From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
"Jason A . Donenfeld" <Jason@zx2c4.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
linux-arm-kernel@lists.infradead.org, x86@kernel.org,
Eric Biggers <ebiggers@kernel.org>
Subject: [PATCH 0/9] POLYVAL library
Date: Sun, 9 Nov 2025 15:47:15 -0800 [thread overview]
Message-ID: <20251109234726.638437-1-ebiggers@kernel.org> (raw)
This series is targeting libcrypto-next. It can also be retrieved from:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git polyval-lib-v1
This series migrates the POLYVAL code to lib/crypto/. It turns out that
just like Poly1305, the library is a much better fit for it.
This series also replaces the generic implementation of POLYVAL with a
much better one.
Notably, this series improves the performance of HCTR2, since it
eliminates unnecessary overhead that was being incurred by accessing
POLYVAL via the crypto_shash API. I see a 45% increase in throughput
with 64-byte messages, 53% with 128-byte, or 6% with 4096-byte.
It also eliminates the need to explicitly enable the optimized POLYVAL
code, as it's now enabled automatically when HCTR2 support is enabled.
Eric Biggers (9):
crypto: polyval - Rename conflicting functions
lib/crypto: polyval: Add POLYVAL library
lib/crypto: tests: Add KUnit tests for POLYVAL
lib/crypto: arm64/polyval: Migrate optimized code into library
lib/crypto: x86/polyval: Migrate optimized code into library
crypto: hctr2 - Convert to use POLYVAL library
crypto: polyval - Remove the polyval crypto_shash
crypto: testmgr - Remove polyval tests
fscrypt: Drop obsolete recommendation to enable optimized POLYVAL
Documentation/filesystems/fscrypt.rst | 2 -
arch/arm64/crypto/Kconfig | 10 -
arch/arm64/crypto/Makefile | 3 -
arch/arm64/crypto/polyval-ce-glue.c | 158 ---------
arch/x86/crypto/Kconfig | 10 -
arch/x86/crypto/Makefile | 3 -
arch/x86/crypto/polyval-clmulni_glue.c | 180 ----------
crypto/Kconfig | 12 +-
crypto/Makefile | 1 -
crypto/hctr2.c | 226 ++++---------
crypto/polyval-generic.c | 205 ------------
crypto/tcrypt.c | 4 -
crypto/testmgr.c | 9 +-
crypto/testmgr.h | 171 ----------
include/crypto/polyval.h | 182 ++++++++++-
lib/crypto/Kconfig | 12 +
lib/crypto/Makefile | 10 +
.../crypto/arm64}/polyval-ce-core.S | 38 +--
lib/crypto/arm64/polyval.h | 82 +++++
lib/crypto/polyval.c | 307 ++++++++++++++++++
lib/crypto/tests/Kconfig | 9 +
lib/crypto/tests/Makefile | 1 +
lib/crypto/tests/polyval-testvecs.h | 186 +++++++++++
lib/crypto/tests/polyval_kunit.c | 223 +++++++++++++
.../crypto/x86/polyval-pclmul-avx.S | 40 ++-
lib/crypto/x86/polyval.h | 83 +++++
scripts/crypto/gen-hash-testvecs.py | 47 ++-
27 files changed, 1240 insertions(+), 974 deletions(-)
delete mode 100644 arch/arm64/crypto/polyval-ce-glue.c
delete mode 100644 arch/x86/crypto/polyval-clmulni_glue.c
delete mode 100644 crypto/polyval-generic.c
rename {arch/arm64/crypto => lib/crypto/arm64}/polyval-ce-core.S (92%)
create mode 100644 lib/crypto/arm64/polyval.h
create mode 100644 lib/crypto/polyval.c
create mode 100644 lib/crypto/tests/polyval-testvecs.h
create mode 100644 lib/crypto/tests/polyval_kunit.c
rename arch/x86/crypto/polyval-clmulni_asm.S => lib/crypto/x86/polyval-pclmul-avx.S (91%)
create mode 100644 lib/crypto/x86/polyval.h
base-commit: ce59a87d1cbd3fa075aba73efde946e61d5ef089
--
2.51.2
next reply other threads:[~2025-11-09 23:49 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-09 23:47 Eric Biggers [this message]
2025-11-09 23:47 ` [PATCH 1/9] crypto: polyval - Rename conflicting functions Eric Biggers
2025-11-09 23:47 ` [PATCH 2/9] lib/crypto: polyval: Add POLYVAL library Eric Biggers
2025-11-10 15:21 ` Ard Biesheuvel
2025-11-11 7:42 ` Ard Biesheuvel
2025-11-11 19:46 ` Eric Biggers
2025-11-12 10:32 ` Ard Biesheuvel
2025-11-09 23:47 ` [PATCH 3/9] lib/crypto: tests: Add KUnit tests for POLYVAL Eric Biggers
2025-11-09 23:47 ` [PATCH 4/9] lib/crypto: arm64/polyval: Migrate optimized code into library Eric Biggers
2025-11-09 23:47 ` [PATCH 5/9] lib/crypto: x86/polyval: " Eric Biggers
2025-11-09 23:47 ` [PATCH 6/9] crypto: hctr2 - Convert to use POLYVAL library Eric Biggers
2025-11-09 23:47 ` [PATCH 7/9] crypto: polyval - Remove the polyval crypto_shash Eric Biggers
2025-11-09 23:47 ` [PATCH 8/9] crypto: testmgr - Remove polyval tests Eric Biggers
2025-11-09 23:47 ` [PATCH 9/9] fscrypt: Drop obsolete recommendation to enable optimized POLYVAL Eric Biggers
2025-11-10 15:51 ` [PATCH 0/9] POLYVAL library Ard Biesheuvel
2025-11-11 19:28 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251109234726.638437-1-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=Jason@zx2c4.com \
--cc=ardb@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox