]> git.ipfire.org Git - thirdparty/kernel/linux.git/commitdiff
projects / thirdparty / kernel / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 60fb28c)
crypto: arm/ghash - Use new AES library API
authorEric Biggers <ebiggers@kernel.org>
Mon, 12 Jan 2026 19:20:21 +0000 (11:20 -0800)
committerEric Biggers <ebiggers@kernel.org>
Thu, 15 Jan 2026 22:09:08 +0000 (14:09 -0800)
Switch from the old AES library functions (which use struct
crypto_aes_ctx) to the new ones (which use struct aes_enckey).  This
eliminates the unnecessary computation and caching of the decryption
round keys.  The new AES en/decryption functions are also much faster
and use AES instructions when supported by the CPU.

Note that in addition to the change in the key preparation function and
the key struct type itself, the change in the type of the key struct
results in aes_encrypt() (which is temporarily a type-generic macro)
calling the new encryption function rather than the old one.

Acked-by: Ard Biesheuvel <ardb@kernel.org>
Link: https://lore.kernel.org/r/20260112192035.10427-24-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
arch/arm/crypto/ghash-ce-glue.c patch | blob | blame | history

diff --git a/arch/arm/crypto/ghash-ce-glue.c b/arch/arm/crypto/ghash-ce-glue.c
index a52dcc8c1e33483f301afcdc9b14f3d5d078d40a..454adcc62cc69148bbe9618aa73b2551cdfac2ae 100644 (file)
--- a/arch/arm/crypto/ghash-ce-glue.c
+++ b/arch/arm/crypto/ghash-ce-glue.c
@@ -204,20 +204,24 @@ static int gcm_aes_setkey(struct crypto_aead *tfm, const u8 *inkey,
                          unsigned int keylen)
 {
        struct gcm_key *ctx = crypto_aead_ctx(tfm);
-       struct crypto_aes_ctx aes_ctx;
+       struct aes_enckey aes_key;
        be128 h, k;
        int ret;
 
-       ret = aes_expandkey(&aes_ctx, inkey, keylen);
+       ret = aes_prepareenckey(&aes_key, inkey, keylen);
        if (ret)
                return -EINVAL;
 
-       aes_encrypt(&aes_ctx, (u8 *)&k, (u8[AES_BLOCK_SIZE]){});
+       aes_encrypt(&aes_key, (u8 *)&k, (u8[AES_BLOCK_SIZE]){});
 
-       memcpy(ctx->rk, aes_ctx.key_enc, sizeof(ctx->rk));
+       /*
+        * Note: this assumes that the arm implementation of the AES library
+        * stores the standard round keys in k.rndkeys.
+        */
+       memcpy(ctx->rk, aes_key.k.rndkeys, sizeof(ctx->rk));
        ctx->rounds = 6 + keylen / 4;
 
-       memzero_explicit(&aes_ctx, sizeof(aes_ctx));
+       memzero_explicit(&aes_key, sizeof(aes_key));
 
        ghash_reflect(ctx->h[0], &k);
 
A mirror of Linus' kernel repository