[PATCH 2/2] sha1/sha256: use be32_to_cpu and cpu_to_be32

Sascha Hauer s.hauer at pengutronix.de
Fri Sep 24 08:56:15 EDT 2010 

On Fri, Sep 24, 2010 at 02:52:55PM +0200, Sascha Hauer wrote:
> On Fri, Sep 24, 2010 at 01:43:50PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > On 13:15 Fri 24 Sep     , Sascha Hauer wrote:
> > > On Fri, Sep 24, 2010 at 01:00:45PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > > > > >>>>-	    | ( (uint32_t) (b)[(i) + 3]       );	\
> > > > > >>>>-}
> > > > > >>>>-#endif
> > > > > >>>>-
> > > > > >>>>-#ifndef PUT_UINT32_BE
> > > > > >>>>-#define PUT_UINT32_BE(n,b,i) {				\
> > > > > >>>>-	(b)[(i)    ] = (unsigned char) ( (n)>>   24 );	\
> > > > > >>>>-	(b)[(i) + 1] = (unsigned char) ( (n)>>   16 );	\
> > > > > >>>>-	(b)[(i) + 2] = (unsigned char) ( (n)>>    8 );	\
> > > > > >>>>-	(b)[(i) + 3] = (unsigned char) ( (n)       );	\
> > > > > >>>>-}
> > > > > >>>>-#endif
> > > > > >>>>+#define GET_UINT32_BE(n,b,i) (n) = be32_to_cpu(((uint32_t*)(b))[i / 4])
> > > > > >>>>+#define PUT_UINT32_BE(n,b,i) ((uint32_t*)(b))[i / 4] = cpu_to_be32(n)
> > > > > >>>>
> > > > > >>>>
> > > > > >>>
> > > > > >>>The previous macros served two purposes: endian swapping and performing
> > > > > >>>the memory accesses byte-by-byte. New versions are unsafe for CPUs which
> > > > > >>>do not support misaligned 32bit memory accesses.
> > > > > >>
> > > > > >>Indeed. We have get_unaligned_be32() / put_unaligned_be32(). These should be
> > > > > >>the correct functions, right?
> > > > > >
> > > > > >no-nned IIRC as be32_to_cpu and cpu_to_be32 already handle this
> > > > > >depending on the arch
> > > > > >
> > > > > 
> > > > > I think get_unaligned_be32() / put_unaligned_be32() are correct in
> > > > > this case. be32_to_cpu / cpu_to_be32 perform endian swapping (if
> > > > > required) with source and destination both being 32bit variables,
> > > > > not memory locations ?
> > > > no the arch have to handle this
> > > 
> > > No. As Andre mentioned cpu_to_be32 operates on variables, not on
> > > pointers. with ((uint32_t*)(b))[i / 4] you cast b to a pointer to
> > > uint32_t which you dereference with [i / 4]. This has nothing to do
> > > with cpu_to_be32 and will crash if the architecture does not allow
> > > unaligned accesses.
> > except cpu_to_be 32 do a swapb so it's safe
> 
> cpu_to_be32 does a __swap32 and not a swapb.
> 
> And I can only repeat myself: The problem is *not* cpu_to_be32 but the
> argument you pass *to* cpu_to_be32. Let me put it in other words:
> 
> x = be32_to_cpu(((uint32_t*)(b))[i / 4])
> 
> can be written as
> 
> u32 y = ((uint32_t*)(b))[i / 4];
> x = be32_to_cpu(y);
> 
> which can also be written as:
> 
> u32 *z = (uint32_t *)b;
> u32 y = z[i / 4];
> x = be32_to_cpu(y);
> 
> And this will crash in the first line if b is not aligned.

I mean in the second line because that's where the pointer is
dereferenced.

Sascha

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

More information about the barebox mailing list