lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAMj1kXFd+SXvpTyFrQVBHeODHNABn6pvG4Go0E3YEDH=ArqRAw@mail.gmail.com>
Date:   Tue, 31 Jan 2023 09:30:32 +0100
From:   Ard Biesheuvel <ardb@...nel.org>
To:     Peter Lafreniere <peter@...jl.ca>
Cc:     linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
        conor.dooley@...rochip.com, x86@...nel.org
Subject: Re: [PATCH RESEND] crypto: x86 - exit fpu context earlier in ECB/CBC macros

On Sat, 21 Jan 2023 at 19:40, Peter Lafreniere <peter@...jl.ca> wrote:
>
> Currently the ecb/cbc macros hold fpu context unnecessarily when using
> scalar cipher routines (e.g. when handling odd sizes of blocks per walk).
>
> Change the macros to drop fpu context as soon as the fpu is out of use.
>
> No performance impact found (on Intel Haswell).
>
> Signed-off-by: Peter Lafreniere <peter@...jl.ca>

The patch seems correct to me, so

Acked-by: Ard Biesheuvel <ardb@...nel.org>

although I seriously doubt whether anyone would ever notice the
difference, given that the algorithms that use these macros are
primarily used in legacy block encryption scenarios, where the data is
always presented in multiples of the largest block size.


> ---
>  arch/x86/crypto/ecb_cbc_helpers.h | 19 +++++++++++++++----
>  1 file changed, 15 insertions(+), 4 deletions(-)
>
> diff --git a/arch/x86/crypto/ecb_cbc_helpers.h b/arch/x86/crypto/ecb_cbc_helpers.h
> index eaa15c7b29d6..11955bd01af1 100644
> --- a/arch/x86/crypto/ecb_cbc_helpers.h
> +++ b/arch/x86/crypto/ecb_cbc_helpers.h
> @@ -13,13 +13,14 @@
>
>  #define ECB_WALK_START(req, bsize, fpu_blocks) do {                    \
>         void *ctx = crypto_skcipher_ctx(crypto_skcipher_reqtfm(req));   \
> +       const int __fpu_blocks = (fpu_blocks);                          \
>         const int __bsize = (bsize);                                    \
>         struct skcipher_walk walk;                                      \
>         int err = skcipher_walk_virt(&walk, (req), false);              \
>         while (walk.nbytes > 0) {                                       \
>                 unsigned int nbytes = walk.nbytes;                      \
> -               bool do_fpu = (fpu_blocks) != -1 &&                     \
> -                             nbytes >= (fpu_blocks) * __bsize;         \
> +               bool do_fpu = __fpu_blocks != -1 &&                     \
> +                             nbytes >= __fpu_blocks * __bsize;         \
>                 const u8 *src = walk.src.virt.addr;                     \
>                 u8 *dst = walk.dst.virt.addr;                           \
>                 u8 __maybe_unused buf[(bsize)];                         \
> @@ -35,7 +36,12 @@
>  } while (0)
>
>  #define ECB_BLOCK(blocks, func) do {                                   \
> -       while (nbytes >= (blocks) * __bsize) {                          \
> +       const int __blocks = (blocks);                                  \
> +       if (do_fpu && __blocks < __fpu_blocks) {                        \
> +               kernel_fpu_end();                                       \
> +               do_fpu = false;                                         \
> +       }                                                               \
> +       while (nbytes >= __blocks * __bsize) {                          \
>                 (func)(ctx, dst, src);                                  \
>                 ECB_WALK_ADVANCE(blocks);                               \
>         }                                                               \
> @@ -53,7 +59,12 @@
>  } while (0)
>
>  #define CBC_DEC_BLOCK(blocks, func) do {                               \
> -       while (nbytes >= (blocks) * __bsize) {                          \
> +       const int __blocks = (blocks);                                  \
> +       if (do_fpu && __blocks <  __fpu_blocks) {                       \
> +               kernel_fpu_end();                                       \
> +               do_fpu = false;                                         \
> +       }                                                               \
> +       while (nbytes >= __blocks * __bsize) {                          \
>                 const u8 *__iv = src + ((blocks) - 1) * __bsize;        \
>                 if (dst == src)                                         \
>                         __iv = memcpy(buf, __iv, __bsize);              \
> --
> 2.39.0
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ