From 9c941c94bcba851eb8e688a3cf7d59ce29c4eb25 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Mon, 12 Jan 2026 11:20:16 -0800 Subject: [PATCH] crypto: x86/aes - Remove the superseded AES-NI crypto_cipher Remove the "aes-aesni" crypto_cipher algorithm and the code specific to its implementation. It is no longer necessary because the AES library is now optimized with x86 AES-NI, and crypto/aes.c exposes the AES library via the crypto_cipher API. Acked-by: Ard Biesheuvel Link: https://lore.kernel.org/r/20260112192035.10427-19-ebiggers@kernel.org Signed-off-by: Eric Biggers --- arch/x86/crypto/Kconfig | 2 - arch/x86/crypto/aesni-intel_asm.S | 25 ------------ arch/x86/crypto/aesni-intel_glue.c | 62 +----------------------------- 3 files changed, 1 insertion(+), 88 deletions(-) diff --git a/arch/x86/crypto/Kconfig b/arch/x86/crypto/Kconfig index ebb0838eaf307..7fb2319a09164 100644 --- a/arch/x86/crypto/Kconfig +++ b/arch/x86/crypto/Kconfig @@ -7,10 +7,8 @@ config CRYPTO_AES_NI_INTEL select CRYPTO_AEAD select CRYPTO_LIB_AES select CRYPTO_LIB_GF128MUL - select CRYPTO_ALGAPI select CRYPTO_SKCIPHER help - Block cipher: AES cipher algorithms AEAD cipher: AES with GCM Length-preserving ciphers: AES with ECB, CBC, CTS, CTR, XCTR, XTS diff --git a/arch/x86/crypto/aesni-intel_asm.S b/arch/x86/crypto/aesni-intel_asm.S index b37881bb9f157..6abe5e38a6d75 100644 --- a/arch/x86/crypto/aesni-intel_asm.S +++ b/arch/x86/crypto/aesni-intel_asm.S @@ -436,31 +436,6 @@ SYM_FUNC_START_LOCAL(_aesni_enc4) RET SYM_FUNC_END(_aesni_enc4) -/* - * void aesni_dec (const void *ctx, u8 *dst, const u8 *src) - */ -SYM_FUNC_START(aesni_dec) - FRAME_BEGIN -#ifndef __x86_64__ - pushl KEYP - pushl KLEN - movl (FRAME_OFFSET+12)(%esp), KEYP # ctx - movl (FRAME_OFFSET+16)(%esp), OUTP # dst - movl (FRAME_OFFSET+20)(%esp), INP # src -#endif - mov 480(KEYP), KLEN # key length - add $240, KEYP - movups (INP), STATE # input - call _aesni_dec1 - movups STATE, (OUTP) #output -#ifndef __x86_64__ - popl KLEN - popl KEYP -#endif - FRAME_END - RET -SYM_FUNC_END(aesni_dec) - /* * _aesni_dec1: internal ABI * input: diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c index 48405e02d6e46..453e0e890041b 100644 --- a/arch/x86/crypto/aesni-intel_glue.c +++ b/arch/x86/crypto/aesni-intel_glue.c @@ -60,7 +60,6 @@ static inline void *aes_align_addr(void *addr) asmlinkage void aesni_set_key(struct crypto_aes_ctx *ctx, const u8 *in_key, unsigned int key_len); asmlinkage void aesni_enc(const void *ctx, u8 *out, const u8 *in); -asmlinkage void aesni_dec(const void *ctx, u8 *out, const u8 *in); asmlinkage void aesni_ecb_enc(struct crypto_aes_ctx *ctx, u8 *out, const u8 *in, unsigned int len); asmlinkage void aesni_ecb_dec(struct crypto_aes_ctx *ctx, u8 *out, @@ -113,39 +112,6 @@ static int aes_set_key_common(struct crypto_aes_ctx *ctx, return 0; } -static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, - unsigned int key_len) -{ - return aes_set_key_common(aes_ctx(crypto_tfm_ctx(tfm)), in_key, - key_len); -} - -static void aesni_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) -{ - struct crypto_aes_ctx *ctx = aes_ctx(crypto_tfm_ctx(tfm)); - - if (!crypto_simd_usable()) { - aes_encrypt(ctx, dst, src); - } else { - kernel_fpu_begin(); - aesni_enc(ctx, dst, src); - kernel_fpu_end(); - } -} - -static void aesni_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) -{ - struct crypto_aes_ctx *ctx = aes_ctx(crypto_tfm_ctx(tfm)); - - if (!crypto_simd_usable()) { - aes_decrypt(ctx, dst, src); - } else { - kernel_fpu_begin(); - aesni_dec(ctx, dst, src); - kernel_fpu_end(); - } -} - static int aesni_skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key, unsigned int len) { @@ -544,25 +510,6 @@ static int xts_decrypt_aesni(struct skcipher_request *req) return xts_crypt(req, aesni_xts_encrypt_iv, aesni_xts_decrypt); } -static struct crypto_alg aesni_cipher_alg = { - .cra_name = "aes", - .cra_driver_name = "aes-aesni", - .cra_priority = 300, - .cra_flags = CRYPTO_ALG_TYPE_CIPHER, - .cra_blocksize = AES_BLOCK_SIZE, - .cra_ctxsize = CRYPTO_AES_CTX_SIZE, - .cra_module = THIS_MODULE, - .cra_u = { - .cipher = { - .cia_min_keysize = AES_MIN_KEY_SIZE, - .cia_max_keysize = AES_MAX_KEY_SIZE, - .cia_setkey = aes_set_key, - .cia_encrypt = aesni_encrypt, - .cia_decrypt = aesni_decrypt - } - } -}; - static struct skcipher_alg aesni_skciphers[] = { { .base = { @@ -1689,14 +1636,10 @@ static int __init aesni_init(void) if (!x86_match_cpu(aesni_cpu_id)) return -ENODEV; - err = crypto_register_alg(&aesni_cipher_alg); - if (err) - return err; - err = crypto_register_skciphers(aesni_skciphers, ARRAY_SIZE(aesni_skciphers)); if (err) - goto unregister_cipher; + return err; err = crypto_register_aeads(aes_gcm_algs_aesni, ARRAY_SIZE(aes_gcm_algs_aesni)); @@ -1716,8 +1659,6 @@ unregister_avx: unregister_skciphers: crypto_unregister_skciphers(aesni_skciphers, ARRAY_SIZE(aesni_skciphers)); -unregister_cipher: - crypto_unregister_alg(&aesni_cipher_alg); return err; } @@ -1727,7 +1668,6 @@ static void __exit aesni_exit(void) ARRAY_SIZE(aes_gcm_algs_aesni)); crypto_unregister_skciphers(aesni_skciphers, ARRAY_SIZE(aesni_skciphers)); - crypto_unregister_alg(&aesni_cipher_alg); unregister_avx_algs(); } -- 2.47.3