arch/arm/crypto/aes-ce-glue.c
Source file repositories/reference/linux-study-clean/arch/arm/crypto/aes-ce-glue.c
File Facts
- System
- Linux kernel
- Corpus path
arch/arm/crypto/aes-ce-glue.c- Extension
.c- Size
- 17925 bytes
- Lines
- 649
- Domain
- Architecture Layer
- Bucket
- arch/arm
- Inferred role
- Architecture Layer: implementation source
- Status
- source implementation candidate
Why This File Exists
CPU and platform-specific kernel glue: boot entry, traps, syscall entry, interrupts, page tables, context switch, and low-level barriers.
- CPU and platform-specific kernel glue: boot entry, traps, syscall entry, interrupts, page tables, context switch, and low-level barriers.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
asm/hwcap.hasm/neon.hasm/simd.hlinux/unaligned.hcrypto/aes.hcrypto/internal/skcipher.hcrypto/scatterwalk.hlinux/cpufeature.hlinux/module.hcrypto/xts.h
Detected Declarations
struct aes_blockstruct crypto_aes_xts_ctxfunction num_roundsfunction ce_aes_expandkeyfunction ce_aes_setkeyfunction xts_set_keyfunction ecb_encryptfunction ecb_decryptfunction cbc_encrypt_walkfunction cbc_encryptfunction cbc_decrypt_walkfunction cbc_decryptfunction cts_cbc_encryptfunction cts_cbc_decryptfunction ctr_encryptfunction xts_encryptfunction xts_decryptfunction aes_exitfunction aes_init
Annotated Snippet
struct aes_block {
u8 b[AES_BLOCK_SIZE];
};
static int num_rounds(struct crypto_aes_ctx *ctx)
{
/*
* # of rounds specified by AES:
* 128 bit key 10 rounds
* 192 bit key 12 rounds
* 256 bit key 14 rounds
* => n byte key => 6 + (n/4) rounds
*/
return 6 + ctx->key_length / 4;
}
static int ce_aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
unsigned int key_len)
{
/*
* The AES key schedule round constants
*/
static u8 const rcon[] = {
0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36,
};
u32 kwords = key_len / sizeof(u32);
struct aes_block *key_enc, *key_dec;
int i, j;
if (key_len != AES_KEYSIZE_128 &&
key_len != AES_KEYSIZE_192 &&
key_len != AES_KEYSIZE_256)
return -EINVAL;
ctx->key_length = key_len;
for (i = 0; i < kwords; i++)
ctx->key_enc[i] = get_unaligned_le32(in_key + i * sizeof(u32));
kernel_neon_begin();
for (i = 0; i < sizeof(rcon); i++) {
u32 *rki = ctx->key_enc + (i * kwords);
u32 *rko = rki + kwords;
rko[0] = ror32(ce_aes_sub(rki[kwords - 1]), 8);
rko[0] = rko[0] ^ rki[0] ^ rcon[i];
rko[1] = rko[0] ^ rki[1];
rko[2] = rko[1] ^ rki[2];
rko[3] = rko[2] ^ rki[3];
if (key_len == AES_KEYSIZE_192) {
if (i >= 7)
break;
rko[4] = rko[3] ^ rki[4];
rko[5] = rko[4] ^ rki[5];
} else if (key_len == AES_KEYSIZE_256) {
if (i >= 6)
break;
rko[4] = ce_aes_sub(rko[3]) ^ rki[4];
rko[5] = rko[4] ^ rki[5];
rko[6] = rko[5] ^ rki[6];
rko[7] = rko[6] ^ rki[7];
}
}
/*
* Generate the decryption keys for the Equivalent Inverse Cipher.
* This involves reversing the order of the round keys, and applying
* the Inverse Mix Columns transformation on all but the first and
* the last one.
*/
key_enc = (struct aes_block *)ctx->key_enc;
key_dec = (struct aes_block *)ctx->key_dec;
j = num_rounds(ctx);
key_dec[0] = key_enc[j];
for (i = 1, j--; j > 0; i++, j--)
ce_aes_invert(key_dec + i, key_enc + j);
key_dec[i] = key_enc[0];
kernel_neon_end();
return 0;
}
static int ce_aes_setkey(struct crypto_skcipher *tfm, const u8 *in_key,
unsigned int key_len)
{
struct crypto_aes_ctx *ctx = crypto_skcipher_ctx(tfm);
return ce_aes_expandkey(ctx, in_key, key_len);
Annotation
- Immediate include surface: `asm/hwcap.h`, `asm/neon.h`, `asm/simd.h`, `linux/unaligned.h`, `crypto/aes.h`, `crypto/internal/skcipher.h`, `crypto/scatterwalk.h`, `linux/cpufeature.h`.
- Detected declarations: `struct aes_block`, `struct crypto_aes_xts_ctx`, `function num_rounds`, `function ce_aes_expandkey`, `function ce_aes_setkey`, `function xts_set_key`, `function ecb_encrypt`, `function ecb_decrypt`, `function cbc_encrypt_walk`, `function cbc_encrypt`.
- Atlas domain: Architecture Layer / arch/arm.
- Implementation status: source implementation candidate.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.