Received: by 2002:a05:7412:419a:b0:f3:1519:9f41 with SMTP id i26csp3591903rdh; Mon, 27 Nov 2023 19:56:43 -0800 (PST) X-Google-Smtp-Source: AGHT+IFBWcdqDl1atLiedIuJePsGbqJzS35/xg593+QusX1C2sxUR6r4NZmrzv3doOFFtRaYz6qC X-Received: by 2002:a05:6358:5927:b0:16b:b605:d3da with SMTP id g39-20020a056358592700b0016bb605d3damr15695100rwf.28.1701143803380; Mon, 27 Nov 2023 19:56:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701143803; cv=none; d=google.com; s=arc-20160816; b=Mm73krYIMufhHWUK1YwdXChGD3lc52QK1ToNrL8G09NpcgY2uGvrhwfirIF/oMmVDB loJ/OAgiPSIUlKQnbY0EfdBDTTifP7OHPL10OGXKvQAvOfd6SYGu29eaz5Pjl4Al+ode AsMG0WuL1ACroNlb6FOGJEL8A9veBpxO4mf84508TKPMtFA60Tsn0JHd6PrRbkkZ+B5/ fiYiJOgpQZzsGz1aAcNqVBVd5VeepsrMCcoBJIhcKBqz78tMKPsZ2DSBV3lFeiHOfaJn WrDE7fPWHYtQxpSw9YquZdB756Ct3sgi1pypT7M/noe7KkW3f7wAgr3nUI6ReacycJDz 6zIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=Vu4hGXzyrB5lBA6naaA/zIvCtyF7wtrDgj3TZjh++X8=; fh=zbDRpcBgg9Y8vPgjc5rEEysmrqOVa145mcP3uY0f1po=; b=lO9wIfN8CgaC3oax4CgIp2i2gjOYFlJKeDgMLD+U23qX7C/J+6HPUWHF3wBXOWsrPe oczXJqLE+RxmqRm0mMLiejlqSozjM5G8zwZdSGRSOW48dY4UHXnSV8gYogN6rrAMJ6P6 513cQV/UpB12i7FN5VHlWQc0gjSlXGqshxUJyubAe28LdXwVT0J9PkLPOB/t/J9co/Fh WCgP4BlGTFwnHLVd7kdf7ZGfPRWOyDs4pWYew5dQPdJO8Tk+wJY/MgztM8y5Y4o06DN2 Y+R+VWQc/hdK+Wm7Go/uh+bz746r4qvFMR3bG+5R4FBCm1DVU6Ceqx3GoasTku9ESVqo tUAQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=bXn+gVLY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8]) by mx.google.com with ESMTPS id p6-20020a634206000000b0056513361b4fsi11063486pga.741.2023.11.27.19.56.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Nov 2023 19:56:43 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=bXn+gVLY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id D65C1806156D; Mon, 27 Nov 2023 19:56:40 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234449AbjK1D41 (ORCPT + 99 others); Mon, 27 Nov 2023 22:56:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56482 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229789AbjK1D40 (ORCPT ); Mon, 27 Nov 2023 22:56:26 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1F05918F for ; Mon, 27 Nov 2023 19:56:33 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 50AB4C433C8; Tue, 28 Nov 2023 03:56:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1701143792; bh=WjCFklQtOqf81uorIGsoppOMkx+RH2HrsqXNbDg296w=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=bXn+gVLYClewyVh4gauMobUQySkuWPZlNWRXYOqVBZOndYo80wvV+QXyKy7lyRrXR P4x9KxE+Z8BGAKzNtvE0/hUH/xuy7ochY4+j0gjlFgZ2VE/vE279bsx2IAZNTO5DBm t3jCbNSguAnMBfYueuZjUNc8nD2BkCjQXWEtZ1JkjLxSsayyR7ocfEVeLgUVKikHXJ Vsc4X4CjHaWvrzML0PPVbtfvUS0qcqWJalReTbX1zcbdUXv7gZkj4I6amM46ne/rSl XUjxBqTprF5Zbw01ztPhc37bJLmpAsaP1un28ub4bE/jHdgojhy3fr5nJcx57Up0nV 1z10T2CiJb9Wg== Date: Mon, 27 Nov 2023 19:56:30 -0800 From: Eric Biggers To: Jerry Shih Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, herbert@gondor.apana.org.au, davem@davemloft.net, conor.dooley@microchip.com, ardb@kernel.org, heiko@sntech.de, phoebe.chen@sifive.com, hongrong.hsu@sifive.com, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org Subject: Re: [PATCH v2 04/13] RISC-V: crypto: add Zvkned accelerated AES implementation Message-ID: <20231128035630.GG1463@sol.localdomain> References: <20231127070703.1697-1-jerry.shih@sifive.com> <20231127070703.1697-5-jerry.shih@sifive.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20231127070703.1697-5-jerry.shih@sifive.com> X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Mon, 27 Nov 2023 19:56:41 -0800 (PST) On Mon, Nov 27, 2023 at 03:06:54PM +0800, Jerry Shih wrote: > +int riscv64_aes_setkey(struct crypto_aes_ctx *ctx, const u8 *key, > + unsigned int keylen) > +{ > + int ret; > + > + ret = aes_check_keylen(keylen); > + if (ret < 0) > + return -EINVAL; > + > + /* > + * The RISC-V AES vector crypto key expanding doesn't support AES-192. > + * Use the generic software key expanding for that case. > + */ > + if ((keylen == 16 || keylen == 32) && crypto_simd_usable()) { > + /* > + * All zvkned-based functions use encryption expanding keys for both > + * encryption and decryption. > + */ > + kernel_vector_begin(); > + rv64i_zvkned_set_encrypt_key(key, keylen, ctx); > + kernel_vector_end(); > + } else { > + ret = aes_expandkey(ctx, key, keylen); > + } rv64i_zvkned_set_encrypt_key() does not initialize crypto_aes_ctx::key_dec. So, decryption results will be incorrect if !crypto_simd_usable() later. > +static int aes_setkey(struct crypto_tfm *tfm, const u8 *key, > + unsigned int keylen) It's best to avoid generic-sounding function names like this that could collide with functions in crypto/ or lib/crypto/. A better name for this function, for example, would be aes_setkey_zvkned(). > diff --git a/arch/riscv/crypto/aes-riscv64-zvkned.pl b/arch/riscv/crypto/aes-riscv64-zvkned.pl > new file mode 100644 > index 000000000000..303e82d9f6f0 > --- /dev/null > +++ b/arch/riscv/crypto/aes-riscv64-zvkned.pl [...] > +L_enc_128: [...] > +L_enc_192: [...] > +L_enc_256: There's some severe source code duplication going on in the AES assembly, with the three AES variants having separate source code. You can just leave this as-is since this is what was merged into OpenSSL and we are borrowing that for now, but I do expect that we'll want to clean this up later. - Eric