From: Eric Biggers <ebiggers@kernel.org>
To: Jerry Shih <jerry.shih@sifive.com>
Cc: paul.walmsley@sifive.com, palmer@dabbelt.com,
aou@eecs.berkeley.edu, herbert@gondor.apana.org.au,
davem@davemloft.net, andy.chiu@sifive.com,
greentime.hu@sifive.com, conor.dooley@microchip.com,
guoren@kernel.org, bjorn@rivosinc.com, heiko@sntech.de,
ardb@kernel.org, phoebe.chen@sifive.com, hongrong.hsu@sifive.com,
linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org,
linux-crypto@vger.kernel.org
Subject: Re: [PATCH 04/12] RISC-V: crypto: add Zvkned accelerated AES implementation
Date: Wed, 1 Nov 2023 21:51:54 -0700 [thread overview]
Message-ID: <20231102045154.GE1498@sol.localdomain> (raw)
In-Reply-To: <20231025183644.8735-5-jerry.shih@sifive.com>
On Thu, Oct 26, 2023 at 02:36:36AM +0800, Jerry Shih wrote:
> diff --git a/arch/riscv/crypto/Kconfig b/arch/riscv/crypto/Kconfig
> index 10d60edc0110..500938317e71 100644
> --- a/arch/riscv/crypto/Kconfig
> +++ b/arch/riscv/crypto/Kconfig
> @@ -2,4 +2,16 @@
>
> menu "Accelerated Cryptographic Algorithms for CPU (riscv)"
>
> +config CRYPTO_AES_RISCV64
> + default y if RISCV_ISA_V
> + tristate "Ciphers: AES"
> + depends on 64BIT && RISCV_ISA_V
> + select CRYPTO_AES
> + select CRYPTO_ALGAPI
> + help
> + Block ciphers: AES cipher algorithms (FIPS-197)
> +
> + Architecture: riscv64 using:
> + - Zvkned vector crypto extension
kconfig options should default to off.
I.e., remove the line "default y if RISCV_ISA_V"
> + *
> + * All zvkned-based functions use encryption expending keys for both encryption
> + * and decryption.
> + */
The above comment is a bit confusing. It's describing the 'key' field of struct
aes_key; maybe there should be a comment there instead:
struct aes_key {
u32 key[AES_MAX_KEYLENGTH_U32]; /* round keys in encryption order */
u32 rounds;
};
> +int riscv64_aes_setkey(struct riscv64_aes_ctx *ctx, const u8 *key,
> + unsigned int keylen)
> +{
> + /*
> + * The RISC-V AES vector crypto key expending doesn't support AES-192.
> + * We just use the generic software key expending here to simplify the key
> + * expending flow.
> + */
expending => expanding
> + u32 aes_rounds;
> + u32 key_length;
> + int ret;
> +
> + ret = aes_expandkey(&ctx->fallback_ctx, key, keylen);
> + if (ret < 0)
> + return -EINVAL;
> +
> + /*
> + * Copy the key from `crypto_aes_ctx` to `aes_key` for zvkned-based AES
> + * implementations.
> + */
> + aes_rounds = aes_round_num(keylen);
> + ctx->key.rounds = aes_rounds;
> + key_length = AES_BLOCK_SIZE * (aes_rounds + 1);
> + memcpy(ctx->key.key, ctx->fallback_ctx.key_enc, key_length);
> +
> + return 0;
> +}
Ideally this would use the same crypto_aes_ctx for both the fallback and the
assembly code. I suppose we don't want to diverge from the OpenSSL code (unless
it gets rewritten), though. So I guess this is fine for now.
> void riscv64_aes_encrypt_zvkned(const struct riscv64_aes_ctx *ctx, u8 *dst,
> const u8 *src)
These functions can be called from a different module (aes-block-riscv64), so
they need EXPORT_SYMBOL_GPL.
> +static inline bool check_aes_ext(void)
> +{
> + return riscv_isa_extension_available(NULL, ZVKNED) &&
> + riscv_vector_vlen() >= 128;
> +}
> +
> +static int __init riscv64_aes_mod_init(void)
> +{
> + if (check_aes_ext())
> + return crypto_register_alg(&riscv64_aes_alg_zvkned);
> +
> + return -ENODEV;
> +}
> +
> +static void __exit riscv64_aes_mod_fini(void)
> +{
> + if (check_aes_ext())
> + crypto_unregister_alg(&riscv64_aes_alg_zvkned);
> +}
> +
> +module_init(riscv64_aes_mod_init);
> +module_exit(riscv64_aes_mod_fini);
module_exit can only run if module_init succeeded. So, in cases like this it's
not necessary to check for CPU features before unregistering the algorithm.
- Eric
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2023-11-02 4:52 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-25 18:36 [PATCH 00/12] RISC-V: provide some accelerated cryptography implementations using vector extensions Jerry Shih
2023-10-25 18:36 ` [PATCH 01/12] RISC-V: add helper function to read the vector VLEN Jerry Shih
2023-10-25 18:36 ` [PATCH 02/12] RISC-V: hook new crypto subdir into build-system Jerry Shih
2023-10-25 18:36 ` [PATCH 03/12] RISC-V: crypto: add OpenSSL perl module for vector instructions Jerry Shih
2023-10-25 18:36 ` [PATCH 04/12] RISC-V: crypto: add Zvkned accelerated AES implementation Jerry Shih
2023-11-02 4:51 ` Eric Biggers [this message]
2023-11-20 2:53 ` Jerry Shih
2023-10-25 18:36 ` [PATCH 05/12] crypto: scatterwalk - Add scatterwalk_next() to get the next scatterlist in scatter_walk Jerry Shih
2023-10-25 18:36 ` [PATCH 06/12] RISC-V: crypto: add accelerated AES-CBC/CTR/ECB/XTS implementations Jerry Shih
2023-11-02 5:16 ` Eric Biggers
2023-11-07 8:53 ` Jerry Shih
2023-11-09 7:16 ` Eric Biggers
2023-11-10 3:58 ` Jerry Shih
2023-11-10 4:34 ` Eric Biggers
2023-11-10 4:58 ` Andy Chiu
2023-11-10 5:44 ` Eric Biggers
2023-11-11 11:08 ` Ard Biesheuvel
2023-11-11 17:52 ` Eric Biggers
2023-11-20 2:47 ` Jerry Shih
2023-11-20 19:28 ` Eric Biggers
2023-11-22 1:14 ` Eric Biggers
2023-11-27 2:52 ` Jerry Shih
2023-11-09 8:05 ` Eric Biggers
2023-11-10 4:06 ` Jerry Shih
2023-11-20 2:36 ` Jerry Shih
2023-10-25 18:36 ` [PATCH 07/12] RISC-V: crypto: add Zvkg accelerated GCM GHASH implementation Jerry Shih
2023-11-22 1:42 ` Eric Biggers
2023-11-27 2:49 ` Jerry Shih
2023-10-25 18:36 ` [PATCH 08/12] RISC-V: crypto: add Zvknha/b accelerated SHA224/256 implementations Jerry Shih
2023-10-25 18:36 ` [PATCH 09/12] RISC-V: crypto: add Zvknhb accelerated SHA384/512 implementations Jerry Shih
2023-11-22 1:32 ` Eric Biggers
2023-11-27 2:50 ` Jerry Shih
2023-10-25 18:36 ` [PATCH 10/12] RISC-V: crypto: add Zvksed accelerated SM4 implementation Jerry Shih
2023-11-02 5:58 ` Eric Biggers
2023-11-20 2:55 ` Jerry Shih
2023-10-25 18:36 ` [PATCH 11/12] RISC-V: crypto: add Zvksh accelerated SM3 implementation Jerry Shih
2023-10-25 18:36 ` [PATCH 12/12] RISC-V: crypto: add Zvkb accelerated ChaCha20 implementation Jerry Shih
2023-11-02 5:43 ` Eric Biggers
2023-11-20 2:55 ` Jerry Shih
2023-11-20 19:18 ` Eric Biggers
2023-11-21 10:55 ` Jerry Shih
2023-11-21 13:14 ` Conor Dooley
2023-11-21 23:37 ` Eric Biggers
2023-11-22 0:39 ` Conor Dooley
2023-11-22 17:37 ` Jerry Shih
2023-11-22 18:05 ` Palmer Dabbelt
2023-11-22 18:20 ` Conor Dooley
2023-11-22 19:05 ` Jerry Shih
2023-11-22 1:29 ` Eric Biggers
2023-11-27 2:14 ` Jerry Shih
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231102045154.GE1498@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=andy.chiu@sifive.com \
--cc=aou@eecs.berkeley.edu \
--cc=ardb@kernel.org \
--cc=bjorn@rivosinc.com \
--cc=conor.dooley@microchip.com \
--cc=davem@davemloft.net \
--cc=greentime.hu@sifive.com \
--cc=guoren@kernel.org \
--cc=heiko@sntech.de \
--cc=herbert@gondor.apana.org.au \
--cc=hongrong.hsu@sifive.com \
--cc=jerry.shih@sifive.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
--cc=phoebe.chen@sifive.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox