crypto: arm/aes-neonbs - Use AES library for single blocks

aes-neonbs-glue.c calls __aes_arm_encrypt() and __aes_arm_decrypt() to
en/decrypt single blocks for CBC encryption, XTS tweak encryption, and
XTS ciphertext stealing. In preparation for making the AES library use
this same ARM-optimized single-block AES en/decryption code and making
it an internal implementation detail of the AES library, replace the
calls to these functions with calls to the AES library.

Note that this reduces the size of the aesbs_cbc_ctx and aesbs_xts_ctx
structs, since unnecessary decryption round keys are no longer included.

Acked-by: Ard Biesheuvel <ardb@kernel.org>
Link: https://lore.kernel.org/r/20260112192035.10427-4-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>

Eric Biggers 5 months ago a4e4e446 a22fd0e3

+16 -14

2 changed files

expand all

arch

arm

crypto

Kconfig

aes-neonbs-glue.c

-1

arch/arm/crypto/Kconfig

··· 44 44 config CRYPTO_AES_ARM_BS 45 45 tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (bit-sliced NEON)" 46 46 depends on KERNEL_MODE_NEON 47 - select CRYPTO_AES_ARM 48 47 select CRYPTO_SKCIPHER 49 48 select CRYPTO_LIB_AES 50 49 help

+16 -13

arch/arm/crypto/aes-neonbs-glue.c

··· 12 12 #include <crypto/scatterwalk.h> 13 13 #include <crypto/xts.h> 14 14 #include <linux/module.h> 15 - #include "aes-cipher.h" 16 15 17 16 MODULE_AUTHOR("Ard Biesheuvel <ard.biesheuvel@linaro.org>"); 18 17 MODULE_DESCRIPTION("Bit sliced AES using NEON instructions"); ··· 47 48 48 49 struct aesbs_cbc_ctx { 49 50 struct aesbs_ctx key; 50 - struct crypto_aes_ctx fallback; 51 + struct aes_enckey fallback; 51 52 }; 52 53 53 54 struct aesbs_xts_ctx { 54 55 struct aesbs_ctx key; 55 - struct crypto_aes_ctx fallback; 56 - struct crypto_aes_ctx tweak_key; 56 + struct aes_key fallback; 57 + struct aes_enckey tweak_key; 57 58 }; 58 59 59 60 static int aesbs_setkey(struct crypto_skcipher *tfm, const u8 *in_key, ··· 121 122 struct aesbs_cbc_ctx *ctx = crypto_skcipher_ctx(tfm); 122 123 int err; 123 124 124 - err = aes_expandkey(&ctx->fallback, in_key, key_len); 125 + err = aes_prepareenckey(&ctx->fallback, in_key, key_len); 125 126 if (err) 126 127 return err; 127 128 128 129 ctx->key.rounds = 6 + key_len / 4; 129 130 131 + /* 132 + * Note: this assumes that the arm implementation of the AES library 133 + * stores the standard round keys in k.rndkeys. 134 + */ 130 135 kernel_neon_begin(); 131 - aesbs_convert_key(ctx->key.rk, ctx->fallback.key_enc, ctx->key.rounds); 136 + aesbs_convert_key(ctx->key.rk, ctx->fallback.k.rndkeys, 137 + ctx->key.rounds); 132 138 kernel_neon_end(); 133 139 134 140 return 0; ··· 156 152 157 153 do { 158 154 crypto_xor_cpy(dst, src, prev, AES_BLOCK_SIZE); 159 - __aes_arm_encrypt(ctx->fallback.key_enc, 160 - ctx->key.rounds, dst, dst); 155 + aes_encrypt(&ctx->fallback, dst, dst); 161 156 prev = dst; 162 157 src += AES_BLOCK_SIZE; 163 158 dst += AES_BLOCK_SIZE; ··· 242 239 return err; 243 240 244 241 key_len /= 2; 245 - err = aes_expandkey(&ctx->fallback, in_key, key_len); 242 + err = aes_preparekey(&ctx->fallback, in_key, key_len); 246 243 if (err) 247 244 return err; 248 - err = aes_expandkey(&ctx->tweak_key, in_key + key_len, key_len); 245 + err = aes_prepareenckey(&ctx->tweak_key, in_key + key_len, key_len); 249 246 if (err) 250 247 return err; 251 248 ··· 282 279 if (err) 283 280 return err; 284 281 285 - __aes_arm_encrypt(ctx->tweak_key.key_enc, rounds, walk.iv, walk.iv); 282 + aes_encrypt(&ctx->tweak_key, walk.iv, walk.iv); 286 283 287 284 while (walk.nbytes >= AES_BLOCK_SIZE) { 288 285 unsigned int blocks = walk.nbytes / AES_BLOCK_SIZE; ··· 314 311 crypto_xor(buf, req->iv, AES_BLOCK_SIZE); 315 312 316 313 if (encrypt) 317 - __aes_arm_encrypt(ctx->fallback.key_enc, rounds, buf, buf); 314 + aes_encrypt(&ctx->fallback, buf, buf); 318 315 else 319 - __aes_arm_decrypt(ctx->fallback.key_dec, rounds, buf, buf); 316 + aes_decrypt(&ctx->fallback, buf, buf); 320 317 321 318 crypto_xor(buf, req->iv, AES_BLOCK_SIZE); 322 319

Configure Feed

Configure Feed