Re: [PATCH net-next v6 19/23] zinc: Curve25519 ARM implementation

2018-10-05 Thread Jason A. Donenfeld
Hey Dan, On Fri, Oct 05, 2018 at 03:05:38PM -, D. J. Bernstein wrote: > Of course, there are other ARM microarchitectures, and there are many > cases where different microarchitectures prefer different optimizations. > The kernel already has boot-time benchmarks for different optimizations > f

Re: [PATCH net-next v6 19/23] zinc: Curve25519 ARM implementation

2018-10-05 Thread Ard Biesheuvel
On 5 October 2018 at 17:05, D. J. Bernstein wrote: > For the in-order ARM Cortex-A8 (the target for this code), adjacent > multiply-add instructions forward summands quickly. A simple in-order > dot-product computation has no latency problems, while interleaving > computations, as suggested in thi

Re: [PATCH net-next v6 19/23] zinc: Curve25519 ARM implementation

2018-10-05 Thread D. J. Bernstein
For the in-order ARM Cortex-A8 (the target for this code), adjacent multiply-add instructions forward summands quickly. A simple in-order dot-product computation has no latency problems, while interleaving computations, as suggested in this thread, creates problems. Also, on this microarchitecture,

Re: [PATCH net-next v6 19/23] zinc: Curve25519 ARM implementation

2018-10-02 Thread Jason A. Donenfeld
On Tue, Oct 2, 2018 at 6:59 PM Ard Biesheuvel wrote: > Could you elaborate on what qhasm is exactly? And, as with the other > patches, I would prefer it if we could have your changes as a separate > patch (although having the qhasm base would be preferred) By the way, as of a few minutes ago, if

Re: [PATCH net-next v6 19/23] zinc: Curve25519 ARM implementation

2018-10-02 Thread Jason A. Donenfeld
(+Dan,Peter in CC. Replying to: for context.) Hi Ard, On Tue, Oct 2, 2018 at 6:59 PM Ard Biesheuvel wrote: > Shouldn't this use the new simd abstraction as well? Yes, it probably should, thanks.

Re: [PATCH net-next v6 19/23] zinc: Curve25519 ARM implementation

2018-10-02 Thread Richard Weinberger
Ard, On Tue, Oct 2, 2018 at 7:06 PM Ard Biesheuvel wrote: > I guess qhasm means generated code, right? Yes. Please see: http://cr.yp.to/qhasm.html It generates code from a q-file (the "template"). Actually it is a rather powerful tool, but as you noticed, sometimes the code is not perfect. --

Re: [PATCH net-next v6 19/23] zinc: Curve25519 ARM implementation

2018-10-02 Thread Ard Biesheuvel
Hi Jason, On 25 September 2018 at 16:56, Jason A. Donenfeld wrote: > This comes from Dan Bernstein and Peter Schwabe's public domain NEON > code, and has been modified to be friendly for kernel space, as well as > removing some qhasm strangeness to be more idiomatic. > > Signed-off-by: Jason A. D

[PATCH net-next v6 19/23] zinc: Curve25519 ARM implementation

2018-09-25 Thread Jason A. Donenfeld
This comes from Dan Bernstein and Peter Schwabe's public domain NEON code, and has been modified to be friendly for kernel space, as well as removing some qhasm strangeness to be more idiomatic. Signed-off-by: Jason A. Donenfeld Cc: Samuel Neves Cc: Andy Lutomirski Cc: Greg KH Cc: Jean-Philipp