This is a v2 as patch #1 was sent out in isolation a couple of days ago. As it turns out, we can get ~10% speedup for RFC4106 on arm64 (Cortex-A53) by giving it the same treatment as ARM, i.e., avoid the generic template and implement RFC4106 encapsulation directly in the driver Patch #3 adds larger key sizes to the tcrypt benchmark for RFC4106 Patch #4 fixes some prose on AEAD that turned out to be inaccurate. Changes since v1: - minor tweaks to the asm code in patch #1, one of which to fix a Clang build error Note: patch #1 depends on the softirq context patches for kernel mode NEON I sent out last week. More specifically, this implements a sync AEAD that does not implement a !simd fallback, as AEADs are not callable in hard IRQ context anyway. Cc: Eric Biggers <ebiggers@xxxxxxxxxx> Cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Ard Biesheuvel (4): crypto: arm/ghash - implement fused AES/GHASH version of AES-GCM crypto: arm64/gcm - add RFC4106 support crypto: tcrypt - include larger key sizes in RFC4106 benchmark crypto: aead - fix inaccurate documentation arch/arm/crypto/Kconfig | 2 + arch/arm/crypto/ghash-ce-core.S | 382 +++++++++++++++++- arch/arm/crypto/ghash-ce-glue.c | 424 +++++++++++++++++++- arch/arm64/crypto/ghash-ce-glue.c | 145 +++++-- crypto/tcrypt.c | 8 +- crypto/tcrypt.h | 2 +- include/crypto/aead.h | 20 +- 7 files changed, 913 insertions(+), 70 deletions(-) -- 2.35.1
