[S390x] Optimize GHASH
This patch optimizes GHASH algorithm for S390x architecture.
Benchmark of AES-GCM mode functions measured by cycles per byte when message-security-assist is enabled (KM-AES and KIMD-GHASH are used to optimize AES-GCM mode).
| Function | C (CPB) | Hardware accelerated (CPB) |
|---|---|---|
| GCM-AES128 Encrypt | 33.8 | 6.8 |
| GCM-AES128 Decrypt | 34.0 | 5.0 |
| GCM-AES128 Update | 11.6 | 0.4 |
| GCM-AES192 Encrypt | 38.4 | 6.8 |
| GCM-AES192 Decrypt | 39.1 | 5.0 |
| GCM-AES192 Update | 11.6 | 0.4 |
| GCM-AES256 Encrypt | 41.7 | 6.6 |
| GCM-AES256 Decrypt | 41.7 | 4.6 |
| GCM-AES256 Update | 11.5 | 0.4 |