On Thu, Dec 31, 2020 at 05:41:53PM +0100, Ard Biesheuvel wrote:
> The AES-NI implementation of XTS was impacted significantly by the retpoline
> changes, which is due to the fact that both its asm helper and the chaining
> mode glue library use indirect calls for processing small quantitities of
> data
> 
> So let's fix this, by:
> - creating a minimal, backportable fix that recovers most of the performance,
>   by reducing the number of indirect calls substantially;
> - for future releases, rewrite the XTS implementation completely, and replace
>   the glue helper with a core asm routine that is more flexible, making the C
>   code wrapper much more straight-forward.
> 
> This results in a substantial performance improvement: around ~2x for 1k and
> 4k blocks, and more than 3x for ~1k blocks that require ciphertext stealing
> (benchmarked using tcrypt using 1420 byte blocks - full results below)
> 
> It also allows us to enable the same driver for i386.
> 
> Changes since v1:
> - use 'test LEN, LEN' instead of 'cmp $0, LEN' to get shorter opcodes, as
>   suggested by Uros
> - rebase to get rid of false dependencies on other changes that are in flight.
> 
> NOTE: patch #2 depends on [0], which provides the permutation table used for
>       ciphertext stealing
> 
> [0] 
> https://lore.kernel.org/linux-crypto/20201207233402.17472-1-a...@kernel.org/
> 
> Cc: Megha Dey <megha....@intel.com>
> Cc: Eric Biggers <ebigg...@kernel.org>
> Cc: Herbert Xu <herb...@gondor.apana.org.au>
> Cc: Uros Bizjak <ubiz...@gmail.com>
> 
> Ard Biesheuvel (2):
>   crypto: x86/aes-ni-xts - use direct calls to and 4-way stride
>   crypto: x86/aes-ni-xts - rewrite and drop indirections via glue helper
> 
>  arch/x86/crypto/aesni-intel_asm.S  | 353 ++++++++++++++++----
>  arch/x86/crypto/aesni-intel_glue.c | 229 +++++++------
>  crypto/Kconfig                     |   1 -
>  3 files changed, 411 insertions(+), 172 deletions(-)

All applied.  Thanks.
-- 
Email: Herbert Xu <herb...@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply via email to