From patchwork Tue Jul  2 19:41:36 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ard Biesheuvel <ard.biesheuvel@linaro.org>
X-Patchwork-Id: 168363
Delivered-To: patch@linaro.org
Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp4653567ilk;
 Tue, 2 Jul 2019 12:42:37 -0700 (PDT)
X-Google-Smtp-Source: APXvYqw+njFHm62oU3WwYg8JZ0mD2xYf2vNOzA1rAssVWWVfe3wEo22TCvNi2MlJ3BC2b+kxlNwk
X-Received: by 2002:a17:902:1003:: with SMTP id
 b3mr37621093pla.172.1562096557169; 
 Tue, 02 Jul 2019 12:42:37 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1562096557; cv=none;
 d=google.com; s=arc-20160816;
 b=nFzXAVuM+nBQXrsPADFDWtDeBuhSRF1z9aaGO/XKqZpeiSBNu5L84NtghiKr6hR6/e
 acHjchBwqI8Q9B8pn6DAJ+ARE0rVl9ENtdX2wIwccy/AlW9uEKU24Lz/WT7YebdwHS6e
 oINIwBRVCJ7qlnVR9giBTpf73L5BOakckLwDHP9iXghWUn3DYtKxIey/DBf+fz85/LEv
 Ytfy24lya6NKpjygGEn0rhZ9trdQUkXIGOhHUjxSjzbYzkUF1M81yC2D391NZldKTpZE
 A19LU7vYKYbbNHS4OILEA+oLWgjXqERSHZbLDkAmAxE/21A1TxI0eQAOKtlbWD7l1gH9
 BYtw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=list-id:precedence:sender:references:in-reply-to:message-id:date
 :subject:cc:to:from:dkim-signature;
 bh=RA/9IzM/wteRuTKu0pLDxMNR1Wzx064tA8Ih0Blx/i0=;
 b=XTLUGd/gAtlkIrTMOGcvq0Q2fOGzCmWefzRa1zST59KL8ICCfS2/XlvRmONSrU2oa9
 EaeJw/uQT0HutIZXjwAkcRI46/PUjt2A1GCLB44ksHjUANVWzj3v0DWtkDKUF5OReYha
 4E1vTAtYFxkuGE0ihyQhZyc8ByKPO2jaVXfQpj5io1eQji58LCicz8UvQ1wWcRgLgWat
 NNlWFMYylWsJBRLeSBLg/yhhWgEDyZ0EJKkL+sy64JFa66LX5qyyIbOaKTO7rUGK5L8m
 cWHPujVic4LzFedmlqL6PlbWgpijW8MnOpAUHW6uVDwzhuL24CzvjC2QHukwD6m1t2LK
 cZBQ==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b="cFSPCIG/";
 spf=pass (google.com: best guess record for domain of
 linux-crypto-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender)
 smtp.mailfrom=linux-crypto-owner@vger.kernel.org; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
 by mx.google.com with ESMTP id
 x13si13373092pgh.116.2019.07.02.12.42.36; 
 Tue, 02 Jul 2019 12:42:37 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of
 linux-crypto-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender) client-ip=209.132.180.67; 
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b="cFSPCIG/";
 spf=pass (google.com: best guess record for domain of
 linux-crypto-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender)
 smtp.mailfrom=linux-crypto-owner@vger.kernel.org; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
 id S1727080AbfGBTmg (ORCPT <rfc822;sumit.garg@linaro.org>
 + 3 others); Tue, 2 Jul 2019 15:42:36 -0400
Received: from mail-lj1-f196.google.com ([209.85.208.196]:43128 "EHLO
 mail-lj1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
 with ESMTP id S1727077AbfGBTmg (ORCPT
 <rfc822;linux-crypto@vger.kernel.org>);
 Tue, 2 Jul 2019 15:42:36 -0400
Received: by mail-lj1-f196.google.com with SMTP id 16so18134504ljv.10
 for <linux-crypto@vger.kernel.org>;
 Tue, 02 Jul 2019 12:42:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:cc:subject:date:message-id:in-reply-to:references;
 bh=RA/9IzM/wteRuTKu0pLDxMNR1Wzx064tA8Ih0Blx/i0=;
 b=cFSPCIG/bffIkSOQesv7FkfPabeFVhhkSZpvMaJ1VeLDzo7FC5pD7m6sQB3EJMQBSO
 r2GYUbQ0o51V6I4iDxEk3PTvelCfsdtr6JBBVTHt1KVlGIuGgbbPQHoNEfZX+oGzUqLQ
 4ubA3HfxM6y+lDhP8dcgOYQUnGBhZcV83YuXXNKq0GlXSJCWvShzeGL1A2e3/xfgB9Tz
 PK9i1cDfy3MuSDa9fs9IQogmvpLGe/VMI/XwcZbu8eD4cVgocfUIWuH1p1kq4PcwlxvC
 ztqvhoN9z/yYEgAoRs7DBZdkKnjLvjkDmRIoSm6wPd8/g1gf4IFesjFS4pbcJDQllhrO
 T9Ww==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references;
 bh=RA/9IzM/wteRuTKu0pLDxMNR1Wzx064tA8Ih0Blx/i0=;
 b=X9939y6R63Z4MwTIob/wtmKD9gORjKAskZD8xQFrzzv4LXoz3gagc+N0m2/meH6lvl
 KIXXcefIYaEyQ8DLQWwLZvIv9hEyRPybMPM/eu9+NUCmlvXVEpWYisoKkFusWL7RJWpH
 HmN82UlFJhC5Qkv7BEI6zlQVjWQbapv7ls4TUMsxuIYtkz7JcNGurrYjdQJkc6SHA/yE
 r3FzkT5gQsUg3Fj/MQlHUteTAFaoGSO8OZ2LXB2qmmLk/V05EtSkLa1G1+vJtVUU4M7w
 0WQjmavNxQjMSwlauVTToEDByAusEHT8AT3p9cxpJuNRxhhD8rsV2UXesqOFgxDe7FaP
 3S1A==
X-Gm-Message-State: APjAAAWizuGs8LTjVC816Vl9AfV23F8B6oR39R60TptaC98Snbps5j29
 h3A0jiQ73T3tLLZ7KN+gOSVxCYPujGI6qJeX
X-Received: by 2002:a2e:3e01:: with SMTP id l1mr18413773lja.208.1562096554329; 
 Tue, 02 Jul 2019 12:42:34 -0700 (PDT)
Received: from e111045-lin.arm.com (89-212-78-239.static.t-2.net.
 [89.212.78.239]) by smtp.gmail.com with ESMTPSA id
 24sm4475163ljs.63.2019.07.02.12.42.33
 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256);
 Tue, 02 Jul 2019 12:42:33 -0700 (PDT)
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: linux-crypto@vger.kernel.org
Cc: herbert@gondor.apana.org.au, ebiggers@google.com,
 Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: [PATCH v4 18/32] crypto: arm64/aes-ce-cipher - use AES library as
 fallback
Date: Tue,  2 Jul 2019 21:41:36 +0200
Message-Id: <20190702194150.10405-19-ard.biesheuvel@linaro.org>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20190702194150.10405-1-ard.biesheuvel@linaro.org>
References: <20190702194150.10405-1-ard.biesheuvel@linaro.org>
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

Instead of calling into the table based scalar AES code in situations
where the SIMD unit may not be used, use the generic AES code, which
is more appropriate since it is less likely to be susceptible to
timing attacks.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 arch/arm64/crypto/Kconfig           | 2 +-
 arch/arm64/crypto/aes-ce-glue.c     | 7 ++-----
 arch/arm64/crypto/aes-cipher-glue.c | 3 ---
 3 files changed, 3 insertions(+), 9 deletions(-)

-- 
2.17.1

diff --git a/arch/arm64/crypto/Kconfig b/arch/arm64/crypto/Kconfig
index 66dea518221c..4922c4451e7c 100644
--- a/arch/arm64/crypto/Kconfig
+++ b/arch/arm64/crypto/Kconfig
@@ -73,7 +73,7 @@ config CRYPTO_AES_ARM64_CE
 	tristate "AES core cipher using ARMv8 Crypto Extensions"
 	depends on ARM64 && KERNEL_MODE_NEON
 	select CRYPTO_ALGAPI
-	select CRYPTO_AES_ARM64
+	select CRYPTO_LIB_AES
 
 config CRYPTO_AES_ARM64_CE_CCM
 	tristate "AES in CCM mode using ARMv8 Crypto Extensions"
diff --git a/arch/arm64/crypto/aes-ce-glue.c b/arch/arm64/crypto/aes-ce-glue.c
index 3213843fcb46..6890e003b8f1 100644
--- a/arch/arm64/crypto/aes-ce-glue.c
+++ b/arch/arm64/crypto/aes-ce-glue.c
@@ -23,9 +23,6 @@ MODULE_DESCRIPTION("Synchronous AES cipher using ARMv8 Crypto Extensions");
 MODULE_AUTHOR("Ard Biesheuvel <ard.biesheuvel@linaro.org>");
 MODULE_LICENSE("GPL v2");
 
-asmlinkage void __aes_arm64_encrypt(u32 *rk, u8 *out, const u8 *in, int rounds);
-asmlinkage void __aes_arm64_decrypt(u32 *rk, u8 *out, const u8 *in, int rounds);
-
 struct aes_block {
 	u8 b[AES_BLOCK_SIZE];
 };
@@ -54,7 +51,7 @@ static void aes_cipher_encrypt(struct crypto_tfm *tfm, u8 dst[], u8 const src[])
 	struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm);
 
 	if (!crypto_simd_usable()) {
-		__aes_arm64_encrypt(ctx->key_enc, dst, src, num_rounds(ctx));
+		aes_encrypt(ctx, dst, src);
 		return;
 	}
 
@@ -68,7 +65,7 @@ static void aes_cipher_decrypt(struct crypto_tfm *tfm, u8 dst[], u8 const src[])
 	struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm);
 
 	if (!crypto_simd_usable()) {
-		__aes_arm64_decrypt(ctx->key_dec, dst, src, num_rounds(ctx));
+		aes_decrypt(ctx, dst, src);
 		return;
 	}
 
diff --git a/arch/arm64/crypto/aes-cipher-glue.c b/arch/arm64/crypto/aes-cipher-glue.c
index 0e90b06ebcec..bf32cc6489e1 100644
--- a/arch/arm64/crypto/aes-cipher-glue.c
+++ b/arch/arm64/crypto/aes-cipher-glue.c
@@ -13,10 +13,7 @@
 #include <linux/module.h>
 
 asmlinkage void __aes_arm64_encrypt(u32 *rk, u8 *out, const u8 *in, int rounds);
-EXPORT_SYMBOL(__aes_arm64_encrypt);
-
 asmlinkage void __aes_arm64_decrypt(u32 *rk, u8 *out, const u8 *in, int rounds);
-EXPORT_SYMBOL(__aes_arm64_decrypt);
 
 static void aes_arm64_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
 {