Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp6607018pxv; Thu, 29 Jul 2021 20:11:44 -0700 (PDT) X-Google-Smtp-Source: ABdhPJweekLUsdgNIB7JZIjZk/ZtO9q033U2On/6P+cOX3HA+bServ31bMlrcYt6zuhfAxAP8F09 X-Received: by 2002:a6b:c90f:: with SMTP id z15mr490597iof.183.1627614704061; Thu, 29 Jul 2021 20:11:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1627614704; cv=none; d=google.com; s=arc-20160816; b=eGdRCUlNZcEP/qYWipqBYCtXoki3ayCY5BawnkqpHjMix34Bzo7n4+glqTeWWxrKhE bMf8ZiMaDYexJjnzR6ntLspCnNbrBueU0j4WIe7BvBjfUK/3PUpxpCezlRyeefaOIqns elFqD6L/QTWnadgg1MinggFnXNbVrzdxeuADyr9Y5tbujS5Ek98YBYUNF/5+doYxGbYZ +G3H9HegUJzk4tB+m/4l816AiINlioLh7UYH9n5HVS5i6rMmRL4EQ+QMqV7jlKhhR5j7 3bE5Vv+4Y5qg57XaWFkINw0olycfgsjP50MLqS43KG7x9VHSiVouyvASQ7TKKmdGZfZx goVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=dmF6TWMc9T15lrSC5feIAKDgsstjMKtciy/OqcTmaoo=; b=sHzh80Dtrasw1BtjyhiImXvIYuGn2OTI/JeWkF1378IhDwJ7le4utihIoBQytuL55z RqnrgdwlZXtkAZPdpolC+2TLwwG7WmbNMv7hEVi5HBY278+dOSovd8xoruN8tPyD+aw+ dUNN2qyvevRyRaCBjxJwQfva5gUvLCubF/jIAOovJBVL0ZfwWG9FJ2dHWxhsdZH0Czx7 EOsVQ6mrrG/EMX8fTqvlMiY3jdvwhwFVwM27CbhNq6qEAOywQv4dWqJjKIfzF/vCWOYK fUSDWVfgN6LpOHydnIB9kfdcpap/8qFArthYpdnaDJ5iTj3Bky1QPxb89f1ttMmmvGZo D7sA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k3si293507iog.8.2021.07.29.20.11.00; Thu, 29 Jul 2021 20:11:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233660AbhG3DKr (ORCPT + 99 others); Thu, 29 Jul 2021 23:10:47 -0400 Received: from helcar.hmeau.com ([216.24.177.18]:51568 "EHLO deadmen.hmeau.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230196AbhG3DKr (ORCPT ); Thu, 29 Jul 2021 23:10:47 -0400 Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar) by deadmen.hmeau.com with esmtp (Exim 4.92 #5 (Debian)) id 1m9Iud-0000dZ-3J; Fri, 30 Jul 2021 11:10:15 +0800 Received: from herbert by gondobar with local (Exim 4.92) (envelope-from ) id 1m9IuN-0003AF-8T; Fri, 30 Jul 2021 11:09:59 +0800 Date: Fri, 30 Jul 2021 11:09:59 +0800 From: Herbert Xu To: Tianjia Zhang Cc: "David S. Miller" , Eric Biggers , Eric Biggers , Gilad Ben-Yossef , Ard Biesheuvel , "Markku-Juhani O . Saarinen" , Jussi Kivilinna , Catalin Marinas , Will Deacon , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , x86@kernel.org, linux-crypto@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Jia Zhang , "YiLin . Li" Subject: Re: [PATCH v3 0/4] Introduce x86 assembler accelerated implementation for SM4 algorithm Message-ID: <20210730030959.GA12121@gondor.apana.org.au> References: <20210720034642.19230-1-tianjia.zhang@linux.alibaba.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210720034642.19230-1-tianjia.zhang@linux.alibaba.com> User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Tue, Jul 20, 2021 at 11:46:38AM +0800, Tianjia Zhang wrote: > This patchset extracts the public SM4 algorithm as a separate library, > At the same time, the acceleration implementation of SM4 in arm64 was > adjusted to adapt to this SM4 library. Then introduces an accelerated > implementation of the instruction set on x86_64. > > This optimization supports the four modes of SM4, ECB, CBC, CFB, and > CTR. Since CBC and CFB do not support multiple block parallel > encryption, the optimization effect is not obvious. And all selftests > have passed already. > > The main algorithm implementation comes from SM4 AES-NI work by > libgcrypt and Markku-Juhani O. Saarinen at: > https://github.com/mjosaarinen/sm4ni > > Benchmark on Intel Xeon Cascadelake, the data comes from the mode 218 > and mode 518 of tcrypt. The abscissas are blocks of different lengths. > The data is tabulated and the unit is Mb/s: > > sm4-generic | 16 64 128 256 1024 1420 4096 > ECB enc | 40.99 46.50 48.05 48.41 49.20 49.25 49.28 > ECB dec | 41.07 46.99 48.15 48.67 49.20 49.25 49.29 > CBC enc | 37.71 45.28 46.77 47.60 48.32 48.37 48.40 > CBC dec | 36.48 44.82 46.43 47.45 48.23 48.30 48.36 > CFB enc | 37.94 44.84 46.12 46.94 47.57 47.46 47.68 > CFB dec | 37.50 42.84 43.74 44.37 44.85 44.80 44.96 > CTR enc | 39.20 45.63 46.75 47.49 48.09 47.85 48.08 > CTR dec | 39.64 45.70 46.72 47.47 47.98 47.88 48.06 > sm4-aesni-avx > ECB enc | 33.75 134.47 221.64 243.43 264.05 251.58 258.13 > ECB dec | 34.02 134.92 223.11 245.14 264.12 251.04 258.33 > CBC enc | 38.85 46.18 47.67 48.34 49.00 48.96 49.14 > CBC dec | 33.54 131.29 223.88 245.27 265.50 252.41 263.78 > CFB enc | 38.70 46.10 47.58 48.29 49.01 48.94 49.19 > CFB dec | 32.79 128.40 223.23 244.87 265.77 253.31 262.79 > CTR enc | 32.58 122.23 220.29 241.16 259.57 248.32 256.69 > CTR dec | 32.81 122.47 218.99 241.54 258.42 248.58 256.61 > > --- > v3 changes: > * Remove single block algorithm that does not greatly improve performance > * Remove accelerated for sm4 key expand, which is not performance-critical > * Fix the warning on arm64/sm4-ce > > v2 changes: > * SM4 library functions use "sm4_" prefix instead of "crypto_" prefix > * sm4-aesni-avx supports accelerated implementation of four specific modes > * tcrypt benchmark supports sm4-aesni-avx > * fixes of other reviews > > > Tianjia Zhang (4): > crypto: sm4 - create SM4 library based on sm4 generic code > crypto: arm64/sm4-ce - Make dependent on sm4 library instead of > sm4-generic > crypto: x86/sm4 - add AES-NI/AVX/x86_64 implementation > crypto: tcrypt - add the asynchronous speed test for SM4 > > arch/arm64/crypto/Kconfig | 2 +- > arch/arm64/crypto/sm4-ce-glue.c | 20 +- > arch/x86/crypto/Makefile | 3 + > arch/x86/crypto/sm4-aesni-avx-asm_64.S | 589 +++++++++++++++++++++++++ > arch/x86/crypto/sm4_aesni_avx_glue.c | 459 +++++++++++++++++++ > crypto/Kconfig | 22 + > crypto/sm4_generic.c | 180 +------- > crypto/tcrypt.c | 26 +- > include/crypto/sm4.h | 25 +- > lib/crypto/Kconfig | 3 + > lib/crypto/Makefile | 3 + > lib/crypto/sm4.c | 176 ++++++++ > 12 files changed, 1330 insertions(+), 178 deletions(-) > create mode 100644 arch/x86/crypto/sm4-aesni-avx-asm_64.S > create mode 100644 arch/x86/crypto/sm4_aesni_avx_glue.c > create mode 100644 lib/crypto/sm4.c All applied. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt