Re: [PATCH] crypto: cmac - fix alignment of 'consts'

2016-10-20 Thread Herbert Xu 
On Mon, Oct 10, 2016 at 10:15:15AM -0700, Eric Biggers wrote:
> The per-transform 'consts' array is accessed as __be64 in
> crypto_cmac_digest_setkey() but was only guaranteed to be aligned to
> __alignof__(long).  Fix this by aligning it to __alignof__(__be64).
> 
> Signed-off-by: Eric Biggers 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: cmac - fix alignment of 'consts'

2016-10-10 Thread Eric Biggers 
On Mon, Oct 10, 2016 at 10:51:14AM -0700, Joe Perches wrote:
> 
> Hey Eric.
> 
> I don't see any PTR_ALIGN uses in crypto/ or drivers/crypto/ that
> use a bitwise or, just mask + 1, but I believe the effect is the
> same.  Anyway, your choice, but I think using min is clearer.
> 
> cheers, Joe

Usually the bitwise OR is used when setting cra_alignmask in the 'struct
crypto_alg'.  Indeed, the problem could be solved by setting

inst->alg.base.cra_alignmask = alg->cra_alignmask | 
(__alignof__(__be64) - 1);

I decided against that because it would always force 8-byte alignment for CMAC
input buffers and keys, when in fact they don't need that level of alignment
unless the underlying block cipher requires it.

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: cmac - fix alignment of 'consts'

2016-10-10 Thread Joe Perches 
On Mon, 2016-10-10 at 10:37 -0700, Eric Biggers wrote:
> On Mon, Oct 10, 2016 at 10:29:55AM -0700, Joe Perches wrote:
> > On Mon, 2016-10-10 at 10:15 -0700, Eric Biggers wrote:
> > > The per-transform 'consts' array is accessed as __be64 in
> > > crypto_cmac_digest_setkey() but was only guaranteed to be aligned to
> > > __alignof__(long).  Fix this by aligning it to __alignof__(__be64).
> > []
> > > diff --git a/crypto/cmac.c b/crypto/cmac.c
> > []
> > > @@ -57,7 +57,8 @@ static int crypto_cmac_digest_setkey(struct 
> > > crypto_shash *parent,
> > >   unsigned long alignmask = crypto_shash_alignmask(parent);
> > >   struct cmac_tfm_ctx *ctx = crypto_shash_ctx(parent);
> > >   unsigned int bs = crypto_shash_blocksize(parent);
> > > - __be64 *consts = PTR_ALIGN((void *)ctx->ctx, alignmask + 1);
> > > + __be64 *consts = PTR_ALIGN((void *)ctx->ctx,
> > > +(alignmask | (__alignof__(__be64) - 1)) + 1);
> > 
> > 
> > Using a bitwise or looks very odd there.  Perhaps:
> > 
> > min(alignmask + 1, __alignof__(__be64))
> > 
> 
> 
> Alignment has to be a power of 2.  From the code I've read, crypto drivers 
> work
> with alignment a lot and use bitwise OR to mean "the more restrictive of these
> alignmasks".  So I believe the way it's written is the preferred style.
> 
> Eric

Hey Eric.

I don't see any PTR_ALIGN uses in crypto/ or drivers/crypto/ that
use a bitwise or, just mask + 1, but I believe the effect is the
same.  Anyway, your choice, but I think using min is clearer.

cheers, Joe
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: cmac - fix alignment of 'consts'

2016-10-10 Thread Eric Biggers 
On Mon, Oct 10, 2016 at 10:29:55AM -0700, Joe Perches wrote:
> On Mon, 2016-10-10 at 10:15 -0700, Eric Biggers wrote:
> > The per-transform 'consts' array is accessed as __be64 in
> > crypto_cmac_digest_setkey() but was only guaranteed to be aligned to
> > __alignof__(long).  Fix this by aligning it to __alignof__(__be64).
> []
> > diff --git a/crypto/cmac.c b/crypto/cmac.c
> []
> > @@ -57,7 +57,8 @@ static int crypto_cmac_digest_setkey(struct crypto_shash 
> > *parent,
> > unsigned long alignmask = crypto_shash_alignmask(parent);
> > struct cmac_tfm_ctx *ctx = crypto_shash_ctx(parent);
> > unsigned int bs = crypto_shash_blocksize(parent);
> > -   __be64 *consts = PTR_ALIGN((void *)ctx->ctx, alignmask + 1);
> > +   __be64 *consts = PTR_ALIGN((void *)ctx->ctx,
> > +  (alignmask | (__alignof__(__be64) - 1)) + 1);
> 
> Using a bitwise or looks very odd there.  Perhaps:
> 
>   min(alignmask + 1, __alignof__(__be64))
> 

Alignment has to be a power of 2.  From the code I've read, crypto drivers work
with alignment a lot and use bitwise OR to mean "the more restrictive of these
alignmasks".  So I believe the way it's written is the preferred style.

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: cmac - fix alignment of 'consts'

2016-10-10 Thread Joe Perches 
On Mon, 2016-10-10 at 10:15 -0700, Eric Biggers wrote:
> The per-transform 'consts' array is accessed as __be64 in
> crypto_cmac_digest_setkey() but was only guaranteed to be aligned to
> __alignof__(long).  Fix this by aligning it to __alignof__(__be64).
[]
> diff --git a/crypto/cmac.c b/crypto/cmac.c
[]
> @@ -57,7 +57,8 @@ static int crypto_cmac_digest_setkey(struct crypto_shash 
> *parent,
>   unsigned long alignmask = crypto_shash_alignmask(parent);
>   struct cmac_tfm_ctx *ctx = crypto_shash_ctx(parent);
>   unsigned int bs = crypto_shash_blocksize(parent);
> - __be64 *consts = PTR_ALIGN((void *)ctx->ctx, alignmask + 1);
> + __be64 *consts = PTR_ALIGN((void *)ctx->ctx,
> +(alignmask | (__alignof__(__be64) - 1)) + 1);

Using a bitwise or looks very odd there.  Perhaps:

min(alignmask + 1, __alignof__(__be64))

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html