[S390] arch/s390: Add missing "space"
[linux-2.6.git] / arch / s390 / crypto / aes_s390.c
index c7c43c9..a3f67f8 100644 (file)
@@ -4,10 +4,11 @@
  * s390 implementation of the AES Cipher Algorithm.
  *
  * s390 Version:
- *   Copyright (C) 2005 IBM Deutschland GmbH, IBM Corporation
+ *   Copyright IBM Corp. 2005,2007
  *   Author(s): Jan Glauber (jang@de.ibm.com)
+ *             Sebastian Siewior (sebastian@breakpoint.cc> SW-Fallback
  *
- * Derived from "crypto/aes.c"
+ * Derived from "crypto/aes_generic.c"
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the Free
  *
  */
 
+#include <crypto/aes.h>
+#include <crypto/algapi.h>
+#include <linux/err.h>
 #include <linux/module.h>
 #include <linux/init.h>
-#include <linux/crypto.h>
 #include "crypt_s390.h"
 
-#define AES_MIN_KEY_SIZE       16
-#define AES_MAX_KEY_SIZE       32
+#define AES_KEYLEN_128         1
+#define AES_KEYLEN_192         2
+#define AES_KEYLEN_256         4
 
-/* data block size for all key lengths */
-#define AES_BLOCK_SIZE         16
-
-int has_aes_128 = 0;
-int has_aes_192 = 0;
-int has_aes_256 = 0;
+static char keylen_flag = 0;
 
 struct s390_aes_ctx {
        u8 iv[AES_BLOCK_SIZE];
        u8 key[AES_MAX_KEY_SIZE];
+       long enc;
+       long dec;
        int key_len;
+       union {
+               struct crypto_blkcipher *blk;
+               struct crypto_cipher *cip;
+       } fallback;
 };
 
-static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
-                      unsigned int key_len)
+/*
+ * Check if the key_len is supported by the HW.
+ * Returns 0 if it is, a positive number if it is not and software fallback is
+ * required or a negative number in case the key size is not valid
+ */
+static int need_fallback(unsigned int key_len)
 {
-       struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
-       u32 *flags = &tfm->crt_flags;
-
        switch (key_len) {
        case 16:
-               if (!has_aes_128)
-                       goto fail;
+               if (!(keylen_flag & AES_KEYLEN_128))
+                       return 1;
                break;
        case 24:
-               if (!has_aes_192)
-                       goto fail;
-
+               if (!(keylen_flag & AES_KEYLEN_192))
+                       return 1;
                break;
        case 32:
-               if (!has_aes_256)
-                       goto fail;
+               if (!(keylen_flag & AES_KEYLEN_256))
+                       return 1;
                break;
        default:
-               /* invalid key length */
-               goto fail;
+               return -1;
                break;
        }
+       return 0;
+}
+
+static int setkey_fallback_cip(struct crypto_tfm *tfm, const u8 *in_key,
+               unsigned int key_len)
+{
+       struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
+       int ret;
+
+       sctx->fallback.blk->base.crt_flags &= ~CRYPTO_TFM_REQ_MASK;
+       sctx->fallback.blk->base.crt_flags |= (tfm->crt_flags &
+                       CRYPTO_TFM_REQ_MASK);
+
+       ret = crypto_cipher_setkey(sctx->fallback.cip, in_key, key_len);
+       if (ret) {
+               tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
+               tfm->crt_flags |= (sctx->fallback.blk->base.crt_flags &
+                               CRYPTO_TFM_RES_MASK);
+       }
+       return ret;
+}
+
+static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
+                      unsigned int key_len)
+{
+       struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
+       u32 *flags = &tfm->crt_flags;
+       int ret;
+
+       ret = need_fallback(key_len);
+       if (ret < 0) {
+               *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
+               return -EINVAL;
+       }
 
        sctx->key_len = key_len;
-       memcpy(sctx->key, in_key, key_len);
-       return 0;
-fail:
-       *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
-       return -EINVAL;
+       if (!ret) {
+               memcpy(sctx->key, in_key, key_len);
+               return 0;
+       }
+
+       return setkey_fallback_cip(tfm, in_key, key_len);
 }
 
 static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
 {
        const struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
 
+       if (unlikely(need_fallback(sctx->key_len))) {
+               crypto_cipher_encrypt_one(sctx->fallback.cip, out, in);
+               return;
+       }
+
        switch (sctx->key_len) {
        case 16:
                crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in,
@@ -95,6 +139,11 @@ static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
 {
        const struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
 
+       if (unlikely(need_fallback(sctx->key_len))) {
+               crypto_cipher_decrypt_one(sctx->fallback.cip, out, in);
+               return;
+       }
+
        switch (sctx->key_len) {
        case 16:
                crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in,
@@ -111,133 +160,341 @@ static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
        }
 }
 
-static unsigned int aes_encrypt_ecb(const struct cipher_desc *desc, u8 *out,
-                                   const u8 *in, unsigned int nbytes)
+static int fallback_init_cip(struct crypto_tfm *tfm)
 {
-       struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
-       int ret;
+       const char *name = tfm->__crt_alg->cra_name;
+       struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
 
-       /* only use complete blocks */
-       nbytes &= ~(AES_BLOCK_SIZE - 1);
+       sctx->fallback.cip = crypto_alloc_cipher(name, 0,
+                       CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK);
 
-       switch (sctx->key_len) {
-       case 16:
-               ret = crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
-               break;
-       case 24:
-               ret = crypt_s390_km(KM_AES_192_ENCRYPT, &sctx->key, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
-               break;
-       case 32:
-               ret = crypt_s390_km(KM_AES_256_ENCRYPT, &sctx->key, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
-               break;
+       if (IS_ERR(sctx->fallback.cip)) {
+               printk(KERN_ERR "Error allocating fallback algo %s\n", name);
+               return PTR_ERR(sctx->fallback.blk);
        }
-       return nbytes;
+
+       return 0;
 }
 
-static unsigned int aes_decrypt_ecb(const struct cipher_desc *desc, u8 *out,
-                                   const u8 *in, unsigned int nbytes)
+static void fallback_exit_cip(struct crypto_tfm *tfm)
 {
-       struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
-       int ret;
+       struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
 
-       /* only use complete blocks */
-       nbytes &= ~(AES_BLOCK_SIZE - 1);
+       crypto_free_cipher(sctx->fallback.cip);
+       sctx->fallback.cip = NULL;
+}
 
-       switch (sctx->key_len) {
-       case 16:
-               ret = crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
-               break;
-       case 24:
-               ret = crypt_s390_km(KM_AES_192_DECRYPT, &sctx->key, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
-               break;
-       case 32:
-               ret = crypt_s390_km(KM_AES_256_DECRYPT, &sctx->key, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
-               break;
+static struct crypto_alg aes_alg = {
+       .cra_name               =       "aes",
+       .cra_driver_name        =       "aes-s390",
+       .cra_priority           =       CRYPT_S390_PRIORITY,
+       .cra_flags              =       CRYPTO_ALG_TYPE_CIPHER |
+                                       CRYPTO_ALG_NEED_FALLBACK,
+       .cra_blocksize          =       AES_BLOCK_SIZE,
+       .cra_ctxsize            =       sizeof(struct s390_aes_ctx),
+       .cra_module             =       THIS_MODULE,
+       .cra_list               =       LIST_HEAD_INIT(aes_alg.cra_list),
+       .cra_init               =       fallback_init_cip,
+       .cra_exit               =       fallback_exit_cip,
+       .cra_u                  =       {
+               .cipher = {
+                       .cia_min_keysize        =       AES_MIN_KEY_SIZE,
+                       .cia_max_keysize        =       AES_MAX_KEY_SIZE,
+                       .cia_setkey             =       aes_set_key,
+                       .cia_encrypt            =       aes_encrypt,
+                       .cia_decrypt            =       aes_decrypt,
+               }
+       }
+};
+
+static int setkey_fallback_blk(struct crypto_tfm *tfm, const u8 *key,
+               unsigned int len)
+{
+       struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
+       unsigned int ret;
+
+       sctx->fallback.blk->base.crt_flags &= ~CRYPTO_TFM_REQ_MASK;
+       sctx->fallback.blk->base.crt_flags |= (tfm->crt_flags &
+                       CRYPTO_TFM_REQ_MASK);
+
+       ret = crypto_blkcipher_setkey(sctx->fallback.blk, key, len);
+       if (ret) {
+               tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
+               tfm->crt_flags |= (sctx->fallback.blk->base.crt_flags &
+                               CRYPTO_TFM_RES_MASK);
        }
-       return nbytes;
+       return ret;
 }
 
-static unsigned int aes_encrypt_cbc(const struct cipher_desc *desc, u8 *out,
-                                   const u8 *in, unsigned int nbytes)
+static int fallback_blk_dec(struct blkcipher_desc *desc,
+               struct scatterlist *dst, struct scatterlist *src,
+               unsigned int nbytes)
 {
-       struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
+       unsigned int ret;
+       struct crypto_blkcipher *tfm;
+       struct s390_aes_ctx *sctx = crypto_blkcipher_ctx(desc->tfm);
+
+       tfm = desc->tfm;
+       desc->tfm = sctx->fallback.blk;
+
+       ret = crypto_blkcipher_decrypt_iv(desc, dst, src, nbytes);
+
+       desc->tfm = tfm;
+       return ret;
+}
+
+static int fallback_blk_enc(struct blkcipher_desc *desc,
+               struct scatterlist *dst, struct scatterlist *src,
+               unsigned int nbytes)
+{
+       unsigned int ret;
+       struct crypto_blkcipher *tfm;
+       struct s390_aes_ctx *sctx = crypto_blkcipher_ctx(desc->tfm);
+
+       tfm = desc->tfm;
+       desc->tfm = sctx->fallback.blk;
+
+       ret = crypto_blkcipher_encrypt_iv(desc, dst, src, nbytes);
+
+       desc->tfm = tfm;
+       return ret;
+}
+
+static int ecb_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
+                          unsigned int key_len)
+{
+       struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
        int ret;
 
-       /* only use complete blocks */
-       nbytes &= ~(AES_BLOCK_SIZE - 1);
+       ret = need_fallback(key_len);
+       if (ret > 0) {
+               sctx->key_len = key_len;
+               return setkey_fallback_blk(tfm, in_key, key_len);
+       }
 
-       memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE);
-       switch (sctx->key_len) {
+       switch (key_len) {
        case 16:
-               ret = crypt_s390_kmc(KMC_AES_128_ENCRYPT, &sctx->iv, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
+               sctx->enc = KM_AES_128_ENCRYPT;
+               sctx->dec = KM_AES_128_DECRYPT;
                break;
        case 24:
-               ret = crypt_s390_kmc(KMC_AES_192_ENCRYPT, &sctx->iv, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
+               sctx->enc = KM_AES_192_ENCRYPT;
+               sctx->dec = KM_AES_192_DECRYPT;
                break;
        case 32:
-               ret = crypt_s390_kmc(KMC_AES_256_ENCRYPT, &sctx->iv, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
+               sctx->enc = KM_AES_256_ENCRYPT;
+               sctx->dec = KM_AES_256_DECRYPT;
                break;
        }
-       memcpy(desc->info, &sctx->iv, AES_BLOCK_SIZE);
 
-       return nbytes;
+       return aes_set_key(tfm, in_key, key_len);
+}
+
+static int ecb_aes_crypt(struct blkcipher_desc *desc, long func, void *param,
+                        struct blkcipher_walk *walk)
+{
+       int ret = blkcipher_walk_virt(desc, walk);
+       unsigned int nbytes;
+
+       while ((nbytes = walk->nbytes)) {
+               /* only use complete blocks */
+               unsigned int n = nbytes & ~(AES_BLOCK_SIZE - 1);
+               u8 *out = walk->dst.virt.addr;
+               u8 *in = walk->src.virt.addr;
+
+               ret = crypt_s390_km(func, param, out, in, n);
+               BUG_ON((ret < 0) || (ret != n));
+
+               nbytes &= AES_BLOCK_SIZE - 1;
+               ret = blkcipher_walk_done(desc, walk, nbytes);
+       }
+
+       return ret;
+}
+
+static int ecb_aes_encrypt(struct blkcipher_desc *desc,
+                          struct scatterlist *dst, struct scatterlist *src,
+                          unsigned int nbytes)
+{
+       struct s390_aes_ctx *sctx = crypto_blkcipher_ctx(desc->tfm);
+       struct blkcipher_walk walk;
+
+       if (unlikely(need_fallback(sctx->key_len)))
+               return fallback_blk_enc(desc, dst, src, nbytes);
+
+       blkcipher_walk_init(&walk, dst, src, nbytes);
+       return ecb_aes_crypt(desc, sctx->enc, sctx->key, &walk);
+}
+
+static int ecb_aes_decrypt(struct blkcipher_desc *desc,
+                          struct scatterlist *dst, struct scatterlist *src,
+                          unsigned int nbytes)
+{
+       struct s390_aes_ctx *sctx = crypto_blkcipher_ctx(desc->tfm);
+       struct blkcipher_walk walk;
+
+       if (unlikely(need_fallback(sctx->key_len)))
+               return fallback_blk_dec(desc, dst, src, nbytes);
+
+       blkcipher_walk_init(&walk, dst, src, nbytes);
+       return ecb_aes_crypt(desc, sctx->dec, sctx->key, &walk);
+}
+
+static int fallback_init_blk(struct crypto_tfm *tfm)
+{
+       const char *name = tfm->__crt_alg->cra_name;
+       struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
+
+       sctx->fallback.blk = crypto_alloc_blkcipher(name, 0,
+                       CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK);
+
+       if (IS_ERR(sctx->fallback.blk)) {
+               printk(KERN_ERR "Error allocating fallback algo %s\n", name);
+               return PTR_ERR(sctx->fallback.blk);
+       }
+
+       return 0;
 }
 
-static unsigned int aes_decrypt_cbc(const struct cipher_desc *desc, u8 *out,
-                                   const u8 *in, unsigned int nbytes)
+static void fallback_exit_blk(struct crypto_tfm *tfm)
+{
+       struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
+
+       crypto_free_blkcipher(sctx->fallback.blk);
+       sctx->fallback.blk = NULL;
+}
+
+static struct crypto_alg ecb_aes_alg = {
+       .cra_name               =       "ecb(aes)",
+       .cra_driver_name        =       "ecb-aes-s390",
+       .cra_priority           =       CRYPT_S390_COMPOSITE_PRIORITY,
+       .cra_flags              =       CRYPTO_ALG_TYPE_BLKCIPHER |
+                                       CRYPTO_ALG_NEED_FALLBACK,
+       .cra_blocksize          =       AES_BLOCK_SIZE,
+       .cra_ctxsize            =       sizeof(struct s390_aes_ctx),
+       .cra_type               =       &crypto_blkcipher_type,
+       .cra_module             =       THIS_MODULE,
+       .cra_list               =       LIST_HEAD_INIT(ecb_aes_alg.cra_list),
+       .cra_init               =       fallback_init_blk,
+       .cra_exit               =       fallback_exit_blk,
+       .cra_u                  =       {
+               .blkcipher = {
+                       .min_keysize            =       AES_MIN_KEY_SIZE,
+                       .max_keysize            =       AES_MAX_KEY_SIZE,
+                       .setkey                 =       ecb_aes_set_key,
+                       .encrypt                =       ecb_aes_encrypt,
+                       .decrypt                =       ecb_aes_decrypt,
+               }
+       }
+};
+
+static int cbc_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
+                          unsigned int key_len)
 {
-       struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);
+       struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
        int ret;
 
-       /* only use complete blocks */
-       nbytes &= ~(AES_BLOCK_SIZE - 1);
+       ret = need_fallback(key_len);
+       if (ret > 0) {
+               sctx->key_len = key_len;
+               return setkey_fallback_blk(tfm, in_key, key_len);
+       }
 
-       memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE);
-       switch (sctx->key_len) {
+       switch (key_len) {
        case 16:
-               ret = crypt_s390_kmc(KMC_AES_128_DECRYPT, &sctx->iv, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
+               sctx->enc = KMC_AES_128_ENCRYPT;
+               sctx->dec = KMC_AES_128_DECRYPT;
                break;
        case 24:
-               ret = crypt_s390_kmc(KMC_AES_192_DECRYPT, &sctx->iv, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
+               sctx->enc = KMC_AES_192_ENCRYPT;
+               sctx->dec = KMC_AES_192_DECRYPT;
                break;
        case 32:
-               ret = crypt_s390_kmc(KMC_AES_256_DECRYPT, &sctx->iv, out, in, nbytes);
-               BUG_ON((ret < 0) || (ret != nbytes));
+               sctx->enc = KMC_AES_256_ENCRYPT;
+               sctx->dec = KMC_AES_256_DECRYPT;
                break;
        }
-       return nbytes;
+
+       return aes_set_key(tfm, in_key, key_len);
+}
+
+static int cbc_aes_crypt(struct blkcipher_desc *desc, long func, void *param,
+                        struct blkcipher_walk *walk)
+{
+       int ret = blkcipher_walk_virt(desc, walk);
+       unsigned int nbytes = walk->nbytes;
+
+       if (!nbytes)
+               goto out;
+
+       memcpy(param, walk->iv, AES_BLOCK_SIZE);
+       do {
+               /* only use complete blocks */
+               unsigned int n = nbytes & ~(AES_BLOCK_SIZE - 1);
+               u8 *out = walk->dst.virt.addr;
+               u8 *in = walk->src.virt.addr;
+
+               ret = crypt_s390_kmc(func, param, out, in, n);
+               BUG_ON((ret < 0) || (ret != n));
+
+               nbytes &= AES_BLOCK_SIZE - 1;
+               ret = blkcipher_walk_done(desc, walk, nbytes);
+       } while ((nbytes = walk->nbytes));
+       memcpy(walk->iv, param, AES_BLOCK_SIZE);
+
+out:
+       return ret;
 }
 
+static int cbc_aes_encrypt(struct blkcipher_desc *desc,
+                          struct scatterlist *dst, struct scatterlist *src,
+                          unsigned int nbytes)
+{
+       struct s390_aes_ctx *sctx = crypto_blkcipher_ctx(desc->tfm);
+       struct blkcipher_walk walk;
 
-static struct crypto_alg aes_alg = {
-       .cra_name               =       "aes",
-       .cra_flags              =       CRYPTO_ALG_TYPE_CIPHER,
+       if (unlikely(need_fallback(sctx->key_len)))
+               return fallback_blk_enc(desc, dst, src, nbytes);
+
+       blkcipher_walk_init(&walk, dst, src, nbytes);
+       return cbc_aes_crypt(desc, sctx->enc, sctx->iv, &walk);
+}
+
+static int cbc_aes_decrypt(struct blkcipher_desc *desc,
+                          struct scatterlist *dst, struct scatterlist *src,
+                          unsigned int nbytes)
+{
+       struct s390_aes_ctx *sctx = crypto_blkcipher_ctx(desc->tfm);
+       struct blkcipher_walk walk;
+
+       if (unlikely(need_fallback(sctx->key_len)))
+               return fallback_blk_dec(desc, dst, src, nbytes);
+
+       blkcipher_walk_init(&walk, dst, src, nbytes);
+       return cbc_aes_crypt(desc, sctx->dec, sctx->iv, &walk);
+}
+
+static struct crypto_alg cbc_aes_alg = {
+       .cra_name               =       "cbc(aes)",
+       .cra_driver_name        =       "cbc-aes-s390",
+       .cra_priority           =       CRYPT_S390_COMPOSITE_PRIORITY,
+       .cra_flags              =       CRYPTO_ALG_TYPE_BLKCIPHER |
+                                       CRYPTO_ALG_NEED_FALLBACK,
        .cra_blocksize          =       AES_BLOCK_SIZE,
        .cra_ctxsize            =       sizeof(struct s390_aes_ctx),
+       .cra_type               =       &crypto_blkcipher_type,
        .cra_module             =       THIS_MODULE,
-       .cra_list               =       LIST_HEAD_INIT(aes_alg.cra_list),
+       .cra_list               =       LIST_HEAD_INIT(cbc_aes_alg.cra_list),
+       .cra_init               =       fallback_init_blk,
+       .cra_exit               =       fallback_exit_blk,
        .cra_u                  =       {
-               .cipher = {
-                       .cia_min_keysize        =       AES_MIN_KEY_SIZE,
-                       .cia_max_keysize        =       AES_MAX_KEY_SIZE,
-                       .cia_setkey             =       aes_set_key,
-                       .cia_encrypt            =       aes_encrypt,
-                       .cia_decrypt            =       aes_decrypt,
-                       .cia_encrypt_ecb        =       aes_encrypt_ecb,
-                       .cia_decrypt_ecb        =       aes_decrypt_ecb,
-                       .cia_encrypt_cbc        =       aes_encrypt_cbc,
-                       .cia_decrypt_cbc        =       aes_decrypt_cbc,
+               .blkcipher = {
+                       .min_keysize            =       AES_MIN_KEY_SIZE,
+                       .max_keysize            =       AES_MAX_KEY_SIZE,
+                       .ivsize                 =       AES_BLOCK_SIZE,
+                       .setkey                 =       cbc_aes_set_key,
+                       .encrypt                =       cbc_aes_encrypt,
+                       .decrypt                =       cbc_aes_decrypt,
                }
        }
 };
@@ -247,23 +504,48 @@ static int __init aes_init(void)
        int ret;
 
        if (crypt_s390_func_available(KM_AES_128_ENCRYPT))
-               has_aes_128 = 1;
+               keylen_flag |= AES_KEYLEN_128;
        if (crypt_s390_func_available(KM_AES_192_ENCRYPT))
-               has_aes_192 = 1;
+               keylen_flag |= AES_KEYLEN_192;
        if (crypt_s390_func_available(KM_AES_256_ENCRYPT))
-               has_aes_256 = 1;
+               keylen_flag |= AES_KEYLEN_256;
+
+       if (!keylen_flag)
+               return -EOPNOTSUPP;
 
-       if (!has_aes_128 && !has_aes_192 && !has_aes_256)
-               return -ENOSYS;
+       /* z9 109 and z9 BC/EC only support 128 bit key length */
+       if (keylen_flag == AES_KEYLEN_128)
+               printk(KERN_INFO
+                      "aes_s390: hardware acceleration only available for "
+                      "128 bit keys\n");
 
        ret = crypto_register_alg(&aes_alg);
-       if (ret != 0)
-               printk(KERN_INFO "crypt_s390: aes_s390 couldn't be loaded.\n");
+       if (ret)
+               goto aes_err;
+
+       ret = crypto_register_alg(&ecb_aes_alg);
+       if (ret)
+               goto ecb_aes_err;
+
+       ret = crypto_register_alg(&cbc_aes_alg);
+       if (ret)
+               goto cbc_aes_err;
+
+out:
        return ret;
+
+cbc_aes_err:
+       crypto_unregister_alg(&ecb_aes_alg);
+ecb_aes_err:
+       crypto_unregister_alg(&aes_alg);
+aes_err:
+       goto out;
 }
 
 static void __exit aes_fini(void)
 {
+       crypto_unregister_alg(&cbc_aes_alg);
+       crypto_unregister_alg(&ecb_aes_alg);
        crypto_unregister_alg(&aes_alg);
 }
 
@@ -274,4 +556,3 @@ MODULE_ALIAS("aes");
 
 MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm");
 MODULE_LICENSE("GPL");
-