diff options
| author | Ard Biesheuvel <[email protected]> | 2024-01-18 18:06:34 +0100 |
|---|---|---|
| committer | Herbert Xu <[email protected]> | 2024-01-26 16:39:32 +0800 |
| commit | 948ffc66e595e56c6ebf672db38d59c8a9efc108 (patch) | |
| tree | eb93f400d69d6e38442865625644ef1e8ac63be3 /arch/arm64/crypto/aes-glue.c | |
| parent | c131098d6d9c5d0a580456f527dedefaf61acb7b (diff) | |
crypto: arm64/aes-ccm - Reuse existing MAC update for AAD input
CCM combines the counter (CTR) encryption mode with a MAC based on the
same block cipher. This MAC construction is a bit clunky: it invokes the
block cipher in a way that cannot be parallelized, resulting in poor CPU
pipeline efficiency.
The arm64 CCM code mitigates this by interleaving the encryption and MAC
at the AES round level, resulting in a substantial speedup. But this
approach does not apply to the additional authenticated data (AAD) which
is not encrypted.
This means the special asm routine dealing with the AAD is not any
better than the MAC update routine used by the arm64 AES block
encryption driver, so let's reuse that, and drop the special AES-CCM
version.
Signed-off-by: Ard Biesheuvel <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
Diffstat (limited to 'arch/arm64/crypto/aes-glue.c')
| -rw-r--r-- | arch/arm64/crypto/aes-glue.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/arm64/crypto/aes-glue.c b/arch/arm64/crypto/aes-glue.c index 162787c7aa86..a147e847a5a1 100644 --- a/arch/arm64/crypto/aes-glue.c +++ b/arch/arm64/crypto/aes-glue.c @@ -1048,6 +1048,7 @@ unregister_ciphers: #ifdef USE_V8_CRYPTO_EXTENSIONS module_cpu_feature_match(AES, aes_init); +EXPORT_SYMBOL_NS(ce_aes_mac_update, CRYPTO_INTERNAL); #else module_init(aes_init); EXPORT_SYMBOL(neon_aes_ecb_encrypt); |