From: Ard Biesheuvel <ardb@kernel.org> To: linux-crypto@vger.kernel.org Cc: "Eric Biggers" <ebiggers@google.com>, "Corentin Labbe" <clabbe.montjoie@gmail.com>, "Ayush Sawal" <ayush.sawal@chelsio.com>, "Jamie Iles" <jamie@jamieiles.com>, "Fabio Estevam" <festevam@gmail.com>, "Ard Biesheuvel" <ardb@kernel.org>, "Herbert Xu" <herbert@gondor.apana.org.au>, "Horia Geantă" <horia.geanta@nxp.com>, "Rohit Maheshwari" <rohitm@chelsio.com>, "Chen-Yu Tsai" <wens@csie.org>, "Corentin Labbe" <clabbe@baylibre.com>, "NXP Linux Team" <linux-imx@nxp.com>, "Tom Lendacky" <thomas.lendacky@amd.com>, "Sascha Hauer" <s.hauer@pengutronix.de>, "Vinay Kumar Yadav" <vinay.yadav@chelsio.com>, "Maxime Ripard" <mripard@kernel.org>, "Matthias Brugger" <matthias.bgg@gmail.com>, linux-amlogic@lists.infradead.org, linux-omap@vger.kernel.org, linux-arm-kernel@lists.infradead.org, "John Allen" <john.allen@amd.com>, "Tero Kristo" <t-kristo@ti.com>, "Pengutronix Kernel Team" <kernel@pengutronix.de>, "Shawn Guo" <shawnguo@kernel.org>, "David S. Miller" <davem@davemloft.net> Subject: [PATCH v4 13/13] crypto: mediatek - use AES library for GCM key derivation Date: Tue, 7 Jul 2020 09:32:03 +0300 Message-ID: <20200707063203.5018-14-ardb@kernel.org> (raw) In-Reply-To: <20200707063203.5018-1-ardb@kernel.org> The Mediatek accelerator driver calls into a dynamically allocated skcipher of the ctr(aes) variety to perform GCM key derivation, which involves AES encryption of a single block consisting of NUL bytes. There is no point in using the skcipher API for this, so use the AES library interface instead. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> --- drivers/crypto/Kconfig | 3 +- drivers/crypto/mediatek/mtk-aes.c | 63 +++----------------- 2 files changed, 9 insertions(+), 57 deletions(-) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 7bc58bf99703..585ad584e421 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -758,10 +758,9 @@ config CRYPTO_DEV_ZYNQMP_AES config CRYPTO_DEV_MEDIATEK tristate "MediaTek's EIP97 Cryptographic Engine driver" depends on (ARM && ARCH_MEDIATEK) || COMPILE_TEST - select CRYPTO_AES + select CRYPTO_LIB_AES select CRYPTO_AEAD select CRYPTO_SKCIPHER - select CRYPTO_CTR select CRYPTO_SHA1 select CRYPTO_SHA256 select CRYPTO_SHA512 diff --git a/drivers/crypto/mediatek/mtk-aes.c b/drivers/crypto/mediatek/mtk-aes.c index 78d660d963e2..4ad3571ab6af 100644 --- a/drivers/crypto/mediatek/mtk-aes.c +++ b/drivers/crypto/mediatek/mtk-aes.c @@ -137,8 +137,6 @@ struct mtk_aes_gcm_ctx { u32 authsize; size_t textlen; - - struct crypto_skcipher *ctr; }; struct mtk_aes_drv { @@ -996,17 +994,8 @@ static int mtk_aes_gcm_setkey(struct crypto_aead *aead, const u8 *key, u32 keylen) { struct mtk_aes_base_ctx *ctx = crypto_aead_ctx(aead); - struct mtk_aes_gcm_ctx *gctx = mtk_aes_gcm_ctx_cast(ctx); - struct crypto_skcipher *ctr = gctx->ctr; - struct { - u32 hash[4]; - u8 iv[8]; - - struct crypto_wait wait; - - struct scatterlist sg[1]; - struct skcipher_request req; - } *data; + u8 hash[AES_BLOCK_SIZE] __aligned(4) = {}; + struct crypto_aes_ctx aes_ctx; int err; switch (keylen) { @@ -1026,39 +1015,18 @@ static int mtk_aes_gcm_setkey(struct crypto_aead *aead, const u8 *key, ctx->keylen = SIZE_IN_WORDS(keylen); - /* Same as crypto_gcm_setkey() from crypto/gcm.c */ - crypto_skcipher_clear_flags(ctr, CRYPTO_TFM_REQ_MASK); - crypto_skcipher_set_flags(ctr, crypto_aead_get_flags(aead) & - CRYPTO_TFM_REQ_MASK); - err = crypto_skcipher_setkey(ctr, key, keylen); + err = aes_expandkey(&aes_ctx, key, keylen); if (err) return err; - data = kzalloc(sizeof(*data) + crypto_skcipher_reqsize(ctr), - GFP_KERNEL); - if (!data) - return -ENOMEM; - - crypto_init_wait(&data->wait); - sg_init_one(data->sg, &data->hash, AES_BLOCK_SIZE); - skcipher_request_set_tfm(&data->req, ctr); - skcipher_request_set_callback(&data->req, CRYPTO_TFM_REQ_MAY_SLEEP | - CRYPTO_TFM_REQ_MAY_BACKLOG, - crypto_req_done, &data->wait); - skcipher_request_set_crypt(&data->req, data->sg, data->sg, - AES_BLOCK_SIZE, data->iv); - - err = crypto_wait_req(crypto_skcipher_encrypt(&data->req), - &data->wait); - if (err) - goto out; + aes_encrypt(&aes_ctx, hash, hash); + memzero_explicit(&aes_ctx, sizeof(aes_ctx)); mtk_aes_write_state_le(ctx->key, (const u32 *)key, keylen); - mtk_aes_write_state_be(ctx->key + ctx->keylen, data->hash, + mtk_aes_write_state_be(ctx->key + ctx->keylen, (const u32 *)hash, AES_BLOCK_SIZE); -out: - kzfree(data); - return err; + + return 0; } static int mtk_aes_gcm_setauthsize(struct crypto_aead *aead, @@ -1095,32 +1063,17 @@ static int mtk_aes_gcm_init(struct crypto_aead *aead) { struct mtk_aes_gcm_ctx *ctx = crypto_aead_ctx(aead); - ctx->ctr = crypto_alloc_skcipher("ctr(aes)", 0, - CRYPTO_ALG_ASYNC); - if (IS_ERR(ctx->ctr)) { - pr_err("Error allocating ctr(aes)\n"); - return PTR_ERR(ctx->ctr); - } - crypto_aead_set_reqsize(aead, sizeof(struct mtk_aes_reqctx)); ctx->base.start = mtk_aes_gcm_start; return 0; } -static void mtk_aes_gcm_exit(struct crypto_aead *aead) -{ - struct mtk_aes_gcm_ctx *ctx = crypto_aead_ctx(aead); - - crypto_free_skcipher(ctx->ctr); -} - static struct aead_alg aes_gcm_alg = { .setkey = mtk_aes_gcm_setkey, .setauthsize = mtk_aes_gcm_setauthsize, .encrypt = mtk_aes_gcm_encrypt, .decrypt = mtk_aes_gcm_decrypt, .init = mtk_aes_gcm_init, - .exit = mtk_aes_gcm_exit, .ivsize = GCM_AES_IV_SIZE, .maxauthsize = AES_BLOCK_SIZE, -- 2.17.1 _______________________________________________ linux-amlogic mailing list linux-amlogic@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-amlogic
next prev parent reply index Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-07-07 6:31 [PATCH v4 00/13] crypto: permit asynchronous skciphers as driver fallbacks Ard Biesheuvel 2020-07-07 6:31 ` [PATCH v4 01/13] crypto: amlogic-gxl - default to build as module Ard Biesheuvel 2020-07-07 6:31 ` [PATCH v4 02/13] crypto: amlogic-gxl - permit async skcipher as fallback Ard Biesheuvel 2020-07-07 6:31 ` [PATCH v4 03/13] crypto: omap-aes - permit asynchronous " Ard Biesheuvel 2020-07-07 6:31 ` [PATCH v4 04/13] crypto: sun4i " Ard Biesheuvel 2020-07-07 6:31 ` [PATCH v4 05/13] crypto: sun8i-ce " Ard Biesheuvel 2020-07-08 7:53 ` Corentin Labbe 2020-07-07 6:31 ` [PATCH v4 06/13] crypto: sun8i-ss " Ard Biesheuvel 2020-07-07 6:31 ` [PATCH v4 07/13] crypto: ccp " Ard Biesheuvel 2020-07-07 20:04 ` John Allen 2020-07-07 6:31 ` [PATCH v4 08/13] crypto: chelsio " Ard Biesheuvel 2020-07-07 6:31 ` [PATCH v4 09/13] crypto: mxs-dcp " Ard Biesheuvel 2020-07-07 6:32 ` [PATCH v4 10/13] crypto: picoxcell " Ard Biesheuvel 2020-07-07 6:32 ` [PATCH v4 11/13] crypto: qce " Ard Biesheuvel 2020-07-07 6:32 ` [PATCH v4 12/13] crypto: sahara " Ard Biesheuvel 2020-07-07 6:32 ` Ard Biesheuvel [this message] 2020-07-16 11:53 ` [PATCH v4 00/13] crypto: permit asynchronous skciphers as driver fallbacks Herbert Xu 2020-08-17 17:48 ` patchwork-bot+linux-amlogic
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200707063203.5018-14-ardb@kernel.org \ --to=ardb@kernel.org \ --cc=ayush.sawal@chelsio.com \ --cc=clabbe.montjoie@gmail.com \ --cc=clabbe@baylibre.com \ --cc=davem@davemloft.net \ --cc=ebiggers@google.com \ --cc=festevam@gmail.com \ --cc=herbert@gondor.apana.org.au \ --cc=horia.geanta@nxp.com \ --cc=jamie@jamieiles.com \ --cc=john.allen@amd.com \ --cc=kernel@pengutronix.de \ --cc=linux-amlogic@lists.infradead.org \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-crypto@vger.kernel.org \ --cc=linux-imx@nxp.com \ --cc=linux-omap@vger.kernel.org \ --cc=matthias.bgg@gmail.com \ --cc=mripard@kernel.org \ --cc=rohitm@chelsio.com \ --cc=s.hauer@pengutronix.de \ --cc=shawnguo@kernel.org \ --cc=t-kristo@ti.com \ --cc=thomas.lendacky@amd.com \ --cc=vinay.yadav@chelsio.com \ --cc=wens@csie.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
Linux-Amlogic Archive on lore.kernel.org Archives are clonable: git clone --mirror https://lore.kernel.org/linux-amlogic/0 linux-amlogic/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 linux-amlogic linux-amlogic/ https://lore.kernel.org/linux-amlogic \ linux-amlogic@lists.infradead.org public-inbox-index linux-amlogic Example config snippet for mirrors Newsgroup available over NNTP: nntp://nntp.lore.kernel.org/org.infradead.lists.linux-amlogic AGPL code for this site: git clone https://public-inbox.org/public-inbox.git