Commit Graph

34413 Commits

Author SHA1 Message Date
Michal Ludvig ccc17c34d6 [CRYPTO] padlock: Update private header file
PADLOCK_CRA_PRIORITY is shared between padlock-aes and padlock-sha
so it should be in the header.

On the other hand "struct cword" is only used in padlock-aes.c
so it's unnecessary to have it in padlock.h

Signed-off-by: Michal Ludvig <michal@logix.cz>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:40:22 +10:00
Herbert Xu db5e9a4237 [CRYPTO] padlock: Add compatibility alias after rename
Whenever we rename modules we should add an alias to ensure that existing
users can still locate the new module.

This patch also gets rid of the now unused module function prototypes from
padlock.h.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:40:22 +10:00
Michal Ludvig 1191f0a493 [CRYPTO] padlock: Get rid of padlock-generic.c
Merge padlock-generic.c into padlock-aes.c and compile
AES as a standalone module. We won't make a monolithic
padlock.ko with all supported algorithms, instead we'll
compile each driver into its own module.

Signed-off-by: Michal Ludvig <michal@logix.cz>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:40:21 +10:00
Michal Ludvig b14cdd6704 [CRYPTO] api: Add missing accessors for new crypto_alg fields
Add missing accessors for cra_driver_name and cra_priority.

Signed-off-by: Michal Ludvig <michal@logix.cz>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:40:21 +10:00
Michal Ludvig b3be9a6d9a [CRYPTO] sha: Add module aliases for sha1 / sha256
Crypto modules should be loadable by their .cra_driver_name, so
we should make MODULE_ALIAS()es with these names. This patch adds
aliases for SHA1 and SHA256 only as that's what we need for
PadLock-SHA driver.

Signed-off-by: Michal Ludvig <michal@logix.cz>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:40:20 +10:00
Herbert Xu 6bfd48096f [CRYPTO] api: Added spawns
Spawns lock a specific crypto algorithm in place.  They can then be used
with crypto_spawn_tfm to allocate a tfm for that algorithm.  When the base
algorithm of a spawn is deregistered, all its spawns will be automatically
removed.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-09-21 11:39:29 +10:00
Herbert Xu 492e2b63eb [CRYPTO] api: Allow algorithm lookup by type
This patch also adds the infrastructure to pick an algorithm based on
their type.  For example, this allows you to select the encryption
algorithm "aes", instead of any algorithm registered under the name
"aes".  For now this is only accessible internally.  Eventually it
will be made available through crypto_alloc_tfm.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-09-21 11:35:17 +10:00
Herbert Xu 2b8c19dbdc [CRYPTO] api: Add cryptomgr
The cryptomgr module is a simple manager of crypto algorithm instances.
It ensures that parameterised algorithms of the type tmpl(alg) (e.g.,
cbc(aes)) are always created.

This is meant to satisfy the needs for most users.  For more complex
cases such as deeper combinations or multiple parameters, a netlink
module will be created which allows arbitrary expressions to be parsed
in user-space.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-09-21 11:31:44 +10:00
Herbert Xu 2825982d9d [CRYPTO] api: Added event notification
This patch adds a notifier chain for algorithm/template registration events.
This will be used to register compound algorithms such as cbc(aes).  In
future this will also be passed onto user-space through netlink.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-09-21 11:17:13 +10:00
Herbert Xu 4cc7720cd1 [CRYPTO] api: Add template registration
A crypto_template generates a crypto_alg object when given a set of
parameters.  this patch adds the basic data structure fo templates
and code to handle their registration/deregistration.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-09-21 11:17:12 +10:00
Herbert Xu cce9e06d10 [CRYPTO] api: Split out low-level API
The crypto API is made up of the part facing users such as IPsec and the
low-level part which is used by cryptographic entities such as algorithms.
This patch splits out the latter so that the two APIs are more clearly
delineated.  As a bonus the low-level API can now be modularised if all
algorithms are built as modules.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:16:30 +10:00
Herbert Xu 9409f38a0c [IPSEC]: Move linux/crypto.h inclusion out of net/xfrm.h
The header file linux/crypto.h is only needed by a few files so including
it in net/xfrm.h (which is included by half of the networking stack) is a
waste.  This patch moves it out of net/xfrm.h and into the specific header
files that actually need it.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:16:30 +10:00
Herbert Xu 6521f30273 [CRYPTO] api: Add crypto_alg reference counting
Up until now we've relied on module reference counting to ensure that the
crypto_alg structures don't disappear from under us.  This was good enough
as long as each crypto_alg came from exactly one module.

However, with parameterised crypto algorithms a crypto_alg object may need
two or more modules to operate.  This means that we need to count the
references to the crypto_alg object directly.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-09-21 11:16:29 +10:00
Herbert Xu 72fa491912 [CRYPTO] api: Rename crypto_alg_get to crypto_mod_get
The functions crypto_alg_get and crypto_alg_put operates on the crypto
modules rather than the algorithms.  Therefore it makes sense to call
them crypto_mod_get and crypto_alg_put respectively.

This is needed because we need to have real algorithm reference counters
for parameterised algorithms as they can be unregistered from below by
when their parameter algorithms are themselves unregistered.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-09-21 11:16:29 +10:00
Joachim Fritschi eaf44088ff [CRYPTO] twofish: x86-64 assembly version
The patch passed the trycpt tests and automated filesystem tests.
This rewrite resulted in some nice perfomance increase over my last patch.

Short summary of the tcrypt benchmarks:

Twofish Assembler vs. Twofish C (256bit 8kb block CBC)
encrypt: -27% Cycles
decrypt: -23% Cycles

Twofish Assembler vs. AES Assembler (128bit 8kb block CBC)
encrypt: +18%  Cycles
decrypt: +15% Cycles

Twofish Assembler vs. AES Assembler (256bit 8kb block CBC)
encrypt: -9% Cycles
decrypt: -8% Cycles

Full Output:
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-twofish-c-x86_64.txt
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-twofish-asm-x86_64.txt
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-aes-asm-x86_64.txt


Here is another bonnie++ benchmark with encrypted filesystems. Most runs maxed
out the hd. It should give some idea what the module can do for encrypted filesystem
performance even though you can't see the full numbers.

http://homepages.tu-darmstadt.de/~fritschi/twofish/output_20060610_130806_x86_64.html

Signed-off-by: Joachim Fritschi <jfritschi@freenet.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:16:29 +10:00
Joachim Fritschi b9f535ffe3 [CRYPTO] twofish: i586 assembly version
The patch passed the trycpt tests and automated filesystem tests.
This rewrite resulted in some nice perfomance increase over my last patch.

Short summary of the tcrypt benchmarks:

Twofish Assembler vs. Twofish C (256bit 8kb block CBC)
encrypt: -33% Cycles
decrypt: -45% Cycles

Twofish Assembler vs. AES Assembler (128bit 8kb block CBC)
encrypt: +3%  Cycles
decrypt: -22% Cycles

Twofish Assembler vs. AES Assembler (256bit 8kb block CBC)
encrypt: -20% Cycles
decrypt: -36% Cycles

Full Output:
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-twofish-asm-i586.txt
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-twofish-c-i586.txt
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-aes-asm-i586.txt


Here is another bonnie++ benchmark with encrypted filesystems. All runs with
the twofish assembler modules max out the drivespeed. It should give some
idea what the module can do for encrypted filesystem performance even though
you can't see the full numbers.

http://homepages.tu-darmstadt.de/~fritschi/twofish/output_20060611_205432_x86.html

Signed-off-by: Joachim Fritschi <jfritschi@freenet.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:16:28 +10:00
Joachim Fritschi 758f570ea7 [CRYPTO] twofish: Fix the priority
This patch adds a proper driver name and priority to the generic c
implemtation to allow coexistance of c and assembler modules.

Signed-off-by: Joachim Fritschi <jfritschi@freenet.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:16:28 +10:00
Joachim Fritschi 2729bb427f [CRYPTO] twofish: Split out common c code
This patch splits up the twofish crypto routine into a common part ( key
setup  ) which will be uses by all twofish crypto modules ( generic-c , i586
assembler and x86_64 assembler ) and generic-c part. It also creates a new
header file which will be used by all 3 modules.

This eliminates all code duplication.

Correctness was verified with the tcrypt module and automated test scripts.

Signed-off-by: Joachim Fritschi <jfritschi@freenet.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:16:27 +10:00
Herbert Xu 799111020c [CRYPTO] api: Fixed crypto_tfm context alignment
Previously the __aligned__ attribute was added to the crypto_tfm context
member to ensure it is alinged correctly on architectures such as arm.
Unfortunately kmalloc does not use the same minimum alignment rules as
gcc so this is useless.

This patch changes it to use kmalloc's minimum alignment.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-09-21 11:16:27 +10:00
Mark Fasheh eb35746ca5 ocfs2: Remove overzealous BUG_ON()
The truncate code was never supposed to BUG() on an allocator it doesn't
know about, but rather to ignore it. Right now, this does nothing, but when
we change our allocation paths to use all suballocator files, this will
allow current versions of the fs module to work fine.

Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-09-20 16:00:54 -07:00
Mark Fasheh f12033d206 ocfs2: Don't print on unknown remote blocking call
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-09-20 16:00:36 -07:00
Mark Fasheh 02ed8416fe ocfs2: Remove EXPERIMENTAL dependency
Things have been working pretty well for a while now.

We should've probably done this at least one kernel
revision ago, but it doesn't hurt to be paranoid.

Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-09-20 16:00:06 -07:00
Mark Fasheh aa9588741d ocfs2: implement directory read-ahead
Uptodate.c now knows about read-ahead buffers. Use some more aggressive
logic in ocfs2_readdir().

The two functions which currently use directory read-ahead are
ocfs2_find_entry() and ocfs2_readdir().

Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-09-20 15:53:40 -07:00
Mark Fasheh e0b4096d34 ocfs2: properly update i_mtime on buffered write
We weren't always updating i_mtime on writes, so fix ocfs2_commit_write() to
handle this.

Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
Acked-by: Zach Brown <zach.brown@oracle.com>
2006-09-20 15:53:05 -07:00
Tiger Yang 0f62de2c9c ocfs2: Fix directory link count checks in ocfs2_link()
Remove the redundant "i_nlink >= OCFS2_LINK_MAX" check and adds an unlinked
directory check in ocfs2_link().

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-09-20 15:52:27 -07:00
Mark Fasheh a663e30513 ocfs2: move nlink check in ocfs2_mknod()
The dir nlink check in ocfs2_mknod() was being done outside of the cluster
lock, which means we could have been checking against a stale version of the
inode. Fix this by doing the check after the cluster lock instead.

Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-09-20 15:52:08 -07:00
Mathieu Avila 471e3f5728 ocfs2: Fix heartbeat sector calculation
This fixes things for devices which set max_sectors to 8.

Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-09-20 15:50:53 -07:00
Adrian Bunk 2d5625181f [PATCH] fs/ocfs2/ioctl.c should #include "ioctl.h"
Every file should #include the headers containing the prototypes for its
global functions.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-09-20 15:49:33 -07:00
Herbert Poetzl ca4d147e62 ocfs2: add ext2 attributes
Support immutable, and other attributes.

Some renaming and other minor fixes done by myself.

Signed-off-by: Herbert Poetzl <herbert@13thfloor.at>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-09-20 15:48:39 -07:00
Joel Becker b4c98f625f configfs: Prevent duplicate subsystem names.
For all child objects, creation comes through mkdir(2), so duplicate names
are prevented.

Subsystems, though, are registered by client drivers at init_module()/__init
time.  This patch prevents duplicate subsystem names.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-09-20 15:46:14 -07:00
Michael Holzheu 388c571cff [S390] hypfs crashes with invalid mount option.
When an invalid mount option is specified, no root inode is created
for hypfs, hypfs_fill_super() returns with -EINVAL and then
hypfs_kill_super() is called. hypfs_kill_super() does not check if
the root inode has been initialized. This patch adds this check.

Signed-off-by: Michael Holzheu <holzheu@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 16:00:04 +02:00
Peter Oberparleiter 564337f34c [S390] cio: subchannel evaluation function operates without lock
css_evaluate_subchannel() operates subchannel without lock which can
lead to erratic behavior caused by concurrent device access. Also
split evaluation function to make it more readable.

Signed-off-by: Peter Oberparleiter <peter.oberparleiter@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 16:00:01 +02:00
Peter Oberparleiter 28bdc6f623 [S390] cio: always query all paths on path verification.
Reappearing channel paths are sometimes not utilized by CCW devices
because path verification incorrectly relies on path-operational-mask
information which is not updated until a channel path has been used
again.
Modify path verification procedure to always query all available paths
to a device.

Signed-off-by: Peter Oberparleiter <peter.oberparleiter@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:59 +02:00
Peter Oberparleiter e0e32c8eba [S390] cio: update path groups on logical CHPID changes.
CHPIDs that are logically varied off will not be removed from
a CCW device's path group because resign-from-pathgroup command is
issued with invalid path mask of 0 because internal CCW operations
are masked by the logical path mask after the relevant bits are
cleared by the vary operation.
Do not apply logical path mask to internal operations.

Signed-off-by: Peter Oberparleiter <peter.oberparleiter@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:57 +02:00
Peter Oberparleiter dd9963f9dd [S390] cio: subchannels in no-path state.
Subchannel may incorrectly remain in state no-path after channel paths
have reappeared. Currently the scan for subchannels which are using a
channel path ends at the first occurrence if a full link address was
provided by the channel subsystem. The scan needs to continue over
all subchannels.

Signed-off-by: Peter Oberparleiter <peter.oberparleiter@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:54 +02:00
Peter Oberparleiter dcd707b4bd [S390] Replace nopav-message on VM.
Specifying kernel parameter "dasd=nopav" on systems running under VM
has no function but results in message "disable PAV mode". Correct
message is "'nopav' not supported on VM".

Signed-off-by: Peter Oberparleiter <peter.oberparleiter@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:52 +02:00
Peter Oberparleiter db0c2d5908 [S390] set modalias for ccw bus uevents.
Add the MODALIAS environment variable for ccw bus uevents.

Signed-off-by: Peter Oberparleiter <peter.oberparleiter@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:49 +02:00
Cornelia Huck 250b2dc833 [S390] Get rid of DBG macro.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:47 +02:00
Gerald Schaefer 6c2a9e6df6 [S390] Use alternative user-copy operations for new hardware.
This introduces new user-copy operations which are optimized for
copying more than 256 Bytes on new hardware.

Signed-off-by: Gerald Schaefer <geraldsc@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:44 +02:00
Gerald Schaefer d02765d1af [S390] Make user-copy operations run-time configurable.
Introduces a struct uaccess_ops which allows setting user-copy
operations at run-time.

Signed-off-by: Gerald Schaefer <geraldsc@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:42 +02:00
Gerald Schaefer 6837a8c352 [S390] Cleanup in signal handling code.
Signed-off-by: Gerald Schaefer <geraldsc@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:39 +02:00
Gerald Schaefer 9282ed9297 [S390] Cleanup in page table related code.
Changed and simplified some page table related #defines and code.

Signed-off-by: Gerald Schaefer <geraldsc@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:37 +02:00
Melissa Howland 31b5808829 [S390] Linux API for writing z/VM APPLDATA Monitor records.
This patch delivers a new Linux API in the form of a misc char
device that is useable from user space and allows write access
to the z/VM APPLDATA Monitor Records collected by the *MONITOR
System Service of z/VM.

Signed-off-by: Melissa Howland <melissah@us.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:34 +02:00
Christian Borntraeger e620c49400 [S390] xpram off by one error.
The xpram driver shows and uses 4096 bytes less than available.

Signed-off-by: Christian Borntraeger <cborntra@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:32 +02:00
Heiko Carstens 07d43ce6a2 [S390] Remove kexec experimental flag.
Follow other architectures and remove kexec experimental flag.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:29 +02:00
Gerald Schaefer 1f38d61347 [S390] cleanup appldata.
Introduce asm header that contains the appldata data structures and
the diag inline assembly.

Signed-off-by: Gerald Schaefer <geraldsc@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:26 +02:00
Christian Borntraeger 45af3af876 [S390] fix typo in vmcp.
Fix comment typo in vmcp, it is z/VM and not v/VM.

Signed-off-by: Christian Borntraeger <cborntra@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:24 +02:00
Heiko Carstens 9514e2311b [S390] Kernel stack overflow handling.
Substract the size of the initial stack frame from the correct
register. Otherwise we will end up in a program check loop.
Fix the offset into the save area as well.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:22 +02:00
Frank Pavlic 6981e936aa [S390] qdio slsb processing state.
The last SLSB has to be set to STATE_PROCESSING if we really want to
use the PROCESSING feature.

Signed-off-by: Frank Pavlic <fpavlic@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:19 +02:00
Heiko Carstens 81388d2a45 [S390] Missing initialization in common i/o layer.
Previous patch that was intended to reduce stack usage within common
i/o layer didn't consider implicit memset(..., 0, ...) used with the
initializations used before.
Add these missing memsets wherever it's not obvious that the
concerned memory region is zeroed. This should give the same semantics
as before.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2006-09-20 15:59:17 +02:00