
> -.macro RES_Y _name, _size, _align=32
> -RES_int _name 32*(_size) _align
> -.endm
> -
> -# macro RES_Z name, size [, align]
> -.macro RES_Z _name, _size, _align=64
> -RES_int _name 64*(_size) _align
> -.endm
> -
> -#endif
> -
> -###################################################################
> -### Define SHA512 Out Of Order Data Structures
> -###################################################################
> -
> -START_FIELDS    # LANE_DATA
> -###     name            size    align
> -FIELD   _job_in_lane,   8,      8       # pointer to job object
> -END_FIELDS
> -
> - _LANE_DATA_size = _FIELD_OFFSET
> - _LANE_DATA_align = _STRUCT_ALIGN
> -
> -####################################################################
> -
> -START_FIELDS    # SHA512_ARGS_X4
> -###     name            size    align
> -FIELD   _digest,        8*8*4,  4      # transposed digest
> -FIELD   _data_ptr,      8*4,    8       # array of pointers to data
> -END_FIELDS
> -
> - _SHA512_ARGS_X4_size  =  _FIELD_OFFSET
> - _SHA512_ARGS_X4_align =  _STRUCT_ALIGN
> -
> -#####################################################################
> -
> -START_FIELDS    # MB_MGR
> -###     name            size    align
> -FIELD   _args,          _SHA512_ARGS_X4_size, _SHA512_ARGS_X4_align
> -FIELD   _lens,          8*4,    8
> -FIELD   _unused_lanes,  8,      8
> -FIELD   _ldata,         _LANE_DATA_size*4, _LANE_DATA_align
> -END_FIELDS
> -
> - _MB_MGR_size  =  _FIELD_OFFSET
> - _MB_MGR_align =  _STRUCT_ALIGN
> -
> -_args_digest = _args + _digest
> -_args_data_ptr = _args + _data_ptr
> -
> -#######################################################################
> -
> -#######################################################################
> -#### Define constants
> -#######################################################################
> -
> -#define STS_UNKNOWN             0
> -#define STS_BEING_PROCESSED     1
> -#define STS_COMPLETED           2
> -
> -#######################################################################
> -#### Define JOB_SHA512 structure
> -#######################################################################
> -
> -START_FIELDS    # JOB_SHA512
> -###     name                            size    align
> -FIELD   _buffer,                        8,      8       # pointer to buffer
> -FIELD   _len,                           8,      8       # length in bytes
> -FIELD   _result_digest,                 8*8,    32      # Digest (output)
> -FIELD   _status,                        4,      4
> -FIELD   _user_data,                     8,      8
> -END_FIELDS
> -
> - _JOB_SHA512_size = _FIELD_OFFSET
> - _JOB_SHA512_align = _STRUCT_ALIGN
> diff --git a/arch/x86/crypto/sha512-mb/sha512_mb_mgr_flush_avx2.S b/arch/x86/crypto/sha512-mb/sha512_mb_mgr_flush_avx2.S
> deleted file mode 100644
> index 7c629caebc05..000000000000
> --- a/arch/x86/crypto/sha512-mb/sha512_mb_mgr_flush_avx2.S
> +++ /dev/null
> @@ -1,297 +0,0 @@
> -/*
> - * Flush routine for SHA512 multibuffer
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * This program is free software; you can redistribute it and/or modify
> - * it under the terms of version 2 of the GNU General Public License as
> - * published by the Free Software Foundation.
> - *
> - * This program is distributed in the hope that it will be useful, but
> - * WITHOUT ANY WARRANTY; without even the implied warranty of
> - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - * General Public License for more details.
> - *
> - * Contact Information:
> - *     Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - * BSD LICENSE
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * Redistribution and use in source and binary forms, with or without
> - * modification, are permitted provided that the following conditions
> - * are met:
> - *
> - *   * Redistributions of source code must retain the above copyright
> - *     notice, this list of conditions and the following disclaimer.
> - *   * Redistributions in binary form must reproduce the above copyright
> - *     notice, this list of conditions and the following disclaimer in
> - *     the documentation and/or other materials provided with the
> - *     distribution.
> - *   * Neither the name of Intel Corporation nor the names of its
> - *     contributors may be used to endorse or promote products derived
> - *     from this software without specific prior written permission.
> - *
> - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#include <linux/linkage.h>
> -#include <asm/frame.h>
> -#include "sha512_mb_mgr_datastruct.S"
> -
> -.extern sha512_x4_avx2
> -
> -# LINUX register definitions
> -#define arg1    %rdi
> -#define arg2    %rsi
> -
> -# idx needs to be other than arg1, arg2, rbx, r12
> -#define idx     %rdx
> -
> -# Common definitions
> -#define state   arg1
> -#define job     arg2
> -#define len2    arg2
> -
> -#define unused_lanes    %rbx
> -#define lane_data       %rbx
> -#define tmp2            %rbx
> -
> -#define job_rax         %rax
> -#define tmp1            %rax
> -#define size_offset     %rax
> -#define tmp             %rax
> -#define start_offset    %rax
> -
> -#define tmp3            arg1
> -
> -#define extra_blocks    arg2
> -#define p               arg2
> -
> -#define tmp4            %r8
> -#define lens0           %r8
> -
> -#define lens1           %r9
> -#define lens2           %r10
> -#define lens3           %r11
> -
> -.macro LABEL prefix n
> -\prefix\n\():
> -.endm
> -
> -.macro JNE_SKIP i
> -jne     skip_\i
> -.endm
> -
> -.altmacro
> -.macro SET_OFFSET _offset
> -offset = \_offset
> -.endm
> -.noaltmacro
> -
> -# JOB* sha512_mb_mgr_flush_avx2(MB_MGR *state)
> -# arg 1 : rcx : state
> -ENTRY(sha512_mb_mgr_flush_avx2)
> -	FRAME_BEGIN
> -	push	%rbx
> -
> -	# If bit (32+3) is set, then all lanes are empty
> -	mov     _unused_lanes(state), unused_lanes
> -        bt      $32+7, unused_lanes
> -        jc      return_null
> -
> -        # find a lane with a non-null job
> -	xor     idx, idx
> -        offset = (_ldata + 1*_LANE_DATA_size + _job_in_lane)
> -        cmpq    $0, offset(state)
> -        cmovne  one(%rip), idx
> -        offset = (_ldata + 2*_LANE_DATA_size + _job_in_lane)
> -        cmpq    $0, offset(state)
> -        cmovne  two(%rip), idx
> -        offset = (_ldata + 3*_LANE_DATA_size + _job_in_lane)
> -        cmpq    $0, offset(state)
> -        cmovne  three(%rip), idx
> -
> -        # copy idx to empty lanes
> -copy_lane_data:
> -	offset =  (_args + _data_ptr)
> -        mov     offset(state,idx,8), tmp
> -
> -        I = 0
> -.rep 4
> -	offset =  (_ldata + I * _LANE_DATA_size + _job_in_lane)
> -        cmpq    $0, offset(state)
> -.altmacro
> -        JNE_SKIP %I
> -        offset =  (_args + _data_ptr + 8*I)
> -        mov     tmp, offset(state)
> -        offset =  (_lens + 8*I +4)
> -        movl    $0xFFFFFFFF, offset(state)
> -LABEL skip_ %I
> -        I = (I+1)
> -.noaltmacro
> -.endr
> -
> -        # Find min length
> -        mov     _lens + 0*8(state),lens0
> -        mov     lens0,idx
> -        mov     _lens + 1*8(state),lens1
> -        cmp     idx,lens1
> -        cmovb   lens1,idx
> -        mov     _lens + 2*8(state),lens2
> -        cmp     idx,lens2
> -        cmovb   lens2,idx
> -        mov     _lens + 3*8(state),lens3
> -        cmp     idx,lens3
> -        cmovb   lens3,idx
> -        mov     idx,len2
> -        and     $0xF,idx
> -        and     $~0xFF,len2
> -	jz      len_is_0
> -
> -        sub     len2, lens0
> -        sub     len2, lens1
> -        sub     len2, lens2
> -        sub     len2, lens3
> -        shr     $32,len2
> -        mov     lens0, _lens + 0*8(state)
> -        mov     lens1, _lens + 1*8(state)
> -        mov     lens2, _lens + 2*8(state)
> -        mov     lens3, _lens + 3*8(state)
> -
> -        # "state" and "args" are the same address, arg1
> -        # len is arg2
> -        call    sha512_x4_avx2
> -        # state and idx are intact
> -
> -len_is_0:
> -        # process completed job "idx"
> -	imul    $_LANE_DATA_size, idx, lane_data
> -        lea     _ldata(state, lane_data), lane_data
> -
> -        mov     _job_in_lane(lane_data), job_rax
> -        movq    $0,  _job_in_lane(lane_data)
> -        movl    $STS_COMPLETED, _status(job_rax)
> -        mov     _unused_lanes(state), unused_lanes
> -        shl     $8, unused_lanes
> -        or      idx, unused_lanes
> -        mov     unused_lanes, _unused_lanes(state)
> -
> -	movl    $0xFFFFFFFF, _lens+4(state,  idx, 8)
> -
> -	vmovq _args_digest+0*32(state, idx, 8), %xmm0
> -        vpinsrq $1, _args_digest+1*32(state, idx, 8), %xmm0, %xmm0
> -	vmovq _args_digest+2*32(state, idx, 8), %xmm1
> -        vpinsrq $1, _args_digest+3*32(state, idx, 8), %xmm1, %xmm1
> -	vmovq _args_digest+4*32(state, idx, 8), %xmm2
> -        vpinsrq $1, _args_digest+5*32(state, idx, 8), %xmm2, %xmm2
> -	vmovq _args_digest+6*32(state, idx, 8), %xmm3
> -	vpinsrq $1, _args_digest+7*32(state, idx, 8), %xmm3, %xmm3
> -
> -	vmovdqu %xmm0, _result_digest(job_rax)
> -	vmovdqu %xmm1, _result_digest+1*16(job_rax)
> -	vmovdqu %xmm2, _result_digest+2*16(job_rax)
> -	vmovdqu %xmm3, _result_digest+3*16(job_rax)
> -
> -return:
> -	pop	%rbx
> -	FRAME_END
> -        ret
> -
> -return_null:
> -        xor     job_rax, job_rax
> -        jmp     return
> -ENDPROC(sha512_mb_mgr_flush_avx2)
> -.align 16
> -
> -ENTRY(sha512_mb_mgr_get_comp_job_avx2)
> -        push    %rbx
> -
> -	mov     _unused_lanes(state), unused_lanes
> -        bt      $(32+7), unused_lanes
> -        jc      .return_null
> -
> -        # Find min length
> -        mov     _lens(state),lens0
> -        mov     lens0,idx
> -        mov     _lens+1*8(state),lens1
> -        cmp     idx,lens1
> -        cmovb   lens1,idx
> -        mov     _lens+2*8(state),lens2
> -        cmp     idx,lens2
> -        cmovb   lens2,idx
> -        mov     _lens+3*8(state),lens3
> -        cmp     idx,lens3
> -        cmovb   lens3,idx
> -        test    $~0xF,idx
> -        jnz     .return_null
> -        and     $0xF,idx
> -
> -        #process completed job "idx"
> -	imul    $_LANE_DATA_size, idx, lane_data
> -        lea     _ldata(state, lane_data), lane_data
> -
> -        mov     _job_in_lane(lane_data), job_rax
> -        movq    $0,  _job_in_lane(lane_data)
> -        movl    $STS_COMPLETED, _status(job_rax)
> -        mov     _unused_lanes(state), unused_lanes
> -        shl     $8, unused_lanes
> -        or      idx, unused_lanes
> -        mov     unused_lanes, _unused_lanes(state)
> -
> -        movl    $0xFFFFFFFF, _lens+4(state,  idx, 8)
> -
> -	vmovq   _args_digest(state, idx, 8), %xmm0
> -        vpinsrq $1, _args_digest+1*32(state, idx, 8), %xmm0, %xmm0
> -	vmovq    _args_digest+2*32(state, idx, 8), %xmm1
> -        vpinsrq $1, _args_digest+3*32(state, idx, 8), %xmm1, %xmm1
> -	vmovq    _args_digest+4*32(state, idx, 8), %xmm2
> -        vpinsrq $1, _args_digest+5*32(state, idx, 8), %xmm2, %xmm2
> -        vmovq    _args_digest+6*32(state, idx, 8), %xmm3
> -        vpinsrq $1, _args_digest+7*32(state, idx, 8), %xmm3, %xmm3
> -
> -	vmovdqu %xmm0, _result_digest+0*16(job_rax)
> -	vmovdqu %xmm1, _result_digest+1*16(job_rax)
> -	vmovdqu %xmm2, _result_digest+2*16(job_rax)
> -	vmovdqu %xmm3, _result_digest+3*16(job_rax)
> -
> -	pop     %rbx
> -
> -        ret
> -
> -.return_null:
> -        xor     job_rax, job_rax
> -	pop     %rbx
> -        ret
> -ENDPROC(sha512_mb_mgr_get_comp_job_avx2)
> -
> -.section	.rodata.cst8.one, "aM", @progbits, 8
> -.align 8
> -one:
> -.quad  1
> -
> -.section	.rodata.cst8.two, "aM", @progbits, 8
> -.align 8
> -two:
> -.quad  2
> -
> -.section	.rodata.cst8.three, "aM", @progbits, 8
> -.align 8
> -three:
> -.quad  3
> diff --git a/arch/x86/crypto/sha512-mb/sha512_mb_mgr_init_avx2.c b/arch/x86/crypto/sha512-mb/sha512_mb_mgr_init_avx2.c
> deleted file mode 100644
> index d08805032f01..000000000000
> --- a/arch/x86/crypto/sha512-mb/sha512_mb_mgr_init_avx2.c
> +++ /dev/null
> @@ -1,69 +0,0 @@
> -/*
> - * Initialization code for multi buffer SHA256 algorithm for AVX2
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * This program is free software; you can redistribute it and/or modify
> - * it under the terms of version 2 of the GNU General Public License as
> - * published by the Free Software Foundation.
> - *
> - * This program is distributed in the hope that it will be useful, but
> - * WITHOUT ANY WARRANTY; without even the implied warranty of
> - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - * General Public License for more details.
> - *
> - * Contact Information:
> - *     Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - * BSD LICENSE
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * Redistribution and use in source and binary forms, with or without
> - * modification, are permitted provided that the following conditions
> - * are met:
> - *
> - *   * Redistributions of source code must retain the above copyright
> - *     notice, this list of conditions and the following disclaimer.
> - *   * Redistributions in binary form must reproduce the above copyright
> - *     notice, this list of conditions and the following disclaimer in
> - *     the documentation and/or other materials provided with the
> - *     distribution.
> - *   * Neither the name of Intel Corporation nor the names of its
> - *     contributors may be used to endorse or promote products derived
> - *     from this software without specific prior written permission.
> - *
> - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#include "sha512_mb_mgr.h"
> -
> -void sha512_mb_mgr_init_avx2(struct sha512_mb_mgr *state)
> -{
> -	unsigned int j;
> -
> -	/* initially all lanes are unused */
> -	state->lens[0] = 0xFFFFFFFF00000000;
> -	state->lens[1] = 0xFFFFFFFF00000001;
> -	state->lens[2] = 0xFFFFFFFF00000002;
> -	state->lens[3] = 0xFFFFFFFF00000003;
> -
> -	state->unused_lanes = 0xFF03020100;
> -	for (j = 0; j < 4; j++)
> -		state->ldata[j].job_in_lane = NULL;
> -}
> diff --git a/arch/x86/crypto/sha512-mb/sha512_mb_mgr_submit_avx2.S b/arch/x86/crypto/sha512-mb/sha512_mb_mgr_submit_avx2.S
> deleted file mode 100644
> index 4ba709ba78e5..000000000000
> --- a/arch/x86/crypto/sha512-mb/sha512_mb_mgr_submit_avx2.S
> +++ /dev/null
> @@ -1,224 +0,0 @@
> -/*
> - * Buffer submit code for multi buffer SHA512 algorithm
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * This program is free software; you can redistribute it and/or modify
> - * it under the terms of version 2 of the GNU General Public License as
> - * published by the Free Software Foundation.
> - *
> - * This program is distributed in the hope that it will be useful, but
> - * WITHOUT ANY WARRANTY; without even the implied warranty of
> - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - * General Public License for more details.
> - *
> - * Contact Information:
> - *     Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - * BSD LICENSE
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * Redistribution and use in source and binary forms, with or without
> - * modification, are permitted provided that the following conditions
> - * are met:
> - *
> - *   * Redistributions of source code must retain the above copyright
> - *     notice, this list of conditions and the following disclaimer.
> - *   * Redistributions in binary form must reproduce the above copyright
> - *     notice, this list of conditions and the following disclaimer in
> - *     the documentation and/or other materials provided with the
> - *     distribution.
> - *   * Neither the name of Intel Corporation nor the names of its
> - *     contributors may be used to endorse or promote products derived
> - *     from this software without specific prior written permission.
> - *
> - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -#include <linux/linkage.h>
> -#include <asm/frame.h>
> -#include "sha512_mb_mgr_datastruct.S"
> -
> -.extern sha512_x4_avx2
> -
> -#define arg1    %rdi
> -#define arg2    %rsi
> -
> -#define idx             %rdx
> -#define last_len        %rdx
> -
> -#define size_offset     %rcx
> -#define tmp2            %rcx
> -
> -# Common definitions
> -#define state   arg1
> -#define job     arg2
> -#define len2    arg2
> -#define p2      arg2
> -
> -#define p               %r11
> -#define start_offset    %r11
> -
> -#define unused_lanes    %rbx
> -
> -#define job_rax         %rax
> -#define len             %rax
> -
> -#define lane            %r12
> -#define tmp3            %r12
> -#define lens3           %r12
> -
> -#define extra_blocks    %r8
> -#define lens0           %r8
> -
> -#define tmp             %r9
> -#define lens1           %r9
> -
> -#define lane_data       %r10
> -#define lens2           %r10
> -
> -#define DWORD_len %eax
> -
> -# JOB* sha512_mb_mgr_submit_avx2(MB_MGR *state, JOB *job)
> -# arg 1 : rcx : state
> -# arg 2 : rdx : job
> -ENTRY(sha512_mb_mgr_submit_avx2)
> -	FRAME_BEGIN
> -	push	%rbx
> -	push	%r12
> -
> -        mov     _unused_lanes(state), unused_lanes
> -        movzb     %bl,lane
> -        shr     $8, unused_lanes
> -        imul    $_LANE_DATA_size, lane,lane_data
> -        movl    $STS_BEING_PROCESSED, _status(job)
> -	lea     _ldata(state, lane_data), lane_data
> -        mov     unused_lanes, _unused_lanes(state)
> -        movl    _len(job),  DWORD_len
> -
> -	mov     job, _job_in_lane(lane_data)
> -        movl    DWORD_len,_lens+4(state , lane, 8)
> -
> -	# Load digest words from result_digest
> -	vmovdqu	_result_digest+0*16(job), %xmm0
> -	vmovdqu _result_digest+1*16(job), %xmm1
> -	vmovdqu	_result_digest+2*16(job), %xmm2
> -        vmovdqu	_result_digest+3*16(job), %xmm3
> -
> -	vmovq    %xmm0, _args_digest(state, lane, 8)
> -	vpextrq  $1, %xmm0, _args_digest+1*32(state , lane, 8)
> -	vmovq    %xmm1, _args_digest+2*32(state , lane, 8)
> -	vpextrq  $1, %xmm1, _args_digest+3*32(state , lane, 8)
> -	vmovq    %xmm2, _args_digest+4*32(state , lane, 8)
> -	vpextrq  $1, %xmm2, _args_digest+5*32(state , lane, 8)
> -	vmovq    %xmm3, _args_digest+6*32(state , lane, 8)
> -	vpextrq  $1, %xmm3, _args_digest+7*32(state , lane, 8)
> -
> -	mov     _buffer(job), p
> -	mov     p, _args_data_ptr(state, lane, 8)
> -
> -	cmp     $0xFF, unused_lanes
> -	jne     return_null
> -
> -start_loop:
> -
> -	# Find min length
> -	mov     _lens+0*8(state),lens0
> -	mov     lens0,idx
> -	mov     _lens+1*8(state),lens1
> -	cmp     idx,lens1
> -	cmovb   lens1, idx
> -	mov     _lens+2*8(state),lens2
> -	cmp     idx,lens2
> -	cmovb   lens2,idx
> -	mov     _lens+3*8(state),lens3
> -	cmp     idx,lens3
> -	cmovb   lens3,idx
> -	mov     idx,len2
> -	and     $0xF,idx
> -	and     $~0xFF,len2
> -	jz      len_is_0
> -
> -	sub     len2,lens0
> -	sub     len2,lens1
> -	sub     len2,lens2
> -	sub     len2,lens3
> -	shr     $32,len2
> -	mov     lens0, _lens + 0*8(state)
> -	mov     lens1, _lens + 1*8(state)
> -	mov     lens2, _lens + 2*8(state)
> -	mov     lens3, _lens + 3*8(state)
> -
> -	# "state" and "args" are the same address, arg1
> -	# len is arg2
> -	call    sha512_x4_avx2
> -	# state and idx are intact
> -
> -len_is_0:
> -
> -	# process completed job "idx"
> -	imul    $_LANE_DATA_size, idx, lane_data
> -	lea     _ldata(state, lane_data), lane_data
> -
> -	mov     _job_in_lane(lane_data), job_rax
> -	mov     _unused_lanes(state), unused_lanes
> -	movq    $0, _job_in_lane(lane_data)
> -	movl    $STS_COMPLETED, _status(job_rax)
> -	shl     $8, unused_lanes
> -	or      idx, unused_lanes
> -	mov     unused_lanes, _unused_lanes(state)
> -
> -	movl	$0xFFFFFFFF,_lens+4(state,idx,8)
> -	vmovq    _args_digest+0*32(state , idx, 8), %xmm0
> -	vpinsrq  $1, _args_digest+1*32(state , idx, 8), %xmm0, %xmm0
> -	vmovq    _args_digest+2*32(state , idx, 8), %xmm1
> -	vpinsrq  $1, _args_digest+3*32(state , idx, 8), %xmm1, %xmm1
> -	vmovq    _args_digest+4*32(state , idx, 8), %xmm2
> -	vpinsrq  $1, _args_digest+5*32(state , idx, 8), %xmm2, %xmm2
> -	vmovq    _args_digest+6*32(state , idx, 8), %xmm3
> -	vpinsrq  $1, _args_digest+7*32(state , idx, 8), %xmm3, %xmm3
> -
> -	vmovdqu  %xmm0, _result_digest + 0*16(job_rax)
> -	vmovdqu  %xmm1, _result_digest + 1*16(job_rax)
> -	vmovdqu  %xmm2, _result_digest + 2*16(job_rax)
> -	vmovdqu  %xmm3, _result_digest + 3*16(job_rax)
> -
> -return:
> -	pop	%r12
> -	pop	%rbx
> -	FRAME_END
> -	ret
> -
> -return_null:
> -	xor     job_rax, job_rax
> -	jmp     return
> -ENDPROC(sha512_mb_mgr_submit_avx2)
> -
> -/* UNUSED?
> -.section	.rodata.cst16, "aM", @progbits, 16
> -.align 16
> -H0:     .int  0x6a09e667
> -H1:     .int  0xbb67ae85
> -H2:     .int  0x3c6ef372
> -H3:     .int  0xa54ff53a
> -H4:     .int  0x510e527f
> -H5:     .int  0x9b05688c
> -H6:     .int  0x1f83d9ab
> -H7:     .int  0x5be0cd19
> -*/
> diff --git a/arch/x86/crypto/sha512-mb/sha512_x4_avx2.S b/arch/x86/crypto/sha512-mb/sha512_x4_avx2.S
> deleted file mode 100644
> index e22e907643a6..000000000000
> --- a/arch/x86/crypto/sha512-mb/sha512_x4_avx2.S
> +++ /dev/null
> @@ -1,531 +0,0 @@
> -/*
> - * Multi-buffer SHA512 algorithm hash compute routine
> - *
> - * This file is provided under a dual BSD/GPLv2 license.  When using or
> - * redistributing this file, you may do so under either license.
> - *
> - * GPL LICENSE SUMMARY
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * This program is free software; you can redistribute it and/or modify
> - * it under the terms of version 2 of the GNU General Public License as
> - * published by the Free Software Foundation.
> - *
> - * This program is distributed in the hope that it will be useful, but
> - * WITHOUT ANY WARRANTY; without even the implied warranty of
> - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> - * General Public License for more details.
> - *
> - * Contact Information:
> - *     Megha Dey <megha.dey@xxxxxxxxxxxxxxx>
> - *
> - * BSD LICENSE
> - *
> - * Copyright(c) 2016 Intel Corporation.
> - *
> - * Redistribution and use in source and binary forms, with or without
> - * modification, are permitted provided that the following conditions
> - * are met:
> - *
> - *   * Redistributions of source code must retain the above copyright
> - *     notice, this list of conditions and the following disclaimer.
> - *   * Redistributions in binary form must reproduce the above copyright
> - *     notice, this list of conditions and the following disclaimer in
> - *     the documentation and/or other materials provided with the
> - *     distribution.
> - *   * Neither the name of Intel Corporation nor the names of its
> - *     contributors may be used to endorse or promote products derived
> - *     from this software without specific prior written permission.
> - *
> - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
> - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
> - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
> - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
> - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
> - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> - */
> -
> -# code to compute quad SHA512 using AVX2
> -# use YMMs to tackle the larger digest size
> -# outer calling routine takes care of save and restore of XMM registers
> -# Logic designed/laid out by JDG
> -
> -# Function clobbers: rax, rcx, rdx, rbx, rsi, rdi, r9-r15; ymm0-15
> -# Stack must be aligned to 32 bytes before call
> -# Linux clobbers: rax rbx rcx rsi r8 r9 r10 r11 r12
> -# Linux preserves: rcx rdx rdi rbp r13 r14 r15
> -# clobbers ymm0-15
> -
> -#include <linux/linkage.h>
> -#include "sha512_mb_mgr_datastruct.S"
> -
> -arg1 = %rdi
> -arg2 = %rsi
> -
> -# Common definitions
> -STATE = arg1
> -INP_SIZE = arg2
> -
> -IDX = %rax
> -ROUND = %rbx
> -TBL = %r8
> -
> -inp0 = %r9
> -inp1 = %r10
> -inp2 = %r11
> -inp3 = %r12
> -
> -a = %ymm0
> -b = %ymm1
> -c = %ymm2
> -d = %ymm3
> -e = %ymm4
> -f = %ymm5
> -g = %ymm6
> -h = %ymm7
> -
> -a0 = %ymm8
> -a1 = %ymm9
> -a2 = %ymm10
> -
> -TT0 = %ymm14
> -TT1 = %ymm13
> -TT2 = %ymm12
> -TT3 = %ymm11
> -TT4 = %ymm10
> -TT5 = %ymm9
> -
> -T1 = %ymm14
> -TMP = %ymm15
> -
> -# Define stack usage
> -STACK_SPACE1 = SZ4*16 + NUM_SHA512_DIGEST_WORDS*SZ4 + 24
> -
> -#define VMOVPD	vmovupd
> -_digest = SZ4*16
> -
> -# transpose r0, r1, r2, r3, t0, t1
> -# "transpose" data in {r0..r3} using temps {t0..t3}
> -# Input looks like: {r0 r1 r2 r3}
> -# r0 = {a7 a6 a5 a4 a3 a2 a1 a0}
> -# r1 = {b7 b6 b5 b4 b3 b2 b1 b0}
> -# r2 = {c7 c6 c5 c4 c3 c2 c1 c0}
> -# r3 = {d7 d6 d5 d4 d3 d2 d1 d0}
> -#
> -# output looks like: {t0 r1 r0 r3}
> -# t0 = {d1 d0 c1 c0 b1 b0 a1 a0}
> -# r1 = {d3 d2 c3 c2 b3 b2 a3 a2}
> -# r0 = {d5 d4 c5 c4 b5 b4 a5 a4}
> -# r3 = {d7 d6 c7 c6 b7 b6 a7 a6}
> -
> -.macro TRANSPOSE r0 r1 r2 r3 t0 t1
> -	vshufps  $0x44, \r1, \r0, \t0 # t0 = {b5 b4 a5 a4   b1 b0 a1 a0}
> -        vshufps  $0xEE, \r1, \r0, \r0 # r0 = {b7 b6 a7 a6   b3 b2 a3 a2}
> -        vshufps  $0x44, \r3, \r2, \t1 # t1 = {d5 d4 c5 c4   d1 d0 c1 c0}
> -        vshufps  $0xEE, \r3, \r2, \r2 # r2 = {d7 d6 c7 c6   d3 d2 c3 c2}
> -
> -	vperm2f128      $0x20, \r2, \r0, \r1  # h6...a6
> -        vperm2f128      $0x31, \r2, \r0, \r3  # h2...a2
> -        vperm2f128      $0x31, \t1, \t0, \r0  # h5...a5
> -        vperm2f128      $0x20, \t1, \t0, \t0  # h1...a1
> -.endm
> -
> -.macro ROTATE_ARGS
> -TMP_ = h
> -h = g
> -g = f
> -f = e
> -e = d
> -d = c
> -c = b
> -b = a
> -a = TMP_
> -.endm
> -
> -# PRORQ reg, imm, tmp
> -# packed-rotate-right-double
> -# does a rotate by doing two shifts and an or
> -.macro _PRORQ reg imm tmp
> -	vpsllq	$(64-\imm),\reg,\tmp
> -	vpsrlq	$\imm,\reg, \reg
> -	vpor	\tmp,\reg, \reg
> -.endm
> -
> -# non-destructive
> -# PRORQ_nd reg, imm, tmp, src
> -.macro _PRORQ_nd reg imm tmp src
> -	vpsllq	$(64-\imm), \src, \tmp
> -	vpsrlq	$\imm, \src, \reg
> -	vpor	\tmp, \reg, \reg
> -.endm
> -
> -# PRORQ dst/src, amt
> -.macro PRORQ reg imm
> -	_PRORQ	\reg, \imm, TMP
> -.endm
> -
> -# PRORQ_nd dst, src, amt
> -.macro PRORQ_nd reg tmp imm
> -	_PRORQ_nd	\reg, \imm, TMP, \tmp
> -.endm
> -
> -#; arguments passed implicitly in preprocessor symbols i, a...h
> -.macro ROUND_00_15 _T1 i
> -	PRORQ_nd a0, e, (18-14)	# sig1: a0 = (e >> 4)
> -
> -	vpxor   g, f, a2        # ch: a2 = f^g
> -        vpand   e,a2, a2                # ch: a2 = (f^g)&e
> -        vpxor   g, a2, a2               # a2 = ch
> -
> -        PRORQ_nd        a1,e,41         # sig1: a1 = (e >> 25)
> -
> -        offset = SZ4*(\i & 0xf)
> -        vmovdqu \_T1,offset(%rsp)
> -        vpaddq  (TBL,ROUND,1), \_T1, \_T1       # T1 = W + K
> -        vpxor   e,a0, a0        # sig1: a0 = e ^ (e >> 5)
> -        PRORQ   a0, 14           # sig1: a0 = (e >> 6) ^ (e >> 11)
> -        vpaddq  a2, h, h        # h = h + ch
> -        PRORQ_nd        a2,a,6  # sig0: a2 = (a >> 11)
> -        vpaddq  \_T1,h, h       # h = h + ch + W + K
> -        vpxor   a1, a0, a0      # a0 = sigma1
> -	vmovdqu a,\_T1
> -        PRORQ_nd        a1,a,39 # sig0: a1 = (a >> 22)
> -        vpxor   c, \_T1, \_T1      # maj: T1 = a^c
> -        add     $SZ4, ROUND     # ROUND++
> -        vpand   b, \_T1, \_T1   # maj: T1 = (a^c)&b
> -        vpaddq  a0, h, h
> -        vpaddq  h, d, d
> -        vpxor   a, a2, a2       # sig0: a2 = a ^ (a >> 11)
> -        PRORQ   a2,28            # sig0: a2 = (a >> 2) ^ (a >> 13)
> -        vpxor   a1, a2, a2      # a2 = sig0
> -        vpand   c, a, a1        # maj: a1 = a&c
> -        vpor    \_T1, a1, a1    # a1 = maj
> -        vpaddq  a1, h, h        # h = h + ch + W + K + maj
> -        vpaddq  a2, h, h        # h = h + ch + W + K + maj + sigma0
> -        ROTATE_ARGS
> -.endm
> -
> -
> -#; arguments passed implicitly in preprocessor symbols i, a...h
> -.macro ROUND_16_XX _T1 i
> -	vmovdqu SZ4*((\i-15)&0xf)(%rsp), \_T1
> -        vmovdqu SZ4*((\i-2)&0xf)(%rsp), a1
> -        vmovdqu \_T1, a0
> -        PRORQ   \_T1,7
> -        vmovdqu a1, a2
> -        PRORQ   a1,42
> -        vpxor   a0, \_T1, \_T1
> -        PRORQ   \_T1, 1
> -        vpxor   a2, a1, a1
> -        PRORQ   a1, 19
> -        vpsrlq  $7, a0, a0
> -        vpxor   a0, \_T1, \_T1
> -        vpsrlq  $6, a2, a2
> -        vpxor   a2, a1, a1
> -        vpaddq  SZ4*((\i-16)&0xf)(%rsp), \_T1, \_T1
> -        vpaddq  SZ4*((\i-7)&0xf)(%rsp), a1, a1
> -        vpaddq  a1, \_T1, \_T1
> -
> -        ROUND_00_15 \_T1,\i
> -.endm
> -
> -
> -# void sha512_x4_avx2(void *STATE, const int INP_SIZE)
> -# arg 1 : STATE    : pointer to input data
> -# arg 2 : INP_SIZE : size of data in blocks (assumed >= 1)
> -ENTRY(sha512_x4_avx2)
> -	# general registers preserved in outer calling routine
> -	# outer calling routine saves all the XMM registers
> -	# save callee-saved clobbered registers to comply with C function ABI
> -	push    %r12
> -	push    %r13
> -	push    %r14
> -	push    %r15
> -
> -	sub     $STACK_SPACE1, %rsp
> -
> -        # Load the pre-transposed incoming digest.
> -        vmovdqu 0*SHA512_DIGEST_ROW_SIZE(STATE),a
> -        vmovdqu 1*SHA512_DIGEST_ROW_SIZE(STATE),b
> -        vmovdqu 2*SHA512_DIGEST_ROW_SIZE(STATE),c
> -        vmovdqu 3*SHA512_DIGEST_ROW_SIZE(STATE),d
> -        vmovdqu 4*SHA512_DIGEST_ROW_SIZE(STATE),e
> -        vmovdqu 5*SHA512_DIGEST_ROW_SIZE(STATE),f
> -        vmovdqu 6*SHA512_DIGEST_ROW_SIZE(STATE),g
> -        vmovdqu 7*SHA512_DIGEST_ROW_SIZE(STATE),h
> -
> -        lea     K512_4(%rip),TBL
> -
> -        # load the address of each of the 4 message lanes
> -        # getting ready to transpose input onto stack
> -        mov     _data_ptr+0*PTR_SZ(STATE),inp0
> -        mov     _data_ptr+1*PTR_SZ(STATE),inp1
> -        mov     _data_ptr+2*PTR_SZ(STATE),inp2
> -        mov     _data_ptr+3*PTR_SZ(STATE),inp3
> -
> -        xor     IDX, IDX
> -lloop:
> -        xor     ROUND, ROUND
> -
> -	# save old digest
> -        vmovdqu a, _digest(%rsp)
> -        vmovdqu b, _digest+1*SZ4(%rsp)
> -        vmovdqu c, _digest+2*SZ4(%rsp)
> -        vmovdqu d, _digest+3*SZ4(%rsp)
> -        vmovdqu e, _digest+4*SZ4(%rsp)
> -        vmovdqu f, _digest+5*SZ4(%rsp)
> -        vmovdqu g, _digest+6*SZ4(%rsp)
> -        vmovdqu h, _digest+7*SZ4(%rsp)
> -        i = 0
> -.rep 4
> -	vmovdqu PSHUFFLE_BYTE_FLIP_MASK(%rip), TMP
> -        VMOVPD  i*32(inp0, IDX), TT2
> -        VMOVPD  i*32(inp1, IDX), TT1
> -        VMOVPD  i*32(inp2, IDX), TT4
> -        VMOVPD  i*32(inp3, IDX), TT3
> -	TRANSPOSE	TT2, TT1, TT4, TT3, TT0, TT5
> -	vpshufb	TMP, TT0, TT0
> -	vpshufb	TMP, TT1, TT1
> -	vpshufb	TMP, TT2, TT2
> -	vpshufb	TMP, TT3, TT3
> -	ROUND_00_15	TT0,(i*4+0)
> -	ROUND_00_15	TT1,(i*4+1)
> -	ROUND_00_15	TT2,(i*4+2)
> -	ROUND_00_15	TT3,(i*4+3)
> -	i = (i+1)
> -.endr
> -        add     $128, IDX
> -
> -        i = (i*4)
> -
> -        jmp     Lrounds_16_xx
> -.align 16
> -Lrounds_16_xx:
> -.rep 16
> -        ROUND_16_XX     T1, i
> -        i = (i+1)
> -.endr
> -        cmp     $0xa00,ROUND
> -        jb      Lrounds_16_xx
> -
> -	# add old digest
> -        vpaddq  _digest(%rsp), a, a
> -        vpaddq  _digest+1*SZ4(%rsp), b, b
> -        vpaddq  _digest+2*SZ4(%rsp), c, c
> -        vpaddq  _digest+3*SZ4(%rsp), d, d
> -        vpaddq  _digest+4*SZ4(%rsp), e, e
> -        vpaddq  _digest+5*SZ4(%rsp), f, f
> -        vpaddq  _digest+6*SZ4(%rsp), g, g
> -        vpaddq  _digest+7*SZ4(%rsp), h, h
> -
> -        sub     $1, INP_SIZE  # unit is blocks
> -        jne     lloop
> -
> -        # write back to memory (state object) the transposed digest
> -        vmovdqu a, 0*SHA512_DIGEST_ROW_SIZE(STATE)
> -        vmovdqu b, 1*SHA512_DIGEST_ROW_SIZE(STATE)
> -        vmovdqu c, 2*SHA512_DIGEST_ROW_SIZE(STATE)
> -        vmovdqu d, 3*SHA512_DIGEST_ROW_SIZE(STATE)
> -        vmovdqu e, 4*SHA512_DIGEST_ROW_SIZE(STATE)
> -        vmovdqu f, 5*SHA512_DIGEST_ROW_SIZE(STATE)
> -        vmovdqu g, 6*SHA512_DIGEST_ROW_SIZE(STATE)
> -        vmovdqu h, 7*SHA512_DIGEST_ROW_SIZE(STATE)
> -
> -	# update input data pointers
> -	add     IDX, inp0
> -        mov     inp0, _data_ptr+0*PTR_SZ(STATE)
> -        add     IDX, inp1
> -        mov     inp1, _data_ptr+1*PTR_SZ(STATE)
> -        add     IDX, inp2
> -        mov     inp2, _data_ptr+2*PTR_SZ(STATE)
> -        add     IDX, inp3
> -        mov     inp3, _data_ptr+3*PTR_SZ(STATE)
> -
> -	#;;;;;;;;;;;;;;;
> -	#; Postamble
> -	add $STACK_SPACE1, %rsp
> -	# restore callee-saved clobbered registers
> -
> -	pop     %r15
> -	pop     %r14
> -	pop     %r13
> -	pop     %r12
> -
> -	# outer calling routine restores XMM and other GP registers
> -	ret
> -ENDPROC(sha512_x4_avx2)
> -
> -.section	.rodata.K512_4, "a", @progbits
> -.align 64
> -K512_4:
> -	.octa 0x428a2f98d728ae22428a2f98d728ae22,\
> -		0x428a2f98d728ae22428a2f98d728ae22
> -	.octa 0x7137449123ef65cd7137449123ef65cd,\
> -		0x7137449123ef65cd7137449123ef65cd
> -	.octa 0xb5c0fbcfec4d3b2fb5c0fbcfec4d3b2f,\
> -		0xb5c0fbcfec4d3b2fb5c0fbcfec4d3b2f
> -	.octa 0xe9b5dba58189dbbce9b5dba58189dbbc,\
> -		0xe9b5dba58189dbbce9b5dba58189dbbc
> -	.octa 0x3956c25bf348b5383956c25bf348b538,\
> -		0x3956c25bf348b5383956c25bf348b538
> -	.octa 0x59f111f1b605d01959f111f1b605d019,\
> -		0x59f111f1b605d01959f111f1b605d019
> -	.octa 0x923f82a4af194f9b923f82a4af194f9b,\
> -		0x923f82a4af194f9b923f82a4af194f9b
> -	.octa 0xab1c5ed5da6d8118ab1c5ed5da6d8118,\
> -		0xab1c5ed5da6d8118ab1c5ed5da6d8118
> -	.octa 0xd807aa98a3030242d807aa98a3030242,\
> -		0xd807aa98a3030242d807aa98a3030242
> -	.octa 0x12835b0145706fbe12835b0145706fbe,\
> -		0x12835b0145706fbe12835b0145706fbe
> -	.octa 0x243185be4ee4b28c243185be4ee4b28c,\
> -		0x243185be4ee4b28c243185be4ee4b28c
> -	.octa 0x550c7dc3d5ffb4e2550c7dc3d5ffb4e2,\
> -		0x550c7dc3d5ffb4e2550c7dc3d5ffb4e2
> -	.octa 0x72be5d74f27b896f72be5d74f27b896f,\
> -		0x72be5d74f27b896f72be5d74f27b896f
> -	.octa 0x80deb1fe3b1696b180deb1fe3b1696b1,\
> -		0x80deb1fe3b1696b180deb1fe3b1696b1
> -	.octa 0x9bdc06a725c712359bdc06a725c71235,\
> -		0x9bdc06a725c712359bdc06a725c71235
> -	.octa 0xc19bf174cf692694c19bf174cf692694,\
> -		0xc19bf174cf692694c19bf174cf692694
> -	.octa 0xe49b69c19ef14ad2e49b69c19ef14ad2,\
> -		0xe49b69c19ef14ad2e49b69c19ef14ad2
> -	.octa 0xefbe4786384f25e3efbe4786384f25e3,\
> -		0xefbe4786384f25e3efbe4786384f25e3
> -	.octa 0x0fc19dc68b8cd5b50fc19dc68b8cd5b5,\
> -		0x0fc19dc68b8cd5b50fc19dc68b8cd5b5
> -	.octa 0x240ca1cc77ac9c65240ca1cc77ac9c65,\
> -		0x240ca1cc77ac9c65240ca1cc77ac9c65
> -	.octa 0x2de92c6f592b02752de92c6f592b0275,\
> -		0x2de92c6f592b02752de92c6f592b0275
> -	.octa 0x4a7484aa6ea6e4834a7484aa6ea6e483,\
> -		0x4a7484aa6ea6e4834a7484aa6ea6e483
> -	.octa 0x5cb0a9dcbd41fbd45cb0a9dcbd41fbd4,\
> -		0x5cb0a9dcbd41fbd45cb0a9dcbd41fbd4
> -	.octa 0x76f988da831153b576f988da831153b5,\
> -		0x76f988da831153b576f988da831153b5
> -	.octa 0x983e5152ee66dfab983e5152ee66dfab,\
> -		0x983e5152ee66dfab983e5152ee66dfab
> -	.octa 0xa831c66d2db43210a831c66d2db43210,\
> -		0xa831c66d2db43210a831c66d2db43210
> -	.octa 0xb00327c898fb213fb00327c898fb213f,\
> -		0xb00327c898fb213fb00327c898fb213f
> -	.octa 0xbf597fc7beef0ee4bf597fc7beef0ee4,\
> -		0xbf597fc7beef0ee4bf597fc7beef0ee4
> -	.octa 0xc6e00bf33da88fc2c6e00bf33da88fc2,\
> -		0xc6e00bf33da88fc2c6e00bf33da88fc2
> -	.octa 0xd5a79147930aa725d5a79147930aa725,\
> -		0xd5a79147930aa725d5a79147930aa725
> -	.octa 0x06ca6351e003826f06ca6351e003826f,\
> -		0x06ca6351e003826f06ca6351e003826f
> -	.octa 0x142929670a0e6e70142929670a0e6e70,\
> -		0x142929670a0e6e70142929670a0e6e70
> -	.octa 0x27b70a8546d22ffc27b70a8546d22ffc,\
> -		0x27b70a8546d22ffc27b70a8546d22ffc
> -	.octa 0x2e1b21385c26c9262e1b21385c26c926,\
> -		0x2e1b21385c26c9262e1b21385c26c926
> -	.octa 0x4d2c6dfc5ac42aed4d2c6dfc5ac42aed,\
> -		0x4d2c6dfc5ac42aed4d2c6dfc5ac42aed
> -	.octa 0x53380d139d95b3df53380d139d95b3df,\
> -		0x53380d139d95b3df53380d139d95b3df
> -	.octa 0x650a73548baf63de650a73548baf63de,\
> -		0x650a73548baf63de650a73548baf63de
> -	.octa 0x766a0abb3c77b2a8766a0abb3c77b2a8,\
> -		0x766a0abb3c77b2a8766a0abb3c77b2a8
> -	.octa 0x81c2c92e47edaee681c2c92e47edaee6,\
> -		0x81c2c92e47edaee681c2c92e47edaee6
> -	.octa 0x92722c851482353b92722c851482353b,\
> -		0x92722c851482353b92722c851482353b
> -	.octa 0xa2bfe8a14cf10364a2bfe8a14cf10364,\
> -		0xa2bfe8a14cf10364a2bfe8a14cf10364
> -	.octa 0xa81a664bbc423001a81a664bbc423001,\
> -		0xa81a664bbc423001a81a664bbc423001
> -	.octa 0xc24b8b70d0f89791c24b8b70d0f89791,\
> -		0xc24b8b70d0f89791c24b8b70d0f89791
> -	.octa 0xc76c51a30654be30c76c51a30654be30,\
> -		0xc76c51a30654be30c76c51a30654be30
> -	.octa 0xd192e819d6ef5218d192e819d6ef5218,\
> -		0xd192e819d6ef5218d192e819d6ef5218
> -	.octa 0xd69906245565a910d69906245565a910,\
> -		0xd69906245565a910d69906245565a910
> -	.octa 0xf40e35855771202af40e35855771202a,\
> -		0xf40e35855771202af40e35855771202a
> -	.octa 0x106aa07032bbd1b8106aa07032bbd1b8,\
> -		0x106aa07032bbd1b8106aa07032bbd1b8
> -	.octa 0x19a4c116b8d2d0c819a4c116b8d2d0c8,\
> -		0x19a4c116b8d2d0c819a4c116b8d2d0c8
> -	.octa 0x1e376c085141ab531e376c085141ab53,\
> -		0x1e376c085141ab531e376c085141ab53
> -	.octa 0x2748774cdf8eeb992748774cdf8eeb99,\
> -		0x2748774cdf8eeb992748774cdf8eeb99
> -	.octa 0x34b0bcb5e19b48a834b0bcb5e19b48a8,\
> -		0x34b0bcb5e19b48a834b0bcb5e19b48a8
> -	.octa 0x391c0cb3c5c95a63391c0cb3c5c95a63,\
> -		0x391c0cb3c5c95a63391c0cb3c5c95a63
> -	.octa 0x4ed8aa4ae3418acb4ed8aa4ae3418acb,\
> -		0x4ed8aa4ae3418acb4ed8aa4ae3418acb
> -	.octa 0x5b9cca4f7763e3735b9cca4f7763e373,\
> -		0x5b9cca4f7763e3735b9cca4f7763e373
> -	.octa 0x682e6ff3d6b2b8a3682e6ff3d6b2b8a3,\
> -		0x682e6ff3d6b2b8a3682e6ff3d6b2b8a3
> -	.octa 0x748f82ee5defb2fc748f82ee5defb2fc,\
> -		0x748f82ee5defb2fc748f82ee5defb2fc
> -	.octa 0x78a5636f43172f6078a5636f43172f60,\
> -		0x78a5636f43172f6078a5636f43172f60
> -	.octa 0x84c87814a1f0ab7284c87814a1f0ab72,\
> -		0x84c87814a1f0ab7284c87814a1f0ab72
> -	.octa 0x8cc702081a6439ec8cc702081a6439ec,\
> -		0x8cc702081a6439ec8cc702081a6439ec
> -	.octa 0x90befffa23631e2890befffa23631e28,\
> -		0x90befffa23631e2890befffa23631e28
> -	.octa 0xa4506cebde82bde9a4506cebde82bde9,\
> -		0xa4506cebde82bde9a4506cebde82bde9
> -	.octa 0xbef9a3f7b2c67915bef9a3f7b2c67915,\
> -		0xbef9a3f7b2c67915bef9a3f7b2c67915
> -	.octa 0xc67178f2e372532bc67178f2e372532b,\
> -		0xc67178f2e372532bc67178f2e372532b
> -	.octa 0xca273eceea26619cca273eceea26619c,\
> -		0xca273eceea26619cca273eceea26619c
> -	.octa 0xd186b8c721c0c207d186b8c721c0c207,\
> -		0xd186b8c721c0c207d186b8c721c0c207
> -	.octa 0xeada7dd6cde0eb1eeada7dd6cde0eb1e,\
> -		0xeada7dd6cde0eb1eeada7dd6cde0eb1e
> -	.octa 0xf57d4f7fee6ed178f57d4f7fee6ed178,\
> -		0xf57d4f7fee6ed178f57d4f7fee6ed178
> -	.octa 0x06f067aa72176fba06f067aa72176fba,\
> -		0x06f067aa72176fba06f067aa72176fba
> -	.octa 0x0a637dc5a2c898a60a637dc5a2c898a6,\
> -		0x0a637dc5a2c898a60a637dc5a2c898a6
> -	.octa 0x113f9804bef90dae113f9804bef90dae,\
> -		0x113f9804bef90dae113f9804bef90dae
> -	.octa 0x1b710b35131c471b1b710b35131c471b,\
> -		0x1b710b35131c471b1b710b35131c471b
> -	.octa 0x28db77f523047d8428db77f523047d84,\
> -		0x28db77f523047d8428db77f523047d84
> -	.octa 0x32caab7b40c7249332caab7b40c72493,\
> -		0x32caab7b40c7249332caab7b40c72493
> -	.octa 0x3c9ebe0a15c9bebc3c9ebe0a15c9bebc,\
> -		0x3c9ebe0a15c9bebc3c9ebe0a15c9bebc
> -	.octa 0x431d67c49c100d4c431d67c49c100d4c,\
> -		0x431d67c49c100d4c431d67c49c100d4c
> -	.octa 0x4cc5d4becb3e42b64cc5d4becb3e42b6,\
> -		0x4cc5d4becb3e42b64cc5d4becb3e42b6
> -	.octa 0x597f299cfc657e2a597f299cfc657e2a,\
> -		0x597f299cfc657e2a597f299cfc657e2a
> -	.octa 0x5fcb6fab3ad6faec5fcb6fab3ad6faec,\
> -		0x5fcb6fab3ad6faec5fcb6fab3ad6faec
> -	.octa 0x6c44198c4a4758176c44198c4a475817,\
> -		0x6c44198c4a4758176c44198c4a475817
> -
> -.section	.rodata.cst32.PSHUFFLE_BYTE_FLIP_MASK, "aM", @progbits, 32
> -.align 32
> -PSHUFFLE_BYTE_FLIP_MASK: .octa 0x08090a0b0c0d0e0f0001020304050607
> -                         .octa 0x18191a1b1c1d1e1f1011121314151617
> diff --git a/crypto/Kconfig b/crypto/Kconfig
> index f3e40ac56d93..4ee600bdefdb 100644
> --- a/crypto/Kconfig
> +++ b/crypto/Kconfig
> @@ -213,20 +213,6 @@ config CRYPTO_CRYPTD
>  	  converts an arbitrary synchronous software crypto algorithm
>  	  into an asynchronous algorithm that executes in a kernel thread.
>  
> -config CRYPTO_MCRYPTD
> -	tristate "Software async multi-buffer crypto daemon"
> -	select CRYPTO_BLKCIPHER
> -	select CRYPTO_HASH
> -	select CRYPTO_MANAGER
> -	select CRYPTO_WORKQUEUE
> -	help
> -	  This is a generic software asynchronous crypto daemon that
> -	  provides the kernel thread to assist multi-buffer crypto
> -	  algorithms for submitting jobs and flushing jobs in multi-buffer
> -	  crypto algorithms.  Multi-buffer crypto algorithms are executed
> -	  in the context of this kernel thread and drivers can post
> -	  their crypto request asynchronously to be processed by this daemon.
> -
>  config CRYPTO_AUTHENC
>  	tristate "Authenc support"
>  	select CRYPTO_AEAD
> @@ -848,54 +834,6 @@ config CRYPTO_SHA1_PPC_SPE
>  	  SHA-1 secure hash standard (DFIPS 180-4) implemented
>  	  using powerpc SPE SIMD instruction set.
>  
> -config CRYPTO_SHA1_MB
> -	tristate "SHA1 digest algorithm (x86_64 Multi-Buffer, Experimental)"
> -	depends on X86 && 64BIT
> -	select CRYPTO_SHA1
> -	select CRYPTO_HASH
> -	select CRYPTO_MCRYPTD
> -	help
> -	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
> -	  using multi-buffer technique.  This algorithm computes on
> -	  multiple data lanes concurrently with SIMD instructions for
> -	  better throughput.  It should not be enabled by default but
> -	  used when there is significant amount of work to keep the keep
> -	  the data lanes filled to get performance benefit.  If the data
> -	  lanes remain unfilled, a flush operation will be initiated to
> -	  process the crypto jobs, adding a slight latency.
> -
> -config CRYPTO_SHA256_MB
> -	tristate "SHA256 digest algorithm (x86_64 Multi-Buffer, Experimental)"
> -	depends on X86 && 64BIT
> -	select CRYPTO_SHA256
> -	select CRYPTO_HASH
> -	select CRYPTO_MCRYPTD
> -	help
> -	  SHA-256 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
> -	  using multi-buffer technique.  This algorithm computes on
> -	  multiple data lanes concurrently with SIMD instructions for
> -	  better throughput.  It should not be enabled by default but
> -	  used when there is significant amount of work to keep the keep
> -	  the data lanes filled to get performance benefit.  If the data
> -	  lanes remain unfilled, a flush operation will be initiated to
> -	  process the crypto jobs, adding a slight latency.
> -
> -config CRYPTO_SHA512_MB
> -        tristate "SHA512 digest algorithm (x86_64 Multi-Buffer, Experimental)"
> -        depends on X86 && 64BIT
> -        select CRYPTO_SHA512
> -        select CRYPTO_HASH
> -        select CRYPTO_MCRYPTD
> -        help
> -          SHA-512 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
> -          using multi-buffer technique.  This algorithm computes on
> -          multiple data lanes concurrently with SIMD instructions for
> -          better throughput.  It should not be enabled by default but
> -          used when there is significant amount of work to keep the keep
> -          the data lanes filled to get performance benefit.  If the data
> -          lanes remain unfilled, a flush operation will be initiated to
> -          process the crypto jobs, adding a slight latency.
> -
>  config CRYPTO_SHA256
>  	tristate "SHA224 and SHA256 digest algorithm"
>  	select CRYPTO_HASH
> diff --git a/crypto/Makefile b/crypto/Makefile
> index 6d1d40eeb964..80e3da755cbf 100644
> --- a/crypto/Makefile
> +++ b/crypto/Makefile
> @@ -93,7 +93,6 @@ obj-$(CONFIG_CRYPTO_MORUS640) += morus640.o
>  obj-$(CONFIG_CRYPTO_MORUS1280) += morus1280.o
>  obj-$(CONFIG_CRYPTO_PCRYPT) += pcrypt.o
>  obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o
> -obj-$(CONFIG_CRYPTO_MCRYPTD) += mcryptd.o
>  obj-$(CONFIG_CRYPTO_DES) += des_generic.o
>  obj-$(CONFIG_CRYPTO_FCRYPT) += fcrypt.o
>  obj-$(CONFIG_CRYPTO_BLOWFISH) += blowfish_generic.o
> diff --git a/crypto/mcryptd.c b/crypto/mcryptd.c
> deleted file mode 100644
> index f14152147ce8..000000000000
> --- a/crypto/mcryptd.c
> +++ /dev/null
> @@ -1,675 +0,0 @@
> -/*
> - * Software multibuffer async crypto daemon.
> - *
> - * Copyright (c) 2014 Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> - *
> - * Adapted from crypto daemon.
> - *
> - * This program is free software; you can redistribute it and/or modify it
> - * under the terms of the GNU General Public License as published by the Free
> - * Software Foundation; either version 2 of the License, or (at your option)
> - * any later version.
> - *
> - */
> -
> -#include <crypto/algapi.h>
> -#include <crypto/internal/hash.h>
> -#include <crypto/internal/aead.h>
> -#include <crypto/mcryptd.h>
> -#include <crypto/crypto_wq.h>
> -#include <linux/err.h>
> -#include <linux/init.h>
> -#include <linux/kernel.h>
> -#include <linux/list.h>
> -#include <linux/module.h>
> -#include <linux/scatterlist.h>
> -#include <linux/sched.h>
> -#include <linux/sched/stat.h>
> -#include <linux/slab.h>
> -
> -#define MCRYPTD_MAX_CPU_QLEN 100
> -#define MCRYPTD_BATCH 9
> -
> -static void *mcryptd_alloc_instance(struct crypto_alg *alg, unsigned int head,
> -				   unsigned int tail);
> -
> -struct mcryptd_flush_list {
> -	struct list_head list;
> -	struct mutex lock;
> -};
> -
> -static struct mcryptd_flush_list __percpu *mcryptd_flist;
> -
> -struct hashd_instance_ctx {
> -	struct crypto_ahash_spawn spawn;
> -	struct mcryptd_queue *queue;
> -};
> -
> -static void mcryptd_queue_worker(struct work_struct *work);
> -
> -void mcryptd_arm_flusher(struct mcryptd_alg_cstate *cstate, unsigned long delay)
> -{
> -	struct mcryptd_flush_list *flist;
> -
> -	if (!cstate->flusher_engaged) {
> -		/* put the flusher on the flush list */
> -		flist = per_cpu_ptr(mcryptd_flist, smp_processor_id());
> -		mutex_lock(&flist->lock);
> -		list_add_tail(&cstate->flush_list, &flist->list);
> -		cstate->flusher_engaged = true;
> -		cstate->next_flush = jiffies + delay;
> -		queue_delayed_work_on(smp_processor_id(), kcrypto_wq,
> -			&cstate->flush, delay);
> -		mutex_unlock(&flist->lock);
> -	}
> -}
> -EXPORT_SYMBOL(mcryptd_arm_flusher);
> -
> -static int mcryptd_init_queue(struct mcryptd_queue *queue,
> -			     unsigned int max_cpu_qlen)
> -{
> -	int cpu;
> -	struct mcryptd_cpu_queue *cpu_queue;
> -
> -	queue->cpu_queue = alloc_percpu(struct mcryptd_cpu_queue);
> -	pr_debug("mqueue:%p mcryptd_cpu_queue %p\n", queue, queue->cpu_queue);
> -	if (!queue->cpu_queue)
> -		return -ENOMEM;
> -	for_each_possible_cpu(cpu) {
> -		cpu_queue = per_cpu_ptr(queue->cpu_queue, cpu);
> -		pr_debug("cpu_queue #%d %p\n", cpu, queue->cpu_queue);
> -		crypto_init_queue(&cpu_queue->queue, max_cpu_qlen);
> -		INIT_WORK(&cpu_queue->work, mcryptd_queue_worker);
> -		spin_lock_init(&cpu_queue->q_lock);
> -	}
> -	return 0;
> -}
> -
> -static void mcryptd_fini_queue(struct mcryptd_queue *queue)
> -{
> -	int cpu;
> -	struct mcryptd_cpu_queue *cpu_queue;
> -
> -	for_each_possible_cpu(cpu) {
> -		cpu_queue = per_cpu_ptr(queue->cpu_queue, cpu);
> -		BUG_ON(cpu_queue->queue.qlen);
> -	}
> -	free_percpu(queue->cpu_queue);
> -}
> -
> -static int mcryptd_enqueue_request(struct mcryptd_queue *queue,
> -				  struct crypto_async_request *request,
> -				  struct mcryptd_hash_request_ctx *rctx)
> -{
> -	int cpu, err;
> -	struct mcryptd_cpu_queue *cpu_queue;
> -
> -	cpu_queue = raw_cpu_ptr(queue->cpu_queue);
> -	spin_lock(&cpu_queue->q_lock);
> -	cpu = smp_processor_id();
> -	rctx->tag.cpu = smp_processor_id();
> -
> -	err = crypto_enqueue_request(&cpu_queue->queue, request);
> -	pr_debug("enqueue request: cpu %d cpu_queue %p request %p\n",
> -		 cpu, cpu_queue, request);
> -	spin_unlock(&cpu_queue->q_lock);
> -	queue_work_on(cpu, kcrypto_wq, &cpu_queue->work);
> -
> -	return err;
> -}
> -
> -/*
> - * Try to opportunisticlly flush the partially completed jobs if
> - * crypto daemon is the only task running.
> - */
> -static void mcryptd_opportunistic_flush(void)
> -{
> -	struct mcryptd_flush_list *flist;
> -	struct mcryptd_alg_cstate *cstate;
> -
> -	flist = per_cpu_ptr(mcryptd_flist, smp_processor_id());
> -	while (single_task_running()) {
> -		mutex_lock(&flist->lock);
> -		cstate = list_first_entry_or_null(&flist->list,
> -				struct mcryptd_alg_cstate, flush_list);
> -		if (!cstate || !cstate->flusher_engaged) {
> -			mutex_unlock(&flist->lock);
> -			return;
> -		}
> -		list_del(&cstate->flush_list);
> -		cstate->flusher_engaged = false;
> -		mutex_unlock(&flist->lock);
> -		cstate->alg_state->flusher(cstate);
> -	}
> -}
> -
> -/*
> - * Called in workqueue context, do one real cryption work (via
> - * req->complete) and reschedule itself if there are more work to
> - * do.
> - */
> -static void mcryptd_queue_worker(struct work_struct *work)
> -{
> -	struct mcryptd_cpu_queue *cpu_queue;
> -	struct crypto_async_request *req, *backlog;
> -	int i;
> -
> -	/*
> -	 * Need to loop through more than once for multi-buffer to
> -	 * be effective.
> -	 */
> -
> -	cpu_queue = container_of(work, struct mcryptd_cpu_queue, work);
> -	i = 0;
> -	while (i < MCRYPTD_BATCH || single_task_running()) {
> -
> -		spin_lock_bh(&cpu_queue->q_lock);
> -		backlog = crypto_get_backlog(&cpu_queue->queue);
> -		req = crypto_dequeue_request(&cpu_queue->queue);
> -		spin_unlock_bh(&cpu_queue->q_lock);
> -
> -		if (!req) {
> -			mcryptd_opportunistic_flush();
> -			return;
> -		}
> -
> -		if (backlog)
> -			backlog->complete(backlog, -EINPROGRESS);
> -		req->complete(req, 0);
> -		if (!cpu_queue->queue.qlen)
> -			return;
> -		++i;
> -	}
> -	if (cpu_queue->queue.qlen)
> -		queue_work_on(smp_processor_id(), kcrypto_wq, &cpu_queue->work);
> -}
> -
> -void mcryptd_flusher(struct work_struct *__work)
> -{
> -	struct	mcryptd_alg_cstate	*alg_cpu_state;
> -	struct	mcryptd_alg_state	*alg_state;
> -	struct	mcryptd_flush_list	*flist;
> -	int	cpu;
> -
> -	cpu = smp_processor_id();
> -	alg_cpu_state = container_of(to_delayed_work(__work),
> -				     struct mcryptd_alg_cstate, flush);
> -	alg_state = alg_cpu_state->alg_state;
> -	if (alg_cpu_state->cpu != cpu)
> -		pr_debug("mcryptd error: work on cpu %d, should be cpu %d\n",
> -				cpu, alg_cpu_state->cpu);
> -
> -	if (alg_cpu_state->flusher_engaged) {
> -		flist = per_cpu_ptr(mcryptd_flist, cpu);
> -		mutex_lock(&flist->lock);
> -		list_del(&alg_cpu_state->flush_list);
> -		alg_cpu_state->flusher_engaged = false;
> -		mutex_unlock(&flist->lock);
> -		alg_state->flusher(alg_cpu_state);
> -	}
> -}
> -EXPORT_SYMBOL_GPL(mcryptd_flusher);
> -
> -static inline struct mcryptd_queue *mcryptd_get_queue(struct crypto_tfm *tfm)
> -{
> -	struct crypto_instance *inst = crypto_tfm_alg_instance(tfm);
> -	struct mcryptd_instance_ctx *ictx = crypto_instance_ctx(inst);
> -
> -	return ictx->queue;
> -}
> -
> -static void *mcryptd_alloc_instance(struct crypto_alg *alg, unsigned int head,
> -				   unsigned int tail)
> -{
> -	char *p;
> -	struct crypto_instance *inst;
> -	int err;
> -
> -	p = kzalloc(head + sizeof(*inst) + tail, GFP_KERNEL);
> -	if (!p)
> -		return ERR_PTR(-ENOMEM);
> -
> -	inst = (void *)(p + head);
> -
> -	err = -ENAMETOOLONG;
> -	if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME,
> -		    "mcryptd(%s)", alg->cra_driver_name) >= CRYPTO_MAX_ALG_NAME)
> -		goto out_free_inst;
> -
> -	memcpy(inst->alg.cra_name, alg->cra_name, CRYPTO_MAX_ALG_NAME);
> -
> -	inst->alg.cra_priority = alg->cra_priority + 50;
> -	inst->alg.cra_blocksize = alg->cra_blocksize;
> -	inst->alg.cra_alignmask = alg->cra_alignmask;
> -
> -out:
> -	return p;
> -
> -out_free_inst:
> -	kfree(p);
> -	p = ERR_PTR(err);
> -	goto out;
> -}
> -
> -static inline bool mcryptd_check_internal(struct rtattr **tb, u32 *type,
> -					  u32 *mask)
> -{
> -	struct crypto_attr_type *algt;
> -
> -	algt = crypto_get_attr_type(tb);
> -	if (IS_ERR(algt))
> -		return false;
> -
> -	*type |= algt->type & CRYPTO_ALG_INTERNAL;
> -	*mask |= algt->mask & CRYPTO_ALG_INTERNAL;
> -
> -	if (*type & *mask & CRYPTO_ALG_INTERNAL)
> -		return true;
> -	else
> -		return false;
> -}
> -
> -static int mcryptd_hash_init_tfm(struct crypto_tfm *tfm)
> -{
> -	struct crypto_instance *inst = crypto_tfm_alg_instance(tfm);
> -	struct hashd_instance_ctx *ictx = crypto_instance_ctx(inst);
> -	struct crypto_ahash_spawn *spawn = &ictx->spawn;
> -	struct mcryptd_hash_ctx *ctx = crypto_tfm_ctx(tfm);
> -	struct crypto_ahash *hash;
> -
> -	hash = crypto_spawn_ahash(spawn);
> -	if (IS_ERR(hash))
> -		return PTR_ERR(hash);
> -
> -	ctx->child = hash;
> -	crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
> -				 sizeof(struct mcryptd_hash_request_ctx) +
> -				 crypto_ahash_reqsize(hash));
> -	return 0;
> -}
> -
> -static void mcryptd_hash_exit_tfm(struct crypto_tfm *tfm)
> -{
> -	struct mcryptd_hash_ctx *ctx = crypto_tfm_ctx(tfm);
> -
> -	crypto_free_ahash(ctx->child);
> -}
> -
> -static int mcryptd_hash_setkey(struct crypto_ahash *parent,
> -				   const u8 *key, unsigned int keylen)
> -{
> -	struct mcryptd_hash_ctx *ctx   = crypto_ahash_ctx(parent);
> -	struct crypto_ahash *child = ctx->child;
> -	int err;
> -
> -	crypto_ahash_clear_flags(child, CRYPTO_TFM_REQ_MASK);
> -	crypto_ahash_set_flags(child, crypto_ahash_get_flags(parent) &
> -				      CRYPTO_TFM_REQ_MASK);
> -	err = crypto_ahash_setkey(child, key, keylen);
> -	crypto_ahash_set_flags(parent, crypto_ahash_get_flags(child) &
> -				       CRYPTO_TFM_RES_MASK);
> -	return err;
> -}
> -
> -static int mcryptd_hash_enqueue(struct ahash_request *req,
> -				crypto_completion_t complete)
> -{
> -	int ret;
> -
> -	struct mcryptd_hash_request_ctx *rctx = ahash_request_ctx(req);
> -	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
> -	struct mcryptd_queue *queue =
> -		mcryptd_get_queue(crypto_ahash_tfm(tfm));
> -
> -	rctx->complete = req->base.complete;
> -	req->base.complete = complete;
> -
> -	ret = mcryptd_enqueue_request(queue, &req->base, rctx);
> -
> -	return ret;
> -}
> -
> -static void mcryptd_hash_init(struct crypto_async_request *req_async, int err)
> -{
> -	struct mcryptd_hash_ctx *ctx = crypto_tfm_ctx(req_async->tfm);
> -	struct crypto_ahash *child = ctx->child;
> -	struct ahash_request *req = ahash_request_cast(req_async);
> -	struct mcryptd_hash_request_ctx *rctx = ahash_request_ctx(req);
> -	struct ahash_request *desc = &rctx->areq;
> -
> -	if (unlikely(err == -EINPROGRESS))
> -		goto out;
> -
> -	ahash_request_set_tfm(desc, child);
> -	ahash_request_set_callback(desc, CRYPTO_TFM_REQ_MAY_SLEEP,
> -						rctx->complete, req_async);
> -
> -	rctx->out = req->result;
> -	err = crypto_ahash_init(desc);
> -
> -out:
> -	local_bh_disable();
> -	rctx->complete(&req->base, err);
> -	local_bh_enable();
> -}
> -
> -static int mcryptd_hash_init_enqueue(struct ahash_request *req)
> -{
> -	return mcryptd_hash_enqueue(req, mcryptd_hash_init);
> -}
> -
> -static void mcryptd_hash_update(struct crypto_async_request *req_async, int err)
> -{
> -	struct ahash_request *req = ahash_request_cast(req_async);
> -	struct mcryptd_hash_request_ctx *rctx = ahash_request_ctx(req);
> -
> -	if (unlikely(err == -EINPROGRESS))
> -		goto out;
> -
> -	rctx->out = req->result;
> -	err = crypto_ahash_update(&rctx->areq);
> -	if (err) {
> -		req->base.complete = rctx->complete;
> -		goto out;
> -	}
> -
> -	return;
> -out:
> -	local_bh_disable();
> -	rctx->complete(&req->base, err);
> -	local_bh_enable();
> -}
> -
> -static int mcryptd_hash_update_enqueue(struct ahash_request *req)
> -{
> -	return mcryptd_hash_enqueue(req, mcryptd_hash_update);
> -}
> -
> -static void mcryptd_hash_final(struct crypto_async_request *req_async, int err)
> -{
> -	struct ahash_request *req = ahash_request_cast(req_async);
> -	struct mcryptd_hash_request_ctx *rctx = ahash_request_ctx(req);
> -
> -	if (unlikely(err == -EINPROGRESS))
> -		goto out;
> -
> -	rctx->out = req->result;
> -	err = crypto_ahash_final(&rctx->areq);
> -	if (err) {
> -		req->base.complete = rctx->complete;
> -		goto out;
> -	}
> -
> -	return;
> -out:
> -	local_bh_disable();
> -	rctx->complete(&req->base, err);
> -	local_bh_enable();
> -}
> -
> -static int mcryptd_hash_final_enqueue(struct ahash_request *req)
> -{
> -	return mcryptd_hash_enqueue(req, mcryptd_hash_final);
> -}
> -
> -static void mcryptd_hash_finup(struct crypto_async_request *req_async, int err)
> -{
> -	struct ahash_request *req = ahash_request_cast(req_async);
> -	struct mcryptd_hash_request_ctx *rctx = ahash_request_ctx(req);
> -
> -	if (unlikely(err == -EINPROGRESS))
> -		goto out;
> -	rctx->out = req->result;
> -	err = crypto_ahash_finup(&rctx->areq);
> -
> -	if (err) {
> -		req->base.complete = rctx->complete;
> -		goto out;
> -	}
> -
> -	return;
> -out:
> -	local_bh_disable();
> -	rctx->complete(&req->base, err);
> -	local_bh_enable();
> -}
> -
> -static int mcryptd_hash_finup_enqueue(struct ahash_request *req)
> -{
> -	return mcryptd_hash_enqueue(req, mcryptd_hash_finup);
> -}
> -
> -static void mcryptd_hash_digest(struct crypto_async_request *req_async, int err)
> -{
> -	struct mcryptd_hash_ctx *ctx = crypto_tfm_ctx(req_async->tfm);
> -	struct crypto_ahash *child = ctx->child;
> -	struct ahash_request *req = ahash_request_cast(req_async);
> -	struct mcryptd_hash_request_ctx *rctx = ahash_request_ctx(req);
> -	struct ahash_request *desc = &rctx->areq;
> -
> -	if (unlikely(err == -EINPROGRESS))
> -		goto out;
> -
> -	ahash_request_set_tfm(desc, child);
> -	ahash_request_set_callback(desc, CRYPTO_TFM_REQ_MAY_SLEEP,
> -						rctx->complete, req_async);
> -
> -	rctx->out = req->result;
> -	err = crypto_ahash_init(desc) ?: crypto_ahash_finup(desc);
> -
> -out:
> -	local_bh_disable();
> -	rctx->complete(&req->base, err);
> -	local_bh_enable();
> -}
> -
> -static int mcryptd_hash_digest_enqueue(struct ahash_request *req)
> -{
> -	return mcryptd_hash_enqueue(req, mcryptd_hash_digest);
> -}
> -
> -static int mcryptd_hash_export(struct ahash_request *req, void *out)
> -{
> -	struct mcryptd_hash_request_ctx *rctx = ahash_request_ctx(req);
> -
> -	return crypto_ahash_export(&rctx->areq, out);
> -}
> -
> -static int mcryptd_hash_import(struct ahash_request *req, const void *in)
> -{
> -	struct mcryptd_hash_request_ctx *rctx = ahash_request_ctx(req);
> -
> -	return crypto_ahash_import(&rctx->areq, in);
> -}
> -
> -static int mcryptd_create_hash(struct crypto_template *tmpl, struct rtattr **tb,
> -			      struct mcryptd_queue *queue)
> -{
> -	struct hashd_instance_ctx *ctx;
> -	struct ahash_instance *inst;
> -	struct hash_alg_common *halg;
> -	struct crypto_alg *alg;
> -	u32 type = 0;
> -	u32 mask = 0;
> -	int err;
> -
> -	if (!mcryptd_check_internal(tb, &type, &mask))
> -		return -EINVAL;
> -
> -	halg = ahash_attr_alg(tb[1], type, mask);
> -	if (IS_ERR(halg))
> -		return PTR_ERR(halg);
> -
> -	alg = &halg->base;
> -	pr_debug("crypto: mcryptd hash alg: %s\n", alg->cra_name);
> -	inst = mcryptd_alloc_instance(alg, ahash_instance_headroom(),
> -					sizeof(*ctx));
> -	err = PTR_ERR(inst);
> -	if (IS_ERR(inst))
> -		goto out_put_alg;
> -
> -	ctx = ahash_instance_ctx(inst);
> -	ctx->queue = queue;
> -
> -	err = crypto_init_ahash_spawn(&ctx->spawn, halg,
> -				      ahash_crypto_instance(inst));
> -	if (err)
> -		goto out_free_inst;
> -
> -	inst->alg.halg.base.cra_flags = CRYPTO_ALG_ASYNC |
> -		(alg->cra_flags & (CRYPTO_ALG_INTERNAL |
> -				   CRYPTO_ALG_OPTIONAL_KEY));
> -
> -	inst->alg.halg.digestsize = halg->digestsize;
> -	inst->alg.halg.statesize = halg->statesize;
> -	inst->alg.halg.base.cra_ctxsize = sizeof(struct mcryptd_hash_ctx);
> -
> -	inst->alg.halg.base.cra_init = mcryptd_hash_init_tfm;
> -	inst->alg.halg.base.cra_exit = mcryptd_hash_exit_tfm;
> -
> -	inst->alg.init   = mcryptd_hash_init_enqueue;
> -	inst->alg.update = mcryptd_hash_update_enqueue;
> -	inst->alg.final  = mcryptd_hash_final_enqueue;
> -	inst->alg.finup  = mcryptd_hash_finup_enqueue;
> -	inst->alg.export = mcryptd_hash_export;
> -	inst->alg.import = mcryptd_hash_import;
> -	if (crypto_hash_alg_has_setkey(halg))
> -		inst->alg.setkey = mcryptd_hash_setkey;
> -	inst->alg.digest = mcryptd_hash_digest_enqueue;
> -
> -	err = ahash_register_instance(tmpl, inst);
> -	if (err) {
> -		crypto_drop_ahash(&ctx->spawn);
> -out_free_inst:
> -		kfree(inst);
> -	}
> -
> -out_put_alg:
> -	crypto_mod_put(alg);
> -	return err;
> -}
> -
> -static struct mcryptd_queue mqueue;
> -
> -static int mcryptd_create(struct crypto_template *tmpl, struct rtattr **tb)
> -{
> -	struct crypto_attr_type *algt;
> -
> -	algt = crypto_get_attr_type(tb);
> -	if (IS_ERR(algt))
> -		return PTR_ERR(algt);
> -
> -	switch (algt->type & algt->mask & CRYPTO_ALG_TYPE_MASK) {
> -	case CRYPTO_ALG_TYPE_DIGEST:
> -		return mcryptd_create_hash(tmpl, tb, &mqueue);
> -	break;
> -	}
> -
> -	return -EINVAL;
> -}
> -
> -static void mcryptd_free(struct crypto_instance *inst)
> -{
> -	struct mcryptd_instance_ctx *ctx = crypto_instance_ctx(inst);
> -	struct hashd_instance_ctx *hctx = crypto_instance_ctx(inst);
> -
> -	switch (inst->alg.cra_flags & CRYPTO_ALG_TYPE_MASK) {
> -	case CRYPTO_ALG_TYPE_AHASH:
> -		crypto_drop_ahash(&hctx->spawn);
> -		kfree(ahash_instance(inst));
> -		return;
> -	default:
> -		crypto_drop_spawn(&ctx->spawn);
> -		kfree(inst);
> -	}
> -}
> -
> -static struct crypto_template mcryptd_tmpl = {
> -	.name = "mcryptd",
> -	.create = mcryptd_create,
> -	.free = mcryptd_free,
> -	.module = THIS_MODULE,
> -};
> -
> -struct mcryptd_ahash *mcryptd_alloc_ahash(const char *alg_name,
> -					u32 type, u32 mask)
> -{
> -	char mcryptd_alg_name[CRYPTO_MAX_ALG_NAME];
> -	struct crypto_ahash *tfm;
> -
> -	if (snprintf(mcryptd_alg_name, CRYPTO_MAX_ALG_NAME,
> -		     "mcryptd(%s)", alg_name) >= CRYPTO_MAX_ALG_NAME)
> -		return ERR_PTR(-EINVAL);
> -	tfm = crypto_alloc_ahash(mcryptd_alg_name, type, mask);
> -	if (IS_ERR(tfm))
> -		return ERR_CAST(tfm);
> -	if (tfm->base.__crt_alg->cra_module != THIS_MODULE) {
> -		crypto_free_ahash(tfm);
> -		return ERR_PTR(-EINVAL);
> -	}
> -
> -	return __mcryptd_ahash_cast(tfm);
> -}
> -EXPORT_SYMBOL_GPL(mcryptd_alloc_ahash);
> -
> -struct crypto_ahash *mcryptd_ahash_child(struct mcryptd_ahash *tfm)
> -{
> -	struct mcryptd_hash_ctx *ctx = crypto_ahash_ctx(&tfm->base);
> -
> -	return ctx->child;
> -}
> -EXPORT_SYMBOL_GPL(mcryptd_ahash_child);
> -
> -struct ahash_request *mcryptd_ahash_desc(struct ahash_request *req)
> -{
> -	struct mcryptd_hash_request_ctx *rctx = ahash_request_ctx(req);
> -	return &rctx->areq;
> -}
> -EXPORT_SYMBOL_GPL(mcryptd_ahash_desc);
> -
> -void mcryptd_free_ahash(struct mcryptd_ahash *tfm)
> -{
> -	crypto_free_ahash(&tfm->base);
> -}
> -EXPORT_SYMBOL_GPL(mcryptd_free_ahash);
> -
> -static int __init mcryptd_init(void)
> -{
> -	int err, cpu;
> -	struct mcryptd_flush_list *flist;
> -
> -	mcryptd_flist = alloc_percpu(struct mcryptd_flush_list);
> -	for_each_possible_cpu(cpu) {
> -		flist = per_cpu_ptr(mcryptd_flist, cpu);
> -		INIT_LIST_HEAD(&flist->list);
> -		mutex_init(&flist->lock);
> -	}
> -
> -	err = mcryptd_init_queue(&mqueue, MCRYPTD_MAX_CPU_QLEN);
> -	if (err) {
> -		free_percpu(mcryptd_flist);
> -		return err;
> -	}
> -
> -	err = crypto_register_template(&mcryptd_tmpl);
> -	if (err) {
> -		mcryptd_fini_queue(&mqueue);
> -		free_percpu(mcryptd_flist);
> -	}
> -
> -	return err;
> -}
> -
> -static void __exit mcryptd_exit(void)
> -{
> -	mcryptd_fini_queue(&mqueue);
> -	crypto_unregister_template(&mcryptd_tmpl);
> -	free_percpu(mcryptd_flist);
> -}
> -
> -subsys_initcall(mcryptd_init);
> -module_exit(mcryptd_exit);
> -
> -MODULE_LICENSE("GPL");
> -MODULE_DESCRIPTION("Software async multibuffer crypto daemon");
> -MODULE_ALIAS_CRYPTO("mcryptd");
> diff --git a/include/crypto/mcryptd.h b/include/crypto/mcryptd.h
> deleted file mode 100644
> index b67404fc4b34..000000000000
> --- a/include/crypto/mcryptd.h
> +++ /dev/null
> @@ -1,114 +0,0 @@
> -/* SPDX-License-Identifier: GPL-2.0 */
> -/*
> - * Software async multibuffer crypto daemon headers
> - *
> - *    Author:
> - *             Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> - *
> - *    Copyright (c) 2014, Intel Corporation.
> - */
> -
> -#ifndef _CRYPTO_MCRYPT_H
> -#define _CRYPTO_MCRYPT_H
> -
> -#include <linux/crypto.h>
> -#include <linux/kernel.h>
> -#include <crypto/hash.h>
> -
> -struct mcryptd_ahash {
> -	struct crypto_ahash base;
> -};
> -
> -static inline struct mcryptd_ahash *__mcryptd_ahash_cast(
> -	struct crypto_ahash *tfm)
> -{
> -	return (struct mcryptd_ahash *)tfm;
> -}
> -
> -struct mcryptd_cpu_queue {
> -	struct crypto_queue queue;
> -	spinlock_t q_lock;
> -	struct work_struct work;
> -};
> -
> -struct mcryptd_queue {
> -	struct mcryptd_cpu_queue __percpu *cpu_queue;
> -};
> -
> -struct mcryptd_instance_ctx {
> -	struct crypto_spawn spawn;
> -	struct mcryptd_queue *queue;
> -};
> -
> -struct mcryptd_hash_ctx {
> -	struct crypto_ahash *child;
> -	struct mcryptd_alg_state *alg_state;
> -};
> -
> -struct mcryptd_tag {
> -	/* seq number of request */
> -	unsigned seq_num;
> -	/* arrival time of request */
> -	unsigned long arrival;
> -	unsigned long expire;
> -	int	cpu;
> -};
> -
> -struct mcryptd_hash_request_ctx {
> -	struct list_head waiter;
> -	crypto_completion_t complete;
> -	struct mcryptd_tag tag;
> -	struct crypto_hash_walk walk;
> -	u8 *out;
> -	int flag;
> -	struct ahash_request areq;
> -};
> -
> -struct mcryptd_ahash *mcryptd_alloc_ahash(const char *alg_name,
> -					u32 type, u32 mask);
> -struct crypto_ahash *mcryptd_ahash_child(struct mcryptd_ahash *tfm);
> -struct ahash_request *mcryptd_ahash_desc(struct ahash_request *req);
> -void mcryptd_free_ahash(struct mcryptd_ahash *tfm);
> -void mcryptd_flusher(struct work_struct *work);
> -
> -enum mcryptd_req_type {
> -	MCRYPTD_NONE,
> -	MCRYPTD_UPDATE,
> -	MCRYPTD_FINUP,
> -	MCRYPTD_DIGEST,
> -	MCRYPTD_FINAL
> -};
> -
> -struct mcryptd_alg_cstate {
> -	unsigned long next_flush;
> -	unsigned next_seq_num;
> -	bool	flusher_engaged;
> -	struct  delayed_work flush;
> -	int	cpu;
> -	struct  mcryptd_alg_state *alg_state;
> -	void	*mgr;
> -	spinlock_t work_lock;
> -	struct list_head work_list;
> -	struct list_head flush_list;
> -};
> -
> -struct mcryptd_alg_state {
> -	struct mcryptd_alg_cstate __percpu *alg_cstate;
> -	unsigned long (*flusher)(struct mcryptd_alg_cstate *cstate);
> -};
> -
> -/* return delay in jiffies from current time */
> -static inline unsigned long get_delay(unsigned long t)
> -{
> -	long delay;
> -
> -	delay = (long) t - (long) jiffies;
> -	if (delay <= 0)
> -		return 0;
> -	else
> -		return (unsigned long) delay;
> -}
> -
> -void mcryptd_arm_flusher(struct mcryptd_alg_cstate *cstate, unsigned long delay);
> -
> -#endif
> 





[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux