Enable adiantum crypto support

Hi,

it would be nice if the Adiantum cipher which is capable of performing much better on platforms without an AES co-processor could be enabled in the kernel. Also the nhpoly1305 neon accelerated module.

 CRYPTO_ADIANTUM n -> m
 CRYPTO_NHPOLY1305_NEON n -> m
+CRYPTO_NHPOLY1305 m

diff --git a/config b/config
index 0c058c9..269f0ff 100644
--- a/config
+++ b/config
@@ -1,6 +1,6 @@
 #
 # Automatically generated file; DO NOT EDIT.
-# Linux/arm64 5.10.0 Kernel Configuration
+# Linux/arm64 5.10.0-1 Kernel Configuration
 #
 CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.2.0"
 CONFIG_CC_IS_GCC=y
@@ -624,7 +624,7 @@ CONFIG_CRYPTO_AES_ARM64_CE_BLK=m
 CONFIG_CRYPTO_AES_ARM64_NEON_BLK=m
 CONFIG_CRYPTO_CHACHA20_NEON=m
 CONFIG_CRYPTO_POLY1305_NEON=m
-# CONFIG_CRYPTO_NHPOLY1305_NEON is not set
+CONFIG_CRYPTO_NHPOLY1305_NEON=m
 CONFIG_CRYPTO_AES_ARM64_BS=m
 
 #
@@ -7479,7 +7479,8 @@ CONFIG_CRYPTO_ECB=y
 # CONFIG_CRYPTO_PCBC is not set
 CONFIG_CRYPTO_XTS=y
 # CONFIG_CRYPTO_KEYWRAP is not set
-# CONFIG_CRYPTO_ADIANTUM is not set
+CONFIG_CRYPTO_NHPOLY1305=m
+CONFIG_CRYPTO_ADIANTUM=m
 CONFIG_CRYPTO_ESSIV=m
 
 #

Benchmarks:

Raspberry Pi 400:

`cryptsetup benchmark`

# Tests are approximate using memory only (no storage IO).
PBKDF2-sha1       542741 iterations per second for 256-bit key
PBKDF2-sha256     873813 iterations per second for 256-bit key
PBKDF2-sha512     689852 iterations per second for 256-bit key
PBKDF2-ripemd160  447344 iterations per second for 256-bit key
PBKDF2-whirlpool  167183 iterations per second for 256-bit key
argon2i       4 iterations, 286831 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
argon2id      4 iterations, 283163 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
#     Algorithm |       Key |      Encryption |      Decryption
        aes-cbc        128b        31.2 MiB/s       100.0 MiB/s
    serpent-cbc        128b               N/A               N/A
    twofish-cbc        128b        75.4 MiB/s        74.7 MiB/s
        aes-cbc        256b        22.8 MiB/s        76.4 MiB/s
    serpent-cbc        256b               N/A               N/A
    twofish-cbc        256b        75.1 MiB/s        74.6 MiB/s
        aes-xts        256b       110.0 MiB/s        97.2 MiB/s
    serpent-xts        256b               N/A               N/A
    twofish-xts        256b        82.5 MiB/s        80.1 MiB/s
        aes-xts        512b        85.1 MiB/s        74.7 MiB/s
    serpent-xts        512b               N/A               N/A
    twofish-xts        512b        82.5 MiB/s        80.2 MiB/s

`cryptsetup benchmark -c xchacha12,aes-adiantum`

# Tests are approximate using memory only (no storage IO).
#            Algorithm |       Key |      Encryption |      Decryption
xchacha12,aes-adiantum        256b       231.9 MiB/s       244.4 MiB/s

`cryptsetup benchmark -c xchacha20,aes-adiantum`

# Tests are approximate using memory only (no storage IO).
#            Algorithm |       Key |      Encryption |      Decryption
xchacha20,aes-adiantum        256b       203.1 MiB/s       205.8 MiB/s

As comparison here are benchmarks with my i7-2600K:

Intel i7-2600K:

`cryptsetup benchmark`

# Tests are approximate using memory only (no storage IO).
PBKDF2-sha1      1434440 iterations per second for 256-bit key
PBKDF2-sha256    1733183 iterations per second for 256-bit key
PBKDF2-sha512    1286596 iterations per second for 256-bit key
PBKDF2-ripemd160  775573 iterations per second for 256-bit key
PBKDF2-whirlpool  483660 iterations per second for 256-bit key
argon2i       6 iterations, 1048576 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
argon2id      6 iterations, 1048576 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
#     Algorithm |       Key |      Encryption |      Decryption
        aes-cbc        128b       665.6 MiB/s      2086.7 MiB/s
    serpent-cbc        128b        81.7 MiB/s       332.4 MiB/s
    twofish-cbc        128b       183.1 MiB/s       358.8 MiB/s
        aes-cbc        256b       499.4 MiB/s      1648.2 MiB/s
    serpent-cbc        256b        85.0 MiB/s       331.9 MiB/s
    twofish-cbc        256b       185.9 MiB/s       359.2 MiB/s
        aes-xts        256b      1461.2 MiB/s      1426.2 MiB/s
    serpent-xts        256b       343.0 MiB/s       328.4 MiB/s
    twofish-xts        256b       352.3 MiB/s       355.2 MiB/s
        aes-xts        512b      1229.4 MiB/s      1197.8 MiB/s
    serpent-xts        512b       344.1 MiB/s       327.3 MiB/s
    twofish-xts        512b       353.1 MiB/s       354.4 MiB/s

`cryptsetup benchmark -c xchacha12,aes-adiantum`

# Tests are approximate using memory only (no storage IO).
#            Algorithm |       Key |      Encryption |      Decryption
xchacha12,aes-adiantum        256b       976.2 MiB/s       980.6 MiB/s

`cryptsetup benchmark -c xchacha20,aes-adiantum`

# Tests are approximate using memory only (no storage IO).
#            Algorithm |       Key |      Encryption |      Decryption
xchacha20,aes-adiantum        256b       795.3 MiB/s       790.8 MiB/s

An encrypted volume with adiantum can be created for instance with:

# cryptsetup luksFormat -c xchacha20,aes-adiantum-plain64 -s 256 <device>

Admin message

Enable adiantum crypto support

Benchmarks:

Raspberry Pi 400:

cryptsetup benchmark

cryptsetup benchmark -c xchacha12,aes-adiantum

cryptsetup benchmark -c xchacha20,aes-adiantum

Intel i7-2600K:

cryptsetup benchmark

cryptsetup benchmark -c xchacha12,aes-adiantum

cryptsetup benchmark -c xchacha20,aes-adiantum

`cryptsetup benchmark`

`cryptsetup benchmark -c xchacha12,aes-adiantum`

`cryptsetup benchmark -c xchacha20,aes-adiantum`

`cryptsetup benchmark`

`cryptsetup benchmark -c xchacha12,aes-adiantum`

`cryptsetup benchmark -c xchacha20,aes-adiantum`