Re: [PATCH 2/3] [CRYPTO] Add optimized SHA-1 implementation for i486+

[Jeff Garzik]

Matt Mackall wrote:
> On Fri, Jun 08, 2007 at 05:42:53PM -0400, Benjamin Gilbert wrote:
> > Add x86-optimized implementation of the SHA-1 hash function, taken from
> > Nettle under the LGPL.  This code will be enabled on kernels compiled for
> > 486es or better; kernels which support 386es will use the generic
> > implementation (since we need BSWAP).
> >
> > We disable building lib/sha1.o when an optimized implementation is
> > available, as the library link order for x86 (and x86_64) would otherwise
> > ignore the optimized version.  The existing optimized implementation for ARM
> > does not do this; the library link order for that architecture appears to
> > favor the arch/arm/ version automatically.  I've left this situation alone
> > since I'm not familiar with the ARM code, but a !ARM condition could be
> > added to CONFIG_SHA1_GENERIC if it makes sense.
> >
> > The code has been tested with tcrypt and the NIST test vectors.
>
> Have you benchmarked this against lib/sha1.c? Please post the results.
> Until then, I'm frankly skeptical that your unrolled version is faster
> because when I introduced lib/sha1.c the rolled version therein won by
> a significant margin and had 1/10th the cache footprint.

Yes. And it also depends on the CPU as well.  Testing on a server-class 
x86 CPU (often with bigger L2, and perhaps even L1, cache) will produce 
different result than from popular but less-capable "value" CPUs.

	Jeff


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/