diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2021-02-21 17:23:56 -0800 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2021-02-21 17:23:56 -0800 |
| commit | 31caf8b2a847214be856f843e251fc2ed2cd1075 (patch) | |
| tree | 245257387cfcae352fae27b1ca824daab55472ba /drivers/net/ethernet | |
| parent | a2b095e0efa7229a1a88602283ba1a8a32004851 (diff) | |
| parent | 0de9dc80625b0ca1cb9730c5ed1c5a8cab538369 (diff) | |
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto update from Herbert Xu:
"API:
- Restrict crypto_cipher to internal API users only.
Algorithms:
- Add x86 aesni acceleration for cts.
- Improve x86 aesni acceleration for xts.
- Remove x86 acceleration of some uncommon algorithms.
- Remove RIPE-MD, Tiger and Salsa20.
- Remove tnepres.
- Add ARM acceleration for BLAKE2s and BLAKE2b.
Drivers:
- Add Keem Bay OCS HCU driver.
- Add Marvell OcteonTX2 CPT PF driver.
- Remove PicoXcell driver.
- Remove mediatek driver"
* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (154 commits)
hwrng: timeriomem - Use device-managed registration API
crypto: hisilicon/qm - fix printing format issue
crypto: hisilicon/qm - do not reset hardware when CE happens
crypto: hisilicon/qm - update irqflag
crypto: hisilicon/qm - fix the value of 'QM_SQC_VFT_BASE_MASK_V2'
crypto: hisilicon/qm - fix request missing error
crypto: hisilicon/qm - removing driver after reset
crypto: octeontx2 - fix -Wpointer-bool-conversion warning
crypto: hisilicon/hpre - enable Elliptic curve cryptography
crypto: hisilicon - PASID fixed on Kunpeng 930
crypto: hisilicon/qm - fix use of 'dma_map_single'
crypto: hisilicon/hpre - tiny fix
crypto: hisilicon/hpre - adapt the number of clusters
crypto: cpt - remove casting dma_alloc_coherent
crypto: keembay-ocs-aes - Fix 'q' assignment during CCM B0 generation
crypto: xor - Fix typo of optimization
hwrng: optee - Use device-managed registration API
crypto: arm64/crc-t10dif - move NEON yield to C code
crypto: arm64/aes-ce-mac - simplify NEON yield
crypto: arm64/aes-neonbs - remove NEON yield calls
...
Diffstat (limited to 'drivers/net/ethernet')
| -rw-r--r-- | drivers/net/ethernet/chelsio/inline_crypto/Kconfig | 1 | ||||
| -rw-r--r-- | drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c | 19 |
2 files changed, 8 insertions, 12 deletions
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/Kconfig b/drivers/net/ethernet/chelsio/inline_crypto/Kconfig index bc06e83fd3c6..521955e1f894 100644 --- a/drivers/net/ethernet/chelsio/inline_crypto/Kconfig +++ b/drivers/net/ethernet/chelsio/inline_crypto/Kconfig @@ -42,6 +42,7 @@ config CHELSIO_TLS_DEVICE depends on CHELSIO_T4 depends on TLS depends on TLS_DEVICE + select CRYPTO_LIB_AES help This flag enables support for kernel tls offload over Chelsio T6 crypto accelerator. CONFIG_CHELSIO_TLS_DEVICE flag can be enabled diff --git a/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c b/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c index 1b7e8c91b541..46a809f2aeca 100644 --- a/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c +++ b/drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c @@ -9,6 +9,7 @@ #include <linux/ip.h> #include <net/ipv6.h> #include <linux/netdevice.h> +#include <crypto/aes.h> #include "chcr_ktls.h" static LIST_HEAD(uld_ctx_list); @@ -74,7 +75,7 @@ static int chcr_ktls_save_keys(struct chcr_ktls_info *tx_info, unsigned char ghash_h[TLS_CIPHER_AES_GCM_256_TAG_SIZE]; struct tls12_crypto_info_aes_gcm_128 *info_128_gcm; struct ktls_key_ctx *kctx = &tx_info->key_ctx; - struct crypto_cipher *cipher; + struct crypto_aes_ctx aes_ctx; unsigned char *key, *salt; switch (crypto_info->cipher_type) { @@ -135,18 +136,14 @@ static int chcr_ktls_save_keys(struct chcr_ktls_info *tx_info, /* Calculate the H = CIPH(K, 0 repeated 16 times). * It will go in key context */ - cipher = crypto_alloc_cipher("aes", 0, 0); - if (IS_ERR(cipher)) { - ret = -ENOMEM; - goto out; - } - ret = crypto_cipher_setkey(cipher, key, keylen); + ret = aes_expandkey(&aes_ctx, key, keylen); if (ret) - goto out1; + goto out; memset(ghash_h, 0, ghash_size); - crypto_cipher_encrypt_one(cipher, ghash_h, ghash_h); + aes_encrypt(&aes_ctx, ghash_h, ghash_h); + memzero_explicit(&aes_ctx, sizeof(aes_ctx)); /* fill the Key context */ if (direction == TLS_OFFLOAD_CTX_DIR_TX) { @@ -155,7 +152,7 @@ static int chcr_ktls_save_keys(struct chcr_ktls_info *tx_info, key_ctx_size >> 4); } else { ret = -EINVAL; - goto out1; + goto out; } memcpy(kctx->salt, salt, tx_info->salt_size); @@ -163,8 +160,6 @@ static int chcr_ktls_save_keys(struct chcr_ktls_info *tx_info, memcpy(kctx->key + keylen, ghash_h, ghash_size); tx_info->key_ctx_len = key_ctx_size; -out1: - crypto_free_cipher(cipher); out: return ret; } |