Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | chacha20,poly1305: switch to perlasm originals on mips and arm | Jason A. Donenfeld | 2018-11-14 | 12 | -6104/+5570 |
| | | | | | We also separate out Eric Biggers' Cortex A7 implementation into its own file. | ||||
* | global: various formatting tweeks | Jason A. Donenfeld | 2018-11-13 | 2 | -2/+1 |
| | |||||
* | curve25519-x86_64: this was relicensed to BSD-3-Clause upstream | Jason A. Donenfeld | 2018-10-27 | 1 | -1/+1 |
| | |||||
* | poly1305-donna64: mark large constants as ULL | Jason A. Donenfeld | 2018-10-27 | 1 | -24/+24 |
| | |||||
* | crypto: clean up remaining .h->.c | Jason A. Donenfeld | 2018-10-07 | 8 | -10/+10 |
| | |||||
* | crypto: use BIT(i) & bitmap instead of (bitmap >> i) & 1 | Jason A. Donenfeld | 2018-10-07 | 1 | -2/+2 |
| | | | | | | | | | | | Pros: clearer if you're not familiar with the shift idiom, uses kernel macro. Cons: doesn't work any more if the lvalue ever ceases to be a bool. Neutral: generates the same machine code. Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> | ||||
* | crypto: disable broken implementations in selftests | Jason A. Donenfeld | 2018-10-07 | 1 | -9/+8 |
| | |||||
* | crypto: test all SIMD combinations | Jason A. Donenfeld | 2018-10-06 | 20 | -40/+82 |
| | |||||
* | global: rename include'd C files to be .c | Jason A. Donenfeld | 2018-10-06 | 19 | -28/+28 |
| | | | | | | | | | This is done by 259 other files in the kernel tree: linux $ rg '#include.*\.c' -l | wc -l 259 Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> | ||||
* | curve25519-arm: rearrange multiplications for better in-order performance | Jason A. Donenfeld | 2018-10-04 | 1 | -12/+12 |
| | | | | Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> | ||||
* | curve25519-arm: writeback to base register when possible | Jason A. Donenfeld | 2018-10-04 | 1 | -58/+27 |
| | | | | Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> | ||||
* | blake2s: always put a simd, even if not use()'d | Jason A. Donenfeld | 2018-10-03 | 1 | -2/+5 |
| | |||||
* | simd: introduce useful disabling macro | Jason A. Donenfeld | 2018-10-03 | 2 | -3/+2 |
| | |||||
* | curve25519-arm: adjust comment | Jason A. Donenfeld | 2018-10-03 | 1 | -2/+2 |
| | |||||
* | curve25519-arm: use new simd api | Jason A. Donenfeld | 2018-10-03 | 1 | -6/+9 |
| | |||||
* | chacha20-arm: use proper reteq macro instead of bxeq | Jason A. Donenfeld | 2018-10-02 | 1 | -1/+2 |
| | | | | Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> | ||||
* | global: change BUG_ON to WARN_ON | Jason A. Donenfeld | 2018-10-02 | 2 | -18/+11 |
| | | | | Suggested-by: Andrew Lunn <andrew@lunn.ch> | ||||
* | poly1305: document rationale for base 2^26->2^64/32 conversion | Jason A. Donenfeld | 2018-10-02 | 2 | -0/+20 |
| | |||||
* | crypto: use ZINC_ARCH macros | Jason A. Donenfeld | 2018-10-02 | 2 | -9/+9 |
| | |||||
* | chacha20: no need to align ctx | Jason A. Donenfeld | 2018-10-02 | 1 | -1/+1 |
| | | | | | | We don't use vmovdqa any more. Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> | ||||
* | chacha20: split chacha20_ctx into union | Jason A. Donenfeld | 2018-10-02 | 5 | -45/+50 |
| | | | | This avoids casts and makes counter increments obvious. | ||||
* | crypto: add missing static keyword to fpu init functions | Jason A. Donenfeld | 2018-10-02 | 4 | -4/+3 |
| | |||||
* | crypto: document what's used from <crypto/ beside #include | Jason A. Donenfeld | 2018-10-02 | 4 | -4/+3 |
| | |||||
* | crypto: WARN_ON in module_init if selftest fails | Jason A. Donenfeld | 2018-10-02 | 5 | -5/+5 |
| | | | | | | | If it's a built-in and initcall fails, it won't be fatal. So we should at least be loud. Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> | ||||
* | poly1305-mips64: use compiler-defined macros in assembly | Jason A. Donenfeld | 2018-10-02 | 1 | -5/+10 |
| | | | | | | | Andy and I agreed it's more correct to use the compiler-defined macros in assembly code, and not the project specific macros. Suggested-by: Andy Polyakov <appro@openssl.org> | ||||
* | blake2s: rename arch function and use slicker le32 helper | Jason A. Donenfeld | 2018-10-02 | 2 | -11/+8 |
| | |||||
* | blake2s: feed fpu functions PAGE_SIZE at a time | Jason A. Donenfeld | 2018-10-02 | 1 | -14/+28 |
| | |||||
* | poly1305: feed fpu functions PAGE_SIZE at a time | Jason A. Donenfeld | 2018-10-02 | 4 | -29/+49 |
| | |||||
* | chacha20: feed fpu functions PAGE_SIZE at a time | Jason A. Donenfeld | 2018-10-02 | 4 | -23/+54 |
| | | | | Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> | ||||
* | chacha20: test multiple page span in selftest | Jason A. Donenfeld | 2018-10-02 | 2 | -3/+27 |
| | |||||
* | chacha20: break out of zero loops in selftest | Jason A. Donenfeld | 2018-10-02 | 1 | -0/+5 |
| | |||||
* | crypto: prefer IS_ENABLED to ifdefs | Jason A. Donenfeld | 2018-10-02 | 8 | -135/+73 |
| | | | | Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> | ||||
* | crypto: ignore ARMv3 | Jason A. Donenfeld | 2018-10-02 | 1 | -1/+1 |
| | |||||
* | crypto: rename DEBUG to SELFTEST | Jason A. Donenfeld | 2018-09-25 | 11 | -59/+59 |
| | | | | | Also we make selftest errors of type err, so that they're obvious in dmesg. | ||||
* | poly1305-arm: swap endianness in base 2^26 conversion | Jason A. Donenfeld | 2018-09-25 | 1 | -1/+5 |
| | | | | | | | These are actually 32-bit limbs, so we have to swap them back after the 64-bit arithmetic. Also, change type of boolean for 64-bit. Suggested-by: Andy Polyakov <appro@openssl.org> | ||||
* | curve25519-arm: disable on big-endian | Jason A. Donenfeld | 2018-09-25 | 2 | -3/+3 |
| | | | | | The qhasm was only written for little-endian systems, and we don't want disaster to ensue. | ||||
* | chacha20-arm,poly1305-arm: fix big-endian aarch64 | Jason A. Donenfeld | 2018-09-25 | 2 | -21/+21 |
| | | | | Suggested-by: Andy Polyakov <appro@openssl.org> | ||||
* | curve25519: show all failures in test case | Jason A. Donenfeld | 2018-09-25 | 1 | -2/+0 |
| | |||||
* | curve25519-hacl64: reduce stack usage under KASAN | Jason A. Donenfeld | 2018-09-25 | 1 | -2/+1 |
| | | | | Suggested-by: Arnd Bergmann <arnd@arndb.de> | ||||
* | chacha20: add bounds checking to selftests | Jason A. Donenfeld | 2018-09-25 | 1 | -1/+45 |
| | |||||
* | chacha20-mips32r2: reduce stack and branches in loop, refactor jumptable handling | René van Dorst | 2018-09-25 | 1 | -79/+94 |
| | | | | Signed-off-by: René van Dorst <opensource@vdorst.com> | ||||
* | crypto: make constant naming scheme consistent | Jason A. Donenfeld | 2018-09-25 | 15 | -148/+148 |
| | |||||
* | hchacha20: keep in native endian in words | Jason A. Donenfeld | 2018-09-25 | 8 | -42/+46 |
| | |||||
* | chacha20-arm: remove unused preambles | Jason A. Donenfeld | 2018-09-24 | 2 | -30/+1 |
| | |||||
* | chacha20-arm: updated scalar code from Andy | Jason A. Donenfeld | 2018-09-23 | 1 | -310/+273 |
| | |||||
* | poly1305-mips64: remove useless preprocessor error | Jason A. Donenfeld | 2018-09-23 | 1 | -4/+0 |
| | |||||
* | crypto-arm: rework KERNEL_MODE_NEON handling again | Jason A. Donenfeld | 2018-09-23 | 8 | -27/+16 |
| | |||||
* | crypto: flatten out makefile | Jason A. Donenfeld | 2018-09-23 | 1 | -47/+33 |
| | | | | This brings us more in line with the integration tree's style. | ||||
* | curve25519-fiat32: work around m68k compiler stack frame bug | Jason A. Donenfeld | 2018-09-23 | 1 | -6/+4 |
| | | | | | | | The m68k compiler generates a 1032 byte stack frame. Moving these variables inside the loop fixes that. It also means we're not explicitly memzeroing it any more either, but hopefully that memory is reused anyway by the multiplications. | ||||
* | chacha20-arm: use new scalar implementation | Jason A. Donenfeld | 2018-09-23 | 2 | -569/+1208 |
| | | | | | It turns out this is faster than NEON on some chips, so it's nice to have. |