| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260112192035.10427-28-ebiggers@kernel.org>
Date: Mon, 12 Jan 2026 11:20:25 -0800
From: Eric Biggers <ebiggers@...nel.org>
To: linux-crypto@...r.kernel.org
Cc: linux-kernel@...r.kernel.org,
Ard Biesheuvel <ardb@...nel.org>,
"Jason A . Donenfeld" <Jason@...c4.com>,
Herbert Xu <herbert@...dor.apana.org.au>,
linux-arm-kernel@...ts.infradead.org,
linuxppc-dev@...ts.ozlabs.org,
linux-riscv@...ts.infradead.org,
linux-s390@...r.kernel.org,
sparclinux@...r.kernel.org,
x86@...nel.org,
Holger Dengler <dengler@...ux.ibm.com>,
Harald Freudenberger <freude@...ux.ibm.com>,
Eric Biggers <ebiggers@...nel.org>
Subject: [PATCH v2 27/35] crypto: chelsio - Use new AES library API
Switch from the old AES library functions (which use struct
crypto_aes_ctx) to the new ones (which use struct aes_key and struct
aes_enckey). In encryption-only use cases, this eliminates the
unnecessary computation and caching of the decryption round keys. The
new AES en/decryption functions are also much faster and use AES
instructions when supported by the CPU.
Note that in addition to the change in the key preparation function and
the key struct type itself, the change in the type of the key struct
results in aes_encrypt() (which is temporarily a type-generic macro)
calling the new encryption function rather than the old one. Likewise
for decryption.
Acked-by: Ard Biesheuvel <ardb@...nel.org>
Signed-off-by: Eric Biggers <ebiggers@...nel.org>
---
drivers/crypto/chelsio/chcr_algo.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/drivers/crypto/chelsio/chcr_algo.c b/drivers/crypto/chelsio/chcr_algo.c
index 22cbc343198a..6dec42282768 100644
--- a/drivers/crypto/chelsio/chcr_algo.c
+++ b/drivers/crypto/chelsio/chcr_algo.c
@@ -1026,11 +1026,11 @@ static int chcr_update_tweak(struct skcipher_request *req, u8 *iv,
u32 isfinal)
{
struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
struct ablk_ctx *ablkctx = ABLK_CTX(c_ctx(tfm));
struct chcr_skcipher_req_ctx *reqctx = skcipher_request_ctx(req);
- struct crypto_aes_ctx aes;
+ struct aes_key aes;
int ret, i;
u8 *key;
unsigned int keylen;
int round = reqctx->last_req_len / AES_BLOCK_SIZE;
int round8 = round / 8;
@@ -1042,13 +1042,13 @@ static int chcr_update_tweak(struct skcipher_request *req, u8 *iv,
/* For a 192 bit key remove the padded zeroes which was
* added in chcr_xts_setkey
*/
if (KEY_CONTEXT_CK_SIZE_G(ntohl(ablkctx->key_ctx_hdr))
== CHCR_KEYCTX_CIPHER_KEY_SIZE_192)
- ret = aes_expandkey(&aes, key, keylen - 8);
+ ret = aes_preparekey(&aes, key, keylen - 8);
else
- ret = aes_expandkey(&aes, key, keylen);
+ ret = aes_preparekey(&aes, key, keylen);
if (ret)
return ret;
aes_encrypt(&aes, iv, iv);
for (i = 0; i < round8; i++)
gf128mul_x8_ble((le128 *)iv, (le128 *)iv);
@@ -3404,11 +3404,11 @@ static int chcr_gcm_setkey(struct crypto_aead *aead, const u8 *key,
{
struct chcr_aead_ctx *aeadctx = AEAD_CTX(a_ctx(aead));
struct chcr_gcm_ctx *gctx = GCM_CTX(aeadctx);
unsigned int ck_size;
int ret = 0, key_ctx_size = 0;
- struct crypto_aes_ctx aes;
+ struct aes_enckey aes;
aeadctx->enckey_len = 0;
crypto_aead_clear_flags(aeadctx->sw_cipher, CRYPTO_TFM_REQ_MASK);
crypto_aead_set_flags(aeadctx->sw_cipher, crypto_aead_get_flags(aead)
& CRYPTO_TFM_REQ_MASK);
@@ -3442,11 +3442,11 @@ static int chcr_gcm_setkey(struct crypto_aead *aead, const u8 *key,
0, 0,
key_ctx_size >> 4);
/* Calculate the H = CIPH(K, 0 repeated 16 times).
* It will go in key context
*/
- ret = aes_expandkey(&aes, key, keylen);
+ ret = aes_prepareenckey(&aes, key, keylen);
if (ret) {
aeadctx->enckey_len = 0;
goto out;
}
memset(gctx->ghash_h, 0, AEAD_H_SIZE);
--
2.52.0
Powered by blists - more mailing lists