summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-04-25crypto: twofish - add AVX2/x86_64 assembler implementation of twofish cipherJussi Kivilinna
Patch adds AVX2/x86-64 implementation of Twofish cipher, requiring 16 parallel blocks for input (256 bytes). Table look-ups are performed using vpgatherdd instruction directly from vector registers and thus should be faster than earlier implementations. Implementation also uses 256-bit wide YMM registers, which should give additional speed up compared to the AVX implementation. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: blowfish - add AVX2/x86_64 implementation of blowfish cipherJussi Kivilinna
Patch adds AVX2/x86-64 implementation of Blowfish cipher, requiring 32 parallel blocks for input (256 bytes). Table look-ups are performed using vpgatherdd instruction directly from vector registers and thus should be faster than earlier implementations. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: tcrypt - add async cipher speed tests for blowfishJussi Kivilinna
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: testmgr - extend camellia test-vectors for camellia-aesni/avx2Jussi Kivilinna
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: aesni_intel - fix Kconfig problem with CRYPTO_GLUE_HELPER_X86Jussi Kivilinna
The Kconfig setting for glue helper module is CRYPTO_GLUE_HELPER_X86, but recent change for aesni_intel used CRYPTO_GLUE_HELPER instead. Patch corrects this issue. Cc: kbuild-all@01.org Reported-by: kbuild test robot <fengguang.wu@intel.com> Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: aesni_intel - add more optimized XTS mode for x86-64Jussi Kivilinna
Add more optimized XTS code for aesni_intel in 64-bit mode, for smaller stack usage and boost for speed. tcrypt results, with Intel i5-2450M: 256-bit key enc dec 16B 0.98x 0.99x 64B 0.64x 0.63x 256B 1.29x 1.32x 1024B 1.54x 1.58x 8192B 1.57x 1.60x 512-bit key enc dec 16B 0.98x 0.99x 64B 0.60x 0.59x 256B 1.24x 1.25x 1024B 1.39x 1.42x 8192B 1.38x 1.42x I chose not to optimize smaller than block size of 256 bytes, since XTS is practically always used with data blocks of size 512 bytes. This is why performance is reduced in tcrypt for 64 byte long blocks. Cc: Huang Ying <ying.huang@intel.com> Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: x86/camellia-aesni-avx - add more optimized XTS codeJussi Kivilinna
Add more optimized XTS code for camellia-aesni-avx, for smaller stack usage and small boost for speed. tcrypt results, with Intel i5-2450M: enc dec 16B 1.10x 1.01x 64B 0.82x 0.77x 256B 1.14x 1.10x 1024B 1.17x 1.16x 8192B 1.10x 1.11x Since XTS is practically always used with data blocks of size 512 bytes or more, I chose to not make use of camellia-2way for block sized smaller than 256 bytes. This causes slower result in tcrypt for 64 bytes. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: cast6-avx: use new optimized XTS codeJussi Kivilinna
Change cast6-avx to use the new XTS code, for smaller stack usage and small boost to performance. tcrypt results, with Intel i5-2450M: enc dec 16B 1.01x 1.01x 64B 1.01x 1.00x 256B 1.09x 1.02x 1024B 1.08x 1.06x 8192B 1.08x 1.07x Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: x86/twofish-avx - use optimized XTS codeJussi Kivilinna
Change twofish-avx to use the new XTS code, for smaller stack usage and small boost to performance. tcrypt results, with Intel i5-2450M: enc dec 16B 1.03x 1.02x 64B 0.91x 0.91x 256B 1.10x 1.09x 1024B 1.12x 1.11x 8192B 1.12x 1.11x Since XTS is practically always used with data blocks of size 512 bytes or more, I chose to not make use of twofish-3way for block sized smaller than 128 bytes. This causes slower result in tcrypt for 64 bytes. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: x86 - add more optimized XTS-mode for serpent-avxJussi Kivilinna
This patch adds AVX optimized XTS-mode helper functions/macros and converts serpent-avx to use the new facilities. Benefits are slightly improved speed and reduced stack usage as use of temporary IV-array is avoided. tcrypt results, with Intel i5-2450M: enc dec 16B 1.00x 1.00x 64B 1.00x 1.00x 256B 1.04x 1.06x 1024B 1.09x 1.09x 8192B 1.10x 1.09x Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25xfrm: add rfc4494 AES-CMAC-96 supportJussi Kivilinna
Now that CryptoAPI has support for CMAC, we can add support for AES-CMAC-96 (rfc4494). Cc: Tom St Denis <tstdenis@elliptictech.com> Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: add CMAC support to CryptoAPIJussi Kivilinna
Patch adds support for NIST recommended block cipher mode CMAC to CryptoAPI. This work is based on Tom St Denis' earlier patch, http://marc.info/?l=linux-crypto-vger&m=135877306305466&w=2 Cc: Tom St Denis <tstdenis@elliptictech.com> Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: testmgr - add empty test vectors for null ciphersJussi Kivilinna
Without these, kernel log shows: [ 5.984881] alg: No test for cipher_null (cipher_null-generic) [ 5.985096] alg: No test for ecb(cipher_null) (ecb-cipher_null) [ 5.985170] alg: No test for compress_null (compress_null-generic) [ 5.985297] alg: No test for digest_null (digest_null-generic) Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: testmgr - add AES GMAC test vectorsJussi Kivilinna
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: gcm - fix rfc4543 to handle async crypto correctlyJussi Kivilinna
If the gcm cipher used by rfc4543 does not complete request immediately, the authentication tag is not copied to destination buffer. Patch adds correct async logic for this case. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: gcm - make GMAC work when dst and src are differentJussi Kivilinna
The GMAC code assumes that dst==src, which causes problems when trying to add rfc4543(gcm(aes)) test vectors. So fix this code to work when source and destination buffer are different. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25hwrng: timeriomem - added devicetree hooksAlexander Clouter
This patch allows timeriomem_rng to be used via devicetree. Signed-off-by: Alexander Clouter <alex@digriz.org.uk> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25hwrng: timeriomem - update to support more than one deviceAlexander Clouter
timeriomem_rng only supports a single device instance. This patch enables multiple timeriomem_rng devices to coexist as well as adds some additional error checking. Signed-off-by: Alexander Clouter <alex@digriz.org.uk> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: crc32-pclmul - Use gas macro for pclmulqdqSandy Wu
Occurs when CONFIG_CRYPTO_CRC32C_INTEL=y and CONFIG_CRYPTO_CRC32C_INTEL=y. Older versions of bintuils do not support the pclmulqdq instruction. The PCLMULQDQ gas macro is used instead. Signed-off-by: Sandy Wu <sandyw@twitter.com> Cc: stable@vger.kernel.org # 3.8+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25hwrng: bcm2835 - Add Broadcom BCM2835 RNG driverLubomir Rintel
This adds a driver for random number generator present on Broadcom BCM2835 SoC, used in Raspberry Pi and Roku 2 devices. Signed-off-by: Dom Cobley <popcornmix@gmail.com> Signed-off-by: Lubomir Rintel <lkundrak@v3.sk> Tested-by: Stephen Warren <swarren@wwwdotorg.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Stephen Warren <swarren@wwwdotorg.org> Cc: Matt Mackall <mpm@selenic.com> Cc: linux-rpi-kernel@lists.infradead.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: caam - static constify error dataKim Phillips
checkstack reports report_deco_status(), report_ccb_status() as particularly excessive stack users. Move their lookup tables off the stack and put them in .rodata. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: caam - change key gen functions to return signed intKim Phillips
commit 2af8f4a "crypto: caam - coccicheck fixes" added error return values yet neglected to change the type from unsigned. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: sha512 - Create module providing optimized SHA512 routines using ↵Tim Chen
SSSE3, AVX or AVX2 instructions. We added glue code and config options to create crypto module that uses SSE/AVX/AVX2 optimized SHA512 x86_64 assembly routines. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: sha512 - Optimized SHA512 x86_64 assembly routine using AVX2 RORX ↵Tim Chen
instruction. Provides SHA512 x86_64 assembly routine optimized with SSE, AVX and AVX2's RORX instructions. Speedup of 70% or more has been measured over the generic implementation. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: sha512 - Optimized SHA512 x86_64 assembly routine using AVX ↵Tim Chen
instructions. Provides SHA512 x86_64 assembly routine optimized with SSE and AVX instructions. Speedup of 60% or more has been measured over the generic implementation. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: sha512 - Optimized SHA512 x86_64 assembly routine using Supplemental ↵Tim Chen
SSE3 instructions. Provides SHA512 x86_64 assembly routine optimized with SSSE3 instructions. Speedup of 40% or more has been measured over the generic implementation. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: sha512 - Expose generic sha512 routine to be callable from other modulesTim Chen
Other SHA512 routines may need to use the generic routine when FPU is not available. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-25crypto: sha256 - Create module providing optimized SHA256 routines using ↵Tim Chen
SSSE3, AVX or AVX2 instructions. We added glue code and config options to create crypto module that uses SSE/AVX/AVX2 optimized SHA256 x86_64 assembly routines. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-03crypto: sha256 - Optimized sha256 x86_64 routine using AVX2's RORX instructionsTim Chen
Provides SHA256 x86_64 assembly routine optimized with SSE, AVX and AVX2's RORX instructions. Speedup of 70% or more has been measured over the generic implementation. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-03crypto: sha256 - Optimized sha256 x86_64 assembly routine with AVX instructions.Tim Chen
Provides SHA256 x86_64 assembly routine optimized with SSE and AVX instructions. Speedup of 60% or more has been measured over the generic implementation. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-03crypto: sha256 - Optimized sha256 x86_64 assembly routine using Supplemental ↵Tim Chen
SSE3 instructions. Provides SHA256 x86_64 assembly routine optimized with SSSE3 instructions. Speedup of 40% or more has been measured over the generic implementation. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-03crypto: sha256 - Expose SHA256 generic routine to be callable externally.Tim Chen
Other SHA256 routine may need to use the generic routine when FPU is not available. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-03crypto: x86 - build AVX block cipher implementations only if assembler ↵Jussi Kivilinna
supports AVX instructions These modules require AVX support in assembler, so add new check to Makefile for this. Other option would be to use CONFIG_AS_AVX inside source files, but that would result dummy/empty/no-fuctionality modules being created. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-03crypto: x86/crc32-pclmul - assembly clean-ups: use ENTRY/ENDPROCJussi Kivilinna
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-04-03crypto: ux500 - fix error return code in hash_dma_final()Wei Yongjun
Fix to return a negative error code from the error handling case instead of 0, as returned elsewhere in this function. Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Acked-by: Linus Walleij <linus.walleij@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-22crypto: picoxcell - Use of_match_ptr() macroSachin Kamat
This eliminates having an #ifdef returning NULL for the case when OF is disabled. Signed-off-by: Sachin Kamat <sachin.kamat@linaro.org> Acked-by: Jamie Iles <jamie@jamieiles.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-22hwrng: mxc-rnga - Use devm_ioremap_resource()Fabio Estevam
Using devm_ioremap_resource() can make the code cleaner and simpler. Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-22crypto: caam - Fix missing init of '.type' in AEAD algos.Vakul Garg
Following AEAD algo templates are updated for '.type' initialization. (a) authenc(hmac(sha224),cbc(aes)) (b) authenc(hmac(sha384),cbc(aes)) (c) authenc(hmac(sha224),cbc(des3_ede)) (d) authenc(hmac(sha384),cbc(des3_ede)) (e) authenc(hmac(sha224),cbc(des)) (f) authenc(hmac(sha384),cbc(des)) Signed-off-by: Vakul Garg <vakul@freescale.com> Reviewed-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Andy Fleming <afleming@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-22crypto: caam - set RDB bit in security configuration registerVakul Garg
This change is required for post SEC-5.0 devices which have RNG4. Setting RDB in security configuration register allows CAAM to use the "Random Data Buffer" to be filled by a single request. The Random Data Buffer is large enough for ten packets to get their IVs from a single request. If the Random Data Buffer is not enabled, then each IV causes a separate request, and RNG4 hardware cannot keep up resulting in lower IPSEC throughput if random IVs are used. Signed-off-by: Vakul Garg <vakul@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-22hwrng: exynos - add CONFIG_PM_SLEEP/CONFIG_PM_RUNTIME to suspend/resumeJingoo Han
This patch adds CONFIG_PM_SLEEP to suspend/resume functions to fix the following build warning when CONFIG_PM_SLEEP is not selected. drivers/char/hw_random/exynos-rng.c:147:12: warning: 'exynos_rng_runtime_suspend' defined but not used [-Wunused-function] drivers/char/hw_random/exynos-rng.c:157:12: warning: 'exynos_rng_runtime_resume' defined but not used [-Wunused-function] Add CONFIG_PM_RUNTIME to suspend/resume functions to fix the build error. It is because UNIVERSAL_DEV_PM_OPS macro is related to both CONFIG_PM_SLEEP and CONFIG_PM_RUNTIME. drivers/char/hw_random/exynos-rng.c:167:8: error: 'exynos_rng_runtime_suspend' undeclared here (not in a function) drivers/char/hw_random/exynos-rng.c:167:8: error: 'exynos_rng_runtime_resume' undeclared here (not in a function) Signed-off-by: Jingoo Han <jg1.han@samsung.com> Reported-by: David Rientjes <rientjes@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-21crypto: ux500 - replace kmalloc and then memcpy with kmemdupMihnea Dobrescu-Balaur
Signed-off-by: Mihnea Dobrescu-Balaur <mihneadb@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-21crypto: sahara - Add driver for SAHARA2 accelerator.Javier Martin
SAHARA2 HW module is included in the i.MX27 SoC from Freescale. It is capable of performing cipher algorithms such as AES, 3DES..., hashing and RNG too. This driver provides support for AES-CBC and AES-ECB by now. Reviewed-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Javier Martin <javier.martin@vista-silicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-10hwrng: Fix a wrong comment in Documentation/hw_random.txtTang Chen
Seeing from the comment, there should be three reasons for removing request_mem_region. Change the comment "two" to "three". Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com> Acked-by: Rob Landley <rob@landley.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-10crypto: caam - fix typo "CRYPTO_AHASH"Paul Bolle
The Kconfig entry for CAAM's hash algorithm implementations has always selected CRYPTO_AHASH. But there's no corresponding Kconfig symbol. It seems it was intended to select CRYPTO_HASH, like other crypto drivers do. That would apparently (indirectly) select CRYPTO_HASH2, which would enable the ahash functionality this driver uses. Signed-off-by: Paul Bolle <pebolle@tiscali.nl> Reviewed-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-10crypto: omap-sham - Use module_platform_driver macroSachin Kamat
module_platform_driver() makes the code simpler by eliminating boilerplate code. Signed-off-by: Sachin Kamat <sachin.kamat@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-10crypto: omap-aes - Use module_platform_driver macroSachin Kamat
module_platform_driver() makes the code simpler by eliminating boilerplate code. Signed-off-by: Sachin Kamat <sachin.kamat@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-10crypto: omap-aes - Use pm_runtime_put instead of pm_runtime_put_sync in taskletJoel A Fernandes
After DMA is complete, the omap_aes_finish_req function is called as a part of the done_task tasklet. During this its atomic and any calls to pm functions should not assume they wont sleep. The patch replaces a call to pm_runtime_put_sync (which can sleep) with pm_runtime_put thus fixing a kernel panic observed on AM33xx SoC during AES operation. Tested on an AM33xx SoC device (beaglebone board). To reproduce the problem, I used the tcrypt kernel module as: modprobe tcrypt sec=2 mode=500 Signed-off-by: Joel A Fernandes <joelagnel@ti.com> Cc: David S. Miller <davem@davemloft.net> Acked-by: Mark A. Greer <mgreer@animalcreek.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-10crypto: omap-sham - Use pm_runtime_put instead of pm_runtime_put_sync in taskletJoel A Fernandes
After DMA is complete, the omap_sham_finish_req function is called as a part of the done_task tasklet. During this its atomic and any calls to pm functions should not assume they wont sleep. The patch replaces a call to pm_runtime_put_sync (which can sleep) with pm_runtime_put thus fixing a kernel panic observed on AM33xx SoC during SHA operation. Tested on an AM33xx SoC device (beaglebone board). To reproduce the problem, used the tcrypt kernel module as: modprobe tcrypt sec=2 mode=403 Signed-off-by: Joel A Fernandes <joelagnel@ti.com> Cc: David S. Miller <davem@davemloft.net> Acked-by: Mark A. Greer <mgreer@animalcreek.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-10crypto: bfin_crc - Fix possible NULL pointer dereferenceSyam Sidhardhan
If we define dev_dbg(), then there is a possible NULL pointer dereference. Signed-off-by: Syam Sidhardhan <s.syam@samsung.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-03-10crypto: user - constify netlink dispatch tableMathias Krause
There is no need to modify the netlink dispatch table at runtime and making it const even makes the resulting object file slightly smaller. Cc: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Mathias Krause <minipli@googlemail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>