Eric Lee / smarc-ti-linux-kernel

21 Mar, 2014

1 commit

  • 7c1da8d0d   crypto: sha - SHA1 transform x86_64 AVX2 ... Browse Code »
    2

    This git patch adds x86_64 AVX2 optimization of SHA1
    transform to crypto support. The patch has been tested with 3.14.0-rc1
    kernel.

    On a Haswell desktop, with turbo disabled and all cpus running
    at maximum frequency, tcrypt shows AVX2 performance improvement
    from 3% for 256 bytes update to 16% for 1024 bytes update over
    AVX implementation.

    This patch adds sha1_avx2_transform(), the glue, build and
    configuration changes needed for AVX2 optimization of
    SHA1 transform to crypto support.

    sha1-ssse3 is one module which adds the necessary optimization
    support (SSSE3/AVX/AVX2) for the low-level SHA1 transform function.
    With better optimization support, transform function is overridden
    as the case may be. In the case of AVX2, due to performance reasons
    across datablock sizes, the AVX or AVX2 transform function is used
    at run-time as it suits best. The Makefile change therefore appends
    the necessary objects to the linkage. Due to this, the patch merely
    appends AVX2 transform to the existing build mix and Kconfig support
    and leaves the configuration build support as is.

    Signed-off-by: Chandramouli Narayanan
    Reviewed-by: Marek Vasut
    Acked-by: H. Peter Anvin
    Signed-off-by: Herbert Xu

    chandramouli narayanan
     

24 Nov, 2013

1 commit

  • 26b265cd2   Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 ... Browse Code »

    Pull crypto update from Herbert Xu:
    - Made x86 ablk_helper generic for ARM
    - Phase out chainiv in favour of eseqiv (affects IPsec)
    - Fixed aes-cbc IV corruption on s390
    - Added constant-time crypto_memneq which replaces memcmp
    - Fixed aes-ctr in omap-aes
    - Added OMAP3 ROM RNG support
    - Add PRNG support for MSM SoC's
    - Add and use Job Ring API in caam
    - Misc fixes

    [ NOTE! This pull request was sent within the merge window, but Herbert
    has some questionable email sending setup that makes him public enemy
    #1 as far as gmail is concerned. So most of his emails seem to be
    trapped by gmail as spam, resulting in me not seeing them. - Linus ]

    * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (49 commits)
    crypto: s390 - Fix aes-cbc IV corruption
    crypto: omap-aes - Fix CTR mode counter length
    crypto: omap-sham - Add missing modalias
    padata: make the sequence counter an atomic_t
    crypto: caam - Modify the interface layers to use JR API's
    crypto: caam - Add API's to allocate/free Job Rings
    crypto: caam - Add Platform driver for Job Ring
    hwrng: msm - Add PRNG support for MSM SoC's
    ARM: DT: msm: Add Qualcomm's PRNG driver binding document
    crypto: skcipher - Use eseqiv even on UP machines
    crypto: talitos - Simplify key parsing
    crypto: picoxcell - Simplify and harden key parsing
    crypto: ixp4xx - Simplify and harden key parsing
    crypto: authencesn - Simplify key parsing
    crypto: authenc - Export key parsing helper function
    crypto: mv_cesa: remove deprecated IRQF_DISABLED
    hwrng: OMAP3 ROM Random Number Generator support
    crypto: sha256_ssse3 - also test for BMI2
    crypto: mv_cesa - Remove redundant of_match_ptr
    crypto: sahara - Remove redundant of_match_ptr
    ...

    Linus Torvalds
     

22 Nov, 2013

1 commit

  • 78dc53c42   Merge branch 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security ... Browse Code »

    Pull security subsystem updates from James Morris:
    "In this patchset, we finally get an SELinux update, with Paul Moore
    taking over as maintainer of that code.

    Also a significant update for the Keys subsystem, as well as
    maintenance updates to Smack, IMA, TPM, and Apparmor"

    and since I wanted to know more about the updates to key handling,
    here's the explanation from David Howells on that:

    "Okay. There are a number of separate bits. I'll go over the big bits
    and the odd important other bit, most of the smaller bits are just
    fixes and cleanups. If you want the small bits accounting for, I can
    do that too.

    (1) Keyring capacity expansion.

    KEYS: Consolidate the concept of an 'index key' for key access
    KEYS: Introduce a search context structure
    KEYS: Search for auth-key by name rather than target key ID
    Add a generic associative array implementation.
    KEYS: Expand the capacity of a keyring

    Several of the patches are providing an expansion of the capacity of a
    keyring. Currently, the maximum size of a keyring payload is one page.
    Subtract a small header and then divide up into pointers, that only gives
    you ~500 pointers on an x86_64 box. However, since the NFS idmapper uses
    a keyring to store ID mapping data, that has proven to be insufficient to
    the cause.

    Whatever data structure I use to handle the keyring payload, it can only
    store pointers to keys, not the keys themselves because several keyrings
    may point to a single key. This precludes inserting, say, and rb_node
    struct into the key struct for this purpose.

    I could make an rbtree of records such that each record has an rb_node
    and a key pointer, but that would use four words of space per key stored
    in the keyring. It would, however, be able to use much existing code.

    I selected instead a non-rebalancing radix-tree type approach as that
    could have a better space-used/key-pointer ratio. I could have used the
    radix tree implementation that we already have and insert keys into it by
    their serial numbers, but that means any sort of search must iterate over
    the whole radix tree. Further, its nodes are a bit on the capacious side
    for what I want - especially given that key serial numbers are randomly
    allocated, thus leaving a lot of empty space in the tree.

    So what I have is an associative array that internally is a radix-tree
    with 16 pointers per node where the index key is constructed from the key
    type pointer and the key description. This means that an exact lookup by
    type+description is very fast as this tells us how to navigate directly to
    the target key.

    I made the data structure general in lib/assoc_array.c as far as it is
    concerned, its index key is just a sequence of bits that leads to a
    pointer. It's possible that someone else will be able to make use of it
    also. FS-Cache might, for example.

    (2) Mark keys as 'trusted' and keyrings as 'trusted only'.

    KEYS: verify a certificate is signed by a 'trusted' key
    KEYS: Make the system 'trusted' keyring viewable by userspace
    KEYS: Add a 'trusted' flag and a 'trusted only' flag
    KEYS: Separate the kernel signature checking keyring from module signing

    These patches allow keys carrying asymmetric public keys to be marked as
    being 'trusted' and allow keyrings to be marked as only permitting the
    addition or linkage of trusted keys.

    Keys loaded from hardware during kernel boot or compiled into the kernel
    during build are marked as being trusted automatically. New keys can be
    loaded at runtime with add_key(). They are checked against the system
    keyring contents and if their signatures can be validated with keys that
    are already marked trusted, then they are marked trusted also and can
    thus be added into the master keyring.

    Patches from Mimi Zohar make this usable with the IMA keyrings also.

    (3) Remove the date checks on the key used to validate a module signature.

    X.509: Remove certificate date checks

    It's not reasonable to reject a signature just because the key that it was
    generated with is no longer valid datewise - especially if the kernel
    hasn't yet managed to set the system clock when the first module is
    loaded - so just remove those checks.

    (4) Make it simpler to deal with additional X.509 being loaded into the kernel.

    KEYS: Load *.x509 files into kernel keyring
    KEYS: Have make canonicalise the paths of the X.509 certs better to deduplicate

    The builder of the kernel now just places files with the extension ".x509"
    into the kernel source or build trees and they're concatenated by the
    kernel build and stuffed into the appropriate section.

    (5) Add support for userspace kerberos to use keyrings.

    KEYS: Add per-user_namespace registers for persistent per-UID kerberos caches
    KEYS: Implement a big key type that can save to tmpfs

    Fedora went to, by default, storing kerberos tickets and tokens in tmpfs.
    We looked at storing it in keyrings instead as that confers certain
    advantages such as tickets being automatically deleted after a certain
    amount of time and the ability for the kernel to get at these tokens more
    easily.

    To make this work, two things were needed:

    (a) A way for the tickets to persist beyond the lifetime of all a user's
    sessions so that cron-driven processes can still use them.

    The problem is that a user's session keyrings are deleted when the
    session that spawned them logs out and the user's user keyring is
    deleted when the UID is deleted (typically when the last log out
    happens), so neither of these places is suitable.

    I've added a system keyring into which a 'persistent' keyring is
    created for each UID on request. Each time a user requests their
    persistent keyring, the expiry time on it is set anew. If the user
    doesn't ask for it for, say, three days, the keyring is automatically
    expired and garbage collected using the existing gc. All the kerberos
    tokens it held are then also gc'd.

    (b) A key type that can hold really big tickets (up to 1MB in size).

    The problem is that Active Directory can return huge tickets with lots
    of auxiliary data attached. We don't, however, want to eat up huge
    tracts of unswappable kernel space for this, so if the ticket is
    greater than a certain size, we create a swappable shmem file and dump
    the contents in there and just live with the fact we then have an
    inode and a dentry overhead. If the ticket is smaller than that, we
    slap it in a kmalloc()'d buffer"

    * 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (121 commits)
    KEYS: Fix keyring content gc scanner
    KEYS: Fix error handling in big_key instantiation
    KEYS: Fix UID check in keyctl_get_persistent()
    KEYS: The RSA public key algorithm needs to select MPILIB
    ima: define '_ima' as a builtin 'trusted' keyring
    ima: extend the measurement list to include the file signature
    kernel/system_certificate.S: use real contents instead of macro GLOBAL()
    KEYS: fix error return code in big_key_instantiate()
    KEYS: Fix keyring quota misaccounting on key replacement and unlink
    KEYS: Fix a race between negating a key and reading the error set
    KEYS: Make BIG_KEYS boolean
    apparmor: remove the "task" arg from may_change_ptraced_domain()
    apparmor: remove parent task info from audit logging
    apparmor: remove tsk field from the apparmor_audit_struct
    apparmor: fix capability to not use the current task, during reporting
    Smack: Ptrace access check mode
    ima: provide hash algo info in the xattr
    ima: enable support for larger default filedata hash algorithms
    ima: define kernel parameter 'ima_template=' to change configured default
    ima: add Kconfig default measurement list template
    ...

    Linus Torvalds
     

26 Oct, 2013

1 commit

  • ee08997fe   crypto: provide single place for hash algo information ... Browse Code »

    This patch provides a single place for information about hash algorithms,
    such as hash sizes and kernel driver names, which will be used by IMA
    and the public key code.

    Changelog:
    - Fix sparse and checkpatch warnings
    - Move hash algo enums to uapi for userspace signing functions.

    Signed-off-by: Dmitry Kasatkin
    Signed-off-by: Mimi Zohar
    Acked-by: Herbert Xu

    Dmitry Kasatkin
     

05 Oct, 2013

1 commit

  • e4e7f10bf   ARM: add support for bit sliced AES using NEON instructions ... Browse Code »
    15

    Bit sliced AES gives around 45% speedup on Cortex-A15 for encryption
    and around 25% for decryption. This implementation of the AES algorithm
    does not rely on any lookup tables so it is believed to be invulnerable
    to cache timing attacks.

    This algorithm processes up to 8 blocks in parallel in constant time. This
    means that it is not usable by chaining modes that are strictly sequential
    in nature, such as CBC encryption. CBC decryption, however, can benefit from
    this implementation and runs about 25% faster. The other chaining modes
    implemented in this module, XTS and CTR, can execute fully in parallel in
    both directions.

    The core code has been adopted from the OpenSSL project (in collaboration
    with the original author, on cc). For ease of maintenance, this version is
    identical to the upstream OpenSSL code, i.e., all modifications that were
    required to make it suitable for inclusion into the kernel have been made
    upstream. The original can be found here:

    http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6f6a6130

    Note to integrators:
    While this implementation is significantly faster than the existing table
    based ones (generic or ARM asm), especially in CTR mode, the effects on
    power efficiency are unclear as of yet. This code does fundamentally more
    work, by calculating values that the table based code obtains by a simple
    lookup; only by doing all of that work in a SIMD fashion, it manages to
    perform better.

    Cc: Andy Polyakov
    Acked-by: Nicolas Pitre
    Signed-off-by: Ard Biesheuvel

    Ard Biesheuvel
     

24 Sep, 2013

2 commits

07 Sep, 2013

1 commit

25 Jul, 2013

1 commit

  • b48a97be8   Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 ... Browse Code »

    Pull crypto fixes from Herbert Xu:
    "This push fixes a memory corruption issue in caam, as well as
    reverting the new optimised crct10dif implementation as it breaks boot
    on initrd systems.

    Hopefully crct10dif will be reinstated once the supporting code is
    added so that it doesn't break boot"

    * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
    Revert "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework"
    crypto: caam - Fixed the memory out of bound overwrite issue

    Linus Torvalds
     

24 Jul, 2013

1 commit

  • e70308ec0   Revert "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework" ... Browse Code »

    This reverts commits
    67822649d7305caf3dd50ed46c27b99c94eff996
    39761214eefc6b070f29402aa1165f24d789b3f7
    0b95a7f85718adcbba36407ef88bba0a7379ed03
    31d939625a9a20b1badd2d4e6bf6fd39fa523405
    2d31e518a42828df7877bca23a958627d60408bc

    Unfortunately this change broke boot on some systems that used an
    initrd which does not include the newly created crct10dif modules.
    As these modules are required by sd_mod under certain configurations
    this is a serious problem.

    Signed-off-by: Herbert Xu

    Herbert Xu
     

10 Jul, 2013

1 commit

  • 0ea8530dc   crypto: add lz4 Cryptographic API ... Browse Code »

    Add support for lz4 and lz4hc compression algorithm using the lib/lz4/*
    codebase.

    [akpm@linux-foundation.org: fix warnings]
    Signed-off-by: Chanho Min
    Cc: "Darrick J. Wong"
    Cc: Bob Pearson
    Cc: Richard Weinberger
    Cc: Herbert Xu
    Cc: Yann Collet
    Cc: Kyungsik Lee
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Chanho Min
     

21 Jun, 2013

2 commits

  • 99f42f937   Revert "crypto: twofish - add AVX2/x86_64 assembler implementation of twofish cipher" ... Browse Code »

    This reverts commit cf1521a1a5e21fd1e79a458605c4282fbfbbeee2.

    Instruction (vpgatherdd) that this implementation relied on turned out to be
    slow performer on real hardware (i5-4570). The previous 8-way twofish/AVX
    implementation is therefore faster and this implementation should be removed.

    Converting this implementation to use the same method as in twofish/AVX for
    table look-ups would give additional ~3% speed up vs twofish/AVX, but would
    hardly be worth of the added code and binary size.

    Signed-off-by: Jussi Kivilinna
    Signed-off-by: Herbert Xu

    Jussi Kivilinna
     
  • 3d387ef08   Revert "crypto: blowfish - add AVX2/x86_64 implementation of blowfish cipher" ... Browse Code »

    This reverts commit 604880107010a1e5794552d184cd5471ea31b973.

    Instruction (vpgatherdd) that this implementation relied on turned out to be
    slow performer on real hardware (i5-4570). The previous 4-way blowfish
    implementation is therefore faster and this implementation should be removed.

    Signed-off-by: Jussi Kivilinna
    Signed-off-by: Herbert Xu

    Jussi Kivilinna
     

24 May, 2013

1 commit

20 May, 2013

1 commit

25 Apr, 2013

10 commits

26 Feb, 2013

2 commits

  • ca81a1a1b   crypto: crc32c - Kill pointless CRYPTO_CRC32C_X86_64 option ... Browse Code »

    This bool option can never be set to anything other than y. So
    let's just kill it.

    Signed-off-by: Herbert Xu

    Herbert Xu
     
  • 32dc43e40   Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 ... Browse Code »

    Pull crypto update from Herbert Xu:
    "Here is the crypto update for 3.9:

    - Added accelerated implementation of crc32 using pclmulqdq.

    - Added test vector for fcrypt.

    - Added support for OMAP4/AM33XX cipher and hash.

    - Fixed loose crypto_user input checks.

    - Misc fixes"

    * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (43 commits)
    crypto: user - ensure user supplied strings are nul-terminated
    crypto: user - fix empty string test in report API
    crypto: user - fix info leaks in report API
    crypto: caam - Added property fsl,sec-era in SEC4.0 device tree binding.
    crypto: use ERR_CAST
    crypto: atmel-aes - adjust duplicate test
    crypto: crc32-pclmul - Kill warning on x86-32
    crypto: x86/twofish - assembler clean-ups: use ENTRY/ENDPROC, localize jump labels
    crypto: x86/sha1 - assembler clean-ups: use ENTRY/ENDPROC
    crypto: x86/serpent - use ENTRY/ENDPROC for assember functions and localize jump targets
    crypto: x86/salsa20 - assembler cleanup, use ENTRY/ENDPROC for assember functions and rename ECRYPT_* to salsa20_*
    crypto: x86/ghash - assembler clean-up: use ENDPROC at end of assember functions
    crypto: x86/crc32c - assembler clean-up: use ENTRY/ENDPROC
    crypto: cast6-avx: use ENTRY()/ENDPROC() for assembler functions
    crypto: cast5-avx: use ENTRY()/ENDPROC() for assembler functions and localize jump targets
    crypto: camellia-x86_64/aes-ni: use ENTRY()/ENDPROC() for assembler functions and localize jump targets
    crypto: blowfish-x86_64: use ENTRY()/ENDPROC() for assembler functions and localize jump targets
    crypto: aesni-intel - add ENDPROC statements for assembler functions
    crypto: x86/aes - assembler clean-ups: use ENTRY/ENDPROC, localize jump targets
    crypto: testmgr - add test vector for fcrypt
    ...

    Linus Torvalds
     

24 Feb, 2013

1 commit

  • 9d3cae26a   Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc ... Browse Code »

    Pull powerpc updates from Benjamin Herrenschmidt:
    "So from the depth of frozen Minnesota, here's the powerpc pull request
    for 3.9. It has a few interesting highlights, in addition to the
    usual bunch of bug fixes, minor updates, embedded device tree updates
    and new boards:

    - Hand tuned asm implementation of SHA1 (by Paulus & Michael
    Ellerman)

    - Support for Doorbell interrupts on Power8 (kind of fast
    thread-thread IPIs) by Ian Munsie

    - Long overdue cleanup of the way we handle relocation of our open
    firmware trampoline (prom_init.c) on 64-bit by Anton Blanchard

    - Support for saving/restoring & context switching the PPR (Processor
    Priority Register) on server processors that support it. This
    allows the kernel to preserve thread priorities established by
    userspace. By Haren Myneni.

    - DAWR (new watchpoint facility) support on Power8 by Michael Neuling

    - Ability to change the DSCR (Data Stream Control Register) which
    controls cache prefetching on a running process via ptrace by
    Alexey Kardashevskiy

    - Support for context switching the TAR register on Power8 (new
    branch target register meant to be used by some new specific
    userspace perf event interrupt facility which is yet to be enabled)
    by Ian Munsie.

    - Improve preservation of the CFAR register (which captures the
    origin of a branch) on various exception conditions by Paulus.

    - Move the Bestcomm DMA driver from arch powerpc to drivers/dma where
    it belongs by Philippe De Muyter

    - Support for Transactional Memory on Power8 by Michael Neuling
    (based on original work by Matt Evans). For those curious about
    the feature, the patch contains a pretty good description."

    (See commit db8ff907027b: "powerpc: Documentation for transactional
    memory on powerpc" for the mentioned description added to the file
    Documentation/powerpc/transactional_memory.txt)

    * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc: (140 commits)
    powerpc/kexec: Disable hard IRQ before kexec
    powerpc/85xx: l2sram - Add compatible string for BSC9131 platform
    powerpc/85xx: bsc9131 - Correct typo in SDHC device node
    powerpc/e500/qemu-e500: enable coreint
    powerpc/mpic: allow coreint to be determined by MPIC version
    powerpc/fsl_pci: Store the pci ctlr device ptr in the pci ctlr struct
    powerpc/85xx: Board support for ppa8548
    powerpc/fsl: remove extraneous DIU platform functions
    arch/powerpc/platforms/85xx/p1022_ds.c: adjust duplicate test
    powerpc: Documentation for transactional memory on powerpc
    powerpc: Add transactional memory to pseries and ppc64 defconfigs
    powerpc: Add config option for transactional memory
    powerpc: Add transactional memory to POWER8 cpu features
    powerpc: Add new transactional memory state to the signal context
    powerpc: Hook in new transactional memory code
    powerpc: Routines for FP/VSX/VMX unavailable during a transaction
    powerpc: Add transactional memory unavaliable execption handler
    powerpc: Add reclaim and recheckpoint functions for context switching transactional memory processes
    powerpc: Add FP/VSX and VMX register load functions for transactional memory
    powerpc: Add helper functions for transactional memory context switching
    ...

    Linus Torvalds
     

20 Jan, 2013

1 commit

  • 78c37d191   crypto: crc32 - add crc32 pclmulqdq implementation and wrappers for table implementation ... Browse Code »

    This patch adds crc32 algorithms to shash crypto api. One is wrapper to
    gerneric crc32_le function. Second is crc32 pclmulqdq implementation. It
    use hardware provided PCLMULQDQ instruction to accelerate the CRC32 disposal.
    This instruction present from Intel Westmere and AMD Bulldozer CPUs.

    For intel core i5 I got 450MB/s for table implementation and 2100MB/s
    for pclmulqdq implementation.

    Signed-off-by: Alexander Boyko
    Signed-off-by: Herbert Xu

    Alexander Boyko
     

12 Jan, 2013

1 commit

  • 3b4afaf29   crypto: remove depends on CONFIG_EXPERIMENTAL ... Browse Code »

    The CONFIG_EXPERIMENTAL config item has not carried much meaning for a
    while now and is almost always enabled by default. As agreed during the
    Linux kernel summit, remove it from any "depends on" lines in Kconfigs.

    CC: Herbert Xu
    CC: "David S. Miller"
    Signed-off-by: Kees Cook
    Acked-by: David S. Miller

    Kees Cook
     

10 Jan, 2013

1 commit

  • 323a6bf1d   powerpc: Add a powerpc implementation of SHA-1 ... Browse Code »

    This patch adds a crypto driver which provides a powerpc accelerated
    implementation of SHA-1, accelerated in that it is written in asm.

    Original patch by Paul, minor fixups for upstream by moi.

    Lightly tested on 64-bit with the test program here:

    http://michael.ellerman.id.au/files/junkcode/sha1test.c

    Seems to work, and is "not slower" than the generic version.

    Needs testing on 32-bit.

    Signed-off-by: Paul Mackerras
    Signed-off-by: Michael Ellerman
    Signed-off-by: Benjamin Herrenschmidt

    Michael Ellerman
     

06 Dec, 2012

1 commit

09 Nov, 2012

1 commit

  • d9b1d2e7e   crypto: camellia - add AES-NI/AVX/x86_64 assembler implementation of camellia cipher ... Browse Code »

    This patch adds AES-NI/AVX/x86_64 assembler implementation of Camellia block
    cipher. Implementation process data in sixteen block chunks, which are
    byte-sliced and AES SubBytes is reused for Camellia s-box with help of pre-
    and post-filtering.

    Patch has been tested with tcrypt and automated filesystem tests.

    tcrypt test results:

    Intel Core i5-2450M:

    camellia-aesni-avx vs camellia-asm-x86_64-2way:
    128bit key: (lrw:256bit) (xts:256bit)
    size ecb-enc ecb-dec cbc-enc cbc-dec ctr-enc ctr-dec lrw-enc lrw-dec xts-enc xts-dec
    16B 0.98x 0.96x 0.99x 0.96x 0.96x 0.95x 0.95x 0.94x 0.97x 0.98x
    64B 0.99x 0.98x 1.00x 0.98x 0.98x 0.99x 0.98x 0.93x 0.99x 0.98x
    256B 2.28x 2.28x 1.01x 2.29x 2.25x 2.24x 1.96x 1.97x 1.91x 1.90x
    1024B 2.57x 2.56x 1.00x 2.57x 2.51x 2.53x 2.19x 2.17x 2.19x 2.22x
    8192B 2.49x 2.49x 1.00x 2.53x 2.48x 2.49x 2.17x 2.17x 2.22x 2.22x

    256bit key: (lrw:384bit) (xts:512bit)
    size ecb-enc ecb-dec cbc-enc cbc-dec ctr-enc ctr-dec lrw-enc lrw-dec xts-enc xts-dec
    16B 0.97x 0.98x 0.99x 0.97x 0.97x 0.96x 0.97x 0.98x 0.98x 0.99x
    64B 1.00x 1.00x 1.01x 0.99x 0.98x 0.99x 0.99x 0.99x 0.99x 0.99x
    256B 2.37x 2.37x 1.01x 2.39x 2.35x 2.33x 2.10x 2.11x 1.99x 2.02x
    1024B 2.58x 2.60x 1.00x 2.58x 2.56x 2.56x 2.28x 2.29x 2.28x 2.29x
    8192B 2.50x 2.52x 1.00x 2.56x 2.51x 2.51x 2.24x 2.25x 2.26x 2.29x

    Signed-off-by: Jussi Kivilinna
    Acked-by: David S. Miller
    Signed-off-by: Herbert Xu

    Jussi Kivilinna
     

15 Oct, 2012

2 commits

  • 6a8ce1ef3   crypto: crc32c - Optimize CRC32C calculation with PCLMULQDQ instruction ... Browse Code »

    This patch adds the crc_pcl function that calculates CRC32C checksum using the
    PCLMULQDQ instruction on processors that support this feature. This will
    provide speedup over using CRC32 instruction only.
    The usage of PCLMULQDQ necessitate the invocation of kernel_fpu_begin and
    kernel_fpu_end and incur some overhead. So the new crc_pcl function is only
    invoked for buffer size of 512 bytes or more. Larger sized
    buffers will expect to see greater speedup. This feature is best used coupled
    with eager_fpu which reduces the kernel_fpu_begin/end overhead. For
    buffer size of 1K the speedup is around 1.6x and for buffer size greater than
    4K, the speedup is around 3x compared to original implementation in crc32c-intel
    module. Test was performed on Sandy Bridge based platform with constant frequency
    set for cpu.

    A white paper detailing the algorithm can be found here:
    http://download.intel.com/design/intarch/papers/323405.pdf

    Signed-off-by: Tim Chen
    Signed-off-by: Herbert Xu

    Tim Chen
     
  • d25282d1c   Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux ... Browse Code »

    Pull module signing support from Rusty Russell:
    "module signing is the highlight, but it's an all-over David Howells frenzy..."

    Hmm "Magrathea: Glacier signing key". Somebody has been reading too much HHGTTG.

    * 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux: (37 commits)
    X.509: Fix indefinite length element skip error handling
    X.509: Convert some printk calls to pr_devel
    asymmetric keys: fix printk format warning
    MODSIGN: Fix 32-bit overflow in X.509 certificate validity date checking
    MODSIGN: Make mrproper should remove generated files.
    MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs
    MODSIGN: Use the same digest for the autogen key sig as for the module sig
    MODSIGN: Sign modules during the build process
    MODSIGN: Provide a script for generating a key ID from an X.509 cert
    MODSIGN: Implement module signature checking
    MODSIGN: Provide module signing public keys to the kernel
    MODSIGN: Automatically generate module signing keys if missing
    MODSIGN: Provide Kconfig options
    MODSIGN: Provide gitignore and make clean rules for extra files
    MODSIGN: Add FIPS policy
    module: signature checking hook
    X.509: Add a crypto key parser for binary (DER) X.509 certificates
    MPILIB: Provide a function to read raw data into an MPI
    X.509: Add an ASN.1 decoder
    X.509: Add simple ASN.1 grammar compiler
    ...

    Linus Torvalds
     

08 Oct, 2012

1 commit

  • 964f3b3bf   KEYS: Implement asymmetric key type ... Browse Code »

    Create a key type that can be used to represent an asymmetric key type for use
    in appropriate cryptographic operations, such as encryption, decryption,
    signature generation and signature verification.

    The key type is "asymmetric" and can provide access to a variety of
    cryptographic algorithms.

    Possibly, this would be better as "public_key" - but that has the disadvantage
    that "public key" is an overloaded term.

    Signed-off-by: David Howells
    Signed-off-by: Rusty Russell

    David Howells
     

05 Oct, 2012

1 commit

  • d66e6737d   Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 ... Browse Code »

    Pull crypto update from Herbert Xu:
    - Optimised AES/SHA1 for ARM.
    - IPsec ESN support in talitos and caam.
    - x86_64/avx implementation of cast5/cast6.
    - Add/use multi-algorithm registration helpers where possible.
    - Added IBM Power7+ in-Nest support.
    - Misc fixes.

    Fix up trivial conflicts in crypto/Kconfig due to the sparc64 crypto
    config options being added next to the new ARM ones.

    [ Side note: cut-and-paste duplicate help texts make those conflicts
    harder to read than necessary, thanks to git being smart about
    minimizing conflicts and maximizing the common parts... ]

    * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (71 commits)
    crypto: x86/glue_helper - fix storing of new IV in CBC encryption
    crypto: cast5/avx - fix storing of new IV in CBC encryption
    crypto: tcrypt - add missing tests for camellia and ghash
    crypto: testmgr - make test_aead also test 'dst != src' code paths
    crypto: testmgr - make test_skcipher also test 'dst != src' code paths
    crypto: testmgr - add test vectors for CTR mode IV increasement
    crypto: testmgr - add test vectors for partial ctr(cast5) and ctr(cast6)
    crypto: testmgr - allow non-multi page and multi page skcipher tests from same test template
    crypto: caam - increase TRNG clocks per sample
    crypto, tcrypt: remove local_bh_disable/enable() around local_irq_disable/enable()
    crypto: tegra-aes - fix error return code
    crypto: crypto4xx - fix error return code
    crypto: hifn_795x - fix error return code
    crypto: ux500 - fix error return code
    crypto: caam - fix error IDs for SEC v5.x RNG4
    hwrng: mxc-rnga - Access data via structure
    hwrng: mxc-rnga - Adapt clocks to new i.mx clock framework
    crypto: caam - add IPsec ESN support
    crypto: 842 - remove .cra_list initialization
    Revert "[CRYPTO] cast6: inline bloat--"
    ...

    Linus Torvalds
     

03 Oct, 2012

1 commit

07 Sep, 2012

1 commit

  • f0be44f4f   arm/crypto: Add optimized AES and SHA1 routines ... Browse Code »

    Add assembler versions of AES and SHA1 for ARM platforms. This has provided
    up to a 50% improvement in IPsec/TCP throughout for tunnels using AES128/SHA1.

    Platform CPU SPeed Endian Before (bps) After (bps) Improvement

    IXP425 533 MHz big 11217042 15566294 ~38%
    KS8695 166 MHz little 3828549 5795373 ~51%

    Signed-off-by: David McCullough
    Signed-off-by: Herbert Xu

    David McCullough
     

29 Aug, 2012

1 commit