Due to the recent discussion about the asm-optimized version of AES which is
included in loop-AES, I'd like to point out that I've ported this
implementation - Dr. Brian Gladman's btw. - to CryptoAPI a long time ago.
http://therapy.endorphin.org/patches/aes-i586-asm-2.5.58.diff
The demand for this patch will rise quickly if cryptoloop is included :)
Regards, Clemens
On Tue, Jul 08, 2003 at 05:27:55PM +0200, Fruhwirth Clemens wrote:
>
> Due to the recent discussion about the asm-optimized version of AES which is
> included in loop-AES, I'd like to point out that I've ported this
> implementation - Dr. Brian Gladman's btw. - to CryptoAPI a long time ago.
Cool, that means we just need to hash out the framework for optimized
implementations now..
A few more comments:
> diff -r --new-file -u crypto/Kconfig ../linux-2.5.58/crypto/Kconfig
> --- crypto/Kconfig Thu Feb 6 13:53:47 2003
> +++ ../linux-2.5.58/crypto/Kconfig Tue Feb 4 00:54:18 2003
> @@ -119,6 +119,26 @@
>
> See http://csrc.nist.gov/encryption/aes/ for more information.
>
> +config CRYPTO_AES_586
> + tristate "AES cipher algorithms (586)"
> + depends on CRYPTO
Should also depend on CONFIG_X86 && !CONFIG_X86_64
> +$(obj)/aes-i586.o: $(obj)/aes-i586-asm.o crypto/aes-i586-glue.o
> + $(LD) -r $(obj)/aes-i586-asm.o $(obj)/aes-i586-glue.o -o $(obj)/aes-i586.o
That's not how kernel makesfile work. It should be something like
aes-i586-y := aes-i586-asm.o aes-i586-glue.o
> +// THE CIPHER INTERFACE
Please use C-style comments.
> + if(key_length != 16 && key_length != 24 && key_length != 32)
> + {
Should be
if (key_length != 16 && key_length != 24 && key_length != 32) {
> +MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm");
> +MODULE_LICENSE("Dual BSD/GPL");
MODULE_AUTHOR is missing. Also the description should mention that
this is an optimized assembly version.
Christoph Hellwig <[email protected]> writes:
> On Tue, Jul 08, 2003 at 05:27:55PM +0200, Fruhwirth Clemens wrote:
> >
> > Due to the recent discussion about the asm-optimized version of AES which is
> > included in loop-AES, I'd like to point out that I've ported this
> > implementation - Dr. Brian Gladman's btw. - to CryptoAPI a long time ago.
>
> Cool, that means we just need to hash out the framework for optimized
> implementations now..
It's not cool. Pentium Classic tuning is quite useless for PPro+
The Pentium Classic had a quite weird pipeline and code optimized
for it tends to be suboptimal for more modern designs.
I didn't benchmark, but I suspect the C version compiled with a good compiler
for the correct CPU is faster than that on a modern CPU.
-Andi
On Tue, Jul 08, 2003 at 07:12:27PM +0200, Andi Kleen wrote:
> Christoph Hellwig <[email protected]> writes:
>
> > On Tue, Jul 08, 2003 at 05:27:55PM +0200, Fruhwirth Clemens wrote:
> > >
> > > Due to the recent discussion about the asm-optimized version of AES which is
> > > included in loop-AES, I'd like to point out that I've ported this
> > > implementation - Dr. Brian Gladman's btw. - to CryptoAPI a long time ago.
> >
> > Cool, that means we just need to hash out the framework for optimized
> > implementations now..
>
> It's not cool. Pentium Classic tuning is quite useless for PPro+
> The Pentium Classic had a quite weird pipeline and code optimized
> for it tends to be suboptimal for more modern designs.
>
> I didn't benchmark, but I suspect the C version compiled with a good compiler
> for the correct CPU is faster than that on a modern CPU.
I agree 100% with what you state here... but at the same time I was
thinking it would be nice to merge, mainly as an example of asm support
if nothing else.
We really need to see benchmarks before merging, too, to see (as you
state) if the C compiler still does a better job.
Jeff
On Tue, 8 Jul 2003 13:28:48 -0400
Jeff Garzik <[email protected]> wrote:
> I agree 100% with what you state here... but at the same time I was
> thinking it would be nice to merge, mainly as an example of asm support
> if nothing else.
There already is an example for optimized variants - the z990 implementation.
-Andi
> There already is an example for optimized variants - the z990
implementation.
>
> -Andi
My Master's thesis involved developing custom AES implementations
for the Alpha EV6, UltraSPARC, and P3.
http://www.boo.net/~jasonp
Source is included, but only the encrypt was implemented.
Hope this helps,
jasonp