From patchwork Sat Jan 28 23:25:30 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 92767 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp847175qgi; Sat, 28 Jan 2017 15:26:00 -0800 (PST) X-Received: by 10.99.116.22 with SMTP id p22mr16792426pgc.161.1485645960925; Sat, 28 Jan 2017 15:26:00 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 3si8337414pli.45.2017.01.28.15.26.00; Sat, 28 Jan 2017 15:26:00 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752479AbdA1XZ5 (ORCPT + 1 other); Sat, 28 Jan 2017 18:25:57 -0500 Received: from mail-wm0-f46.google.com ([74.125.82.46]:37192 "EHLO mail-wm0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751947AbdA1XZz (ORCPT ); Sat, 28 Jan 2017 18:25:55 -0500 Received: by mail-wm0-f46.google.com with SMTP id d140so1635523wmd.0 for ; Sat, 28 Jan 2017 15:25:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=CzjTHOxkTE4Qgd4iwVqP3xmJj/nHZVRS08KnoIo68+M=; b=KdHkT3Z1j/AmgExJUoogSfdNIvcUSJBjcOTJ4xdpIna019ZTDGSUsqPP7W1Kau6PbW NGwqIpq0bPpcLnelYU656JehXqLSv6QcUSeB2rXLb5YjHeJXVeHLkvQZNPP08jTe7Dj9 byyx0uKbeoM32olbV7o2VQrDC0Ht2yyBT/r3U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=CzjTHOxkTE4Qgd4iwVqP3xmJj/nHZVRS08KnoIo68+M=; b=N2cqP8MMZm3ZGgm0TGVkfFucBxw9bLEraeUIXKRsMyCxZeMxFtvX3EDuDwVk4//JZs Rlu4YDHcdEiI7XyJ6RnO1j5aCDa51licjo9Ljgk+VIBtxzd+ACq92q93P3tUcfk/BU6F HwwBmf+Wl9I42x0ZnZYkrVy3JNJzzZ3Cwiub0JdoEY7HyLzfgtfPl7Tc7VHJp9VDqBo5 OmdJl+pfAPSz0YUWyK6nrNtW+IAkCnZMfO24KlHUnD5OX2eAZFrQ6A2RCPwL//N3zRC4 L1WZIxpd6hpFNcRuEbxVSb9DiAPPofEVQ3nTz4GY7/BxZihykct+MO0yFzx2i3UmtCNn lE9Q== X-Gm-Message-State: AIkVDXK+6kSSCaQXF4Rg4+lgVjj1h+k3Z/U3pqyzcV2Vvro2JDVyzULF+YO6Hnq3eA7/W5iH X-Received: by 10.223.139.142 with SMTP id o14mr13159365wra.6.1485645954360; Sat, 28 Jan 2017 15:25:54 -0800 (PST) Received: from localhost.localdomain ([160.163.215.165]) by smtp.gmail.com with ESMTPSA id 33sm14992064wrd.34.2017.01.28.15.25.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sat, 28 Jan 2017 15:25:53 -0800 (PST) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, herbert@gondor.apana.org.au, Ard Biesheuvel Subject: [PATCH v3 01/10] crypto: arm64/aes-neon-bs - honour iv_out requirement in CTR mode Date: Sat, 28 Jan 2017 23:25:30 +0000 Message-Id: <1485645939-17126-2-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1485645939-17126-1-git-send-email-ard.biesheuvel@linaro.org> References: <1485645939-17126-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Update the new bitsliced NEON AES implementation in CTR mode to return the next IV back to the skcipher API client. This is necessary for chaining to work correctly. Note that this is only done if the request is a round multiple of the block size, since otherwise, chaining is impossible anyway. Signed-off-by: Ard Biesheuvel --- arch/arm64/crypto/aes-neonbs-core.S | 25 +++++++++++++------- 1 file changed, 16 insertions(+), 9 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/arm64/crypto/aes-neonbs-core.S b/arch/arm64/crypto/aes-neonbs-core.S index 8d0cdaa2768d..2ada12dd768e 100644 --- a/arch/arm64/crypto/aes-neonbs-core.S +++ b/arch/arm64/crypto/aes-neonbs-core.S @@ -874,12 +874,19 @@ CPU_LE( rev x8, x8 ) csel x4, x4, xzr, pl csel x9, x9, xzr, le + tbnz x9, #1, 0f next_ctr v1 + tbnz x9, #2, 0f next_ctr v2 + tbnz x9, #3, 0f next_ctr v3 + tbnz x9, #4, 0f next_ctr v4 + tbnz x9, #5, 0f next_ctr v5 + tbnz x9, #6, 0f next_ctr v6 + tbnz x9, #7, 0f next_ctr v7 0: mov bskey, x2 @@ -928,11 +935,11 @@ CPU_LE( rev x8, x8 ) eor v5.16b, v5.16b, v15.16b st1 {v5.16b}, [x0], #16 - next_ctr v0 +8: next_ctr v0 cbnz x4, 99b 0: st1 {v0.16b}, [x5] -8: ldp x29, x30, [sp], #16 +9: ldp x29, x30, [sp], #16 ret /* @@ -941,23 +948,23 @@ CPU_LE( rev x8, x8 ) */ 1: cbz x6, 8b st1 {v1.16b}, [x5] - b 8b + b 9b 2: cbz x6, 8b st1 {v4.16b}, [x5] - b 8b + b 9b 3: cbz x6, 8b st1 {v6.16b}, [x5] - b 8b + b 9b 4: cbz x6, 8b st1 {v3.16b}, [x5] - b 8b + b 9b 5: cbz x6, 8b st1 {v7.16b}, [x5] - b 8b + b 9b 6: cbz x6, 8b st1 {v2.16b}, [x5] - b 8b + b 9b 7: cbz x6, 8b st1 {v5.16b}, [x5] - b 8b + b 9b ENDPROC(aesbs_ctr_encrypt)