Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

crypto: powerpc/sha256 - implement library instead of shash

Instead of providing crypto_shash algorithms for the arch-optimized
SHA-256 code, instead implement the SHA-256 library. This is much
simpler, it makes the SHA-256 library functions be arch-optimized, and
it fixes the longstanding issue where the arch-optimized SHA-256 was
disabled by default. SHA-256 still remains available through
crypto_shash, but individual architectures no longer need to handle it.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Eric Biggers and committed by
Herbert Xu
1a49c573 b67b6f9a

+79 -141
-11
arch/powerpc/crypto/Kconfig
··· 39 39 Architecture: powerpc using 40 40 - SPE (Signal Processing Engine) extensions 41 41 42 - config CRYPTO_SHA256_PPC_SPE 43 - tristate "Hash functions: SHA-224 and SHA-256 (SPE)" 44 - depends on SPE 45 - select CRYPTO_SHA256 46 - select CRYPTO_HASH 47 - help 48 - SHA-224 and SHA-256 secure hash algorithms (FIPS 180) 49 - 50 - Architecture: powerpc using 51 - - SPE (Signal Processing Engine) extensions 52 - 53 42 config CRYPTO_AES_PPC_SPE 54 43 tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (SPE)" 55 44 depends on SPE
-2
arch/powerpc/crypto/Makefile
··· 9 9 obj-$(CONFIG_CRYPTO_MD5_PPC) += md5-ppc.o 10 10 obj-$(CONFIG_CRYPTO_SHA1_PPC) += sha1-powerpc.o 11 11 obj-$(CONFIG_CRYPTO_SHA1_PPC_SPE) += sha1-ppc-spe.o 12 - obj-$(CONFIG_CRYPTO_SHA256_PPC_SPE) += sha256-ppc-spe.o 13 12 obj-$(CONFIG_CRYPTO_AES_GCM_P10) += aes-gcm-p10-crypto.o 14 13 obj-$(CONFIG_CRYPTO_DEV_VMX_ENCRYPT) += vmx-crypto.o 15 14 obj-$(CONFIG_CRYPTO_CURVE25519_PPC64) += curve25519-ppc64le.o ··· 17 18 md5-ppc-y := md5-asm.o md5-glue.o 18 19 sha1-powerpc-y := sha1-powerpc-asm.o sha1.o 19 20 sha1-ppc-spe-y := sha1-spe-asm.o sha1-spe-glue.o 20 - sha256-ppc-spe-y := sha256-spe-asm.o sha256-spe-glue.o 21 21 aes-gcm-p10-crypto-y := aes-gcm-p10-glue.o aes-gcm-p10.o ghashp10-ppc.o aesp10-ppc.o 22 22 vmx-crypto-objs := vmx.o aesp8-ppc.o ghashp8-ppc.o aes.o aes_cbc.o aes_ctr.o aes_xts.o ghash.o 23 23 curve25519-ppc64le-y := curve25519-ppc64le-core.o curve25519-ppc64le_asm.o
arch/powerpc/crypto/sha256-spe-asm.S arch/powerpc/lib/crypto/sha256-spe-asm.S
-128
arch/powerpc/crypto/sha256-spe-glue.c
··· 1 - // SPDX-License-Identifier: GPL-2.0-or-later 2 - /* 3 - * Glue code for SHA-256 implementation for SPE instructions (PPC) 4 - * 5 - * Based on generic implementation. The assembler module takes care 6 - * about the SPE registers so it can run from interrupt context. 7 - * 8 - * Copyright (c) 2015 Markus Stockhausen <stockhausen@collogia.de> 9 - */ 10 - 11 - #include <asm/switch_to.h> 12 - #include <crypto/internal/hash.h> 13 - #include <crypto/sha2.h> 14 - #include <crypto/sha256_base.h> 15 - #include <linux/kernel.h> 16 - #include <linux/module.h> 17 - #include <linux/preempt.h> 18 - 19 - /* 20 - * MAX_BYTES defines the number of bytes that are allowed to be processed 21 - * between preempt_disable() and preempt_enable(). SHA256 takes ~2,000 22 - * operations per 64 bytes. e500 cores can issue two arithmetic instructions 23 - * per clock cycle using one 32/64 bit unit (SU1) and one 32 bit unit (SU2). 24 - * Thus 1KB of input data will need an estimated maximum of 18,000 cycles. 25 - * Headroom for cache misses included. Even with the low end model clocked 26 - * at 667 MHz this equals to a critical time window of less than 27us. 27 - * 28 - */ 29 - #define MAX_BYTES 1024 30 - 31 - extern void ppc_spe_sha256_transform(u32 *state, const u8 *src, u32 blocks); 32 - 33 - static void spe_begin(void) 34 - { 35 - /* We just start SPE operations and will save SPE registers later. */ 36 - preempt_disable(); 37 - enable_kernel_spe(); 38 - } 39 - 40 - static void spe_end(void) 41 - { 42 - disable_kernel_spe(); 43 - /* reenable preemption */ 44 - preempt_enable(); 45 - } 46 - 47 - static void ppc_spe_sha256_block(struct crypto_sha256_state *sctx, 48 - const u8 *src, int blocks) 49 - { 50 - do { 51 - /* cut input data into smaller blocks */ 52 - int unit = min(blocks, MAX_BYTES / SHA256_BLOCK_SIZE); 53 - 54 - spe_begin(); 55 - ppc_spe_sha256_transform(sctx->state, src, unit); 56 - spe_end(); 57 - 58 - src += unit * SHA256_BLOCK_SIZE; 59 - blocks -= unit; 60 - } while (blocks); 61 - } 62 - 63 - static int ppc_spe_sha256_update(struct shash_desc *desc, const u8 *data, 64 - unsigned int len) 65 - { 66 - return sha256_base_do_update_blocks(desc, data, len, 67 - ppc_spe_sha256_block); 68 - } 69 - 70 - static int ppc_spe_sha256_finup(struct shash_desc *desc, const u8 *src, 71 - unsigned int len, u8 *out) 72 - { 73 - sha256_base_do_finup(desc, src, len, ppc_spe_sha256_block); 74 - return sha256_base_finish(desc, out); 75 - } 76 - 77 - static struct shash_alg algs[2] = { { 78 - .digestsize = SHA256_DIGEST_SIZE, 79 - .init = sha256_base_init, 80 - .update = ppc_spe_sha256_update, 81 - .finup = ppc_spe_sha256_finup, 82 - .descsize = sizeof(struct crypto_sha256_state), 83 - .base = { 84 - .cra_name = "sha256", 85 - .cra_driver_name= "sha256-ppc-spe", 86 - .cra_priority = 300, 87 - .cra_flags = CRYPTO_AHASH_ALG_BLOCK_ONLY | 88 - CRYPTO_AHASH_ALG_FINUP_MAX, 89 - .cra_blocksize = SHA256_BLOCK_SIZE, 90 - .cra_module = THIS_MODULE, 91 - } 92 - }, { 93 - .digestsize = SHA224_DIGEST_SIZE, 94 - .init = sha224_base_init, 95 - .update = ppc_spe_sha256_update, 96 - .finup = ppc_spe_sha256_finup, 97 - .descsize = sizeof(struct crypto_sha256_state), 98 - .base = { 99 - .cra_name = "sha224", 100 - .cra_driver_name= "sha224-ppc-spe", 101 - .cra_priority = 300, 102 - .cra_flags = CRYPTO_AHASH_ALG_BLOCK_ONLY | 103 - CRYPTO_AHASH_ALG_FINUP_MAX, 104 - .cra_blocksize = SHA224_BLOCK_SIZE, 105 - .cra_module = THIS_MODULE, 106 - } 107 - } }; 108 - 109 - static int __init ppc_spe_sha256_mod_init(void) 110 - { 111 - return crypto_register_shashes(algs, ARRAY_SIZE(algs)); 112 - } 113 - 114 - static void __exit ppc_spe_sha256_mod_fini(void) 115 - { 116 - crypto_unregister_shashes(algs, ARRAY_SIZE(algs)); 117 - } 118 - 119 - module_init(ppc_spe_sha256_mod_init); 120 - module_exit(ppc_spe_sha256_mod_fini); 121 - 122 - MODULE_LICENSE("GPL"); 123 - MODULE_DESCRIPTION("SHA-224 and SHA-256 Secure Hash Algorithm, SPE optimized"); 124 - 125 - MODULE_ALIAS_CRYPTO("sha224"); 126 - MODULE_ALIAS_CRYPTO("sha224-ppc-spe"); 127 - MODULE_ALIAS_CRYPTO("sha256"); 128 - MODULE_ALIAS_CRYPTO("sha256-ppc-spe");
+6
arch/powerpc/lib/crypto/Kconfig
··· 13 13 default CRYPTO_LIB_POLY1305 14 14 select CRYPTO_ARCH_HAVE_LIB_POLY1305 15 15 select CRYPTO_LIB_POLY1305_GENERIC 16 + 17 + config CRYPTO_SHA256_PPC_SPE 18 + tristate 19 + depends on SPE 20 + default CRYPTO_LIB_SHA256 21 + select CRYPTO_ARCH_HAVE_LIB_SHA256
+3
arch/powerpc/lib/crypto/Makefile
··· 5 5 6 6 obj-$(CONFIG_CRYPTO_POLY1305_P10) += poly1305-p10-crypto.o 7 7 poly1305-p10-crypto-y := poly1305-p10-glue.o poly1305-p10le_64.o 8 + 9 + obj-$(CONFIG_CRYPTO_SHA256_PPC_SPE) += sha256-ppc-spe.o 10 + sha256-ppc-spe-y := sha256.o sha256-spe-asm.o
+70
arch/powerpc/lib/crypto/sha256.c
··· 1 + // SPDX-License-Identifier: GPL-2.0-or-later 2 + /* 3 + * SHA-256 Secure Hash Algorithm, SPE optimized 4 + * 5 + * Based on generic implementation. The assembler module takes care 6 + * about the SPE registers so it can run from interrupt context. 7 + * 8 + * Copyright (c) 2015 Markus Stockhausen <stockhausen@collogia.de> 9 + */ 10 + 11 + #include <asm/switch_to.h> 12 + #include <crypto/internal/sha2.h> 13 + #include <linux/kernel.h> 14 + #include <linux/module.h> 15 + #include <linux/preempt.h> 16 + 17 + /* 18 + * MAX_BYTES defines the number of bytes that are allowed to be processed 19 + * between preempt_disable() and preempt_enable(). SHA256 takes ~2,000 20 + * operations per 64 bytes. e500 cores can issue two arithmetic instructions 21 + * per clock cycle using one 32/64 bit unit (SU1) and one 32 bit unit (SU2). 22 + * Thus 1KB of input data will need an estimated maximum of 18,000 cycles. 23 + * Headroom for cache misses included. Even with the low end model clocked 24 + * at 667 MHz this equals to a critical time window of less than 27us. 25 + * 26 + */ 27 + #define MAX_BYTES 1024 28 + 29 + extern void ppc_spe_sha256_transform(u32 *state, const u8 *src, u32 blocks); 30 + 31 + static void spe_begin(void) 32 + { 33 + /* We just start SPE operations and will save SPE registers later. */ 34 + preempt_disable(); 35 + enable_kernel_spe(); 36 + } 37 + 38 + static void spe_end(void) 39 + { 40 + disable_kernel_spe(); 41 + /* reenable preemption */ 42 + preempt_enable(); 43 + } 44 + 45 + void sha256_blocks_arch(u32 state[SHA256_STATE_WORDS], 46 + const u8 *data, size_t nblocks) 47 + { 48 + do { 49 + /* cut input data into smaller blocks */ 50 + u32 unit = min_t(size_t, nblocks, 51 + MAX_BYTES / SHA256_BLOCK_SIZE); 52 + 53 + spe_begin(); 54 + ppc_spe_sha256_transform(state, data, unit); 55 + spe_end(); 56 + 57 + data += unit * SHA256_BLOCK_SIZE; 58 + nblocks -= unit; 59 + } while (nblocks); 60 + } 61 + EXPORT_SYMBOL(sha256_blocks_arch); 62 + 63 + bool sha256_is_arch_optimized(void) 64 + { 65 + return true; 66 + } 67 + EXPORT_SYMBOL(sha256_is_arch_optimized); 68 + 69 + MODULE_LICENSE("GPL"); 70 + MODULE_DESCRIPTION("SHA-256 Secure Hash Algorithm, SPE optimized");