Re: [PATCH v11 5/6] s390/crypto: Add selftest support for phmac

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Harald Freudenberger <freude@linux.ibm.com>
To: Holger Dengler <dengler@linux.ibm.com>
Cc: linux-crypto@vger.kernel.org, linux-s390@vger.kernel.org,
	fcallies@linux.ibm.com, herbert@gondor.apana.org.au,
	ifranzki@linux.ibm.com
Subject: Re: [PATCH v11 5/6] s390/crypto: Add selftest support for phmac
Date: Mon, 26 May 2025 16:06:20 +0200	[thread overview]
Message-ID: <f24b49ae2c25815913fffd82dbecadcb@linux.ibm.com> (raw)
In-Reply-To: <5c7ef880-15a2-4f24-96a4-75b6d29f7c4e@linux.ibm.com>

On 2025-05-23 16:55, Holger Dengler wrote:
> On 22/05/2025 10:57, Harald Freudenberger wrote:
>> Add key preparation code in case of selftest running to the phmac
>> setkey function:
>> 
>> As long as the CRYPTO_ALG_TESTED flag is not set, all setkey()
>> invocations are assumed to carry sheer hmac clear key values and thus
>> need some preparation to work with the phmac implementation. Thus it
>> is possible to use the already available hmac test vectors implemented
>> in the testmanager to test the phmac code.
>> 
>> When the CRYPTO_ALG_TESTED flag is set (after larval state) the phmac
>> code assumes the key material is a blob digestible by the pkey kernel
>> module which converts the blob into a working key for the phmac code.
>> 
>> Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
> 
> For this series, the explicit calls of CPACF for hashing long keys is
> ok. Long term, I would suggest to switch to introduce library
> functions for sha224(), sha384() and sha512(), all similar to
> sha256(), and use them for hashing the clear key. This will remove the
> hard dependency to CPACF SHA function codes for this module. But we
> should do this in a separate series and do the same for clear-key
> hmac.
> 

D'accord - but let's first focus on the real implementation and when all
this rework on the next kernel is done, we can start to use the library
functions instead.

> See another comment below. The rest looks good.
> Reviewed-by: Holger Dengler <dengler@linux.ibm.com>
> 
> 
> [...]
>> @@ -854,6 +986,17 @@ static int __init s390_phmac_init(void)
> [...]
>> +	/* register a simple phmac pseudo misc device */
>> +	rc = misc_register(&phmac_dev);
>> +	if (rc)
>> +		return rc;
>> +
> 
> These 5 lines should go into patch 3/6, as it uses `phmac_dev` already.
> 
>>  	/* with this pseudo device alloc and start a crypto engine */
>>  	phmac_crypto_engine =
>>  		crypto_engine_alloc_init_and_set(phmac_dev.this_device,

Done - this code piece really should have been in patch #3.

next prev parent reply	other threads:[~2025-05-26 14:06 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-05-22  8:57 [PATCH v11 0/6] New s390 specific protected key hmac Harald Freudenberger
2025-05-22  8:57 ` [PATCH v11 1/6] crypto: ahash - make hash walk functions from ahash.c public Harald Freudenberger
2025-05-23 14:58   ` Holger Dengler
2025-05-22  8:57 ` [PATCH v11 2/6] s390/crypto: Add protected key hmac subfunctions for KMAC Harald Freudenberger
2025-05-23 15:00   ` Holger Dengler
2025-05-22  8:57 ` [PATCH v11 3/6] s390/crypto: New s390 specific protected key hash phmac Harald Freudenberger
2025-05-23 14:52   ` Holger Dengler
2025-05-26 14:02     ` Harald Freudenberger
2025-05-22  8:57 ` [PATCH v11 4/6] crypto: api - Add crypto_tfm_alg_get_flags() helper inline function Harald Freudenberger
2025-05-23 15:02   ` Holger Dengler
2025-05-22  8:57 ` [PATCH v11 5/6] s390/crypto: Add selftest support for phmac Harald Freudenberger
2025-05-22  9:10   ` Herbert Xu
2025-05-26 13:58     ` Harald Freudenberger
2025-05-23 14:55   ` Holger Dengler
2025-05-26 14:06     ` Harald Freudenberger [this message]
2025-05-22  8:57 ` [PATCH v11 6/6] crypto: testmgr - Enable phmac selftest Harald Freudenberger
2025-05-23 15:03   ` Holger Dengler

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f24b49ae2c25815913fffd82dbecadcb@linux.ibm.com \
    --to=freude@linux.ibm.com \
    --cc=dengler@linux.ibm.com \
    --cc=fcallies@linux.ibm.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=ifranzki@linux.ibm.com \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-s390@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.