git.ipfire.org Git - thirdparty/linux.git/commit

author	Eric Biggers <ebiggers@kernel.org>
	Wed, 18 Feb 2026 21:35:01 +0000 (13:35 -0800)
committer	Eric Biggers <ebiggers@kernel.org>
	Mon, 9 Mar 2026 20:27:21 +0000 (13:27 -0700)
commit	5e07ce466356d9833757b2d6c0380b6ee7b11a77
tree	45270873bb8d17a04f2c7f0a29c1753c1fd91b77	tree \| snapshot
parent	c9de7246d5422bbea5374a402e761cf7725a263e	commit \| diff

wifi: mac80211: Use AES-CMAC library in aes_s2v()

Now that AES-CMAC has a library API, convert aes_s2v() to use it instead
of a "cmac(aes)" crypto_shash.  The result is faster and simpler code.

It's also more reliable, since with the library the only step that can
fail is preparing the key.  In contrast, crypto_shash_digest(),
crypto_shash_init(), crypto_shash_update(), and crypto_shash_final()
could all fail and return an errno value.  aes_s2v() ignored these
errors, which was a bug.  So that bug is fixed as well.

As part of this, change the prototype of aes_s2v() to take the raw key
directly instead of a prepared key.  Its only two callers prepare a key
for each call, so it might as well be done directly in aes_s2v().

Since this removes the last dependency on the "cmac(aes)" crypto_shash
from mac80211, also remove the 'select CRYPTO_CMAC'.

Acked-by: Johannes Berg <johannes@sipsolutions.net>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Link: https://lore.kernel.org/r/20260218213501.136844-16-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>

net/mac80211/Kconfig		diff \| blob \| blame \| history
net/mac80211/fils_aead.c		diff \| blob \| blame \| history