Am Freitag, 12. Juni 2020, 14:07:36 CEST schrieb Herbert Xu: Hi Herbert, > Crypto skcipher algorithms in general allow chaining to break > large operations into smaller ones based on multiples of the chunk > size. However, some algorithms don't support chaining while others > (such as cts) only support chaining for the leading blocks. > > This patch adds the necessary API support for these algorithms. In > particular, a new request flag CRYPTO_TFM_REQ_MORE is added to allow > chaining for algorithms such as cts that cannot otherwise be chained. > > A new algorithm attribute fcsize has also been added to indicate > how many blocks at the end of a request that cannot be chained and > therefore must be withheld if chaining is attempted. > > This attribute can also be used to indicate that no chaining is > allowed. Its value should be set to -1 in that case. Thanks for the patch set. > > Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > --- > > include/crypto/skcipher.h | 24 ++++++++++++++++++++++++ > include/linux/crypto.h | 1 + > 2 files changed, 25 insertions(+) > > diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h > index 141e7690f9c31..8b864222e6ce4 100644 > --- a/include/crypto/skcipher.h > +++ b/include/crypto/skcipher.h > @@ -97,6 +97,8 @@ struct crypto_sync_skcipher { > * @walksize: Equal to the chunk size except in cases where the algorithm > is * considerably more efficient if it can operate on multiple > chunks * in parallel. Should be a multiple of chunksize. > + * @fcsize: Number of bytes that must be processed together at the end. > + * If set to -1 then chaining is not possible. > * @base: Definition of a generic crypto algorithm. > * > * All fields except @ivsize are mandatory and must be filled. > @@ -114,6 +116,7 @@ struct skcipher_alg { > unsigned int ivsize; > unsigned int chunksize; > unsigned int walksize; > + int fcsize; > > struct crypto_alg base; > }; > @@ -279,6 +282,11 @@ static inline unsigned int > crypto_skcipher_alg_chunksize( return alg->chunksize; > } > > +static inline int crypto_skcipher_alg_fcsize(struct skcipher_alg *alg) > +{ > + return alg->fcsize; > +} > + > /** > * crypto_skcipher_chunksize() - obtain chunk size > * @tfm: cipher handle > @@ -296,6 +304,22 @@ static inline unsigned int crypto_skcipher_chunksize( > return crypto_skcipher_alg_chunksize(crypto_skcipher_alg(tfm)); > } > > +/** > + * crypto_skcipher_fcsize() - obtain number of final bytes > + * @tfm: cipher handle > + * > + * For algorithms such as CTS the final chunks cannot be chained. > + * This returns the number of final bytes that must be withheld > + * when chaining. > + * > + * Return: number of final bytes > + */ > +static inline unsigned int crypto_skcipher_fcsize( > + struct crypto_skcipher *tfm) > +{ > + return crypto_skcipher_alg_fcsize(crypto_skcipher_alg(tfm)); Don't we have an implicit signedness conversion here? int -> unsigned int? > +} > + > static inline unsigned int crypto_sync_skcipher_blocksize( > struct crypto_sync_skcipher *tfm) > { > diff --git a/include/linux/crypto.h b/include/linux/crypto.h > index 763863dbc079a..d80dccf472595 100644 > --- a/include/linux/crypto.h > +++ b/include/linux/crypto.h > @@ -110,6 +110,7 @@ > #define CRYPTO_TFM_REQ_FORBID_WEAK_KEYS 0x00000100 > #define CRYPTO_TFM_REQ_MAY_SLEEP 0x00000200 > #define CRYPTO_TFM_REQ_MAY_BACKLOG 0x00000400 > +#define CRYPTO_TFM_REQ_MORE 0x00000800 > > /* > * Miscellaneous stuff. Ciao Stephan