aboutsummaryrefslogtreecommitdiffstats
path: root/target
diff options
context:
space:
mode:
authorEneas U de Queiroz <cotequeiroz@gmail.com>2020-02-21 15:44:39 -0300
committerChristian Lamparter <chunkeey@gmail.com>2020-02-28 22:46:09 +0100
commitee4a0afdcdf0c11528d685efd64fb8f4b4efcbb1 (patch)
tree28c892a8d0c29bd29425491ce3e1c65147870dd8 /target
parent26681de412df956f154ae938dcc587065ed3973a (diff)
downloadupstream-ee4a0afdcdf0c11528d685efd64fb8f4b4efcbb1.tar.gz
upstream-ee4a0afdcdf0c11528d685efd64fb8f4b4efcbb1.tar.bz2
upstream-ee4a0afdcdf0c11528d685efd64fb8f4b4efcbb1.zip
ipq40xx: use neon crypto drivers
This adds the neon based implementations of AES & SHA256. For AES, according to the kernel config help: Use a faster and more secure NEON based implementation of AES in CBC, CTR and XTS modes. Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode and for XTS mode encryption, CBC and XTS mode decryption speedup is around 25%. (CBC encryption speed is not affected by this driver.) This implementation does not rely on any lookup tables so it is believed to be invulnerable to cache timing attacks. ... The observed speedups on ipq40xx are more modest: speedup is around 20% for CTR mode and for XTS mode encryption, CBC and XTS mode decryption speedup is around 10%. Measurements were made using tcrypt, with 1024-bytes blocks for CTR & CBC, and 4096-bytes for XTS. The aes-neon-bs driver uses a fallback for CBC encryption; that fallback could be either the generic driver written in C, or the scalar arm-asm one. Even though aes-arm is 1.9% slower, it is more resilient to timing attacks (the reason for being slower), so it is being included here. The neon sha256 module increases performance over the generic module by 33%. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> [Enable only ciphers for now, reorder patch in series to help bisect as new symbols could lead to build failures, 5.4] Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Diffstat (limited to 'target')
-rw-r--r--target/linux/ipq40xx/config-4.1912
-rw-r--r--target/linux/ipq40xx/config-5.412
2 files changed, 24 insertions, 0 deletions
diff --git a/target/linux/ipq40xx/config-4.19 b/target/linux/ipq40xx/config-4.19
index a28497aaec..f74ba5e152 100644
--- a/target/linux/ipq40xx/config-4.19
+++ b/target/linux/ipq40xx/config-4.19
@@ -47,6 +47,7 @@ CONFIG_ARM_ARCH_TIMER_EVTSTREAM=y
CONFIG_ARM_CPUIDLE=y
CONFIG_ARM_CPU_SUSPEND=y
# CONFIG_ARM_CPU_TOPOLOGY is not set
+CONFIG_ARM_CRYPTO=y
CONFIG_ARM_GIC=y
CONFIG_ARM_HAS_SG_CHAIN=y
CONFIG_ARM_L1_CACHE_SHIFT=6
@@ -114,17 +115,24 @@ CONFIG_CRC32_SLICEBY8=y
CONFIG_CRYPTO_ACOMP2=y
CONFIG_CRYPTO_AEAD=y
CONFIG_CRYPTO_AEAD2=y
+CONFIG_CRYPTO_AES_ARM=y
+CONFIG_CRYPTO_AES_ARM_BS=y
CONFIG_CRYPTO_CBC=y
CONFIG_CRYPTO_CTR=y
CONFIG_CRYPTO_DEFLATE=y
CONFIG_CRYPTO_DES=y
CONFIG_CRYPTO_DEV_QCE=y
+# CONFIG_CRYPTO_DEV_QCE_ENABLE_ALL is not set
+# CONFIG_CRYPTO_DEV_QCE_ENABLE_SHA is not set
+CONFIG_CRYPTO_DEV_QCE_ENABLE_SKCIPHER=y
+CONFIG_CRYPTO_DEV_QCE_SW_MAX_LEN=512
CONFIG_CRYPTO_DEV_QCOM_RNG=y
CONFIG_CRYPTO_DRBG=y
CONFIG_CRYPTO_DRBG_HMAC=y
CONFIG_CRYPTO_DRBG_MENU=y
CONFIG_CRYPTO_ECB=y
CONFIG_CRYPTO_GF128MUL=y
+# CONFIG_CRYPTO_GHASH_ARM_CE is not set
CONFIG_CRYPTO_HASH=y
CONFIG_CRYPTO_HASH2=y
CONFIG_CRYPTO_HMAC=y
@@ -139,7 +147,11 @@ CONFIG_CRYPTO_RNG=y
CONFIG_CRYPTO_RNG2=y
CONFIG_CRYPTO_RNG_DEFAULT=y
CONFIG_CRYPTO_SEQIV=y
+# CONFIG_CRYPTO_SHA1_ARM_CE is not set
+# CONFIG_CRYPTO_SHA1_ARM_NEON is not set
CONFIG_CRYPTO_SHA256=y
+CONFIG_CRYPTO_SHA256_ARM=y
+CONFIG_CRYPTO_SIMD=y
CONFIG_CRYPTO_WORKQUEUE=y
CONFIG_CRYPTO_XTS=y
CONFIG_DCACHE_WORD_ACCESS=y
diff --git a/target/linux/ipq40xx/config-5.4 b/target/linux/ipq40xx/config-5.4
index 6d9cd4edae..9d3ac78e44 100644
--- a/target/linux/ipq40xx/config-5.4
+++ b/target/linux/ipq40xx/config-5.4
@@ -58,6 +58,7 @@ CONFIG_ARM_ARCH_TIMER_EVTSTREAM=y
CONFIG_ARM_CPUIDLE=y
CONFIG_ARM_CPU_SUSPEND=y
# CONFIG_ARM_CPU_TOPOLOGY is not set
+CONFIG_ARM_CRYPTO=y
# CONFIG_ARM_ERRATA_814220 is not set
# CONFIG_ARM_ERRATA_857271 is not set
# CONFIG_ARM_ERRATA_857272 is not set
@@ -144,6 +145,8 @@ CONFIG_CRYPTO_ACOMP2=y
# CONFIG_CRYPTO_ADIANTUM is not set
CONFIG_CRYPTO_AEAD=y
CONFIG_CRYPTO_AEAD2=y
+CONFIG_CRYPTO_AES_ARM=y
+CONFIG_CRYPTO_AES_ARM_BS=y
CONFIG_CRYPTO_AKCIPHER2=y
CONFIG_CRYPTO_CBC=y
CONFIG_CRYPTO_CTR=y
@@ -151,6 +154,10 @@ CONFIG_CRYPTO_DEFLATE=y
CONFIG_CRYPTO_DES=y
# CONFIG_CRYPTO_DEV_ATMEL_SHA204A is not set
CONFIG_CRYPTO_DEV_QCE=y
+# CONFIG_CRYPTO_DEV_QCE_ENABLE_ALL is not set
+# CONFIG_CRYPTO_DEV_QCE_ENABLE_SHA is not set
+CONFIG_CRYPTO_DEV_QCE_ENABLE_SKCIPHER=y
+CONFIG_CRYPTO_DEV_QCE_SW_MAX_LEN=512
CONFIG_CRYPTO_DEV_QCOM_RNG=y
CONFIG_CRYPTO_DRBG=y
CONFIG_CRYPTO_DRBG_HMAC=y
@@ -158,6 +165,7 @@ CONFIG_CRYPTO_DRBG_MENU=y
CONFIG_CRYPTO_ECB=y
# CONFIG_CRYPTO_ECRDSA is not set
# CONFIG_CRYPTO_ESSIV is not set
+# CONFIG_CRYPTO_GHASH_ARM_CE is not set
CONFIG_CRYPTO_HASH=y
CONFIG_CRYPTO_HASH2=y
CONFIG_CRYPTO_HASH_INFO=y
@@ -177,8 +185,12 @@ CONFIG_CRYPTO_NULL2=y
CONFIG_CRYPTO_RNG=y
CONFIG_CRYPTO_RNG2=y
CONFIG_CRYPTO_RNG_DEFAULT=y
+# CONFIG_CRYPTO_SHA1_ARM_CE is not set
+# CONFIG_CRYPTO_SHA1_ARM_NEON is not set
CONFIG_CRYPTO_SEQIV=y
CONFIG_CRYPTO_SHA256=y
+CONFIG_CRYPTO_SHA256_ARM=y
+CONFIG_CRYPTO_SIMD=y
# CONFIG_CRYPTO_STREEBOG is not set
CONFIG_CRYPTO_XTS=y
# CONFIG_CRYPTO_XXHASH is not set