From: Arvind Sankar
> Sent: 20 October 2020 21:40
>
> Putting the round constants and the message schedule arrays together in
> one structure saves one register, which can be a significant benefit on
> register-constrained architectures. On x86-32 (tested on Broadwell
> Xeon), this gives a 10% per
The temporary W[] array is currently zeroed out once every call to
sha256_transform(), i.e. once every 64 bytes of input data. Moving it to
sha256_update() instead so that it is cleared only once per update can
save about 2-3% of the total time taken to compute the digest, with a
reasonable memset(
Patch 1 -- Use memzero_explicit() instead of structure assignment/plain
memset() to clear sensitive state.
Patch 2 -- I am not sure about this one: currently the temporary
variables used in the generic sha256 implementation are cleared, but the
clearing is optimized away due to lack of compiler ba
Putting the round constants and the message schedule arrays together in
one structure saves one register, which can be a significant benefit on
register-constrained architectures. On x86-32 (tested on Broadwell
Xeon), this gives a 10% performance benefit.
Signed-off-by: Arvind Sankar
Suggested-by
The assignments to clear a through h and t1/t2 are optimized out by the
compiler because they are unused after the assignments.
These variables shouldn't be very sensitive: t1/t2 can be calculated
from a through h, so they don't reveal any additional information.
Knowing a through h is equivalent
Unrolling the LOAD and BLEND loops improves performance by ~8% on x86_64
(tested on Broadwell Xeon) while not increasing code size too much.
Signed-off-by: Arvind Sankar
---
lib/crypto/sha256.c | 24
1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/lib/cryp
This reduces code size substantially (on x86_64 with gcc-10 the size of
sha256_update() goes from 7593 bytes to 1952 bytes including the new
SHA256_K array), and on x86 is slightly faster than the full unroll
(tesed on Broadwell Xeon).
Signed-off-by: Arvind Sankar
---
lib/crypto/sha256.c | 166 +
Without the barrier_data() inside memzero_explicit(), the compiler may
optimize away the state-clearing if it can tell that the state is not
used afterwards. At least in lib/crypto/sha256.c:__sha256_final(), the
function can get inlined into sha256(), in which case the memset is
optimized away.
Si
On Tue, Oct 20, 2020 at 02:55:47PM +, David Laight wrote:
> From: Arvind Sankar
> > Sent: 20 October 2020 15:07
> > To: David Laight
> >
> > On Tue, Oct 20, 2020 at 07:41:33AM +, David Laight wrote:
> > > From: Arvind Sankar> Sent: 19 October 2020 16:30
> > > > To: Herbert Xu ; David S. M
On Mon, 2020-10-19 at 12:42 -0700, Nick Desaulniers wrote:
> On Sat, Oct 17, 2020 at 10:43 PM Greg KH wrote:
> > On Sat, Oct 17, 2020 at 09:09:28AM -0700, t...@redhat.com wrote:
> > > From: Tom Rix
> > >
> > > This is a upcoming change to clean up a new warning treewide.
> > > I am wondering if
On 10/20/20 6:42 AM, Ben Boeckel wrote:
> On Tue, Oct 20, 2020 at 14:50:01 +0800, Lee, Chun-Yi wrote:
>> +config CHECK_CODESIGN_EKU
>> +bool "Check codeSigning extended key usage"
>> +depends on PKCS7_MESSAGE_PARSER=y
>> +depends on SYSTEM_DATA_VERIFICATION
>> +help
>> + This o
From: Arvind Sankar
> Sent: 20 October 2020 15:07
> To: David Laight
>
> On Tue, Oct 20, 2020 at 07:41:33AM +, David Laight wrote:
> > From: Arvind Sankar> Sent: 19 October 2020 16:30
> > > To: Herbert Xu ; David S. Miller
> > > ; linux-
> > > cry...@vger.kernel.org
> > > Cc: linux-ker...@vg
On 10/19/20 4:05 PM, Jason Gunthorpe wrote:
> On Mon, Oct 19, 2020 at 12:42:15PM -0700, Nick Desaulniers wrote:
>> On Sat, Oct 17, 2020 at 10:43 PM Greg KH wrote:
>>> On Sat, Oct 17, 2020 at 09:09:28AM -0700, t...@redhat.com wrote:
From: Tom Rix
This is a upcoming change to clean
On Tue, Oct 20, 2020 at 07:41:33AM +, David Laight wrote:
> From: Arvind Sankar> Sent: 19 October 2020 16:30
> > To: Herbert Xu ; David S. Miller
> > ; linux-
> > cry...@vger.kernel.org
> > Cc: linux-ker...@vger.kernel.org
> > Subject: [PATCH 4/5] crypto: lib/sha256 - Unroll SHA256 loop 8 time
On 10/19/20 12:42 PM, Nick Desaulniers wrote:
> On Sat, Oct 17, 2020 at 10:43 PM Greg KH wrote:
>> On Sat, Oct 17, 2020 at 09:09:28AM -0700, t...@redhat.com wrote:
>>> From: Tom Rix
>>>
>>> This is a upcoming change to clean up a new warning treewide.
>>> I am wondering if the change could be o
On Tue, Oct 20, 2020 at 14:50:01 +0800, Lee, Chun-Yi wrote:
> +config CHECK_CODESIGN_EKU
> + bool "Check codeSigning extended key usage"
> + depends on PKCS7_MESSAGE_PARSER=y
> + depends on SYSTEM_DATA_VERIFICATION
> + help
> + This option provides support for checking the cod
> On 19 Oct 2020, at 20:42, Nick Desaulniers wrote:
>
> We probably should add all 3 to W=2 builds (wrapped in cc-option).
> I've filed https://github.com/ClangBuiltLinux/linux/issues/1180 to
> follow up on.
It looks as though the URL mangling has been fixed. If anyone sees that
specific UR
From: Arvind Sankar> Sent: 19 October 2020 16:30
> To: Herbert Xu ; David S. Miller
> ; linux-
> cry...@vger.kernel.org
> Cc: linux-ker...@vger.kernel.org
> Subject: [PATCH 4/5] crypto: lib/sha256 - Unroll SHA256 loop 8 times intead
> of 64
>
> This reduces code size substantially (on x86_64 wit
18 matches
Mail list logo
