Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Merge crypto tree as it has cherry-picked the ror64 patch from cryptodev.

1 files changed, 24 insertions, 22 deletions

diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c
index 20df86f51406..107f6f7be5e1 100644
--- a/crypto/sha512_generic.c
+++ b/crypto/sha512_generic.c
@@ -21,8 +21,6 @@
 #include <linux/percpu.h>
 #include <asm/byteorder.h>
 
-static DEFINE_PER_CPU(u64[80], msg_schedule);
-
 static inline u64 Ch(u64 x, u64 y, u64 z)
 {
         return z ^ (x & (y ^ z));
@@ -75,7 +73,7 @@ static inline void LOAD_OP(int I, u64 *W, const u8 *input)
 
 static inline void BLEND_OP(int I, u64 *W)
 {
-        W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16];
+        W[I & 15] += s1(W[(I-2) & 15]) + W[(I-7) & 15] + s0(W[(I-15) & 15]);
 }
 
 static void
@@ -84,15 +82,7 @@ sha512_transform(u64 *state, const u8 *input)
         u64 a, b, c, d, e, f, g, h, t1, t2;
 
         int i;
-        u64 *W = get_cpu_var(msg_schedule);
-
-        /* load the input */
-        for (i = 0; i < 16; i++)
-                LOAD_OP(i, W, input);
-
-        for (i = 16; i < 80; i++) {
-                BLEND_OP(i, W);
-        }
+        u64 W[16];
 
         /* load the state into our registers */
         a=state[0];   b=state[1];   c=state[2];   d=state[3];
@@ -100,21 +90,35 @@ sha512_transform(u64 *state, const u8 *input)
 
         /* now iterate */
         for (i=0; i<80; i+=8) {
-                t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i  ] + W[i  ];
+                if (!(i & 8)) {
+                        int j;
+
+                        if (i < 16) {
+                                /* load the input */
+                                for (j = 0; j < 16; j++)
+                                        LOAD_OP(i + j, W, input);
+                        } else {
+                                for (j = 0; j < 16; j++) {
+                                        BLEND_OP(i + j, W);
+                                }
+                        }
+                }
+
+                t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i  ] + W[(i & 15)];
                 t2 = e0(a) + Maj(a,b,c);    d+=t1;    h=t1+t2;
-                t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[i+1];
+                t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[(i & 15) + 1];
                 t2 = e0(h) + Maj(h,a,b);    c+=t1;    g=t1+t2;
-                t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[i+2];
+                t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[(i & 15) + 2];
                 t2 = e0(g) + Maj(g,h,a);    b+=t1;    f=t1+t2;
-                t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[i+3];
+                t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[(i & 15) + 3];
                 t2 = e0(f) + Maj(f,g,h);    a+=t1;    e=t1+t2;
-                t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[i+4];
+                t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[(i & 15) + 4];
                 t2 = e0(e) + Maj(e,f,g);    h+=t1;    d=t1+t2;
-                t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[i+5];
+                t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[(i & 15) + 5];
                 t2 = e0(d) + Maj(d,e,f);    g+=t1;    c=t1+t2;
-                t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[i+6];
+                t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[(i & 15) + 6];
                 t2 = e0(c) + Maj(c,d,e);    f+=t1;    b=t1+t2;
-                t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[i+7];
+                t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[(i & 15) + 7];
                 t2 = e0(b) + Maj(b,c,d);    e+=t1;    a=t1+t2;
         }
 
@@ -123,8 +127,6 @@ sha512_transform(u64 *state, const u8 *input)
 
         /* erase our data */
         a = b = c = d = e = f = g = h = t1 = t2 = 0;
-        memset(W, 0, sizeof(__get_cpu_var(msg_schedule)));
-        put_cpu_var(msg_schedule);
 }
 
 static int