From: Eric Biggers
Add a 64-bit AVX2 implementation of NHPoly1305, an ε-almost-∆-universal
hash function used in the Adiantum encryption mode. For now, only the
NH portion is actually AVX2-accelerated; the Poly1305 part is less
performance-critical so is just implemented in C.
Signed-off-by: Er
From: Eric Biggers
Add a 64-bit SSE2 implementation of NHPoly1305, an ε-almost-∆-universal
hash function used in the Adiantum encryption mode. For now, only the
NH portion is actually SSE2-accelerated; the Poly1305 part is less
performance-critical so is just implemented in C.
Signed-off-by: Er
From: Eric Biggers
In preparation for adding XChaCha12 support, rename/refactor the x86_64
SIMD implementations of ChaCha20 to support different numbers of rounds.
Reviewed-by: Martin Willi
Signed-off-by: Eric Biggers
---
arch/x86/crypto/Makefile | 8 +-
...a20-avx2-x86
From: Eric Biggers
Now that the x86_64 SIMD implementations of ChaCha20 and XChaCha20 have
been refactored to support varying the number of rounds, add support for
XChaCha12. This is identical to XChaCha20 except for the number of
rounds, which is 12 instead of 20. This can be used by Adiantum.
From: Eric Biggers
To improve responsiveness, yield the FPU (temporarily re-enabling
preemption) every 4 KiB encrypted/decrypted, rather than keeping
preemption disabled during the entire encryption/decryption operation.
Alternatively we could do this for every skcipher_walk step, but steps
may
From: Eric Biggers
Add an XChaCha20 implementation that is hooked up to the x86_64 SIMD
implementations of ChaCha20. This can be used by Adiantum.
An SSSE3 implementation of single-block HChaCha20 is also added so that
XChaCha20 can use it rather than the generic implementation. This
required
Hello,
This series optimizes the Adiantum encryption mode for x86_64 by adding
SSE2 and AVX2 accelerated implementations of NHPoly1305, specifically
the NH part; and by modifying the existing x86_64 SSSE3/AVX2/AVX-512VL
implementation of ChaCha20 to support XChaCha20 and XChaCha12.
This greatly i
On Mon, Dec 03, 2018 at 03:13:37PM +0100, Ard Biesheuvel wrote:
> On Sun, 2 Dec 2018 at 11:47, Martin Willi wrote:
> >
> >
> > > To improve responsiveness, disable preemption for each step of the
> > > walk (which is at most PAGE_SIZE) rather than for the entire
> > > encryption/decryption operati
Hi Martin,
On Sat, Dec 01, 2018 at 05:40:40PM +0100, Martin Willi wrote:
>
> > An SSSE3 implementation of single-block HChaCha20 is also added so
> > that XChaCha20 can use it rather than the generic
> > implementation. This required refactoring the ChaCha permutation
> > into its own function.
On Tue, Dec 04, 2018 at 02:14:19PM -0600, Rob Herring wrote:
> On Thu, Nov 29, 2018 at 02:42:18PM +0800, Herbert Xu wrote:
> > On Tue, Nov 13, 2018 at 09:40:36AM +, Gilad Ben-Yossef wrote:
> > > Add device tree bindings associating Arm TrustZone CryptoCell 703 with the
> > > ccree driver.
> > >
I was curious if it might make implementing F() faster to use
instructions that are meant to work with sets of data similar to what
would be processed
From: Eric Biggers
If the stream cipher implementation is asynchronous, then the Adiantum
instance must be flagged as asynchronous as well. Otherwise someone
asking for a synchronous algorithm can get an asynchronous algorithm.
There are no asynchronous xchacha12 or xchacha20 implementations ye
On Thu, Sep 06, 2018 at 12:43:41PM +0200, Ard Biesheuvel wrote:
> On 5 September 2018 at 21:24, Eric Biggers wrote:
> > From: Eric Biggers
> >
> > fscrypt doesn't use the CTR mode of operation for anything, so there's
> > no need to select CRYPTO_CTR. It was added by commit 71dea01ea2ed
> > ("ex
Hello James,
Thanks for you interest in these patches.
James Morris writes:
> On Fri, 16 Nov 2018, Thiago Jung Bauermann wrote:
>
>> On the OpenPOWER platform, secure boot and trusted boot are being
>> implemented using IMA for taking measurements and verifying signatures.
>> Since the kernel
Commit-ID: a0076e1778c23de4a42d90fee4ecb4c21dbb5838
Gitweb: https://git.kernel.org/tip/a0076e1778c23de4a42d90fee4ecb4c21dbb5838
Author: Paul E. McKenney
AuthorDate: Mon, 5 Nov 2018 16:57:40 -0800
Committer: Paul E. McKenney
CommitDate: Tue, 27 Nov 2018 09:18:59 -0800
crypto/pcrypt: Rep
On Fri, 16 Nov 2018, Thiago Jung Bauermann wrote:
> On the OpenPOWER platform, secure boot and trusted boot are being
> implemented using IMA for taking measurements and verifying signatures.
> Since the kernel image on Power servers is an ELF binary, kernels are
> signed using the scripts/sign-fi
On Thu, Nov 29, 2018 at 02:42:18PM +0800, Herbert Xu wrote:
> On Tue, Nov 13, 2018 at 09:40:36AM +, Gilad Ben-Yossef wrote:
> > Add device tree bindings associating Arm TrustZone CryptoCell 703 with the
> > ccree driver.
> >
> > Signed-off-by: Gilad Ben-Yossef
> > ---
> > Documentation/devic
On Tue, 13 Nov 2018 09:40:36 +, Gilad Ben-Yossef wrote:
> Add device tree bindings associating Arm TrustZone CryptoCell 703 with the
> ccree driver.
>
> Signed-off-by: Gilad Ben-Yossef
> ---
> Documentation/devicetree/bindings/crypto/arm-cryptocell.txt | 1 +
> 1 file changed, 1 insertion(+)
On Tue, 4 Dec 2018 at 04:56, Eric Biggers wrote:
>
> From: Eric Biggers
>
> Add an XChaCha20 implementation that is hooked up to the ARM64 NEON
> implementation of ChaCha20. This can be used by Adiantum.
>
> A NEON implementation of single-block HChaCha20 is also added so that
> XChaCha20 can us
Improve the performance of NEON based ChaCha:
Patch #1 adds a block size of 1472 to the tcrypt test template so we have
something that reflects the VPN case.
Patch #2 improves performance for arbitrary length inputs: on deep pipelines,
throughput increases ~30% when running on inputs blocks whose
In order to have better coverage of algorithms operating on block
sizes that are in the ballpark of a VPN packet, add 1472 to the
block_sizes array.
Signed-off-by: Ard Biesheuvel
---
crypto/tcrypt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/tcrypt.c b/crypto/tcr
To some degree, most known AArch64 micro-architectures appear to be
able to issue ALU instructions in parellel to SIMD instructions
without affecting the SIMD throughput. This means we can use the ALU
to process a fifth ChaCha block while the SIMD is processing four
blocks in parallel.
Signed-off-
Update the 4-way NEON ChaCha routine so it can handle input of any
length >64 bytes in its entirety, rather than having to call into
the 1-way routine and/or memcpy()s via temp buffers to handle the
tail of a ChaCha invocation that is not a multiple of 256 bytes.
On inputs that are a multiple of 2
Enabled the PF->VF Mailbox support. Mailbox message are interpreted
as {type, opcode, data}. Supported message types are REQ, ACK and NACK.
Signed-off-by: Srikanth Jampala
---
drivers/crypto/cavium/nitrox/Makefile | 3 +-
drivers/crypto/cavium/nitrox/nitrox_csr.h | 12 +-
drivers/
On Thu, Nov 29, 2018 at 8:42 AM Herbert Xu wrote:
>
> On Tue, Nov 13, 2018 at 09:40:36AM +, Gilad Ben-Yossef wrote:
> > Add device tree bindings associating Arm TrustZone CryptoCell 703 with the
> > ccree driver.
> >
> > Signed-off-by: Gilad Ben-Yossef
> > ---
> > Documentation/devicetree/bi
25 matches
Mail list logo
