crypto: inside-secure - Reuse code in safexcel_hmac_alg_setkey

The code in the current implementation of safexcel_hmac_alg_setkey
can be reused by safexcel_cipher.  This patch does just that by
renaming the previous safexcel_hmac_setkey to __safexcel_hmac_setkey.
The now-shared safexcel_hmac_alg_setkey becomes safexcel_hmac_setkey
and a new safexcel_hmac_alg_setkey has been added for use by ahash
transforms.

As a result safexcel_aead_setkey's stack frame has been reduced by
about half in size, or about 512 bytes.

Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Herbert Xu 2020-09-14 14:22:16 +10:00
parent 78cf1c8bfc
commit 63cdd870ab
3 changed files with 41 additions and 47 deletions

View File

@ -921,8 +921,9 @@ void safexcel_rdr_req_set(struct safexcel_crypto_priv *priv,
inline struct crypto_async_request * inline struct crypto_async_request *
safexcel_rdr_req_get(struct safexcel_crypto_priv *priv, int ring); safexcel_rdr_req_get(struct safexcel_crypto_priv *priv, int ring);
void safexcel_inv_complete(struct crypto_async_request *req, int error); void safexcel_inv_complete(struct crypto_async_request *req, int error);
int safexcel_hmac_setkey(const char *alg, const u8 *key, unsigned int keylen, int safexcel_hmac_setkey(struct safexcel_context *base, const u8 *key,
void *istate, void *ostate); unsigned int keylen, const char *alg,
unsigned int state_sz);
/* available algorithms */ /* available algorithms */
extern struct safexcel_alg_template safexcel_alg_ecb_des; extern struct safexcel_alg_template safexcel_alg_ecb_des;

View File

@ -404,11 +404,11 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key,
{ {
struct crypto_tfm *tfm = crypto_aead_tfm(ctfm); struct crypto_tfm *tfm = crypto_aead_tfm(ctfm);
struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm); struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
struct safexcel_ahash_export_state istate, ostate;
struct safexcel_crypto_priv *priv = ctx->base.priv; struct safexcel_crypto_priv *priv = ctx->base.priv;
struct crypto_authenc_keys keys; struct crypto_authenc_keys keys;
struct crypto_aes_ctx aes; struct crypto_aes_ctx aes;
int err = -EINVAL, i; int err = -EINVAL, i;
const char *alg;
if (unlikely(crypto_authenc_extractkeys(&keys, key, len))) if (unlikely(crypto_authenc_extractkeys(&keys, key, len)))
goto badkey; goto badkey;
@ -463,53 +463,37 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key,
/* Auth key */ /* Auth key */
switch (ctx->hash_alg) { switch (ctx->hash_alg) {
case CONTEXT_CONTROL_CRYPTO_ALG_SHA1: case CONTEXT_CONTROL_CRYPTO_ALG_SHA1:
if (safexcel_hmac_setkey("safexcel-sha1", keys.authkey, alg = "safexcel-sha1";
keys.authkeylen, &istate, &ostate))
goto badkey;
break; break;
case CONTEXT_CONTROL_CRYPTO_ALG_SHA224: case CONTEXT_CONTROL_CRYPTO_ALG_SHA224:
if (safexcel_hmac_setkey("safexcel-sha224", keys.authkey, alg = "safexcel-sha224";
keys.authkeylen, &istate, &ostate))
goto badkey;
break; break;
case CONTEXT_CONTROL_CRYPTO_ALG_SHA256: case CONTEXT_CONTROL_CRYPTO_ALG_SHA256:
if (safexcel_hmac_setkey("safexcel-sha256", keys.authkey, alg = "safexcel-sha256";
keys.authkeylen, &istate, &ostate))
goto badkey;
break; break;
case CONTEXT_CONTROL_CRYPTO_ALG_SHA384: case CONTEXT_CONTROL_CRYPTO_ALG_SHA384:
if (safexcel_hmac_setkey("safexcel-sha384", keys.authkey, alg = "safexcel-sha384";
keys.authkeylen, &istate, &ostate))
goto badkey;
break; break;
case CONTEXT_CONTROL_CRYPTO_ALG_SHA512: case CONTEXT_CONTROL_CRYPTO_ALG_SHA512:
if (safexcel_hmac_setkey("safexcel-sha512", keys.authkey, alg = "safexcel-sha512";
keys.authkeylen, &istate, &ostate))
goto badkey;
break; break;
case CONTEXT_CONTROL_CRYPTO_ALG_SM3: case CONTEXT_CONTROL_CRYPTO_ALG_SM3:
if (safexcel_hmac_setkey("safexcel-sm3", keys.authkey, alg = "safexcel-sm3";
keys.authkeylen, &istate, &ostate))
goto badkey;
break; break;
default: default:
dev_err(priv->dev, "aead: unsupported hash algorithm\n"); dev_err(priv->dev, "aead: unsupported hash algorithm\n");
goto badkey; goto badkey;
} }
if (priv->flags & EIP197_TRC_CACHE && ctx->base.ctxr_dma && if (safexcel_hmac_setkey(&ctx->base, keys.authkey, keys.authkeylen,
(memcmp(&ctx->base.ipad, istate.state, ctx->state_sz) || alg, ctx->state_sz))
memcmp(&ctx->base.opad, ostate.state, ctx->state_sz))) goto badkey;
ctx->base.needs_inv = true;
/* Now copy the keys into the context */ /* Now copy the keys into the context */
for (i = 0; i < keys.enckeylen / sizeof(u32); i++) for (i = 0; i < keys.enckeylen / sizeof(u32); i++)
ctx->key[i] = cpu_to_le32(((u32 *)keys.enckey)[i]); ctx->key[i] = cpu_to_le32(((u32 *)keys.enckey)[i]);
ctx->key_len = keys.enckeylen; ctx->key_len = keys.enckeylen;
memcpy(&ctx->base.ipad, &istate.state, ctx->state_sz);
memcpy(&ctx->base.opad, &ostate.state, ctx->state_sz);
memzero_explicit(&keys, sizeof(keys)); memzero_explicit(&keys, sizeof(keys));
return 0; return 0;

View File

@ -1137,7 +1137,8 @@ static int safexcel_hmac_init_iv(struct ahash_request *areq,
return crypto_ahash_export(areq, state); return crypto_ahash_export(areq, state);
} }
int safexcel_hmac_setkey(const char *alg, const u8 *key, unsigned int keylen, static int __safexcel_hmac_setkey(const char *alg, const u8 *key,
unsigned int keylen,
void *istate, void *ostate) void *istate, void *ostate)
{ {
struct ahash_request *areq; struct ahash_request *areq;
@ -1187,28 +1188,36 @@ free_ahash:
return ret; return ret;
} }
int safexcel_hmac_setkey(struct safexcel_context *base, const u8 *key,
unsigned int keylen, const char *alg,
unsigned int state_sz)
{
struct safexcel_crypto_priv *priv = base->priv;
struct safexcel_ahash_export_state istate, ostate;
int ret;
ret = __safexcel_hmac_setkey(alg, key, keylen, &istate, &ostate);
if (ret)
return ret;
if (priv->flags & EIP197_TRC_CACHE && base->ctxr &&
(memcmp(&base->ipad, istate.state, state_sz) ||
memcmp(&base->opad, ostate.state, state_sz)))
base->needs_inv = true;
memcpy(&base->ipad, &istate.state, state_sz);
memcpy(&base->opad, &ostate.state, state_sz);
return 0;
}
static int safexcel_hmac_alg_setkey(struct crypto_ahash *tfm, const u8 *key, static int safexcel_hmac_alg_setkey(struct crypto_ahash *tfm, const u8 *key,
unsigned int keylen, const char *alg, unsigned int keylen, const char *alg,
unsigned int state_sz) unsigned int state_sz)
{ {
struct safexcel_ahash_ctx *ctx = crypto_tfm_ctx(crypto_ahash_tfm(tfm)); struct safexcel_ahash_ctx *ctx = crypto_ahash_ctx(tfm);
struct safexcel_crypto_priv *priv = ctx->base.priv;
struct safexcel_ahash_export_state istate, ostate;
int ret;
ret = safexcel_hmac_setkey(alg, key, keylen, &istate, &ostate); return safexcel_hmac_setkey(&ctx->base, key, keylen, alg, state_sz);
if (ret)
return ret;
if (priv->flags & EIP197_TRC_CACHE && ctx->base.ctxr &&
(memcmp(&ctx->base.ipad, istate.state, state_sz) ||
memcmp(&ctx->base.opad, ostate.state, state_sz)))
ctx->base.needs_inv = true;
memcpy(&ctx->base.ipad, &istate.state, state_sz);
memcpy(&ctx->base.opad, &ostate.state, state_sz);
return 0;
} }
static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 *key, static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 *key,