From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4D88BC433F5 for ; Tue, 28 Sep 2021 06:29:44 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 17EA2611BD for ; Tue, 28 Sep 2021 06:29:44 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 17EA2611BD Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=KfrTxU8CrJdHrEdmEr/Kb3lGjDDL2xug+bvDo7VahvQ=; b=Gt0Unu39cOTxH0 FOlaDYqV/4Z0TKf4kD+SaM7xgcSL2G3L/Y/PcpXAz8XHnRiNB06PpBwkXLVHe6PyAHeQF0+oj5y9j ftTCB3Xn3fmH60L1tT+xR4KbbNwIatiOnrK5ZfKA4xwHKA4ofcrvawNN7fzJUNidsthqxNPXDp9ni uxnjlgKlFlVNQT8PpkpO9vXq2cyNlfrzmmKeUPDD0lE/HtK6AIZyBWo1npX/6c8i3NldyYdvx5dWm cLJs+YuHBbuDXtAzLB750J37o4RIjQAYZ3YlfSrVwg2Ku3UxPsPJpHtnmkdADFClS+jREz7xpOcgE vQG8d/TwHzT7a//fReDw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mV6af-005qER-1I; Tue, 28 Sep 2021 06:27:45 +0000 Received: from mail.kernel.org ([198.145.29.99]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mV6a6-005q6E-1n for linux-arm-kernel@lists.infradead.org; Tue, 28 Sep 2021 06:27:11 +0000 Received: by mail.kernel.org (Postfix) with ESMTPSA id 309B5611BD; Tue, 28 Sep 2021 06:27:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1632810429; bh=gGSfvzOmjzE3uTefL139gVbIvttn9yn4r5LhiGbvw/I=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=jo3iPuwkTOeimGBgEgOu8dd17zrY7ubjaXar4ncU7iWGiXBIJItkqjmkeqmxuo5Qw GDGoPQG4TOEzGzaXtGs5W8eugUfsDMwBaxjRg/XitBV3DcorMjkZEW+2Tz36EvyRFe HMjlVawtRWZwurFLvveKPWUyvG3vE4pnjA1L45lr0YS2IkV6vbHgry3FLvPe6ISIpc /9G4l3wWtgodeRBdOjc5v7Y3aR6FC/gErEZ68BV+oiW2m6QTRgERJ+cVeiUjoWNXzO l09Fx5FOgKWr4CBqROaVFgmXE0MzYU8TPviVVqLUtiNBjYIrHu36jVkl7p20oyBAzp CgvW/Ch/zpydg== Date: Mon, 27 Sep 2021 23:27:07 -0700 From: Eric Biggers To: XiaokangQian Cc: Herbert Xu , "David S. Miller" , Catalin Marinas , Will Deacon , nd@arm.com, ardb@kernel.org, linux-crypto@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] crypto: arm64/gcm-ce - unroll factors to 4-way interleave of aes and ghash Message-ID: References: <20210923063027.166247-1-xiaokang.qian@arm.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20210923063027.166247-1-xiaokang.qian@arm.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210927_232710_182914_6A94BA23 X-CRM114-Status: GOOD ( 17.32 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Thu, Sep 23, 2021 at 06:30:25AM +0000, XiaokangQian wrote: > To improve performance on cores with deep piplines such as A72,N1, > implement gcm(aes) using a 4-way interleave of aes and ghash (totally > 8 blocks in parallel), which can make full utilize of pipelines rather > than the 4-way interleave we used currently. It can gain about 20% for > big data sizes such that 8k. > > This is a complete new version of the GCM part of the combined GCM/GHASH > driver, it will co-exist with the old driver, only serve for big data > sizes. Instead of interleaving four invocations of AES where each chunk > of 64 bytes is encrypted first and then ghashed, the new version uses a > more coarse grained approach where a chunk of 64 bytes is encrypted and > at the same time, one chunk of 64 bytes is ghashed (or ghashed and > decrypted in the converse case). > > The table below compares the performance of the old driver and the new > one on various micro-architectures and running in various modes with > various data sizes. > > | AES-128 | AES-192 | AES-256 | > #bytes | 1024 | 1420 | 8k | 1024 | 1420 | 8k | 1024 | 1420 | 8k | > -------+------+------+-----+------+------+-----+------+------+-----+ > A72 | 5.5% | 12% | 25% | 2.2% | 9.5%| 23%| -1% | 6.7%| 19% | > A57 |-0.5% | 9.3%| 32% | -3% | 6.3%| 26%| -6% | 3.3%| 21% | > N1 | 0.4% | 7.6%|24.5%| -2% | 5% | 22%| -4% | 2.7%| 20% | > > Signed-off-by: XiaokangQian Does this pass the self-tests, including the fuzz tests which are enabled by CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y? - Eric _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel