| Message ID | 20190811225912.19412-1-ard.biesheuvel@linaro.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | crypto: aegis128 followup | expand |
On Mon, Aug 12, 2019 at 01:59:09AM +0300, Ard Biesheuvel wrote: > This series resubmits the aegis128 SIMD patches that were reverted due to > the fact that the compiler's optimization behavior wrt variables with static > linkage does not turn out to guarantee that function calls that are > conditional on the value of such a variable are optimized away if the value > is a compile time constant and the condition evaluates to false at compile > time as well. > > Changes since v1: > - minor tweaks to #2 to drop a memset() invocation from the decrypt path, > and some temp vars in various places > - update the NEON code in #3 so it builds with Clang as well as GCC (and > drop the RFC annotation) > > Patch #1 reintroduces the changes to the generic code to permit SIMD > routines to be attached to the aegis128 driver. This time, the conditional > check is pulled into a helper function which collapses to 'return false' > if the CONFIG_CRYPTO_AEGIS128_SIMD Kconfig symbol is not set. (This has > been confirmed by one of the reporters of the original issue as sufficient > to address the problem). > > Patch #2 is mostly unchanged wrt the version that got reverted, only some > inline annotations were added back. > > Patch #3 is new and implements the SIMD routines for arm64 without using > the optional AES instructions, but using plain SIMD arithmetic instead. > This is much slower than AES instructions, but still substantially more > efficient than table based scalar AES on systems where memory accesses are > expensive, such as the Raspberry Pi 3 (which does not implement the AES > instructions) > > Ard Biesheuvel (3): > crypto: aegis128 - add support for SIMD acceleration > crypto: aegis128 - provide a SIMD implementation based on NEON > intrinsics > crypto: arm64/aegis128 - implement plain NEON version > > crypto/Kconfig | 5 + > crypto/Makefile | 20 ++ > crypto/{aegis128.c => aegis128-core.c} | 52 ++++- > crypto/aegis128-neon-inner.c | 212 ++++++++++++++++++++ > crypto/aegis128-neon.c | 49 +++++ > 5 files changed, 334 insertions(+), 4 deletions(-) > rename crypto/{aegis128.c => aegis128-core.c} (89%) > create mode 100644 crypto/aegis128-neon-inner.c > create mode 100644 crypto/aegis128-neon.c All applied. Thanks.
This series resubmits the aegis128 SIMD patches that were reverted due to the fact that the compiler's optimization behavior wrt variables with static linkage does not turn out to guarantee that function calls that are conditional on the value of such a variable are optimized away if the value is a compile time constant and the condition evaluates to false at compile time as well. Changes since v1: - minor tweaks to #2 to drop a memset() invocation from the decrypt path, and some temp vars in various places - update the NEON code in #3 so it builds with Clang as well as GCC (and drop the RFC annotation) Patch #1 reintroduces the changes to the generic code to permit SIMD routines to be attached to the aegis128 driver. This time, the conditional check is pulled into a helper function which collapses to 'return false' if the CONFIG_CRYPTO_AEGIS128_SIMD Kconfig symbol is not set. (This has been confirmed by one of the reporters of the original issue as sufficient to address the problem). Patch #2 is mostly unchanged wrt the version that got reverted, only some inline annotations were added back. Patch #3 is new and implements the SIMD routines for arm64 without using the optional AES instructions, but using plain SIMD arithmetic instead. This is much slower than AES instructions, but still substantially more efficient than table based scalar AES on systems where memory accesses are expensive, such as the Raspberry Pi 3 (which does not implement the AES instructions) Ard Biesheuvel (3): crypto: aegis128 - add support for SIMD acceleration crypto: aegis128 - provide a SIMD implementation based on NEON intrinsics crypto: arm64/aegis128 - implement plain NEON version crypto/Kconfig | 5 + crypto/Makefile | 20 ++ crypto/{aegis128.c => aegis128-core.c} | 52 ++++- crypto/aegis128-neon-inner.c | 212 ++++++++++++++++++++ crypto/aegis128-neon.c | 49 +++++ 5 files changed, 334 insertions(+), 4 deletions(-) rename crypto/{aegis128.c => aegis128-core.c} (89%) create mode 100644 crypto/aegis128-neon-inner.c create mode 100644 crypto/aegis128-neon.c