RE: [PATCH v2 3/3] crypto: aria: implement aria-avx512

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




> +++ b/arch/x86/crypto/aria-gfni-avx512-asm_64.S
...
> +/* struct aria_ctx: */
> +#define enc_key 0
> +#define dec_key 272
> +#define rounds 544

I've noticed other modules with assembly code also has 
hardcoded assumptions about the offsets in the context
structure. Sometimes they don't use macros, so they're
less apparent. Example from aesni:

SYM_FUNC_START(aesni_dec)
        FRAME_BEGIN
#ifndef __x86_64__
        pushl KEYP
        pushl KLEN
        movl (FRAME_OFFSET+12)(%esp), KEYP      # ctx
        movl (FRAME_OFFSET+16)(%esp), OUTP      # dst
        movl (FRAME_OFFSET+20)(%esp), INP       # src
#endif
        mov 480(KEYP), KLEN             # key length
        add $240, KEYP
        movups (INP), STATE             # input
        call _aesni_dec1


To ensure the C code and assembly code stay in agreement,
it might be prudent to add a compile-time check in one of
the C functions for each hardcoded offset value, like this
for aesni:

diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
index 5db4814583ea..e4bcba765c77 100644
--- a/arch/x86/crypto/aesni-intel_glue.c
+++ b/arch/x86/crypto/aesni-intel_glue.c
@@ -288,6 +288,10 @@ static int aes_set_key_common(struct crypto_tfm *tfm, void *raw_ctx,
        struct crypto_aes_ctx *ctx = aes_ctx(raw_ctx);
        int err;

+       BUILD_BUG_ON(offsetof(struct crypto_aes_ctx, key_enc) != 0);
+       BUILD_BUG_ON(offsetof(struct crypto_aes_ctx, key_dec) != 240);
+       BUILD_BUG_ON(offsetof(struct crypto_aes_ctx, key_length) != 480);
+
        if (key_len != AES_KEYSIZE_128 && key_len != AES_KEYSIZE_192 &&
            key_len != AES_KEYSIZE_256)
                return -EINVAL;

The sha functions and sm3 have such a check for the first field
(but only that one) in their context structures:
    static int sha1_update(struct shash_desc *desc, const u8 *data,
    ...
        /*
         * Make sure struct sha1_state begins directly with the SHA1
         * 160-bit internal state, as this is what the asm functions expect.
         */
        BUILD_BUG_ON(offsetof(struct sha1_state, state) != 0);






[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux