1. 21 Oct, 2011 29 commits
  2. 20 Oct, 2011 1 commit
  3. 22 Sep, 2011 5 commits
  4. 20 Aug, 2011 1 commit
  5. 16 Aug, 2011 1 commit
    • Herbert Xu's avatar
      crypto: sha - Fix build error due to crypto_sha1_update · 4619b6bd
      Herbert Xu authored
      On Tue, Aug 16, 2011 at 03:22:34PM +1000, Stephen Rothwell wrote:
      >
      > After merging the final tree, today's linux-next build (powerpc
      > allyesconfig) produced this warning:
      >
      > In file included from security/integrity/ima/../integrity.h:16:0,
      >                  from security/integrity/ima/ima.h:27,
      >                  from security/integrity/ima/ima_policy.c:20:
      > include/crypto/sha.h:86:10: warning: 'struct shash_desc' declared inside parameter list
      > include/crypto/sha.h:86:10: warning: its scope is only this definition or declaration, which is probably not what you want
      >
      > Introduced by commit 7c390170 ("crypto: sha1 - export sha1_update for
      > reuse").  I guess you need to include crypto/hash.h in crypto/sha.h.
      
      This patch fixes this by providing a declaration for struct shash_desc.
      Reported-by: default avatarStephen Rothwell <sfr@canb.auug.org.au>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      4619b6bd
  6. 15 Aug, 2011 1 commit
  7. 10 Aug, 2011 2 commits
    • Mathias Krause's avatar
      crypto: sha1 - SSSE3 based SHA1 implementation for x86-64 · 66be8951
      Mathias Krause authored
      This is an assembler implementation of the SHA1 algorithm using the
      Supplemental SSE3 (SSSE3) instructions or, when available, the
      Advanced Vector Extensions (AVX).
      
      Testing with the tcrypt module shows the raw hash performance is up to
      2.3 times faster than the C implementation, using 8k data blocks on a
      Core 2 Duo T5500. For the smalest data set (16 byte) it is still 25%
      faster.
      
      Since this implementation uses SSE/YMM registers it cannot safely be
      used in every situation, e.g. while an IRQ interrupts a kernel thread.
      The implementation falls back to the generic SHA1 variant, if using
      the SSE/YMM registers is not possible.
      
      With this algorithm I was able to increase the throughput of a single
      IPsec link from 344 Mbit/s to 464 Mbit/s on a Core 2 Quad CPU using
      the SSSE3 variant -- a speedup of +34.8%.
      
      Saving and restoring SSE/YMM state might make the actual throughput
      fluctuate when there are FPU intensive userland applications running.
      For example, meassuring the performance using iperf2 directly on the
      machine under test gives wobbling numbers because iperf2 uses the FPU
      for each packet to check if the reporting interval has expired (in the
      above test I got min/max/avg: 402/484/464 MBit/s).
      
      Using this algorithm on a IPsec gateway gives much more reasonable and
      stable numbers, albeit not as high as in the directly connected case.
      Here is the result from an RFC 2544 test run with a EXFO Packet Blazer
      FTB-8510:
      
       frame size    sha1-generic     sha1-ssse3    delta
          64 byte     37.5 MBit/s    37.5 MBit/s     0.0%
         128 byte     56.3 MBit/s    62.5 MBit/s   +11.0%
         256 byte     87.5 MBit/s   100.0 MBit/s   +14.3%
         512 byte    131.3 MBit/s   150.0 MBit/s   +14.2%
        1024 byte    162.5 MBit/s   193.8 MBit/s   +19.3%
        1280 byte    175.0 MBit/s   212.5 MBit/s   +21.4%
        1420 byte    175.0 MBit/s   218.7 MBit/s   +25.0%
        1518 byte    150.0 MBit/s   181.2 MBit/s   +20.8%
      
      The throughput for the largest frame size is lower than for the
      previous size because the IP packets need to be fragmented in this
      case to make there way through the IPsec tunnel.
      Signed-off-by: default avatarMathias Krause <minipli@googlemail.com>
      Cc: Maxim Locktyukhin <maxim.locktyukhin@intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      66be8951
    • Mathias Krause's avatar
      crypto: sha1 - export sha1_update for reuse · 7c390170
      Mathias Krause authored
      Export the update function as crypto_sha1_update() to not have the need
      to reimplement the same algorithm for each SHA-1 implementation. This
      way the generic SHA-1 implementation can be used as fallback for other
      implementations that fail to run under certain circumstances, like the
      need for an FPU context while executing in IRQ context.
      Signed-off-by: default avatarMathias Krause <minipli@googlemail.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      7c390170