summaryrefslogtreecommitdiffhomepage
path: root/src/crypto
AgeCommit message (Collapse)Author
2018-11-14chacha20: simplify stack unwinding on ChaCha20_ctr32Samuel Neves
objtool did not quite understand the stack arithmetic employed here. Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20: use DRAP idiomSamuel Neves
This effectively means swapping the usage of %r9 and %r10 globally. Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20: add hchacha_ssse3Samuel Neves
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20: begin adapting to kernel settingSamuel Neves
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20,poly1305: switch to perlasm originals on x86_64Samuel Neves
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20,poly1305: use CONFIG_KERNEL_MODE_NEON in .pl on armJason A. Donenfeld
While Andy is right to desire a separation between compiler defines and project defines, there are simply too many odd kernel configurations and we require testing for CONFIG_KERNEL_MODE_NEON. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20,poly1305: switch to perlasm originals on mips and armJason A. Donenfeld
We also separate out Eric Biggers' Cortex A7 implementation into its own file. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-13global: various formatting tweeksJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27curve25519-x86_64: this was relicensed to BSD-3-Clause upstreamJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27poly1305-donna64: mark large constants as ULLJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-07crypto: clean up remaining .h->.cJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-07crypto: use BIT(i) & bitmap instead of (bitmap >> i) & 1Jason A. Donenfeld
Pros: clearer if you're not familiar with the shift idiom, uses kernel macro. Cons: doesn't work any more if the lvalue ever ceases to be a bool. Neutral: generates the same machine code. Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-07crypto: disable broken implementations in selftestsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-06crypto: test all SIMD combinationsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-06global: rename include'd C files to be .cJason A. Donenfeld
This is done by 259 other files in the kernel tree: linux $ rg '#include.*\.c' -l | wc -l 259 Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-04curve25519-arm: rearrange multiplications for better in-order performanceJason A. Donenfeld
Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-04curve25519-arm: writeback to base register when possibleJason A. Donenfeld
Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-03blake2s: always put a simd, even if not use()'dJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-03simd: introduce useful disabling macroJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-03curve25519-arm: adjust commentJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-03curve25519-arm: use new simd apiJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02chacha20-arm: use proper reteq macro instead of bxeqJason A. Donenfeld
Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02global: change BUG_ON to WARN_ONJason A. Donenfeld
Suggested-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02poly1305: document rationale for base 2^26->2^64/32 conversionJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02crypto: use ZINC_ARCH macrosJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02chacha20: no need to align ctxJason A. Donenfeld
We don't use vmovdqa any more. Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02chacha20: split chacha20_ctx into unionJason A. Donenfeld
This avoids casts and makes counter increments obvious. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02crypto: add missing static keyword to fpu init functionsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02crypto: document what's used from <crypto/ beside #includeJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02crypto: WARN_ON in module_init if selftest failsJason A. Donenfeld
If it's a built-in and initcall fails, it won't be fatal. So we should at least be loud. Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02poly1305-mips64: use compiler-defined macros in assemblyJason A. Donenfeld
Andy and I agreed it's more correct to use the compiler-defined macros in assembly code, and not the project specific macros. Suggested-by: Andy Polyakov <appro@openssl.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02blake2s: rename arch function and use slicker le32 helperJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02blake2s: feed fpu functions PAGE_SIZE at a timeJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02poly1305: feed fpu functions PAGE_SIZE at a timeJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02chacha20: feed fpu functions PAGE_SIZE at a timeJason A. Donenfeld
Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02chacha20: test multiple page span in selftestJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02chacha20: break out of zero loops in selftestJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02crypto: prefer IS_ENABLED to ifdefsJason A. Donenfeld
Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-02crypto: ignore ARMv3Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25crypto: rename DEBUG to SELFTESTJason A. Donenfeld
Also we make selftest errors of type err, so that they're obvious in dmesg. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25poly1305-arm: swap endianness in base 2^26 conversionJason A. Donenfeld
These are actually 32-bit limbs, so we have to swap them back after the 64-bit arithmetic. Also, change type of boolean for 64-bit. Suggested-by: Andy Polyakov <appro@openssl.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25curve25519-arm: disable on big-endianJason A. Donenfeld
The qhasm was only written for little-endian systems, and we don't want disaster to ensue. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25chacha20-arm,poly1305-arm: fix big-endian aarch64Jason A. Donenfeld
Suggested-by: Andy Polyakov <appro@openssl.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25curve25519: show all failures in test caseJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25curve25519-hacl64: reduce stack usage under KASANJason A. Donenfeld
Suggested-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25chacha20: add bounds checking to selftestsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25chacha20-mips32r2: reduce stack and branches in loop, refactor jumptable ↵René van Dorst
handling Signed-off-by: René van Dorst <opensource@vdorst.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25crypto: make constant naming scheme consistentJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25hchacha20: keep in native endian in wordsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-24chacha20-arm: remove unused preamblesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>