Commit c13aebfe authored by Ard Biesheuvel's avatar Ard Biesheuvel
Browse files

crypto/arm64: sm4-ce-gcm - Avoid pointless yield of the NEON unit 



Kernel mode NEON sections are now preemptible on arm64, and so there is
no need to yield it when calling APIs that may sleep.

Also, move the calls to kernel_neon_end() to the same scope as
kernel_neon_begin(). This is needed for a subsequent change where a
stack buffer is allocated transparently and passed to
kernel_neon_begin().

While at it, simplify the logic.

Reviewed-by: default avatarEric Biggers <ebiggers@kernel.org>
Acked-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
Acked-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
parent 9520ef37

arch/arm64/crypto/sm4-ce-gcm-glue.c

+6 −19
Original line number Diff line number Diff line
@@ -154,36 +154,23 @@ static int gcm_crypt(struct aead_request *req, struct skcipher_walk *walk, 
	if (req->assoclen)

		gcm_calculate_auth_mac(req, ghash);



	while (walk->nbytes) {

	do {

		unsigned int tail = walk->nbytes % SM4_BLOCK_SIZE;

		const u8 *src = walk->src.virt.addr;

		u8 *dst = walk->dst.virt.addr;

		const u8 *l = NULL;



		if (walk->nbytes == walk->total) {

			sm4_ce_pmull_gcm_crypt(ctx->key.rkey_enc, dst, src, iv,

					       walk->nbytes, ghash,

					       ctx->ghash_table,

					       (const u8 *)&lengths);



			kernel_neon_end();



			return skcipher_walk_done(walk, 0);

			l = (const u8 *)&lengths;

			tail = 0;

		}



		sm4_ce_pmull_gcm_crypt(ctx->key.rkey_enc, dst, src, iv,

				       walk->nbytes - tail, ghash,

				       ctx->ghash_table, NULL);



		kernel_neon_end();

				       ctx->ghash_table, l);



		err = skcipher_walk_done(walk, tail);



		kernel_neon_begin();

	}



	sm4_ce_pmull_gcm_crypt(ctx->key.rkey_enc, NULL, NULL, iv,

			       walk->nbytes, ghash, ctx->ghash_table,

			       (const u8 *)&lengths);

	} while (walk->nbytes);



	kernel_neon_end();