diff options
| author | Attila Fülöp <[email protected]> | 2020-10-30 23:24:21 +0100 |
|---|---|---|
| committer | GitHub <[email protected]> | 2020-10-30 15:24:21 -0700 |
| commit | e8beeaa1116cc771360a24c9c1f9e6f47ced0e28 (patch) | |
| tree | 2abe313d9fa753ef2ade6a19781641841d3b0c86 /module/icp/asm-x86_64 | |
| parent | d9655c5b3723abc21dc2915e8d6aecf22d842527 (diff) | |
ICP: gcm: Allocate hash subkey table separately
While evaluating other assembler implementations it turns out that
the precomputed hash subkey tables vary in size, from 8*16 bytes
(avx2/avx512) up to 48*16 bytes (avx512-vaes), depending on the
implementation.
To be able to handle the size differences later, allocate
`gcm_Htable` dynamically rather then having a fixed size array, and
adapt consumers.
Reviewed-by: Brian Behlendorf <[email protected]>
Signed-off-by: Attila Fülöp <[email protected]>
Closes #11102
Diffstat (limited to 'module/icp/asm-x86_64')
| -rw-r--r-- | module/icp/asm-x86_64/modes/aesni-gcm-x86_64.S | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/module/icp/asm-x86_64/modes/aesni-gcm-x86_64.S b/module/icp/asm-x86_64/modes/aesni-gcm-x86_64.S index 4e0525572..dc71ae2c1 100644 --- a/module/icp/asm-x86_64/modes/aesni-gcm-x86_64.S +++ b/module/icp/asm-x86_64/modes/aesni-gcm-x86_64.S @@ -718,6 +718,8 @@ aesni_gcm_decrypt: .cfi_offset %r14,-48 pushq %r15 .cfi_offset %r15,-56 + pushq %r9 +.cfi_offset %r9,-64 vzeroupper vmovdqu (%r8),%xmm1 @@ -730,7 +732,8 @@ aesni_gcm_decrypt: andq $-128,%rsp vmovdqu (%r11),%xmm0 leaq 128(%rcx),%rcx - leaq 32+32(%r9),%r9 + movq 32(%r9),%r9 + leaq 32(%r9),%r9 movl 504-128(%rcx),%ebp // ICP has a larger offset for rounds. vpshufb %xmm0,%xmm8,%xmm8 @@ -786,7 +789,9 @@ aesni_gcm_decrypt: vmovups %xmm14,-16(%rsi) vpshufb (%r11),%xmm8,%xmm8 - vmovdqu %xmm8,-64(%r9) + movq -56(%rax),%r9 +.cfi_restore %r9 + vmovdqu %xmm8,(%r9) vzeroupper movq -48(%rax),%r15 @@ -924,6 +929,8 @@ aesni_gcm_encrypt: .cfi_offset %r14,-48 pushq %r15 .cfi_offset %r15,-56 + pushq %r9 +.cfi_offset %r9,-64 vzeroupper vmovdqu (%r8),%xmm1 @@ -966,7 +973,8 @@ aesni_gcm_encrypt: call _aesni_ctr32_6x vmovdqu (%r9),%xmm8 - leaq 32+32(%r9),%r9 + movq 32(%r9),%r9 + leaq 32(%r9),%r9 subq $12,%rdx movq $192,%r10 vpshufb %xmm0,%xmm8,%xmm8 @@ -1157,7 +1165,9 @@ aesni_gcm_encrypt: vpxor %xmm7,%xmm2,%xmm2 vpxor %xmm2,%xmm8,%xmm8 vpshufb (%r11),%xmm8,%xmm8 - vmovdqu %xmm8,-64(%r9) + movq -56(%rax),%r9 +.cfi_restore %r9 + vmovdqu %xmm8,(%r9) vzeroupper movq -48(%rax),%r15 |