Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp3166958lqp; Tue, 26 Mar 2024 01:06:31 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWxcqVmJAvsbEJJs3Ayzi62/lfy5yWSlIAj1ij62P6/4ruPUXt+PSmP5w99SYhpIjMrsCCnMHvWo1XDYrjZAWYOQRU8nqzx2AnL4of21w== X-Google-Smtp-Source: AGHT+IGke2/ru5LIyuX2WLYnRhikw1diJ6KUYZLTryeMohkcTiLK1seeN8hkvdcfN+mCdLtSaR4y X-Received: by 2002:a17:906:32ce:b0:a47:11c1:92d7 with SMTP id k14-20020a17090632ce00b00a4711c192d7mr6331433ejk.69.1711440391706; Tue, 26 Mar 2024 01:06:31 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711440391; cv=pass; d=google.com; s=arc-20160816; b=ndw+VdW6Q+/+W9vlZeFRBUaa5MkSBZBfh1HWBTnd0ZM9D7qtMKzVY/r1+ovzIXWR92 k1YVG4G8aAsjh0LPDcqW9C6/Sp/qvlkR6V8GZjbV7u2aZ3B8RF6MoOFe87uB4T3h+qZb NwR1wrjdU2TVA6zUI44thM9g2+A+0IjESpastP4ejVGxuQhfhg1ceFgOSe8nbehfZCeE lPtFfKs3f2nD5S81KD2FiU88WaYCrPPsMtHZNmlHArxxYufHjDEo3rDC/8P8nl4On7Hq XUoq7RWZF2AChncpkR3Bzx946T9a51BBVO01SagEVgsKlgrPcQ23t3oeQZA7YbFZvrrt hs7A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=jmTtvMikyjb/F57OlhrfTEymkUf0dxd4KvpGC5+PZvw=; fh=HYLtzSYcxOa1KHDXbG6ny3oWyG0LxDnh9szm5mOcs3E=; b=aUizHDXFMze/e4QMJPOvSeQ5DhIyUbMvj3mupAiQiJ9IoNvM2bsCRE3vN0LM9ltw+x TwFai83hpjLuIEo0lRHpIFE7BXDG5HMHpn0q/u6eqEcthp6s6AZn6L0+qITU+TtAlhfk 5xbD8bT7u9aTHypU6FUIzUAMf4QSjbEXbglw+xhM6ZDNV4912T9zCMxu9SKTZFGZDBq/ M1DvpFTBQ6Mnbdzaef0242nv5yXzP45J/7ceJihKF2GMWi6FRyw9k6FpH9wHRSGVJlf5 WgjD9HM5HJVCDkIYGhwstqTzKMLk/Vrlpp+TMq77l1DikaJVCOhEQWM39nY5mv3tT+Gu R7hQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=BVJNUu9I; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-2864-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2864-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id g17-20020a17090669d100b00a466ae1be36si3175816ejs.145.2024.03.26.01.06.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 26 Mar 2024 01:06:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-2864-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=BVJNUu9I; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-2864-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2864-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 47EDC1F3A90A for ; Tue, 26 Mar 2024 08:06:31 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id EEE3D136660; Tue, 26 Mar 2024 08:06:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="BVJNUu9I" X-Original-To: linux-crypto@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A63B4135A4F; Tue, 26 Mar 2024 08:06:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711440364; cv=none; b=EkMn7BbxHcRoBhRC+QV0miIRRrxKHBDwz93PIVg4BREV11/DO5RUuzq4lousLHhjSuxDTQS+r/hLgQy7skf3jWxc9Ci0gUaH0/iGPW0vEPbyJSF0y5+x7O/G0JiG0ue1lpwv9y4zBbnp3bXU/xhyA+HKlyrdDpDIjRXmpavl3Lg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711440364; c=relaxed/simple; bh=/F4IYNjZkp5goJ240YloVO4ChNfJNLy2L2HjVpkOVpg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=XE6JJuB+NljdRpw8NItSyc9EOW/XeJq/NrstptyliydSfdEhSKdIYTgXJ+PvmECuZLX0/2cOq5JdRZDbvdif67mSqQufMSWtGZi2D2WWtwMx7QrZJtCGF2md50BjHSP+ovKmo0TktdquQWWNxDiB2crayRyf+8pqQp1vaJr4Hyc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=BVJNUu9I; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0B619C43394; Tue, 26 Mar 2024 08:06:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1711440364; bh=/F4IYNjZkp5goJ240YloVO4ChNfJNLy2L2HjVpkOVpg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=BVJNUu9Ize3Q/PEpbnxSqqjqTeRfSpw7BQKUd3j7GFH65pUE6XR8czkFs/UF/sXE+ FkBFcQ0q4j0SYU+GGylxWSsZI7eojaM/VpTFyX/1BKjiE5eoY2eQ+NvmT8dooZw8Xb by5Gaf6f0gVAyHE9C/Nme4a1w7vQIuzqpVDFb+1i4wwXq8VQ1gUch6/DOow3xEeZrL nYCd9RcqlrCGqbCxX9bRLsfaHluu6Xp+Qwlp/U5db3ipPbduMOYd9jy1J59tn6vBZ/ XARTnl1XXWyjxLJwWCTBqwAbrwigCS+bwGP/Vk3HBe52+0pDvf4T0AaJcVmri0nG1j kp9eO1twbzt3Q== From: Eric Biggers To: linux-crypto@vger.kernel.org, x86@kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Andy Lutomirski , "Chang S . Bae" Subject: [PATCH 5/6] crypto: x86/aes-xts - wire up VAES + AVX10/256 implementation Date: Tue, 26 Mar 2024 01:03:03 -0700 Message-ID: <20240326080305.402382-6-ebiggers@kernel.org> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240326080305.402382-1-ebiggers@kernel.org> References: <20240326080305.402382-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Eric Biggers Add an AES-XTS implementation "xts-aes-vaes-avx10_256" for x86_64 CPUs with the VAES, VPCLMULQDQ, and either AVX10/256 or AVX512BW + AVX512VL extensions. This implementation avoids using zmm registers, instead using ymm registers to operate on two AES blocks at a time. The assembly code is instantiated using a macro so that most of the source code is shared with other implementations. This is the optimal implementation on CPUs that support VAES and AVX512 but where the zmm registers should not be used due to downclocking effects, for example Intel's Ice Lake. It should also be the optimal implementation on future CPUs that support AVX10/256 but not AVX10/512. The performance is slightly better than that of xts-aes-vaes-avx2, which uses the same vector length, due to factors such as being able to use ymm16-ymm31 to cache the AES round keys. For example, on Ice Lake, the throughput of decrypting 4096-byte messages with AES-256-XTS is 5.8% higher with xts-aes-vaes-avx10_256 than with xts-aes-vaes-avx2. Signed-off-by: Eric Biggers --- arch/x86/crypto/aes-xts-avx-x86_64.S | 9 +++++++++ arch/x86/crypto/aesni-intel_glue.c | 16 ++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/arch/x86/crypto/aes-xts-avx-x86_64.S b/arch/x86/crypto/aes-xts-avx-x86_64.S index 87ae2139b7ca..c868b9af443b 100644 --- a/arch/x86/crypto/aes-xts-avx-x86_64.S +++ b/arch/x86/crypto/aes-xts-avx-x86_64.S @@ -773,6 +773,15 @@ SYM_TYPED_FUNC_START(aes_xts_encrypt_vaes_avx2) aes_xts_crypt 1 SYM_FUNC_END(aes_xts_encrypt_vaes_avx2) SYM_TYPED_FUNC_START(aes_xts_decrypt_vaes_avx2) aes_xts_crypt 0 SYM_FUNC_END(aes_xts_decrypt_vaes_avx2) + +.set VL, 32 +.set USE_AVX10, 1 +SYM_TYPED_FUNC_START(aes_xts_encrypt_vaes_avx10_256) + aes_xts_crypt 1 +SYM_FUNC_END(aes_xts_encrypt_vaes_avx10_256) +SYM_TYPED_FUNC_START(aes_xts_decrypt_vaes_avx10_256) + aes_xts_crypt 0 +SYM_FUNC_END(aes_xts_decrypt_vaes_avx10_256) #endif /* CONFIG_AS_VAES && CONFIG_AS_VPCLMULQDQ */ diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c index d958aa073c14..ac45e0b952b7 100644 --- a/arch/x86/crypto/aesni-intel_glue.c +++ b/arch/x86/crypto/aesni-intel_glue.c @@ -1295,10 +1295,11 @@ static struct skcipher_alg aes_xts_alg_##suffix = { \ static struct simd_skcipher_alg *aes_xts_simdalg_##suffix DEFINE_XTS_ALG(aesni_avx, "xts-aes-aesni-avx", 500); #if defined(CONFIG_AS_VAES) && defined(CONFIG_AS_VPCLMULQDQ) DEFINE_XTS_ALG(vaes_avx2, "xts-aes-vaes-avx2", 600); +DEFINE_XTS_ALG(vaes_avx10_256, "xts-aes-vaes-avx10_256", 700); #endif static int __init register_xts_algs(void) { int err; @@ -1318,10 +1319,22 @@ static int __init register_xts_algs(void) return 0; err = simd_register_skciphers_compat(&aes_xts_alg_vaes_avx2, 1, &aes_xts_simdalg_vaes_avx2); if (err) return err; + + if (!boot_cpu_has(X86_FEATURE_AVX512BW) || + !boot_cpu_has(X86_FEATURE_AVX512VL) || + !boot_cpu_has(X86_FEATURE_BMI2) || + !cpu_has_xfeatures(XFEATURE_MASK_SSE | XFEATURE_MASK_YMM | + XFEATURE_MASK_AVX512, NULL)) + return 0; + + err = simd_register_skciphers_compat(&aes_xts_alg_vaes_avx10_256, 1, + &aes_xts_simdalg_vaes_avx10_256); + if (err) + return err; #endif return 0; } static void unregister_xts_algs(void) @@ -1330,10 +1343,13 @@ static void unregister_xts_algs(void) simd_unregister_skciphers(&aes_xts_alg_aesni_avx, 1, &aes_xts_simdalg_aesni_avx); if (aes_xts_simdalg_vaes_avx2) simd_unregister_skciphers(&aes_xts_alg_vaes_avx2, 1, &aes_xts_simdalg_vaes_avx2); + if (aes_xts_simdalg_vaes_avx10_256) + simd_unregister_skciphers(&aes_xts_alg_vaes_avx10_256, 1, + &aes_xts_simdalg_vaes_avx10_256); } #else static int __init register_xts_algs(void) { return 0; -- 2.44.0