91a2abb78f
Add a NEON-accelerated implementation of Speck128-XTS and Speck64-XTS for ARM64. This is ported from the 32-bit version. It may be useful on devices with 64-bit ARM CPUs that don't have the Cryptography Extensions, so cannot do AES efficiently -- e.g. the Cortex-A53 processor on the Raspberry Pi 3. It generally works the same way as the 32-bit version, but there are some slight differences due to the different instructions, registers, and syntax available in ARM64 vs. in ARM32. For example, in the 64-bit version there are enough registers to hold the XTS tweaks for each 128-byte chunk, so they don't need to be saved on the stack. Benchmarks on a Raspberry Pi 3 running a 64-bit kernel: Algorithm Encryption Decryption --------- ---------- ---------- Speck64/128-XTS (NEON) 92.2 MB/s 92.2 MB/s Speck128/256-XTS (NEON) 75.0 MB/s 75.0 MB/s Speck128/256-XTS (generic) 47.4 MB/s 35.6 MB/s AES-128-XTS (NEON bit-sliced) 33.4 MB/s 29.6 MB/s AES-256-XTS (NEON bit-sliced) 24.6 MB/s 21.7 MB/s The code performs well on higher-end ARM64 processors as well, though such processors tend to have the Crypto Extensions which make AES preferred. For example, here are the same benchmarks run on a HiKey960 (with CPU affinity set for the A73 cores), with the Crypto Extensions implementation of AES-256-XTS added: Algorithm Encryption Decryption --------- ----------- ----------- AES-256-XTS (Crypto Extensions) 1273.3 MB/s 1274.7 MB/s Speck64/128-XTS (NEON) 359.8 MB/s 348.0 MB/s Speck128/256-XTS (NEON) 292.5 MB/s 286.1 MB/s Speck128/256-XTS (generic) 186.3 MB/s 181.8 MB/s AES-128-XTS (NEON bit-sliced) 142.0 MB/s 124.3 MB/s AES-256-XTS (NEON bit-sliced) 104.7 MB/s 91.1 MB/s Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
123 lines
3.2 KiB
Plaintext
123 lines
3.2 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0
|
|
|
|
menuconfig ARM64_CRYPTO
|
|
bool "ARM64 Accelerated Cryptographic Algorithms"
|
|
depends on ARM64
|
|
help
|
|
Say Y here to choose from a selection of cryptographic algorithms
|
|
implemented using ARM64 specific CPU features or instructions.
|
|
|
|
if ARM64_CRYPTO
|
|
|
|
config CRYPTO_SHA256_ARM64
|
|
tristate "SHA-224/SHA-256 digest algorithm for arm64"
|
|
select CRYPTO_HASH
|
|
|
|
config CRYPTO_SHA512_ARM64
|
|
tristate "SHA-384/SHA-512 digest algorithm for arm64"
|
|
select CRYPTO_HASH
|
|
|
|
config CRYPTO_SHA1_ARM64_CE
|
|
tristate "SHA-1 digest algorithm (ARMv8 Crypto Extensions)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_SHA1
|
|
|
|
config CRYPTO_SHA2_ARM64_CE
|
|
tristate "SHA-224/SHA-256 digest algorithm (ARMv8 Crypto Extensions)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_SHA256_ARM64
|
|
|
|
config CRYPTO_SHA512_ARM64_CE
|
|
tristate "SHA-384/SHA-512 digest algorithm (ARMv8 Crypto Extensions)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_SHA512_ARM64
|
|
|
|
config CRYPTO_SHA3_ARM64
|
|
tristate "SHA3 digest algorithm (ARMv8.2 Crypto Extensions)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_SHA3
|
|
|
|
config CRYPTO_SM3_ARM64_CE
|
|
tristate "SM3 digest algorithm (ARMv8.2 Crypto Extensions)"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_SM3
|
|
|
|
config CRYPTO_GHASH_ARM64_CE
|
|
tristate "GHASH/AES-GCM using ARMv8 Crypto Extensions"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_HASH
|
|
select CRYPTO_GF128MUL
|
|
select CRYPTO_AES
|
|
select CRYPTO_AES_ARM64
|
|
|
|
config CRYPTO_CRCT10DIF_ARM64_CE
|
|
tristate "CRCT10DIF digest algorithm using PMULL instructions"
|
|
depends on KERNEL_MODE_NEON && CRC_T10DIF
|
|
select CRYPTO_HASH
|
|
|
|
config CRYPTO_CRC32_ARM64_CE
|
|
tristate "CRC32 and CRC32C digest algorithms using ARMv8 extensions"
|
|
depends on CRC32
|
|
select CRYPTO_HASH
|
|
|
|
config CRYPTO_AES_ARM64
|
|
tristate "AES core cipher using scalar instructions"
|
|
select CRYPTO_AES
|
|
|
|
config CRYPTO_AES_ARM64_CE
|
|
tristate "AES core cipher using ARMv8 Crypto Extensions"
|
|
depends on ARM64 && KERNEL_MODE_NEON
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_AES_ARM64
|
|
|
|
config CRYPTO_AES_ARM64_CE_CCM
|
|
tristate "AES in CCM mode using ARMv8 Crypto Extensions"
|
|
depends on ARM64 && KERNEL_MODE_NEON
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_AES_ARM64_CE
|
|
select CRYPTO_AES_ARM64
|
|
select CRYPTO_AEAD
|
|
|
|
config CRYPTO_AES_ARM64_CE_BLK
|
|
tristate "AES in ECB/CBC/CTR/XTS modes using ARMv8 Crypto Extensions"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_BLKCIPHER
|
|
select CRYPTO_AES_ARM64_CE
|
|
select CRYPTO_AES_ARM64
|
|
select CRYPTO_SIMD
|
|
|
|
config CRYPTO_AES_ARM64_NEON_BLK
|
|
tristate "AES in ECB/CBC/CTR/XTS modes using NEON instructions"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_BLKCIPHER
|
|
select CRYPTO_AES_ARM64
|
|
select CRYPTO_AES
|
|
select CRYPTO_SIMD
|
|
|
|
config CRYPTO_CHACHA20_NEON
|
|
tristate "NEON accelerated ChaCha20 symmetric cipher"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_BLKCIPHER
|
|
select CRYPTO_CHACHA20
|
|
|
|
config CRYPTO_AES_ARM64_BS
|
|
tristate "AES in ECB/CBC/CTR/XTS modes using bit-sliced NEON algorithm"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_BLKCIPHER
|
|
select CRYPTO_AES_ARM64_NEON_BLK
|
|
select CRYPTO_AES_ARM64
|
|
select CRYPTO_SIMD
|
|
|
|
config CRYPTO_SPECK_NEON
|
|
tristate "NEON accelerated Speck cipher algorithms"
|
|
depends on KERNEL_MODE_NEON
|
|
select CRYPTO_BLKCIPHER
|
|
select CRYPTO_SPECK
|
|
|
|
endif
|