From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
"Jason A . Donenfeld" <Jason@zx2c4.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
linux-arm-kernel@lists.infradead.org,
linuxppc-dev@lists.ozlabs.org, linux-riscv@lists.infradead.org,
linux-s390@vger.kernel.org, sparclinux@vger.kernel.org,
x86@kernel.org, Holger Dengler <dengler@linux.ibm.com>,
Harald Freudenberger <freude@linux.ibm.com>,
Eric Biggers <ebiggers@kernel.org>
Subject: [PATCH 20/36] chelsio: Use new AES library API
Date: Sun, 4 Jan 2026 21:12:53 -0800 [thread overview]
Message-ID: <20260105051311.1607207-21-ebiggers@kernel.org> (raw)
In-Reply-To: <20260105051311.1607207-1-ebiggers@kernel.org>
Switch from the old AES library functions (which use struct
crypto_aes_ctx) to the new ones (which use struct aes_enckey). This
eliminates the unnecessary computation and caching of the decryption
round keys. The new AES en/decryption functions are also much faster
and use AES instructions when supported by the CPU.
Note: aes_encrypt_new() will be renamed to aes_encrypt() once all
callers of the old aes_encrypt() have been updated.
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---
.../ethernet/chelsio/inline_crypto/ch_ipsec/chcr_ipsec.c | 6 +++---
.../ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c | 8 ++++----
.../net/ethernet/chelsio/inline_crypto/chtls/chtls_hw.c | 6 +++---
3 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/ch_ipsec/chcr_ipsec.c b/drivers/net/ethernet/chelsio/inline_crypto/ch_ipsec/chcr_ipsec.c
index 49b57bb5fac1..882d09b2b1a8 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/ch_ipsec/chcr_ipsec.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/ch_ipsec/chcr_ipsec.c
@@ -168,11 +168,11 @@ static int ch_ipsec_setkey(struct xfrm_state *x,
{
int keylen = (x->aead->alg_key_len + 7) / 8;
unsigned char *key = x->aead->alg_key;
int ck_size, key_ctx_size = 0;
unsigned char ghash_h[AEAD_H_SIZE];
- struct crypto_aes_ctx aes;
+ struct aes_enckey aes;
int ret = 0;
if (keylen > 3) {
keylen -= 4; /* nonce/salt is present in the last 4 bytes */
memcpy(sa_entry->salt, key + keylen, 4);
@@ -202,17 +202,17 @@ static int ch_ipsec_setkey(struct xfrm_state *x,
key_ctx_size >> 4);
/* Calculate the H = CIPH(K, 0 repeated 16 times).
* It will go in key context
*/
- ret = aes_expandkey(&aes, key, keylen);
+ ret = aes_prepareenckey(&aes, key, keylen);
if (ret) {
sa_entry->enckey_len = 0;
goto out;
}
memset(ghash_h, 0, AEAD_H_SIZE);
- aes_encrypt(&aes, ghash_h, ghash_h);
+ aes_encrypt_new(&aes, ghash_h, ghash_h);
memzero_explicit(&aes, sizeof(aes));
memcpy(sa_entry->key + (DIV_ROUND_UP(sa_entry->enckey_len, 16) *
16), ghash_h, AEAD_H_SIZE);
sa_entry->kctx_len = ((DIV_ROUND_UP(sa_entry->enckey_len, 16)) << 4) +
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c b/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c
index 4e2096e49684..09c0687f911f 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c
@@ -74,11 +74,11 @@ static int chcr_ktls_save_keys(struct chcr_ktls_info *tx_info,
{
int ck_size, key_ctx_size, mac_key_size, keylen, ghash_size, ret;
unsigned char ghash_h[TLS_CIPHER_AES_GCM_256_TAG_SIZE];
struct tls12_crypto_info_aes_gcm_128 *info_128_gcm;
struct ktls_key_ctx *kctx = &tx_info->key_ctx;
- struct crypto_aes_ctx aes_ctx;
+ struct aes_enckey aes;
unsigned char *key, *salt;
switch (crypto_info->cipher_type) {
case TLS_CIPHER_AES_GCM_128:
info_128_gcm =
@@ -136,17 +136,17 @@ static int chcr_ktls_save_keys(struct chcr_ktls_info *tx_info,
roundup(keylen, 16) + ghash_size;
/* Calculate the H = CIPH(K, 0 repeated 16 times).
* It will go in key context
*/
- ret = aes_expandkey(&aes_ctx, key, keylen);
+ ret = aes_prepareenckey(&aes, key, keylen);
if (ret)
goto out;
memset(ghash_h, 0, ghash_size);
- aes_encrypt(&aes_ctx, ghash_h, ghash_h);
- memzero_explicit(&aes_ctx, sizeof(aes_ctx));
+ aes_encrypt_new(&aes, ghash_h, ghash_h);
+ memzero_explicit(&aes, sizeof(aes));
/* fill the Key context */
if (direction == TLS_OFFLOAD_CTX_DIR_TX) {
kctx->ctx_hdr = FILL_KEY_CTX_HDR(ck_size,
mac_key_size,
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_hw.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_hw.c
index fab6df21f01c..be2b623957c0 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_hw.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_hw.c
@@ -245,11 +245,11 @@ static int chtls_key_info(struct chtls_sock *csk,
{
unsigned char key[AES_MAX_KEY_SIZE];
unsigned char *key_p, *salt;
unsigned char ghash_h[AEAD_H_SIZE];
int ck_size, key_ctx_size, kctx_mackey_size, salt_size;
- struct crypto_aes_ctx aes;
+ struct aes_enckey aes;
int ret;
key_ctx_size = sizeof(struct _key_ctx) +
roundup(keylen, 16) + AEAD_H_SIZE;
@@ -289,16 +289,16 @@ static int chtls_key_info(struct chtls_sock *csk,
}
/* Calculate the H = CIPH(K, 0 repeated 16 times).
* It will go in key context
*/
- ret = aes_expandkey(&aes, key, keylen);
+ ret = aes_prepareenckey(&aes, key, keylen);
if (ret)
return ret;
memset(ghash_h, 0, AEAD_H_SIZE);
- aes_encrypt(&aes, ghash_h, ghash_h);
+ aes_encrypt_new(&aes, ghash_h, ghash_h);
memzero_explicit(&aes, sizeof(aes));
csk->tlshws.keylen = key_ctx_size;
/* Copy the Key context */
if (optname == TLS_RX) {
--
2.52.0
next prev parent reply other threads:[~2026-01-05 5:15 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-05 5:12 [PATCH 00/36] AES library improvements Eric Biggers
2026-01-05 5:12 ` [PATCH 01/36] crypto: powerpc/aes - Rename struct aes_key Eric Biggers
2026-01-05 5:12 ` [PATCH 02/36] lib/crypto: aes: Introduce improved AES library Eric Biggers
2026-01-05 7:47 ` Qingfang Deng
2026-01-06 6:36 ` Eric Biggers
2026-01-05 5:12 ` [PATCH 03/36] crypto: arm/aes-neonbs - Use AES library for single blocks Eric Biggers
2026-01-05 5:12 ` [PATCH 04/36] crypto: arm/aes - Switch to aes_enc_tab[] and aes_dec_tab[] Eric Biggers
2026-01-05 5:12 ` [PATCH 05/36] crypto: arm64/aes " Eric Biggers
2026-01-05 5:12 ` [PATCH 06/36] crypto: arm64/aes - Select CRYPTO_LIB_SHA256 from correct places Eric Biggers
2026-01-05 5:12 ` [PATCH 07/36] crypto: aegis - Switch from crypto_ft_tab[] to aes_enc_tab[] Eric Biggers
2026-01-05 5:12 ` [PATCH 08/36] crypto: aes - Remove aes-fixed-time / CONFIG_CRYPTO_AES_TI Eric Biggers
2026-01-05 5:12 ` [PATCH 09/36] crypto: aes - Replace aes-generic with wrapper around lib Eric Biggers
2026-01-05 5:12 ` [PATCH 10/36] lib/crypto: arm/aes: Migrate optimized code into library Eric Biggers
2026-01-05 5:12 ` [PATCH 11/36] lib/crypto: arm64/aes: " Eric Biggers
2026-01-05 5:12 ` [PATCH 12/36] lib/crypto: powerpc/aes: Migrate SPE " Eric Biggers
2026-01-05 5:12 ` [PATCH 13/36] lib/crypto: powerpc/aes: Migrate POWER8 " Eric Biggers
2026-01-05 5:12 ` [PATCH 14/36] lib/crypto: riscv/aes: Migrate " Eric Biggers
2026-01-05 5:12 ` [PATCH 15/36] lib/crypto: s390/aes: " Eric Biggers
2026-01-07 7:41 ` Holger Dengler
2026-01-07 20:34 ` Eric Biggers
2026-01-14 12:12 ` Holger Dengler
2026-01-05 5:12 ` [PATCH 16/36] lib/crypto: sparc/aes: " Eric Biggers
2026-01-05 5:12 ` [PATCH 17/36] lib/crypto: x86/aes: Add AES-NI optimization Eric Biggers
2026-01-05 5:12 ` [PATCH 18/36] crypto: x86/aes - Remove the superseded AES-NI crypto_cipher Eric Biggers
2026-01-05 5:12 ` [PATCH 19/36] Bluetooth: SMP: Use new AES library API Eric Biggers
2026-01-05 15:40 ` Andrew Cooper
2026-01-05 19:05 ` David Laight
2026-01-06 6:58 ` Eric Biggers
2026-01-05 5:12 ` Eric Biggers [this message]
2026-01-05 5:12 ` [PATCH 21/36] net: phy: mscc: macsec: " Eric Biggers
2026-01-05 5:12 ` [PATCH 22/36] staging: rtl8723bs: core: " Eric Biggers
2026-01-05 5:12 ` [PATCH 23/36] crypto: arm/ghash - " Eric Biggers
2026-01-05 5:12 ` [PATCH 24/36] crypto: arm64/ghash " Eric Biggers
2026-01-05 5:12 ` [PATCH 25/36] crypto: x86/aes-gcm " Eric Biggers
2026-01-05 5:12 ` [PATCH 26/36] crypto: ccp " Eric Biggers
2026-01-05 5:13 ` [PATCH 27/36] crypto: chelsio " Eric Biggers
2026-01-05 5:13 ` [PATCH 28/36] crypto: crypto4xx " Eric Biggers
2026-01-05 5:13 ` [PATCH 29/36] crypto: drbg " Eric Biggers
2026-01-05 5:13 ` [PATCH 30/36] crypto: inside-secure " Eric Biggers
2026-01-07 3:48 ` Qingfang Deng
2026-01-07 4:01 ` Eric Biggers
2026-01-05 5:13 ` [PATCH 31/36] crypto: omap " Eric Biggers
2026-01-05 5:13 ` [PATCH 32/36] lib/crypto: aescfb: " Eric Biggers
2026-01-05 5:13 ` [PATCH 33/36] lib/crypto: aesgcm: " Eric Biggers
2026-01-05 5:13 ` [PATCH 34/36] lib/crypto: aes: Remove old AES en/decryption functions Eric Biggers
2026-01-05 5:13 ` [PATCH 35/36] lib/crypto: aes: Drop "_new" suffix from " Eric Biggers
2026-01-05 5:13 ` [PATCH 36/36] lib/crypto: aes: Drop 'volatile' from aes_sbox and aes_inv_sbox Eric Biggers
2026-01-08 11:32 ` [PATCH 00/36] AES library improvements Ard Biesheuvel
2026-01-08 20:26 ` Eric Biggers
2026-01-09 1:27 ` Eric Biggers
2026-01-09 9:08 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260105051311.1607207-21-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=Jason@zx2c4.com \
--cc=ardb@kernel.org \
--cc=dengler@linux.ibm.com \
--cc=freude@linux.ibm.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=linux-s390@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=sparclinux@vger.kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox