crypto: x86/sha1_ssse3 - move SHA-1 SSSE3 implementation to base layer

This removes all the boilerplate from the existing implementation, and replaces it with calls into the base layer. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
author: Ard Biesheuvel <ard.biesheuvel@linaro.org> 2015-04-09 06:55:46 -0400
committer: Herbert Xu <herbert@gondor.apana.org.au> 2015-04-10 09:39:47 -0400
commit: 824b43763c562ee2feec16bb4017785528f3b54c (patch)
tree: 9682716c3841df5ce5a6a16621789cdf2ce4075f
parent: 03802f6a80b3a993067af97b0dc094f60d6fbc8b (diff)
1 files changed, 28 insertions, 111 deletions
diff --git a/arch/x86/crypto/sha1_ssse3_glue.c b/arch/x86/crypto/sha1_ssse3_glue.c
index 6c20fe04a738..33d1b9dc14cc 100644
--- a/arch/x86/crypto/sha1_ssse3_glue.c
+++ b/arch/x86/crypto/sha1_ssse3_glue.c
@@ -28,7 +28,7 @@
 #include <linux/cryptohash.h>
 #include <linux/types.h>
 #include <crypto/sha.h>
-#include <asm/byteorder.h>
+#include <crypto/sha1_base.h>
 #include <asm/i387.h>
 #include <asm/xcr.h>
 #include <asm/xsave.h>
@@ -44,132 +44,51 @@ asmlinkage void sha1_transform_avx(u32 *digest, const char *data,
 #define SHA1_AVX2_BLOCK_OPTSIZE 4       /* optimal 4*64 bytes of SHA1 blocks */
 asmlinkage void sha1_transform_avx2(u32 *digest, const char *data,
-                                unsigned int rounds);
+                                    unsigned int rounds);
 #endif
-static asmlinkage void (*sha1_transform_asm)(u32 *, const char *, unsigned int);
+static void (*sha1_transform_asm)(u32 *, const char *, unsigned int);
-static int sha1_ssse3_init(struct shash_desc *desc)
-{
-        struct sha1_state *sctx = shash_desc_ctx(desc);
-        *sctx = (struct sha1_state){
-                .state = { SHA1_H0, SHA1_H1, SHA1_H2, SHA1_H3, SHA1_H4 },
-        };
-        return 0;
-}
-static int __sha1_ssse3_update(struct shash_desc *desc, const u8 *data,
-                               unsigned int len, unsigned int partial)
-{
-        struct sha1_state *sctx = shash_desc_ctx(desc);
-        unsigned int done = 0;
-        sctx->count += len;
-        if (partial) {
-                done = SHA1_BLOCK_SIZE - partial;
-                memcpy(sctx->buffer + partial, data, done);
-                sha1_transform_asm(sctx->state, sctx->buffer, 1);
-        }
-        if (len - done >= SHA1_BLOCK_SIZE) {
-                const unsigned int rounds = (len - done) / SHA1_BLOCK_SIZE;
-                sha1_transform_asm(sctx->state, data + done, rounds);
-                done += rounds * SHA1_BLOCK_SIZE;
-        }
-        memcpy(sctx->buffer, data + done, len - done);
-        return 0;
-}
 static int sha1_ssse3_update(struct shash_desc *desc, const u8 *data,
                             unsigned int len)
 {
        struct sha1_state *sctx = shash_desc_ctx(desc);
-        unsigned int partial = sctx->count % SHA1_BLOCK_SIZE;
-        int res;
-        /* Handle the fast case right here */
+        if (!irq_fpu_usable() ||
-        if (partial + len < SHA1_BLOCK_SIZE) {
+            (sctx->count % SHA1_BLOCK_SIZE) + len < SHA1_BLOCK_SIZE)
-                sctx->count += len;
+                return crypto_sha1_update(desc, data, len);
-                memcpy(sctx->buffer + partial, data, len);
-                return 0;
+        /* make sure casting to sha1_block_fn() is safe */
-        }
+        BUILD_BUG_ON(offsetof(struct sha1_state, state) != 0);
-        if (!irq_fpu_usable()) {
+        kernel_fpu_begin();
-                res = crypto_sha1_update(desc, data, len);
+        sha1_base_do_update(desc, data, len,
-        } else {
+                            (sha1_block_fn *)sha1_transform_asm);
-                kernel_fpu_begin();
+        kernel_fpu_end();
-                res = __sha1_ssse3_update(desc, data, len, partial);
-                kernel_fpu_end();
-        }
-        return res;
-}
-/* Add padding and return the message digest. */
-static int sha1_ssse3_final(struct shash_desc *desc, u8 *out)
-{
-        struct sha1_state *sctx = shash_desc_ctx(desc);
-        unsigned int i, index, padlen;
-        __be32 *dst = (__be32 *)out;
-        __be64 bits;
-        static const u8 padding[SHA1_BLOCK_SIZE] = { 0x80, };
-        bits = cpu_to_be64(sctx->count << 3);
-        /* Pad out to 56 mod 64 and append length */
-        index = sctx->count % SHA1_BLOCK_SIZE;
-        padlen = (index < 56) ? (56 - index) : ((SHA1_BLOCK_SIZE+56) - index);
-        if (!irq_fpu_usable()) {
-                crypto_sha1_update(desc, padding, padlen);
-                crypto_sha1_update(desc, (const u8 *)&bits, sizeof(bits));
-        } else {
-                kernel_fpu_begin();
-                /* We need to fill a whole block for __sha1_ssse3_update() */
-                if (padlen <= 56) {
-                        sctx->count += padlen;
-                        memcpy(sctx->buffer + index, padding, padlen);
-                } else {
-                        __sha1_ssse3_update(desc, padding, padlen, index);
-                }
-                __sha1_ssse3_update(desc, (const u8 *)&bits, sizeof(bits), 56);
-                kernel_fpu_end();
-        }
-        /* Store state in digest */
-        for (i = 0; i < 5; i++)
-                dst[i] = cpu_to_be32(sctx->state[i]);
-        /* Wipe context */
-        memset(sctx, 0, sizeof(*sctx));
        return 0;
 }
-static int sha1_ssse3_export(struct shash_desc *desc, void *out)
+static int sha1_ssse3_finup(struct shash_desc *desc, const u8 *data,
+                              unsigned int len, u8 *out)
 {
-        struct sha1_state *sctx = shash_desc_ctx(desc);
+        if (!irq_fpu_usable())
+                return crypto_sha1_finup(desc, data, len, out);
-        memcpy(out, sctx, sizeof(*sctx));
+        kernel_fpu_begin();
+        if (len)
+                sha1_base_do_update(desc, data, len,
+                                    (sha1_block_fn *)sha1_transform_asm);
+        sha1_base_do_finalize(desc, (sha1_block_fn *)sha1_transform_asm);
+        kernel_fpu_end();
-        return 0;
+        return sha1_base_finish(desc, out);
 }
-static int sha1_ssse3_import(struct shash_desc *desc, const void *in)
+/* Add padding and return the message digest. */
+static int sha1_ssse3_final(struct shash_desc *desc, u8 *out)
 {
-        struct sha1_state *sctx = shash_desc_ctx(desc);
+        return sha1_ssse3_finup(desc, NULL, 0, out);
-        memcpy(sctx, in, sizeof(*sctx));
-        return 0;
 }
 #ifdef CONFIG_AS_AVX2
@@ -186,13 +105,11 @@ static void sha1_apply_transform_avx2(u32 *digest, const char *data,
 static struct shash_alg alg = {
        .digestsize     =       SHA1_DIGEST_SIZE,
-        .init           =       sha1_ssse3_init,
+        .init           =       sha1_base_init,
        .update         =       sha1_ssse3_update,
        .final          =       sha1_ssse3_final,
-        .export         =       sha1_ssse3_export,
+        .finup          =       sha1_ssse3_finup,
-        .import         =       sha1_ssse3_import,
        .descsize       =       sizeof(struct sha1_state),
-        .statesize      =       sizeof(struct sha1_state),
        .base           =       {
                .cra_name       =       "sha1",
                .cra_driver_name=       "sha1-ssse3",
author	Ard Biesheuvel <ard.biesheuvel@linaro.org>	2015-04-09 06:55:46 -0400
committer	Herbert Xu <herbert@gondor.apana.org.au>	2015-04-10 09:39:47 -0400
commit	824b43763c562ee2feec16bb4017785528f3b54c (patch)
tree	9682716c3841df5ce5a6a16621789cdf2ce4075f
parent	03802f6a80b3a993067af97b0dc094f60d6fbc8b (diff)

diff --git a/arch/x86/crypto/sha1_ssse3_glue.c b/arch/x86/crypto/sha1_ssse3_glue.c index 6c20fe04a738..33d1b9dc14cc 100644 --- a/arch/x86/crypto/sha1_ssse3_glue.c +++ b/arch/x86/crypto/sha1_ssse3_glue.c
@@ -28,7 +28,7 @@
28	#include <linux/cryptohash.h>	28	#include <linux/cryptohash.h>
29	#include <linux/types.h>	29	#include <linux/types.h>
30	#include <crypto/sha.h>	30	#include <crypto/sha.h>
31	#include <asm/byteorder.h>	31	#include <crypto/sha1_base.h>
32	#include <asm/i387.h>	32	#include <asm/i387.h>
33	#include <asm/xcr.h>	33	#include <asm/xcr.h>
34	#include <asm/xsave.h>	34	#include <asm/xsave.h>
@@ -44,132 +44,51 @@ asmlinkage void sha1_transform_avx(u32 digest, const char data,
44	#define SHA1_AVX2_BLOCK_OPTSIZE 4 /* optimal 464 bytes of SHA1 blocks /	44	#define SHA1_AVX2_BLOCK_OPTSIZE 4 /* optimal 464 bytes of SHA1 blocks /
45		45
46	asmlinkage void sha1_transform_avx2(u32 digest, const char data,	46	asmlinkage void sha1_transform_avx2(u32 digest, const char data,
47	unsigned int rounds);	47	unsigned int rounds);
48	#endif	48	#endif
49		49
50	static asmlinkage void (sha1_transform_asm)(u32 , const char *, unsigned int);	50	static void (sha1_transform_asm)(u32 , const char *, unsigned int);
51
52
53	static int sha1_ssse3_init(struct shash_desc *desc)
54	{
55	struct sha1_state *sctx = shash_desc_ctx(desc);
56
57	*sctx = (struct sha1_state){
58	.state = { SHA1_H0, SHA1_H1, SHA1_H2, SHA1_H3, SHA1_H4 },
59	};
60
61	return 0;
62	}
63
64	static int __sha1_ssse3_update(struct shash_desc desc, const u8 data,
65	unsigned int len, unsigned int partial)
66	{
67	struct sha1_state *sctx = shash_desc_ctx(desc);
68	unsigned int done = 0;
69
70	sctx->count += len;
71
72	if (partial) {
73	done = SHA1_BLOCK_SIZE - partial;
74	memcpy(sctx->buffer + partial, data, done);
75	sha1_transform_asm(sctx->state, sctx->buffer, 1);
76	}
77
78	if (len - done >= SHA1_BLOCK_SIZE) {
79	const unsigned int rounds = (len - done) / SHA1_BLOCK_SIZE;
80
81	sha1_transform_asm(sctx->state, data + done, rounds);
82	done += rounds * SHA1_BLOCK_SIZE;
83	}
84
85	memcpy(sctx->buffer, data + done, len - done);
86
87	return 0;
88	}
89		51
90	static int sha1_ssse3_update(struct shash_desc desc, const u8 data,	52	static int sha1_ssse3_update(struct shash_desc desc, const u8 data,
91	unsigned int len)	53	unsigned int len)
92	{	54	{
93	struct sha1_state *sctx = shash_desc_ctx(desc);	55	struct sha1_state *sctx = shash_desc_ctx(desc);
94	unsigned int partial = sctx->count % SHA1_BLOCK_SIZE;
95	int res;
96		56
97	/* Handle the fast case right here */	57	if (!irq_fpu_usable() \|\|
98	if (partial + len < SHA1_BLOCK_SIZE) {	58	(sctx->count % SHA1_BLOCK_SIZE) + len < SHA1_BLOCK_SIZE)
99	sctx->count += len;	59	return crypto_sha1_update(desc, data, len);
100	memcpy(sctx->buffer + partial, data, len);
101		60
102	return 0;	61	/* make sure casting to sha1_block_fn() is safe */
103	}	62	BUILD_BUG_ON(offsetof(struct sha1_state, state) != 0);
104		63
105	if (!irq_fpu_usable()) {	64	kernel_fpu_begin();
106	res = crypto_sha1_update(desc, data, len);	65	sha1_base_do_update(desc, data, len,
107	} else {	66	(sha1_block_fn *)sha1_transform_asm);
108	kernel_fpu_begin();	67	kernel_fpu_end();
109	res = __sha1_ssse3_update(desc, data, len, partial);
110	kernel_fpu_end();
111	}
112
113	return res;
114	}
115
116
117	/* Add padding and return the message digest. */
118	static int sha1_ssse3_final(struct shash_desc desc, u8 out)
119	{
120	struct sha1_state *sctx = shash_desc_ctx(desc);
121	unsigned int i, index, padlen;
122	__be32 dst = (__be32 )out;
123	__be64 bits;
124	static const u8 padding[SHA1_BLOCK_SIZE] = { 0x80, };
125
126	bits = cpu_to_be64(sctx->count << 3);
127
128	/* Pad out to 56 mod 64 and append length */
129	index = sctx->count % SHA1_BLOCK_SIZE;
130	padlen = (index < 56) ? (56 - index) : ((SHA1_BLOCK_SIZE+56) - index);
131	if (!irq_fpu_usable()) {
132	crypto_sha1_update(desc, padding, padlen);
133	crypto_sha1_update(desc, (const u8 *)&bits, sizeof(bits));
134	} else {
135	kernel_fpu_begin();
136	/* We need to fill a whole block for __sha1_ssse3_update() */
137	if (padlen <= 56) {
138	sctx->count += padlen;
139	memcpy(sctx->buffer + index, padding, padlen);
140	} else {
141	__sha1_ssse3_update(desc, padding, padlen, index);
142	}
143	__sha1_ssse3_update(desc, (const u8 *)&bits, sizeof(bits), 56);
144	kernel_fpu_end();
145	}
146
147	/* Store state in digest */
148	for (i = 0; i < 5; i++)
149	dst[i] = cpu_to_be32(sctx->state[i]);
150
151	/* Wipe context */
152	memset(sctx, 0, sizeof(*sctx));
153		68
154	return 0;	69	return 0;
155	}	70	}
156		71
157	static int sha1_ssse3_export(struct shash_desc desc, void out)	72	static int sha1_ssse3_finup(struct shash_desc desc, const u8 data,
		73	unsigned int len, u8 *out)
158	{	74	{
159	struct sha1_state *sctx = shash_desc_ctx(desc);	75	if (!irq_fpu_usable())
		76	return crypto_sha1_finup(desc, data, len, out);
160		77
161	memcpy(out, sctx, sizeof(*sctx));	78	kernel_fpu_begin();
		79	if (len)
		80	sha1_base_do_update(desc, data, len,
		81	(sha1_block_fn *)sha1_transform_asm);
		82	sha1_base_do_finalize(desc, (sha1_block_fn *)sha1_transform_asm);
		83	kernel_fpu_end();
162		84
163	return 0;	85	return sha1_base_finish(desc, out);
164	}	86	}
165		87
166	static int sha1_ssse3_import(struct shash_desc desc, const void in)	88	/* Add padding and return the message digest. */
		89	static int sha1_ssse3_final(struct shash_desc desc, u8 out)
167	{	90	{
168	struct sha1_state *sctx = shash_desc_ctx(desc);	91	return sha1_ssse3_finup(desc, NULL, 0, out);
169
170	memcpy(sctx, in, sizeof(*sctx));
171
172	return 0;
173	}	92	}
174		93
175	#ifdef CONFIG_AS_AVX2	94	#ifdef CONFIG_AS_AVX2
@@ -186,13 +105,11 @@ static void sha1_apply_transform_avx2(u32 digest, const char data,
186		105
187	static struct shash_alg alg = {	106	static struct shash_alg alg = {
188	.digestsize = SHA1_DIGEST_SIZE,	107	.digestsize = SHA1_DIGEST_SIZE,
189	.init = sha1_ssse3_init,	108	.init = sha1_base_init,
190	.update = sha1_ssse3_update,	109	.update = sha1_ssse3_update,
191	.final = sha1_ssse3_final,	110	.final = sha1_ssse3_final,
192	.export = sha1_ssse3_export,	111	.finup = sha1_ssse3_finup,
193	.import = sha1_ssse3_import,
194	.descsize = sizeof(struct sha1_state),	112	.descsize = sizeof(struct sha1_state),
195	.statesize = sizeof(struct sha1_state),
196	.base = {	113	.base = {
197	.cra_name = "sha1",	114	.cra_name = "sha1",
198	.cra_driver_name= "sha1-ssse3",	115	.cra_driver_name= "sha1-ssse3",