]> git.ipfire.org Git - thirdparty/kernel/linux.git/commitdiff
projects / thirdparty / kernel / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b2c15db)
crypto: inside-secure - Use new AES library API
authorEric Biggers <ebiggers@kernel.org>
Mon, 12 Jan 2026 19:20:28 +0000 (11:20 -0800)
committerEric Biggers <ebiggers@kernel.org>
Thu, 15 Jan 2026 22:09:08 +0000 (14:09 -0800)
Switch from the old AES library functions (which use struct
crypto_aes_ctx) to the new ones (which use struct aes_enckey).  This
eliminates the unnecessary computation and caching of the decryption
round keys.  The new AES en/decryption functions are also much faster
and use AES instructions when supported by the CPU.

Note that in addition to the change in the key preparation function and
the key struct type itself, the change in the type of the key struct
results in aes_encrypt() (which is temporarily a type-generic macro)
calling the new encryption function rather than the old one.

This driver used crypto_aes_ctx::key_enc, but only to access the copy of
the raw key that is stored at the beginning of the expanded key.  To
eliminate the dependency on this field, instead just access the raw key
directly, which is already available in the relevant functions.

Acked-by: Ard Biesheuvel <ardb@kernel.org>
Link: https://lore.kernel.org/r/20260112192035.10427-31-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
drivers/crypto/inside-secure/safexcel_cipher.c patch | blob | blame | history
drivers/crypto/inside-secure/safexcel_hash.c patch | blob | blame | history

diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c
index 919e5a2cab95e3b46f2068e871e5495775620206..27b180057417393e512486637a09fd73ec55bc22 100644 (file)
--- a/drivers/crypto/inside-secure/safexcel_cipher.c
+++ b/drivers/crypto/inside-secure/safexcel_cipher.c
@@ -2507,19 +2507,17 @@ static int safexcel_aead_gcm_setkey(struct crypto_aead *ctfm, const u8 *key,
        struct crypto_tfm *tfm = crypto_aead_tfm(ctfm);
        struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
        struct safexcel_crypto_priv *priv = ctx->base.priv;
-       struct crypto_aes_ctx aes;
+       struct aes_enckey aes;
        u32 hashkey[AES_BLOCK_SIZE >> 2];
        int ret, i;
 
-       ret = aes_expandkey(&aes, key, len);
-       if (ret) {
-               memzero_explicit(&aes, sizeof(aes));
+       ret = aes_prepareenckey(&aes, key, len);
+       if (ret)
                return ret;
-       }
 
        if (priv->flags & EIP197_TRC_CACHE && ctx->base.ctxr_dma) {
                for (i = 0; i < len / sizeof(u32); i++) {
-                       if (le32_to_cpu(ctx->key[i]) != aes.key_enc[i]) {
+                       if (ctx->key[i] != get_unaligned((__le32 *)key + i)) {
                                ctx->base.needs_inv = true;
                                break;
                        }
@@ -2527,7 +2525,7 @@ static int safexcel_aead_gcm_setkey(struct crypto_aead *ctfm, const u8 *key,
        }
 
        for (i = 0; i < len / sizeof(u32); i++)
-               ctx->key[i] = cpu_to_le32(aes.key_enc[i]);
+               ctx->key[i] = get_unaligned((__le32 *)key + i);
 
        ctx->key_len = len;
 
diff --git a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/crypto/inside-secure/safexcel_hash.c
index ef0ba4832928136b4efc3d02724342c3aaf0b030..e534b7a200cf5ee808a43a98efa9675c401a72f3 100644 (file)
--- a/drivers/crypto/inside-secure/safexcel_hash.c
+++ b/drivers/crypto/inside-secure/safexcel_hash.c
@@ -30,7 +30,7 @@ struct safexcel_ahash_ctx {
        bool fb_init_done;
        bool fb_do_setkey;
 
-       struct crypto_aes_ctx *aes;
+       struct aes_enckey *aes;
        struct crypto_ahash *fback;
        struct crypto_shash *shpre;
        struct shash_desc *shdesc;
@@ -1976,7 +1976,7 @@ static int safexcel_xcbcmac_setkey(struct crypto_ahash *tfm, const u8 *key,
        u32 key_tmp[3 * AES_BLOCK_SIZE / sizeof(u32)];
        int ret, i;
 
-       ret = aes_expandkey(ctx->aes, key, len);
+       ret = aes_prepareenckey(ctx->aes, key, len);
        if (ret)
                return ret;
 
@@ -1990,9 +1990,9 @@ static int safexcel_xcbcmac_setkey(struct crypto_ahash *tfm, const u8 *key,
        for (i = 0; i < 3 * AES_BLOCK_SIZE / sizeof(u32); i++)
                ctx->base.ipad.word[i] = swab32(key_tmp[i]);
 
-       ret = aes_expandkey(ctx->aes,
-                           (u8 *)key_tmp + 2 * AES_BLOCK_SIZE,
-                           AES_MIN_KEY_SIZE);
+       ret = aes_prepareenckey(ctx->aes,
+                               (u8 *)key_tmp + 2 * AES_BLOCK_SIZE,
+                               AES_MIN_KEY_SIZE);
        if (ret)
                return ret;
 
@@ -2062,12 +2062,12 @@ static int safexcel_cmac_setkey(struct crypto_ahash *tfm, const u8 *key,
        int ret, i;
 
        /* precompute the CMAC key material */
-       ret = aes_expandkey(ctx->aes, key, len);
+       ret = aes_prepareenckey(ctx->aes, key, len);
        if (ret)
                return ret;
 
        for (i = 0; i < len / sizeof(u32); i++)
-               ctx->base.ipad.word[i + 8] = swab32(ctx->aes->key_enc[i]);
+               ctx->base.ipad.word[i + 8] = get_unaligned_be32(&key[4 * i]);
 
        /* code below borrowed from crypto/cmac.c */
        /* encrypt the zero block */
A mirror of Linus' kernel repository