From: Peter Zijlstra <peterz@infradead.org>
To: Dave Hansen <dave.hansen@intel.com>
Cc: "Chang S. Bae" <chang.seok.bae@intel.com>,
tglx@linutronix.de, mingo@kernel.org, bp@suse.de,
luto@kernel.org, x86@kernel.org, herbert@gondor.apana.org.au,
dan.j.williams@intel.com, ravi.v.shankar@intel.com,
ning.sun@intel.com, kumar.n.dwarakanath@intel.com,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [NEEDS-REVIEW] [RFC PATCH 7/8] crypto: x86/aes-kl - Support AES algorithm using Key Locker instructions
Date: Fri, 18 Dec 2020 10:56:07 +0100 [thread overview]
Message-ID: <20201218095607.GD3021@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <8353acb0-03cf-a334-b505-416e0fc58b63@intel.com>
On Thu, Dec 17, 2020 at 12:58:34PM -0800, Dave Hansen wrote:
> On 12/16/20 9:41 AM, Chang S. Bae wrote:
> > +config CRYPTO_AES_KL
> > + tristate "AES cipher algorithms (AES-KL)"
> > + depends on X86_KEYLOCKER
> > + select CRYPTO_AES_NI_INTEL
> > + help
> > + Use AES Key Locker instructions for AES algorithm.
> > +
> > + AES cipher algorithms (FIPS-197). AES uses the Rijndael
> > + algorithm.
> > +
> > + Rijndael appears to be consistently a very good performer in both
> > + hardware and software across a wide range of computing
> > + environments regardless of its use in feedback or non-feedback
> > + modes. Its key setup time is excellent, and its key agility is
> > + good. Rijndael's very low memory requirements make it very well
> > + suited for restricted-space environments, in which it also
> > + demonstrates excellent performance. Rijndael's operations are
> > + among the easiest to defend against power and timing attacks.
> > +
> > + The AES specifies three key sizes: 128, 192 and 256 bits
> > +
> > + See <http://csrc.nist.gov/encryption/aes/> for more information.
> > +
It's direct copy-pasta from CRYPTO_AES_NI_INTEL until about here.
> > + For 128- and 256-bit keys, the AES cipher algorithm is
> > + implemented by AES Key Locker instructions. This implementation
> > + does not need an AES key once wrapped to an encoded form. For AES
> > + compliance, 192-bit is processed by AES-NI instructions.
>
> Giving a history lesson and high-level overview of AES doesn't quite
> seem appropriate here, unless this is the first the kernel has seen of AES.
And the new bits aren't really enlightening either, as you point out.
next prev parent reply other threads:[~2020-12-18 9:57 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-16 17:41 [RFC PATCH 0/8] x86: Support Intel Key Locker Chang S. Bae
2020-12-16 17:41 ` [RFC PATCH 1/8] x86/cpufeature: Enumerate Key Locker feature Chang S. Bae
2020-12-16 17:41 ` [RFC PATCH 2/8] x86/cpu: Load Key Locker internal key at boot-time Chang S. Bae
2020-12-16 17:41 ` [RFC PATCH 3/8] x86/msr-index: Add MSRs for Key Locker internal key Chang S. Bae
2020-12-16 17:41 ` [RFC PATCH 4/8] x86/power: Restore Key Locker internal key from the ACPI S3/4 sleep states Chang S. Bae
2020-12-17 19:10 ` Eric Biggers
2020-12-18 1:00 ` Bae, Chang Seok
2021-01-28 10:34 ` Rafael J. Wysocki
2021-01-28 16:10 ` Bae, Chang Seok
2020-12-16 17:41 ` [RFC PATCH 5/8] x86/cpu: Add a config option and a chicken bit for Key Locker Chang S. Bae
2020-12-16 17:41 ` [RFC PATCH 6/8] selftests/x86: Test Key Locker internal key maintenance Chang S. Bae
2020-12-18 9:59 ` Peter Zijlstra
2020-12-18 10:43 ` Bae, Chang Seok
2020-12-16 17:41 ` [RFC PATCH 7/8] crypto: x86/aes-kl - Support AES algorithm using Key Locker instructions Chang S. Bae
2020-12-17 10:16 ` Ard Biesheuvel
2021-05-14 20:36 ` Bae, Chang Seok
2020-12-17 20:54 ` Andy Lutomirski
2021-05-14 20:48 ` Bae, Chang Seok
2020-12-17 20:58 ` [NEEDS-REVIEW] " Dave Hansen
2020-12-18 9:56 ` Peter Zijlstra [this message]
2020-12-18 10:11 ` Peter Zijlstra
2020-12-18 10:34 ` Bae, Chang Seok
2020-12-18 11:00 ` Borislav Petkov
2020-12-18 14:33 ` Peter Zijlstra
2020-12-16 17:41 ` [RFC PATCH 8/8] x86/cpu: Support the hardware randomization option for Key Locker internal key Chang S. Bae
2020-12-17 19:10 ` [RFC PATCH 0/8] x86: Support Intel Key Locker Eric Biggers
2020-12-17 20:07 ` Dan Williams
2020-12-18 1:08 ` Bae, Chang Seok
2020-12-19 18:59 ` Andy Lutomirski
2020-12-22 19:03 ` Bae, Chang Seok
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201218095607.GD3021@hirez.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=bp@suse.de \
--cc=chang.seok.bae@intel.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@intel.com \
--cc=herbert@gondor.apana.org.au \
--cc=kumar.n.dwarakanath@intel.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@kernel.org \
--cc=ning.sun@intel.com \
--cc=ravi.v.shankar@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.