[PATCH v7 7/9] crypto: x86/polyval: Add PCLMULQDQ accelerated implementation of POLYVAL
Eric Biggers
ebiggers at kernel.org
Mon May 9 14:44:12 PDT 2022
On Mon, May 09, 2022 at 07:11:05PM +0000, Nathan Huckleberry wrote:
> diff --git a/arch/x86/crypto/polyval-clmulni_asm.S b/arch/x86/crypto/polyval-clmulni_asm.S
[...]
> +/*
> + * Computes the product of two 128-bit polynomials at the memory locations
> + * specified by (MSG + 16*i) and (KEY_POWERS + 16*i) and XORs the components of
> + * the 256-bit product into LO, MI, HI.
> + *
> + * Given:
> + * X = [X_1 : X_0]
> + * Y = [Y_1 : Y_0]
> + *
> + * We compute:
> + * LO += X_0 * Y_0
> + * MI += (X_0 + X_1) * (Y_0 + Y_1)
> + * HI += X_1 * Y_1
The above comment (changed in v7) is describing Karatsuba multiplication, but
the actual code is using schoolbook multiplication.
Otherwise this looks good:
Reviewed-by: Eric Biggers <ebiggers at google.com>
- Eric
More information about the linux-arm-kernel
mailing list