Commit aff304e7 authored by Harald Freudenberger's avatar Harald Freudenberger Committed by Martin Schwidefsky

s390/crypto: Adjust s390 aes and paes cipher priorities

Tests with paes-xts and debugging investigations showed
that the ciphers are not always correctly resolved.
The rules for cipher priorities seem to be:
 - Ecb-aes should have a prio greater than the
   generic ecb-aes.
 - The mode specialized ciphers (like cbc-aes-s390)
   should have a prio greater than the sum of the
   more generic combinations (like cbs(aes)).

This patch adjusts the cipher priorities for the
s390 aes and paes in kernel crypto implementations.
Signed-off-by: default avatarHarald Freudenberger <freude@linux.vnet.ibm.com>
Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
parent c18bb396
...@@ -329,7 +329,7 @@ static void fallback_exit_blk(struct crypto_tfm *tfm) ...@@ -329,7 +329,7 @@ static void fallback_exit_blk(struct crypto_tfm *tfm)
static struct crypto_alg ecb_aes_alg = { static struct crypto_alg ecb_aes_alg = {
.cra_name = "ecb(aes)", .cra_name = "ecb(aes)",
.cra_driver_name = "ecb-aes-s390", .cra_driver_name = "ecb-aes-s390",
.cra_priority = 400, /* combo: aes + ecb */ .cra_priority = 401, /* combo: aes + ecb + 1 */
.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER | .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER |
CRYPTO_ALG_NEED_FALLBACK, CRYPTO_ALG_NEED_FALLBACK,
.cra_blocksize = AES_BLOCK_SIZE, .cra_blocksize = AES_BLOCK_SIZE,
...@@ -426,7 +426,7 @@ static int cbc_aes_decrypt(struct blkcipher_desc *desc, ...@@ -426,7 +426,7 @@ static int cbc_aes_decrypt(struct blkcipher_desc *desc,
static struct crypto_alg cbc_aes_alg = { static struct crypto_alg cbc_aes_alg = {
.cra_name = "cbc(aes)", .cra_name = "cbc(aes)",
.cra_driver_name = "cbc-aes-s390", .cra_driver_name = "cbc-aes-s390",
.cra_priority = 400, /* combo: aes + cbc */ .cra_priority = 402, /* ecb-aes-s390 + 1 */
.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER | .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER |
CRYPTO_ALG_NEED_FALLBACK, CRYPTO_ALG_NEED_FALLBACK,
.cra_blocksize = AES_BLOCK_SIZE, .cra_blocksize = AES_BLOCK_SIZE,
...@@ -633,7 +633,7 @@ static void xts_fallback_exit(struct crypto_tfm *tfm) ...@@ -633,7 +633,7 @@ static void xts_fallback_exit(struct crypto_tfm *tfm)
static struct crypto_alg xts_aes_alg = { static struct crypto_alg xts_aes_alg = {
.cra_name = "xts(aes)", .cra_name = "xts(aes)",
.cra_driver_name = "xts-aes-s390", .cra_driver_name = "xts-aes-s390",
.cra_priority = 400, /* combo: aes + xts */ .cra_priority = 402, /* ecb-aes-s390 + 1 */
.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER | .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER |
CRYPTO_ALG_NEED_FALLBACK, CRYPTO_ALG_NEED_FALLBACK,
.cra_blocksize = AES_BLOCK_SIZE, .cra_blocksize = AES_BLOCK_SIZE,
...@@ -763,7 +763,7 @@ static int ctr_aes_decrypt(struct blkcipher_desc *desc, ...@@ -763,7 +763,7 @@ static int ctr_aes_decrypt(struct blkcipher_desc *desc,
static struct crypto_alg ctr_aes_alg = { static struct crypto_alg ctr_aes_alg = {
.cra_name = "ctr(aes)", .cra_name = "ctr(aes)",
.cra_driver_name = "ctr-aes-s390", .cra_driver_name = "ctr-aes-s390",
.cra_priority = 400, /* combo: aes + ctr */ .cra_priority = 402, /* ecb-aes-s390 + 1 */
.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER | .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER |
CRYPTO_ALG_NEED_FALLBACK, CRYPTO_ALG_NEED_FALLBACK,
.cra_blocksize = 1, .cra_blocksize = 1,
......
...@@ -138,7 +138,7 @@ static int ecb_paes_decrypt(struct blkcipher_desc *desc, ...@@ -138,7 +138,7 @@ static int ecb_paes_decrypt(struct blkcipher_desc *desc,
static struct crypto_alg ecb_paes_alg = { static struct crypto_alg ecb_paes_alg = {
.cra_name = "ecb(paes)", .cra_name = "ecb(paes)",
.cra_driver_name = "ecb-paes-s390", .cra_driver_name = "ecb-paes-s390",
.cra_priority = 400, /* combo: aes + ecb */ .cra_priority = 401, /* combo: aes + ecb + 1 */
.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER, .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
.cra_blocksize = AES_BLOCK_SIZE, .cra_blocksize = AES_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct s390_paes_ctx), .cra_ctxsize = sizeof(struct s390_paes_ctx),
...@@ -241,7 +241,7 @@ static int cbc_paes_decrypt(struct blkcipher_desc *desc, ...@@ -241,7 +241,7 @@ static int cbc_paes_decrypt(struct blkcipher_desc *desc,
static struct crypto_alg cbc_paes_alg = { static struct crypto_alg cbc_paes_alg = {
.cra_name = "cbc(paes)", .cra_name = "cbc(paes)",
.cra_driver_name = "cbc-paes-s390", .cra_driver_name = "cbc-paes-s390",
.cra_priority = 400, /* combo: aes + cbc */ .cra_priority = 402, /* ecb-paes-s390 + 1 */
.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER, .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
.cra_blocksize = AES_BLOCK_SIZE, .cra_blocksize = AES_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct s390_paes_ctx), .cra_ctxsize = sizeof(struct s390_paes_ctx),
...@@ -377,7 +377,7 @@ static int xts_paes_decrypt(struct blkcipher_desc *desc, ...@@ -377,7 +377,7 @@ static int xts_paes_decrypt(struct blkcipher_desc *desc,
static struct crypto_alg xts_paes_alg = { static struct crypto_alg xts_paes_alg = {
.cra_name = "xts(paes)", .cra_name = "xts(paes)",
.cra_driver_name = "xts-paes-s390", .cra_driver_name = "xts-paes-s390",
.cra_priority = 400, /* combo: aes + xts */ .cra_priority = 402, /* ecb-paes-s390 + 1 */
.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER, .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
.cra_blocksize = AES_BLOCK_SIZE, .cra_blocksize = AES_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct s390_pxts_ctx), .cra_ctxsize = sizeof(struct s390_pxts_ctx),
...@@ -523,7 +523,7 @@ static int ctr_paes_decrypt(struct blkcipher_desc *desc, ...@@ -523,7 +523,7 @@ static int ctr_paes_decrypt(struct blkcipher_desc *desc,
static struct crypto_alg ctr_paes_alg = { static struct crypto_alg ctr_paes_alg = {
.cra_name = "ctr(paes)", .cra_name = "ctr(paes)",
.cra_driver_name = "ctr-paes-s390", .cra_driver_name = "ctr-paes-s390",
.cra_priority = 400, /* combo: aes + ctr */ .cra_priority = 402, /* ecb-paes-s390 + 1 */
.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER, .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
.cra_blocksize = 1, .cra_blocksize = 1,
.cra_ctxsize = sizeof(struct s390_paes_ctx), .cra_ctxsize = sizeof(struct s390_paes_ctx),
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment