crypto: arm64/aes-neonbs - Move key expansion off the stack (652a3017) · Commits · git / linux-net

arch/arm64/crypto/aes-neonbs-glue.c

+23 −14

Original line number	Diff line number	Diff line
		@@ -76,19 +76,24 @@ static int aesbs_setkey(struct crypto_skcipher tfm, const u8 in_key,
		unsigned int key_len)
		{
		struct aesbs_ctx *ctx = crypto_skcipher_ctx(tfm);
		struct crypto_aes_ctx rk;
		struct crypto_aes_ctx *rk;
		int err;

		err = aes_expandkey(&rk, in_key, key_len);
		rk = kmalloc(sizeof(*rk), GFP_KERNEL);
		if (!rk)
		return -ENOMEM;

		err = aes_expandkey(rk, in_key, key_len);
		if (err)
		return err;
		goto out;

		ctx->rounds = 6 + key_len / 4;

		scoped_ksimd()
		aesbs_convert_key(ctx->rk, rk.key_enc, ctx->rounds);

		return 0;
		aesbs_convert_key(ctx->rk, rk->key_enc, ctx->rounds);
		out:
		kfree_sensitive(rk);
		return err;
		}

		static int __ecb_crypt(struct skcipher_request *req,
		@@ -133,22 +138,26 @@ static int aesbs_cbc_ctr_setkey(struct crypto_skcipher tfm, const u8 in_key,
		unsigned int key_len)
		{
		struct aesbs_cbc_ctr_ctx *ctx = crypto_skcipher_ctx(tfm);
		struct crypto_aes_ctx rk;
		struct crypto_aes_ctx *rk;
		int err;

		err = aes_expandkey(&rk, in_key, key_len);
		rk = kmalloc(sizeof(*rk), GFP_KERNEL);
		if (!rk)
		return -ENOMEM;

		err = aes_expandkey(rk, in_key, key_len);
		if (err)
		return err;
		goto out;

		ctx->key.rounds = 6 + key_len / 4;

		memcpy(ctx->enc, rk.key_enc, sizeof(ctx->enc));
		memcpy(ctx->enc, rk->key_enc, sizeof(ctx->enc));

		scoped_ksimd()
		aesbs_convert_key(ctx->key.rk, rk.key_enc, ctx->key.rounds);
		memzero_explicit(&rk, sizeof(rk));

		return 0;
		aesbs_convert_key(ctx->key.rk, rk->key_enc, ctx->key.rounds);
		out:
		kfree_sensitive(rk);
		return err;
		}

		static int cbc_encrypt(struct skcipher_request *req)