openwrt/package/kernel
Daniel Kestrel 43422deed3 ltq-deu: add aes_xts algorithm
The lantiq AES hardware does not support the xts algorithm. Apart
from the cipher text stealing (XTS), the AES XTS implementation is
just an XOR with the IV, followed by AES ECB, followed by another
XOR with the IV and as such can be also implemented by using the
lantiq hardware's CBC AES implemention plus one additional XOR with
the IV in the driver. The output IV by CBC AES is also not usable
and the gfmul operation not supported by lantiq hardware. Both need
to be done in the driver too in addition to the IV treatment which is
the initial encryption by the other half of the input key and to
set the IV to the IV registers for every block.
In the generic kernel implementation, the block size for XTS is set
to 16 bytes, although the algorithm is designed to process any size
of input larger than 16 bytes. But since there is no way to
indicate a minimum input length, the block size is used. This leads
to certain issues when the skcipher walk functions are used, e.g.
processing less than block size bytes is not supported by calling
skcipher_walk_done.
The walksize is 2 AES blocks because otherwise for splitted input
or output data, less than blocksize is to be returned in some cases,
which cannot be processed. Another issue was that depending on
possible split of input/output data, just 16 bytes are returned while
less than 16 bytes were remaining, while cipher text stealing
requires 17 bytes or more for processing.
For example, if the input is 60 bytes and the walk is 48, then
processing 48 bytes leads to a return code of -EINVAL for
skcipher_walk_done. Therefor the processed counter is used to
figure out, when the actual cipher text stealing for the remaining
bytes less than blocksize needs to be applied.
Measured with cryptsetup benchmark, this XTS AES implementation is
about 19% faster than the kernels XTS implementation that uses the
hardware ECB AES (ca. 18.6 MiB/s vs. 15.8 MiB/s decryption 256b key).
The implementation was tested with the kernels crypto testmgr against
the kernels generic XTS AES implementation including extended tests.

Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
2022-01-06 00:23:08 +01:00
..
acx-mac80211 acx-mac80211: replace dead URLs with OpenWrt CDN 2021-02-07 11:26:36 -10:00
ath10k-ct ath10k-ct: Fix spectral scan NULL pointer 2021-11-29 21:48:03 +01:00
bcm27xx-gpu-fw bcm27xx-gpu-fw: update to latest version 2021-08-21 19:07:06 +02:00
bcm63xx-cfe bcm63xx-cfe: update to the latest master 2021-06-22 13:27:41 +02:00
bpf-headers bpf-headers: switch to mips64 for 64 bit targets 2021-11-19 23:51:20 +01:00
broadcom-wl treewide: unify OpenWrt hosted source via @OPENWRT 2021-02-05 12:00:24 -10:00
button-hotplug kernel: replace SUBDIRS with M in package recipes 2020-02-22 16:38:41 +01:00
cryptodev-linux cryptodev-linux: update to 1.12 2021-09-29 22:56:59 +02:00
dtc/patches package: kernel: dtc: Add DTO support 2017-11-06 16:39:41 +01:00
gpio-button-hotplug gpio-button-hotplug: convert to gpio descriptor (gpiod_) API 2021-08-26 21:00:26 +02:00
gpio-nct5104d kernel: drop outdated kernel version switches for local code 2020-05-17 18:35:51 +02:00
gpio-nxp-74hc153 packages: kernel: add gpio-nxp-74hc153 2021-03-22 09:23:10 +01:00
hwmon-gsc kernel: update dependencies after 'imx6' -> 'imx' rename 2021-11-03 12:45:40 +01:00
lantiq ltq-deu: add aes_xts algorithm 2022-01-06 00:23:08 +01:00
linux packages: kernel: add i2c hwmon g762 kmod package 2021-12-29 20:35:57 +01:00
mac80211 kernel: mac80211: refresh patchset 2021-12-24 22:15:50 +00:00
mt76 mt76: fix Makefile dependencies for mt7921 2021-12-21 11:29:09 +01:00
mt7621-qtn-rgmii mt7621-qtn-rgmii: enable RGMII connected Quantenna QV840 2020-07-08 16:07:05 +02:00
mwlwifi mwlwifi: add PKG_FLAGS:=nonshared 2021-03-24 15:26:31 +00:00
nat46 nat46: update to latest git HEAD 2021-12-05 18:40:19 +01:00
om-watchdog ar71xx: drop target 2020-08-30 22:18:35 +02:00
rtc-rv5c386a kernel: drop outdated kernel version switches for local code 2020-05-17 18:35:51 +02:00
rtl8812au-ct rtl8812au-ct: update driver to be ready for 5.15 2021-12-11 00:50:02 +01:00
trelay package: drop PKG_VERSION for purely local packages 2020-07-15 18:33:56 +02:00