From patchwork Thu Dec 17 22:21:27 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 11980859 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C0500C4361B for ; Thu, 17 Dec 2020 22:26:45 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1D8832376F for ; Thu, 17 Dec 2020 22:26:45 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1D8832376F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:To:From: Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender :Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Owner; bh=nJmF7PqtwelOD7btEF91+51PpdDNnQyqVe7/wJCXdsc=; b=xVsvPzbAy9qX/tN/6rXHONl0mI 6CIB0KOwDQaKhbOqrLVS4vN4qmMqhuhuCP5+Olmj7A+7ayeUZyUZxUjpjonIepTYonFuTE+EdW56d waSw44LsJ+MedGzLTBDM/tFYmFpQ5XgnsWMCzjSbR9A1qKV0sXaGxY+g0R6UzV3Se4IpoFphBaEqo 3BonNFLMTSvyxSOwnBJ6NnMMo0Av6SqoUkBkzSSVgaPil6lQOsGSkkI5od2lHnItK014q/ZfRyj4M wWM1rOeJDCXeA2BZs7qpS53HzVI4/6R60i+PoGND+u07IoCNNdGJTcpbMhDqZ6ubh5Gn0ypAViFkO pOW9ybgg==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kq1hq-0000hf-RN; Thu, 17 Dec 2020 22:25:06 +0000 Received: from mail.kernel.org ([198.145.29.99]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1kq1hl-0000em-8A for linux-arm-kernel@lists.infradead.org; Thu, 17 Dec 2020 22:25:02 +0000 From: Eric Biggers Authentication-Results: mail.kernel.org; dkim=permerror (bad message/signature format) To: linux-crypto@vger.kernel.org Subject: [PATCH v2 00/11] crypto: arm32-optimized BLAKE2b and BLAKE2s Date: Thu, 17 Dec 2020 14:21:27 -0800 Message-Id: <20201217222138.170526-1-ebiggers@kernel.org> X-Mailer: git-send-email 2.29.2 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201217_172501_430742_F64AE9BA X-CRM114-Status: GOOD ( 11.95 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Jason A . Donenfeld" , Herbert Xu , David Sterba , Ard Biesheuvel , linux-arm-kernel@lists.infradead.org, Paul Crowley Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This patchset adds 32-bit ARM assembly language implementations of BLAKE2b and BLAKE2s. The BLAKE2b implementation is NEON-accelerated, while the BLAKE2s implementation uses scalar instructions since NEON doesn't work very well for it. The BLAKE2b implementation is faster and is expected to be useful as a replacement for SHA-1 in dm-verity, while the BLAKE2s implementation would be useful for WireGuard which uses BLAKE2s. Both implementations are provided via the shash API, while BLAKE2s is also provided via the library API. While adding these, I also reworked the generic implementations of BLAKE2b and BLAKE2s to provide helper functions that make implementing other "shash" providers for these algorithms much easier. See the individual commits for full details, including benchmarks. This patchset was tested on a Raspberry Pi 2 (which uses a Cortex-A7 processor) with CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y, plus other tests. This patchset applies to mainline commit 0c6c887835b5. Changed since v1: - Added BLAKE2s implementation. - Adjusted the BLAKE2b helper functions to be consistent with what I decided to do for BLAKE2s. - Fixed build error in blake2b-neon-core.S in some configurations. Eric Biggers (11): crypto: blake2b - rename constants for consistency with blake2s crypto: blake2b - define shash_alg structs using macros crypto: blake2b - export helpers for optimized implementations crypto: blake2b - update file comment crypto: arm/blake2b - add NEON-accelerated BLAKE2b crypto: blake2s - define shash_alg structs using macros crypto: x86/blake2s - define shash_alg structs using macros crypto: blake2s - remove unneeded includes crypto: blake2s - share the "shash" API boilerplate code crypto: arm/blake2s - add ARM scalar optimized BLAKE2s wireguard: Kconfig: select CRYPTO_BLAKE2S_ARM arch/arm/crypto/Kconfig | 20 ++ arch/arm/crypto/Makefile | 4 + arch/arm/crypto/blake2b-neon-core.S | 345 ++++++++++++++++++++++++++++ arch/arm/crypto/blake2b-neon-glue.c | 105 +++++++++ arch/arm/crypto/blake2s-core.S | 272 ++++++++++++++++++++++ arch/arm/crypto/blake2s-glue.c | 78 +++++++ arch/x86/crypto/blake2s-glue.c | 150 +++--------- crypto/Kconfig | 5 + crypto/Makefile | 1 + crypto/blake2b_generic.c | 200 +++++++--------- crypto/blake2s_generic.c | 161 +++---------- crypto/blake2s_helpers.c | 87 +++++++ drivers/net/Kconfig | 1 + include/crypto/blake2b.h | 27 +++ include/crypto/internal/blake2b.h | 33 +++ include/crypto/internal/blake2s.h | 17 ++ 16 files changed, 1139 insertions(+), 367 deletions(-) create mode 100644 arch/arm/crypto/blake2b-neon-core.S create mode 100644 arch/arm/crypto/blake2b-neon-glue.c create mode 100644 arch/arm/crypto/blake2s-core.S create mode 100644 arch/arm/crypto/blake2s-glue.c create mode 100644 crypto/blake2s_helpers.c create mode 100644 include/crypto/blake2b.h create mode 100644 include/crypto/internal/blake2b.h base-commit: 0c6c887835b59c10602add88057c9c06f265effe Acked-by: Ard Biesheuvel