Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp1424862imm; Fri, 28 Sep 2018 18:54:25 -0700 (PDT) X-Google-Smtp-Source: ACcGV61S995f1b8awfn5V8PuKGIBx6xYu9b1bZWuxJaJunBnqjbML80H4ugK0cKgS3fofiRbu+2t X-Received: by 2002:a63:501:: with SMTP id 1-v6mr1055954pgf.205.1538186064985; Fri, 28 Sep 2018 18:54:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1538186064; cv=none; d=google.com; s=arc-20160816; b=ZlmU0CPqPdV0jCIQQ9ofBMyq7uAmFv+z5E/G85sTlSrMrbYqK2jHixybhqulajg/bj x0ILnbSYzImzclJG8MpxBol8oJw3Ec5xjyDq0dZz8s4DlynA+BAbnSxAdnd8dE5gVVpP H8zr6qfGBcTQxnF1BXPcFrd40NL8aRUZyfiDdfS5H1NwFHdMXK8f1V6K7gb9FS429rbP Tdh4BKPZJmepfcrdON7l4pBzxsRk2yG4PpYPLoFBThJvaV3GYrBYdzT0wmqIp7VCum4T dLOVaNL6rxBkEeYcbRIvW1+3fEWi5VE+aycWygn0SaZVEjBzJ8D5W+v6rhaw4b1gfGvg aTqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=myGVEvupj4NslzjcBZ37rYr3Asfef7hPcV+Xomee9dY=; b=oN1+3lx4JxVI7sc04ZpV1Z2Jj8s8L+b9ld/faul0jsYE0g1TUfREYr7XnXZuuJmaec zpNLiJrZF8icl2O94hF4eVLiKAl2jzYWRqMX9xVyQ+ZalgA8l6y8hwit2bD/SKAC8dwm BnRcNoisyc5EbserDBBEJnTTh5o7EDmJVfIT0U59Z2LmfS27P+epVq4xhKpIhlb6b4vf MUFbgZBNxAgZgWZMem/CSKvV7zqvNbLM8RXtvmqQ8U6IiOjf2dZGNTQD9rOWxd9OAW1g zyMly6Ca3XES5ybD6x7MDJQjWmzRz26gTdTWsGoISr8dbRT2bmPJBxUaI/OZsmVwxQ5X sm5g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b=AxYaeOoX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q21-v6si6086505plr.397.2018.09.28.18.54.09; Fri, 28 Sep 2018 18:54:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b=AxYaeOoX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727374AbeI2IUd (ORCPT + 99 others); Sat, 29 Sep 2018 04:20:33 -0400 Received: from frisell.zx2c4.com ([192.95.5.64]:56467 "EHLO frisell.zx2c4.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727248AbeI2IUd (ORCPT ); Sat, 29 Sep 2018 04:20:33 -0400 Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id c3839219; Sat, 29 Sep 2018 01:35:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=mime-version :references:in-reply-to:from:date:message-id:subject:to:cc :content-type; s=mail; bh=s66Ly328Bt9HDtw+kIy6Teq64vU=; b=AxYaeO oXq+Tf9SEJwXKXX3MQCMmMVzlXGTkSrkf/sWDUJT34r7y0aljUXgDzu0Wf8fnBef 3vNf+vfqkj8ScCBz2P2o7Gv78Du1uUbaVO6RHz25YN4F/eAxN9Yn0yFrw3YNx6xo 5F4VNteFdyaF4NjH7tt4+K9cgvIoidEHLXt0/neGf4obaADkJD30hof5IsBzvoVO aQCb5yLz1byhMPxT1lbeA00VxLLCR9YXcm8lbt4ogEgPAntDM2tw44NQOHf838ay DTghljHFBrI0YAQ4Xdj89Y/vT1mJK2e9nYvWlz9LIppARVeDk4NYFc2/lEsATS8z /NZO3FaolME2N6jA== Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 3d8866da (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128:NO); Sat, 29 Sep 2018 01:35:09 +0000 (UTC) Received: by mail-ot1-f54.google.com with SMTP id e23-v6so3602302otl.7; Fri, 28 Sep 2018 18:54:01 -0700 (PDT) X-Gm-Message-State: ABuFfoisXCTW6qxOER8xm3Zjd04I25sIDv7xOWpZvtrnbYsbB6gQXT07 Bjai0t08zNb4FI480+cgYOjOd2ppI/GNpc+tK48= X-Received: by 2002:a9d:17d0:: with SMTP id j74-v6mr728100otj.268.1538186040537; Fri, 28 Sep 2018 18:54:00 -0700 (PDT) MIME-Version: 1.0 References: <20180925145622.29959-1-Jason@zx2c4.com> <20180925145622.29959-4-Jason@zx2c4.com> In-Reply-To: From: "Jason A. Donenfeld" Date: Sat, 29 Sep 2018 03:53:48 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH net-next v6 03/23] zinc: ChaCha20 generic C implementation and selftest To: Ard Biesheuvel Cc: LKML , Netdev , Linux Crypto Mailing List , David Miller , Greg Kroah-Hartman , Samuel Neves , Andrew Lutomirski , Jean-Philippe Aumasson Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Ard, On Fri, Sep 28, 2018 at 5:40 PM Ard Biesheuvel wrote: > > +struct chacha20_ctx { > > + u32 constant[4]; > > + u32 key[8]; > > + u32 counter[4]; > > +} __aligned(32); > > + > > 32 *byte* alignment? Is that right? If this is for performance and it > actually helps, using __cacheline_aligned is more appropriate, It was originally this way, I believe, for vmovdqa, which requires 32-byte alignment in vex.256 encoding, and I never removed it after changing some things. But I'll spend some time ensuring this is so and if it doesn't make sense anymore it'll be gone by v7. On the other hand, your suggestion of __cacheline_aligned may actually be something worth considering, especially on MIPS. > I guess this include is for crypto_xor_cpy() ? > > We may want to put a comment here, so we keep track of the interdependencies. Right, it's for crypto_xor_cpy. Good idea, I'll add the comment. > > +#ifndef HAVE_CHACHA20_ARCH_IMPLEMENTATION > > This #define is never set in subsequent patches, so just drop this > #ifndef entirely (for this patch only) Okay. It's also there for the other primitives too; I'll nix it for all of them. > Return values from initcalls are ignored, and given that chacha20 will > be depended upon by random.c, it will never be a module in practice. > > Given your previous statement that selftest should *not* be a DEBUG > feature (which I wholeheartedly agree with), you could be a bit > noisier here imo. > E.g., > > if (WARN_ON(!chach20_selftest()) > return ... That's an excellent idea. We could bloat the whole thing with something like: #ifdef MODULE #define WARN_ON_IF_MODULE(x) (x) #else #define WARN_ON_IF_MODULE(x) WARN_ON(x) #endif But given that kind of thing would probably need to touch more files in the tree, and hence involve more drawn-out conversation, I'll keep it as the simple WARN_ON for now. Besides, being noisy no matter what might actually be the best strategy for receiving bug reports on what is potentially a pretty catastrophic error. Thanks for the review. Jason