crypto: arm64/aes-ce - switch to library version of key expansion routine

Switch to the new AES library that also provides an implementation of
the AES key expansion routine. This removes the dependency on the
generic AES cipher, allowing it to be omitted entirely in the future.

While at it, remove some references to the table based arm64 version
of AES and replace them with AES library calls as well.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/arch/arm64/crypto/Kconfig b/arch/arm64/crypto/Kconfig
index 17bf5dc..66dea51 100644 (file)
--- a/arch/arm64/crypto/Kconfig
+++ b/arch/arm64/crypto/Kconfig
@@ -96,7 +96,7 @@ config CRYPTO_AES_ARM64_NEON_BLK
        depends on KERNEL_MODE_NEON
        select CRYPTO_BLKCIPHER
        select CRYPTO_AES_ARM64
-       select CRYPTO_AES
+       select CRYPTO_LIB_AES
        select CRYPTO_SIMD
 
 config CRYPTO_CHACHA20_NEON

diff --git a/arch/arm64/crypto/aes-glue.c b/arch/arm64/crypto/aes-glue.c
index 8d6c893..843fb27 100644 (file)
--- a/arch/arm64/crypto/aes-glue.c
+++ b/arch/arm64/crypto/aes-glue.c
@@ -23,7 +23,6 @@
 #ifdef USE_V8_CRYPTO_EXTENSIONS
 #define MODE                   "ce"
 #define PRIO                   300
-#define aes_setkey             ce_aes_setkey
 #define aes_expandkey          ce_aes_expandkey
 #define aes_ecb_encrypt                ce_aes_ecb_encrypt
 #define aes_ecb_decrypt                ce_aes_ecb_decrypt
@@ -39,8 +38,6 @@ MODULE_DESCRIPTION("AES-ECB/CBC/CTR/XTS using ARMv8 Crypto Extensions");
 #else
 #define MODE                   "neon"
 #define PRIO                   200
-#define aes_setkey             crypto_aes_set_key
-#define aes_expandkey          crypto_aes_expand_key
 #define aes_ecb_encrypt                neon_aes_ecb_encrypt
 #define aes_ecb_decrypt                neon_aes_ecb_decrypt
 #define aes_cbc_encrypt                neon_aes_cbc_encrypt
@@ -118,7 +115,14 @@ struct mac_desc_ctx {
 static int skcipher_aes_setkey(struct crypto_skcipher *tfm, const u8 *in_key,
                               unsigned int key_len)
 {
-       return aes_setkey(crypto_skcipher_tfm(tfm), in_key, key_len);
+       struct crypto_aes_ctx *ctx = crypto_skcipher_ctx(tfm);
+       int ret;
+
+       ret = aes_expandkey(ctx, in_key, key_len);
+       if (ret)
+               crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
+
+       return ret;
 }
 
 static int xts_set_key(struct crypto_skcipher *tfm, const u8 *in_key,
@@ -646,15 +650,14 @@ static void mac_do_update(struct crypto_aes_ctx *ctx, u8 const in[], int blocks,
                kernel_neon_end();
        } else {
                if (enc_before)
-                       __aes_arm64_encrypt(ctx->key_enc, dg, dg, rounds);
+                       aes_encrypt(ctx, dg, dg);
 
                while (blocks--) {
                        crypto_xor(dg, in, AES_BLOCK_SIZE);
                        in += AES_BLOCK_SIZE;
 
                        if (blocks || enc_after)
-                               __aes_arm64_encrypt(ctx->key_enc, dg, dg,
-                                                   rounds);
+                               aes_encrypt(ctx, dg, dg);
                }
        }
 }