From patchwork Tue Feb 20 07:48:21 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Eric Biggers <ebiggers3@gmail.com>
X-Patchwork-Id: 10229537
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <linux-crypto-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	8A7CD60392 for <patchwork-linux-crypto@patchwork.kernel.org>;
	Tue, 20 Feb 2018 07:52:10 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7D98D284F9
	for <patchwork-linux-crypto@patchwork.kernel.org>;
	Tue, 20 Feb 2018 07:52:10 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 713FB2852D; Tue, 20 Feb 2018 07:52:10 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM,
	RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CB272284F9
	for <patchwork-linux-crypto@patchwork.kernel.org>;
	Tue, 20 Feb 2018 07:52:09 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751359AbeBTHwH (ORCPT
	<rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
	Tue, 20 Feb 2018 02:52:07 -0500
Received: from mail-pg0-f67.google.com ([74.125.83.67]:38399 "EHLO
	mail-pg0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751203AbeBTHvt (ORCPT
	<rfc822;linux-crypto@vger.kernel.org>);
	Tue, 20 Feb 2018 02:51:49 -0500
Received: by mail-pg0-f67.google.com with SMTP id l24so6836747pgc.5
	for <linux-crypto@vger.kernel.org>;
	Mon, 19 Feb 2018 23:51:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=vyDww4pICD3k9Zn9JW3Lu+5MmJZ6TRrRKy1MNuIxmbc=;
	b=U1aaumS2au6Esq09+1zs9i/7/QlBMcZxGnse8na2Xz8RznjcYvllDNcX/jebUith9z
	Ff1061NJXnjA9oYltCeemun3RivqEsOKrdD6yPfnQr2tkplXhz+CFdA/7gUfcWrchP6L
	E+vohC6YNjjWSDXJUC9bNhXLKzOdR4mHhMgpT2Xu7EYSk2dh9RbCiLyfyGMxFxVgyh5k
	nLEKAGwsXCFrDnaMEytudwFwMMNuGBRmucoduZF/mwCWRuJyXcmUgOWA5l2hj1GpdMhc
	HSM31vPP3M96+El+EQ2w8U03U/iE5cuANCC6IAVP2f3VewXkZl+F9Lh2eWP/flGqqyuW
	uGFQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=vyDww4pICD3k9Zn9JW3Lu+5MmJZ6TRrRKy1MNuIxmbc=;
	b=L6YGj/o8N/02b14jKbIpK6nfrsK6BhGd5MhXLnD+T8AM+GSIXlqCMuVnZXfG0EO6xS
	LrQRB0znzluYzlSyiWpV8fTTM9ERkvzof/+dUVUntJPOhnfIXCT2RVrDT2gRZoR3KVAn
	K4C8nLEdMJ/aGL+2y0x0GqIjc6Ud0K3e2L1fyYYtK1qEkXdXfeGjTs77tPsgBZokcGnI
	t7g886fPnSMo+9Qw3lWve8pKHJJ/5Vosc/6TcusEm5ioUQo+SJn5GECYua0DOhTb2yF9
	OyBGhKYYTzB2NHFaQ8g/kzdA2illS1lvoC9pbpq4AyQW4a3r6HS8cnZFQVvVd+PofzOx
	PLfQ==
X-Gm-Message-State: APf1xPDXDQnuBe1FGzvAkPTn6rKHUZG4TUb1fAdEeG5HA4l3VHiUGI6p
	B3VF1Vr7ZVRgI7zTG0wDvTQhKahe
X-Google-Smtp-Source: 
 AH8x224XnarZPjXKRaKt0Kj9rlEPf+uy1EfYIs+EhIRi6xL/PwJ/6TKTVrUBojmp2re50tgXcs2qWQ==
X-Received: by 10.98.46.70 with SMTP id u67mr17169284pfu.16.1519113108840;
	Mon, 19 Feb 2018 23:51:48 -0800 (PST)
Received: from zzz.localdomain (c-67-185-97-198.hsd1.wa.comcast.net.
	[67.185.97.198]) by smtp.gmail.com with ESMTPSA id
	z17sm16412772pfh.183.2018.02.19.23.51.47
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Mon, 19 Feb 2018 23:51:48 -0800 (PST)
From: Eric Biggers <ebiggers3@gmail.com>
To: linux-crypto@vger.kernel.org
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
	Jussi Kivilinna <jussi.kivilinna@iki.fi>,
	Eric Biggers <ebiggers@google.com>
Subject: [PATCH 23/30] crypto: x86/camellia - remove XTS algorithm
Date: Mon, 19 Feb 2018 23:48:21 -0800
Message-Id: <20180220074828.2050-24-ebiggers3@gmail.com>
X-Mailer: git-send-email 2.16.2
In-Reply-To: <20180220074828.2050-1-ebiggers3@gmail.com>
References: <20180220074828.2050-1-ebiggers3@gmail.com>
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Eric Biggers <ebiggers@google.com>

The XTS template now wraps an ECB mode algorithm rather than the block
cipher directly.  Therefore it is now redundant for crypto modules to
wrap their ECB code with generic XTS code themselves via xts_crypt().

Remove the xts-camellia-asm algorithm which did this.  Users who request
xts(camellia) and previously would have gotten xts-camellia-asm will now
get xts(ecb-camellia-asm) instead, which is just as fast.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 arch/x86/crypto/camellia_aesni_avx_glue.c |  22 ++++++
 arch/x86/crypto/camellia_glue.c           | 111 ------------------------------
 arch/x86/include/asm/crypto/camellia.h    |   3 +-
 crypto/Kconfig                            |   1 -
 4 files changed, 24 insertions(+), 113 deletions(-)

diff --git a/arch/x86/crypto/camellia_aesni_avx_glue.c b/arch/x86/crypto/camellia_aesni_avx_glue.c
index 038bc2ae5313e..72911a7069239 100644
--- a/arch/x86/crypto/camellia_aesni_avx_glue.c
+++ b/arch/x86/crypto/camellia_aesni_avx_glue.c
@@ -192,6 +192,28 @@ static int camellia_setkey(struct crypto_tfm *tfm, const u8 *in_key,
 				 &tfm->crt_flags);
 }
 
+int xts_camellia_setkey(struct crypto_tfm *tfm, const u8 *key,
+			unsigned int keylen)
+{
+	struct camellia_xts_ctx *ctx = crypto_tfm_ctx(tfm);
+	u32 *flags = &tfm->crt_flags;
+	int err;
+
+	err = xts_check_key(tfm, key, keylen);
+	if (err)
+		return err;
+
+	/* first half of xts-key is for crypt */
+	err = __camellia_setkey(&ctx->crypt_ctx, key, keylen / 2, flags);
+	if (err)
+		return err;
+
+	/* second half of xts-key is for tweak */
+	return __camellia_setkey(&ctx->tweak_ctx, key + keylen / 2, keylen / 2,
+				flags);
+}
+EXPORT_SYMBOL_GPL(xts_camellia_setkey);
+
 static int xts_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
 		       struct scatterlist *src, unsigned int nbytes)
 {
diff --git a/arch/x86/crypto/camellia_glue.c b/arch/x86/crypto/camellia_glue.c
index 9ae2af27e759b..804ca69d5d0af 100644
--- a/arch/x86/crypto/camellia_glue.c
+++ b/arch/x86/crypto/camellia_glue.c
@@ -30,7 +30,6 @@
 #include <linux/module.h>
 #include <linux/types.h>
 #include <crypto/algapi.h>
-#include <crypto/xts.h>
 #include <asm/crypto/camellia.h>
 #include <asm/crypto/glue_helper.h>
 
@@ -1404,96 +1403,6 @@ static int ctr_crypt(struct blkcipher_desc *desc, struct scatterlist *dst,
 	return glue_ctr_crypt_128bit(&camellia_ctr, desc, dst, src, nbytes);
 }
 
-static void encrypt_callback(void *priv, u8 *srcdst, unsigned int nbytes)
-{
-	const unsigned int bsize = CAMELLIA_BLOCK_SIZE;
-	struct camellia_ctx *ctx = priv;
-	int i;
-
-	while (nbytes >= 2 * bsize) {
-		camellia_enc_blk_2way(ctx, srcdst, srcdst);
-		srcdst += bsize * 2;
-		nbytes -= bsize * 2;
-	}
-
-	for (i = 0; i < nbytes / bsize; i++, srcdst += bsize)
-		camellia_enc_blk(ctx, srcdst, srcdst);
-}
-
-static void decrypt_callback(void *priv, u8 *srcdst, unsigned int nbytes)
-{
-	const unsigned int bsize = CAMELLIA_BLOCK_SIZE;
-	struct camellia_ctx *ctx = priv;
-	int i;
-
-	while (nbytes >= 2 * bsize) {
-		camellia_dec_blk_2way(ctx, srcdst, srcdst);
-		srcdst += bsize * 2;
-		nbytes -= bsize * 2;
-	}
-
-	for (i = 0; i < nbytes / bsize; i++, srcdst += bsize)
-		camellia_dec_blk(ctx, srcdst, srcdst);
-}
-
-int xts_camellia_setkey(struct crypto_tfm *tfm, const u8 *key,
-			unsigned int keylen)
-{
-	struct camellia_xts_ctx *ctx = crypto_tfm_ctx(tfm);
-	u32 *flags = &tfm->crt_flags;
-	int err;
-
-	err = xts_check_key(tfm, key, keylen);
-	if (err)
-		return err;
-
-	/* first half of xts-key is for crypt */
-	err = __camellia_setkey(&ctx->crypt_ctx, key, keylen / 2, flags);
-	if (err)
-		return err;
-
-	/* second half of xts-key is for tweak */
-	return __camellia_setkey(&ctx->tweak_ctx, key + keylen / 2, keylen / 2,
-				flags);
-}
-EXPORT_SYMBOL_GPL(xts_camellia_setkey);
-
-static int xts_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
-		       struct scatterlist *src, unsigned int nbytes)
-{
-	struct camellia_xts_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
-	le128 buf[2 * 4];
-	struct xts_crypt_req req = {
-		.tbuf = buf,
-		.tbuflen = sizeof(buf),
-
-		.tweak_ctx = &ctx->tweak_ctx,
-		.tweak_fn = XTS_TWEAK_CAST(camellia_enc_blk),
-		.crypt_ctx = &ctx->crypt_ctx,
-		.crypt_fn = encrypt_callback,
-	};
-
-	return xts_crypt(desc, dst, src, nbytes, &req);
-}
-
-static int xts_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
-		       struct scatterlist *src, unsigned int nbytes)
-{
-	struct camellia_xts_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
-	le128 buf[2 * 4];
-	struct xts_crypt_req req = {
-		.tbuf = buf,
-		.tbuflen = sizeof(buf),
-
-		.tweak_ctx = &ctx->tweak_ctx,
-		.tweak_fn = XTS_TWEAK_CAST(camellia_enc_blk),
-		.crypt_ctx = &ctx->crypt_ctx,
-		.crypt_fn = decrypt_callback,
-	};
-
-	return xts_crypt(desc, dst, src, nbytes, &req);
-}
-
 static struct crypto_alg camellia_algs[] = { {
 	.cra_name		= "camellia",
 	.cra_driver_name	= "camellia-asm",
@@ -1571,26 +1480,6 @@ static struct crypto_alg camellia_algs[] = { {
 			.decrypt	= ctr_crypt,
 		},
 	},
-}, {
-	.cra_name		= "xts(camellia)",
-	.cra_driver_name	= "xts-camellia-asm",
-	.cra_priority		= 300,
-	.cra_flags		= CRYPTO_ALG_TYPE_BLKCIPHER,
-	.cra_blocksize		= CAMELLIA_BLOCK_SIZE,
-	.cra_ctxsize		= sizeof(struct camellia_xts_ctx),
-	.cra_alignmask		= 0,
-	.cra_type		= &crypto_blkcipher_type,
-	.cra_module		= THIS_MODULE,
-	.cra_u = {
-		.blkcipher = {
-			.min_keysize	= CAMELLIA_MIN_KEY_SIZE * 2,
-			.max_keysize	= CAMELLIA_MAX_KEY_SIZE * 2,
-			.ivsize		= CAMELLIA_BLOCK_SIZE,
-			.setkey		= xts_camellia_setkey,
-			.encrypt	= xts_encrypt,
-			.decrypt	= xts_decrypt,
-		},
-	},
 } };
 
 static bool is_blacklisted_cpu(void)
diff --git a/arch/x86/include/asm/crypto/camellia.h b/arch/x86/include/asm/crypto/camellia.h
index 08d71444edc20..28080ccbff9f1 100644
--- a/arch/x86/include/asm/crypto/camellia.h
+++ b/arch/x86/include/asm/crypto/camellia.h
@@ -2,8 +2,9 @@
 #ifndef ASM_X86_CAMELLIA_H
 #define ASM_X86_CAMELLIA_H
 
-#include <linux/kernel.h>
+#include <crypto/b128ops.h>
 #include <linux/crypto.h>
+#include <linux/kernel.h>
 
 #define CAMELLIA_MIN_KEY_SIZE	16
 #define CAMELLIA_MAX_KEY_SIZE	32
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 694e4e9de3cb5..354ee503fae2c 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -1147,7 +1147,6 @@ config CRYPTO_CAMELLIA_X86_64
 	depends on CRYPTO
 	select CRYPTO_ALGAPI
 	select CRYPTO_GLUE_HELPER_X86
-	select CRYPTO_XTS
 	help
 	  Camellia cipher algorithm module (x86_64).