diff options
author | Ard Biesheuvel <ard.biesheuvel@linaro.org> | 2017-01-11 17:41:52 +0100 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2017-01-12 17:26:49 +0100 |
commit | bed593c0e852f5c1efd3ca4e984fd744c51cf6ee (patch) | |
tree | c3ef5fd3b1f202288c63d037f1b0bf62ea26fd4f /arch/arm64/crypto/Makefile | |
parent | crypto: arm64/aes-blk - expose AES-CTR as synchronous cipher as well (diff) | |
download | linux-bed593c0e852f5c1efd3ca4e984fd744c51cf6ee.tar.xz linux-bed593c0e852f5c1efd3ca4e984fd744c51cf6ee.zip |
crypto: arm64/aes - add scalar implementation
This adds a scalar implementation of AES, based on the precomputed tables
that are exposed by the generic AES code. Since rotates are cheap on arm64,
this implementation only uses the 4 core tables (of 1 KB each), and avoids
the prerotated ones, reducing the D-cache footprint by 75%.
On Cortex-A57, this code manages 13.0 cycles per byte, which is ~34% faster
than the generic C code. (Note that this is still >13x slower than the code
that uses the optional ARMv8 Crypto Extensions, which manages <1 cycles per
byte.)
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'arch/arm64/crypto/Makefile')
-rw-r--r-- | arch/arm64/crypto/Makefile | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/arch/arm64/crypto/Makefile b/arch/arm64/crypto/Makefile index 9d2826c5fccf..a893507629eb 100644 --- a/arch/arm64/crypto/Makefile +++ b/arch/arm64/crypto/Makefile @@ -44,6 +44,9 @@ sha512-arm64-y := sha512-glue.o sha512-core.o obj-$(CONFIG_CRYPTO_CHACHA20_NEON) += chacha20-neon.o chacha20-neon-y := chacha20-neon-core.o chacha20-neon-glue.o +obj-$(CONFIG_CRYPTO_AES_ARM64) += aes-arm64.o +aes-arm64-y := aes-cipher-core.o aes-cipher-glue.o + AFLAGS_aes-ce.o := -DINTERLEAVE=4 AFLAGS_aes-neon.o := -DINTERLEAVE=4 |