[PATCH 20/36] chelsio: Use new AES library API
From: Eric Biggers <ebiggers@kernel.org>
Date: 2026-01-05 05:15:04
Also in:
linux-arm-kernel, linux-crypto, linux-riscv, linux-s390, lkml, sparclinux
Subsystem:
cxgb4 inline crypto driver, networking drivers, the rest · Maintainers:
Ayush Sawal, Andrew Lunn, "David S. Miller", Eric Dumazet, Jakub Kicinski, Paolo Abeni, Linus Torvalds
Switch from the old AES library functions (which use struct crypto_aes_ctx) to the new ones (which use struct aes_enckey). This eliminates the unnecessary computation and caching of the decryption round keys. The new AES en/decryption functions are also much faster and use AES instructions when supported by the CPU. Note: aes_encrypt_new() will be renamed to aes_encrypt() once all callers of the old aes_encrypt() have been updated. Signed-off-by: Eric Biggers <ebiggers@kernel.org> --- .../ethernet/chelsio/inline_crypto/ch_ipsec/chcr_ipsec.c | 6 +++--- .../ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c | 8 ++++---- .../net/ethernet/chelsio/inline_crypto/chtls/chtls_hw.c | 6 +++--- 3 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/ch_ipsec/chcr_ipsec.c b/drivers/net/ethernet/chelsio/inline_crypto/ch_ipsec/chcr_ipsec.c
index 49b57bb5fac1..882d09b2b1a8 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/ch_ipsec/chcr_ipsec.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/ch_ipsec/chcr_ipsec.c@@ -168,11 +168,11 @@ static int ch_ipsec_setkey(struct xfrm_state *x, { int keylen = (x->aead->alg_key_len + 7) / 8; unsigned char *key = x->aead->alg_key; int ck_size, key_ctx_size = 0; unsigned char ghash_h[AEAD_H_SIZE]; - struct crypto_aes_ctx aes; + struct aes_enckey aes; int ret = 0; if (keylen > 3) { keylen -= 4; /* nonce/salt is present in the last 4 bytes */ memcpy(sa_entry->salt, key + keylen, 4);
@@ -202,17 +202,17 @@ static int ch_ipsec_setkey(struct xfrm_state *x, key_ctx_size >> 4); /* Calculate the H = CIPH(K, 0 repeated 16 times). * It will go in key context */ - ret = aes_expandkey(&aes, key, keylen); + ret = aes_prepareenckey(&aes, key, keylen); if (ret) { sa_entry->enckey_len = 0; goto out; } memset(ghash_h, 0, AEAD_H_SIZE); - aes_encrypt(&aes, ghash_h, ghash_h); + aes_encrypt_new(&aes, ghash_h, ghash_h); memzero_explicit(&aes, sizeof(aes)); memcpy(sa_entry->key + (DIV_ROUND_UP(sa_entry->enckey_len, 16) * 16), ghash_h, AEAD_H_SIZE); sa_entry->kctx_len = ((DIV_ROUND_UP(sa_entry->enckey_len, 16)) << 4) +
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c b/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c
index 4e2096e49684..09c0687f911f 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c@@ -74,11 +74,11 @@ static int chcr_ktls_save_keys(struct chcr_ktls_info *tx_info, { int ck_size, key_ctx_size, mac_key_size, keylen, ghash_size, ret; unsigned char ghash_h[TLS_CIPHER_AES_GCM_256_TAG_SIZE]; struct tls12_crypto_info_aes_gcm_128 *info_128_gcm; struct ktls_key_ctx *kctx = &tx_info->key_ctx; - struct crypto_aes_ctx aes_ctx; + struct aes_enckey aes; unsigned char *key, *salt; switch (crypto_info->cipher_type) { case TLS_CIPHER_AES_GCM_128: info_128_gcm =
@@ -136,17 +136,17 @@ static int chcr_ktls_save_keys(struct chcr_ktls_info *tx_info, roundup(keylen, 16) + ghash_size; /* Calculate the H = CIPH(K, 0 repeated 16 times). * It will go in key context */ - ret = aes_expandkey(&aes_ctx, key, keylen); + ret = aes_prepareenckey(&aes, key, keylen); if (ret) goto out; memset(ghash_h, 0, ghash_size); - aes_encrypt(&aes_ctx, ghash_h, ghash_h); - memzero_explicit(&aes_ctx, sizeof(aes_ctx)); + aes_encrypt_new(&aes, ghash_h, ghash_h); + memzero_explicit(&aes, sizeof(aes)); /* fill the Key context */ if (direction == TLS_OFFLOAD_CTX_DIR_TX) { kctx->ctx_hdr = FILL_KEY_CTX_HDR(ck_size, mac_key_size,
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_hw.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_hw.c
index fab6df21f01c..be2b623957c0 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_hw.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_hw.c@@ -245,11 +245,11 @@ static int chtls_key_info(struct chtls_sock *csk, { unsigned char key[AES_MAX_KEY_SIZE]; unsigned char *key_p, *salt; unsigned char ghash_h[AEAD_H_SIZE]; int ck_size, key_ctx_size, kctx_mackey_size, salt_size; - struct crypto_aes_ctx aes; + struct aes_enckey aes; int ret; key_ctx_size = sizeof(struct _key_ctx) + roundup(keylen, 16) + AEAD_H_SIZE;
@@ -289,16 +289,16 @@ static int chtls_key_info(struct chtls_sock *csk, } /* Calculate the H = CIPH(K, 0 repeated 16 times). * It will go in key context */ - ret = aes_expandkey(&aes, key, keylen); + ret = aes_prepareenckey(&aes, key, keylen); if (ret) return ret; memset(ghash_h, 0, AEAD_H_SIZE); - aes_encrypt(&aes, ghash_h, ghash_h); + aes_encrypt_new(&aes, ghash_h, ghash_h); memzero_explicit(&aes, sizeof(aes)); csk->tlshws.keylen = key_ctx_size; /* Copy the Key context */ if (optname == TLS_RX) {
--
2.52.0