[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <ZiJPtK+cVWBXPn67@gondor.apana.org.au>
Date: Fri, 19 Apr 2024 19:04:20 +0800
From: Herbert Xu <herbert@...dor.apana.org.au>
To: Eric Biggers <ebiggers@...nel.org>
Cc: linux-crypto@...r.kernel.org, x86@...nel.org,
linux-kernel@...r.kernel.org, chang.seok.bae@...el.com
Subject: Re: [PATCH] crypto: x86/aes-xts - handle CTS encryption more
efficiently
Eric Biggers <ebiggers@...nel.org> wrote:
> From: Eric Biggers <ebiggers@...gle.com>
>
> When encrypting a message whose length isn't a multiple of 16 bytes,
> encrypt the last full block in the main loop. This works because only
> decryption uses the last two tweaks in reverse order, not encryption.
>
> This improves the performance of decrypting messages whose length isn't
> a multiple of the AES block length, shrinks the size of
> aes-xts-avx-x86_64.o by 5.0%, and eliminates two instructions (a test
> and a not-taken conditional jump) when encrypting a message whose length
> *is* a multiple of the AES block length.
>
> While it's not super useful to optimize for ciphertext stealing given
> that it's rarely needed in practice, the other two benefits mentioned
> above make this optimization worthwhile.
>
> Signed-off-by: Eric Biggers <ebiggers@...gle.com>
> ---
> arch/x86/crypto/aes-xts-avx-x86_64.S | 53 +++++++++++++++-------------
> 1 file changed, 29 insertions(+), 24 deletions(-)
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Powered by blists - more mailing lists