diff options
| author | Nathan Lewis <[email protected]> | 2018-08-02 11:59:24 -0700 |
|---|---|---|
| committer | Brian Behlendorf <[email protected]> | 2018-08-02 11:59:24 -0700 |
| commit | 010d12474cb1572c0c9b729615fa45cf43f59d14 (patch) | |
| tree | 90decc0e3097d799852e8befeb7d6b8a1a5f4be8 /module/icp/include/aes | |
| parent | 3d503a76e890d7711d5e906e025e092d0e244211 (diff) | |
Add support for selecting encryption backend
- Add two new module parameters to icp (icp_aes_impl, icp_gcm_impl)
that control the crypto implementation. At the moment there is a
choice between generic and aesni (on platforms that support it).
- This enables support for AES-NI and PCLMULQDQ-NI on AMD Family
15h (bulldozer) and newer CPUs (zen).
- Modify aes_key_t to track what implementation it was generated
with as key schedules generated with various implementations
are not necessarily interchangable.
Reviewed by: Gvozden Neskovic <[email protected]>
Reviewed-by: Brian Behlendorf <[email protected]>
Reviewed-by: Tom Caputi <[email protected]>
Reviewed-by: Richard Laager <[email protected]>
Signed-off-by: Nathaniel R. Lewis <[email protected]>
Closes #7102
Closes #7103
Diffstat (limited to 'module/icp/include/aes')
| -rw-r--r-- | module/icp/include/aes/aes_impl.h | 50 |
1 files changed, 46 insertions, 4 deletions
diff --git a/module/icp/include/aes/aes_impl.h b/module/icp/include/aes/aes_impl.h index ed15f74e7..95cfddf9e 100644 --- a/module/icp/include/aes/aes_impl.h +++ b/module/icp/include/aes/aes_impl.h @@ -106,17 +106,15 @@ typedef union { uint32_t ks32[((MAX_AES_NR) + 1) * (MAX_AES_NB)]; } aes_ks_t; -/* aes_key.flags value: */ -#define INTEL_AES_NI_CAPABLE 0x1 /* AES-NI instructions present */ - +typedef struct aes_impl_ops aes_impl_ops_t; typedef struct aes_key aes_key_t; struct aes_key { aes_ks_t encr_ks; /* encryption key schedule */ aes_ks_t decr_ks; /* decryption key schedule */ #ifdef __amd64 long double align128; /* Align fields above for Intel AES-NI */ - int flags; /* implementation-dependent flags */ #endif /* __amd64 */ + const aes_impl_ops_t *ops; /* ops associated with this schedule */ int nr; /* number of rounds (10, 12, or 14) */ int type; /* key schedule size (32 or 64 bits) */ }; @@ -163,6 +161,50 @@ typedef enum aes_mech_type { #endif /* _AES_IMPL */ +/* + * Methods used to define aes implementation + * + * @aes_gen_f Key generation + * @aes_enc_f Function encrypts one block + * @aes_dec_f Function decrypts one block + * @aes_will_work_f Function tests whether method will function + */ +typedef void (*aes_generate_f)(aes_key_t *, const uint32_t *, int); +typedef void (*aes_encrypt_f)(const uint32_t[], int, + const uint32_t[4], uint32_t[4]); +typedef void (*aes_decrypt_f)(const uint32_t[], int, + const uint32_t[4], uint32_t[4]); +typedef boolean_t (*aes_will_work_f)(void); + +#define AES_IMPL_NAME_MAX (16) + +struct aes_impl_ops { + aes_generate_f generate; + aes_encrypt_f encrypt; + aes_decrypt_f decrypt; + aes_will_work_f is_supported; + boolean_t needs_byteswap; + char name[AES_IMPL_NAME_MAX]; +}; + +extern const aes_impl_ops_t aes_generic_impl; +#if defined(__x86_64) +extern const aes_impl_ops_t aes_x86_64_impl; +#endif +#if defined(__x86_64) && defined(HAVE_AES) +extern const aes_impl_ops_t aes_aesni_impl; +#endif + +/* + * Initializes fastest implementation + */ +void aes_impl_init(void); + +/* + * Get selected aes implementation + */ +struct aes_impl_ops *aes_impl_get_ops(void); + #ifdef __cplusplus } #endif |