From patchwork Fri Jun 16 11:17:49 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 105710 Delivered-To: patch@linaro.org Received: by 10.140.91.77 with SMTP id y71csp1249372qgd; Fri, 16 Jun 2017 04:18:11 -0700 (PDT) X-Received: by 10.84.253.2 with SMTP id z2mr12397687pll.114.1497611891677; Fri, 16 Jun 2017 04:18:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1497611891; cv=none; d=google.com; s=arc-20160816; b=RB3COgzCXODzM6PqjAYBYEFRv+w/hXAreNtzt4Z0cC88aCUlzvk7s3X5j3MmFyHU5K bMbWfMG7mw3L4sfDT8RbZ2wYKSqqv58ZN3NkSifanqiTOmsFR5unDp+P3NDCYdzRZB/k l8hoUFaTE+Fb7Z3wpoUQ5YaZ6ViGY7Nl2W5APSauk/fmB07XXJUff0J0hlcFcC8PXGx0 i2MT3Xh6j4NQ9lZZkj+TJdyj2ztTIbYFQouu+Ml+daruSkBEgm4zP3WJesZuMfvVZ8B+ H8WljFQqOv4pdkJRtiw1gI+9kUVDZn5DEDJWkH3YB69+QQWmw1EsZ9Ps/6sbPRk48ez0 DthA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=mpK29rSlku7RuP1hUdLy2t6PAgKwssFRzcBjha3pHok=; b=c58D8p7rW3YiJX+U7uaKsldpyn6Cazvwmv5EA9C3LwtcVoIm3xRjegdH25IlGreA1l xoYjrP80NoREiX31mqRrSDQuhc1/H6UnV8HX330OqTXR13nTLeAqObDREWHhK9qc/xtY V0pMlVr1eGozspUNY3YyVHI2nhGcHdu53oK5hd2jxK6Sg+T5uLJ6iXzZ99/7XyzioxEz dWBKE/jgA+aW5eKgLtBmEvN+yhdQD7o1E4nn9Z1EOi3zOJVAhfRhf62eQdu7k3vI7TdU bxEX3xE2P+dg3xlJZKm5WIU7OhaT1qmMvN46dJAjxN4XptLwn4nsCje2zmJES4W8f4si hndg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.b=bW2sLbw0; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a7si1740382pgn.206.2017.06.16.04.18.11; Fri, 16 Jun 2017 04:18:11 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.b=bW2sLbw0; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752603AbdFPLSK (ORCPT + 1 other); Fri, 16 Jun 2017 07:18:10 -0400 Received: from mail-wm0-f46.google.com ([74.125.82.46]:36373 "EHLO mail-wm0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752676AbdFPLSH (ORCPT ); Fri, 16 Jun 2017 07:18:07 -0400 Received: by mail-wm0-f46.google.com with SMTP id m125so23233963wmm.1 for ; Fri, 16 Jun 2017 04:18:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=mpK29rSlku7RuP1hUdLy2t6PAgKwssFRzcBjha3pHok=; b=bW2sLbw0Sw3xZKom6n/EzxxH7ynvHDcutw7rdua+yIBzwBsdxPwCh7DcbmXaW02sN+ mR6rBFiWaRAQoEKGmf/SMTspGQm/WNCeeIWXqCKwf8hLKkAY/tWgs+yGGKd26DIVf+Kk CyMoybghBpzJ6VDam5el2ZqUIruM46q2/NGHU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=mpK29rSlku7RuP1hUdLy2t6PAgKwssFRzcBjha3pHok=; b=etgC6Od1VKf9RAaXw8gU6RPbeFrn28JLfgUS9OpFK3U3rXj3AQpHJ3127geqHAxHGN g946qU0Bv0LZ46uKtj7a+o5p+ork161ZrZC6FY1yeJ+H1nkVwQgzSwgVglyfbwbpUpV2 p/HEu5AEJzXjk7SQKsz4a2aFEjRZhmih1F+zmiZbM8hJmKwZT+0Qu17nUUA6fFeejLJm 4Xdd1ZNVA5XxvkGoGUMjkNb0veT5Ojj6TlGxnklsyOu44EBThAGqretPjjtGq8Q1bR2r Dmd9Jtoy3eO0Pinn7I6gqyE6S7BkCSR0jNTZiptftMB0vuvTDDGONbn9jFf9slBFkJph E00g== X-Gm-Message-State: AKS2vOyudkvvwMVJ2fvtISvGyO0vRACagQIENFMTmE/6aK8q500F2+VO xy3KsykXfnxnAniPik+big== X-Received: by 10.80.145.25 with SMTP id e25mr7160091eda.8.1497611886239; Fri, 16 Jun 2017 04:18:06 -0700 (PDT) Received: from ards-macbook-pro.arnhem.chello.nl (dhcp-077-251-017-237.chello.nl. [77.251.17.237]) by smtp.gmail.com with ESMTPSA id k17sm984880edb.37.2017.06.16.04.18.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 16 Jun 2017 04:18:05 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, nico@linaro.org, ebiggers3@gmail.com, Ard Biesheuvel Subject: [PATCH v2 6/6] crypto: aes - allow generic AES to be replaced by fixed time AES Date: Fri, 16 Jun 2017 13:17:49 +0200 Message-Id: <1497611869-6126-7-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1497611869-6126-1-git-send-email-ard.biesheuvel@linaro.org> References: <1497611869-6126-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On systems where a small memory footprint is important, the generic AES code with its 16 KB of lookup tables and fully unrolled encrypt and decrypt routines may be an unnecessary burden, especially given that modern SoCs often have dedicated instructions for AES. And even if they don't, a time invariant implementation may be preferred over a fast one that may be susceptible to cache timing attacks. So allow the declared dependency of other subsystems on AES to be fulfilled by either the generic AES or the much smaller time invariant implementation. Signed-off-by: Ard Biesheuvel --- crypto/Kconfig | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/Kconfig b/crypto/Kconfig index f33c0d9136cf..2958120cdef3 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -899,12 +899,14 @@ config CRYPTO_AES_CORE config CRYPTO_AES tristate - select CRYPTO_AES_GENERIC + select CRYPTO_AES_GENERIC if (CRYPTO_AES=y && CRYPTO_AES_TI != y) || \ + (CRYPTO_AES=m && !CRYPTO_AES_TI) config CRYPTO_AES_GENERIC tristate "AES cipher algorithms" -- 2.7.4