NetBSD Problem Report #57426

From www@netbsd.org  Mon May 22 14:15:08 2023
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id BE8961A923A
	for <gnats-bugs@gnats.NetBSD.org>; Mon, 22 May 2023 14:15:07 +0000 (UTC)
Message-Id: <20230522141506.27EC11A9241@mollari.NetBSD.org>
Date: Mon, 22 May 2023 14:15:06 +0000 (UTC)
From: campbell+netbsd@mumble.net
Reply-To: campbell+netbsd@mumble.net
To: gnats-bugs@NetBSD.org
Subject: kernel aes(9) API should have optimized standard AES key schedule
X-Send-Pr-Version: www-1.0

>Number:         57426
>Category:       kern
>Synopsis:       kernel aes(9) API should have optimized standard AES key schedule
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon May 22 14:20:00 +0000 2023
>Originator:     Taylor R Campbell
>Release:        current
>Organization:
The NetAES Foundation
>Environment:
>Description:
Optimized AES implementations have callbacks for computing custom AES key schedules that can be used for custom AES encryption and decryption routines.

For example, the portable C AES code from BearSSL uses a variant key schedule that is optimized for bitslicing.

However, some drivers like mvxpsec(4) require software to compute the standard AES key schedule.

These drivers can call br_aes_ct_keysched_stdenc/dec, but if the CPU has AES-NI, for instance, they should be able to take advantage of that to compute the standard AES key schedule.
>How-To-Repeat:
think about removing the last abuse of tables for AES in mvxpsec(4) 
>Fix:
Yes, please!

Home	PR Database Search