From patchwork Mon Jun 24 07:38:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167551 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3866916ilk; Mon, 24 Jun 2019 00:38:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqy00jKGZnaDqTa6763mv7NaOTT8Tp5ilNTopSRch2Ozlet0Sf20aZupxz9cluIy4Lw7B8V5 X-Received: by 2002:a17:90a:32c7:: with SMTP id l65mr11075022pjb.1.1561361913135; Mon, 24 Jun 2019 00:38:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561361913; cv=none; d=google.com; s=arc-20160816; b=SJ2kY/d/ULl1/X1rNZnrtYUbOJUr1T+1DI12HFJMKRXgqzZ/l8rKg+PulddPX7JR/V Rg6FcuyiTxqyIByOX3V+xd52EYPw+pFJMAcR36VdLmo5fiqc2OtQnt2xzbO+YwDh8N8w v901STRmSs9n1rSwiA9+b2PwUZ5X6WLWhkAFi7RHNeJWj4TUarAdWu8NN5xqgAy4vUC8 hOArGBDYqVbziiq3SHdAm2IKS6HavRfEanB7d63uc0NHSy8n8hbMNMcaYpypaZFE7bb+ EuM+hkrWbTSD4O3u8S3EFRcxq5qHCM2k48Pwx/f/wxaK48C99+RsMkqJekBnJ3IG/CZT Ec0w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Qk5haYv1+A59FcEkEBkZM43lIkd8QPZ0KTOnGr5KAdY=; b=R4sVUUSu16+DNQaBTTJEWYpdSjjT7rr/3rOER3oucIkTVzCaC0Ao7y8o1U9Lwfv9n2 6uxGouPrCqu8rM8Jc6hjl/o6m9oF+t854/r8NKRwOLwzjHfoX5GdQN5oW/JtchzTG0dC vsfPO4Q1kae4JPVJsmOzFgntU1CsHCi/OcFDGMZCQ04T18fBQSTjh2ynKF6vRePnjvcw f4FXmOErOckTQO1tLLSr3nEBsos1I1HbrQPA0LRonlhDzorDsOUcepV3U0pkR9ozYokh Rtwey5omtfFO3eQP+UQu9NxTX1XMnATNNKkguhLqflr2ACZUTgDkOIwS3H/Pk8ePJW4p ip4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=vuvWawKO; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h5si9375669pgd.419.2019.06.24.00.38.32; Mon, 24 Jun 2019 00:38:33 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=vuvWawKO; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726632AbfFXHic (ORCPT + 3 others); Mon, 24 Jun 2019 03:38:32 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:53010 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726077AbfFXHic (ORCPT ); Mon, 24 Jun 2019 03:38:32 -0400 Received: by mail-wm1-f66.google.com with SMTP id s3so11725644wms.2 for ; Mon, 24 Jun 2019 00:38:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Qk5haYv1+A59FcEkEBkZM43lIkd8QPZ0KTOnGr5KAdY=; b=vuvWawKOKrLHbP7A6PkmMFQLHSSl3WCqN3q5XyqVY69xQqwrByzqE/v89OEB/r2XlO mVVVf9ihXihb5KFRm5vDLOrwB/WL/QR+iBPLqN6IX9Ytq34pOo/SA8lrImXUaN4d8KVJ MUVmtBbGCAHj4S31932kY3Egv7VPhjCiuMboP2mAl8HHTJC98NrDMQv+tIX/oWBCms0x XkHkFy3oFrOppCYeSjO6NhCy4oO1wg+HYXI6eXeMr6jAmZqHgJ7F3NkigmsBHJQoLqu0 wKkRCSLE/8pPHtnxBOYa6fNW/OtvWFhEHfABl+zn57tODQapmaqrutyEHwK0mdRkN66i /Fkg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Qk5haYv1+A59FcEkEBkZM43lIkd8QPZ0KTOnGr5KAdY=; b=k4cfMut6Z9cXyIyPzqFhAel36QD657HXsfd5PI9odJKbDBfysLmjc92RQCOHizphKR KimPhvOblgf6uWaQJ9GkBMi0qyl0/POPZscOXpME08s/TZnAY9/TPiU7R17nT2G0xiuP J5Vhkl2lu749XUOAVlQ4PiCKV6i9hWax8ilYwvXNL+diWKk7jvZUQdCvpD2AitJN45qv dNUoK9zaUeSvjlOJNlGJJmPG15P7oeR8xTvoTpe8a/yKUPfT5idZth8viCmQIZTTblUj 32Gjj01WGzwnTMPytJt5y9JWz1UmyoPt0eZMMx3XX6RWpeO74/cwVcC3u6Bmg0+pjWxL pteQ== X-Gm-Message-State: APjAAAVp5IUfuTpik4li1dOGaE/9zhINz4m+boQfHzV4Kus8+/ZqSVtD 0V5TraqQBUrO0q0fa8RiV+IzPre0T73Llw== X-Received: by 2002:a7b:c301:: with SMTP id k1mr13966481wmj.43.1561361910079; Mon, 24 Jun 2019 00:38:30 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:4866:7cdc:a930:8455]) by smtp.gmail.com with ESMTPSA id 203sm7419280wmc.30.2019.06.24.00.38.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Jun 2019 00:38:29 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , Eric Biggers , Ondrej Mosnacek , Herbert Xu , Steve Capper Subject: [PATCH 1/6] crypto: aegis128 - use unaliged helper in unaligned decrypt path Date: Mon, 24 Jun 2019 09:38:13 +0200 Message-Id: <20190624073818.29296-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190624073818.29296-1-ard.biesheuvel@linaro.org> References: <20190624073818.29296-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Use crypto_aegis128_update_u() not crypto_aegis128_update_a() in the decrypt path that is taken when the source or destination pointers are not aligned. Signed-off-by: Ard Biesheuvel --- crypto/aegis128.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.20.1 diff --git a/crypto/aegis128.c b/crypto/aegis128.c index d78f77fc5dd1..125e11246990 100644 --- a/crypto/aegis128.c +++ b/crypto/aegis128.c @@ -208,7 +208,7 @@ static void crypto_aegis128_decrypt_chunk(struct aegis_state *state, u8 *dst, crypto_aegis_block_xor(&tmp, &state->blocks[1]); crypto_xor(tmp.bytes, src, AEGIS_BLOCK_SIZE); - crypto_aegis128_update_a(state, &tmp); + crypto_aegis128_update_u(state, &tmp); memcpy(dst, tmp.bytes, AEGIS_BLOCK_SIZE); From patchwork Mon Jun 24 07:38:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167552 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3866954ilk; Mon, 24 Jun 2019 00:38:35 -0700 (PDT) X-Google-Smtp-Source: APXvYqyIJl6nRkPyzMBoICuOOKrfuurOAZim8G2xVPprpJPXLJzZ1yRDO6pTivX7e8g06mRA+fZH X-Received: by 2002:a63:2b47:: with SMTP id r68mr13096186pgr.352.1561361915065; Mon, 24 Jun 2019 00:38:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561361915; cv=none; d=google.com; s=arc-20160816; b=Nt4qq9iUuAO4HhDxZ6AmmzxAZjV7aRk8cbxkHa7W5AwIc4mpxya7Kfl8uVpoPbVBFv irhNWXWA0gDsmKoC/gv5GBvhXHq/lbuW3QYyFrGmaHE3z+2VIqsUmbTy2eo2tQQ4biO7 7/6va1lOqUDs6++xY/czRQVfA/yJtOyGMk/etPR7m69cHxAx74oGPdQPjnunp5YiDfB8 2O63F8pO7lJE3gQujUEUl7OMxvEz7+oM+aALZGfo54ElENkiWxOMSzlqfeik1eB0hVQ8 TCHcYugcrCujdrmuQsFA48AvLUh43avsdrt8q1ylooxIIb0O+uA4uGNx4mT5IzFYPXOS /Zlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=uGyMTMnEnmfpuuNXf+kr/+c5q+YqlmYZacjCBN2vQcA=; b=gvTonrhtwEbAFRlZsJMjqwLBZG5lvuA/Sy1uJTYRjGEGyZcGMXRG7KMPxt35fHKlc3 27CkLQG27gBQBNEEfzh8JesQvYifmRgLh8YVvRpdC1lc7Fbz9OuG52JYB0S7qZ8P6XhP aCElQuZpy0lXvCCGkXOJm1x48PdZV3Y32MtpELfKSn2k6uBtmKlQwqPJupBcDqxrhZsd mhnXtnUPF7vhVoRjxo90CLJThNpCU5YsIk7EJzND8mi0ZCXXgtKrZS2S74jELGl6c9Xx WTA5wPmTMsefIhuRKats8GKPBGyXRVDHaOgWBy1AIqbfWVMVUpbHXJRc6uxFLY2OpODl cExw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ks4afDpG; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h5si9375669pgd.419.2019.06.24.00.38.34; Mon, 24 Jun 2019 00:38:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ks4afDpG; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727135AbfFXHie (ORCPT + 3 others); Mon, 24 Jun 2019 03:38:34 -0400 Received: from mail-wm1-f46.google.com ([209.85.128.46]:56262 "EHLO mail-wm1-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726304AbfFXHie (ORCPT ); Mon, 24 Jun 2019 03:38:34 -0400 Received: by mail-wm1-f46.google.com with SMTP id a15so11714810wmj.5 for ; Mon, 24 Jun 2019 00:38:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=uGyMTMnEnmfpuuNXf+kr/+c5q+YqlmYZacjCBN2vQcA=; b=ks4afDpGmz7AEkmqzocmxBMmnx4ccAywUGq3s5K8VRlJjzKlkaewMwT33lNFF1f3p0 2znOrZoDv3oJ0Ct1oGVhVYE3CGSvuDS/S1jCF9Gj246Ijw3cXplRi35OX/N7KFxz1Ids N6ED6uwdR4RRSupXQJ8gcJXZi7l4KMdKfkyciMwyhiES+aIR0AubgDtqzPu0e7tal/4k w6MesfjMAqohVWqugFBMLNYv1IYAg9kJ8ui9UNprwcn124bSqcObf9Wwx4jpJnySOUGo 3peHcr3FrPnhhwFIZbbHeegFLFzqcups0pdW0OBkyi/qdzRAr/l8FId77u+HuVsfd7yC PQig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uGyMTMnEnmfpuuNXf+kr/+c5q+YqlmYZacjCBN2vQcA=; b=qHt+UVv9sATRKrhZ4UVl0mvzQ7OB6nW4bNCKpMliYzonLKVO9JI6X21OVCLe81AtZV 9Ol0et9CZ4pzMPqXERoNNYALFawmonWGkV1lXKdOVbiLa/ir1sJFUl1xXrGkdn53DDLc wu0grT67lCbD+yatc8l8QysXCmtkYR6TIePwSR2ObeiMC3wMYvOJZYoNOH9hNDhC/Pzm fvjt+BuA49GEhB4raLs8qbYzFHu/0LZPdPx+n79IIOcwtsmH5u91cOH9j/bqO1d74uJc F6LF3T9iC9dCH8grBEQMgKurC8QVa+UeWQ8YpBsevM6Txnoz9cBmmoQWaPUmv0LVi1RO GNBw== X-Gm-Message-State: APjAAAU4DaHjcA8ScJDduShCtaKGJuPF+NCWz6u5b+Tx9cx3noWW0jQG jRqmApCBWtLEnf2OGJCxK4afXJNj13BiaQ== X-Received: by 2002:a1c:7d02:: with SMTP id y2mr14631078wmc.15.1561361911279; Mon, 24 Jun 2019 00:38:31 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:4866:7cdc:a930:8455]) by smtp.gmail.com with ESMTPSA id 203sm7419280wmc.30.2019.06.24.00.38.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Jun 2019 00:38:30 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , Eric Biggers , Ondrej Mosnacek , Herbert Xu , Steve Capper Subject: [PATCH 2/6] crypto: aegis - drop empty TFM init/exit routines Date: Mon, 24 Jun 2019 09:38:14 +0200 Message-Id: <20190624073818.29296-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190624073818.29296-1-ard.biesheuvel@linaro.org> References: <20190624073818.29296-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org TFM init/exit routines are optional, so no need to provide empty ones. Signed-off-by: Ard Biesheuvel --- crypto/aegis128.c | 11 ----------- crypto/aegis128l.c | 11 ----------- crypto/aegis256.c | 11 ----------- 3 files changed, 33 deletions(-) -- 2.20.1 Reviewed-by: Ondrej Mosnacek diff --git a/crypto/aegis128.c b/crypto/aegis128.c index 125e11246990..4f8f1cdef129 100644 --- a/crypto/aegis128.c +++ b/crypto/aegis128.c @@ -403,22 +403,11 @@ static int crypto_aegis128_decrypt(struct aead_request *req) return crypto_memneq(tag.bytes, zeros, authsize) ? -EBADMSG : 0; } -static int crypto_aegis128_init_tfm(struct crypto_aead *tfm) -{ - return 0; -} - -static void crypto_aegis128_exit_tfm(struct crypto_aead *tfm) -{ -} - static struct aead_alg crypto_aegis128_alg = { .setkey = crypto_aegis128_setkey, .setauthsize = crypto_aegis128_setauthsize, .encrypt = crypto_aegis128_encrypt, .decrypt = crypto_aegis128_decrypt, - .init = crypto_aegis128_init_tfm, - .exit = crypto_aegis128_exit_tfm, .ivsize = AEGIS128_NONCE_SIZE, .maxauthsize = AEGIS128_MAX_AUTH_SIZE, diff --git a/crypto/aegis128l.c b/crypto/aegis128l.c index 9bca3d619a22..ef5bc2297a2c 100644 --- a/crypto/aegis128l.c +++ b/crypto/aegis128l.c @@ -467,22 +467,11 @@ static int crypto_aegis128l_decrypt(struct aead_request *req) return crypto_memneq(tag.bytes, zeros, authsize) ? -EBADMSG : 0; } -static int crypto_aegis128l_init_tfm(struct crypto_aead *tfm) -{ - return 0; -} - -static void crypto_aegis128l_exit_tfm(struct crypto_aead *tfm) -{ -} - static struct aead_alg crypto_aegis128l_alg = { .setkey = crypto_aegis128l_setkey, .setauthsize = crypto_aegis128l_setauthsize, .encrypt = crypto_aegis128l_encrypt, .decrypt = crypto_aegis128l_decrypt, - .init = crypto_aegis128l_init_tfm, - .exit = crypto_aegis128l_exit_tfm, .ivsize = AEGIS128L_NONCE_SIZE, .maxauthsize = AEGIS128L_MAX_AUTH_SIZE, diff --git a/crypto/aegis256.c b/crypto/aegis256.c index b47fd39595ad..b824ef4d1248 100644 --- a/crypto/aegis256.c +++ b/crypto/aegis256.c @@ -418,22 +418,11 @@ static int crypto_aegis256_decrypt(struct aead_request *req) return crypto_memneq(tag.bytes, zeros, authsize) ? -EBADMSG : 0; } -static int crypto_aegis256_init_tfm(struct crypto_aead *tfm) -{ - return 0; -} - -static void crypto_aegis256_exit_tfm(struct crypto_aead *tfm) -{ -} - static struct aead_alg crypto_aegis256_alg = { .setkey = crypto_aegis256_setkey, .setauthsize = crypto_aegis256_setauthsize, .encrypt = crypto_aegis256_encrypt, .decrypt = crypto_aegis256_decrypt, - .init = crypto_aegis256_init_tfm, - .exit = crypto_aegis256_exit_tfm, .ivsize = AEGIS256_NONCE_SIZE, .maxauthsize = AEGIS256_MAX_AUTH_SIZE, From patchwork Mon Jun 24 07:38:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167553 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3866961ilk; Mon, 24 Jun 2019 00:38:35 -0700 (PDT) X-Google-Smtp-Source: APXvYqzF+aJers66VCyFhd5P3i9DXksd7DdlHnQMTbb3OofPI9MEbLCY2oySSJZMCAuLSsh3tddt X-Received: by 2002:a63:d551:: with SMTP id v17mr32182606pgi.365.1561361915410; Mon, 24 Jun 2019 00:38:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561361915; cv=none; d=google.com; s=arc-20160816; b=IgQm6/3q/qvg3RoV7TUM/DyxSI5T05EgA2MBhe7qJuWxsiRX8akZT44IhZLgMF4r2c nnFZFYtnsHnZkNLPPZ1gDDCm6AK7w572P4ES14igIHZPpwtQcHoQa7IxrtJWmhg0WELC hJyU+RkfVuyTjBbrMCW1aL97lHobT7EA/SwW09/PnilEEuHRtKN3c25DsEvNW38GtRV4 DNwBEVDj3PJ0FmlxIV5ERQ26/QGodGlFeycQkR6YbW0lgjqP7eqRG8tAxLhsZFkb9VMo d+nSYnJic4hOWuzJdOHoOJhmHdS13sZnbcIuu577fPmn9FdP7a+AvxkdXLilT0yRX1LC F84A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=5OEzIzFiMPRV9S0K58N+POdMr4xGLcUFsxWOdk6NnnA=; b=I3LoQnWrEA/a5cuJPKqxYZVYjn6LbYw2jxXJ29rBE4nBqUHx6k1tClpthxKSYWDo5o D5hiWtMAioKC0V2mGvxBaSR9dMydYumWMtMRr/7Ub0yeem7uV7t4ph4tSnK1Ym4AcoZd Rg1bzDJtmAU+QmroNHRPUXnz0+o6c/BjTo2yZGMIVA9XUD/MG/yvJb7v7rMZVYjjYqPD 340xgXQI1xJhO9h4xdqVLbUYH9gy/SH3Zpkl4IGayxv2Tfg8DW6OudDFFHNLKzS2qZIm rCVDd33shBBWVRS1wobSFbQ0Srm5TMVN/0mlLMcWxLFlTt4hjkAx1IY+xGaJk1uMrzr/ Ravg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=JbFH8Ho1; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h5si9375669pgd.419.2019.06.24.00.38.35; Mon, 24 Jun 2019 00:38:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=JbFH8Ho1; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726304AbfFXHie (ORCPT + 3 others); Mon, 24 Jun 2019 03:38:34 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:40032 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726077AbfFXHie (ORCPT ); Mon, 24 Jun 2019 03:38:34 -0400 Received: by mail-wm1-f67.google.com with SMTP id v19so12177480wmj.5 for ; Mon, 24 Jun 2019 00:38:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=5OEzIzFiMPRV9S0K58N+POdMr4xGLcUFsxWOdk6NnnA=; b=JbFH8Ho1Xh+3eJVIL3O+9G/GjV6avDk5EN1nC/D6Yddr2ODKBk8LYB8If1dVcCabO6 4EPFLzpLy/BEaB+YdzCD6Q5ooGapt/8xL2NsmEMV8SVxqqeWKlrnBUTKCNK9yM0SynIS +7l4AtjnkeodLGEORYVqv7yemIWAq/J+2wU4GtyD5PKzC103nVnL/13n8kaEQypBG0ql CMGcBlyELTKIvt/rYd+sjHlkJutOgO75xTcrCL9ldmFsqVHGzY9xDNSik5X/1Xg64zhO OW3k439WmWi9NhfATrDDosUq7sUzmn99MhQLP1/M7WvfA9UkvPbbL0LsVVO4V4KwTVi9 oA1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=5OEzIzFiMPRV9S0K58N+POdMr4xGLcUFsxWOdk6NnnA=; b=SYfbhQrnBFufxdShsuahTnL9Qg2QYUpPoBIzkkQrcINIm/G6izJv09EPjwYQkeLEqI wfC+iKnyITfP/iSKsXJxE1nPTyh4oUoTX6/dO1iOJpg3vEu1OSahAASkpq3AOsXJstWd 52+4rhyyxMEwtxs1GeMPlEVUM8v+8RGyCg7MyDedJuHt9SUAOCpUwCqdF2qHbtMS0bup IknCJLIxaKq7DT74CJMkCxZifSEtferb71Svl1Rl/p4bBNk4sKF52HSXtLs3ULXi5MYi 0FtY85ZQBIsmhMtfldQjzCHTDpHHQjjDgWzlku9QLFE+LgU1WqxqVjL9cvRxcv8Akj1e RpyA== X-Gm-Message-State: APjAAAVycjZk5sM173FHtApXNGKrgcyeHG6mdGzEey9Ab8vT1a8E9d7I GJGEC3ma+aeJ9p204sGQj1OBvdnapFfEww== X-Received: by 2002:a1c:5a56:: with SMTP id o83mr14098674wmb.103.1561361912283; Mon, 24 Jun 2019 00:38:32 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:4866:7cdc:a930:8455]) by smtp.gmail.com with ESMTPSA id 203sm7419280wmc.30.2019.06.24.00.38.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Jun 2019 00:38:31 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , Eric Biggers , Ondrej Mosnacek , Herbert Xu , Steve Capper Subject: [PATCH 3/6] crypto: aegis - avoid prerotated AES tables Date: Mon, 24 Jun 2019 09:38:15 +0200 Message-Id: <20190624073818.29296-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190624073818.29296-1-ard.biesheuvel@linaro.org> References: <20190624073818.29296-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The generic AES code provides four sets of lookup tables, where each set consists of four tables containing the same 32-bit values, but rotated by 0, 8, 16 and 24 bits, respectively. This makes sense for CISC architectures such as x86 which support memory operands, but for other architectures, the rotates are quite cheap, and using all four tables needlessly thrashes the D-cache, and actually hurts rather than helps performance. Since x86 already has its own implementation of AEGIS based on AES-NI instructions, let's tweak the generic implementation towards other architectures, and avoid the prerotated tables, and perform the rotations inline. On ARM Cortex-A53, this results in a ~8% speedup. Signed-off-by: Ard Biesheuvel --- crypto/aegis.h | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) -- 2.20.1 Acked-by: Ondrej Mosnacek diff --git a/crypto/aegis.h b/crypto/aegis.h index 41a3090cda8e..3308066ddde0 100644 --- a/crypto/aegis.h +++ b/crypto/aegis.h @@ -10,6 +10,7 @@ #define _CRYPTO_AEGIS_H #include +#include #include #define AEGIS_BLOCK_SIZE 16 @@ -53,16 +54,13 @@ static void crypto_aegis_aesenc(union aegis_block *dst, const union aegis_block *key) { const u8 *s = src->bytes; - const u32 *t0 = crypto_ft_tab[0]; - const u32 *t1 = crypto_ft_tab[1]; - const u32 *t2 = crypto_ft_tab[2]; - const u32 *t3 = crypto_ft_tab[3]; + const u32 *t = crypto_ft_tab[0]; u32 d0, d1, d2, d3; - d0 = t0[s[ 0]] ^ t1[s[ 5]] ^ t2[s[10]] ^ t3[s[15]]; - d1 = t0[s[ 4]] ^ t1[s[ 9]] ^ t2[s[14]] ^ t3[s[ 3]]; - d2 = t0[s[ 8]] ^ t1[s[13]] ^ t2[s[ 2]] ^ t3[s[ 7]]; - d3 = t0[s[12]] ^ t1[s[ 1]] ^ t2[s[ 6]] ^ t3[s[11]]; + d0 = t[s[ 0]] ^ rol32(t[s[ 5]], 8) ^ rol32(t[s[10]], 16) ^ rol32(t[s[15]], 24); + d1 = t[s[ 4]] ^ rol32(t[s[ 9]], 8) ^ rol32(t[s[14]], 16) ^ rol32(t[s[ 3]], 24); + d2 = t[s[ 8]] ^ rol32(t[s[13]], 8) ^ rol32(t[s[ 2]], 16) ^ rol32(t[s[ 7]], 24); + d3 = t[s[12]] ^ rol32(t[s[ 1]], 8) ^ rol32(t[s[ 6]], 16) ^ rol32(t[s[11]], 24); dst->words32[0] = cpu_to_le32(d0) ^ key->words32[0]; dst->words32[1] = cpu_to_le32(d1) ^ key->words32[1]; From patchwork Mon Jun 24 07:38:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167554 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3866986ilk; Mon, 24 Jun 2019 00:38:37 -0700 (PDT) X-Google-Smtp-Source: APXvYqzxlcpdN+qUO0ywJmAVd0zXo3cBwCOPvuAGIYgUzdU1GJlEl1dqSQN/iukCu4q4AWHyt1HB X-Received: by 2002:a63:dc56:: with SMTP id f22mr31994092pgj.305.1561361917159; Mon, 24 Jun 2019 00:38:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561361917; cv=none; d=google.com; s=arc-20160816; b=Xv2nJIVBgZNyRyBLMzgw00H0rm0UMYky4+lQa3w48B0NiKRFZJXZ9r1HB38RkEhCjt AXanMyNb/fTtXjYV9qxzxUuguT++8+m3yw21X4g9uKvvey7z6bYnKPEEuPvmdgV1whtA EGhDGuLl6hJdycwMWU5Z4aGJN2y4uoYpS+t5KI7BSSZToV6pXGlUGo5bFn5G4JzPILqk KZQZd9ErdcbUD7tEmFxYOnpVUXFsKTSODWpB9ZLaZUSjG32XPJICiFaTt5REN7NKFuZC +AWnNbGHEtGLdd1WtVnR/jmVeWygJRjn6ZjqkLXimNYT0mNkOUOCfcOLQRF34sP+8d8c /AKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=wAWQ7z4x3fHIJa8oYIdIUVUZ8X0GMup0jVGwMgCujFU=; b=HKGLJC5wQ6Tl1Sz6ujnW/Q0v9fyQvKapuJZXwD6ArhYxRkc0bEtLg1TLoyx3jBkZGT eYzBiUTZvkOw+e+sT1vwomAY2/W7qykbbhLFamzitix2F9h1ibehhaD+e7jaqvQvCMEG 29UajPUnD6J5AkGjBRmbr9DkSJY8GbYtKdm5ktU0fCY4/BAdHZjbA0QdKtiGt7s053eS PWNIny1GYR+e4/HlbkuQdUH1xqYOBe8/jn61qNGvp1vvcgl8q8jmU8A9yTDWOKOHf9L2 hl2E/KLBMbu0mPKLDNZqwrH7v+36XWb/Up67/hYyqpwJ5UUBGjkDn7EWn01WDQvLyWPU H4Iw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hF0QGJa0; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h5si9375669pgd.419.2019.06.24.00.38.36; Mon, 24 Jun 2019 00:38:37 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hF0QGJa0; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727157AbfFXHig (ORCPT + 3 others); Mon, 24 Jun 2019 03:38:36 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:34495 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727022AbfFXHig (ORCPT ); Mon, 24 Jun 2019 03:38:36 -0400 Received: by mail-wr1-f65.google.com with SMTP id k11so12738750wrl.1 for ; Mon, 24 Jun 2019 00:38:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=wAWQ7z4x3fHIJa8oYIdIUVUZ8X0GMup0jVGwMgCujFU=; b=hF0QGJa0EKrqmqGReOhultCyL3T7Lc94boWKxcqo1ZItQdCX52u3asNMisj480Vg5e 7UfxRMnlLyeDw2+ahncrvMrlCs+1L1eGcCq7JRUP/VA7yUkDfF+ZcSaaUSUkgjYWpOwo YYib/0t5uCcU7iEsyalLysWBb89isJPC6no61PFEGzArpdvnWh5T2ZD8nINsRRcVLkGU JWaRH0ZpfjyCDVnB5zK/mpY36aRIJzDG89JlC7IfCKIj4FTUVI+eMZnEzkA+MSsNBu4N BWEimYPojRFgjCY6ZXge9Iky92Z01AaQWcXaiq6rUO5PPkEduL9meQbU0esTqPaTKZRs 8hjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=wAWQ7z4x3fHIJa8oYIdIUVUZ8X0GMup0jVGwMgCujFU=; b=jD9jXS5PuUkWezAt2LhX/saJcffQoiD918jMd7nSaS/UCianF6y9eTtSWrj7nXA7Ez 4PPyOGMujKpdcJbAu0ysn3IYUH+cjA0OtuVcWYN+/0xaf6K2y4+ZKKNHWmHPhHOvUMyW WTSOu/v2XVXVHfCrpdnn0qqKPh/F8p+ry1+CmqaA8nbZs3xMERcD/HvQ1OrHYzmbfbgL kQxSZCuZ9TDPrPLTzk3q5m8bRfAlWw44uYCLT1Os6E1jp2P/kkKEkNXs5mgqgcg8CjIj sh23PQRfX1mVYgxuARMAzkLIKgvksdiHmDk7u7kxWO5MaPR2abRSC9IFcR1s+z1ebl0n bk2Q== X-Gm-Message-State: APjAAAUJ14Dl1j7KoV7WW/KVkTMJmNEirTkzU+2oUMR8FXyoJKcQbJy8 XaksHFV7xicEDnrUuIBNEVhg5l2mQaMX2A== X-Received: by 2002:a05:6000:128d:: with SMTP id f13mr21048752wrx.39.1561361913237; Mon, 24 Jun 2019 00:38:33 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:4866:7cdc:a930:8455]) by smtp.gmail.com with ESMTPSA id 203sm7419280wmc.30.2019.06.24.00.38.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Jun 2019 00:38:32 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , Eric Biggers , Ondrej Mosnacek , Herbert Xu , Steve Capper Subject: [PATCH 4/6] crypto: aegis128 - add support for SIMD acceleration Date: Mon, 24 Jun 2019 09:38:16 +0200 Message-Id: <20190624073818.29296-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190624073818.29296-1-ard.biesheuvel@linaro.org> References: <20190624073818.29296-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Add some plumbing to allow the AEGIS128 code to be built with SIMD routines for acceleration. Signed-off-by: Ard Biesheuvel --- crypto/aegis.h | 14 +++---- crypto/aegis128.c | 42 ++++++++++++++++++-- 2 files changed, 45 insertions(+), 11 deletions(-) -- 2.20.1 diff --git a/crypto/aegis.h b/crypto/aegis.h index 3308066ddde0..6cb65a497ba2 100644 --- a/crypto/aegis.h +++ b/crypto/aegis.h @@ -35,23 +35,23 @@ static const union aegis_block crypto_aegis_const[2] = { } }, }; -static void crypto_aegis_block_xor(union aegis_block *dst, - const union aegis_block *src) +static inline void crypto_aegis_block_xor(union aegis_block *dst, + const union aegis_block *src) { dst->words64[0] ^= src->words64[0]; dst->words64[1] ^= src->words64[1]; } -static void crypto_aegis_block_and(union aegis_block *dst, - const union aegis_block *src) +static inline void crypto_aegis_block_and(union aegis_block *dst, + const union aegis_block *src) { dst->words64[0] &= src->words64[0]; dst->words64[1] &= src->words64[1]; } -static void crypto_aegis_aesenc(union aegis_block *dst, - const union aegis_block *src, - const union aegis_block *key) +static inline void crypto_aegis_aesenc(union aegis_block *dst, + const union aegis_block *src, + const union aegis_block *key) { const u8 *s = src->bytes; const u32 *t = crypto_ft_tab[0]; diff --git a/crypto/aegis128.c b/crypto/aegis128.c index 4f8f1cdef129..1bbd3e49c890 100644 --- a/crypto/aegis128.c +++ b/crypto/aegis128.c @@ -8,6 +8,7 @@ #include #include +#include #include #include #include @@ -15,6 +16,7 @@ #include #include #include +#include #include "aegis.h" @@ -40,6 +42,15 @@ struct aegis128_ops { const u8 *src, unsigned int size); }; +static bool have_simd; + +bool crypto_aegis128_have_simd(void); +void crypto_aegis128_update_simd(struct aegis_state *state, const void *msg); +void crypto_aegis128_encrypt_chunk_simd(struct aegis_state *state, u8 *dst, + const u8 *src, unsigned int size); +void crypto_aegis128_decrypt_chunk_simd(struct aegis_state *state, u8 *dst, + const u8 *src, unsigned int size); + static void crypto_aegis128_update(struct aegis_state *state) { union aegis_block tmp; @@ -55,12 +66,22 @@ static void crypto_aegis128_update(struct aegis_state *state) static void crypto_aegis128_update_a(struct aegis_state *state, const union aegis_block *msg) { + if (have_simd && crypto_simd_usable()) { + crypto_aegis128_update_simd(state, msg); + return; + } + crypto_aegis128_update(state); crypto_aegis_block_xor(&state->blocks[0], msg); } static void crypto_aegis128_update_u(struct aegis_state *state, const void *msg) { + if (have_simd && crypto_simd_usable()) { + crypto_aegis128_update_simd(state, msg); + return; + } + crypto_aegis128_update(state); crypto_xor(state->blocks[0].bytes, msg, AEGIS_BLOCK_SIZE); } @@ -365,7 +386,7 @@ static void crypto_aegis128_crypt(struct aead_request *req, static int crypto_aegis128_encrypt(struct aead_request *req) { - static const struct aegis128_ops ops = { + const struct aegis128_ops *ops = &(struct aegis128_ops){ .skcipher_walk_init = skcipher_walk_aead_encrypt, .crypt_chunk = crypto_aegis128_encrypt_chunk, }; @@ -375,7 +396,12 @@ static int crypto_aegis128_encrypt(struct aead_request *req) unsigned int authsize = crypto_aead_authsize(tfm); unsigned int cryptlen = req->cryptlen; - crypto_aegis128_crypt(req, &tag, cryptlen, &ops); + if (have_simd && crypto_simd_usable()) + ops = &(struct aegis128_ops){ + .skcipher_walk_init = skcipher_walk_aead_encrypt, + .crypt_chunk = crypto_aegis128_encrypt_chunk_simd }; + + crypto_aegis128_crypt(req, &tag, cryptlen, ops); scatterwalk_map_and_copy(tag.bytes, req->dst, req->assoclen + cryptlen, authsize, 1); @@ -384,7 +410,7 @@ static int crypto_aegis128_encrypt(struct aead_request *req) static int crypto_aegis128_decrypt(struct aead_request *req) { - static const struct aegis128_ops ops = { + const struct aegis128_ops *ops = &(struct aegis128_ops){ .skcipher_walk_init = skcipher_walk_aead_decrypt, .crypt_chunk = crypto_aegis128_decrypt_chunk, }; @@ -398,7 +424,12 @@ static int crypto_aegis128_decrypt(struct aead_request *req) scatterwalk_map_and_copy(tag.bytes, req->src, req->assoclen + cryptlen, authsize, 0); - crypto_aegis128_crypt(req, &tag, cryptlen, &ops); + if (have_simd && crypto_simd_usable()) + ops = &(struct aegis128_ops){ + .skcipher_walk_init = skcipher_walk_aead_decrypt, + .crypt_chunk = crypto_aegis128_decrypt_chunk_simd }; + + crypto_aegis128_crypt(req, &tag, cryptlen, ops); return crypto_memneq(tag.bytes, zeros, authsize) ? -EBADMSG : 0; } @@ -429,6 +460,9 @@ static struct aead_alg crypto_aegis128_alg = { static int __init crypto_aegis128_module_init(void) { + if (IS_ENABLED(CONFIG_CRYPTO_AEGIS128_SIMD)) + have_simd = crypto_aegis128_have_simd(); + return crypto_register_aead(&crypto_aegis128_alg); } From patchwork Mon Jun 24 07:38:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167555 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3867000ilk; Mon, 24 Jun 2019 00:38:38 -0700 (PDT) X-Google-Smtp-Source: APXvYqwfF+qQ20YIYQJMXvfhM/tSv0ecgmq8ZqylGOy5QpZTzc09I6nxthgjGmMrwMgdj6aM631s X-Received: by 2002:a63:3683:: with SMTP id d125mr9071897pga.252.1561361918244; Mon, 24 Jun 2019 00:38:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561361918; cv=none; d=google.com; s=arc-20160816; b=w3hJqEyVBx/ETzjVg5ErDkoWh88H0tZZ8q3tPfakDe6y25ZrCk16BrYz0nW1uOz5s2 NP/zVyhWXk5x9a3JXXcLmv0MM51AcioM0rfUoYq/zp2Pzc22llWFqHFknnlZ+cH2VQo+ XPchhqOSoMjK/PNBrC8sZJsHZxNzUsN9AfEHp32Sn3BvBjfhcImEeGDEwMKMzyEE4Z9u flgBd3Rv0pQ0Ni+dqrRMZirRC2XxbPbUvIhV87NiQgxkxXfUKYiVeahQAQh95QMqkM37 zqS0/m34kyR/0lqrBT1tCDwa/Dt2JmXq/wTJJowWOuQM7Zigs89QDS3gJDHmNOSEN2EM CM8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=923foVD9gLovB0Clhw+C5MS1BecE623/4WPm3/kqlks=; b=Wdw7cifauZwRmIlFluIaDHMKOEYelPjH3wZQddxth3kYts2V1wh30wJkzGN9YKV0QN yb8COH1MvxQSeckOEDndCMWlvNgXQ/X7JEJO3+qZ2/Bais1e6UnUOM9E27QNk7nfFRVy zD1YW14b/hw9WOGuobZAg+SUObA3je0JxYn1D8jpxcKJj+D749ugDmkhZNs/2M12XR7a wIf0NpcpzBz3Rs4AAQL5IJkbbrAaq+x/f59YJxSOxM1vYbiItX+xxjgCtTR1uyeYjFEx bo9gSozVxwJF+pfQwQRHN2I/ZMXneA5cxQvRDvx8HxKSYLsZO/Wec3a8jX2vi2OCbT+M vL+w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=SOPGrPDK; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h5si9375669pgd.419.2019.06.24.00.38.38; Mon, 24 Jun 2019 00:38:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=SOPGrPDK; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727022AbfFXHih (ORCPT + 3 others); Mon, 24 Jun 2019 03:38:37 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:39486 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726077AbfFXHih (ORCPT ); Mon, 24 Jun 2019 03:38:37 -0400 Received: by mail-wm1-f68.google.com with SMTP id z23so12196032wma.4 for ; Mon, 24 Jun 2019 00:38:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=923foVD9gLovB0Clhw+C5MS1BecE623/4WPm3/kqlks=; b=SOPGrPDKEtTWRgHEo/QtVnXTYMT9EWsCejMLqNCh+rc8DcPwE3A0Ca0OwHQWiDGehw 6cAh4i95iKDiTSt/u3elGr7CQ4Yr+RXvDyMw/c+H0PrCEHjyQJWulbggCdcqn2zEchCd Is/xwQZTxvgXV+8OOfZEld8t+cNONRPudHH9lTjuYPfmQFTsqQT22jXa+HBMXpaWS7af wAft6VrIAX4rpUQJR/+62tBJBywS7WmPl2uaKTJz744IfKXR35xHRgB/UVYFwlnBnFf7 YTY8357gfJBPyFjOisdYb1mKMuTV2tdLboNvFnD6Wf8YaW74Dz1DrmziWW6Y/Ur/e9DZ kR8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=923foVD9gLovB0Clhw+C5MS1BecE623/4WPm3/kqlks=; b=HWyn0f46x1xZT//2JSm5vtIWEhHDycTFHocd7Uon4BHwvWIWXtbZI0A5017m66eATX uwCrAbiMjGH+9fZ2Eh1c008jn9OaxqkXAms+rGtxVUGXp7cZOfzonu0qVJNIsJKHjCcx Vvp1v9tyDpuhPA7Mz7CU8W4QY2hxEs1zHrXCJVh/NV4yhOdNSBySV6167frugrvygEVc qpjFoacCwGooaLzj03jx7ymK11Ax8ydNXInDh/4bT4uNw+nfTEnR3gM3RhYfxAvYqyyD as+MGbp5FlbH/bAdiybEBlTDhzwDhD+kuslFL4rn01GBXqIFMJSNKOZnpkSTv72pZS6h iaow== X-Gm-Message-State: APjAAAVtePPXyI3yTRa0MTI1vVVa7ed3pUfCndGhIJWSOGteJAFLacrj oJzBrcvNMtQMgACnNvM4OAIqIrrwuG/rUQ== X-Received: by 2002:a7b:c398:: with SMTP id s24mr9739069wmj.53.1561361914433; Mon, 24 Jun 2019 00:38:34 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:4866:7cdc:a930:8455]) by smtp.gmail.com with ESMTPSA id 203sm7419280wmc.30.2019.06.24.00.38.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Jun 2019 00:38:33 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , Eric Biggers , Ondrej Mosnacek , Herbert Xu , Steve Capper Subject: [PATCH 5/6] crypto: aegis128 - provide a SIMD implementation based on NEON intrinsics Date: Mon, 24 Jun 2019 09:38:17 +0200 Message-Id: <20190624073818.29296-6-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190624073818.29296-1-ard.biesheuvel@linaro.org> References: <20190624073818.29296-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Provide an accelerated implementation of aegis128 by wiring up the SIMD hooks in the generic driver to an implementation based on NEON intrinsics, which can be compiled to both ARM and arm64 code. This results in a performance of 2.2 cycles per byte on Cortex-A53, which is a performance increase of ~11x compared to the generic code. Signed-off-by: Ard Biesheuvel --- crypto/Kconfig | 5 + crypto/Makefile | 12 ++ crypto/aegis128-neon-inner.c | 142 ++++++++++++++++++++ crypto/aegis128-neon.c | 43 ++++++ 4 files changed, 202 insertions(+) -- 2.20.1 diff --git a/crypto/Kconfig b/crypto/Kconfig index 3d056e7da65f..c4b96f2e1344 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -311,6 +311,11 @@ config CRYPTO_AEGIS128 help Support for the AEGIS-128 dedicated AEAD algorithm. +config CRYPTO_AEGIS128_SIMD + bool "Support SIMD acceleration for AEGIS-128" + depends on CRYPTO_AEGIS128 && ((ARM || ARM64) && KERNEL_MODE_NEON) + default y + config CRYPTO_AEGIS128L tristate "AEGIS-128L AEAD algorithm" select CRYPTO_AEAD diff --git a/crypto/Makefile b/crypto/Makefile index 266a4cdbb9e2..f4a55cfb7f17 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -92,6 +92,18 @@ obj-$(CONFIG_CRYPTO_GCM) += gcm.o obj-$(CONFIG_CRYPTO_CCM) += ccm.o obj-$(CONFIG_CRYPTO_CHACHA20POLY1305) += chacha20poly1305.o obj-$(CONFIG_CRYPTO_AEGIS128) += aegis128.o +aegis128-y := aegis128.o + +ifeq ($(ARCH),arm) +CFLAGS_aegis128-neon-inner.o += -ffreestanding -march=armv7-a -mfloat-abi=softfp -mfpu=crypto-neon-fp-armv8 +aegis128-$(CONFIG_CRYPTO_AEGIS128_SIMD) += aegis128-neon.o aegis128-neon-inner.o +endif +ifeq ($(ARCH),arm64) +CFLAGS_aegis128-neon-inner.o += -ffreestanding -mcpu=generic+crypto +CFLAGS_REMOVE_aegis128-neon-inner.o += -mgeneral-regs-only +aegis128-$(CONFIG_CRYPTO_AEGIS128_SIMD) += aegis128-neon.o aegis128-neon-inner.o +endif + obj-$(CONFIG_CRYPTO_AEGIS128L) += aegis128l.o obj-$(CONFIG_CRYPTO_AEGIS256) += aegis256.o obj-$(CONFIG_CRYPTO_MORUS640) += morus640.o diff --git a/crypto/aegis128-neon-inner.c b/crypto/aegis128-neon-inner.c new file mode 100644 index 000000000000..c6d90390ac38 --- /dev/null +++ b/crypto/aegis128-neon-inner.c @@ -0,0 +1,142 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (C) 2019 Linaro, Ltd. + */ + +#ifdef CONFIG_ARM64 +#include +#else +#include +#endif + +#define AEGIS_BLOCK_SIZE 16 + +#include + +void *memcpy(void *dest, const void *src, size_t n); +void *memset(void *s, int c, size_t n); + +struct aegis128_state { + uint8x16_t v[5]; +}; + +static struct aegis128_state aegis128_update_neon(struct aegis128_state st, + uint8x16_t m) +{ + uint8x16_t z = {}; + uint8x16_t t; + + t = vaesmcq_u8(vaeseq_u8(st.v[3], z)); + st.v[3] ^= vaesmcq_u8(vaeseq_u8(st.v[2], z)); + st.v[2] ^= vaesmcq_u8(vaeseq_u8(st.v[1], z)); + st.v[1] ^= vaesmcq_u8(vaeseq_u8(st.v[0], z)); + st.v[0] ^= vaesmcq_u8(vaeseq_u8(st.v[4], z)) ^ m; + st.v[4] ^= t; + + return st; +} + +void crypto_aegis128_update_neon(void *state, const void *msg) +{ + struct aegis128_state st = { { + vld1q_u8(state), + vld1q_u8(state + 16), + vld1q_u8(state + 32), + vld1q_u8(state + 48), + vld1q_u8(state + 64) + } }; + + st = aegis128_update_neon(st, vld1q_u8(msg)); + + vst1q_u8(state, st.v[0]); + vst1q_u8(state + 16, st.v[1]); + vst1q_u8(state + 32, st.v[2]); + vst1q_u8(state + 48, st.v[3]); + vst1q_u8(state + 64, st.v[4]); +} + +void crypto_aegis128_encrypt_chunk_neon(void *state, void *dst, const void *src, + unsigned int size) +{ + struct aegis128_state st = { { + vld1q_u8(state), + vld1q_u8(state + 16), + vld1q_u8(state + 32), + vld1q_u8(state + 48), + vld1q_u8(state + 64) + } }; + uint8x16_t tmp; + + while (size >= AEGIS_BLOCK_SIZE) { + uint8x16_t s = vld1q_u8(src); + + tmp = s ^ st.v[1] ^ (st.v[2] & st.v[3]) ^ st.v[4]; + st = aegis128_update_neon(st, s); + vst1q_u8(dst, tmp); + + size -= AEGIS_BLOCK_SIZE; + src += AEGIS_BLOCK_SIZE; + dst += AEGIS_BLOCK_SIZE; + } + + if (size > 0) { + uint8_t buf[AEGIS_BLOCK_SIZE] = {}; + uint8x16_t msg; + + memcpy(buf, src, size); + msg = vld1q_u8(buf); + tmp = msg ^ st.v[1] ^ (st.v[2] & st.v[3]) ^ st.v[4]; + st = aegis128_update_neon(st, msg); + vst1q_u8(buf, tmp); + memcpy(dst, buf, size); + } + + vst1q_u8(state, st.v[0]); + vst1q_u8(state + 16, st.v[1]); + vst1q_u8(state + 32, st.v[2]); + vst1q_u8(state + 48, st.v[3]); + vst1q_u8(state + 64, st.v[4]); +} + +void crypto_aegis128_decrypt_chunk_neon(void *state, void *dst, const void *src, + unsigned int size) +{ + struct aegis128_state st = { { + vld1q_u8(state), + vld1q_u8(state + 16), + vld1q_u8(state + 32), + vld1q_u8(state + 48), + vld1q_u8(state + 64) + } }; + uint8x16_t tmp; + + while (size >= AEGIS_BLOCK_SIZE) { + tmp = vld1q_u8(src) ^ st.v[1] ^ (st.v[2] & st.v[3]) ^ st.v[4]; + st = aegis128_update_neon(st, tmp); + vst1q_u8(dst, tmp); + + size -= AEGIS_BLOCK_SIZE; + src += AEGIS_BLOCK_SIZE; + dst += AEGIS_BLOCK_SIZE; + } + + if (size > 0) { + uint8_t buf[AEGIS_BLOCK_SIZE] = {}; + uint8x16_t msg; + + memcpy(buf, src, size); + msg = vld1q_u8(buf) ^ st.v[1] ^ (st.v[2] & st.v[3]) ^ st.v[4]; + vst1q_u8(buf, msg); + memcpy(dst, buf, size); + + memset(buf + size, 0, AEGIS_BLOCK_SIZE - size); + msg = vld1q_u8(buf); + st = aegis128_update_neon(st, msg); + } + + vst1q_u8(state, st.v[0]); + vst1q_u8(state + 16, st.v[1]); + vst1q_u8(state + 32, st.v[2]); + vst1q_u8(state + 48, st.v[3]); + vst1q_u8(state + 64, st.v[4]); +} diff --git a/crypto/aegis128-neon.c b/crypto/aegis128-neon.c new file mode 100644 index 000000000000..c1c0a1686f67 --- /dev/null +++ b/crypto/aegis128-neon.c @@ -0,0 +1,43 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (C) 2019 Linaro Ltd + */ + +#include +#include + +#include "aegis.h" + +void crypto_aegis128_update_neon(void *state, const void *msg); +void crypto_aegis128_encrypt_chunk_neon(void *state, void *dst, const void *src, + unsigned int size); +void crypto_aegis128_decrypt_chunk_neon(void *state, void *dst, const void *src, + unsigned int size); + +bool crypto_aegis128_have_simd(void) +{ + return cpu_have_feature(cpu_feature(AES)); +} + +void crypto_aegis128_update_simd(union aegis_block *state, const void *msg) +{ + kernel_neon_begin(); + crypto_aegis128_update_neon(state, msg); + kernel_neon_end(); +} + +void crypto_aegis128_encrypt_chunk_simd(union aegis_block *state, u8 *dst, + const u8 *src, unsigned int size) +{ + kernel_neon_begin(); + crypto_aegis128_encrypt_chunk_neon(state, dst, src, size); + kernel_neon_end(); +} + +void crypto_aegis128_decrypt_chunk_simd(union aegis_block *state, u8 *dst, + const u8 *src, unsigned int size) +{ + kernel_neon_begin(); + crypto_aegis128_decrypt_chunk_neon(state, dst, src, size); + kernel_neon_end(); +} From patchwork Mon Jun 24 07:38:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167556 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3867014ilk; Mon, 24 Jun 2019 00:38:38 -0700 (PDT) X-Google-Smtp-Source: APXvYqyh5sxCR+BhOoBw0Dt8GuRH2iXAu97PCXZV0Jt1Y3BPUi6mTh319ssAx7atUNy28tvaT+Ir X-Received: by 2002:a63:d944:: with SMTP id e4mr31282674pgj.261.1561361918726; Mon, 24 Jun 2019 00:38:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561361918; cv=none; d=google.com; s=arc-20160816; b=k5zBaNKoxcgqT06QqAGtCBlxkVKYnSIf+lmUhVbUcLfDwwiTtBhj/TZdnEWz6tfLoQ wzD55vfAd3XOwLTJIvzHp1McSWrUAIg8ciVfTzk96q7Qs/dzOq1mgX04gBoOwDpvM4o8 aEhl95E+Cml5sFVo2aihmtTiVvihP+w0v8QOztjzl9N5vGEZgbJknySSAQjEOACnjUKk 9CScWaGsuic0JNW/khmi+9NlQj6ycj+3ce7H/VEyzjuZhSNE1S8UZzY3leImfdxxHBUj M3nMVAXeQ/aOQh/HX/eDrgjDPTPNzk1HkxCyos85bDt+svTFFJ53A2WCZGZIGPc+BZS/ 1sRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=aJ2frxtItoOdASfDgurNaEGo6zzAMYWog88kS6QDgiQ=; b=SCGy2YAvmDq1ScCOCdy0C2EsqkKpTHOwa6/QKzsWKO1uNs1d3QckrOxthyE5rshDn/ rFItC5NgSrkFPzi2pS7X0vRcyQZEwrqzg8wYnv8cWxvj1Tan6nY989FpMpWk4vSfLpa2 JZ3Fxq2ofY4SPxP6YihbJASDg5aZr4J4kjbIrSz3/Qw9Z2Tw+PUGXVJBCJ/ADz5Um/2J tim9tm1GAURK8C6rmyjAW1hPsCVnU89xVxfcpnpQkz8hS7RgnaOjjMWggIorTv2k1QUS /mQFPJsyWq8ys4q3scfOddaAxdSpMtriD5DY/IGM85MVZNl3C+RSI0C2Uh6XWaG1/OyY ad/A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=GuNoLYkQ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h5si9375669pgd.419.2019.06.24.00.38.38; Mon, 24 Jun 2019 00:38:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=GuNoLYkQ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726077AbfFXHih (ORCPT + 3 others); Mon, 24 Jun 2019 03:38:37 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:42301 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727106AbfFXHih (ORCPT ); Mon, 24 Jun 2019 03:38:37 -0400 Received: by mail-wr1-f68.google.com with SMTP id x17so12691657wrl.9 for ; Mon, 24 Jun 2019 00:38:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=aJ2frxtItoOdASfDgurNaEGo6zzAMYWog88kS6QDgiQ=; b=GuNoLYkQKEU73mu3/7iHpGXtDE+J0Nd0TNcCdU6ENNEMDknqTRlPJkhNiJtN6X8LOk UJaYxKKUmwWaaGE0+q4Hy1X4+x28ia8GCF14Fnv5YTOeitJncZab/Lg/AO5KIXUYuw7K xQ+JwqjXBnXhPv/L0Ewmc+JpHT/UxLuXuhn4EQdVS2Eyp/TyZWyzvfVrlcd1FM/xKvpd SJH/lmMK6E2ngO5gcfqOOlKMOEBQv0Z8KIQyF1IUfGs2ianTBsljWsydcgGn8PDE0ijk woY+ekqMzRGdtoFlBhhF6BktgLzmeBS93UsYTqkN7OFvOB3DMv9fdWmUAQjFfQCMFU0h g22Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=aJ2frxtItoOdASfDgurNaEGo6zzAMYWog88kS6QDgiQ=; b=YiX6etqFXo5OW7nM8sm028aDN3kwRpSdEVKDpikWmy6bAvqQQq75hZmc7O/1QUEFr7 luEYsMEd3g4dLhEb3hQLelJuVY77qpeazqW187vH6DKQsMIktS68tTkyosdVsMfHajbB 9HvIIVM3OoycDkEkXltAeCwb7KR098KpBp7yVQ+unLgjJCdGSGMN0QyjjIMszDeCo6sU JAdVtN9BnNQT1JYdB0KHeANCXy4/eXGSJqBcmcaB/MmAXQshxHOsbw6zkF3C+8b9n2dq b5GzA7Nbm6M9J1HugdYawpo3ENMnwC06e+LWuyJjdtqFVXNBLkZdkGwEQ+vNceBit+un IpnA== X-Gm-Message-State: APjAAAWBuo0MAqQHt3WgYxXgs7aib9Sv8fjgqrnlbLUchLKrOwkyoJ0g /NmuuDTiCxgMCGIigyYgZBAiBX4yFy691Q== X-Received: by 2002:a5d:4001:: with SMTP id n1mr92777173wrp.293.1561361915452; Mon, 24 Jun 2019 00:38:35 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:4866:7cdc:a930:8455]) by smtp.gmail.com with ESMTPSA id 203sm7419280wmc.30.2019.06.24.00.38.34 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Jun 2019 00:38:34 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , Eric Biggers , Ondrej Mosnacek , Herbert Xu , Steve Capper Subject: [PATCH 6/6] crypto: tcrypt - add a speed test for AEGIS128 Date: Mon, 24 Jun 2019 09:38:18 +0200 Message-Id: <20190624073818.29296-7-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190624073818.29296-1-ard.biesheuvel@linaro.org> References: <20190624073818.29296-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- crypto/tcrypt.c | 7 +++++++ 1 file changed, 7 insertions(+) -- 2.20.1 diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index ad78ab5b93cb..c578ccd92c57 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c @@ -2327,6 +2327,13 @@ static int do_test(const char *alg, u32 type, u32 mask, int m, u32 num_mb) 0, speed_template_32); break; + case 221: + test_aead_speed("aegis128", ENCRYPT, sec, + NULL, 0, 16, 8, speed_template_16); + test_aead_speed("aegis128", DECRYPT, sec, + NULL, 0, 16, 8, speed_template_16); + break; + case 300: if (alg) { test_hash_speed(alg, sec, generic_hash_speed_template);