[PATCH] ARM: crypto: fix stack frame handling in SHA1 asm code

2013-04-25 Thread Ard Biesheuvel
://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1a9d60d2 Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm/crypto/sha1-armv4-large.S |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/crypto/sha1-armv4-large.S b/arch/arm/crypto/sha1-armv4-large.S index 92c6eed

[RFC PATCH 0/2] AES in CBC/CTR/XTS modes using ARMv8 Crypto Extensions

2013-09-13 Thread Ard Biesheuvel
. Ard Biesheuvel (2): crypto: move ablk_helper out of arch/x86 arm64: add support for AES using ARMv8 Crypto Extensions arch/arm64/Makefile| 8 +- arch/arm64/crypto/Makefile | 12 + arch/arm64/crypto/aesce-cbc.S | 58 + arch/arm64/crypto

[RFC PATCH 1/2] crypto: move ablk_helper out of arch/x86

2013-09-13 Thread Ard Biesheuvel
Move the ablk_helper code out of arch/x86 so it can be reused by other architectures. The only x86 specific dependency was a call to irq_fpu_usable(), this has been factored out and moved to crypto/ablk_helper_x86.c Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/x86/crypto

[RFC PATCH 2/2] arm64: add support for AES using ARMv8 Crypto Extensions

2013-09-13 Thread Ard Biesheuvel
This adds ARMv8 Crypto Extensions based implemenations of AES in CBC, CTR and XTS mode. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/Makefile | 8 +- arch/arm64/crypto/Makefile | 12 ++ arch/arm64/crypto/aesce-cbc.S| 58 +++ arch/arm64

[PATCH v2 0/2] crypto: move ablk_helper out of arch/x86

2013-09-17 Thread Ard Biesheuvel
v2: - whitespace fix - split into two patches so that the first one applies cleanly to the ARM/ARM64 trees as well - rebased onto cryptodev/master Ard Biesheuvel (2): crypto: create generic version of ablk_helper crypto: move x86 to the generic version of ablk_helper arch/x86/crypto

[PATCH v2 2/2] crypto: move x86 to the generic version of ablk_helper

2013-09-17 Thread Ard Biesheuvel
Move all users of ablk_helper under x86/ to the generic version and delete the x86 specific version. Acked-by: Jussi Kivilinna jussi.kivili...@iki.fi Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/x86/crypto/Makefile | 1 - arch/x86/crypto/ablk_helper.c

[PATCH v3 1/2] crypto: create generic version of ablk_helper

2013-09-20 Thread Ard Biesheuvel
Create a generic version of ablk_helper so it can be reused by other architectures. Acked-by: Jussi Kivilinna jussi.kivili...@iki.fi Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- crypto/Kconfig | 4 ++ crypto/Makefile | 1 + crypto/ablk_helper.c

[PATCH v3 2/2] crypto: move x86 to the generic version of ablk_helper

2013-09-20 Thread Ard Biesheuvel
Move all users of ablk_helper under x86/ to the generic version and delete the x86 specific version. Acked-by: Jussi Kivilinna jussi.kivili...@iki.fi Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/x86/crypto/Makefile | 1 - arch/x86/crypto/ablk_helper.c

[PATCH v3 0/2] crypto: move ablk_helper out of arch/x86

2013-09-20 Thread Ard Biesheuvel
v3: - added generic and x86 versions of asm/simd.h containing may_use_simd(), and use it to decide whether to take the sync or the async path v2: - whitespace fix - split into two patches so that the first one applies cleanly to the ARM/ARM64 trees as well - rebased onto cryptodev/master Ard

[PATCH 2/4] ARM: pull in asm/simd.h from asm-generic

2013-09-20 Thread Ard Biesheuvel
Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm/include/asm/Kbuild | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm/include/asm/Kbuild b/arch/arm/include/asm/Kbuild index d3db398..6577b8a 100644 --- a/arch/arm/include/asm/Kbuild +++ b/arch/arm/include/asm/Kbuild

[PATCH 1/4] crypto: create generic version of ablk_helper

2013-09-20 Thread Ard Biesheuvel
Create a generic version of ablk_helper so it can be reused by other architectures. Acked-by: Jussi Kivilinna jussi.kivili...@iki.fi Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- crypto/Kconfig | 4 ++ crypto/Makefile | 1 + crypto/ablk_helper.c

[PATCH 0/4] ARM: NEON based fast(er) AES in CBC/CTR/XTS modes

2013-09-20 Thread Ard Biesheuvel
. Ard Biesheuvel (4): crypto: create generic version of ablk_helper ARM: pull in asm/simd.h from asm-generic ARM: move AES typedefs and function prototypes to separate header ARM: add support for bit sliced AES using NEON instructions arch/arm/crypto/Makefile |6 +- arch/arm/crypto

[PATCH 3/4] ARM: move AES typedefs and function prototypes to separate header

2013-09-20 Thread Ard Biesheuvel
Put the struct definitions for AES keys and the asm function prototypes in a separate header and export the asm functions from the module. This allows other drivers to use them directly. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm/crypto/aes_glue.c | 22

Re: [PATCH 1/4] crypto: create generic version of ablk_helper

2013-09-22 Thread Ard Biesheuvel
On 22 sep. 2013, at 12:05, Jussi Kivilinna jussi.kivili...@iki.fi wrote: On 20.09.2013 21:46, Ard Biesheuvel wrote: Create a generic version of ablk_helper so it can be reused by other architectures. Acked-by: Jussi Kivilinna jussi.kivili...@iki.fi Signed-off-by: Ard Biesheuvel

Re: [PATCH 4/4] ARM: add support for bit sliced AES using NEON instructions

2013-09-23 Thread Ard Biesheuvel
On 22 September 2013 13:12, Jussi Kivilinna jussi.kivili...@iki.fi wrote: [...] Decryption can probably be made faster by implementing InvMixColumns slightly differently. Instead of implementing inverse MixColumns matrix directly, use preprocessing step, followed by MixColumns as described in

[PATCH v2 0/3] ARM: NEON based fast(er) AES in CBC/CTR/XTS modes

2013-10-03 Thread Ard Biesheuvel
instead. http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6f6a6130 This series still depends on commit a62b01cd (crypto: create generic version of ablk_helper) which I omitted this time but which can be found in the cryptodev tree or in linux-next. Ard Biesheuvel (3): ARM: pull in asm

[PATCH v2 1/3] ARM: pull in asm/simd.h from asm-generic

2013-10-03 Thread Ard Biesheuvel
Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm/include/asm/Kbuild | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm/include/asm/Kbuild b/arch/arm/include/asm/Kbuild index d3db398..6577b8a 100644 --- a/arch/arm/include/asm/Kbuild +++ b/arch/arm/include/asm/Kbuild

[PATCH v2 2/3] ARM: move AES typedefs and function prototypes to separate header

2013-10-03 Thread Ard Biesheuvel
Put the struct definitions for AES keys and the asm function prototypes in a separate header and export the asm functions from the module. This allows other drivers to use them directly. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm/crypto/aes_glue.c | 22

Re: [PATCH v2 0/3] ARM: NEON based fast(er) AES in CBC/CTR/XTS modes

2013-10-04 Thread Ard Biesheuvel
On 4 October 2013 19:48, Will Deacon will.dea...@arm.com wrote: On Thu, Oct 03, 2013 at 10:59:23PM +0100, Ard Biesheuvel wrote: Note to reviewers: Reviewing the file aesbs-core.S may be a bit overwhelming, so if there are any questions or concerns, please refer the file bsaes-armv7.pl which

Re: [PATCH v2 0/3] ARM: NEON based fast(er) AES in CBC/CTR/XTS modes

2013-10-04 Thread Ard Biesheuvel
On 4 October 2013 20:34, Nicolas Pitre nicolas.pi...@linaro.org wrote: On Fri, 4 Oct 2013, Will Deacon wrote: [...] Why do you consider it unsuitable to ship the perl script with the kernel? Perl 5 is already documented as a build dependency in Documentation/Changes Do you have an example of

Re: [PATCH RFC] CRYPTO: Fix more AES build errors:

2014-01-02 Thread Ard Biesheuvel
the autobuilder failures. arch/arm/crypto/bsaes-armv7.pl |2 +- The .S_shipped file produced by this script should be updated at the same time. Acked-by: Ard Biesheuvel ard.biesheu...@linaro.org Regards, Ard. 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/arch/arm/crypto

[RFC PATCH 3/3] arm64: add Crypto Extensions based core AES cipher

2014-02-06 Thread Ard Biesheuvel
Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/Makefile | 1 + arch/arm64/crypto/Makefile| 13 ++ arch/arm64/crypto/aes-ce-cipher.c | 257 ++ crypto/Kconfig| 6 + 4 files changed, 277

[RFC PATCH 1/3] crypto: add interleave option to cipher_alg

2014-02-06 Thread Ard Biesheuvel
through .cia_enc_interleave and .cia_dec_interleave. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- include/linux/crypto.h | 4 1 file changed, 4 insertions(+) diff --git a/include/linux/crypto.h b/include/linux/crypto.h index b92eadf92d72..4f09a10a4efa 100644 --- a/include/linux

[RFC PATCH 0/3] support for interleaving in generic chaining modes

2014-02-06 Thread Ard Biesheuvel
a benchmark, but CTR and XTS are other obvious candidates for the treatment. I have included my arm64 AES cipher implementation for reference. Ard Biesheuvel (3): crypto: add interleave option to cipher_alg crypto: take interleave into account for CBC decryption arm64: add Crypto Extensions based core

[RFC PATCH 2/3] crypto: take interleave into account for CBC decryption

2014-02-06 Thread Ard Biesheuvel
As CBC decryption can be executed in parallel, take the cipher alg's preferred interleave into account when decrypting data. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- crypto/cbc.c | 109 --- 1 file changed, 82 insertions

Re: [RFC PATCH 0/3] support for interleaving in generic chaining modes

2014-02-06 Thread Ard Biesheuvel
On 7 February 2014 03:23, Herbert Xu herb...@gondor.apana.org.au wrote: On Thu, Feb 06, 2014 at 01:25:01PM +0100, Ard Biesheuvel wrote: My apologies if this has been discussed/debated before on linux-crypto. When working on accelerated crypto for ARM and arm64, I noticed that many

Re: [RFC PATCH 0/3] support for interleaving in generic chaining modes

2014-02-07 Thread Ard Biesheuvel
On 7 February 2014 10:23, Herbert Xu herb...@gondor.apana.org.au wrote: On Fri, Feb 07, 2014 at 08:30:26AM +0100, Ard Biesheuvel wrote: I agree that it would be trivial for cbc(%s) to probe for ecb(%s) before settling on using plain '%s. But how to probe for an /accelerated/ ecb(%s), i.e

Re: [RFC PATCH 0/3] support for interleaving in generic chaining modes

2014-02-07 Thread Ard Biesheuvel
On 7 February 2014 10:44, Herbert Xu herb...@gondor.apana.org.au wrote: On Fri, Feb 07, 2014 at 10:42:14AM +0100, Ard Biesheuvel wrote: Another example is bit sliced AES like the implementation in arch/arm/crypto. It is 45% faster than the ordinary ARM asm implementation, but its natural

[RFC PATCH] arm64: add support for AES in CCM mode using Crypto Extensions

2014-02-11 Thread Ard Biesheuvel
This adds support for a synchronous implementation of AES in CCM mode using ARMv8 Crypto Extensions, using NEON registers q0 - q5. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- Hi all, I am posting this for review/RFC. The main topic for feedback is the way I have used an inner

Re: [RFC PATCH] arm64: add support for AES in CCM mode using Crypto Extensions

2014-02-24 Thread Ard Biesheuvel
On 25 February 2014 08:02, Herbert Xu herb...@gondor.apana.org.au wrote: On Tue, Feb 11, 2014 at 09:21:45AM +0100, Ard Biesheuvel wrote: This adds support for a synchronous implementation of AES in CCM mode using ARMv8 Crypto Extensions, using NEON registers q0 - q5. Signed-off-by: Ard

Re: [RFC PATCH] arm64: add support for AES in CCM mode using Crypto Extensions

2014-02-24 Thread Ard Biesheuvel
On 25 February 2014 08:16, Herbert Xu herb...@gondor.apana.org.au wrote: On Tue, Feb 25, 2014 at 08:12:36AM +0100, Ard Biesheuvel wrote: Do you have any comments specifically about using an inner blkcipher instance to implement the aead? Indeed, the inner block cipher looks superfluous since

[RFC PATCH v2 3/3] arm64: add Crypto Extensions based core AES cipher and 4-way ECB

2014-02-24 Thread Ard Biesheuvel
Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/Makefile | 1 + arch/arm64/crypto/Makefile| 13 ++ arch/arm64/crypto/aes-ce-cipher.c | 382 ++ crypto/Kconfig| 6 + 4 files changed, 402

[RFC PATCH v2 0/3] support for interleaving in generic chaining modes

2014-02-24 Thread Ard Biesheuvel
for the chunk. Anyway, no performance numbers yet. I will post back once I produce any. -- Ard. Ard Biesheuvel (3): crypto: update generic ECB's driver_name to 'ecb_generic' crypto: use ECB to implement CBC decryption arm64: add Crypto Extensions based core AES cipher and 4-way ECB arch

[RFC PATCH v2 1/3] crypto: update generic ECB's driver_name to 'ecb_generic'

2014-02-24 Thread Ard Biesheuvel
of generic ECB to 'ecb_generic(%s)'. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- crypto/ecb.c | 12 1 file changed, 12 insertions(+) diff --git a/crypto/ecb.c b/crypto/ecb.c index 935cfef4aa84..46a6a61fbcb9 100644 --- a/crypto/ecb.c +++ b/crypto/ecb.c @@ -134,6 +134,12

[RFC PATCH v2 2/3] crypto: use ECB to implement CBC decryption

2014-02-24 Thread Ard Biesheuvel
-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- crypto/cbc.c | 234 +++ 1 file changed, 221 insertions(+), 13 deletions(-) diff --git a/crypto/cbc.c b/crypto/cbc.c index 61ac42e1e32b..7fa22ea155c8 100644 --- a/crypto/cbc.c +++ b/crypto

Re: [RFC PATCH] arm64: add support for AES in CCM mode using Crypto Extensions

2014-02-25 Thread Ard Biesheuvel
On 25 February 2014 10:08, Herbert Xu herb...@gondor.apana.org.au wrote: On Tue, Feb 25, 2014 at 08:21:22AM +0100, Ard Biesheuvel wrote: For the authenticate-only data, this is manageable as you are only dealing with input, but when dealing with both in- and output, as in the core of CCM

[RFC PATCH 0/3] reworked ccm(aes) using blkcipher walk API

2014-02-25 Thread Ard Biesheuvel
that allow these data member (iv size, alignmask, etc) to be supplied directly. Suggestions for better names than blkcipher_walk_init_raw and blkcipher_walk_virt_raw are highly appreciated. Ard Biesheuvel (3): crypto: remove direct blkcipher_walk dependency on transform crypto: allow blkcipher

[RFC PATCH 2/3] crypto: allow blkcipher walks with no associated blkcipher transform

2014-02-25 Thread Ard Biesheuvel
This adds the functions blkcipher_walk_init_raw and blkcipher_walk_virt_raw, which allow the caller to initialize the walk struct data members directly. This allows non-blkcipher uses (e.g., AEADs) of the blkcipher walk API. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- crypto

[RFC PATCH 3/3] arm64: add support for AES in CCM mode using Crypto Extensions

2014-02-25 Thread Ard Biesheuvel
This adds support for a synchronous implementation of AES in CCM mode using ARMv8 Crypto Extensions, using NEON registers q0 - q5. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/Makefile| 1 + arch/arm64/crypto/Makefile | 12 ++ arch/arm64

[RFC PATCH 1/3] crypto: remove direct blkcipher_walk dependency on transform

2014-02-25 Thread Ard Biesheuvel
In order to allow other uses of the blkcipher walk API than the blkcipher algos themselves, this patch copies some of the transform data members to the walk struct so the transform is only accessed at walk init time. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- crypto/blkcipher.c

[RFC PATCH 2/3] crypto: allow blkcipher walks over AEAD data

2014-03-03 Thread Ard Biesheuvel
This adds the function blkcipher_aead_walk_virt_block, which allows the caller to use the blkcipher walk API to handle the input and output scatterlists. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- crypto/blkcipher.c | 14 ++ include/crypto/algapi.h | 4 2

[RFC PATCH 3/3] arm64: add support for AES in CCM mode using Crypto Extensions

2014-03-03 Thread Ard Biesheuvel
This adds support for a synchronous implementation of AES in CCM mode using ARMv8 Crypto Extensions, using NEON registers q0 - q5. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/Makefile| 1 + arch/arm64/crypto/Makefile | 12 ++ arch/arm64

[RFC PATCH 1/3] crypto: remove direct blkcipher_walk dependency on transform

2014-03-03 Thread Ard Biesheuvel
In order to allow other uses of the blkcipher walk API than the blkcipher algos themselves, this patch copies some of the transform data members to the walk struct so the transform is only accessed at walk init time. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- crypto/blkcipher.c

[RFC PATCH 0/3] take 2: repurposing blkcipher walk api for aead

2014-03-03 Thread Ard Biesheuvel
transform. Ard Biesheuvel (3): crypto: remove direct blkcipher_walk dependency on transform crypto: allow blkcipher walks over AEAD data arm64: add support for AES in CCM mode using Crypto Extensions arch/arm64/Makefile| 1 + arch/arm64/crypto/Makefile | 12 ++ arch

Re: [RFC PATCH 0/3] take 2: repurposing blkcipher walk api for aead

2014-03-03 Thread Ard Biesheuvel
On 4 March 2014 15:46, Herbert Xu herb...@gondor.apana.org.au wrote: On Tue, Mar 04, 2014 at 01:28:37PM +0800, Ard Biesheuvel wrote: I think this is a better approach than the one I proposed before. This time, I have only added a single function specifically for use by aeads

Re: [RFC PATCH 0/3] take 2: repurposing blkcipher walk api for aead

2014-03-03 Thread Ard Biesheuvel
On 4 March 2014 15:53, Herbert Xu herb...@gondor.apana.org.au wrote: On Tue, Mar 04, 2014 at 03:51:11PM +0800, Ard Biesheuvel wrote: Is there anything else required before you can take these patches? Note that the first one should go through the arm64 tree, and may need further review

[PATCH] arm64/lib: add optimized implementation of sha_transform

2014-03-14 Thread Ard Biesheuvel
This implementation keeps the 64 bytes of workspace in registers rather than on the stack, eliminating most of the loads and stores, and reducing the instruction count by about 25%. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- Hello all, No performance numbers I am allowed

Re: [PATCH] arm64/lib: add optimized implementation of sha_transform

2014-03-18 Thread Ard Biesheuvel
On 17 March 2014 22:18, Marek Vasut ma...@denx.de wrote: On Friday, March 14, 2014 at 04:02:33 PM, Ard Biesheuvel wrote: This implementation keeps the 64 bytes of workspace in registers rather than on the stack, eliminating most of the loads and stores, and reducing the instruction count

[PATCH] arm64: SHA-224/SHA-256 using ARMv8 Crypto Extensions

2014-03-20 Thread Ard Biesheuvel
This patch adds support for the SHA-224 and SHA-256 hash algorithms using the NEON based SHA-256 instructions that were introduced in ARM v8. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- Again, this patch depends on the FPSIMD optimization patches that I have posted to the LAKML

[PATCH] arm64: add support for GHASH secure hash using ARMv8 Crypto Extensions

2014-03-26 Thread Ard Biesheuvel
This is a port to ARMv8 (Crypto Extensions) of the Intel implementation of the GHASH Secure Hash (used in the Galois/Counter chaining mode). It relies on the optional PMULL/PMULL2 instruction (polynomial multiply long, what Intel call carry-less multiply). Signed-off-by: Ard Biesheuvel

[PATCH] x86/crypto: ghash: use C implementation for setkey()

2014-03-27 Thread Ard Biesheuvel
() does not use any particular SSE features and is not expected to become a performance bottleneck. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- I suppose this should be marked for stable as well? arch/x86/crypto/ghash-clmulni-intel_asm.S | 29 - arch

Re: [PATCH] x86/crypto: ghash: use C implementation for setkey()

2014-03-27 Thread Ard Biesheuvel
On 27 March 2014 12:36, Herbert Xu herb...@gondor.apana.org.au wrote: On Thu, Mar 27, 2014 at 12:29:00PM +0100, Ard Biesheuvel wrote: The GHASH setkey() function uses SSE registers but fails to call kernel_fpu_begin()/kernel_fpu_end(). Instead of adding these calls, and then having to deal

Re: [PATCH] x86/crypto: ghash: use C implementation for setkey()

2014-03-27 Thread Ard Biesheuvel
On 27 March 2014 12:46, Ard Biesheuvel ard.biesheu...@linaro.org wrote: On 27 March 2014 12:36, Herbert Xu herb...@gondor.apana.org.au wrote: On Thu, Mar 27, 2014 at 12:29:00PM +0100, Ard Biesheuvel wrote: The GHASH setkey() function uses SSE registers but fails to call kernel_fpu_begin

Re: [PATCH] arm64: SHA-224/SHA-256 using ARMv8 Crypto Extensions

2014-03-27 Thread Ard Biesheuvel
On 24 March 2014 21:36, Marek Vasut ma...@denx.de wrote: On Thursday, March 20, 2014 at 03:48:06 PM, Ard Biesheuvel wrote: This patch adds support for the SHA-224 and SHA-256 hash algorithms using the NEON based SHA-256 instructions that were introduced in ARM v8. Signed-off-by: Ard

[PATCH v2] x86/crypto: ghash: use C implementation for setkey()

2014-03-27 Thread Ard Biesheuvel
() does not use any particular SSE features and is not expected to become a performance bottleneck. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org Acked-by: H. Peter Anvin h...@linux.intel.com Fixes: 0e1227d356e9b (crypto: ghash - Add PCLMULQDQ accelerated implementation) --- Changes since

Re: [crypto:master 60/60] arch/x86/crypto/ghash-clmulni-intel_glue.c:71:25: sparse: cast to restricted __be64

2014-04-01 Thread Ard Biesheuvel
On 1 April 2014 13:23, kbuild test robot fengguang...@intel.com wrote: tree: git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git master head: 8ceee72808d1ae3fb191284afc2257a2be964725 commit: 8ceee72808d1ae3fb191284afc2257a2be964725 [60/60] crypto: ghash-clmulni-intel -

Re: [crypto:master 60/60] arch/x86/crypto/ghash-clmulni-intel_glue.c:71:25: sparse: cast to restricted __be64

2014-04-01 Thread Ard Biesheuvel
On 1 April 2014 14:37, Ard Biesheuvel ard.biesheu...@linaro.org wrote: On 1 April 2014 13:23, kbuild test robot fengguang...@intel.com wrote: tree: git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git master head: 8ceee72808d1ae3fb191284afc2257a2be964725 commit

[PATCH] crypto: add test cases for SHA-1, SHA-224 and SHA-256

2014-04-01 Thread Ard Biesheuvel
This adds a test case for each of SHA-1, SHA-224 and SHA-256 with a plaintext size of 64 bytes, which is exactly the block size. The reason is that some implementations may use a different code path for inputs that are an exact multiple of the block size. --- Just some trivial test vectors I have

Fwd: [crypto:master 60/60] arch/x86/crypto/ghash-clmulni-intel_glue.c:71:25: sparse: cast to restricted __be64

2014-04-04 Thread Ard Biesheuvel
: sparse: cast to restricted __be64 To: Ard Biesheuvel ard.biesheu...@linaro.org Cc: linux-crypto@vger.kernel.org linux-crypto@vger.kernel.org, kbuild test robot fengguang...@intel.com On Tue, Apr 01, 2014 at 02:37:20PM +0200, Ard Biesheuvel wrote: On 1 April 2014 13:23, kbuild test robot fengguang

Re: [crypto:master 60/60] arch/x86/crypto/ghash-clmulni-intel_glue.c:71:25: sparse: cast to restricted __be64

2014-04-04 Thread Ard Biesheuvel
On 4 April 2014 14:25, Herbert Xu herb...@gondor.apana.org.au wrote: On Tue, Apr 01, 2014 at 08:48:24PM +0800, Herbert Xu wrote: On Tue, Apr 01, 2014 at 02:37:20PM +0200, Ard Biesheuvel wrote: On 1 April 2014 13:23, kbuild test robot fengguang...@intel.com wrote: tree: git

[PATCH] crypto: add test cases for SHA-1, SHA-224, SHA-256 and AES-CCM

2014-04-10 Thread Ard Biesheuvel
This adds test cases for SHA-1, SHA-224, SHA-256 and AES-CCM with an input size that is an exact multiple of the block size. The reason is that some implementations use a different code path for these cases. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- This is the same patch as I

Re: Fwd: [crypto:master 60/60] arch/x86/crypto/ghash-clmulni-intel_glue.c:71:25: sparse: cast to restricted __be64

2014-04-11 Thread Ard Biesheuvel
On 11 April 2014 18:03, gre...@linuxfoundation.org gre...@linuxfoundation.org wrote: On Fri, Apr 04, 2014 at 10:11:19AM +0200, Ard Biesheuvel wrote: Greg, This pertains to commit 8ceee72808d1 (crypto: ghash-clmulni-intel - use C implementation for setkey()) that has been pulled by Linus

[PATCH resend 00/15] arm64 crypto roundup

2014-05-01 Thread Ard Biesheuvel
This is a repost of the arm64 crypto patches that I have posted to the LAKML over the past months. They have now been verified on actual hardware (Cortex-A57) so if there are no remaining issues I would like to propose them for 3.16. Ard Biesheuvel (15): asm-generic: allow generic unaligned

[PATCH resend 07/15] arm64/crypto: GHASH secure hash using ARMv8 Crypto Extensions

2014-05-01 Thread Ard Biesheuvel
This is a port to ARMv8 (Crypto Extensions) of the Intel implementation of the GHASH Secure Hash (used in the Galois/Counter chaining mode). It relies on the optional PMULL/PMULL2 instruction (polynomial multiply long, what Intel call carry-less multiply). Signed-off-by: Ard Biesheuvel

[PATCH resend 06/15] arm64/crypto: SHA-224/SHA-256 using ARMv8 Crypto Extensions

2014-05-01 Thread Ard Biesheuvel
This patch adds support for the SHA-224 and SHA-256 Secure Hash Algorithms for CPUs that have support for the SHA-2 part of the ARM v8 Crypto Extensions. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/crypto/Kconfig| 5 + arch/arm64/crypto/Makefile | 3

[PATCH resend 08/15] arm64/crypto: AES using ARMv8 Crypto Extensions

2014-05-01 Thread Ard Biesheuvel
This patch adds support for the AES symmetric encryption algorithm for CPUs that have support for the AES part of the ARM v8 Crypto Extensions. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/crypto/Kconfig | 7 +- arch/arm64/crypto/Makefile| 3 + arch

[PATCH resend 09/15] arm64/crypto: AES in CCM mode using ARMv8 Crypto Extensions

2014-05-01 Thread Ard Biesheuvel
This patch adds support for the AES-CCM encryption algorithm for CPUs that have support for the AES part of the ARM v8 Crypto Extensions. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org Acked-by: Herbert Xu herb...@gondor.apana.org.au --- arch/arm64/crypto/Kconfig | 7 + arch

[PATCH resend 03/15] arm64: defer reloading a task's FPSIMD state to userland resume

2014-05-01 Thread Ard Biesheuvel
-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/include/asm/fpsimd.h | 2 + arch/arm64/include/asm/thread_info.h | 4 +- arch/arm64/kernel/entry.S| 2 +- arch/arm64/kernel/fpsimd.c | 136 ++- arch/arm64/kernel/signal.c

[PATCH resend 04/15] arm64: add support for kernel mode NEON in interrupt context

2014-05-01 Thread Ard Biesheuvel
. To mark the end of such a partial section, the regular kernel_neon_end() should be used. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/include/asm/fpsimd.h | 15 arch/arm64/include/asm/fpsimdmacros.h | 35 arch/arm64/include/asm

[PATCH resend 05/15] arm64/crypto: SHA-1 using ARMv8 Crypto Extensions

2014-05-01 Thread Ard Biesheuvel
This patch adds support for the SHA-1 Secure Hash Algorithm for CPUs that have support for the SHA-1 part of the ARM v8 Crypto Extensions. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/Kconfig | 3 + arch/arm64/Makefile | 1 + arch/arm64

[PATCH resend 02/15] arm64: add abstractions for FPSIMD state manipulation

2014-05-01 Thread Ard Biesheuvel
- fpsimd_update_current_state - replace current's FPSIMD state - fpsimd_flush_task_state - invalidate live copies of a task's FPSIMD state Where necessary, the ptrace, signal handling and fork code are updated to use the above wrappers instead of poking into the FPSIMD registers directly. Signed-off-by: Ard

[PATCH resend 11/15] arm64/crypto: AES-ECB/CBC/CTR/XTS using ARMv8 NEON and Crypto Extensions

2014-05-01 Thread Ard Biesheuvel
routines were borrowed from aes_generic. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/crypto/Kconfig | 14 ++ arch/arm64/crypto/Makefile| 14 ++ arch/arm64/crypto/aes-ce.S| 147 +++ arch/arm64/crypto/aes-glue.c | 446

[PATCH resend 15/15] arm64/crypto: add voluntary preemption to Crypto Extensions GHASH

2014-05-01 Thread Ard Biesheuvel
by the scheduler. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/crypto/ghash-ce-core.S | 10 ++ arch/arm64/crypto/ghash-ce-glue.c | 33 + 2 files changed, 31 insertions(+), 12 deletions(-) diff --git a/arch/arm64/crypto/ghash-ce

[PATCH resend 12/15] arm64/crypto: add shared macro to test for NEED_RESCHED

2014-05-01 Thread Ard Biesheuvel
This adds the asm macro definition 'b_if_no_resched' that performs a conditional branch depending on the preempt need_resched state. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/include/asm/assembler.h | 21 + 1 file changed, 21 insertions(+) diff

[PATCH resend 10/15] arm64: pull in asm/simd.h from asm-generic

2014-05-01 Thread Ard Biesheuvel
Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/include/asm/Kbuild | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm64/include/asm/Kbuild b/arch/arm64/include/asm/Kbuild index 83f71b3004a8..42c7eecd2bb6 100644 --- a/arch/arm64/include/asm/Kbuild +++ b/arch/arm64

[PATCH resend 13/15] arm64/crypto: add voluntary preemption to Crypto Extensions SHA1

2014-05-01 Thread Ard Biesheuvel
by the scheduler. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/crypto/sha1-ce-core.S | 19 arch/arm64/crypto/sha1-ce-glue.c | 49 +++- 2 files changed, 48 insertions(+), 20 deletions(-) diff --git a/arch/arm64/crypto/sha1

[PATCH resend 14/15] arm64/crypto: add voluntary preemption to Crypto Extensions SHA2

2014-05-01 Thread Ard Biesheuvel
by the scheduler. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/crypto/sha2-ce-core.S | 19 --- arch/arm64/crypto/sha2-ce-glue.c | 51 ++-- 2 files changed, 50 insertions(+), 20 deletions(-) diff --git a/arch/arm64/crypto/sha2

Re: [PATCH resend 02/15] arm64: add abstractions for FPSIMD state manipulation

2014-05-06 Thread Ard Biesheuvel
On 6 May 2014 16:43, Catalin Marinas catalin.mari...@arm.com wrote: On Thu, May 01, 2014 at 04:49:34PM +0100, Ard Biesheuvel wrote: diff --git a/arch/arm64/kernel/fpsimd.c b/arch/arm64/kernel/fpsimd.c index 4aef42a04bdc..86ac6a9bc86a 100644 --- a/arch/arm64/kernel/fpsimd.c +++ b/arch/arm64

Re: [PATCH resend 03/15] arm64: defer reloading a task's FPSIMD state to userland resume

2014-05-06 Thread Ard Biesheuvel
On 6 May 2014 18:08, Catalin Marinas catalin.mari...@arm.com wrote: On Thu, May 01, 2014 at 04:49:35PM +0100, Ard Biesheuvel wrote: @@ -153,12 +252,11 @@ static int fpsimd_cpu_pm_notifier(struct notifier_block *self, { switch (cmd) { case CPU_PM_ENTER

Re: [PATCH resend 04/15] arm64: add support for kernel mode NEON in interrupt context

2014-05-06 Thread Ard Biesheuvel
On 6 May 2014 18:49, Catalin Marinas catalin.mari...@arm.com wrote: On Thu, May 01, 2014 at 04:49:36PM +0100, Ard Biesheuvel wrote: diff --git a/arch/arm64/include/asm/fpsimd.h b/arch/arm64/include/asm/fpsimd.h index 7a900142dbc8..05e1b24aca4c 100644 --- a/arch/arm64/include/asm/fpsimd.h

Re: [PATCH resend 00/15] arm64 crypto roundup

2014-05-07 Thread Ard Biesheuvel
On 7 May 2014 16:45, Catalin Marinas catalin.mari...@arm.com wrote: On Thu, May 01, 2014 at 04:49:32PM +0100, Ard Biesheuvel wrote: This is a repost of the arm64 crypto patches that I have posted to the LAKML over the past months. They have now been verified on actual hardware (Cortex-A57) so

Re: [PATCH resend 00/15] arm64 crypto roundup

2014-05-08 Thread Ard Biesheuvel
On 7 May 2014 16:45, Catalin Marinas catalin.mari...@arm.com wrote: On Thu, May 01, 2014 at 04:49:32PM +0100, Ard Biesheuvel wrote: This is a repost of the arm64 crypto patches that I have posted to the LAKML over the past months. They have now been verified on actual hardware (Cortex-A57) so

Re: [PATCH resend 00/15] arm64 crypto roundup

2014-05-09 Thread Ard Biesheuvel
On 8 May 2014 23:50, Catalin Marinas catalin.mari...@arm.com wrote: On 8 May 2014, at 12:22, Ard Biesheuvel ard.biesheu...@linaro.org wrote: On 7 May 2014 16:45, Catalin Marinas catalin.mari...@arm.com wrote: On Thu, May 01, 2014 at 04:49:32PM +0100, Ard Biesheuvel wrote: This is a repost

[PATCH v2 03/11] arm64/crypto: GHASH secure hash using ARMv8 Crypto Extensions

2014-05-14 Thread Ard Biesheuvel
This is a port to ARMv8 (Crypto Extensions) of the Intel implementation of the GHASH Secure Hash (used in the Galois/Counter chaining mode). It relies on the optional PMULL/PMULL2 instruction (polynomial multiply long, what Intel call carry-less multiply). Signed-off-by: Ard Biesheuvel

[PATCH v2 06/11] arm64: pull in asm/simd.h from asm-generic

2014-05-14 Thread Ard Biesheuvel
Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/include/asm/Kbuild | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm64/include/asm/Kbuild b/arch/arm64/include/asm/Kbuild index 83f71b3004a8..42c7eecd2bb6 100644 --- a/arch/arm64/include/asm/Kbuild +++ b/arch/arm64

[PATCH v2 05/11] arm64/crypto: AES in CCM mode using ARMv8 Crypto Extensions

2014-05-14 Thread Ard Biesheuvel
This patch adds support for the AES-CCM encryption algorithm for CPUs that have support for the AES part of the ARM v8 Crypto Extensions. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org Acked-by: Herbert Xu herb...@gondor.apana.org.au --- arch/arm64/crypto/Kconfig | 7 + arch

[PATCH v2 02/11] arm64/crypto: SHA-224/SHA-256 using ARMv8 Crypto Extensions

2014-05-14 Thread Ard Biesheuvel
This patch adds support for the SHA-224 and SHA-256 Secure Hash Algorithms for CPUs that have support for the SHA-2 part of the ARM v8 Crypto Extensions. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org Acked-by: Herbert Xu herb...@gondor.apana.org.au --- arch/arm64/crypto/Kconfig

[PATCH v2 00/11] arm64 crypto roundup

2014-05-14 Thread Ard Biesheuvel
patches operate correctly under their respective 'tcrypt.ko mode=xx' tests. Ard Biesheuvel (11): arm64/crypto: SHA-1 using ARMv8 Crypto Extensions arm64/crypto: SHA-224/SHA-256 using ARMv8 Crypto Extensions arm64/crypto: GHASH secure hash using ARMv8 Crypto Extensions arm64/crypto: AES using

[PATCH v2 08/11] arm64/crypto: add shared macro to test for NEED_RESCHED

2014-05-14 Thread Ard Biesheuvel
This adds the asm macro definition 'b_if_no_resched' that performs a conditional branch depending on the preempt need_resched state. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- arch/arm64/include/asm/assembler.h | 21 + 1 file changed, 21 insertions(+) diff

[PATCH v2 07/11] arm64/crypto: AES-ECB/CBC/CTR/XTS using ARMv8 NEON and Crypto Extensions

2014-05-14 Thread Ard Biesheuvel
routines were borrowed from aes_generic. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org Acked-by: Herbert Xu herb...@gondor.apana.org.au --- arch/arm64/crypto/Kconfig | 14 ++ arch/arm64/crypto/Makefile| 14 ++ arch/arm64/crypto/aes-ce.S| 133 +++ arch/arm64/crypto

[PATCH v2 09/11] arm64/crypto: add voluntary preemption to Crypto Extensions SHA1

2014-05-14 Thread Ard Biesheuvel
by the scheduler. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org Acked-by: Herbert Xu herb...@gondor.apana.org.au --- arch/arm64/crypto/sha1-ce-core.S | 19 --- arch/arm64/crypto/sha1-ce-glue.c | 52 ++-- 2 files changed, 44 insertions(+), 27

[PATCH v2 01/11] arm64/crypto: SHA-1 using ARMv8 Crypto Extensions

2014-05-14 Thread Ard Biesheuvel
This patch adds support for the SHA-1 Secure Hash Algorithm for CPUs that have support for the SHA-1 part of the ARM v8 Crypto Extensions. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org Acked-by: Herbert Xu herb...@gondor.apana.org.au --- arch/arm64/Kconfig | 3 + arch

[PATCH v2 10/11] arm64/crypto: add voluntary preemption to Crypto Extensions SHA2

2014-05-14 Thread Ard Biesheuvel
by the scheduler. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org Acked-by: Herbert Xu herb...@gondor.apana.org.au --- arch/arm64/crypto/sha2-ce-core.S | 19 --- arch/arm64/crypto/sha2-ce-glue.c | 51 ++-- 2 files changed, 44 insertions(+), 26

[PATCH v2 11/11] arm64/crypto: add voluntary preemption to Crypto Extensions GHASH

2014-05-14 Thread Ard Biesheuvel
by the scheduler. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org Acked-by: Herbert Xu herb...@gondor.apana.org.au --- arch/arm64/crypto/ghash-ce-core.S | 10 ++ arch/arm64/crypto/ghash-ce-glue.c | 34 ++ 2 files changed, 32 insertions(+), 12 deletions

[PATCH v2 04/11] arm64/crypto: AES using ARMv8 Crypto Extensions

2014-05-14 Thread Ard Biesheuvel
This patch adds support for the AES symmetric encryption algorithm for CPUs that have support for the AES part of the ARM v8 Crypto Extensions. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org Acked-by: Herbert Xu herb...@gondor.apana.org.au --- arch/arm64/crypto/Kconfig | 7

Re: [PATCH v2 09/11] arm64/crypto: add voluntary preemption to Crypto Extensions SHA1

2014-05-15 Thread Ard Biesheuvel
On 15 May 2014 10:24, Catalin Marinas catalin.mari...@arm.com wrote: On Wed, May 14, 2014 at 07:17:29PM +0100, Ard Biesheuvel wrote: The Crypto Extensions based SHA1 implementation uses the NEON register file, and hence runs with preemption disabled. This patch adds a TIF_NEED_RESCHED check

Re: [PATCH v2 09/11] arm64/crypto: add voluntary preemption to Crypto Extensions SHA1

2014-05-15 Thread Ard Biesheuvel
On 15 May 2014 14:47, Catalin Marinas catalin.mari...@arm.com wrote: On 15 May 2014, at 22:35, Ard Biesheuvel ard.biesheu...@linaro.org wrote: On 15 May 2014 10:24, Catalin Marinas catalin.mari...@arm.com wrote: On Wed, May 14, 2014 at 07:17:29PM +0100, Ard Biesheuvel wrote: +static u8 const

[PATCH] crypto: add 4 more test vectors for GHASH

2014-06-12 Thread Ard Biesheuvel
This adds 4 test vectors for GHASH (of which one for chunked mode), making a total of 5. Signed-off-by: Ard Biesheuvel ard.biesheu...@linaro.org --- crypto/testmgr.h | 49 + 1 file changed, 45 insertions(+), 4 deletions(-) diff --git a/crypto

Re: [PATCH 1/2] crypto: sha1/ARM: make use of common SHA-1 structures

2014-06-28 Thread Ard Biesheuvel
On 28 June 2014 12:39, Jussi Kivilinna jussi.kivili...@iki.fi wrote: Common SHA-1 structures are defined in crypto/sha.h for code sharing. This patch changes SHA-1/ARM glue code to use these structures. Signed-off-by: Jussi Kivilinna jussi.kivili...@iki.fi Acked-by: Ard Biesheuvel

Re: [PATCH 2/2] crypto: sha1: add ARM NEON implementation

2014-06-28 Thread Ard Biesheuvel
Hi Jussi, On 28 June 2014 12:40, Jussi Kivilinna jussi.kivili...@iki.fi wrote: This patch adds ARM NEON assembly implementation of SHA-1 algorithm. tcrypt benchmark results on Cortex-A8, sha1-arm-asm vs sha1-neon-asm: block-size bytes/updateold-vs-new 16 16

  1   2   3   4   5   6   7   8   9   >