d049b1f2 | 14-Mar-2019 |
Richard Henderson <richard.henderson@linaro.org> |
crypto: Change the qcrypto_random_bytes buffer type to void*
Using uint8_t* merely requires useless casts for use with other types to be filled with randomness.
Reviewed-by: Laurent Vivier <lvivier
crypto: Change the qcrypto_random_bytes buffer type to void*
Using uint8_t* merely requires useless casts for use with other types to be filled with randomness.
Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
show more ...
|
db1ed1ab | 14-Mar-2019 |
Richard Henderson <richard.henderson@linaro.org> |
crypto: Use getrandom for qcrypto_random_bytes
Prefer it to direct use of /dev/urandom.
Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed
crypto: Use getrandom for qcrypto_random_bytes
Prefer it to direct use of /dev/urandom.
Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
show more ...
|
e9979ca6 | 14-Mar-2019 |
Richard Henderson <richard.henderson@linaro.org> |
crypto: Use O_CLOEXEC in qcrypto_random_init
Avoids leaking the /dev/urandom fd into any child processes.
Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philm
crypto: Use O_CLOEXEC in qcrypto_random_init
Avoids leaking the /dev/urandom fd into any child processes.
Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
show more ...
|
25fb26e4 | 14-Mar-2019 |
Richard Henderson <richard.henderson@linaro.org> |
crypto: Do not fail for EINTR during qcrypto_random_bytes
We can always get EINTR for read; /dev/urandom is no exception.
Rearrange the order of tests for likelihood; allow degenerate buflen==0 cas
crypto: Do not fail for EINTR during qcrypto_random_bytes
We can always get EINTR for read; /dev/urandom is no exception.
Rearrange the order of tests for likelihood; allow degenerate buflen==0 case to perform a no-op zero-length read. This means that the normal success path is a straight line with a single test for success.
Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
show more ...
|
14a356f4 | 14-Mar-2019 |
Richard Henderson <richard.henderson@linaro.org> |
crypto: Reverse code blocks in random-platform.c
Use #ifdef _WIN32 instead of #ifndef _WIN32. This will make other tests easier to sequence.
Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewe
crypto: Reverse code blocks in random-platform.c
Use #ifdef _WIN32 instead of #ifndef _WIN32. This will make other tests easier to sequence.
Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
show more ...
|
c972fa12 | 07-Dec-2018 |
Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> |
crypto: support multiple threads accessing one QCryptoBlock
The two thing that should be handled are cipher and ivgen. For ivgen the solution is just mutex, as iv calculations should not be long in
crypto: support multiple threads accessing one QCryptoBlock
The two thing that should be handled are cipher and ivgen. For ivgen the solution is just mutex, as iv calculations should not be long in comparison with encryption/decryption. And for cipher let's just keep per-thread ciphers.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
0f0d596c | 07-Dec-2018 |
Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> |
crypto/block: introduce qcrypto_block_*crypt_helper functions
Introduce QCryptoBlock-based functions and use them where possible. This is needed to implement thread-safe encrypt/decrypt operations.
crypto/block: introduce qcrypto_block_*crypt_helper functions
Introduce QCryptoBlock-based functions and use them where possible. This is needed to implement thread-safe encrypt/decrypt operations.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
0270417c | 07-Dec-2018 |
Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> |
crypto/block: rename qcrypto_block_*crypt_helper
Rename qcrypto_block_*crypt_helper to qcrypto_block_cipher_*crypt_helper, as it's not about QCryptoBlock. This is needed to introduce qcrypto_block_*
crypto/block: rename qcrypto_block_*crypt_helper
Rename qcrypto_block_*crypt_helper to qcrypto_block_cipher_*crypt_helper, as it's not about QCryptoBlock. This is needed to introduce qcrypto_block_*crypt_helper in the next commit, which will have QCryptoBlock pointer and than will be able to use additional fields of it, which in turn will be used to implement thread-safe QCryptoBlock operations.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
1dc57b60 | 07-Dec-2018 |
Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> |
crypto/block: refactor qcrypto_block_*crypt_helper functions
qcrypto_block_encrypt_helper and qcrypto_block_decrypt_helper are almost identical, let's reduce code duplication and simplify further im
crypto/block: refactor qcrypto_block_*crypt_helper functions
qcrypto_block_encrypt_helper and qcrypto_block_decrypt_helper are almost identical, let's reduce code duplication and simplify further improvements.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
aa895bd4 | 09-Oct-2018 |
Daniel P. Berrangé <berrange@redhat.com> |
crypto: annotate xts_tweak_encdec as inlineable
Encouraging the compiler to inline xts_tweak_encdec increases the performance for xts-aes-128 when built with gcrypt:
Encrypt: 545 MB/s -> 580 MB/s
crypto: annotate xts_tweak_encdec as inlineable
Encouraging the compiler to inline xts_tweak_encdec increases the performance for xts-aes-128 when built with gcrypt:
Encrypt: 545 MB/s -> 580 MB/s Decrypt: 568 MB/s -> 602 MB/s
Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
7dac0dd6 | 09-Oct-2018 |
Daniel P. Berrangé <berrange@redhat.com> |
crypto: convert xts_mult_x to use xts_uint128 type
Using 64-bit arithmetic increases the performance for xts-aes-128 when built with gcrypt:
Encrypt: 355 MB/s -> 545 MB/s Decrypt: 362 MB/s -> 5
crypto: convert xts_mult_x to use xts_uint128 type
Using 64-bit arithmetic increases the performance for xts-aes-128 when built with gcrypt:
Encrypt: 355 MB/s -> 545 MB/s Decrypt: 362 MB/s -> 568 MB/s
Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
db217c69 | 09-Oct-2018 |
Daniel P. Berrangé <berrange@redhat.com> |
crypto: convert xts_tweak_encdec to use xts_uint128 type
Using 64-bit arithmetic increases the performance for xts-aes-128 when built with gcrypt:
Encrypt: 272 MB/s -> 355 MB/s Decrypt: 275 MB/
crypto: convert xts_tweak_encdec to use xts_uint128 type
Using 64-bit arithmetic increases the performance for xts-aes-128 when built with gcrypt:
Encrypt: 272 MB/s -> 355 MB/s Decrypt: 275 MB/s -> 362 MB/s
Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
cc36930e | 09-Oct-2018 |
Daniel P. Berrangé <berrange@redhat.com> |
crypto: introduce a xts_uint128 data type
The new type is designed to allow use of 64-bit arithmetic instead of operating 1-byte at a time. The following patches will use this to improve performance
crypto: introduce a xts_uint128 data type
The new type is designed to allow use of 64-bit arithmetic instead of operating 1-byte at a time. The following patches will use this to improve performance.
Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|