{"id":2197955,"url":"http://patchwork.ozlabs.org/api/1.0/patches/2197955/?format=json","project":{"id":12,"url":"http://patchwork.ozlabs.org/api/1.0/projects/12/?format=json","name":"Linux CIFS Client","link_name":"linux-cifs-client","list_id":"linux-cifs.vger.kernel.org","list_email":"linux-cifs@vger.kernel.org","web_url":"","scm_url":"","webscm_url":""},"msgid":"<20260218213501.136844-14-ebiggers@kernel.org>","date":"2026-02-18T21:34:59","name":"[13/15] Bluetooth: SMP: Use AES-CMAC library API","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"0f71dfac10099140e842e9695180a7fd42bf8ada","submitter":{"id":74690,"url":"http://patchwork.ozlabs.org/api/1.0/people/74690/?format=json","name":"Eric Biggers","email":"ebiggers@kernel.org"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/linux-cifs-client/patch/20260218213501.136844-14-ebiggers@kernel.org/mbox/","series":[{"id":492621,"url":"http://patchwork.ozlabs.org/api/1.0/series/492621/?format=json","date":"2026-02-18T21:34:46","name":"AES-CMAC library","version":1,"mbox":"http://patchwork.ozlabs.org/series/492621/mbox/"}],"check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2197955/checks/","tags":{},"headers":{"Return-Path":"\n <linux-cifs+bounces-9454-incoming=patchwork.ozlabs.org@vger.kernel.org>","X-Original-To":["incoming@patchwork.ozlabs.org","linux-cifs@vger.kernel.org"],"Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=kernel.org header.i=@kernel.org header.a=rsa-sha256\n header.s=k20201202 header.b=YcuPq7zs;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=172.232.135.74; helo=sto.lore.kernel.org;\n envelope-from=linux-cifs+bounces-9454-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)","smtp.subspace.kernel.org;\n\tdkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org\n header.b=\"YcuPq7zs\"","smtp.subspace.kernel.org;\n arc=none smtp.client-ip=10.30.226.201"],"Received":["from sto.lore.kernel.org (sto.lore.kernel.org [172.232.135.74])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fGVHv45qjz1xvS\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 19 Feb 2026 08:38:35 +1100 (AEDT)","from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sto.lore.kernel.org (Postfix) with ESMTP id 388F93012D23\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 18 Feb 2026 21:38:05 +0000 (UTC)","from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 6BDE733A6F2;\n\tWed, 18 Feb 2026 21:36:59 +0000 (UTC)","from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org\n [10.30.226.201])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 42F0733A6E4;\n\tWed, 18 Feb 2026 21:36:59 +0000 (UTC)","by smtp.kernel.org (Postfix) with ESMTPSA id 882ABC2BCB8;\n\tWed, 18 Feb 2026 21:36:58 +0000 (UTC)"],"ARC-Seal":"i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1771450619; cv=none;\n b=jb0dksK+aeKdYF/JJK35MsTZSexLRmHKkU8Onbi7nQH8vvCL9M05cys3NJwDpk7Zo93ks+NeaIdShdOTP+FPzeIqiBScnZ3Kh9WkU/1ykxWSxsP+3sSN8j0g+64CI3tmLM9fIhMa2q9vWzLCMm+7z0dtGJIqcL8op1pLW5uaXj8=","ARC-Message-Signature":"i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1771450619; c=relaxed/simple;\n\tbh=FzLAFnsSHFvGoAfqcNAmnj11tq4ngHpZmu//ht8ZFP8=;\n\th=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:\n\t MIME-Version;\n b=fhFRdSMHg2TPxe++Jhsvtuy4ZIJQ/wasZLnwok0HhpR9jsI2Lc8xbFWVd/SwSHjH4/UCjHZA49MpSTCfwtFgBf0w1H3Th5DeKiq41ZlRvJ41c5oeS8PnQprKFVgHN7zHJa8PBoKeN6L7YMm96ZLpbmjC63rG5/UfGs9i17UVoIQ=","ARC-Authentication-Results":"i=1; smtp.subspace.kernel.org;\n dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org\n header.b=YcuPq7zs; arc=none smtp.client-ip=10.30.226.201","DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;\n\ts=k20201202; t=1771450619;\n\tbh=FzLAFnsSHFvGoAfqcNAmnj11tq4ngHpZmu//ht8ZFP8=;\n\th=From:To:Cc:Subject:Date:In-Reply-To:References:From;\n\tb=YcuPq7zseL7qa2f5JntY6yXCOgdmRPyVUGvZfB0hrUON8qybXL9pmipnu0l5X8Me9\n\t k50dE0j/zduMMaMjQ3xHZtc7r31YImu4Eljw8cwSdC+Og7b5dRKCvnGGDY0HyHHZZk\n\t jC2VkmiNO+hGlCr7Nbvv4AuhWvouKlWuyC/uidmsu26Pq+DxLJgWFJU/u6FkMKR8nq\n\t NbX/GFWcA7BJWLPxhMfaCvz25HDK5X+UvkjpCIjGLQetvbmexiS63VUMIIub7GgfZ0\n\t M0boI+WZvNSFMWB0Kza6nGKggQRjp5MoHSuLdog2IJTuaRSFfjHjVtmbM49Dby5+AU\n\t Sh5jwxrhDVntw==","From":"Eric Biggers <ebiggers@kernel.org>","To":"linux-crypto@vger.kernel.org","Cc":"linux-kernel@vger.kernel.org,\n\tArd Biesheuvel <ardb@kernel.org>,\n\t\"Jason A . Donenfeld\" <Jason@zx2c4.com>,\n\tHerbert Xu <herbert@gondor.apana.org.au>,\n\tlinux-arm-kernel@lists.infradead.org,\n\tlinux-cifs@vger.kernel.org,\n\tlinux-wireless@vger.kernel.org,\n\tEric Biggers <ebiggers@kernel.org>","Subject":"[PATCH 13/15] Bluetooth: SMP: Use AES-CMAC library API","Date":"Wed, 18 Feb 2026 13:34:59 -0800","Message-ID":"<20260218213501.136844-14-ebiggers@kernel.org>","X-Mailer":"git-send-email 2.53.0","In-Reply-To":"<20260218213501.136844-1-ebiggers@kernel.org>","References":"<20260218213501.136844-1-ebiggers@kernel.org>","Precedence":"bulk","X-Mailing-List":"linux-cifs@vger.kernel.org","List-Id":"<linux-cifs.vger.kernel.org>","List-Subscribe":"<mailto:linux-cifs+subscribe@vger.kernel.org>","List-Unsubscribe":"<mailto:linux-cifs+unsubscribe@vger.kernel.org>","MIME-Version":"1.0","Content-Transfer-Encoding":"8bit"},"content":"Now that AES-CMAC has a library API, convert net/bluetooth/smp.c to use\nit instead of the \"cmac(aes)\" crypto_shash.  Since the library API\ndoesn't require dynamic memory allocation, we no longer need to pass a\ncrypto_shash object down the call stack and can simply allocate the\naes_cmac_key on the stack in smp_aes_cmac() (renamed from aes_cmac()).\n\nThe result is simpler and faster code that no longer relies on the\nerror-prone loading of algorithms by name.\n\nNote that the maximum stack usage actually decreases slightly, despite\nthe expanded AES key being moved to the stack.  This is because the old\ncode called crypto_shash_tfm_digest(), which allocates 384 bytes on the\nstack for a maximally-sized hash descriptor for any algorithm.  The new\ncode instead declares a 288-byte aes_cmac_key, then calls aes_cmac()\nwhich declares a 32-byte aes_cmac_ctx.  Since 288 + 32 < 384, the\nmaximum stack usage decreases.  I.e. the entire expanded AES key easily\nfits in the space that the generic crypto API was wasting before.\n\nI didn't add zeroization of the aes_cmac_key, since smp_aes_cmac()\nalready copies the raw key to the stack without zeroizing it.\n\nSigned-off-by: Eric Biggers <ebiggers@kernel.org>\n---\n net/bluetooth/Kconfig |   3 +-\n net/bluetooth/smp.c   | 180 +++++++++++++++---------------------------\n 2 files changed, 65 insertions(+), 118 deletions(-)","diff":"diff --git a/net/bluetooth/Kconfig b/net/bluetooth/Kconfig\nindex 6b2b65a66700..48972f7790ec 100644\n--- a/net/bluetooth/Kconfig\n+++ b/net/bluetooth/Kconfig\n@@ -9,12 +9,11 @@ menuconfig BT\n \tdepends on RFKILL || !RFKILL\n \tselect CRC16\n \tselect CRYPTO\n \tselect CRYPTO_SKCIPHER\n \tselect CRYPTO_LIB_AES\n-\timply CRYPTO_AES\n-\tselect CRYPTO_CMAC\n+\tselect CRYPTO_LIB_AES_CBC_MACS\n \tselect CRYPTO_ECB\n \tselect CRYPTO_SHA256\n \tselect CRYPTO_ECDH\n \thelp\n \t  Bluetooth is low-cost, low-power, short-range wireless technology.\ndiff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c\nindex bf61e8841535..fd2cd7f1b12a 100644\n--- a/net/bluetooth/smp.c\n+++ b/net/bluetooth/smp.c\n@@ -20,12 +20,12 @@\n    SOFTWARE IS DISCLAIMED.\n */\n \n #include <linux/debugfs.h>\n #include <linux/scatterlist.h>\n+#include <crypto/aes-cbc-macs.h>\n #include <crypto/aes.h>\n-#include <crypto/hash.h>\n #include <crypto/kpp.h>\n #include <crypto/utils.h>\n \n #include <net/bluetooth/bluetooth.h>\n #include <net/bluetooth/hci_core.h>\n@@ -61,11 +61,11 @@\n \n #define AUTH_REQ_MASK(dev)\t(hci_dev_test_flag(dev, HCI_SC_ENABLED) ? \\\n \t\t\t\t 0x3f : 0x07)\n #define KEY_DIST_MASK\t\t0x07\n \n-/* Maximum message length that can be passed to aes_cmac */\n+/* Maximum message length that can be passed to smp_aes_cmac */\n #define CMAC_MSG_MAX\t80\n \n enum {\n \tSMP_FLAG_TK_VALID,\n \tSMP_FLAG_CFM_PENDING,\n@@ -87,11 +87,10 @@ struct smp_dev {\n \tbool\t\t\tlocal_oob;\n \tu8\t\t\tlocal_pk[64];\n \tu8\t\t\tlocal_rand[16];\n \tbool\t\t\tdebug_key;\n \n-\tstruct crypto_shash\t*tfm_cmac;\n \tstruct crypto_kpp\t*tfm_ecdh;\n };\n \n struct smp_chan {\n \tstruct l2cap_conn\t*conn;\n@@ -125,11 +124,10 @@ struct smp_chan {\n \tu8\t\t\tlocal_pk[64];\n \tu8\t\t\tremote_pk[64];\n \tu8\t\t\tdhkey[32];\n \tu8\t\t\tmackey[16];\n \n-\tstruct crypto_shash\t*tfm_cmac;\n \tstruct crypto_kpp\t*tfm_ecdh;\n };\n \n /* These debug key values are defined in the SMP section of the core\n  * specification. debug_pk is the public debug key and debug_sk the\n@@ -164,52 +162,40 @@ static inline void swap_buf(const u8 *src, u8 *dst, size_t len)\n \n /* The following functions map to the LE SC SMP crypto functions\n  * AES-CMAC, f4, f5, f6, g2 and h6.\n  */\n \n-static int aes_cmac(struct crypto_shash *tfm, const u8 k[16], const u8 *m,\n-\t\t    size_t len, u8 mac[16])\n+static int smp_aes_cmac(const u8 k[16], const u8 *m, size_t len, u8 mac[16])\n {\n \tuint8_t tmp[16], mac_msb[16], msg_msb[CMAC_MSG_MAX];\n+\tstruct aes_cmac_key key;\n \tint err;\n \n \tif (len > CMAC_MSG_MAX)\n \t\treturn -EFBIG;\n \n-\tif (!tfm) {\n-\t\tBT_ERR(\"tfm %p\", tfm);\n-\t\treturn -EINVAL;\n-\t}\n-\n \t/* Swap key and message from LSB to MSB */\n \tswap_buf(k, tmp, 16);\n \tswap_buf(m, msg_msb, len);\n \n \tSMP_DBG(\"msg (len %zu) %*phN\", len, (int) len, m);\n \tSMP_DBG(\"key %16phN\", k);\n \n-\terr = crypto_shash_setkey(tfm, tmp, 16);\n-\tif (err) {\n-\t\tBT_ERR(\"cipher setkey failed: %d\", err);\n+\terr = aes_cmac_preparekey(&key, tmp, 16);\n+\tif (WARN_ON_ONCE(err)) /* Should never happen, as 16 is valid keylen */\n \t\treturn err;\n-\t}\n-\n-\terr = crypto_shash_tfm_digest(tfm, msg_msb, len, mac_msb);\n-\tif (err) {\n-\t\tBT_ERR(\"Hash computation error %d\", err);\n-\t\treturn err;\n-\t}\n+\taes_cmac(&key, msg_msb, len, mac_msb);\n \n \tswap_buf(mac_msb, mac, 16);\n \n \tSMP_DBG(\"mac %16phN\", mac);\n \n \treturn 0;\n }\n \n-static int smp_f4(struct crypto_shash *tfm_cmac, const u8 u[32],\n-\t\t  const u8 v[32], const u8 x[16], u8 z, u8 res[16])\n+static int smp_f4(const u8 u[32], const u8 v[32], const u8 x[16], u8 z,\n+\t\t  u8 res[16])\n {\n \tu8 m[65];\n \tint err;\n \n \tSMP_DBG(\"u %32phN\", u);\n@@ -218,22 +204,21 @@ static int smp_f4(struct crypto_shash *tfm_cmac, const u8 u[32],\n \n \tm[0] = z;\n \tmemcpy(m + 1, v, 32);\n \tmemcpy(m + 33, u, 32);\n \n-\terr = aes_cmac(tfm_cmac, x, m, sizeof(m), res);\n+\terr = smp_aes_cmac(x, m, sizeof(m), res);\n \tif (err)\n \t\treturn err;\n \n \tSMP_DBG(\"res %16phN\", res);\n \n \treturn err;\n }\n \n-static int smp_f5(struct crypto_shash *tfm_cmac, const u8 w[32],\n-\t\t  const u8 n1[16], const u8 n2[16], const u8 a1[7],\n-\t\t  const u8 a2[7], u8 mackey[16], u8 ltk[16])\n+static int smp_f5(const u8 w[32], const u8 n1[16], const u8 n2[16],\n+\t\t  const u8 a1[7], const u8 a2[7], u8 mackey[16], u8 ltk[16])\n {\n \t/* The btle, salt and length \"magic\" values are as defined in\n \t * the SMP section of the Bluetooth core specification. In ASCII\n \t * the btle value ends up being 'btle'. The salt is just a\n \t * random number whereas length is the value 256 in little\n@@ -248,11 +233,11 @@ static int smp_f5(struct crypto_shash *tfm_cmac, const u8 w[32],\n \n \tSMP_DBG(\"w %32phN\", w);\n \tSMP_DBG(\"n1 %16phN n2 %16phN\", n1, n2);\n \tSMP_DBG(\"a1 %7phN a2 %7phN\", a1, a2);\n \n-\terr = aes_cmac(tfm_cmac, salt, w, 32, t);\n+\terr = smp_aes_cmac(salt, w, 32, t);\n \tif (err)\n \t\treturn err;\n \n \tSMP_DBG(\"t %16phN\", t);\n \n@@ -263,31 +248,30 @@ static int smp_f5(struct crypto_shash *tfm_cmac, const u8 w[32],\n \tmemcpy(m + 32, n1, 16);\n \tmemcpy(m + 48, btle, 4);\n \n \tm[52] = 0; /* Counter */\n \n-\terr = aes_cmac(tfm_cmac, t, m, sizeof(m), mackey);\n+\terr = smp_aes_cmac(t, m, sizeof(m), mackey);\n \tif (err)\n \t\treturn err;\n \n \tSMP_DBG(\"mackey %16phN\", mackey);\n \n \tm[52] = 1; /* Counter */\n \n-\terr = aes_cmac(tfm_cmac, t, m, sizeof(m), ltk);\n+\terr = smp_aes_cmac(t, m, sizeof(m), ltk);\n \tif (err)\n \t\treturn err;\n \n \tSMP_DBG(\"ltk %16phN\", ltk);\n \n \treturn 0;\n }\n \n-static int smp_f6(struct crypto_shash *tfm_cmac, const u8 w[16],\n-\t\t  const u8 n1[16], const u8 n2[16], const u8 r[16],\n-\t\t  const u8 io_cap[3], const u8 a1[7], const u8 a2[7],\n-\t\t  u8 res[16])\n+static int smp_f6(const u8 w[16], const u8 n1[16], const u8 n2[16],\n+\t\t  const u8 r[16], const u8 io_cap[3], const u8 a1[7],\n+\t\t  const u8 a2[7], u8 res[16])\n {\n \tu8 m[65];\n \tint err;\n \n \tSMP_DBG(\"w %16phN\", w);\n@@ -299,21 +283,21 @@ static int smp_f6(struct crypto_shash *tfm_cmac, const u8 w[16],\n \tmemcpy(m + 14, io_cap, 3);\n \tmemcpy(m + 17, r, 16);\n \tmemcpy(m + 33, n2, 16);\n \tmemcpy(m + 49, n1, 16);\n \n-\terr = aes_cmac(tfm_cmac, w, m, sizeof(m), res);\n+\terr = smp_aes_cmac(w, m, sizeof(m), res);\n \tif (err)\n \t\treturn err;\n \n \tSMP_DBG(\"res %16phN\", res);\n \n \treturn err;\n }\n \n-static int smp_g2(struct crypto_shash *tfm_cmac, const u8 u[32], const u8 v[32],\n-\t\t  const u8 x[16], const u8 y[16], u32 *val)\n+static int smp_g2(const u8 u[32], const u8 v[32], const u8 x[16],\n+\t\t  const u8 y[16], u32 *val)\n {\n \tu8 m[80], tmp[16];\n \tint err;\n \n \tSMP_DBG(\"u %32phN\", u);\n@@ -322,11 +306,11 @@ static int smp_g2(struct crypto_shash *tfm_cmac, const u8 u[32], const u8 v[32],\n \n \tmemcpy(m, y, 16);\n \tmemcpy(m + 16, v, 32);\n \tmemcpy(m + 48, u, 32);\n \n-\terr = aes_cmac(tfm_cmac, x, m, sizeof(m), tmp);\n+\terr = smp_aes_cmac(x, m, sizeof(m), tmp);\n \tif (err)\n \t\treturn err;\n \n \t*val = get_unaligned_le32(tmp);\n \t*val %= 1000000;\n@@ -334,34 +318,32 @@ static int smp_g2(struct crypto_shash *tfm_cmac, const u8 u[32], const u8 v[32],\n \tSMP_DBG(\"val %06u\", *val);\n \n \treturn 0;\n }\n \n-static int smp_h6(struct crypto_shash *tfm_cmac, const u8 w[16],\n-\t\t  const u8 key_id[4], u8 res[16])\n+static int smp_h6(const u8 w[16], const u8 key_id[4], u8 res[16])\n {\n \tint err;\n \n \tSMP_DBG(\"w %16phN key_id %4phN\", w, key_id);\n \n-\terr = aes_cmac(tfm_cmac, w, key_id, 4, res);\n+\terr = smp_aes_cmac(w, key_id, 4, res);\n \tif (err)\n \t\treturn err;\n \n \tSMP_DBG(\"res %16phN\", res);\n \n \treturn err;\n }\n \n-static int smp_h7(struct crypto_shash *tfm_cmac, const u8 w[16],\n-\t\t  const u8 salt[16], u8 res[16])\n+static int smp_h7(const u8 w[16], const u8 salt[16], u8 res[16])\n {\n \tint err;\n \n \tSMP_DBG(\"w %16phN salt %16phN\", w, salt);\n \n-\terr = aes_cmac(tfm_cmac, salt, w, 16, res);\n+\terr = smp_aes_cmac(salt, w, 16, res);\n \tif (err)\n \t\treturn err;\n \n \tSMP_DBG(\"res %16phN\", res);\n \n@@ -572,12 +554,11 @@ int smp_generate_oob(struct hci_dev *hdev, u8 hash[16], u8 rand[16])\n \tSMP_DBG(\"OOB Public Key X: %32phN\", smp->local_pk);\n \tSMP_DBG(\"OOB Public Key Y: %32phN\", smp->local_pk + 32);\n \n \tget_random_bytes(smp->local_rand, 16);\n \n-\terr = smp_f4(smp->tfm_cmac, smp->local_pk, smp->local_pk,\n-\t\t     smp->local_rand, 0, hash);\n+\terr = smp_f4(smp->local_pk, smp->local_pk, smp->local_rand, 0, hash);\n \tif (err < 0)\n \t\treturn err;\n \n \tmemcpy(rand, smp->local_rand, 16);\n \n@@ -755,11 +736,10 @@ static void smp_chan_destroy(struct l2cap_conn *conn)\n \n \tkfree_sensitive(smp->csrk);\n \tkfree_sensitive(smp->responder_csrk);\n \tkfree_sensitive(smp->link_key);\n \n-\tcrypto_free_shash(smp->tfm_cmac);\n \tcrypto_free_kpp(smp->tfm_ecdh);\n \n \t/* Ensure that we don't leave any debug key around if debug key\n \t * support hasn't been explicitly enabled.\n \t */\n@@ -1161,27 +1141,27 @@ static void sc_generate_link_key(struct smp_chan *smp)\n \n \tif (test_bit(SMP_FLAG_CT2, &smp->flags)) {\n \t\t/* SALT = 0x000000000000000000000000746D7031 */\n \t\tconst u8 salt[16] = { 0x31, 0x70, 0x6d, 0x74 };\n \n-\t\tif (smp_h7(smp->tfm_cmac, smp->tk, salt, smp->link_key)) {\n+\t\tif (smp_h7(smp->tk, salt, smp->link_key)) {\n \t\t\tkfree_sensitive(smp->link_key);\n \t\t\tsmp->link_key = NULL;\n \t\t\treturn;\n \t\t}\n \t} else {\n \t\t/* From core spec. Spells out in ASCII as 'tmp1'. */\n \t\tconst u8 tmp1[4] = { 0x31, 0x70, 0x6d, 0x74 };\n \n-\t\tif (smp_h6(smp->tfm_cmac, smp->tk, tmp1, smp->link_key)) {\n+\t\tif (smp_h6(smp->tk, tmp1, smp->link_key)) {\n \t\t\tkfree_sensitive(smp->link_key);\n \t\t\tsmp->link_key = NULL;\n \t\t\treturn;\n \t\t}\n \t}\n \n-\tif (smp_h6(smp->tfm_cmac, smp->link_key, lebr, smp->link_key)) {\n+\tif (smp_h6(smp->link_key, lebr, smp->link_key)) {\n \t\tkfree_sensitive(smp->link_key);\n \t\tsmp->link_key = NULL;\n \t\treturn;\n \t}\n }\n@@ -1219,21 +1199,21 @@ static void sc_generate_ltk(struct smp_chan *smp)\n \n \tif (test_bit(SMP_FLAG_CT2, &smp->flags)) {\n \t\t/* SALT = 0x000000000000000000000000746D7032 */\n \t\tconst u8 salt[16] = { 0x32, 0x70, 0x6d, 0x74 };\n \n-\t\tif (smp_h7(smp->tfm_cmac, key->val, salt, smp->tk))\n+\t\tif (smp_h7(key->val, salt, smp->tk))\n \t\t\treturn;\n \t} else {\n \t\t/* From core spec. Spells out in ASCII as 'tmp2'. */\n \t\tconst u8 tmp2[4] = { 0x32, 0x70, 0x6d, 0x74 };\n \n-\t\tif (smp_h6(smp->tfm_cmac, key->val, tmp2, smp->tk))\n+\t\tif (smp_h6(key->val, tmp2, smp->tk))\n \t\t\treturn;\n \t}\n \n-\tif (smp_h6(smp->tfm_cmac, smp->tk, brle, smp->tk))\n+\tif (smp_h6(smp->tk, brle, smp->tk))\n \t\treturn;\n \n \tsc_add_ltk(smp);\n }\n \n@@ -1390,20 +1370,14 @@ static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)\n \n \tsmp = kzalloc(sizeof(*smp), GFP_ATOMIC);\n \tif (!smp)\n \t\treturn NULL;\n \n-\tsmp->tfm_cmac = crypto_alloc_shash(\"cmac(aes)\", 0, 0);\n-\tif (IS_ERR(smp->tfm_cmac)) {\n-\t\tbt_dev_err(hcon->hdev, \"Unable to create CMAC crypto context\");\n-\t\tgoto zfree_smp;\n-\t}\n-\n \tsmp->tfm_ecdh = crypto_alloc_kpp(\"ecdh-nist-p256\", 0, 0);\n \tif (IS_ERR(smp->tfm_ecdh)) {\n \t\tbt_dev_err(hcon->hdev, \"Unable to create ECDH crypto context\");\n-\t\tgoto free_shash;\n+\t\tgoto zfree_smp;\n \t}\n \n \tsmp->conn = conn;\n \tchan->data = smp;\n \n@@ -1413,12 +1387,10 @@ static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)\n \n \thci_conn_hold(hcon);\n \n \treturn smp;\n \n-free_shash:\n-\tcrypto_free_shash(smp->tfm_cmac);\n zfree_smp:\n \tkfree_sensitive(smp);\n \treturn NULL;\n }\n \n@@ -1438,11 +1410,11 @@ static int sc_mackey_and_ltk(struct smp_chan *smp, u8 mackey[16], u8 ltk[16])\n \tmemcpy(a, &hcon->init_addr, 6);\n \tmemcpy(b, &hcon->resp_addr, 6);\n \ta[6] = hcon->init_addr_type;\n \tb[6] = hcon->resp_addr_type;\n \n-\treturn smp_f5(smp->tfm_cmac, smp->dhkey, na, nb, a, b, mackey, ltk);\n+\treturn smp_f5(smp->dhkey, na, nb, a, b, mackey, ltk);\n }\n \n static void sc_dhkey_check(struct smp_chan *smp)\n {\n \tstruct hci_conn *hcon = smp->conn->hcon;\n@@ -1471,12 +1443,12 @@ static void sc_dhkey_check(struct smp_chan *smp)\n \t\tput_unaligned_le32(hcon->passkey_notify, r);\n \n \tif (smp->method == REQ_OOB)\n \t\tmemcpy(r, smp->rr, 16);\n \n-\tsmp_f6(smp->tfm_cmac, smp->mackey, smp->prnd, smp->rrnd, r, io_cap,\n-\t       local_addr, remote_addr, check.e);\n+\tsmp_f6(smp->mackey, smp->prnd, smp->rrnd, r, io_cap, local_addr,\n+\t       remote_addr, check.e);\n \n \tsmp_send_cmd(smp->conn, SMP_CMD_DHKEY_CHECK, sizeof(check), &check);\n }\n \n static u8 sc_passkey_send_confirm(struct smp_chan *smp)\n@@ -1489,11 +1461,11 @@ static u8 sc_passkey_send_confirm(struct smp_chan *smp)\n \tr = ((hcon->passkey_notify >> smp->passkey_round) & 0x01);\n \tr |= 0x80;\n \n \tget_random_bytes(smp->prnd, sizeof(smp->prnd));\n \n-\tif (smp_f4(smp->tfm_cmac, smp->local_pk, smp->remote_pk, smp->prnd, r,\n+\tif (smp_f4(smp->local_pk, smp->remote_pk, smp->prnd, r,\n \t\t   cfm.confirm_val))\n \t\treturn SMP_UNSPECIFIED;\n \n \tsmp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cfm), &cfm);\n \n@@ -1514,12 +1486,11 @@ static u8 sc_passkey_round(struct smp_chan *smp, u8 smp_op)\n \tswitch (smp_op) {\n \tcase SMP_CMD_PAIRING_RANDOM:\n \t\tr = ((hcon->passkey_notify >> smp->passkey_round) & 0x01);\n \t\tr |= 0x80;\n \n-\t\tif (smp_f4(smp->tfm_cmac, smp->remote_pk, smp->local_pk,\n-\t\t\t   smp->rrnd, r, cfm))\n+\t\tif (smp_f4(smp->remote_pk, smp->local_pk, smp->rrnd, r, cfm))\n \t\t\treturn SMP_UNSPECIFIED;\n \n \t\tif (crypto_memneq(smp->pcnf, cfm, 16))\n \t\t\treturn SMP_CONFIRM_FAILED;\n \n@@ -2175,12 +2146,11 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)\n \t\treturn sc_passkey_round(smp, SMP_CMD_PAIRING_RANDOM);\n \n \tif (test_bit(SMP_FLAG_INITIATOR, &smp->flags)) {\n \t\tu8 cfm[16];\n \n-\t\terr = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->local_pk,\n-\t\t\t     smp->rrnd, 0, cfm);\n+\t\terr = smp_f4(smp->remote_pk, smp->local_pk, smp->rrnd, 0, cfm);\n \t\tif (err)\n \t\t\treturn SMP_UNSPECIFIED;\n \n \t\tif (crypto_memneq(smp->pcnf, cfm, 16))\n \t\t\treturn SMP_CONFIRM_FAILED;\n@@ -2202,11 +2172,11 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)\n \t\t\tSMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);\n \t\t}\n \t\treturn 0;\n \t}\n \n-\terr = smp_g2(smp->tfm_cmac, pkax, pkbx, na, nb, &passkey);\n+\terr = smp_g2(pkax, pkbx, na, nb, &passkey);\n \tif (err)\n \t\treturn SMP_UNSPECIFIED;\n \n \t/* Always require user confirmation for Just-Works pairing to prevent\n \t * impersonation attacks, or in case of a legitimate device that is\n@@ -2747,12 +2717,12 @@ static int smp_cmd_public_key(struct l2cap_conn *conn, struct sk_buff *skb)\n \t}\n \n \tmemcpy(smp->remote_pk, key, 64);\n \n \tif (test_bit(SMP_FLAG_REMOTE_OOB, &smp->flags)) {\n-\t\terr = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->remote_pk,\n-\t\t\t     smp->rr, 0, cfm.confirm_val);\n+\t\terr = smp_f4(smp->remote_pk, smp->remote_pk, smp->rr, 0,\n+\t\t\t     cfm.confirm_val);\n \t\tif (err)\n \t\t\treturn SMP_UNSPECIFIED;\n \n \t\tif (crypto_memneq(cfm.confirm_val, smp->pcnf, 16))\n \t\t\treturn SMP_CONFIRM_FAILED;\n@@ -2848,12 +2818,12 @@ static int smp_cmd_public_key(struct l2cap_conn *conn, struct sk_buff *skb)\n \t * send the confirm value.\n \t */\n \tif (test_bit(SMP_FLAG_INITIATOR, &smp->flags))\n \t\treturn 0;\n \n-\terr = smp_f4(smp->tfm_cmac, smp->local_pk, smp->remote_pk, smp->prnd,\n-\t\t     0, cfm.confirm_val);\n+\terr = smp_f4(smp->local_pk, smp->remote_pk, smp->prnd, 0,\n+\t\t     cfm.confirm_val);\n \tif (err)\n \t\treturn SMP_UNSPECIFIED;\n \n \tsmp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cfm), &cfm);\n \tSMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);\n@@ -2896,12 +2866,12 @@ static int smp_cmd_dhkey_check(struct l2cap_conn *conn, struct sk_buff *skb)\n \tif (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)\n \t\tput_unaligned_le32(hcon->passkey_notify, r);\n \telse if (smp->method == REQ_OOB)\n \t\tmemcpy(r, smp->lr, 16);\n \n-\terr = smp_f6(smp->tfm_cmac, smp->mackey, smp->rrnd, smp->prnd, r,\n-\t\t     io_cap, remote_addr, local_addr, e);\n+\terr = smp_f6(smp->mackey, smp->rrnd, smp->prnd, r, io_cap, remote_addr,\n+\t\t     local_addr, e);\n \tif (err)\n \t\treturn SMP_UNSPECIFIED;\n \n \tif (crypto_memneq(check->e, e, 16))\n \t\treturn SMP_DHKEY_CHECK_FAILED;\n@@ -3283,11 +3253,10 @@ static const struct l2cap_ops smp_root_chan_ops = {\n \n static struct l2cap_chan *smp_add_cid(struct hci_dev *hdev, u16 cid)\n {\n \tstruct l2cap_chan *chan;\n \tstruct smp_dev *smp;\n-\tstruct crypto_shash *tfm_cmac;\n \tstruct crypto_kpp *tfm_ecdh;\n \n \tif (cid == L2CAP_CID_SMP_BREDR) {\n \t\tsmp = NULL;\n \t\tgoto create_chan;\n@@ -3295,34 +3264,24 @@ static struct l2cap_chan *smp_add_cid(struct hci_dev *hdev, u16 cid)\n \n \tsmp = kzalloc(sizeof(*smp), GFP_KERNEL);\n \tif (!smp)\n \t\treturn ERR_PTR(-ENOMEM);\n \n-\ttfm_cmac = crypto_alloc_shash(\"cmac(aes)\", 0, 0);\n-\tif (IS_ERR(tfm_cmac)) {\n-\t\tbt_dev_err(hdev, \"Unable to create CMAC crypto context\");\n-\t\tkfree_sensitive(smp);\n-\t\treturn ERR_CAST(tfm_cmac);\n-\t}\n-\n \ttfm_ecdh = crypto_alloc_kpp(\"ecdh-nist-p256\", 0, 0);\n \tif (IS_ERR(tfm_ecdh)) {\n \t\tbt_dev_err(hdev, \"Unable to create ECDH crypto context\");\n-\t\tcrypto_free_shash(tfm_cmac);\n \t\tkfree_sensitive(smp);\n \t\treturn ERR_CAST(tfm_ecdh);\n \t}\n \n \tsmp->local_oob = false;\n-\tsmp->tfm_cmac = tfm_cmac;\n \tsmp->tfm_ecdh = tfm_ecdh;\n \n create_chan:\n \tchan = l2cap_chan_create();\n \tif (!chan) {\n \t\tif (smp) {\n-\t\t\tcrypto_free_shash(smp->tfm_cmac);\n \t\t\tcrypto_free_kpp(smp->tfm_ecdh);\n \t\t\tkfree_sensitive(smp);\n \t\t}\n \t\treturn ERR_PTR(-ENOMEM);\n \t}\n@@ -3365,11 +3324,10 @@ static void smp_del_chan(struct l2cap_chan *chan)\n \tBT_DBG(\"chan %p\", chan);\n \n \tsmp = chan->data;\n \tif (smp) {\n \t\tchan->data = NULL;\n-\t\tcrypto_free_shash(smp->tfm_cmac);\n \t\tcrypto_free_kpp(smp->tfm_ecdh);\n \t\tkfree_sensitive(smp);\n \t}\n \n \tl2cap_chan_put(chan);\n@@ -3562,11 +3520,11 @@ static int __init test_s1(void)\n \t\treturn -EINVAL;\n \n \treturn 0;\n }\n \n-static int __init test_f4(struct crypto_shash *tfm_cmac)\n+static int __init test_f4(void)\n {\n \tconst u8 u[32] = {\n \t\t\t0xe6, 0x9d, 0x35, 0x0e, 0x48, 0x01, 0x03, 0xcc,\n \t\t\t0xdb, 0xfd, 0xf4, 0xac, 0x11, 0x91, 0xf4, 0xef,\n \t\t\t0xb9, 0xa5, 0xf9, 0xe9, 0xa7, 0x83, 0x2c, 0x5e,\n@@ -3584,21 +3542,21 @@ static int __init test_f4(struct crypto_shash *tfm_cmac)\n \t\t\t0x2d, 0x87, 0x74, 0xa9, 0xbe, 0xa1, 0xed, 0xf1,\n \t\t\t0x1c, 0xbd, 0xa9, 0x07, 0xf1, 0x16, 0xc9, 0xf2 };\n \tu8 res[16];\n \tint err;\n \n-\terr = smp_f4(tfm_cmac, u, v, x, z, res);\n+\terr = smp_f4(u, v, x, z, res);\n \tif (err)\n \t\treturn err;\n \n \tif (crypto_memneq(res, exp, 16))\n \t\treturn -EINVAL;\n \n \treturn 0;\n }\n \n-static int __init test_f5(struct crypto_shash *tfm_cmac)\n+static int __init test_f5(void)\n {\n \tconst u8 w[32] = {\n \t\t\t0x98, 0xa6, 0xbf, 0x73, 0xf3, 0x34, 0x8d, 0x86,\n \t\t\t0xf1, 0x66, 0xf8, 0xb4, 0x13, 0x6b, 0x79, 0x99,\n \t\t\t0x9b, 0x7d, 0x39, 0x0a, 0xa6, 0x10, 0x10, 0x34,\n@@ -3618,11 +3576,11 @@ static int __init test_f5(struct crypto_shash *tfm_cmac)\n \t\t\t0x20, 0x6e, 0x63, 0xce, 0x20, 0x6a, 0x3f, 0xfd,\n \t\t\t0x02, 0x4a, 0x08, 0xa1, 0x76, 0xf1, 0x65, 0x29 };\n \tu8 mackey[16], ltk[16];\n \tint err;\n \n-\terr = smp_f5(tfm_cmac, w, n1, n2, a1, a2, mackey, ltk);\n+\terr = smp_f5(w, n1, n2, a1, a2, mackey, ltk);\n \tif (err)\n \t\treturn err;\n \n \tif (crypto_memneq(mackey, exp_mackey, 16))\n \t\treturn -EINVAL;\n@@ -3631,11 +3589,11 @@ static int __init test_f5(struct crypto_shash *tfm_cmac)\n \t\treturn -EINVAL;\n \n \treturn 0;\n }\n \n-static int __init test_f6(struct crypto_shash *tfm_cmac)\n+static int __init test_f6(void)\n {\n \tconst u8 w[16] = {\n \t\t\t0x20, 0x6e, 0x63, 0xce, 0x20, 0x6a, 0x3f, 0xfd,\n \t\t\t0x02, 0x4a, 0x08, 0xa1, 0x76, 0xf1, 0x65, 0x29 };\n \tconst u8 n1[16] = {\n@@ -3654,21 +3612,21 @@ static int __init test_f6(struct crypto_shash *tfm_cmac)\n \t\t\t0x61, 0x8f, 0x95, 0xda, 0x09, 0x0b, 0x6c, 0xd2,\n \t\t\t0xc5, 0xe8, 0xd0, 0x9c, 0x98, 0x73, 0xc4, 0xe3 };\n \tu8 res[16];\n \tint err;\n \n-\terr = smp_f6(tfm_cmac, w, n1, n2, r, io_cap, a1, a2, res);\n+\terr = smp_f6(w, n1, n2, r, io_cap, a1, a2, res);\n \tif (err)\n \t\treturn err;\n \n \tif (crypto_memneq(res, exp, 16))\n \t\treturn -EINVAL;\n \n \treturn 0;\n }\n \n-static int __init test_g2(struct crypto_shash *tfm_cmac)\n+static int __init test_g2(void)\n {\n \tconst u8 u[32] = {\n \t\t\t0xe6, 0x9d, 0x35, 0x0e, 0x48, 0x01, 0x03, 0xcc,\n \t\t\t0xdb, 0xfd, 0xf4, 0xac, 0x11, 0x91, 0xf4, 0xef,\n \t\t\t0xb9, 0xa5, 0xf9, 0xe9, 0xa7, 0x83, 0x2c, 0x5e,\n@@ -3686,21 +3644,21 @@ static int __init test_g2(struct crypto_shash *tfm_cmac)\n \t\t\t0x6e, 0x5f, 0xa7, 0x25, 0xcc, 0xe7, 0xe8, 0xa6 };\n \tconst u32 exp_val = 0x2f9ed5ba % 1000000;\n \tu32 val;\n \tint err;\n \n-\terr = smp_g2(tfm_cmac, u, v, x, y, &val);\n+\terr = smp_g2(u, v, x, y, &val);\n \tif (err)\n \t\treturn err;\n \n \tif (val != exp_val)\n \t\treturn -EINVAL;\n \n \treturn 0;\n }\n \n-static int __init test_h6(struct crypto_shash *tfm_cmac)\n+static int __init test_h6(void)\n {\n \tconst u8 w[16] = {\n \t\t\t0x9b, 0x7d, 0x39, 0x0a, 0xa6, 0x10, 0x10, 0x34,\n \t\t\t0x05, 0xad, 0xc8, 0x57, 0xa3, 0x34, 0x02, 0xec };\n \tconst u8 key_id[4] = { 0x72, 0x62, 0x65, 0x6c };\n@@ -3708,11 +3666,11 @@ static int __init test_h6(struct crypto_shash *tfm_cmac)\n \t\t\t0x99, 0x63, 0xb1, 0x80, 0xe2, 0xa9, 0xd3, 0xe8,\n \t\t\t0x1c, 0xc9, 0x6d, 0xe7, 0x02, 0xe1, 0x9a, 0x2d };\n \tu8 res[16];\n \tint err;\n \n-\terr = smp_h6(tfm_cmac, w, key_id, res);\n+\terr = smp_h6(w, key_id, res);\n \tif (err)\n \t\treturn err;\n \n \tif (crypto_memneq(res, exp, 16))\n \t\treturn -EINVAL;\n@@ -3733,12 +3691,11 @@ static const struct file_operations test_smp_fops = {\n \t.open\t\t= simple_open,\n \t.read\t\t= test_smp_read,\n \t.llseek\t\t= default_llseek,\n };\n \n-static int __init run_selftests(struct crypto_shash *tfm_cmac,\n-\t\t\t\tstruct crypto_kpp *tfm_ecdh)\n+static int __init run_selftests(struct crypto_kpp *tfm_ecdh)\n {\n \tktime_t calltime, delta, rettime;\n \tunsigned long long duration;\n \tint err;\n \n@@ -3766,35 +3723,35 @@ static int __init run_selftests(struct crypto_shash *tfm_cmac,\n \tif (err) {\n \t\tBT_ERR(\"smp_s1 test failed\");\n \t\tgoto done;\n \t}\n \n-\terr = test_f4(tfm_cmac);\n+\terr = test_f4();\n \tif (err) {\n \t\tBT_ERR(\"smp_f4 test failed\");\n \t\tgoto done;\n \t}\n \n-\terr = test_f5(tfm_cmac);\n+\terr = test_f5();\n \tif (err) {\n \t\tBT_ERR(\"smp_f5 test failed\");\n \t\tgoto done;\n \t}\n \n-\terr = test_f6(tfm_cmac);\n+\terr = test_f6();\n \tif (err) {\n \t\tBT_ERR(\"smp_f6 test failed\");\n \t\tgoto done;\n \t}\n \n-\terr = test_g2(tfm_cmac);\n+\terr = test_g2();\n \tif (err) {\n \t\tBT_ERR(\"smp_g2 test failed\");\n \t\tgoto done;\n \t}\n \n-\terr = test_h6(tfm_cmac);\n+\terr = test_h6();\n \tif (err) {\n \t\tBT_ERR(\"smp_h6 test failed\");\n \t\tgoto done;\n \t}\n \n@@ -3817,30 +3774,21 @@ static int __init run_selftests(struct crypto_shash *tfm_cmac,\n \treturn err;\n }\n \n int __init bt_selftest_smp(void)\n {\n-\tstruct crypto_shash *tfm_cmac;\n \tstruct crypto_kpp *tfm_ecdh;\n \tint err;\n \n-\ttfm_cmac = crypto_alloc_shash(\"cmac(aes)\", 0, 0);\n-\tif (IS_ERR(tfm_cmac)) {\n-\t\tBT_ERR(\"Unable to create CMAC crypto context\");\n-\t\treturn PTR_ERR(tfm_cmac);\n-\t}\n-\n \ttfm_ecdh = crypto_alloc_kpp(\"ecdh-nist-p256\", 0, 0);\n \tif (IS_ERR(tfm_ecdh)) {\n \t\tBT_ERR(\"Unable to create ECDH crypto context\");\n-\t\tcrypto_free_shash(tfm_cmac);\n \t\treturn PTR_ERR(tfm_ecdh);\n \t}\n \n-\terr = run_selftests(tfm_cmac, tfm_ecdh);\n+\terr = run_selftests(tfm_ecdh);\n \n-\tcrypto_free_shash(tfm_cmac);\n \tcrypto_free_kpp(tfm_ecdh);\n \n \treturn err;\n }\n \n","prefixes":["13/15"]}