lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Jan 2022 19:26:03 +0100 From: "Jason A. Donenfeld" <Jason@...c4.com> To: David Laight <David.Laight@...lab.com> Cc: Geert Uytterhoeven <geert@...ux-m68k.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Theodore Tso <tytso@....edu>, Greg KH <gregkh@...uxfoundation.org>, Jean-Philippe Aumasson <jeanphilippe.aumasson@...il.com> Subject: Re: [PATCH v2 2/2] random: use BLAKE2s instead of SHA1 in extraction On Tue, Jan 11, 2022 at 4:47 PM David Laight <David.Laight@...lab.com> wrote: > > - int i; > > + int i, j; > > Use unsigned int i, j; > Ensures the '% 4' are done as '& 3' and the divides as shifts. > Unless the compiler manages to track the valid values that will > even generate better code on x86-64. > (Saves a sign extension prior to the array indexes.) Ack. > I think I'd look at doing [0..3] then [4..7] to save execution time. I actually wound up making the same change to sha1 instead of blake2s for v2 of this, and achieved pretty similar results, but I think that's more satisfactory of a conclusion. v2 is here: https://lore.kernel.org/linux-crypto/20220111181037.632969-1-Jason@zx2c4.com/T/#u Jason
Powered by blists - more mailing lists