Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / mainline / linux / 3ad99c22cebee84034bc53e42f5115dbc97490e8
commit3ad99c22cebee84034bc53e42f5115dbc97490e8[log] [tgz]
authorArd Biesheuvel <ardb@kernel.org>Tue Nov 10 10:10:42 2020 +0100
committerHerbert Xu <herbert@gondor.apana.org.au>Fri Nov 20 14:45:32 2020 +1100
treeae5d8b21d02aab542d2040e79e69b9cb7ecf0301
parent5761498c4d074560b38a203000afc6e971ffaa7f [diff]
crypto: arm64/gcm - move authentication tag check to SIMD domain

Instead of copying the calculated authentication tag to memory and
calling crypto_memneq() to verify it, use vector bytewise compare and
min across vector instructions to decide whether the tag is valid. This
is more efficient, and given that the tag is only transiently held in a
NEON register, it is also safer, given that calculated tags for failed
decryptions should be withheld.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2 files changed
tree: ae5d8b21d02aab542d2040e79e69b9cb7ecf0301
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. LICENSES/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .clang-format
  24. .cocciconfig
  25. .get_maintainer.ignore
  26. .gitattributes
  27. .gitignore
  28. .mailmap
  29. COPYING
  30. CREDITS
  31. Kbuild
  32. Kconfig
  33. MAINTAINERS
  34. Makefile
  35. README