1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Cryptographic API for algorithms (i.e., low-level API).
5 * Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au>
8 #include <crypto/algapi.h>
10 #include <linux/errno.h>
11 #include <linux/fips.h>
12 #include <linux/init.h>
13 #include <linux/kernel.h>
14 #include <linux/list.h>
15 #include <linux/module.h>
16 #include <linux/rtnetlink.h>
17 #include <linux/slab.h>
18 #include <linux/string.h>
22 static LIST_HEAD(crypto_template_list);
24 static inline void crypto_check_module_sig(struct module *mod)
26 if (fips_enabled && mod && !module_sig_ok(mod))
27 panic("Module %s signature verification failed in FIPS mode\n",
31 static int crypto_check_alg(struct crypto_alg *alg)
33 crypto_check_module_sig(alg->cra_module);
35 if (!alg->cra_name[0] || !alg->cra_driver_name[0])
38 if (alg->cra_alignmask & (alg->cra_alignmask + 1))
41 /* General maximums for all algs. */
42 if (alg->cra_alignmask > MAX_ALGAPI_ALIGNMASK)
45 if (alg->cra_blocksize > MAX_ALGAPI_BLOCKSIZE)
48 /* Lower maximums for specific alg types. */
49 if (!alg->cra_type && (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) ==
50 CRYPTO_ALG_TYPE_CIPHER) {
51 if (alg->cra_alignmask > MAX_CIPHER_ALIGNMASK)
54 if (alg->cra_blocksize > MAX_CIPHER_BLOCKSIZE)
58 if (alg->cra_priority < 0)
61 refcount_set(&alg->cra_refcnt, 1);
66 static void crypto_free_instance(struct crypto_instance *inst)
68 if (!inst->alg.cra_type->free) {
69 inst->tmpl->free(inst);
73 inst->alg.cra_type->free(inst);
76 static void crypto_destroy_instance(struct crypto_alg *alg)
78 struct crypto_instance *inst = (void *)alg;
79 struct crypto_template *tmpl = inst->tmpl;
81 crypto_free_instance(inst);
82 crypto_tmpl_put(tmpl);
86 * This function adds a spawn to the list secondary_spawns which
87 * will be used at the end of crypto_remove_spawns to unregister
88 * instances, unless the spawn happens to be one that is depended
89 * on by the new algorithm (nalg in crypto_remove_spawns).
91 * This function is also responsible for resurrecting any algorithms
92 * in the dependency chain of nalg by unsetting n->dead.
94 static struct list_head *crypto_more_spawns(struct crypto_alg *alg,
95 struct list_head *stack,
96 struct list_head *top,
97 struct list_head *secondary_spawns)
99 struct crypto_spawn *spawn, *n;
101 spawn = list_first_entry_or_null(stack, struct crypto_spawn, list);
105 n = list_prev_entry(spawn, list);
106 list_move(&spawn->list, secondary_spawns);
108 if (list_is_last(&n->list, stack))
111 n = list_next_entry(n, list);
115 return &n->inst->alg.cra_users;
118 static void crypto_remove_instance(struct crypto_instance *inst,
119 struct list_head *list)
121 struct crypto_template *tmpl = inst->tmpl;
123 if (crypto_is_dead(&inst->alg))
126 inst->alg.cra_flags |= CRYPTO_ALG_DEAD;
128 if (!tmpl || !crypto_tmpl_get(tmpl))
131 list_move(&inst->alg.cra_list, list);
132 hlist_del(&inst->list);
133 inst->alg.cra_destroy = crypto_destroy_instance;
135 BUG_ON(!list_empty(&inst->alg.cra_users));
139 * Given an algorithm alg, remove all algorithms that depend on it
140 * through spawns. If nalg is not null, then exempt any algorithms
141 * that is depended on by nalg. This is useful when nalg itself
144 void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list,
145 struct crypto_alg *nalg)
147 u32 new_type = (nalg ?: alg)->cra_flags;
148 struct crypto_spawn *spawn, *n;
149 LIST_HEAD(secondary_spawns);
150 struct list_head *spawns;
154 spawns = &alg->cra_users;
155 list_for_each_entry_safe(spawn, n, spawns, list) {
156 if ((spawn->alg->cra_flags ^ new_type) & spawn->mask)
159 list_move(&spawn->list, &top);
163 * Perform a depth-first walk starting from alg through
164 * the cra_users tree. The list stack records the path
165 * from alg to the current spawn.
169 while (!list_empty(spawns)) {
170 struct crypto_instance *inst;
172 spawn = list_first_entry(spawns, struct crypto_spawn,
176 list_move(&spawn->list, &stack);
177 spawn->dead = !spawn->registered || &inst->alg != nalg;
179 if (!spawn->registered)
182 BUG_ON(&inst->alg == alg);
184 if (&inst->alg == nalg)
187 spawns = &inst->alg.cra_users;
190 * Even if spawn->registered is true, the
191 * instance itself may still be unregistered.
192 * This is because it may have failed during
193 * registration. Therefore we still need to
194 * make the following test.
196 * We may encounter an unregistered instance here, since
197 * an instance's spawns are set up prior to the instance
198 * being registered. An unregistered instance will have
199 * NULL ->cra_users.next, since ->cra_users isn't
200 * properly initialized until registration. But an
201 * unregistered instance cannot have any users, so treat
202 * it the same as ->cra_users being empty.
204 if (spawns->next == NULL)
207 } while ((spawns = crypto_more_spawns(alg, &stack, &top,
208 &secondary_spawns)));
211 * Remove all instances that are marked as dead. Also
212 * complete the resurrection of the others by moving them
213 * back to the cra_users list.
215 list_for_each_entry_safe(spawn, n, &secondary_spawns, list) {
217 list_move(&spawn->list, &spawn->alg->cra_users);
218 else if (spawn->registered)
219 crypto_remove_instance(spawn->inst, list);
222 EXPORT_SYMBOL_GPL(crypto_remove_spawns);
224 static struct crypto_larval *__crypto_register_alg(struct crypto_alg *alg)
226 struct crypto_alg *q;
227 struct crypto_larval *larval;
230 if (crypto_is_dead(alg))
233 INIT_LIST_HEAD(&alg->cra_users);
236 alg->cra_flags &= ~CRYPTO_ALG_TESTED;
240 list_for_each_entry(q, &crypto_alg_list, cra_list) {
244 if (crypto_is_moribund(q))
247 if (crypto_is_larval(q)) {
248 if (!strcmp(alg->cra_driver_name, q->cra_driver_name))
253 if (!strcmp(q->cra_driver_name, alg->cra_name) ||
254 !strcmp(q->cra_name, alg->cra_driver_name))
258 larval = crypto_larval_alloc(alg->cra_name,
259 alg->cra_flags | CRYPTO_ALG_TESTED, 0);
264 larval->adult = crypto_mod_get(alg);
268 refcount_set(&larval->alg.cra_refcnt, 1);
269 memcpy(larval->alg.cra_driver_name, alg->cra_driver_name,
270 CRYPTO_MAX_ALG_NAME);
271 larval->alg.cra_priority = alg->cra_priority;
273 list_add(&alg->cra_list, &crypto_alg_list);
274 list_add(&larval->alg.cra_list, &crypto_alg_list);
276 crypto_stats_init(alg);
284 larval = ERR_PTR(ret);
288 void crypto_alg_tested(const char *name, int err)
290 struct crypto_larval *test;
291 struct crypto_alg *alg;
292 struct crypto_alg *q;
296 down_write(&crypto_alg_sem);
297 list_for_each_entry(q, &crypto_alg_list, cra_list) {
298 if (crypto_is_moribund(q) || !crypto_is_larval(q))
301 test = (struct crypto_larval *)q;
303 if (!strcmp(q->cra_driver_name, name))
307 pr_err("alg: Unexpected test result for %s: %d\n", name, err);
311 q->cra_flags |= CRYPTO_ALG_DEAD;
313 if (err || list_empty(&alg->cra_list))
316 alg->cra_flags |= CRYPTO_ALG_TESTED;
318 /* Only satisfy larval waiters if we are the best. */
320 list_for_each_entry(q, &crypto_alg_list, cra_list) {
321 if (crypto_is_moribund(q) || !crypto_is_larval(q))
324 if (strcmp(alg->cra_name, q->cra_name))
327 if (q->cra_priority > alg->cra_priority) {
333 list_for_each_entry(q, &crypto_alg_list, cra_list) {
337 if (crypto_is_moribund(q))
340 if (crypto_is_larval(q)) {
341 struct crypto_larval *larval = (void *)q;
344 * Check to see if either our generic name or
345 * specific name can satisfy the name requested
346 * by the larval entry q.
348 if (strcmp(alg->cra_name, q->cra_name) &&
349 strcmp(alg->cra_driver_name, q->cra_name))
354 if ((q->cra_flags ^ alg->cra_flags) & larval->mask)
357 if (best && crypto_mod_get(alg))
360 larval->adult = ERR_PTR(-EAGAIN);
365 if (strcmp(alg->cra_name, q->cra_name))
368 if (strcmp(alg->cra_driver_name, q->cra_driver_name) &&
369 q->cra_priority > alg->cra_priority)
372 crypto_remove_spawns(q, &list, alg);
376 complete_all(&test->completion);
379 up_write(&crypto_alg_sem);
381 crypto_remove_final(&list);
383 EXPORT_SYMBOL_GPL(crypto_alg_tested);
385 void crypto_remove_final(struct list_head *list)
387 struct crypto_alg *alg;
388 struct crypto_alg *n;
390 list_for_each_entry_safe(alg, n, list, cra_list) {
391 list_del_init(&alg->cra_list);
395 EXPORT_SYMBOL_GPL(crypto_remove_final);
397 static void crypto_wait_for_test(struct crypto_larval *larval)
401 err = crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER, larval->adult);
402 if (err != NOTIFY_STOP) {
403 if (WARN_ON(err != NOTIFY_DONE))
405 crypto_alg_tested(larval->alg.cra_driver_name, 0);
408 err = wait_for_completion_killable(&larval->completion);
411 crypto_probing_notify(CRYPTO_MSG_ALG_LOADED, larval);
414 crypto_larval_kill(&larval->alg);
417 int crypto_register_alg(struct crypto_alg *alg)
419 struct crypto_larval *larval;
422 alg->cra_flags &= ~CRYPTO_ALG_DEAD;
423 err = crypto_check_alg(alg);
427 down_write(&crypto_alg_sem);
428 larval = __crypto_register_alg(alg);
429 up_write(&crypto_alg_sem);
432 return PTR_ERR(larval);
434 crypto_wait_for_test(larval);
437 EXPORT_SYMBOL_GPL(crypto_register_alg);
439 static int crypto_remove_alg(struct crypto_alg *alg, struct list_head *list)
441 if (unlikely(list_empty(&alg->cra_list)))
444 alg->cra_flags |= CRYPTO_ALG_DEAD;
446 list_del_init(&alg->cra_list);
447 crypto_remove_spawns(alg, list, NULL);
452 void crypto_unregister_alg(struct crypto_alg *alg)
457 down_write(&crypto_alg_sem);
458 ret = crypto_remove_alg(alg, &list);
459 up_write(&crypto_alg_sem);
461 if (WARN(ret, "Algorithm %s is not registered", alg->cra_driver_name))
464 BUG_ON(refcount_read(&alg->cra_refcnt) != 1);
465 if (alg->cra_destroy)
466 alg->cra_destroy(alg);
468 crypto_remove_final(&list);
470 EXPORT_SYMBOL_GPL(crypto_unregister_alg);
472 int crypto_register_algs(struct crypto_alg *algs, int count)
476 for (i = 0; i < count; i++) {
477 ret = crypto_register_alg(&algs[i]);
485 for (--i; i >= 0; --i)
486 crypto_unregister_alg(&algs[i]);
490 EXPORT_SYMBOL_GPL(crypto_register_algs);
492 void crypto_unregister_algs(struct crypto_alg *algs, int count)
496 for (i = 0; i < count; i++)
497 crypto_unregister_alg(&algs[i]);
499 EXPORT_SYMBOL_GPL(crypto_unregister_algs);
501 int crypto_register_template(struct crypto_template *tmpl)
503 struct crypto_template *q;
506 down_write(&crypto_alg_sem);
508 crypto_check_module_sig(tmpl->module);
510 list_for_each_entry(q, &crypto_template_list, list) {
515 list_add(&tmpl->list, &crypto_template_list);
518 up_write(&crypto_alg_sem);
521 EXPORT_SYMBOL_GPL(crypto_register_template);
523 int crypto_register_templates(struct crypto_template *tmpls, int count)
527 for (i = 0; i < count; i++) {
528 err = crypto_register_template(&tmpls[i]);
535 for (--i; i >= 0; --i)
536 crypto_unregister_template(&tmpls[i]);
539 EXPORT_SYMBOL_GPL(crypto_register_templates);
541 void crypto_unregister_template(struct crypto_template *tmpl)
543 struct crypto_instance *inst;
544 struct hlist_node *n;
545 struct hlist_head *list;
548 down_write(&crypto_alg_sem);
550 BUG_ON(list_empty(&tmpl->list));
551 list_del_init(&tmpl->list);
553 list = &tmpl->instances;
554 hlist_for_each_entry(inst, list, list) {
555 int err = crypto_remove_alg(&inst->alg, &users);
560 up_write(&crypto_alg_sem);
562 hlist_for_each_entry_safe(inst, n, list, list) {
563 BUG_ON(refcount_read(&inst->alg.cra_refcnt) != 1);
564 crypto_free_instance(inst);
566 crypto_remove_final(&users);
568 EXPORT_SYMBOL_GPL(crypto_unregister_template);
570 void crypto_unregister_templates(struct crypto_template *tmpls, int count)
574 for (i = count - 1; i >= 0; --i)
575 crypto_unregister_template(&tmpls[i]);
577 EXPORT_SYMBOL_GPL(crypto_unregister_templates);
579 static struct crypto_template *__crypto_lookup_template(const char *name)
581 struct crypto_template *q, *tmpl = NULL;
583 down_read(&crypto_alg_sem);
584 list_for_each_entry(q, &crypto_template_list, list) {
585 if (strcmp(q->name, name))
587 if (unlikely(!crypto_tmpl_get(q)))
593 up_read(&crypto_alg_sem);
598 struct crypto_template *crypto_lookup_template(const char *name)
600 return try_then_request_module(__crypto_lookup_template(name),
603 EXPORT_SYMBOL_GPL(crypto_lookup_template);
605 int crypto_register_instance(struct crypto_template *tmpl,
606 struct crypto_instance *inst)
608 struct crypto_larval *larval;
609 struct crypto_spawn *spawn;
612 err = crypto_check_alg(&inst->alg);
616 inst->alg.cra_module = tmpl->module;
617 inst->alg.cra_flags |= CRYPTO_ALG_INSTANCE;
619 down_write(&crypto_alg_sem);
621 larval = ERR_PTR(-EAGAIN);
622 for (spawn = inst->spawns; spawn;) {
623 struct crypto_spawn *next;
630 spawn->registered = true;
633 crypto_mod_put(spawn->alg);
638 larval = __crypto_register_alg(&inst->alg);
642 hlist_add_head(&inst->list, &tmpl->instances);
646 up_write(&crypto_alg_sem);
648 err = PTR_ERR(larval);
652 crypto_wait_for_test(larval);
658 EXPORT_SYMBOL_GPL(crypto_register_instance);
660 void crypto_unregister_instance(struct crypto_instance *inst)
664 down_write(&crypto_alg_sem);
666 crypto_remove_spawns(&inst->alg, &list, NULL);
667 crypto_remove_instance(inst, &list);
669 up_write(&crypto_alg_sem);
671 crypto_remove_final(&list);
673 EXPORT_SYMBOL_GPL(crypto_unregister_instance);
675 int crypto_init_spawn(struct crypto_spawn *spawn, struct crypto_alg *alg,
676 struct crypto_instance *inst, u32 mask)
680 if (WARN_ON_ONCE(inst == NULL))
683 spawn->next = inst->spawns;
684 inst->spawns = spawn;
688 down_write(&crypto_alg_sem);
689 if (!crypto_is_moribund(alg)) {
690 list_add(&spawn->list, &alg->cra_users);
694 up_write(&crypto_alg_sem);
698 EXPORT_SYMBOL_GPL(crypto_init_spawn);
700 int crypto_init_spawn2(struct crypto_spawn *spawn, struct crypto_alg *alg,
701 struct crypto_instance *inst,
702 const struct crypto_type *frontend)
706 if ((alg->cra_flags ^ frontend->type) & frontend->maskset)
709 spawn->frontend = frontend;
710 err = crypto_init_spawn(spawn, alg, inst, frontend->maskset);
715 EXPORT_SYMBOL_GPL(crypto_init_spawn2);
717 int crypto_grab_spawn(struct crypto_spawn *spawn, const char *name,
720 struct crypto_alg *alg;
723 alg = crypto_find_alg(name, spawn->frontend, type, mask);
727 spawn->dropref = true;
728 err = crypto_init_spawn(spawn, alg, spawn->inst, mask);
733 EXPORT_SYMBOL_GPL(crypto_grab_spawn);
735 void crypto_drop_spawn(struct crypto_spawn *spawn)
737 if (!spawn->alg) /* not yet initialized? */
740 down_write(&crypto_alg_sem);
742 list_del(&spawn->list);
743 up_write(&crypto_alg_sem);
745 if (spawn->dropref && !spawn->registered)
746 crypto_mod_put(spawn->alg);
748 EXPORT_SYMBOL_GPL(crypto_drop_spawn);
750 static struct crypto_alg *crypto_spawn_alg(struct crypto_spawn *spawn)
752 struct crypto_alg *alg;
754 down_read(&crypto_alg_sem);
756 if (!spawn->dead && !crypto_mod_get(alg)) {
757 alg->cra_flags |= CRYPTO_ALG_DYING;
760 up_read(&crypto_alg_sem);
762 return alg ?: ERR_PTR(-EAGAIN);
765 struct crypto_tfm *crypto_spawn_tfm(struct crypto_spawn *spawn, u32 type,
768 struct crypto_alg *alg;
769 struct crypto_tfm *tfm;
771 alg = crypto_spawn_alg(spawn);
773 return ERR_CAST(alg);
775 tfm = ERR_PTR(-EINVAL);
776 if (unlikely((alg->cra_flags ^ type) & mask))
779 tfm = __crypto_alloc_tfm(alg, type, mask);
789 EXPORT_SYMBOL_GPL(crypto_spawn_tfm);
791 void *crypto_spawn_tfm2(struct crypto_spawn *spawn)
793 struct crypto_alg *alg;
794 struct crypto_tfm *tfm;
796 alg = crypto_spawn_alg(spawn);
798 return ERR_CAST(alg);
800 tfm = crypto_create_tfm(alg, spawn->frontend);
810 EXPORT_SYMBOL_GPL(crypto_spawn_tfm2);
812 int crypto_register_notifier(struct notifier_block *nb)
814 return blocking_notifier_chain_register(&crypto_chain, nb);
816 EXPORT_SYMBOL_GPL(crypto_register_notifier);
818 int crypto_unregister_notifier(struct notifier_block *nb)
820 return blocking_notifier_chain_unregister(&crypto_chain, nb);
822 EXPORT_SYMBOL_GPL(crypto_unregister_notifier);
824 struct crypto_attr_type *crypto_get_attr_type(struct rtattr **tb)
826 struct rtattr *rta = tb[0];
827 struct crypto_attr_type *algt;
830 return ERR_PTR(-ENOENT);
831 if (RTA_PAYLOAD(rta) < sizeof(*algt))
832 return ERR_PTR(-EINVAL);
833 if (rta->rta_type != CRYPTOA_TYPE)
834 return ERR_PTR(-EINVAL);
836 algt = RTA_DATA(rta);
840 EXPORT_SYMBOL_GPL(crypto_get_attr_type);
842 int crypto_check_attr_type(struct rtattr **tb, u32 type)
844 struct crypto_attr_type *algt;
846 algt = crypto_get_attr_type(tb);
848 return PTR_ERR(algt);
850 if ((algt->type ^ type) & algt->mask)
855 EXPORT_SYMBOL_GPL(crypto_check_attr_type);
857 const char *crypto_attr_alg_name(struct rtattr *rta)
859 struct crypto_attr_alg *alga;
862 return ERR_PTR(-ENOENT);
863 if (RTA_PAYLOAD(rta) < sizeof(*alga))
864 return ERR_PTR(-EINVAL);
865 if (rta->rta_type != CRYPTOA_ALG)
866 return ERR_PTR(-EINVAL);
868 alga = RTA_DATA(rta);
869 alga->name[CRYPTO_MAX_ALG_NAME - 1] = 0;
873 EXPORT_SYMBOL_GPL(crypto_attr_alg_name);
875 struct crypto_alg *crypto_attr_alg2(struct rtattr *rta,
876 const struct crypto_type *frontend,
881 name = crypto_attr_alg_name(rta);
883 return ERR_CAST(name);
885 return crypto_find_alg(name, frontend, type, mask);
887 EXPORT_SYMBOL_GPL(crypto_attr_alg2);
889 int crypto_attr_u32(struct rtattr *rta, u32 *num)
891 struct crypto_attr_u32 *nu32;
895 if (RTA_PAYLOAD(rta) < sizeof(*nu32))
897 if (rta->rta_type != CRYPTOA_U32)
900 nu32 = RTA_DATA(rta);
905 EXPORT_SYMBOL_GPL(crypto_attr_u32);
907 int crypto_inst_setname(struct crypto_instance *inst, const char *name,
908 struct crypto_alg *alg)
910 if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, "%s(%s)", name,
911 alg->cra_name) >= CRYPTO_MAX_ALG_NAME)
912 return -ENAMETOOLONG;
914 if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s(%s)",
915 name, alg->cra_driver_name) >= CRYPTO_MAX_ALG_NAME)
916 return -ENAMETOOLONG;
920 EXPORT_SYMBOL_GPL(crypto_inst_setname);
922 void *crypto_alloc_instance(const char *name, struct crypto_alg *alg,
925 struct crypto_instance *inst;
929 p = kzalloc(head + sizeof(*inst) + sizeof(struct crypto_spawn),
932 return ERR_PTR(-ENOMEM);
934 inst = (void *)(p + head);
936 err = crypto_inst_setname(inst, name, alg);
946 EXPORT_SYMBOL_GPL(crypto_alloc_instance);
948 void crypto_init_queue(struct crypto_queue *queue, unsigned int max_qlen)
950 INIT_LIST_HEAD(&queue->list);
951 queue->backlog = &queue->list;
953 queue->max_qlen = max_qlen;
955 EXPORT_SYMBOL_GPL(crypto_init_queue);
957 int crypto_enqueue_request(struct crypto_queue *queue,
958 struct crypto_async_request *request)
960 int err = -EINPROGRESS;
962 if (unlikely(queue->qlen >= queue->max_qlen)) {
963 if (!(request->flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) {
968 if (queue->backlog == &queue->list)
969 queue->backlog = &request->list;
973 list_add_tail(&request->list, &queue->list);
978 EXPORT_SYMBOL_GPL(crypto_enqueue_request);
980 struct crypto_async_request *crypto_dequeue_request(struct crypto_queue *queue)
982 struct list_head *request;
984 if (unlikely(!queue->qlen))
989 if (queue->backlog != &queue->list)
990 queue->backlog = queue->backlog->next;
992 request = queue->list.next;
995 return list_entry(request, struct crypto_async_request, list);
997 EXPORT_SYMBOL_GPL(crypto_dequeue_request);
999 static inline void crypto_inc_byte(u8 *a, unsigned int size)
1004 for (; size; size--) {
1012 void crypto_inc(u8 *a, unsigned int size)
1014 __be32 *b = (__be32 *)(a + size);
1017 if (IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) ||
1018 IS_ALIGNED((unsigned long)b, __alignof__(*b)))
1019 for (; size >= 4; size -= 4) {
1020 c = be32_to_cpu(*--b) + 1;
1021 *b = cpu_to_be32(c);
1026 crypto_inc_byte(a, size);
1028 EXPORT_SYMBOL_GPL(crypto_inc);
1030 void __crypto_xor(u8 *dst, const u8 *src1, const u8 *src2, unsigned int len)
1034 if (!IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)) {
1035 int size = sizeof(unsigned long);
1036 int d = (((unsigned long)dst ^ (unsigned long)src1) |
1037 ((unsigned long)dst ^ (unsigned long)src2)) &
1040 relalign = d ? 1 << __ffs(d) : size;
1043 * If we care about alignment, process as many bytes as
1044 * needed to advance dst and src to values whose alignments
1045 * equal their relative alignment. This will allow us to
1046 * process the remainder of the input using optimal strides.
1048 while (((unsigned long)dst & (relalign - 1)) && len > 0) {
1049 *dst++ = *src1++ ^ *src2++;
1054 while (IS_ENABLED(CONFIG_64BIT) && len >= 8 && !(relalign & 7)) {
1055 *(u64 *)dst = *(u64 *)src1 ^ *(u64 *)src2;
1062 while (len >= 4 && !(relalign & 3)) {
1063 *(u32 *)dst = *(u32 *)src1 ^ *(u32 *)src2;
1070 while (len >= 2 && !(relalign & 1)) {
1071 *(u16 *)dst = *(u16 *)src1 ^ *(u16 *)src2;
1079 *dst++ = *src1++ ^ *src2++;
1081 EXPORT_SYMBOL_GPL(__crypto_xor);
1083 unsigned int crypto_alg_extsize(struct crypto_alg *alg)
1085 return alg->cra_ctxsize +
1086 (alg->cra_alignmask & ~(crypto_tfm_ctx_alignment() - 1));
1088 EXPORT_SYMBOL_GPL(crypto_alg_extsize);
1090 int crypto_type_has_alg(const char *name, const struct crypto_type *frontend,
1094 struct crypto_alg *alg = crypto_find_alg(name, frontend, type, mask);
1097 crypto_mod_put(alg);
1103 EXPORT_SYMBOL_GPL(crypto_type_has_alg);
1105 #ifdef CONFIG_CRYPTO_STATS
1106 void crypto_stats_init(struct crypto_alg *alg)
1108 memset(&alg->stats, 0, sizeof(alg->stats));
1110 EXPORT_SYMBOL_GPL(crypto_stats_init);
1112 void crypto_stats_get(struct crypto_alg *alg)
1114 crypto_alg_get(alg);
1116 EXPORT_SYMBOL_GPL(crypto_stats_get);
1118 void crypto_stats_aead_encrypt(unsigned int cryptlen, struct crypto_alg *alg,
1121 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1122 atomic64_inc(&alg->stats.aead.err_cnt);
1124 atomic64_inc(&alg->stats.aead.encrypt_cnt);
1125 atomic64_add(cryptlen, &alg->stats.aead.encrypt_tlen);
1127 crypto_alg_put(alg);
1129 EXPORT_SYMBOL_GPL(crypto_stats_aead_encrypt);
1131 void crypto_stats_aead_decrypt(unsigned int cryptlen, struct crypto_alg *alg,
1134 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1135 atomic64_inc(&alg->stats.aead.err_cnt);
1137 atomic64_inc(&alg->stats.aead.decrypt_cnt);
1138 atomic64_add(cryptlen, &alg->stats.aead.decrypt_tlen);
1140 crypto_alg_put(alg);
1142 EXPORT_SYMBOL_GPL(crypto_stats_aead_decrypt);
1144 void crypto_stats_akcipher_encrypt(unsigned int src_len, int ret,
1145 struct crypto_alg *alg)
1147 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1148 atomic64_inc(&alg->stats.akcipher.err_cnt);
1150 atomic64_inc(&alg->stats.akcipher.encrypt_cnt);
1151 atomic64_add(src_len, &alg->stats.akcipher.encrypt_tlen);
1153 crypto_alg_put(alg);
1155 EXPORT_SYMBOL_GPL(crypto_stats_akcipher_encrypt);
1157 void crypto_stats_akcipher_decrypt(unsigned int src_len, int ret,
1158 struct crypto_alg *alg)
1160 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1161 atomic64_inc(&alg->stats.akcipher.err_cnt);
1163 atomic64_inc(&alg->stats.akcipher.decrypt_cnt);
1164 atomic64_add(src_len, &alg->stats.akcipher.decrypt_tlen);
1166 crypto_alg_put(alg);
1168 EXPORT_SYMBOL_GPL(crypto_stats_akcipher_decrypt);
1170 void crypto_stats_akcipher_sign(int ret, struct crypto_alg *alg)
1172 if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1173 atomic64_inc(&alg->stats.akcipher.err_cnt);
1175 atomic64_inc(&alg->stats.akcipher.sign_cnt);
1176 crypto_alg_put(alg);
1178 EXPORT_SYMBOL_GPL(crypto_stats_akcipher_sign);
1180 void crypto_stats_akcipher_verify(int ret, struct crypto_alg *alg)
1182 if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1183 atomic64_inc(&alg->stats.akcipher.err_cnt);
1185 atomic64_inc(&alg->stats.akcipher.verify_cnt);
1186 crypto_alg_put(alg);
1188 EXPORT_SYMBOL_GPL(crypto_stats_akcipher_verify);
1190 void crypto_stats_compress(unsigned int slen, int ret, struct crypto_alg *alg)
1192 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1193 atomic64_inc(&alg->stats.compress.err_cnt);
1195 atomic64_inc(&alg->stats.compress.compress_cnt);
1196 atomic64_add(slen, &alg->stats.compress.compress_tlen);
1198 crypto_alg_put(alg);
1200 EXPORT_SYMBOL_GPL(crypto_stats_compress);
1202 void crypto_stats_decompress(unsigned int slen, int ret, struct crypto_alg *alg)
1204 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1205 atomic64_inc(&alg->stats.compress.err_cnt);
1207 atomic64_inc(&alg->stats.compress.decompress_cnt);
1208 atomic64_add(slen, &alg->stats.compress.decompress_tlen);
1210 crypto_alg_put(alg);
1212 EXPORT_SYMBOL_GPL(crypto_stats_decompress);
1214 void crypto_stats_ahash_update(unsigned int nbytes, int ret,
1215 struct crypto_alg *alg)
1217 if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1218 atomic64_inc(&alg->stats.hash.err_cnt);
1220 atomic64_add(nbytes, &alg->stats.hash.hash_tlen);
1221 crypto_alg_put(alg);
1223 EXPORT_SYMBOL_GPL(crypto_stats_ahash_update);
1225 void crypto_stats_ahash_final(unsigned int nbytes, int ret,
1226 struct crypto_alg *alg)
1228 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1229 atomic64_inc(&alg->stats.hash.err_cnt);
1231 atomic64_inc(&alg->stats.hash.hash_cnt);
1232 atomic64_add(nbytes, &alg->stats.hash.hash_tlen);
1234 crypto_alg_put(alg);
1236 EXPORT_SYMBOL_GPL(crypto_stats_ahash_final);
1238 void crypto_stats_kpp_set_secret(struct crypto_alg *alg, int ret)
1241 atomic64_inc(&alg->stats.kpp.err_cnt);
1243 atomic64_inc(&alg->stats.kpp.setsecret_cnt);
1244 crypto_alg_put(alg);
1246 EXPORT_SYMBOL_GPL(crypto_stats_kpp_set_secret);
1248 void crypto_stats_kpp_generate_public_key(struct crypto_alg *alg, int ret)
1251 atomic64_inc(&alg->stats.kpp.err_cnt);
1253 atomic64_inc(&alg->stats.kpp.generate_public_key_cnt);
1254 crypto_alg_put(alg);
1256 EXPORT_SYMBOL_GPL(crypto_stats_kpp_generate_public_key);
1258 void crypto_stats_kpp_compute_shared_secret(struct crypto_alg *alg, int ret)
1261 atomic64_inc(&alg->stats.kpp.err_cnt);
1263 atomic64_inc(&alg->stats.kpp.compute_shared_secret_cnt);
1264 crypto_alg_put(alg);
1266 EXPORT_SYMBOL_GPL(crypto_stats_kpp_compute_shared_secret);
1268 void crypto_stats_rng_seed(struct crypto_alg *alg, int ret)
1270 if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1271 atomic64_inc(&alg->stats.rng.err_cnt);
1273 atomic64_inc(&alg->stats.rng.seed_cnt);
1274 crypto_alg_put(alg);
1276 EXPORT_SYMBOL_GPL(crypto_stats_rng_seed);
1278 void crypto_stats_rng_generate(struct crypto_alg *alg, unsigned int dlen,
1281 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1282 atomic64_inc(&alg->stats.rng.err_cnt);
1284 atomic64_inc(&alg->stats.rng.generate_cnt);
1285 atomic64_add(dlen, &alg->stats.rng.generate_tlen);
1287 crypto_alg_put(alg);
1289 EXPORT_SYMBOL_GPL(crypto_stats_rng_generate);
1291 void crypto_stats_skcipher_encrypt(unsigned int cryptlen, int ret,
1292 struct crypto_alg *alg)
1294 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1295 atomic64_inc(&alg->stats.cipher.err_cnt);
1297 atomic64_inc(&alg->stats.cipher.encrypt_cnt);
1298 atomic64_add(cryptlen, &alg->stats.cipher.encrypt_tlen);
1300 crypto_alg_put(alg);
1302 EXPORT_SYMBOL_GPL(crypto_stats_skcipher_encrypt);
1304 void crypto_stats_skcipher_decrypt(unsigned int cryptlen, int ret,
1305 struct crypto_alg *alg)
1307 if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1308 atomic64_inc(&alg->stats.cipher.err_cnt);
1310 atomic64_inc(&alg->stats.cipher.decrypt_cnt);
1311 atomic64_add(cryptlen, &alg->stats.cipher.decrypt_tlen);
1313 crypto_alg_put(alg);
1315 EXPORT_SYMBOL_GPL(crypto_stats_skcipher_decrypt);
1318 static int __init crypto_algapi_init(void)
1324 static void __exit crypto_algapi_exit(void)
1329 module_init(crypto_algapi_init);
1330 module_exit(crypto_algapi_exit);
1332 MODULE_LICENSE("GPL");
1333 MODULE_DESCRIPTION("Cryptographic algorithms API");