diff options
Diffstat (limited to 'package/kernel/mac80211/patches/subsys/131-Revert-mac80211-aes-cmac-switch-to-shash-CMAC-driver.patch')
| -rw-r--r-- | package/kernel/mac80211/patches/subsys/131-Revert-mac80211-aes-cmac-switch-to-shash-CMAC-driver.patch | 230 |
1 files changed, 0 insertions, 230 deletions
diff --git a/package/kernel/mac80211/patches/subsys/131-Revert-mac80211-aes-cmac-switch-to-shash-CMAC-driver.patch b/package/kernel/mac80211/patches/subsys/131-Revert-mac80211-aes-cmac-switch-to-shash-CMAC-driver.patch deleted file mode 100644 index c3bf7ccc7a..0000000000 --- a/package/kernel/mac80211/patches/subsys/131-Revert-mac80211-aes-cmac-switch-to-shash-CMAC-driver.patch +++ /dev/null @@ -1,230 +0,0 @@ -From: Felix Fietkau <nbd@nbd.name> -Date: Sat, 7 Oct 2017 09:37:28 +0200 -Subject: [PATCH] Revert "mac80211: aes-cmac: switch to shash CMAC - driver" - -This reverts commit 26717828b75dd5c46e97f7f4a9b937d038bb2852. -Reduces mac80211 dependencies for LEDE - -Signed-off-by: Felix Fietkau <nbd@nbd.name> ---- - ---- a/net/mac80211/aes_cmac.c -+++ b/net/mac80211/aes_cmac.c -@@ -19,67 +19,151 @@ - #define CMAC_TLEN_256 16 /* CMAC TLen = 128 bits (16 octets) */ - #define AAD_LEN 20 - --static const u8 zero[CMAC_TLEN_256]; - --void ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad, -+void gf_mulx(u8 *pad) -+{ -+ int i, carry; -+ -+ carry = pad[0] & 0x80; -+ for (i = 0; i < AES_BLOCK_SIZE - 1; i++) -+ pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7); -+ pad[AES_BLOCK_SIZE - 1] <<= 1; -+ if (carry) -+ pad[AES_BLOCK_SIZE - 1] ^= 0x87; -+} -+ -+void aes_cmac_vector(struct crypto_cipher *tfm, size_t num_elem, -+ const u8 *addr[], const size_t *len, u8 *mac, -+ size_t mac_len) -+{ -+ u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE]; -+ const u8 *pos, *end; -+ size_t i, e, left, total_len; -+ -+ memset(cbc, 0, AES_BLOCK_SIZE); -+ -+ total_len = 0; -+ for (e = 0; e < num_elem; e++) -+ total_len += len[e]; -+ left = total_len; -+ -+ e = 0; -+ pos = addr[0]; -+ end = pos + len[0]; -+ -+ while (left >= AES_BLOCK_SIZE) { -+ for (i = 0; i < AES_BLOCK_SIZE; i++) { -+ cbc[i] ^= *pos++; -+ if (pos >= end) { -+ e++; -+ pos = addr[e]; -+ end = pos + len[e]; -+ } -+ } -+ if (left > AES_BLOCK_SIZE) -+ crypto_cipher_encrypt_one(tfm, cbc, cbc); -+ left -= AES_BLOCK_SIZE; -+ } -+ -+ memset(pad, 0, AES_BLOCK_SIZE); -+ crypto_cipher_encrypt_one(tfm, pad, pad); -+ gf_mulx(pad); -+ -+ if (left || total_len == 0) { -+ for (i = 0; i < left; i++) { -+ cbc[i] ^= *pos++; -+ if (pos >= end) { -+ e++; -+ pos = addr[e]; -+ end = pos + len[e]; -+ } -+ } -+ cbc[left] ^= 0x80; -+ gf_mulx(pad); -+ } -+ -+ for (i = 0; i < AES_BLOCK_SIZE; i++) -+ pad[i] ^= cbc[i]; -+ crypto_cipher_encrypt_one(tfm, pad, pad); -+ memcpy(mac, pad, mac_len); -+} -+ -+ -+void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic) - { -- SHASH_DESC_ON_STACK(desc, tfm); -- u8 out[AES_BLOCK_SIZE]; -+ const u8 *addr[4]; -+ size_t len[4]; -+ u8 zero[CMAC_TLEN]; - const __le16 *fc; - -- desc->tfm = tfm; -- -- crypto_shash_init(desc); -- crypto_shash_update(desc, aad, AAD_LEN); -+ memset(zero, 0, CMAC_TLEN); -+ addr[0] = aad; -+ len[0] = AAD_LEN; - fc = (const __le16 *)aad; - if (ieee80211_is_beacon(*fc)) { - /* mask Timestamp field to zero */ -- crypto_shash_update(desc, zero, 8); -- crypto_shash_update(desc, data + 8, data_len - 8 - CMAC_TLEN); -+ addr[1] = zero; -+ len[1] = 8; -+ addr[2] = data + 8; -+ len[2] = data_len - 8 - CMAC_TLEN; -+ addr[3] = zero; -+ len[3] = CMAC_TLEN; -+ aes_cmac_vector(tfm, 4, addr, len, mic, CMAC_TLEN); - } else { -- crypto_shash_update(desc, data, data_len - CMAC_TLEN); -+ addr[1] = data; -+ len[1] = data_len - CMAC_TLEN; -+ addr[2] = zero; -+ len[2] = CMAC_TLEN; -+ aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN); - } -- crypto_shash_finup(desc, zero, CMAC_TLEN, out); -- -- memcpy(mic, out, CMAC_TLEN); - } - --void ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad, -+void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic) - { -- SHASH_DESC_ON_STACK(desc, tfm); -+ const u8 *addr[4]; -+ size_t len[4]; -+ u8 zero[CMAC_TLEN_256]; - const __le16 *fc; - -- desc->tfm = tfm; -- -- crypto_shash_init(desc); -- crypto_shash_update(desc, aad, AAD_LEN); -+ memset(zero, 0, CMAC_TLEN_256); -+ addr[0] = aad; -+ len[0] = AAD_LEN; -+ addr[1] = data; - fc = (const __le16 *)aad; - if (ieee80211_is_beacon(*fc)) { - /* mask Timestamp field to zero */ -- crypto_shash_update(desc, zero, 8); -- crypto_shash_update(desc, data + 8, -- data_len - 8 - CMAC_TLEN_256); -+ addr[1] = zero; -+ len[1] = 8; -+ addr[2] = data + 8; -+ len[2] = data_len - 8 - CMAC_TLEN_256; -+ addr[3] = zero; -+ len[3] = CMAC_TLEN_256; -+ aes_cmac_vector(tfm, 4, addr, len, mic, CMAC_TLEN_256); - } else { -- crypto_shash_update(desc, data, data_len - CMAC_TLEN_256); -+ addr[1] = data; -+ len[1] = data_len - CMAC_TLEN_256; -+ addr[2] = zero; -+ len[2] = CMAC_TLEN_256; -+ aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN_256); - } -- crypto_shash_finup(desc, zero, CMAC_TLEN_256, mic); - } - --struct crypto_shash *ieee80211_aes_cmac_key_setup(const u8 key[], -- size_t key_len) -+struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[], -+ size_t key_len) - { -- struct crypto_shash *tfm; -+ struct crypto_cipher *tfm; - -- tfm = crypto_alloc_shash("cmac(aes)", 0, 0); -+ tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC); - if (!IS_ERR(tfm)) -- crypto_shash_setkey(tfm, key, key_len); -+ crypto_cipher_setkey(tfm, key, key_len); - - return tfm; - } - --void ieee80211_aes_cmac_key_free(struct crypto_shash *tfm) -+ -+void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm) - { -- crypto_free_shash(tfm); -+ crypto_free_cipher(tfm); - } ---- a/net/mac80211/aes_cmac.h -+++ b/net/mac80211/aes_cmac.h -@@ -7,14 +7,13 @@ - #define AES_CMAC_H - - #include <linux/crypto.h> --#include <crypto/hash.h> - --struct crypto_shash *ieee80211_aes_cmac_key_setup(const u8 key[], -- size_t key_len); --void ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad, -+struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[], -+ size_t key_len); -+void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic); --void ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad, -+void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic); --void ieee80211_aes_cmac_key_free(struct crypto_shash *tfm); -+void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm); - - #endif /* AES_CMAC_H */ ---- a/net/mac80211/key.h -+++ b/net/mac80211/key.h -@@ -94,7 +94,7 @@ struct ieee80211_key { - } ccmp; - struct { - u8 rx_pn[IEEE80211_CMAC_PN_LEN]; -- struct crypto_shash *tfm; -+ struct crypto_cipher *tfm; - u32 replays; /* dot11RSNAStatsCMACReplays */ - u32 icverrors; /* dot11RSNAStatsCMACICVErrors */ - } aes_cmac; |