dm integrity: use crypto_shash_digest() in sb_mac()

Simplify sb_mac() by using crypto_shash_digest() instead of an
init+update+final sequence.  This should also improve performance.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Mike Snitzer <snitzer@kernel.org>

diff --git a/drivers/md/dm-integrity.c b/drivers/md/dm-integrity.c
index 97a8d5fc9ebb6572e666cb46aaec478894f4a02f..e85c688fd91e90101fa38f9c9bc770a51fe7ed42 100644 (file)
--- a/drivers/md/dm-integrity.c
+++ b/drivers/md/dm-integrity.c
@@ -493,42 +493,32 @@ static int sb_mac(struct dm_integrity_c *ic, bool wr)
 {
        SHASH_DESC_ON_STACK(desc, ic->journal_mac);
        int r;
-       unsigned int size = crypto_shash_digestsize(ic->journal_mac);
+       unsigned int mac_size = crypto_shash_digestsize(ic->journal_mac);
+       __u8 *sb = (__u8 *)ic->sb;
+       __u8 *mac = sb + (1 << SECTOR_SHIFT) - mac_size;
 
-       if (sizeof(struct superblock) + size > 1 << SECTOR_SHIFT) {
+       if (sizeof(struct superblock) + mac_size > 1 << SECTOR_SHIFT) {
                dm_integrity_io_error(ic, "digest is too long", -EINVAL);
                return -EINVAL;
        }
 
        desc->tfm = ic->journal_mac;
 
-       r = crypto_shash_init(desc);
-       if (unlikely(r < 0)) {
-               dm_integrity_io_error(ic, "crypto_shash_init", r);
-               return r;
-       }
-
-       r = crypto_shash_update(desc, (__u8 *)ic->sb, (1 << SECTOR_SHIFT) - size);
-       if (unlikely(r < 0)) {
-               dm_integrity_io_error(ic, "crypto_shash_update", r);
-               return r;
-       }
-
        if (likely(wr)) {
-               r = crypto_shash_final(desc, (__u8 *)ic->sb + (1 << SECTOR_SHIFT) - size);
+               r = crypto_shash_digest(desc, sb, mac - sb, mac);
                if (unlikely(r < 0)) {
-                       dm_integrity_io_error(ic, "crypto_shash_final", r);
+                       dm_integrity_io_error(ic, "crypto_shash_digest", r);
                        return r;
                }
        } else {
-               __u8 result[HASH_MAX_DIGESTSIZE];
+               __u8 actual_mac[HASH_MAX_DIGESTSIZE];
 
-               r = crypto_shash_final(desc, result);
+               r = crypto_shash_digest(desc, sb, mac - sb, actual_mac);
                if (unlikely(r < 0)) {
-                       dm_integrity_io_error(ic, "crypto_shash_final", r);
+                       dm_integrity_io_error(ic, "crypto_shash_digest", r);
                        return r;
                }
-               if (memcmp((__u8 *)ic->sb + (1 << SECTOR_SHIFT) - size, result, size)) {
+               if (memcmp(mac, actual_mac, mac_size)) {
                        dm_integrity_io_error(ic, "superblock mac", -EILSEQ);
                        dm_audit_log_target(DM_MSG_PREFIX, "mac-superblock", ic->ti, 0);
                        return -EILSEQ;