git.baikalelectronics.ru Git - kernel.git/commit

author	Martin Willi <martin@strongswan.org>
	Sun, 11 Nov 2018 09:36:30 +0000 (10:36 +0100)
committer	Herbert Xu <herbert@gondor.apana.org.au>
	Fri, 16 Nov 2018 06:11:04 +0000 (14:11 +0800)
commit	e4bedf09e3ab93ae1cc6a07ae5310767e6a42b07
tree	bbbc738cd20c7f2a461b26b3be6fc3abde942710	tree \| snapshot
parent	8f98080ccd318fb787553f68e3c80527de64807f	commit \| diff

crypto: x86/chacha20 - Add a 4-block AVX2 variant

This variant builds upon the idea of the 2-block AVX2 variant that
shuffles words after each round. The shuffling has a rather high latency,
so the arithmetic units are not optimally used.

Given that we have plenty of registers in AVX, this version parallelizes
the 2-block variant to do four blocks. While the first two blocks are
shuffling, the CPU can do the XORing on the second two blocks and
vice-versa, which makes this version much faster than the SSSE3 variant
for four blocks. The latter is now mostly for systems that do not have
AVX2, but there it is the work-horse, so we keep it in place.

The partial XORing function trailer is very similar to the AVX2 2-block
variant. While it could be shared, that code segment is rather short;
profiling is also easier with the trailer integrated, so we keep it per
function.

Signed-off-by: Martin Willi <martin@strongswan.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

arch/x86/crypto/chacha20-avx2-x86_64.S		diff \| blob \| history
arch/x86/crypto/chacha20_glue.c		diff \| blob \| history