• Ard Biesheuvel's avatar
    net: phy: mscc: avoid skcipher API for single block AES encryption · 5a3235e5
    Ard Biesheuvel authored
    The skcipher API dynamically instantiates the transformation object
    on request that implements the requested algorithm optimally on the
    given platform. This notion of optimality only matters for cases like
    bulk network or disk encryption, where performance can be a bottleneck,
    or in cases where the algorithm itself is not known at compile time.
    
    In the mscc case, we are dealing with AES encryption of a single
    block, and so neither concern applies, and we are better off using
    the AES library interface, which is lightweight and safe for this
    kind of use.
    
    Note that the scatterlist API does not permit references to buffers
    that are located on the stack, so the existing code is incorrect in
    any case, but avoiding the skcipher and scatterlist APIs entirely is
    the most straight-forward approach to fixing this.
    
    Cc: Antoine Tenart <antoine.tenart@bootlin.com>
    Cc: Andrew Lunn <andrew@lunn.ch>
    Cc: Florian Fainelli <f.fainelli@gmail.com>
    Cc: Heiner Kallweit <hkallweit1@gmail.com>
    Cc: "David S. Miller" <davem@davemloft.net>
    Cc: Jakub Kicinski <kuba@kernel.org>
    Fixes: 28c5107a ("net: phy: mscc: macsec support")
    Reviewed-by: default avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
    Tested-by: default avatarAntoine Tenart <antoine.tenart@bootlin.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    5a3235e5
mscc_macsec.c 30 KB