On Sun, 26 Mar 2017, Ard Biesheuvel wrote: > The generic AES driver uses 16 lookup tables of 1 KB each, and has > encryption and decryption routines that are fully unrolled. Given how > the dependencies between this code and other drivers are declared in > Kconfig files, this code is always pulled into the core kernel, even > if it is usually superseded at runtime by accelerated drivers that > exist for many architectures. > > This leaves us with 25 KB of dead code in the kernel, which is negligible > in typical environments, but which is actually a big deal for the IoT > domain, where every kilobyte counts. > > For this reason, this series refactors the way the various AES > implementations are wired up, to allow the generic version in > crypto/aes_generic.c to be omitted from the build entirely.
I'm not a cryptographer but I do agree with the above goal. Acked_by: Nicolas Pitre <n...@linaro.org> > > Patch #1 removes some bogus 'select CRYPTO_AES' statement. > > Patch #2 introduces CRYPTO_NEED_AES which can be selected by driver that > require an AES cipher to be available, but don't care how it is implemented. > > Patches #3 and #4 make some preparatory changes that allow dependencies on > crypto_aes_expand_key to be fulfilled by the new (and much smaller) fixed > time AES driver. (#5) > > Patch #6 splits the generic AES driver into a core containing the precomputed > sub/shift/mix tables and the key expansion routines on the one hand, and the > encryption/decryption routines and the crypto API registration on the other. > > Patch #7 introduces the CRYPTO_HAVE_AES Kconfig symbol, and adds statements to > various AES implementations that can fulfil the CRYPTO_NEED_AES dependencies > added in patch #2. The introduced Kconfig logic allows CRYPTO_AES to be > deselected even if AES dependencies exist, as long as one of these > alternatives > is selected. > > Ard Biesheuvel (7): > drivers/crypto/Kconfig: drop bogus CRYPTO_AES dependencies > crypto: aes - add new Kconfig symbol for soft dependency on AES > crypto: aes/x86 - eliminate set_key() handling for IRQ context > crypto: aes/arm64 - eliminate dependency on crypto_aes_set_key() > crypto: aes - move crypto_aes_expand_key() to fixed-time AES driver > crypto: aes - split off shared AES tables and key expansion routines > crypto: aes - allow alternative AES drivers to fulfil AES dependency > > arch/arm/crypto/Kconfig | 5 +- > arch/arm64/crypto/Kconfig | 5 +- > arch/arm64/crypto/aes-glue.c | 12 +- > arch/x86/crypto/aesni-intel_glue.c | 14 +- > crypto/Kconfig | 25 +- > crypto/Makefile | 1 + > crypto/aes_core.c | 1302 ++++++++++++++++++++ > crypto/aes_generic.c | 1239 ------------------- > crypto/aes_ti.c | 7 +- > drivers/block/Kconfig | 2 +- > drivers/crypto/Kconfig | 21 +- > drivers/net/Kconfig | 2 +- > drivers/net/wireless/cisco/Kconfig | 2 +- > drivers/net/wireless/intel/ipw2x00/Kconfig | 2 +- > drivers/net/wireless/intersil/hostap/Kconfig | 2 +- > drivers/staging/rtl8192e/Kconfig | 2 +- > drivers/usb/wusbcore/Kconfig | 2 +- > fs/ceph/Kconfig | 2 +- > fs/cifs/Kconfig | 2 +- > fs/crypto/Kconfig | 2 +- > net/Kconfig | 2 +- > net/bluetooth/Kconfig | 2 +- > net/ceph/Kconfig | 2 +- > net/mac80211/Kconfig | 2 +- > net/mac802154/Kconfig | 2 +- > net/sunrpc/Kconfig | 3 +- > security/keys/Kconfig | 4 +- > 27 files changed, 1377 insertions(+), 1291 deletions(-) > create mode 100644 crypto/aes_core.c > > -- > 2.7.4 > >
