Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp9117673imu; Tue, 4 Dec 2018 22:11:49 -0800 (PST) X-Google-Smtp-Source: AFSGD/Xhg25ri3NyWwWXKAz2aKlMxs3zdXNPRwqTl/bJkZw+Rffs7mA/b4ZpJzFkG2/3wGnIlL63 X-Received: by 2002:a17:902:4324:: with SMTP id i33mr16281823pld.227.1543990309122; Tue, 04 Dec 2018 22:11:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543990309; cv=none; d=google.com; s=arc-20160816; b=eIwEt3SOUzY9/8WDc96PfHQ6QgpH9jc4xxmUXSJTWKgDVpbKtVK7gcVpaQgMpgO34x sQ24wQ8L8TSlYA7Rqr8qmsp9ROWCW+qhB1f9QRyjCuv6c1pf6DZwfdoUgkli2FUBcR0Z XseOn4s35+OIA1DdGuWTb2IyT/tPnS4LeGQHeFhKS/IU1kWcpVC7op9z/ubR93Dxh2jd OZN0Hlt+/GJamI4QL4nsm/xhVE5MYJ4i58ELvqpNnmBOXIRIBTdYdOH6Voayr+ycRVbf N3xX2fIceemf96Pby6jScY7omYpymbc+oMwVgpbKh6ipzID/DEUTZ1qEAv68naUcsP4i Ugjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=VXr9ole2AsYFxJyzdu8f5KlNnJjTuWoDDp4xVwbbHBI=; b=J2xiOGg8anlGaIOh/gLJew8fABa2Fkmazj8JxFkbWw1hVVsIs6WJAhwyL5m43VnxIQ 2ElyuR+E1I7Luf5exHnsqX0TmCmXmscdYdtKkGENNCG7F1EkCJYkLdL9HlT65YBbXUNX 92LhujFtU/Yj39cAYNBslVABPSr04EC54KjtgHW69W21ozxSdweP0COVV1o0DljA3oq/ tbU3oY3hwBLQ+ubkeNcU3ZFMb44EPqrt8kU7Ja9+zHblhkQW2+VQaaXGvXG7gfVVdNfj LFDi4YIK4Z8NQnru9BJo5rx+FmND+4uLjw+0HbTJuJ0nXqgdCEiS449HGnI2M7tZuyea R+Qw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="a/5anYM2"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y12si17286276pgf.527.2018.12.04.22.11.33; Tue, 04 Dec 2018 22:11:49 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="a/5anYM2"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726978AbeLEGK6 (ORCPT + 99 others); Wed, 5 Dec 2018 01:10:58 -0500 Received: from mail.kernel.org ([198.145.29.99]:39394 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726092AbeLEGK6 (ORCPT ); Wed, 5 Dec 2018 01:10:58 -0500 Received: from sol.localdomain (c-24-23-142-8.hsd1.ca.comcast.net [24.23.142.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id F2FC22084C; Wed, 5 Dec 2018 06:10:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1543990257; bh=MrJErH2B5hAyYx9gPpy35DDhGrlI75pq4mdnIQyWNoU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=a/5anYM2e6O6ey/sGkclQBK5oxB1ahZ0A0s+fr6vjzb03TubsWTzE2CirmuoMfN81 NykkFzkBCPU+0Mciw3B/REOTg5884mVQ4XW5zzAkQpzos+j3UrWcXMpJ0dpp7BuOZD h0E3IM7FyZmxr/XmOKaVxbws0sVxAxsClhM+6X3I= Date: Tue, 4 Dec 2018 22:10:55 -0800 From: Eric Biggers To: Martin Willi Cc: linux-crypto@vger.kernel.org, Paul Crowley , Milan Broz , "Jason A . Donenfeld" , linux-kernel@vger.kernel.org Subject: Re: [PATCH v2 4/6] crypto: x86/chacha20 - add XChaCha20 support Message-ID: <20181205061054.GA26750@sol.localdomain> References: <20181129230217.158038-1-ebiggers@kernel.org> <20181129230217.158038-5-ebiggers@kernel.org> <99ed681fa4d3233b18ae9328a14f9e23971073cb.camel@strongswan.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <99ed681fa4d3233b18ae9328a14f9e23971073cb.camel@strongswan.org> User-Agent: Mutt/1.11.0 (2018-11-25) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Martin, On Sat, Dec 01, 2018 at 05:40:40PM +0100, Martin Willi wrote: > > > An SSSE3 implementation of single-block HChaCha20 is also added so > > that XChaCha20 can use it rather than the generic > > implementation. This required refactoring the ChaCha permutation > > into its own function. > > > [...] > > > +ENTRY(chacha20_block_xor_ssse3) > > + # %rdi: Input state matrix, s > > + # %rsi: up to 1 data block output, o > > + # %rdx: up to 1 data block input, i > > + # %rcx: input/output length in bytes > > + > > + # x0..3 = s0..3 > > + movdqa 0x00(%rdi),%xmm0 > > + movdqa 0x10(%rdi),%xmm1 > > + movdqa 0x20(%rdi),%xmm2 > > + movdqa 0x30(%rdi),%xmm3 > > + movdqa %xmm0,%xmm8 > > + movdqa %xmm1,%xmm9 > > + movdqa %xmm2,%xmm10 > > + movdqa %xmm3,%xmm11 > > + > > + mov %rcx,%rax > > + call chacha20_permute > > + > > # o0 = i0 ^ (x0 + s0) > > paddd %xmm8,%xmm0 > > cmp $0x10,%rax > > @@ -189,6 +198,23 @@ ENTRY(chacha20_block_xor_ssse3) > > > > ENDPROC(chacha20_block_xor_ssse3) > > > > +ENTRY(hchacha20_block_ssse3) > > + # %rdi: Input state matrix, s > > + # %rsi: output (8 32-bit words) > > + > > + movdqa 0x00(%rdi),%xmm0 > > + movdqa 0x10(%rdi),%xmm1 > > + movdqa 0x20(%rdi),%xmm2 > > + movdqa 0x30(%rdi),%xmm3 > > + > > + call chacha20_permute > > AFAIK, the general convention is to create proper stack frames using > FRAME_BEGIN/END for non leaf-functions. Should chacha20_permute() > callers do so? > Yes, I'll do that. (Ard suggested similarly in the arm64 version too.) - Eric