While testing against a large test vector, I discovered that my previous patch have a serious bug: I’ve switched the source and destination buffers around when calling salsa20_encrypt_bytes()! It doesn’t show up against small test vectors because in those cases, blkcipher_walk-ing typically uses the same buffer as source and destination. It is usually when we are near a page boundary that source and destination points to different buffers and then the bug becomes apparent. A patch has been submitted.
Sebastian Siewior also commented that I left too many comments in the assembly code. I explained that I wanted to make it easy for others to verify that I did not tamper with Bernstein’s code using “diff -b“. But alas, diff was confused by my removal of some of the global labels and so “diff -b” did not work for this purpose. That being the case, I decided that “diff -b” was not a good idea and rewrote my indent.py script to remove the extraneous comments and functions. If you are interested to verify that I did not tamper with the code, you should study the indent.py script instead.