From: Eric Biggers <ebiggers@kernel.org>
To: Qingfang Deng <dqfext@gmail.com>
Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
Ard Biesheuvel <ardb@kernel.org>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
linux-arm-kernel@lists.infradead.org,
linuxppc-dev@lists.ozlabs.org, linux-riscv@lists.infradead.org,
linux-s390@vger.kernel.org, sparclinux@vger.kernel.org,
x86@kernel.org, Holger Dengler <dengler@linux.ibm.com>,
Harald Freudenberger <freude@linux.ibm.com>
Subject: Re: [PATCH 30/36] crypto: inside-secure - Use new AES library API
Date: Tue, 6 Jan 2026 20:01:28 -0800 [thread overview]
Message-ID: <20260107040128.GC2283@sol> (raw)
In-Reply-To: <20260107034834.1447-1-dqfext@gmail.com>
On Wed, Jan 07, 2026 at 11:48:33AM +0800, Qingfang Deng wrote:
> On Sun, 4 Jan 2026 21:13:03 -0800, Eric Biggers wrote:
> > --- a/drivers/crypto/inside-secure/safexcel_cipher.c
> > +++ b/drivers/crypto/inside-secure/safexcel_cipher.c
> > @@ -2505,37 +2505,35 @@ static int safexcel_aead_gcm_setkey(struct crypto_aead *ctfm, const u8 *key,
> > unsigned int len)
> > {
> > struct crypto_tfm *tfm = crypto_aead_tfm(ctfm);
> > struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
> > struct safexcel_crypto_priv *priv = ctx->base.priv;
> > - struct crypto_aes_ctx aes;
> > + struct aes_enckey aes;
> > u32 hashkey[AES_BLOCK_SIZE >> 2];
> > int ret, i;
> >
> > - ret = aes_expandkey(&aes, key, len);
> > - if (ret) {
> > - memzero_explicit(&aes, sizeof(aes));
> > + ret = aes_prepareenckey(&aes, key, len);
> > + if (ret)
> > return ret;
> > - }
> >
> > if (priv->flags & EIP197_TRC_CACHE && ctx->base.ctxr_dma) {
> > for (i = 0; i < len / sizeof(u32); i++) {
> > - if (le32_to_cpu(ctx->key[i]) != aes.key_enc[i]) {
> > + if (ctx->key[i] != get_unaligned((__le32 *)key + i)) {
>
> "key" is big-endian. Casting it to __le32 does not seem correct.
> Did you mean "get_unaligned_le32", which also convert the endianness?
No. Previously, in this driver the 32-bit words of the AES key went
from little endian in their original byte array in 'key', to CPU endian
in 'aes.key_enc' (via the get_unaligned_le32() in aes_expandkey()), to
little endian in 'ctx->key' (via the cpu_to_le32() in this function).
Note that ctx->key is an array of __le32.
Those two conversions canceled out. So I've simplified it to just grab
the little endian words of the key directly.
- Eric
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: Qingfang Deng <dqfext@gmail.com>
Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
Ard Biesheuvel <ardb@kernel.org>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
linux-arm-kernel@lists.infradead.org,
linuxppc-dev@lists.ozlabs.org, linux-riscv@lists.infradead.org,
linux-s390@vger.kernel.org, sparclinux@vger.kernel.org,
x86@kernel.org, Holger Dengler <dengler@linux.ibm.com>,
Harald Freudenberger <freude@linux.ibm.com>
Subject: Re: [PATCH 30/36] crypto: inside-secure - Use new AES library API
Date: Tue, 6 Jan 2026 20:01:28 -0800 [thread overview]
Message-ID: <20260107040128.GC2283@sol> (raw)
In-Reply-To: <20260107034834.1447-1-dqfext@gmail.com>
On Wed, Jan 07, 2026 at 11:48:33AM +0800, Qingfang Deng wrote:
> On Sun, 4 Jan 2026 21:13:03 -0800, Eric Biggers wrote:
> > --- a/drivers/crypto/inside-secure/safexcel_cipher.c
> > +++ b/drivers/crypto/inside-secure/safexcel_cipher.c
> > @@ -2505,37 +2505,35 @@ static int safexcel_aead_gcm_setkey(struct crypto_aead *ctfm, const u8 *key,
> > unsigned int len)
> > {
> > struct crypto_tfm *tfm = crypto_aead_tfm(ctfm);
> > struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
> > struct safexcel_crypto_priv *priv = ctx->base.priv;
> > - struct crypto_aes_ctx aes;
> > + struct aes_enckey aes;
> > u32 hashkey[AES_BLOCK_SIZE >> 2];
> > int ret, i;
> >
> > - ret = aes_expandkey(&aes, key, len);
> > - if (ret) {
> > - memzero_explicit(&aes, sizeof(aes));
> > + ret = aes_prepareenckey(&aes, key, len);
> > + if (ret)
> > return ret;
> > - }
> >
> > if (priv->flags & EIP197_TRC_CACHE && ctx->base.ctxr_dma) {
> > for (i = 0; i < len / sizeof(u32); i++) {
> > - if (le32_to_cpu(ctx->key[i]) != aes.key_enc[i]) {
> > + if (ctx->key[i] != get_unaligned((__le32 *)key + i)) {
>
> "key" is big-endian. Casting it to __le32 does not seem correct.
> Did you mean "get_unaligned_le32", which also convert the endianness?
No. Previously, in this driver the 32-bit words of the AES key went
from little endian in their original byte array in 'key', to CPU endian
in 'aes.key_enc' (via the get_unaligned_le32() in aes_expandkey()), to
little endian in 'ctx->key' (via the cpu_to_le32() in this function).
Note that ctx->key is an array of __le32.
Those two conversions canceled out. So I've simplified it to just grab
the little endian words of the key directly.
- Eric
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2026-01-07 4:01 UTC|newest]
Thread overview: 102+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-05 5:12 [PATCH 00/36] AES library improvements Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 01/36] crypto: powerpc/aes - Rename struct aes_key Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 02/36] lib/crypto: aes: Introduce improved AES library Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 7:47 ` Qingfang Deng
2026-01-05 7:47 ` Qingfang Deng
2026-01-06 6:36 ` Eric Biggers
2026-01-06 6:36 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 03/36] crypto: arm/aes-neonbs - Use AES library for single blocks Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 04/36] crypto: arm/aes - Switch to aes_enc_tab[] and aes_dec_tab[] Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 05/36] crypto: arm64/aes " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 06/36] crypto: arm64/aes - Select CRYPTO_LIB_SHA256 from correct places Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 07/36] crypto: aegis - Switch from crypto_ft_tab[] to aes_enc_tab[] Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 08/36] crypto: aes - Remove aes-fixed-time / CONFIG_CRYPTO_AES_TI Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 09/36] crypto: aes - Replace aes-generic with wrapper around lib Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 10/36] lib/crypto: arm/aes: Migrate optimized code into library Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 11/36] lib/crypto: arm64/aes: " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 12/36] lib/crypto: powerpc/aes: Migrate SPE " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 13/36] lib/crypto: powerpc/aes: Migrate POWER8 " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 14/36] lib/crypto: riscv/aes: Migrate " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 15/36] lib/crypto: s390/aes: " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-07 7:41 ` Holger Dengler
2026-01-07 7:41 ` Holger Dengler
2026-01-07 20:34 ` Eric Biggers
2026-01-07 20:34 ` Eric Biggers
2026-01-14 12:12 ` Holger Dengler
2026-01-14 12:12 ` Holger Dengler
2026-01-05 5:12 ` [PATCH 16/36] lib/crypto: sparc/aes: " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 17/36] lib/crypto: x86/aes: Add AES-NI optimization Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 18/36] crypto: x86/aes - Remove the superseded AES-NI crypto_cipher Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 19/36] Bluetooth: SMP: Use new AES library API Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 15:40 ` Andrew Cooper
2026-01-05 15:40 ` Andrew Cooper
2026-01-05 19:05 ` David Laight
2026-01-05 19:05 ` David Laight
2026-01-06 6:58 ` Eric Biggers
2026-01-06 6:58 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 20/36] chelsio: " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 21/36] net: phy: mscc: macsec: " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 22/36] staging: rtl8723bs: core: " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 23/36] crypto: arm/ghash - " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 24/36] crypto: arm64/ghash " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 25/36] crypto: x86/aes-gcm " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 26/36] crypto: ccp " Eric Biggers
2026-01-05 5:12 ` Eric Biggers
2026-01-05 5:13 ` [PATCH 27/36] crypto: chelsio " Eric Biggers
2026-01-05 5:13 ` Eric Biggers
2026-01-05 5:13 ` [PATCH 28/36] crypto: crypto4xx " Eric Biggers
2026-01-05 5:13 ` Eric Biggers
2026-01-05 5:13 ` [PATCH 29/36] crypto: drbg " Eric Biggers
2026-01-05 5:13 ` Eric Biggers
2026-01-05 5:13 ` [PATCH 30/36] crypto: inside-secure " Eric Biggers
2026-01-05 5:13 ` Eric Biggers
2026-01-07 3:48 ` Qingfang Deng
2026-01-07 3:48 ` Qingfang Deng
2026-01-07 4:01 ` Eric Biggers [this message]
2026-01-07 4:01 ` Eric Biggers
2026-01-05 5:13 ` [PATCH 31/36] crypto: omap " Eric Biggers
2026-01-05 5:13 ` Eric Biggers
2026-01-05 5:13 ` [PATCH 32/36] lib/crypto: aescfb: " Eric Biggers
2026-01-05 5:13 ` Eric Biggers
2026-01-05 5:13 ` [PATCH 33/36] lib/crypto: aesgcm: " Eric Biggers
2026-01-05 5:13 ` Eric Biggers
2026-01-05 5:13 ` [PATCH 34/36] lib/crypto: aes: Remove old AES en/decryption functions Eric Biggers
2026-01-05 5:13 ` Eric Biggers
2026-01-05 5:13 ` [PATCH 35/36] lib/crypto: aes: Drop "_new" suffix from " Eric Biggers
2026-01-05 5:13 ` Eric Biggers
2026-01-05 5:13 ` [PATCH 36/36] lib/crypto: aes: Drop 'volatile' from aes_sbox and aes_inv_sbox Eric Biggers
2026-01-05 5:13 ` Eric Biggers
2026-01-08 11:32 ` [PATCH 00/36] AES library improvements Ard Biesheuvel
2026-01-08 11:32 ` Ard Biesheuvel
2026-01-08 20:26 ` Eric Biggers
2026-01-08 20:26 ` Eric Biggers
2026-01-09 1:27 ` Eric Biggers
2026-01-09 1:27 ` Eric Biggers
2026-01-09 9:08 ` Ard Biesheuvel
2026-01-09 9:08 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260107040128.GC2283@sol \
--to=ebiggers@kernel.org \
--cc=Jason@zx2c4.com \
--cc=ardb@kernel.org \
--cc=dengler@linux.ibm.com \
--cc=dqfext@gmail.com \
--cc=freude@linux.ibm.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=linux-s390@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=sparclinux@vger.kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.