Dereferencing a misaligned pointer is undefined behavior in C, and may
result in codegen on architectures such as ARM that trigger alignments
traps and expensive fixups in software.
Instead, use the get_aligned()/put_aligned() accessors, which are cheap
or even completely free when CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y.
In the converse case, the prior alignment checks ensure that the casts
are safe, and so no unaligned accessors are necessary.
Signed-off-by: Ard Biesheuvel <[email protected]>
---
crypto/algapi.c | 24 +++++++++++++++++++++---
include/crypto/algapi.h | 11 +++++++++--
2 files changed, 30 insertions(+), 5 deletions(-)
diff --git a/crypto/algapi.c b/crypto/algapi.c
index 76fdaa16bd4a..5f96ac51269a 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -1002,7 +1002,13 @@ void __crypto_xor(u8 *dst, const u8 *src1, const u8 *src2, unsigned int len)
}
while (IS_ENABLED(CONFIG_64BIT) && len >= 8 && !(relalign & 7)) {
- *(u64 *)dst = *(u64 *)src1 ^ *(u64 *)src2;
+ if (IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)) {
+ u64 l = get_unaligned((u64 *)src1) ^
+ get_unaligned((u64 *)src2);
+ put_unaligned(l, (u64 *)dst);
+ } else {
+ *(u64 *)dst = *(u64 *)src1 ^ *(u64 *)src2;
+ }
dst += 8;
src1 += 8;
src2 += 8;
@@ -1010,7 +1016,13 @@ void __crypto_xor(u8 *dst, const u8 *src1, const u8 *src2, unsigned int len)
}
while (len >= 4 && !(relalign & 3)) {
- *(u32 *)dst = *(u32 *)src1 ^ *(u32 *)src2;
+ if (IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)) {
+ u32 l = get_unaligned((u32 *)src1) ^
+ get_unaligned((u32 *)src2);
+ put_unaligned(l, (u32 *)dst);
+ } else {
+ *(u32 *)dst = *(u32 *)src1 ^ *(u32 *)src2;
+ }
dst += 4;
src1 += 4;
src2 += 4;
@@ -1018,7 +1030,13 @@ void __crypto_xor(u8 *dst, const u8 *src1, const u8 *src2, unsigned int len)
}
while (len >= 2 && !(relalign & 1)) {
- *(u16 *)dst = *(u16 *)src1 ^ *(u16 *)src2;
+ if (IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)) {
+ u16 l = get_unaligned((u16 *)src1) ^
+ get_unaligned((u16 *)src2);
+ put_unaligned(l, (u16 *)dst);
+ } else {
+ *(u16 *)dst = *(u16 *)src1 ^ *(u16 *)src2;
+ }
dst += 2;
src1 += 2;
src2 += 2;
diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h
index f76ec723ceae..932ae31b0b4d 100644
--- a/include/crypto/algapi.h
+++ b/include/crypto/algapi.h
@@ -13,6 +13,8 @@
#include <linux/list.h>
#include <linux/types.h>
+#include <asm/unaligned.h>
+
/*
* Maximum values for blocksize and alignmask, used to allocate
* static buffers that are big enough for any combination of
@@ -154,9 +156,11 @@ static inline void crypto_xor(u8 *dst, const u8 *src, unsigned int size)
(size % sizeof(unsigned long)) == 0) {
unsigned long *d = (unsigned long *)dst;
unsigned long *s = (unsigned long *)src;
+ unsigned long l;
while (size > 0) {
- *d++ ^= *s++;
+ l = get_unaligned(d) ^ get_unaligned(s++);
+ put_unaligned(l, d++);
size -= sizeof(unsigned long);
}
} else {
@@ -173,9 +177,12 @@ static inline void crypto_xor_cpy(u8 *dst, const u8 *src1, const u8 *src2,
unsigned long *d = (unsigned long *)dst;
unsigned long *s1 = (unsigned long *)src1;
unsigned long *s2 = (unsigned long *)src2;
+ unsigned long l;
while (size > 0) {
- *d++ = *s1++ ^ *s2++;
+ l = get_unaligned(d) ^ get_unaligned(s1++)
+ ^ get_unaligned(s2++);
+ put_unaligned(l, d++);
size -= sizeof(unsigned long);
}
} else {
--
2.30.2
Hi Ard,
I love your patch! Perhaps something to improve:
[auto build test WARNING on herbert-cryptodev-2.6/master]
[also build test WARNING on herbert-crypto-2.6/master v5.17-rc4 next-20220215]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Ard-Biesheuvel/crypto-crypto_xor-use-helpers-for-unaligned-accesses/20220215-185741
base: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master
config: i386-randconfig-a003 (https://download.01.org/0day-ci/archive/20220216/[email protected]/config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
reproduce (this is a W=1 build):
# https://github.com/0day-ci/linux/commit/6ca2d09816a67230ab30f3c7e7d87815e833d0af
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Ard-Biesheuvel/crypto-crypto_xor-use-helpers-for-unaligned-accesses/20220215-185741
git checkout 6ca2d09816a67230ab30f3c7e7d87815e833d0af
# save the config file to linux build tree
mkdir build_dir
make W=1 O=build_dir ARCH=i386 SHELL=/bin/bash arch/x86/kernel/ drivers/md/
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <[email protected]>
All warnings (new ones prefixed by >>):
In file included from ./arch/x86/include/generated/asm/unaligned.h:1,
from drivers/md/dm-crypt.c:30:
drivers/md/dm-crypt.c: In function 'crypt_iv_tcw_whitening':
>> include/asm-generic/unaligned.h:14:8: warning: 'buf.x' is used uninitialized in this function [-Wuninitialized]
14 | __pptr->x; \
| ^~
>> include/asm-generic/unaligned.h:14:8: warning: '*((void *)&buf+4).x' is used uninitialized in this function [-Wuninitialized]
include/asm-generic/unaligned.h:14:8: warning: '*((void *)&buf+8).x' is used uninitialized in this function [-Wuninitialized]
include/asm-generic/unaligned.h:14:8: warning: '*((void *)&buf+12).x' is used uninitialized in this function [-Wuninitialized]
vim +14 include/asm-generic/unaligned.h
aafe4dbed0bf6c Arnd Bergmann 2009-05-13 11
803f4e1eab7a89 Arnd Bergmann 2021-05-08 12 #define __get_unaligned_t(type, ptr) ({ \
803f4e1eab7a89 Arnd Bergmann 2021-05-08 13 const struct { type x; } __packed *__pptr = (typeof(__pptr))(ptr); \
803f4e1eab7a89 Arnd Bergmann 2021-05-08 @14 __pptr->x; \
803f4e1eab7a89 Arnd Bergmann 2021-05-08 15 })
803f4e1eab7a89 Arnd Bergmann 2021-05-08 16
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/[email protected]
On Tue, Feb 15, 2022 at 11:57:17AM +0100, Ard Biesheuvel wrote:
> Dereferencing a misaligned pointer is undefined behavior in C, and may
> result in codegen on architectures such as ARM that trigger alignments
> traps and expensive fixups in software.
>
> Instead, use the get_aligned()/put_aligned() accessors, which are cheap
> or even completely free when CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y.
>
> In the converse case, the prior alignment checks ensure that the casts
> are safe, and so no unaligned accessors are necessary.
>
> Signed-off-by: Ard Biesheuvel <[email protected]>
> ---
> crypto/algapi.c | 24 +++++++++++++++++++++---
> include/crypto/algapi.h | 11 +++++++++--
> 2 files changed, 30 insertions(+), 5 deletions(-)
Ard, could you please take a look at the two kbuild reports and
see if there is an issue that needs to be resolved?
Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Wed, 23 Feb 2022 at 03:50, Herbert Xu <[email protected]> wrote:
>
> On Tue, Feb 15, 2022 at 11:57:17AM +0100, Ard Biesheuvel wrote:
> > Dereferencing a misaligned pointer is undefined behavior in C, and may
> > result in codegen on architectures such as ARM that trigger alignments
> > traps and expensive fixups in software.
> >
> > Instead, use the get_aligned()/put_aligned() accessors, which are cheap
> > or even completely free when CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y.
> >
> > In the converse case, the prior alignment checks ensure that the casts
> > are safe, and so no unaligned accessors are necessary.
> >
> > Signed-off-by: Ard Biesheuvel <[email protected]>
> > ---
> > crypto/algapi.c | 24 +++++++++++++++++++++---
> > include/crypto/algapi.h | 11 +++++++++--
> > 2 files changed, 30 insertions(+), 5 deletions(-)
>
> Ard, could you please take a look at the two kbuild reports and
> see if there is an issue that needs to be resolved?
>
My patch is flawed - I'll fix it and send a v2.