Page MenuHomeFreeBSD

armv8crypto: add AES-XTS support
Needs ReviewPublic

Authored by on Jul 21 2019, 7:19 PM.



Straightforward(ish) port from aesni, without unrolling (block8).

Quick speed test: dd if=/dev/zero of=/dev/md0.eli bs=1m reports ~385 MB/s instead of ~60 MB/s on a Cortex-A72 @ 2GHz (Marvell Armada8k).

Test Plan

Tested with opencrypto tests. (D21018 enables them on aarch64)

Diff Detail

rS FreeBSD src repository
Lint Skipped
Unit Tests Skipped

Event Timeline

manu added inline comments.

Why did you change the argument here ?
You have the key and the key length in the struct cryptoini


Look at the calls — in the CRD_F_KEY_EXPLICIT case, instead of cryptoini, we have cryptodesc. This is how aesni deals with this. edited the summary of this revision. (Show Details)

Rebased on top of the crypto rework that just landed (D23677). Implemented crp->crp_cipher_key handling.

I'm sorry that this is taking a while to get reviewed. I'd like to help get it in. Would be willing to rebase the patch and re-upload? It doesn't apply for me.

Looks fine. You should look at unrolling the loop to 3 or 4 rounds. Looking at the A72 optimization guide, it shows that there is a 3 cycle latency, but throughput of 1. Section 4.10 gives example showing three pairs to achieve max perf.

A72 opt guide:

It would also be good to test with 'cryptocheck -a all -d armv8crypto0 -z' though the NIST KAT are probably sufficient coverage already for XTS.