1. 20 Jun, 2014 2 commits
  2. 21 Mar, 2014 1 commit
    • chandramouli narayanan's avatar
      crypto: sha - SHA1 transform x86_64 AVX2 · 7c1da8d0
      chandramouli narayanan authored
      This git patch adds x86_64 AVX2 optimization of SHA1
      transform to crypto support. The patch has been tested with 3.14.0-rc1
      On a Haswell desktop, with turbo disabled and all cpus running
      at maximum frequency, tcrypt shows AVX2 performance improvement
      from 3% for 256 bytes update to 16% for 1024 bytes update over
      AVX implementation.
      This patch adds sha1_avx2_transform(), the glue, build and
      configuration changes needed for AVX2 optimization of
      SHA1 transform to crypto support.
      sha1-ssse3 is one module which adds the necessary optimization
      support (SSSE3/AVX/AVX2) for the low-level SHA1 transform function.
      With better optimization support, transform function is overridden
      as the case may be. In the case of AVX2, due to performance reasons
      across datablock sizes, the AVX or AVX2 transform function is used
      at run-time as it suits best. The Makefile change therefore appends
      the necessary objects to the linkage. Due to this, the patch merely
      appends AVX2 transform to the existing build mix and Kconfig support
      and leaves the configuration build support as is.
      Signed-off-by: default avatarChandramouli Narayanan <mouli@linux.intel.com>
      Reviewed-by: default avatarMarek Vasut <marex@denx.de>
      Acked-by: default avatarH. Peter Anvin <hpa@linux.intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  3. 25 Oct, 2013 1 commit
  4. 04 Oct, 2013 1 commit
    • Ard Biesheuvel's avatar
      ARM: add support for bit sliced AES using NEON instructions · e4e7f10b
      Ard Biesheuvel authored
      Bit sliced AES gives around 45% speedup on Cortex-A15 for encryption
      and around 25% for decryption. This implementation of the AES algorithm
      does not rely on any lookup tables so it is believed to be invulnerable
      to cache timing attacks.
      This algorithm processes up to 8 blocks in parallel in constant time. This
      means that it is not usable by chaining modes that are strictly sequential
      in nature, such as CBC encryption. CBC decryption, however, can benefit from
      this implementation and runs about 25% faster. The other chaining modes
      implemented in this module, XTS and CTR, can execute fully in parallel in
      both directions.
      The core code has been adopted from the OpenSSL project (in collaboration
      with the original author, on cc). For ease of maintenance, this version is
      identical to the upstream OpenSSL code, i.e., all modifications that were
      required to make it suitable for inclusion into the kernel have been made
      upstream. The original can be found here:
      Note to integrators:
      While this implementation is significantly faster than the existing table
      based ones (generic or ARM asm), especially in CTR mode, the effects on
      power efficiency are unclear as of yet. This code does fundamentally more
      work, by calculating values that the table based code obtains by a simple
      lookup; only by doing all of that work in a SIMD fashion, it manages to
      perform better.
      Cc: Andy Polyakov <appro@openssl.org>
      Acked-by: default avatarNicolas Pitre <nico@linaro.org>
      Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
  5. 23 Sep, 2013 2 commits
  6. 07 Sep, 2013 1 commit
  7. 24 Jul, 2013 1 commit
  8. 09 Jul, 2013 1 commit
  9. 21 Jun, 2013 2 commits
  10. 05 Jun, 2013 2 commits
  11. 24 May, 2013 1 commit
  12. 20 May, 2013 1 commit
  13. 25 Apr, 2013 10 commits
  14. 26 Feb, 2013 1 commit
  15. 19 Jan, 2013 1 commit
  16. 11 Jan, 2013 1 commit
  17. 10 Jan, 2013 1 commit
  18. 06 Dec, 2012 1 commit
  19. 09 Nov, 2012 1 commit
    • Jussi Kivilinna's avatar
      crypto: camellia - add AES-NI/AVX/x86_64 assembler implementation of camellia cipher · d9b1d2e7
      Jussi Kivilinna authored
      This patch adds AES-NI/AVX/x86_64 assembler implementation of Camellia block
      cipher. Implementation process data in sixteen block chunks, which are
      byte-sliced and AES SubBytes is reused for Camellia s-box with help of pre-
      and post-filtering.
      Patch has been tested with tcrypt and automated filesystem tests.
      tcrypt test results:
      Intel Core i5-2450M:
      camellia-aesni-avx vs camellia-asm-x86_64-2way:
      128bit key:                                             (lrw:256bit)    (xts:256bit)
      size    ecb-enc ecb-dec cbc-enc cbc-dec ctr-enc ctr-dec lrw-enc lrw-dec xts-enc xts-dec
      16B     0.98x   0.96x   0.99x   0.96x   0.96x   0.95x   0.95x   0.94x   0.97x   0.98x
      64B     0.99x   0.98x   1.00x   0.98x   0.98x   0.99x   0.98x   0.93x   0.99x   0.98x
      256B    2.28x   2.28x   1.01x   2.29x   2.25x   2.24x   1.96x   1.97x   1.91x   1.90x
      1024B   2.57x   2.56x   1.00x   2.57x   2.51x   2.53x   2.19x   2.17x   2.19x   2.22x
      8192B   2.49x   2.49x   1.00x   2.53x   2.48x   2.49x   2.17x   2.17x   2.22x   2.22x
      256bit key:                                             (lrw:384bit)    (xts:512bit)
      size    ecb-enc ecb-dec cbc-enc cbc-dec ctr-enc ctr-dec lrw-enc lrw-dec xts-enc xts-dec
      16B     0.97x   0.98x   0.99x   0.97x   0.97x   0.96x   0.97x   0.98x   0.98x   0.99x
      64B     1.00x   1.00x   1.01x   0.99x   0.98x   0.99x   0.99x   0.99x   0.99x   0.99x
      256B    2.37x   2.37x   1.01x   2.39x   2.35x   2.33x   2.10x   2.11x   1.99x   2.02x
      1024B   2.58x   2.60x   1.00x   2.58x   2.56x   2.56x   2.28x   2.29x   2.28x   2.29x
      8192B   2.50x   2.52x   1.00x   2.56x   2.51x   2.51x   2.24x   2.25x   2.26x   2.29x
      Signed-off-by: default avatarJussi Kivilinna <jussi.kivilinna@mbnet.fi>
      Acked-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  20. 15 Oct, 2012 1 commit
    • Tim Chen's avatar
      crypto: crc32c - Optimize CRC32C calculation with PCLMULQDQ instruction · 6a8ce1ef
      Tim Chen authored
      This patch adds the crc_pcl function that calculates CRC32C checksum using the
      PCLMULQDQ instruction on processors that support this feature. This will
      provide speedup over using CRC32 instruction only.
      The usage of PCLMULQDQ necessitate the invocation of kernel_fpu_begin and
      kernel_fpu_end and incur some overhead.  So the new crc_pcl function is only
      invoked for buffer size of 512 bytes or more.  Larger sized
      buffers will expect to see greater speedup.  This feature is best used coupled
      with eager_fpu which reduces the kernel_fpu_begin/end overhead.  For
      buffer size of 1K the speedup is around 1.6x and for buffer size greater than
      4K, the speedup is around 3x compared to original implementation in crc32c-intel
      module. Test was performed on Sandy Bridge based platform with constant frequency
      set for cpu.
      A white paper detailing the algorithm can be found here:
      http://download.intel.com/design/intarch/papers/323405.pdfSigned-off-by: default avatarTim Chen <tim.c.chen@linux.intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  21. 08 Oct, 2012 1 commit
    • David Howells's avatar
      KEYS: Implement asymmetric key type · 964f3b3b
      David Howells authored
      Create a key type that can be used to represent an asymmetric key type for use
      in appropriate cryptographic operations, such as encryption, decryption,
      signature generation and signature verification.
      The key type is "asymmetric" and can provide access to a variety of
      cryptographic algorithms.
      Possibly, this would be better as "public_key" - but that has the disadvantage
      that "public key" is an overloaded term.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Signed-off-by: default avatarRusty Russell <rusty@rustcorp.com.au>
  22. 03 Oct, 2012 1 commit
  23. 06 Sep, 2012 1 commit
  24. 29 Aug, 2012 1 commit
  25. 26 Aug, 2012 1 commit
  26. 23 Aug, 2012 1 commit
  27. 22 Aug, 2012 1 commit