summaryrefslogtreecommitdiffhomepage
path: root/src
AgeCommit message (Collapse)Author
2018-09-23chacha20: add chunked selftest and test sliding alignments and hchacha20Jason A. Donenfeld
This ensures we're properly updating state[12] and that we're handling all unaligned acceses (in the jump tables for MIPS). Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-22chacha20-mips32r2: reduce jumptable entry size and stack usageRené van Dorst
Signed-off-by: René van Dorst <opensource@vdorst.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-21chacha20-mips32r2: use simpler calling conventionJason A. Donenfeld
Since we now set up the block in the generic code, we can rely on that to use fewer variables and reduce stack pressure within the MIPS code. This in turn means we have more registers and more uniformity, so we're able to rewrite quite a bit. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-21chacha20-arm: go with Ard's version to optimize for Cortex-A7Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-21chacha20-mips32r2: remove reorder directivesRené van Dorst
This requires some minimal rearranging to make work, but for the most part as does the right thing, provided we pass it an optimization flag. Suggested-by: Paul Burton <paul.burton@mips.com> Signed-off-by: René van Dorst <opensource@vdorst.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-21chacha20-mips32r2: fix typo to allow reorder againRené van Dorst
Reported-by: Paul Burton <paul.burton@mips.com> Signed-off-by: René van Dorst <opensource@vdorst.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-21poly1305-mips32r2: remove all reorder directivesRené van Dorst
This requires some minimal rearranging to make work, but for the most part as does the right thing, provided we pass it an optimization flag. Suggested-by: Paul Burton <paul.burton@mips.com> Signed-off-by: René van Dorst <opensource@vdorst.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20global: put SPDX identifier on its own lineJason A. Donenfeld
The kernel has very specific rules correlating file type with comment type, and also SPDX identifiers can't be merged with other comments. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20ratelimiter: disable selftest with KASANJason A. Donenfeld
This this relies on instructions taking a "normal" amount of time, we really can't run this with KASAN, especially inside QEMU, so just disable it for KASAN, since it's hard to make it complete on slow systems. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20crypto: do not waste space on selftest itemsJason A. Donenfeld
This unfortunately means we have to define symbols, since we want them in __initconst, but it's better than the other two options (no initconst or wasting space for fixed size buffers). Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20netlink: reverse my christmas treesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20crypto: explicitly dual licenseJason A. Donenfeld
Suggested-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20poly1305: account for simd being toggled off midwayJason A. Donenfeld
This is a very rare occurance, but we should account for it, so that the calculations aren't wrong. Here we convert from base 2^26 back to base 2^64. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20allowedips: change from BUG_ON to WARN_ONJason A. Donenfeld
This is never going to hit anyway, and if it does, it's a development problem that will be caught with the selftests anyway. So don't make Andrew Lunn upset, and just change it to a WARN_ON. Suggested-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20chacha20: prefer crypto_xor_cpy to avoid memmoveJason A. Donenfeld
Suggested-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-19poly1305: no need to trick gcc 8.1Jason A. Donenfeld
This reverts 37f114a73ba37219b00a66f0a51219a696599745, since gcc 8.2 no longer exhibits that bug. Suggested-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-19blake2s: simplify final functionJason A. Donenfeld
Suggested-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-18poly1305: better module descriptionJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-18version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-18chacha20: add independent self testJason A. Donenfeld
This was already tested from the chacha20poly1305 test, but it's useful to be able to test this in isolation too. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-18chacha20poly1305: add __init to selftest helper functionsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-18curve25519-arm: only compile if symbols will be usedJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-18chacha20-x86_64: use correct cut off for avx512-vlJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-18poly1305-x86_64: show full struct for stateJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-18crypto: allow for disabling simd in zinc modulesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-18chacha20-x86_64: more limited cascadeJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-18chacha20poly1305: relax simd between sg chunksJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-18crypto: turn Zinc into individual modulesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-17crypto: do not use -include trickJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-17poly1305-x86_64: don't activate simd for small blocksJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-17chacha20-x86_64: don't activate simd for small blocksJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-17crypto: pass simd by referenceJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-17chacha20-x86_64: cascade down implementationsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-17poly1305: do not require simd context for archJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-16crypto: make MITJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-16qemu: always pull and reset against integration treeJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-16global: remove non-essential inline annotationsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-16send/receive: reduce number of sg entriesJason A. Donenfeld
This reduces stack usage to quell warnings on powerpc. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-15simd: add __must_check annotationJason A. Donenfeld
Suggested-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-13chacha20-arm: swap scalar and neon functionsJason A. Donenfeld
This brings us closer to the original code. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-12poly1305: precompute 5*r in init instead of blocksJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-12curve25519-x86_64: remove useless defineJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-12chacha20: add constant for words in blockJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-11poly1305: rename finish to finalJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-11kconfig: make NEON depend on CPU_V7Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-11crypto: make sure UML is properly disabledJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-11crypto: do not use compound literals in selftestsJason A. Donenfeld
gcc can't apply section attributes to compound literals, so we can't mark the actual data as __initconst. We thus waste space instead, but this shouldn't matter much, since it's cleared after init anyway, and because this is only for debugging. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-10blake2s-x86_64: fix whitespace errorsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-10version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-10poly1305: switch to donnaJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>