Re: [PATCH v3 0/7] crypto: aes - allow generic AES to be omitted

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 18 July 2017 at 06:25, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
> On Tue, Jun 20, 2017 at 11:28:53AM +0200, Ard Biesheuvel wrote:
>> The generic AES driver uses 16 lookup tables of 1 KB each, and has
>> encryption and decryption routines that are fully unrolled. Given how
>> the dependencies between this code and other drivers are declared in
>> Kconfig files, this code is always pulled into the core kernel, even
>> if it is usually superseded at runtime by accelerated drivers that
>> exist for many architectures.
>
> Why can't we simply replace aes-generic with aes-ti?
>

Because it is slower, and how much slower is architecture dependent
(if your arch has slow multiplication, aes-ti decryption will be dog
slow compared to aes-generic)

Also, quite a few architectures have table based implementations that
reuse crypto_ft_tab/crypto_fl_tab etc so we'd need to factor out those
into a separate module if we were to remove aes-generic.



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux