1012c8238SEric Biggers // SPDX-License-Identifier: GPL-2.0 2012c8238SEric Biggers /* 3012c8238SEric Biggers * NHPoly1305 - ε-almost-∆-universal hash function for Adiantum 4012c8238SEric Biggers * (SSE2 accelerated version) 5012c8238SEric Biggers * 6012c8238SEric Biggers * Copyright 2018 Google LLC 7012c8238SEric Biggers */ 8012c8238SEric Biggers 9012c8238SEric Biggers #include <crypto/internal/hash.h> 10f2abe0d7SEric Biggers #include <crypto/internal/simd.h> 11012c8238SEric Biggers #include <crypto/nhpoly1305.h> 12012c8238SEric Biggers #include <linux/module.h> 130c3dc787SHerbert Xu #include <linux/sizes.h> 14f2abe0d7SEric Biggers #include <asm/simd.h> 15012c8238SEric Biggers 16012c8238SEric Biggers asmlinkage void nh_sse2(const u32 *key, const u8 *message, size_t message_len, 17*0f8bc4bdSEric Biggers __le64 hash[NH_NUM_PASSES]); 18012c8238SEric Biggers 19012c8238SEric Biggers static int nhpoly1305_sse2_update(struct shash_desc *desc, 20012c8238SEric Biggers const u8 *src, unsigned int srclen) 21012c8238SEric Biggers { 22f2abe0d7SEric Biggers if (srclen < 64 || !crypto_simd_usable()) 23012c8238SEric Biggers return crypto_nhpoly1305_update(desc, src, srclen); 24012c8238SEric Biggers 25012c8238SEric Biggers do { 26a9a8ba90SJason A. Donenfeld unsigned int n = min_t(unsigned int, srclen, SZ_4K); 27012c8238SEric Biggers 28012c8238SEric Biggers kernel_fpu_begin(); 29*0f8bc4bdSEric Biggers crypto_nhpoly1305_update_helper(desc, src, n, nh_sse2); 30012c8238SEric Biggers kernel_fpu_end(); 31012c8238SEric Biggers src += n; 32012c8238SEric Biggers srclen -= n; 33012c8238SEric Biggers } while (srclen); 34012c8238SEric Biggers return 0; 35012c8238SEric Biggers } 36012c8238SEric Biggers 37012c8238SEric Biggers static struct shash_alg nhpoly1305_alg = { 38012c8238SEric Biggers .base.cra_name = "nhpoly1305", 39012c8238SEric Biggers .base.cra_driver_name = "nhpoly1305-sse2", 40012c8238SEric Biggers .base.cra_priority = 200, 41012c8238SEric Biggers .base.cra_ctxsize = sizeof(struct nhpoly1305_key), 42012c8238SEric Biggers .base.cra_module = THIS_MODULE, 43012c8238SEric Biggers .digestsize = POLY1305_DIGEST_SIZE, 44012c8238SEric Biggers .init = crypto_nhpoly1305_init, 45012c8238SEric Biggers .update = nhpoly1305_sse2_update, 46012c8238SEric Biggers .final = crypto_nhpoly1305_final, 47012c8238SEric Biggers .setkey = crypto_nhpoly1305_setkey, 48012c8238SEric Biggers .descsize = sizeof(struct nhpoly1305_state), 49012c8238SEric Biggers }; 50012c8238SEric Biggers 51012c8238SEric Biggers static int __init nhpoly1305_mod_init(void) 52012c8238SEric Biggers { 53012c8238SEric Biggers if (!boot_cpu_has(X86_FEATURE_XMM2)) 54012c8238SEric Biggers return -ENODEV; 55012c8238SEric Biggers 56012c8238SEric Biggers return crypto_register_shash(&nhpoly1305_alg); 57012c8238SEric Biggers } 58012c8238SEric Biggers 59012c8238SEric Biggers static void __exit nhpoly1305_mod_exit(void) 60012c8238SEric Biggers { 61012c8238SEric Biggers crypto_unregister_shash(&nhpoly1305_alg); 62012c8238SEric Biggers } 63012c8238SEric Biggers 64012c8238SEric Biggers module_init(nhpoly1305_mod_init); 65012c8238SEric Biggers module_exit(nhpoly1305_mod_exit); 66012c8238SEric Biggers 67012c8238SEric Biggers MODULE_DESCRIPTION("NHPoly1305 ε-almost-∆-universal hash function (SSE2-accelerated)"); 68012c8238SEric Biggers MODULE_LICENSE("GPL v2"); 69012c8238SEric Biggers MODULE_AUTHOR("Eric Biggers <ebiggers@google.com>"); 70012c8238SEric Biggers MODULE_ALIAS_CRYPTO("nhpoly1305"); 71012c8238SEric Biggers MODULE_ALIAS_CRYPTO("nhpoly1305-sse2"); 72