mbox series

[RFC,00/10] introduce crypto wait for async op function

Message ID 1494075602-5061-1-git-send-email-gilad@benyossef.com
Headers show
Series introduce crypto wait for async op function | expand

Message

Gilad Ben-Yossef May 6, 2017, 12:59 p.m. UTC 
Many users of kernel async. crypto services have a pattern of
starting an async. crypto op and than using a completion
to wait for it to end, resulting of the same code repeating
itself in multiple places, sometime with errors.

This patch aims to introduce a generic "wait for async. 
crypto op to complete" functions and move all the users
I could find to use it.  This gets rid of almost 300 
lines of code and fixes at least one bug (hopefully
without adding new ones).

In some cases (indicated in the specific patch description)
the move to the generic function changes the semantics
slightly (such as dropping interruptible when waiting).
I am especially interested in feedback whether people
think this is OK or I should an interruptible variant.

The patch set was boot tested on x86_64 and arm64 which
at the very least tests the crypto users via testmgr
but I am less confident regarding some of the other
users and would love feedback.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>


Gilad Ben-Yossef (10):
  crypto: factor async completion for general use
  crypto: move pub key to generic async completion
  crypto: move drbg to generic async completion
  crypto: move gcm to generic async completion
  crypto: move testmgr to generic async completion
  dm: move dm-verity to generic async completion
  fscrypt: move to generic async completion
  cifs: move to generic async completion
  ima: move to generic async completion
  crypto: adapt api sample to use async. op wait

 Documentation/crypto/api-samples.rst |  52 ++--------
 crypto/af_alg.c                      |  27 -----
 crypto/algif_aead.c                  |  14 +--
 crypto/algif_hash.c                  |  30 +++---
 crypto/algif_skcipher.c              |  10 +-
 crypto/api.c                         |  28 ++++++
 crypto/asymmetric_keys/public_key.c  |  28 +-----
 crypto/drbg.c                        |  35 ++-----
 crypto/gcm.c                         |  34 ++-----
 crypto/testmgr.c                     | 184 +++++++++++------------------------
 drivers/md/dm-verity-target.c        |  81 ++++-----------
 drivers/md/dm-verity.h               |   5 -
 fs/cifs/smb2ops.c                    |  30 +-----
 fs/crypto/crypto.c                   |  28 +-----
 fs/crypto/fname.c                    |  36 ++-----
 fs/crypto/fscrypt_private.h          |  10 --
 fs/crypto/keyinfo.c                  |  21 +---
 include/crypto/drbg.h                |   3 +-
 include/crypto/if_alg.h              |  14 ---
 include/linux/crypto.h               |  28 ++++++
 security/integrity/ima/ima_crypto.c  |  56 ++++-------
 21 files changed, 222 insertions(+), 532 deletions(-)

-- 
2.1.4

Comments

Pavel Shilovsky May 8, 2017, 8:56 p.m. UTC | #1 
2017-05-06 5:59 GMT-07:00 Gilad Ben-Yossef <gilad@benyossef.com>:
> cifs starts an async. crypto op and waits for their completion.

> Move it over to generic code doing the same.

>

> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>

> ---

>  fs/cifs/smb2ops.c | 30 ++++--------------------------

>  1 file changed, 4 insertions(+), 26 deletions(-)

>

> diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c

> index 152e37f..cee7bb3 100644

> --- a/fs/cifs/smb2ops.c

> +++ b/fs/cifs/smb2ops.c

> @@ -1706,22 +1706,6 @@ init_sg(struct smb_rqst *rqst, u8 *sign)

>         return sg;

>  }

>

> -struct cifs_crypt_result {

> -       int err;

> -       struct completion completion;

> -};

> -

> -static void cifs_crypt_complete(struct crypto_async_request *req, int err)

> -{

> -       struct cifs_crypt_result *res = req->data;

> -

> -       if (err == -EINPROGRESS)

> -               return;

> -

> -       res->err = err;

> -       complete(&res->completion);

> -}

> -

>  static int

>  smb2_get_enc_key(struct TCP_Server_Info *server, __u64 ses_id, int enc, u8 *key)

>  {

> @@ -1762,12 +1746,10 @@ crypt_message(struct TCP_Server_Info *server, struct smb_rqst *rqst, int enc)

>         struct aead_request *req;

>         char *iv;

>         unsigned int iv_len;

> -       struct cifs_crypt_result result = {0, };

> +       DECLARE_CRYPTO_WAIT(wait);

>         struct crypto_aead *tfm;

>         unsigned int crypt_len = le32_to_cpu(tr_hdr->OriginalMessageSize);

>

> -       init_completion(&result.completion);

> -

>         rc = smb2_get_enc_key(server, tr_hdr->SessionId, enc, key);

>         if (rc) {

>                 cifs_dbg(VFS, "%s: Could not get %scryption key\n", __func__,

> @@ -1825,14 +1807,10 @@ crypt_message(struct TCP_Server_Info *server, struct smb_rqst *rqst, int enc)

>         aead_request_set_ad(req, assoc_data_len);

>

>         aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,

> -                                 cifs_crypt_complete, &result);

> +                                 crypto_req_done, &wait);

>

> -       rc = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);

> -

> -       if (rc == -EINPROGRESS || rc == -EBUSY) {

> -               wait_for_completion(&result.completion);

> -               rc = result.err;

> -       }

> +       rc = crypto_wait_req(enc ? crypto_aead_encrypt(req)

> +                               : crypto_aead_decrypt(req), &wait);

>

>         if (!rc && enc)

>                 memcpy(&tr_hdr->Signature, sign, SMB2_SIGNATURE_SIZE);

> --

> 2.1.4

>

> --

> To unsubscribe from this list: send the line "unsubscribe linux-cifs" in

> the body of a message to majordomo@vger.kernel.org

> More majordomo info at  http://vger.kernel.org/majordomo-info.html


Acked-by: Pavel Shilovsky <pshilov@microsoft.com>


Best regards,
Pavel Shilovsky