From: Arnd Bergmann <arnd@arndb.de>
To: Herbert Xu <herbert@gondor.apana.org.au>, x86@kernel.org
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
linux-kernel@vger.kernel.org, Arnd Bergmann <arnd@arndb.de>,
"David S. Miller" <davem@davemloft.net>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Borislav Petkov <bp@suse.de>,
Stephan Mueller <smueller@chronox.de>,
linux-crypto@vger.kernel.org
Subject: [PATCH 15/28] crypto: aesni: avoid -Wmaybe-uninitialized warning
Date: Tue, 18 Oct 2016 00:13:36 +0200 [thread overview]
Message-ID: <20161017221355.1861551-3-arnd@arndb.de> (raw)
In-Reply-To: <20161017220342.1627073-1-arnd@arndb.de>
The rfc4106 encrypy/decrypt helper functions cause an annoying
false-positive warning in allmodconfig if we turn on
-Wmaybe-uninitialized warnings again:
arch/x86/crypto/aesni-intel_glue.c: In function ‘helper_rfc4106_decrypt’:
include/linux/scatterlist.h:67:31: warning: ‘dst_sg_walk.sg’ may be used uninitialized in this function [-Wmaybe-uninitialized]
The problem seems to be that the compiler doesn't track the state of the
'one_entry_in_sg' variable across the kernel_fpu_begin/kernel_fpu_end
section.
This reorganizes the code to avoid that variable and have the shared
code in a separate function to avoid some of the conditional branches.
The resulting functions are a bit longer but also slightly less complex,
leaving no room for speculation on the part of the compiler.
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
---
The conversion is nontrivial, and I have only build-tested it, so this
could use a careful review and testing.
---
arch/x86/crypto/aesni-intel_glue.c | 121 ++++++++++++++++++++++---------------
1 file changed, 73 insertions(+), 48 deletions(-)
diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
index 0ab5ee1..054155b 100644
--- a/arch/x86/crypto/aesni-intel_glue.c
+++ b/arch/x86/crypto/aesni-intel_glue.c
@@ -269,6 +269,34 @@ static void (*aesni_gcm_dec_tfm)(void *ctx, u8 *out,
u8 *hash_subkey, const u8 *aad, unsigned long aad_len,
u8 *auth_tag, unsigned long auth_tag_len);
+static inline void aesni_do_gcm_enc_tfm(void *ctx, u8 *out,
+ const u8 *in, unsigned long plaintext_len, u8 *iv,
+ u8 *hash_subkey, const u8 *aad, unsigned long aad_len,
+ u8 *auth_tag, unsigned long auth_tag_len)
+{
+ kernel_fpu_begin();
+ aesni_gcm_enc_tfm(ctx, out, in, plaintext_len, iv, hash_subkey,
+ aad, aad_len, auth_tag, auth_tag_len);
+ kernel_fpu_end();
+}
+
+static inline int aesni_do_gcm_dec_tfm(void *ctx, u8 *out,
+ const u8 *in, unsigned long ciphertext_len, u8 *iv,
+ u8 *hash_subkey, const u8 *aad, unsigned long aad_len,
+ u8 *auth_tag, unsigned long auth_tag_len)
+{
+ kernel_fpu_begin();
+ aesni_gcm_dec_tfm(ctx, out, in, ciphertext_len, iv, hash_subkey, aad,
+ aad_len, auth_tag, auth_tag_len);
+ kernel_fpu_end();
+
+ /* Compare generated tag with passed in tag. */
+ if (crypto_memneq(in + ciphertext_len, auth_tag, auth_tag_len))
+ return -EBADMSG;
+
+ return 0;
+}
+
static inline struct
aesni_rfc4106_gcm_ctx *aesni_rfc4106_gcm_ctx_get(struct crypto_aead *tfm)
{
@@ -879,7 +907,6 @@ static int rfc4106_set_authsize(struct crypto_aead *parent,
static int helper_rfc4106_encrypt(struct aead_request *req)
{
- u8 one_entry_in_sg = 0;
u8 *src, *dst, *assoc;
__be32 counter = cpu_to_be32(1);
struct crypto_aead *tfm = crypto_aead_reqtfm(req);
@@ -908,7 +935,6 @@ static int helper_rfc4106_encrypt(struct aead_request *req)
req->src->offset + req->src->length <= PAGE_SIZE &&
sg_is_last(req->dst) &&
req->dst->offset + req->dst->length <= PAGE_SIZE) {
- one_entry_in_sg = 1;
scatterwalk_start(&src_sg_walk, req->src);
assoc = scatterwalk_map(&src_sg_walk);
src = assoc + req->assoclen;
@@ -916,7 +942,23 @@ static int helper_rfc4106_encrypt(struct aead_request *req)
if (unlikely(req->src != req->dst)) {
scatterwalk_start(&dst_sg_walk, req->dst);
dst = scatterwalk_map(&dst_sg_walk) + req->assoclen;
+
+ aesni_do_gcm_enc_tfm(aes_ctx, dst, src, req->cryptlen, iv,
+ ctx->hash_subkey, assoc, req->assoclen - 8,
+ dst + req->cryptlen, auth_tag_len);
+
+ scatterwalk_unmap(dst - req->assoclen);
+ scatterwalk_advance(&dst_sg_walk, req->dst->length);
+ scatterwalk_done(&dst_sg_walk, 1, 0);
+ } else {
+ aesni_do_gcm_enc_tfm(aes_ctx, dst, src, req->cryptlen, iv,
+ ctx->hash_subkey, assoc, req->assoclen - 8,
+ dst + req->cryptlen, auth_tag_len);
}
+
+ scatterwalk_unmap(assoc);
+ scatterwalk_advance(&src_sg_walk, req->src->length);
+ scatterwalk_done(&src_sg_walk, req->src == req->dst, 0);
} else {
/* Allocate memory for src, dst, assoc */
assoc = kmalloc(req->cryptlen + auth_tag_len + req->assoclen,
@@ -925,28 +967,14 @@ static int helper_rfc4106_encrypt(struct aead_request *req)
return -ENOMEM;
scatterwalk_map_and_copy(assoc, req->src, 0,
req->assoclen + req->cryptlen, 0);
- src = assoc + req->assoclen;
- dst = src;
- }
+ dst = src = assoc + req->assoclen;
- kernel_fpu_begin();
- aesni_gcm_enc_tfm(aes_ctx, dst, src, req->cryptlen, iv,
- ctx->hash_subkey, assoc, req->assoclen - 8,
- dst + req->cryptlen, auth_tag_len);
- kernel_fpu_end();
+ aesni_gcm_enc_tfm(aes_ctx, dst, src, req->cryptlen, iv,
+ ctx->hash_subkey, assoc, req->assoclen - 8,
+ dst + req->cryptlen, auth_tag_len);
- /* The authTag (aka the Integrity Check Value) needs to be written
- * back to the packet. */
- if (one_entry_in_sg) {
- if (unlikely(req->src != req->dst)) {
- scatterwalk_unmap(dst - req->assoclen);
- scatterwalk_advance(&dst_sg_walk, req->dst->length);
- scatterwalk_done(&dst_sg_walk, 1, 0);
- }
- scatterwalk_unmap(assoc);
- scatterwalk_advance(&src_sg_walk, req->src->length);
- scatterwalk_done(&src_sg_walk, req->src == req->dst, 0);
- } else {
+ /* The authTag (aka the Integrity Check Value) needs to be written
+ * back to the packet. */
scatterwalk_map_and_copy(dst, req->dst, req->assoclen,
req->cryptlen + auth_tag_len, 1);
kfree(assoc);
@@ -956,7 +984,6 @@ static int helper_rfc4106_encrypt(struct aead_request *req)
static int helper_rfc4106_decrypt(struct aead_request *req)
{
- u8 one_entry_in_sg = 0;
u8 *src, *dst, *assoc;
unsigned long tempCipherLen = 0;
__be32 counter = cpu_to_be32(1);
@@ -990,47 +1017,45 @@ static int helper_rfc4106_decrypt(struct aead_request *req)
req->src->offset + req->src->length <= PAGE_SIZE &&
sg_is_last(req->dst) &&
req->dst->offset + req->dst->length <= PAGE_SIZE) {
- one_entry_in_sg = 1;
scatterwalk_start(&src_sg_walk, req->src);
assoc = scatterwalk_map(&src_sg_walk);
src = assoc + req->assoclen;
- dst = src;
if (unlikely(req->src != req->dst)) {
scatterwalk_start(&dst_sg_walk, req->dst);
dst = scatterwalk_map(&dst_sg_walk) + req->assoclen;
- }
-
- } else {
- /* Allocate memory for src, dst, assoc */
- assoc = kmalloc(req->cryptlen + req->assoclen, GFP_ATOMIC);
- if (!assoc)
- return -ENOMEM;
- scatterwalk_map_and_copy(assoc, req->src, 0,
- req->assoclen + req->cryptlen, 0);
- src = assoc + req->assoclen;
- dst = src;
- }
- kernel_fpu_begin();
- aesni_gcm_dec_tfm(aes_ctx, dst, src, tempCipherLen, iv,
- ctx->hash_subkey, assoc, req->assoclen - 8,
- authTag, auth_tag_len);
- kernel_fpu_end();
-
- /* Compare generated tag with passed in tag. */
- retval = crypto_memneq(src + tempCipherLen, authTag, auth_tag_len) ?
- -EBADMSG : 0;
+ retval = aesni_do_gcm_dec_tfm(aes_ctx, dst, src,
+ tempCipherLen, iv, ctx->hash_subkey,
+ assoc, req->assoclen - 8, authTag,
+ auth_tag_len);
- if (one_entry_in_sg) {
- if (unlikely(req->src != req->dst)) {
scatterwalk_unmap(dst - req->assoclen);
scatterwalk_advance(&dst_sg_walk, req->dst->length);
scatterwalk_done(&dst_sg_walk, 1, 0);
+ } else {
+ dst = src;
+ retval = aesni_do_gcm_dec_tfm(aes_ctx, dst, src,
+ tempCipherLen, iv, ctx->hash_subkey,
+ assoc, req->assoclen - 8, authTag,
+ auth_tag_len);
}
scatterwalk_unmap(assoc);
scatterwalk_advance(&src_sg_walk, req->src->length);
scatterwalk_done(&src_sg_walk, req->src == req->dst, 0);
} else {
+ /* Allocate memory for src, dst, assoc */
+ assoc = kmalloc(req->cryptlen + req->assoclen, GFP_ATOMIC);
+ if (!assoc)
+ return -ENOMEM;
+ scatterwalk_map_and_copy(assoc, req->src, 0,
+ req->assoclen + req->cryptlen, 0);
+ dst = src = assoc + req->assoclen;
+
+ retval = aesni_do_gcm_dec_tfm(aes_ctx, dst, src, tempCipherLen,
+ iv, ctx->hash_subkey, assoc,
+ req->assoclen - 8, authTag,
+ auth_tag_len);
+
scatterwalk_map_and_copy(dst, req->dst, req->assoclen,
tempCipherLen, 1);
kfree(assoc);
--
2.9.0
next prev parent reply other threads:[~2016-10-17 22:16 UTC|newest]
Thread overview: 114+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-17 22:03 [PATCH 00/28] Reenable maybe-uninitialized warnings Arnd Bergmann
2016-10-17 22:03 ` Arnd Bergmann
2016-10-17 22:05 ` [PATCH 01/28] [v2] netfilter: nf_tables: avoid uninitialized variable warning Arnd Bergmann
2016-10-18 15:23 ` Pablo Neira Ayuso
2016-10-17 22:05 ` [PATCH 02/28] [v2] mtd: mtk: avoid warning in mtk_ecc_encode Arnd Bergmann
2016-10-17 22:05 ` Arnd Bergmann
2016-10-17 22:05 ` Arnd Bergmann
2016-10-18 5:19 ` Boris Brezillon
2016-10-18 5:19 ` Boris Brezillon
2016-10-18 10:12 ` RogerCC.Lin
2016-10-18 10:12 ` RogerCC.Lin
2016-10-18 10:12 ` RogerCC.Lin
2016-10-18 19:45 ` Boris Brezillon
2016-10-18 19:45 ` Boris Brezillon
2016-10-18 19:45 ` Boris Brezillon
[not found] ` <20161017220342.1627073-1-arnd-r2nGTMty4D4@public.gmane.org>
2016-10-17 22:05 ` [PATCH 03/28] [v2] infiniband: shut up a maybe-uninitialized warning Arnd Bergmann
2016-10-17 22:05 ` Arnd Bergmann
[not found] ` <20161017220557.1688282-3-arnd-r2nGTMty4D4@public.gmane.org>
2016-10-18 6:47 ` Haggai Eran
2016-10-18 6:47 ` Haggai Eran
[not found] ` <33302790-0a4c-e2b3-868d-3e7dadbd3c07-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
2016-10-18 10:18 ` Arnd Bergmann
2016-10-18 10:18 ` Arnd Bergmann
2016-10-18 10:32 ` Haggai Eran
2016-10-18 10:32 ` Haggai Eran
2016-10-17 22:05 ` [PATCH 04/28] f2fs: replace a build-time warning with runtime WARN_ON Arnd Bergmann
2016-10-17 22:05 ` Arnd Bergmann
2016-10-26 14:05 ` [f2fs-dev] " Chao Yu
2016-10-26 14:57 ` Arnd Bergmann
2016-10-27 11:41 ` Chao Yu
2016-10-27 11:41 ` Chao Yu
2016-10-17 22:05 ` [PATCH 05/28] ext2: avoid bogus -Wmaybe-uninitialized warning Arnd Bergmann
2016-10-18 5:15 ` Christoph Hellwig
2016-10-18 9:30 ` Jan Kara
2016-10-17 22:05 ` [PATCH 06/28] NFSv4.1: work around " Arnd Bergmann
2016-10-17 22:08 ` [PATCH 07/28] ceph: avoid false positive maybe-uninitialized warning Arnd Bergmann
2016-10-18 2:07 ` Yan, Zheng
2016-10-17 22:08 ` [PATCH 08/28] staging: lustre: restore initialization of return code Arnd Bergmann
2016-10-17 22:08 ` [lustre-devel] " Arnd Bergmann
2016-10-17 22:23 ` Patrick Farrell
2016-10-17 22:29 ` Arnd Bergmann
2016-10-17 22:29 ` Arnd Bergmann
2016-10-17 22:37 ` Linus Torvalds
2016-10-17 22:37 ` Linus Torvalds
2016-10-17 23:00 ` Arnd Bergmann
2016-10-17 23:00 ` Arnd Bergmann
2016-10-17 22:42 ` [PATCH 08/28 v2] " Arnd Bergmann
2016-10-17 22:42 ` [lustre-devel] " Arnd Bergmann
2016-10-17 22:08 ` [PATCH 09/28] staging: lustre: remove broken dead code in cfs_cpt_table_create_pattern Arnd Bergmann
2016-10-17 22:08 ` [lustre-devel] " Arnd Bergmann
2016-10-17 22:10 ` [PATCH 10/28] UBI: fix uninitialized access of vid_hdr pointer Arnd Bergmann
2016-10-18 5:17 ` Boris Brezillon
2016-10-17 22:10 ` [PATCH 11/28] block: rdb: false-postive gcc-4.9 -Wmaybe-uninitialized Arnd Bergmann
2016-10-18 9:57 ` Ilya Dryomov
2016-10-18 10:04 ` Arnd Bergmann
2016-10-17 22:12 ` [PATCH 12/28] [media] rc: print correct variable for z8f0811 Arnd Bergmann
2016-10-17 22:13 ` [PATCH 13/28] [media] dib0700: fix uninitialized data on 'repeat' event Arnd Bergmann
2016-10-17 22:13 ` [PATCH 14/28] iio: accel: sca3000_core: avoid potentially uninitialized variable Arnd Bergmann
2016-10-17 22:13 ` Arnd Bergmann
2016-10-23 21:25 ` Jonathan Cameron
2016-10-17 22:13 ` Arnd Bergmann [this message]
2016-10-17 22:13 ` [PATCH 16/28] pcmcia: fix return value of soc_pcmcia_regulator_set Arnd Bergmann
2016-10-18 9:42 ` Russell King - ARM Linux
2016-10-17 22:13 ` [PATCH 17/28] spi: fsl-espi: avoid processing uninitalized data on error Arnd Bergmann
2016-10-24 17:27 ` Mark Brown
2016-10-24 17:27 ` Mark Brown
2016-10-24 18:36 ` Heiner Kallweit
2016-10-24 18:36 ` Heiner Kallweit
2016-10-24 18:45 ` Mark Brown
2016-10-24 20:37 ` Arnd Bergmann
2016-10-25 19:13 ` Mark Brown
2016-10-25 19:13 ` Mark Brown
2016-10-25 20:57 ` Arnd Bergmann
2016-10-26 10:15 ` Applied "spi: fsl-espi: avoid processing uninitalized data on error" to the spi tree Mark Brown
2016-10-26 18:11 ` Merge problem: " Heiner Kallweit
2016-10-26 21:59 ` Mark Brown
2016-10-26 21:59 ` Mark Brown
2016-10-17 22:13 ` [PATCH 18/28] drm: avoid uninitialized timestamp use in wait_vblank Arnd Bergmann
2016-10-17 22:13 ` Arnd Bergmann
2016-10-17 23:47 ` Mario Kleiner
2016-10-17 23:47 ` Mario Kleiner
2016-10-18 7:46 ` Daniel Vetter
2016-10-18 7:46 ` Daniel Vetter
2016-10-17 22:13 ` [PATCH 19/28] brcmfmac: avoid maybe-uninitialized warning in brcmf_cfg80211_start_ap Arnd Bergmann
2016-10-26 6:49 ` Kalle Valo
2016-10-26 6:49 ` Kalle Valo
2016-10-26 9:57 ` Arnd Bergmann
2016-10-26 11:11 ` Kalle Valo
2016-10-26 11:11 ` Kalle Valo
2016-10-26 11:11 ` Kalle Valo
2016-10-27 15:05 ` [19/28] " Kalle Valo
2016-10-27 15:05 ` Kalle Valo
2016-10-17 22:16 ` [PATCH 20/28] net: bcm63xx: avoid referencing uninitialized variable Arnd Bergmann
2016-10-17 22:16 ` Arnd Bergmann
2016-10-18 18:21 ` David Miller
2016-10-18 18:21 ` David Miller
2016-10-17 22:16 ` [PATCH 21/28] net/hyperv: avoid " Arnd Bergmann
2016-10-17 22:16 ` Arnd Bergmann
2016-10-18 18:21 ` David Miller
2016-10-17 22:16 ` [PATCH 22/28] x86: apm: avoid uninitialized data Arnd Bergmann
2016-10-18 13:05 ` Jiri Kosina
2016-10-18 21:35 ` Luis R. Rodriguez
2016-10-17 22:16 ` [PATCH 23/28] x86: mark target address as output in 'insb' asm Arnd Bergmann
2016-10-17 22:16 ` [PATCH 24/28] x86: math-emu: possible uninitialized variable use Arnd Bergmann
2016-10-17 22:16 ` [PATCH 25/28] s390: pci: don't print uninitialized data for debugging Arnd Bergmann
2016-10-18 6:48 ` Martin Schwidefsky
2016-10-18 8:53 ` Sebastian Ott
2016-10-17 22:16 ` [PATCH 26/28] nios2: fix timer initcall return value Arnd Bergmann
2016-10-24 0:54 ` Ley Foon Tan
2016-10-17 22:16 ` [PATCH 27/28] rocker: fix maybe-uninitialized warning Arnd Bergmann
2016-10-18 18:21 ` David Miller
2016-10-17 22:19 ` [PATCH 28/28] Kbuild: bring back -Wmaybe-uninitialized warning Arnd Bergmann
2016-10-17 22:19 ` Arnd Bergmann
2016-10-17 22:19 ` Arnd Bergmann
2016-10-17 22:19 ` Arnd Bergmann
2016-10-18 5:08 ` [PATCH 00/28] Reenable maybe-uninitialized warnings Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161017221355.1861551-3-arnd@arndb.de \
--to=arnd@arndb.de \
--cc=bp@suse.de \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=smueller@chronox.de \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.