[06/17] crypto: cbcmac - remove unnecessary alignment logic

Message ID	20231019055343.588846-7-ebiggers@kernel.org (mailing list archive)
State	Accepted
Delegated to:	Herbert Xu
Headers	show Return-Path: <linux-crypto-owner@vger.kernel.org> From: Eric Biggers <ebiggers@kernel.org> To: linux-crypto@vger.kernel.org Subject: [PATCH 06/17] crypto: cbcmac - remove unnecessary alignment logic Date: Wed, 18 Oct 2023 22:53:32 -0700 Message-ID: <20231019055343.588846-7-ebiggers@kernel.org> In-Reply-To: <20231019055343.588846-1-ebiggers@kernel.org> References: <20231019055343.588846-1-ebiggers@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	crypto: stop supporting alignmask in shash \| expand [00/17] crypto: stop supporting alignmask in shash [01/17] crypto: sparc/crc32c - stop using the shash alignmask [02/17] crypto: stm32 - remove unnecessary alignmask [03/17] crypto: xilinx/zynqmp-sha - remove unnecessary alignmask [04/17] crypto: mips/crc32 - remove redundant setting of alignmask to 0 [05/17] crypto: loongarch/crc32 - remove redundant setting of alignmask to 0 [06/17] crypto: cbcmac - remove unnecessary alignment logic [07/17] crypto: cmac - remove unnecessary alignment logic [08/17] crypto: hmac - remove unnecessary alignment logic [09/17] crypto: vmac - don't set alignmask [10/17] crypto: xcbc - remove unnecessary alignment logic [11/17] crypto: shash - remove support for nonzero alignmask [12/17] libceph: stop checking crypto_shash_alignmask [13/17] crypto: drbg - stop checking crypto_shash_alignmask [14/17] crypto: testmgr - stop checking crypto_shash_alignmask [15/17] crypto: adiantum - stop using alignmask of shash_alg [16/17] crypto: hctr2 - stop using alignmask of shash_alg [17/17] crypto: shash - remove crypto_shash_alignmask

Message ID

20231019055343.588846-7-ebiggers@kernel.org (mailing list archive)

State

Accepted

Delegated to:

Herbert Xu

Headers

From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org
Subject: [PATCH 06/17] crypto: cbcmac - remove unnecessary alignment logic
Date: Wed, 18 Oct 2023 22:53:32 -0700
Message-ID: <20231019055343.588846-7-ebiggers@kernel.org>
In-Reply-To: <20231019055343.588846-1-ebiggers@kernel.org>
References: <20231019055343.588846-1-ebiggers@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

crypto: stop supporting alignmask in shash | expand

Commit Message

Eric Biggers Oct. 19, 2023, 5:53 a.m. UTC

From: Eric Biggers <ebiggers@google.com>

The cbcmac template is aligning a field in its desc context to the
alignmask of its underlying 'cipher', at runtime.  This is almost
entirely pointless, since cbcmac is already using the cipher API
functions that handle alignment themselves, and few ciphers set a
nonzero alignmask anyway.  Also, even without runtime alignment, an
alignment of at least 4 bytes can be guaranteed.

Thus, at best this code is optimizing for the rare case of ciphers that
set an alignmask >= 7, at the cost of hurting the common cases.

Therefore, remove the manual alignment code from cbcmac.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/ccm.c | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

diff --git a/crypto/ccm.c b/crypto/ccm.c
index 7af89a5b745c4..dd7aed63efc93 100644
--- a/crypto/ccm.c
+++ b/crypto/ccm.c
@@ -49,20 +49,21 @@  struct crypto_ccm_req_priv_ctx {
 		struct skcipher_request skreq;
 	};
 };
 
 struct cbcmac_tfm_ctx {
 	struct crypto_cipher *child;
 };
 
 struct cbcmac_desc_ctx {
 	unsigned int len;
+	u8 dg[];
 };
 
 static inline struct crypto_ccm_req_priv_ctx *crypto_ccm_reqctx(
 	struct aead_request *req)
 {
 	unsigned long align = crypto_aead_alignmask(crypto_aead_reqtfm(req));
 
 	return (void *)PTR_ALIGN((u8 *)aead_request_ctx(req), align + 1);
 }
 
@@ -778,68 +779,65 @@  static int crypto_cbcmac_digest_setkey(struct crypto_shash *parent,
 {
 	struct cbcmac_tfm_ctx *ctx = crypto_shash_ctx(parent);
 
 	return crypto_cipher_setkey(ctx->child, inkey, keylen);
 }
 
 static int crypto_cbcmac_digest_init(struct shash_desc *pdesc)
 {
 	struct cbcmac_desc_ctx *ctx = shash_desc_ctx(pdesc);
 	int bs = crypto_shash_digestsize(pdesc->tfm);
-	u8 *dg = (u8 *)ctx + crypto_shash_descsize(pdesc->tfm) - bs;
 
 	ctx->len = 0;
-	memset(dg, 0, bs);
+	memset(ctx->dg, 0, bs);
 
 	return 0;
 }
 
 static int crypto_cbcmac_digest_update(struct shash_desc *pdesc, const u8 *p,
 				       unsigned int len)
 {
 	struct crypto_shash *parent = pdesc->tfm;
 	struct cbcmac_tfm_ctx *tctx = crypto_shash_ctx(parent);
 	struct cbcmac_desc_ctx *ctx = shash_desc_ctx(pdesc);
 	struct crypto_cipher *tfm = tctx->child;
 	int bs = crypto_shash_digestsize(parent);
-	u8 *dg = (u8 *)ctx + crypto_shash_descsize(parent) - bs;
 
 	while (len > 0) {
 		unsigned int l = min(len, bs - ctx->len);
 
-		crypto_xor(dg + ctx->len, p, l);
+		crypto_xor(&ctx->dg[ctx->len], p, l);
 		ctx->len +=l;
 		len -= l;
 		p += l;
 
 		if (ctx->len == bs) {
-			crypto_cipher_encrypt_one(tfm, dg, dg);
+			crypto_cipher_encrypt_one(tfm, ctx->dg, ctx->dg);
 			ctx->len = 0;
 		}
 	}
 
 	return 0;
 }
 
 static int crypto_cbcmac_digest_final(struct shash_desc *pdesc, u8 *out)
 {
 	struct crypto_shash *parent = pdesc->tfm;
 	struct cbcmac_tfm_ctx *tctx = crypto_shash_ctx(parent);
 	struct cbcmac_desc_ctx *ctx = shash_desc_ctx(pdesc);
 	struct crypto_cipher *tfm = tctx->child;
 	int bs = crypto_shash_digestsize(parent);
-	u8 *dg = (u8 *)ctx + crypto_shash_descsize(parent) - bs;
 
 	if (ctx->len)
-		crypto_cipher_encrypt_one(tfm, dg, dg);
+		crypto_cipher_encrypt_one(tfm, ctx->dg, ctx->dg);
 
-	memcpy(out, dg, bs);
+	memcpy(out, ctx->dg, bs);
 	return 0;
 }
 
 static int cbcmac_init_tfm(struct crypto_tfm *tfm)
 {
 	struct crypto_cipher *cipher;
 	struct crypto_instance *inst = (void *)tfm->__crt_alg;
 	struct crypto_cipher_spawn *spawn = crypto_instance_ctx(inst);
 	struct cbcmac_tfm_ctx *ctx = crypto_tfm_ctx(tfm);
 
@@ -882,22 +880,21 @@  static int cbcmac_create(struct crypto_template *tmpl, struct rtattr **tb)
 	alg = crypto_spawn_cipher_alg(spawn);
 
 	err = crypto_inst_setname(shash_crypto_instance(inst), tmpl->name, alg);
 	if (err)
 		goto err_free_inst;
 
 	inst->alg.base.cra_priority = alg->cra_priority;
 	inst->alg.base.cra_blocksize = 1;
 
 	inst->alg.digestsize = alg->cra_blocksize;
-	inst->alg.descsize = ALIGN(sizeof(struct cbcmac_desc_ctx),
-				   alg->cra_alignmask + 1) +
+	inst->alg.descsize = sizeof(struct cbcmac_desc_ctx) +
 			     alg->cra_blocksize;
 
 	inst->alg.base.cra_ctxsize = sizeof(struct cbcmac_tfm_ctx);
 	inst->alg.base.cra_init = cbcmac_init_tfm;
 	inst->alg.base.cra_exit = cbcmac_exit_tfm;
 
 	inst->alg.init = crypto_cbcmac_digest_init;
 	inst->alg.update = crypto_cbcmac_digest_update;
 	inst->alg.final = crypto_cbcmac_digest_final;
 	inst->alg.setkey = crypto_cbcmac_digest_setkey;

[06/17] crypto: cbcmac - remove unnecessary alignment logic

Commit Message

Patch