From: "George Spelvin" <linux@horizon.com>
To: herbert@gondor.apana.org.au, nhorman@tuxdriver.com
Cc: linux-crypto@vger.kernel.org, linux@horizon.com, smueller@chronox.de
Subject: [PATCH 10/17] crypto: ansi_cprng - simplify get_prng_bytes
Date: 2 Dec 2014 03:52:31 -0500 [thread overview]
Message-ID: <20141202085231.19085.qmail@ns.horizon.com> (raw)
In-Reply-To: <20141202083314.17647.qmail@ns.horizon.com>
The crypto is so slow that there's no point unrolling this function.
A simpler and clearer implementation will do just fine.
Also move all modification of rand_read_pos out of _get_more_prng_bytes;
that's variable belongs to the byte-at-a-time layer outside the
block-oriented primitive.
Signed-off-by: George Spelvin <linux@horizon.com>
---
crypto/ansi_cprng.c | 67 ++++++++++++++---------------------------------------
1 file changed, 18 insertions(+), 49 deletions(-)
Friends don't let friends micro-optimize non-inner loops.
diff --git a/crypto/ansi_cprng.c b/crypto/ansi_cprng.c
index 6723a561..de13e741 100644
--- a/crypto/ansi_cprng.c
+++ b/crypto/ansi_cprng.c
@@ -166,7 +166,6 @@ static int _get_more_prng_bytes(struct prng_context *ctx, bool cont_test)
}
dbgprint("Returning new block for context %p\n", ctx);
- ctx->rand_read_pos = 0;
hexdump("Output DT: ", ctx->DT, DEFAULT_BLK_SZ);
hexdump("Output V: ", ctx->V, DEFAULT_BLK_SZ);
@@ -179,65 +178,36 @@ static int _get_more_prng_bytes(struct prng_context *ctx, bool cont_test)
static int get_prng_bytes(unsigned char *buf, unsigned int nbytes,
struct prng_context *ctx, bool do_cont_test)
{
- unsigned char *ptr = buf;
- unsigned int byte_count = (unsigned int)nbytes;
- int err;
+ unsigned int pos = 0;
+ unsigned int len;
+ int read_pos = ctx->rand_read_pos;
+ int err = -EINVAL;
+
+ dbgprint(KERN_CRIT "getting %u random bytes for context %p\n",
+ nbytes, ctx);
spin_lock_bh(&ctx->prng_lock);
- err = -EINVAL;
if (ctx->flags & PRNG_NEED_RESET)
goto done;
- err = byte_count;
+ while (nbytes - pos > DEFAULT_BLK_SZ - read_pos) {
+ len = DEFAULT_BLK_SZ - read_pos;
- dbgprint(KERN_CRIT "getting %d random bytes for context %p\n",
- byte_count, ctx);
-
-remainder:
- if (ctx->rand_read_pos == DEFAULT_BLK_SZ) {
+ memcpy(buf + pos, ctx->rand_data + read_pos, len);
if (_get_more_prng_bytes(ctx, do_cont_test) < 0) {
memset(buf, 0, nbytes);
- err = -EINVAL;
goto done;
}
+ pos += len;
+ read_pos = 0;
}
- /*
- * Copy any data less than an entire block
- */
- if (byte_count < DEFAULT_BLK_SZ) {
-empty_rbuf:
- while (ctx->rand_read_pos < DEFAULT_BLK_SZ) {
- *ptr++ = ctx->rand_data[ctx->rand_read_pos++];
- if (--byte_count == 0)
- goto done;
- }
- }
-
- /*
- * Now copy whole blocks
- */
- for (; byte_count >= DEFAULT_BLK_SZ; byte_count -= DEFAULT_BLK_SZ) {
- if (ctx->rand_read_pos == DEFAULT_BLK_SZ) {
- if (_get_more_prng_bytes(ctx, do_cont_test) < 0) {
- memset(buf, 0, nbytes);
- err = -EINVAL;
- goto done;
- }
- }
- if (ctx->rand_read_pos > 0)
- goto empty_rbuf;
- memcpy(ptr, ctx->rand_data, DEFAULT_BLK_SZ);
- ctx->rand_read_pos += DEFAULT_BLK_SZ;
- ptr += DEFAULT_BLK_SZ;
- }
-
- /*
- * Now go back and get any remaining partial block
- */
- if (byte_count)
- goto remainder;
+ /* The final partial block */
+ len = nbytes - pos;
+ memcpy(buf + pos, ctx->rand_data + read_pos, len);
+ ctx->rand_read_pos = read_pos + len;
+ err = nbytes;
done:
spin_unlock_bh(&ctx->prng_lock);
@@ -351,7 +321,6 @@ static int fips_cprng_get_random(struct crypto_rng *tfm, u8 *rdata,
static int fips_cprng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen)
{
- u8 rdata[DEFAULT_BLK_SZ];
u8 const *key = seed + DEFAULT_BLK_SZ;
int rc;
@@ -370,7 +339,7 @@ static int fips_cprng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen)
goto out;
/* this primes our continuity test */
- rc = get_prng_bytes(rdata, DEFAULT_BLK_SZ, prng, 0);
+ rc = _get_more_prng_bytes(prng, false);
prng->rand_read_pos = DEFAULT_BLK_SZ;
out:
--
2.1.3
next prev parent reply other threads:[~2014-12-02 8:52 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-29 2:43 Is ansi_cprng.c supposed to implement X9.17/X9.31's RNG? George Spelvin
2014-11-29 17:26 ` George Spelvin
2014-11-29 17:59 ` Neil Horman
2014-12-02 8:33 ` [PATCH 00/17] Multiple changes to crypto/ansi_cprng.c George Spelvin
2014-12-02 8:34 ` [PATCH 01/17] crypto: ansi_cprng - Rename rand_data_valid more sensibly George Spelvin
2014-12-02 8:41 ` Stephan Mueller
2014-12-02 17:12 ` George Spelvin
2014-12-02 8:35 ` [PATCH 02/17] crypto: ansi_cprng - Eliminate ctx->last_rand_data George Spelvin
2014-12-02 8:57 ` Stephan Mueller
2014-12-02 9:08 ` George Spelvin
2014-12-02 14:46 ` Neil Horman
2014-12-02 19:45 ` George Spelvin
2014-12-02 8:37 ` [PATCH 03/17] crypto: ansi_cprng - Eliminate ctx->I George Spelvin
2014-12-02 14:52 ` Neil Horman
2014-12-02 20:03 ` George Spelvin
2014-12-03 11:08 ` Neil Horman
2014-12-02 8:37 ` PATCH 04/17] crypto: ansi_cprng - simplify xor_vectors() to xor_block() George Spelvin
2014-12-02 8:39 ` [PATCH 05/17] crypto: ansi_cprng - Add const annotations to hexdump() George Spelvin
2014-12-02 8:40 ` [PATCH 06/17] crypto: ansi_cprng - Eliminate unused PRNG_FIXED_SIZE flag George Spelvin
2014-12-02 8:43 ` [PATCH 07/17] crypto: ansi_cprng - Shrink rand_read_pos & flags George Spelvin
2014-12-02 14:59 ` Neil Horman
2014-12-02 20:28 ` George Spelvin
2014-12-03 11:11 ` Neil Horman
2014-12-02 8:46 ` [PATCH 08/17] crypto: ansi_cprng - Require non-null key & V in reset_prng_context George Spelvin
2014-12-02 8:50 ` [PATCH 09/17] crypto: ansi_cprng - Clean up some variable types George Spelvin
2014-12-02 8:52 ` George Spelvin [this message]
2014-12-02 8:54 ` [PATCH 11/17] crypto: ansi_cprng - unroll _get_more_prng_bytes George Spelvin
2014-12-02 21:54 ` George Spelvin
2014-12-02 8:56 ` [PATCH 12/17] crypto: ansi_cprng - Create a "block buffer" data type George Spelvin
2014-12-02 8:57 ` [PATCH 13/17] crypto: ansi_cprng - If DT is not provided, use a fresh timestamp George Spelvin
2014-12-02 9:11 ` George Spelvin
2014-12-02 8:58 ` [PATCH 14/17] crypto: ansi_cprng - If DT is omitted, don't buffer old output George Spelvin
2014-12-02 8:59 ` [PATCH 15/17] crypto: testmgr - Teach test_cprng to handle non-default seed sizes George Spelvin
2014-12-02 9:01 ` [PATCH 16/17] crypto: testmgr - Merge seed arrays in struct cprng_testvec George Spelvin
2014-12-02 9:02 ` [PATCH 17/17] crypto: ansi_cprng - Shrink default seed size George Spelvin
2014-12-03 11:13 ` [PATCH 00/17] Multiple changes to crypto/ansi_cprng.c Neil Horman
2014-12-03 20:27 ` George Spelvin
2014-12-04 18:07 ` Stephan Mueller
2014-12-05 11:28 ` Neil Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141202085231.19085.qmail@ns.horizon.com \
--to=linux@horizon.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=nhorman@tuxdriver.com \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).