diff options
author | Eric Biggers <ebiggers@google.com> | 2019-03-12 22:12:52 -0700 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2019-03-22 20:57:28 +0800 |
commit | 0bb1644fec54e2a9addf03419868bb427d3cf284 (patch) | |
tree | 44303bab9f1955231a7af290d0232fcf8a60e9d6 /crypto/gcm.c | |
parent | e9fb14f04cc3efa3aa0ccc306d82d89fe40fadb9 (diff) | |
download | linux-crypto-0bb1644fec54e2a9addf03419868bb427d3cf284.tar.gz linux-crypto-0bb1644fec54e2a9addf03419868bb427d3cf284.zip |
crypto: testmgr - test the !may_use_simd() fallback code
All crypto API algorithms are supposed to support the case where they
are called in a context where SIMD instructions are unusable, e.g. IRQ
context on some architectures. However, this isn't tested for by the
self-tests, causing bugs to go undetected.
Now that all algorithms have been converted to use crypto_simd_usable(),
update the self-tests to test the no-SIMD case. First, a bool
testvec_config::nosimd is added. When set, the crypto operation is
executed with preemption disabled and with crypto_simd_usable() mocked
out to return false on the current CPU.
A bool test_sg_division::nosimd is also added. For hash algorithms it's
honored by the corresponding ->update(). By setting just a subset of
these bools, the case where some ->update()s are done in SIMD context
and some are done in no-SIMD context is also tested.
These bools are then randomly set by generate_random_testvec_config().
For now, all no-SIMD testing is limited to the extra crypto self-tests,
because it might be a bit too invasive for the regular self-tests.
But this could be changed later.
This has already found bugs in the arm64 AES-GCM and ChaCha algorithms.
This would have found some past bugs as well.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/gcm.c')
0 files changed, 0 insertions, 0 deletions