From patchwork Sat Jun 3 02:33:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266017 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5B1F5C77B7A for ; Sat, 3 Jun 2023 02:36:06 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H6I-0000Mg-7m; Fri, 02 Jun 2023 22:34:43 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6C-0000JW-BG for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:36 -0400 Received: from mail-ot1-x330.google.com ([2607:f8b0:4864:20::330]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H66-0004gz-9t for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:35 -0400 Received: by mail-ot1-x330.google.com with SMTP id 46e09a7af769-6af6b5cf489so2492725a34.3 for ; Fri, 02 Jun 2023 19:34:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759669; x=1688351669; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=L5wqOoQks7HDhH7GCCs9AvAc2AHNy+NlZH1p8dHBt8Y=; b=kyJy7OZLyshE3nRh49YTnwzqrkK74Eppi6+SHXOD1mGR44EM1IcE/xpojR63ugk5Tn QjoCQyLfMijUuyD0/1pyO42702YJL5bPYBU8bYugYbogaj4DZgPF4hm980yrmOuByA3F ZhGJ4EoPmeT4niTK3xqNzf5Lic38HCpUgtexv1uciHsePfMMyOgwkBBAEAHMUhfj7IS/ LmemrmM3wKaCjYgpkvkCzgRjHNjr6zpcmZHX1nLC9DutQbkfdl7ns5oAszDvuCzKGguQ D0uz4DXeSxJ8rOajaZt6z6ZugKm/62lGzT41CrlGY+DuSlE4/JfQU8WyA4QPuNsTHzY2 +jyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759669; x=1688351669; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=L5wqOoQks7HDhH7GCCs9AvAc2AHNy+NlZH1p8dHBt8Y=; b=lPz9vjUWUBJViGSK6V6JZBu16A1q4JD22qghv/O+OAaNjdw0T6pMQlY18geV+BKBBz mLBwXH0oemBLg5aT3ObLiyHLPKFOn8HZuV6cmqd0tU20jYLo0bqi2qyr0vXlLAieUTfu 5b5/LxCkZfCpVg8How69D/pgnj1IW8hRHC60t8V9RpK0Kdm8ShWZEqedQPlUxUcHvZTT 59wx4nl2ZWnsAn0Zec4kRvpPprw2r75NJDDPshlwcNDQcPWEyatm4zNXpuf7ManYHES6 WhwboXzbPMJRMIsSe40ZY7sV288C+9Oq41H4kJOi4wEn38kH/dp9r7nhExMpFZQo9K6a k78A== X-Gm-Message-State: AC+VfDyOCCz3l+wNB695Ez+61r0PusQW+RhKeso/70SpvtyqBAiHskq2 ZuVPnrUOPSZ90LcK1ruXz21cg/N0Dw7Dxs7BsOs= X-Google-Smtp-Source: ACHHUZ6gl+E7npNW/2eEllUSR4XVQugZhmf+TF/LgTLQWaH6jv8QjATJpubC/Cr40C9/27GEVzMbCA== X-Received: by 2002:a05:6358:b501:b0:127:f114:2d36 with SMTP id de1-20020a056358b50100b00127f1142d36mr3228322rwb.14.1685759668714; Fri, 02 Jun 2023 19:34:28 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:28 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 01/35] tests/multiarch: Add test-aes Date: Fri, 2 Jun 2023 19:33:52 -0700 Message-Id: <20230603023426.1064431-2-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::330; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x330.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Use a shared driver and backends for i386, aarch64, ppc64, riscv64. Signed-off-by: Richard Henderson --- tests/tcg/aarch64/test-aes.c | 58 ++++++++ tests/tcg/i386/test-aes.c | 68 +++++++++ tests/tcg/ppc64/test-aes.c | 116 +++++++++++++++ tests/tcg/riscv64/test-aes.c | 76 ++++++++++ tests/tcg/multiarch/test-aes-main.c.inc | 183 ++++++++++++++++++++++++ tests/tcg/aarch64/Makefile.target | 4 + tests/tcg/i386/Makefile.target | 4 + tests/tcg/ppc64/Makefile.target | 1 + tests/tcg/riscv64/Makefile.target | 4 + 9 files changed, 514 insertions(+) create mode 100644 tests/tcg/aarch64/test-aes.c create mode 100644 tests/tcg/i386/test-aes.c create mode 100644 tests/tcg/ppc64/test-aes.c create mode 100644 tests/tcg/riscv64/test-aes.c create mode 100644 tests/tcg/multiarch/test-aes-main.c.inc diff --git a/tests/tcg/aarch64/test-aes.c b/tests/tcg/aarch64/test-aes.c new file mode 100644 index 0000000000..2cd324f09b --- /dev/null +++ b/tests/tcg/aarch64/test-aes.c @@ -0,0 +1,58 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ + +#include "../multiarch/test-aes-main.c.inc" + +bool test_SB_SR(uint8_t *o, const uint8_t *i) +{ + /* aese also adds round key, so supply zero. */ + asm("ld1 { v0.16b }, [%1]\n\t" + "movi v1.16b, #0\n\t" + "aese v0.16b, v1.16b\n\t" + "st1 { v0.16b }, [%0]" + : : "r"(o), "r"(i) : "v0", "v1", "memory"); + return true; +} + +bool test_MC(uint8_t *o, const uint8_t *i) +{ + asm("ld1 { v0.16b }, [%1]\n\t" + "aesmc v0.16b, v0.16b\n\t" + "st1 { v0.16b }, [%0]" + : : "r"(o), "r"(i) : "v0", "memory"); + return true; +} + +bool test_SB_SR_MC_AK(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + return false; +} + +bool test_ISB_ISR(uint8_t *o, const uint8_t *i) +{ + /* aesd also adds round key, so supply zero. */ + asm("ld1 { v0.16b }, [%1]\n\t" + "movi v1.16b, #0\n\t" + "aesd v0.16b, v1.16b\n\t" + "st1 { v0.16b }, [%0]" + : : "r"(o), "r"(i) : "v0", "v1", "memory"); + return true; +} + +bool test_IMC(uint8_t *o, const uint8_t *i) +{ + asm("ld1 { v0.16b }, [%1]\n\t" + "aesimc v0.16b, v0.16b\n\t" + "st1 { v0.16b }, [%0]" + : : "r"(o), "r"(i) : "v0", "memory"); + return true; +} + +bool test_ISB_ISR_AK_IMC(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + return false; +} + +bool test_ISB_ISR_IMC_AK(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + return false; +} diff --git a/tests/tcg/i386/test-aes.c b/tests/tcg/i386/test-aes.c new file mode 100644 index 0000000000..199395e6cc --- /dev/null +++ b/tests/tcg/i386/test-aes.c @@ -0,0 +1,68 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ + +#include "../multiarch/test-aes-main.c.inc" +#include + +static bool test_SB_SR(uint8_t *o, const uint8_t *i) +{ + __m128i vi = _mm_loadu_si128((const __m128i_u *)i); + + /* aesenclast also adds round key, so supply zero. */ + vi = _mm_aesenclast_si128(vi, _mm_setzero_si128()); + + _mm_storeu_si128((__m128i_u *)o, vi); + return true; +} + +static bool test_MC(uint8_t *o, const uint8_t *i) +{ + return false; +} + +static bool test_SB_SR_MC_AK(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + __m128i vi = _mm_loadu_si128((const __m128i_u *)i); + __m128i vk = _mm_loadu_si128((const __m128i_u *)k); + + vi = _mm_aesenc_si128(vi, vk); + + _mm_storeu_si128((__m128i_u *)o, vi); + return true; +} + +static bool test_ISB_ISR(uint8_t *o, const uint8_t *i) +{ + __m128i vi = _mm_loadu_si128((const __m128i_u *)i); + + /* aesdeclast also adds round key, so supply zero. */ + vi = _mm_aesdeclast_si128(vi, _mm_setzero_si128()); + + _mm_storeu_si128((__m128i_u *)o, vi); + return true; +} + +static bool test_IMC(uint8_t *o, const uint8_t *i) +{ + __m128i vi = _mm_loadu_si128((const __m128i_u *)i); + + vi = _mm_aesimc_si128(vi); + + _mm_storeu_si128((__m128i_u *)o, vi); + return true; +} + +static bool test_ISB_ISR_AK_IMC(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + return false; +} + +static bool test_ISB_ISR_IMC_AK(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + __m128i vi = _mm_loadu_si128((const __m128i_u *)i); + __m128i vk = _mm_loadu_si128((const __m128i_u *)k); + + vi = _mm_aesdec_si128(vi, vk); + + _mm_storeu_si128((__m128i_u *)o, vi); + return true; +} diff --git a/tests/tcg/ppc64/test-aes.c b/tests/tcg/ppc64/test-aes.c new file mode 100644 index 0000000000..1d2be488e9 --- /dev/null +++ b/tests/tcg/ppc64/test-aes.c @@ -0,0 +1,116 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ + +#include "../multiarch/test-aes-main.c.inc" + +#undef BIG_ENDIAN +#define BIG_ENDIAN (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) + +static unsigned char bswap_le[16] __attribute__((aligned(16))) = { + 8,9,10,11,12,13,14,15, + 0,1,2,3,4,5,6,7 +}; + +bool test_SB_SR(uint8_t *o, const uint8_t *i) +{ + /* vcipherlast also adds round key, so supply zero. */ + if (BIG_ENDIAN) { + asm("lxvd2x 32,0,%1\n\t" + "vspltisb 1,0\n\t" + "vcipherlast 0,0,1\n\t" + "stxvd2x 32,0,%0" + : : "r"(o), "r"(i) : "memory", "v0", "v1"); + } else { + asm("lxvd2x 32,0,%1\n\t" + "lxvd2x 34,0,%2\n\t" + "vspltisb 1,0\n\t" + "vperm 0,0,0,2\n\t" + "vcipherlast 0,0,1\n\t" + "vperm 0,0,0,2\n\t" + "stxvd2x 32,0,%0" + : : "r"(o), "r"(i), "r"(bswap_le) : "memory", "v0", "v1", "v2"); + } + return true; +} + +bool test_MC(uint8_t *o, const uint8_t *i) +{ + return false; +} + +bool test_SB_SR_MC_AK(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + if (BIG_ENDIAN) { + asm("lxvd2x 32,0,%1\n\t" + "lxvd2x 33,0,%2\n\t" + "vcipher 0,0,1\n\t" + "stxvd2x 32,0,%0" + : : "r"(o), "r"(i), "r"(k) : "memory", "v0", "v1"); + } else { + asm("lxvd2x 32,0,%1\n\t" + "lxvd2x 33,0,%2\n\t" + "lxvd2x 34,0,%3\n\t" + "vperm 0,0,0,2\n\t" + "vperm 1,1,1,2\n\t" + "vcipher 0,0,1\n\t" + "vperm 0,0,0,2\n\t" + "stxvd2x 32,0,%0" + : : "r"(o), "r"(i), "r"(k), "r"(bswap_le) + : "memory", "v0", "v1", "v2"); + } + return true; +} + +bool test_ISB_ISR(uint8_t *o, const uint8_t *i) +{ + /* vcipherlast also adds round key, so supply zero. */ + if (BIG_ENDIAN) { + asm("lxvd2x 32,0,%1\n\t" + "vspltisb 1,0\n\t" + "vncipherlast 0,0,1\n\t" + "stxvd2x 32,0,%0" + : : "r"(o), "r"(i) : "memory", "v0", "v1"); + } else { + asm("lxvd2x 32,0,%1\n\t" + "lxvd2x 34,0,%2\n\t" + "vspltisb 1,0\n\t" + "vperm 0,0,0,2\n\t" + "vncipherlast 0,0,1\n\t" + "vperm 0,0,0,2\n\t" + "stxvd2x 32,0,%0" + : : "r"(o), "r"(i), "r"(bswap_le) : "memory", "v0", "v1", "v2"); + } + return true; +} + +bool test_IMC(uint8_t *o, const uint8_t *i) +{ + return false; +} + +bool test_ISB_ISR_AK_IMC(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + if (BIG_ENDIAN) { + asm("lxvd2x 32,0,%1\n\t" + "lxvd2x 33,0,%2\n\t" + "vncipher 0,0,1\n\t" + "stxvd2x 32,0,%0" + : : "r"(o), "r"(i), "r"(k) : "memory", "v0", "v1"); + } else { + asm("lxvd2x 32,0,%1\n\t" + "lxvd2x 33,0,%2\n\t" + "lxvd2x 34,0,%3\n\t" + "vperm 0,0,0,2\n\t" + "vperm 1,1,1,2\n\t" + "vncipher 0,0,1\n\t" + "vperm 0,0,0,2\n\t" + "stxvd2x 32,0,%0" + : : "r"(o), "r"(i), "r"(k), "r"(bswap_le) + : "memory", "v0", "v1", "v2"); + } + return true; +} + +bool test_ISB_ISR_IMC_AK(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + return false; +} diff --git a/tests/tcg/riscv64/test-aes.c b/tests/tcg/riscv64/test-aes.c new file mode 100644 index 0000000000..3d7ef0e33a --- /dev/null +++ b/tests/tcg/riscv64/test-aes.c @@ -0,0 +1,76 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ + +#include "../multiarch/test-aes-main.c.inc" + +bool test_SB_SR(uint8_t *o, const uint8_t *i) +{ + uint64_t *o8 = (uint64_t *)o; + const uint64_t *i8 = (const uint64_t *)i; + + asm("aes64es %0,%2,%3\n\t" + "aes64es %1,%3,%2" + : "=&r"(o8[0]), "=&r"(o8[1]) : "r"(i8[0]), "r"(i8[1])); + return true; +} + +bool test_MC(uint8_t *o, const uint8_t *i) +{ + return false; +} + +bool test_SB_SR_MC_AK(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + uint64_t *o8 = (uint64_t *)o; + const uint64_t *i8 = (const uint64_t *)i; + const uint64_t *k8 = (const uint64_t *)k; + + asm("aes64esm %0,%2,%3\n\t" + "aes64esm %1,%3,%2\n\t" + "xor %0,%0,%4\n\t" + "xor %1,%1,%5" + : "=&r"(o8[0]), "=&r"(o8[1]) + : "r"(i8[0]), "r"(i8[1]), "r"(k8[0]), "r"(k8[1])); + return true; +} + +bool test_ISB_ISR(uint8_t *o, const uint8_t *i) +{ + uint64_t *o8 = (uint64_t *)o; + const uint64_t *i8 = (const uint64_t *)i; + + asm("aes64ds %0,%2,%3\n\t" + "aes64ds %1,%3,%2" + : "=&r"(o8[0]), "=&r"(o8[1]) : "r"(i8[0]), "r"(i8[1])); + return true; +} + +bool test_IMC(uint8_t *o, const uint8_t *i) +{ + uint64_t *o8 = (uint64_t *)o; + const uint64_t *i8 = (const uint64_t *)i; + + asm("aes64im %0,%0\n\t" + "aes64im %1,%1" + : "=r"(o8[0]), "=r"(o8[1]) : "0"(i8[0]), "1"(i8[1])); + return true; +} + +bool test_ISB_ISR_AK_IMC(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + return false; +} + +bool test_ISB_ISR_IMC_AK(uint8_t *o, const uint8_t *i, const uint8_t *k) +{ + uint64_t *o8 = (uint64_t *)o; + const uint64_t *i8 = (const uint64_t *)i; + const uint64_t *k8 = (const uint64_t *)k; + + asm("aes64dsm %0,%2,%3\n\t" + "aes64dsm %1,%3,%2\n\t" + "xor %0,%0,%4\n\t" + "xor %1,%1,%5" + : "=&r"(o8[0]), "=&r"(o8[1]) + : "r"(i8[0]), "r"(i8[1]), "r"(k8[0]), "r"(k8[1])); + return true; +} diff --git a/tests/tcg/multiarch/test-aes-main.c.inc b/tests/tcg/multiarch/test-aes-main.c.inc new file mode 100644 index 0000000000..0039f8ba55 --- /dev/null +++ b/tests/tcg/multiarch/test-aes-main.c.inc @@ -0,0 +1,183 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ + +#include +#include +#include +#include +#include + +static bool test_SB_SR(uint8_t *o, const uint8_t *i); +static bool test_MC(uint8_t *o, const uint8_t *i); +static bool test_SB_SR_MC_AK(uint8_t *o, const uint8_t *i, const uint8_t *k); + +static bool test_ISB_ISR(uint8_t *o, const uint8_t *i); +static bool test_IMC(uint8_t *o, const uint8_t *i); +static bool test_ISB_ISR_AK_IMC(uint8_t *o, const uint8_t *i, const uint8_t *k); +static bool test_ISB_ISR_IMC_AK(uint8_t *o, const uint8_t *i, const uint8_t *k); + +/* + * From https://doi.org/10.6028/NIST.FIPS.197-upd1, + * Appendix B -- Cipher Example + * + * Note that the formatting of the 4x4 matrices in the document is + * column-major, whereas C is row-major. Therefore to get the bytes + * in the same order as the text, the matrices are transposed. + * + * Note that we are not going to test SubBytes or ShiftRows separately, + * so the "After SubBytes" column is omitted, using only the combined + * result "After ShiftRows" column. + */ + +/* Ease the inline assembly by aligning everything. */ +typedef struct { + uint8_t b[16] __attribute__((aligned(16))); +} State; + +typedef struct { + State start, after_sr, after_mc, round_key; +} Round; + +static const Round rounds[] = { + /* Round 1 */ + { { { 0x19, 0x3d, 0xe3, 0xbe, /* start */ + 0xa0, 0xf4, 0xe2, 0x2b, + 0x9a, 0xc6, 0x8d, 0x2a, + 0xe9, 0xf8, 0x48, 0x08, } }, + + { { 0xd4, 0xbf, 0x5d, 0x30, /* after shiftrows */ + 0xe0, 0xb4, 0x52, 0xae, + 0xb8, 0x41, 0x11, 0xf1, + 0x1e, 0x27, 0x98, 0xe5, } }, + + { { 0x04, 0x66, 0x81, 0xe5, /* after mixcolumns */ + 0xe0, 0xcb, 0x19, 0x9a, + 0x48, 0xf8, 0xd3, 0x7a, + 0x28, 0x06, 0x26, 0x4c, } }, + + { { 0xa0, 0xfa, 0xfe, 0x17, /* round key */ + 0x88, 0x54, 0x2c, 0xb1, + 0x23, 0xa3, 0x39, 0x39, + 0x2a, 0x6c, 0x76, 0x05, } } }, + + /* Round 2 */ + { { { 0xa4, 0x9c, 0x7f, 0xf2, /* start */ + 0x68, 0x9f, 0x35, 0x2b, + 0x6b, 0x5b, 0xea, 0x43, + 0x02, 0x6a, 0x50, 0x49, } }, + + { { 0x49, 0xdb, 0x87, 0x3b, /* after shiftrows */ + 0x45, 0x39, 0x53, 0x89, + 0x7f, 0x02, 0xd2, 0xf1, + 0x77, 0xde, 0x96, 0x1a, } }, + + { { 0x58, 0x4d, 0xca, 0xf1, /* after mixcolumns */ + 0x1b, 0x4b, 0x5a, 0xac, + 0xdb, 0xe7, 0xca, 0xa8, + 0x1b, 0x6b, 0xb0, 0xe5, } }, + + { { 0xf2, 0xc2, 0x95, 0xf2, /* round key */ + 0x7a, 0x96, 0xb9, 0x43, + 0x59, 0x35, 0x80, 0x7a, + 0x73, 0x59, 0xf6, 0x7f, } } }, + + /* Round 3 */ + { { { 0xaa, 0x8f, 0x5f, 0x03, /* start */ + 0x61, 0xdd, 0xe3, 0xef, + 0x82, 0xd2, 0x4a, 0xd2, + 0x68, 0x32, 0x46, 0x9a, } }, + + { { 0xac, 0xc1, 0xd6, 0xb8, /* after shiftrows */ + 0xef, 0xb5, 0x5a, 0x7b, + 0x13, 0x23, 0xcf, 0xdf, + 0x45, 0x73, 0x11, 0xb5, } }, + + { { 0x75, 0xec, 0x09, 0x93, /* after mixcolumns */ + 0x20, 0x0b, 0x63, 0x33, + 0x53, 0xc0, 0xcf, 0x7c, + 0xbb, 0x25, 0xd0, 0xdc, } }, + + { { 0x3d, 0x80, 0x47, 0x7d, /* round key */ + 0x47, 0x16, 0xfe, 0x3e, + 0x1e, 0x23, 0x7e, 0x44, + 0x6d, 0x7a, 0x88, 0x3b, } } }, +}; + +static void verify_log(const char *prefix, const State *s) +{ + printf("%s:", prefix); + for (int i = 0; i < sizeof(State); ++i) { + printf(" %02x", s->b[i]); + } + printf("\n"); +} + +static void verify(const State *ref, const State *tst, const char *which) +{ + if (!memcmp(ref, tst, sizeof(State))) { + return; + } + + printf("Mismatch on %s\n", which); + verify_log("ref", ref); + verify_log("tst", tst); + exit(EXIT_FAILURE); +} + +int main() +{ + int i, n = sizeof(rounds) / sizeof(Round); + State t; + + for (i = 0; i < n; ++i) { + if (test_SB_SR(t.b, rounds[i].start.b)) { + verify(&rounds[i].after_sr, &t, "SB+SR"); + } + } + + for (i = 0; i < n; ++i) { + if (test_MC(t.b, rounds[i].after_sr.b)) { + verify(&rounds[i].after_mc, &t, "MC"); + } + } + + /* The kernel of Cipher(). */ + for (i = 0; i < n - 1; ++i) { + if (test_SB_SR_MC_AK(t.b, rounds[i].start.b, rounds[i].round_key.b)) { + verify(&rounds[i + 1].start, &t, "SB+SR+MC+AK"); + } + } + + for (i = 0; i < n; ++i) { + if (test_ISB_ISR(t.b, rounds[i].after_sr.b)) { + verify(&rounds[i].start, &t, "ISB+ISR"); + } + } + + for (i = 0; i < n; ++i) { + if (test_IMC(t.b, rounds[i].after_mc.b)) { + verify(&rounds[i].after_sr, &t, "IMC"); + } + } + + /* The kernel of InvCipher(). */ + for (i = n - 1; i > 0; --i) { + if (test_ISB_ISR_AK_IMC(t.b, rounds[i].after_sr.b, + rounds[i - 1].round_key.b)) { + verify(&rounds[i - 1].after_sr, &t, "ISB+ISR+AK+IMC"); + } + } + + /* + * The kernel of EqInvCipher(). + * We must compute a different round key: apply InvMixColumns to + * the standard round key, per KeyExpansion vs KeyExpansionEIC. + */ + for (i = 1; i < n; ++i) { + if (test_IMC(t.b, rounds[i - 1].round_key.b) && + test_ISB_ISR_IMC_AK(t.b, rounds[i].after_sr.b, t.b)) { + verify(&rounds[i - 1].after_sr, &t, "ISB+ISR+IMC+AK"); + } + } + + return EXIT_SUCCESS; +} diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target index 0315795487..7402d08d75 100644 --- a/tests/tcg/aarch64/Makefile.target +++ b/tests/tcg/aarch64/Makefile.target @@ -63,6 +63,10 @@ endif AARCH64_TESTS += sve-ioctls sve-ioctls: CFLAGS+=-march=armv8.1-a+sve +AARCH64_TESTS += test-aes +test-aes: CFLAGS += -O -march=armv8-a+aes +test-aes: test-aes-main.c.inc + # Vector SHA1 sha1-vector: CFLAGS=-O3 sha1-vector: sha1.c diff --git a/tests/tcg/i386/Makefile.target b/tests/tcg/i386/Makefile.target index 821822ed0c..3ba61e3880 100644 --- a/tests/tcg/i386/Makefile.target +++ b/tests/tcg/i386/Makefile.target @@ -28,6 +28,10 @@ run-test-i386-bmi2: QEMU_OPTS += -cpu max test-i386-adcox: CFLAGS=-O2 run-test-i386-adcox: QEMU_OPTS += -cpu max +test-aes: CFLAGS += -O -msse2 -maes +test-aes: test-aes-main.c.inc +run-test-aes: QEMU_OPTS += -cpu max + # # hello-i386 is a barebones app # diff --git a/tests/tcg/ppc64/Makefile.target b/tests/tcg/ppc64/Makefile.target index b084963b9a..5721c159f2 100644 --- a/tests/tcg/ppc64/Makefile.target +++ b/tests/tcg/ppc64/Makefile.target @@ -36,5 +36,6 @@ run-vector: QEMU_OPTS += -cpu POWER10 PPC64_TESTS += signal_save_restore_xer PPC64_TESTS += xxspltw +PPC64_TESTS += test-aes TESTS += $(PPC64_TESTS) diff --git a/tests/tcg/riscv64/Makefile.target b/tests/tcg/riscv64/Makefile.target index 9973ba3b5f..4002d14b9e 100644 --- a/tests/tcg/riscv64/Makefile.target +++ b/tests/tcg/riscv64/Makefile.target @@ -9,3 +9,7 @@ TESTS += noexec TESTS += test-noc test-noc: LDFLAGS = -nostdlib -static run-test-noc: QEMU_OPTS += -cpu rv64,c=false + +TESTS += test-aes +test-aes: CFLAGS += -O -march=rv64gzk +run-test-aes: QEMU_OPTS += -cpu rv64,zk=on From patchwork Sat Jun 3 02:33:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266030 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C05D6C77B7A for ; Sat, 3 Jun 2023 02:37:56 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H6Q-0000TE-JL; Fri, 02 Jun 2023 22:34:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6E-0000Jx-8r for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:39 -0400 Received: from mail-oo1-xc2e.google.com ([2607:f8b0:4864:20::c2e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H67-0004hG-0T for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:36 -0400 Received: by mail-oo1-xc2e.google.com with SMTP id 006d021491bc7-55554c33bf3so2072257eaf.2 for ; Fri, 02 Jun 2023 19:34:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759670; x=1688351670; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=c5g9z19tngAaoELHXObFuFdq/Xc1qgKK52d0R1nhQKk=; b=NS1KBqeM0soMYJT1liyAxpUlm2ZQDCJRHW5kSWKi3rNPxLJVVDySp43Pi+IOJHyyBP mJNAxVS170J6YZlVauyX4081Y4ngt831lRcEx/hSYrjh+XREMQy4vR8l1p0tJR9BZ/P8 1AF7qEGDKWAT/wMPmHN647gueOsZbNFjwJyysJ6OwOlX3miFS06cmcp1JdntamJsveLx A+9UtcZ/SHQa5vj7L7ve45N+6NWeloZxAUXcviDtSIHUWG8/UHF7IwlZtlQniR8COpcH bQTggXdFMwXh+433P/gdbDu5vLGN9MvwycUy8LDcHBzg46MSwibd7xIIyImLufIfAzP6 E2iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759670; x=1688351670; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=c5g9z19tngAaoELHXObFuFdq/Xc1qgKK52d0R1nhQKk=; b=cLHBlN09VnPQzAblvBcXXWYq8kOGc+yD8Cr+W4q65bJVsKBIQJyknb+cOYs2d8Uf2t pwL6tryR5OOnKGanb277U0REE1RMrRQ8pXUnAdQS9rf8xtwLP31GArJyKDxtDoIMMk/R eR0BqkP/kPFJRL2hvnOfTE2ZCtfmnzucXnJPxG4k9DOt0qrGw777seV2PVKlL3pjwRj9 Je/UxZ+zi3RGGUtpXJWmbBFtMGpXZYpFxXig1qxtBoNXZ95jODSQMcGAGLY8pXzVh7hT Ffouz0Kta9FoDep9177l6nSWfqY7WHWgAXVBv90ykoalUauvAQqpYvLQmx/KgkH06Wcz /q+g== X-Gm-Message-State: AC+VfDwuzn5y8oOXQlT2aztboLrVy24nfyV5r1XGHA/iAAH5k7tMaT+L gvxpJmsFXFriZtJbHWARlZfy2a4WNhaVu18BfbA= X-Google-Smtp-Source: ACHHUZ5qNKG/4cX1tM7KpVB7BsAWOsbswQSDpHrD6TpWdxptRxFmfvyc6vZbFgSme7O58cGvf5JiXA== X-Received: by 2002:a05:6358:8810:b0:123:230c:c3bd with SMTP id hv16-20020a056358881000b00123230cc3bdmr3098228rwb.11.1685759669584; Fri, 02 Jun 2023 19:34:29 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:29 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 02/35] target/arm: Move aesmc and aesimc tables to crypto/aes.c Date: Fri, 2 Jun 2023 19:33:53 -0700 Message-Id: <20230603023426.1064431-3-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::c2e; envelope-from=richard.henderson@linaro.org; helo=mail-oo1-xc2e.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org We do not currently have a table in crypto/ for just MixColumns. Move both tables for consistency. Signed-off-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daudé --- include/crypto/aes.h | 6 ++ crypto/aes.c | 142 ++++++++++++++++++++++++++++++++ target/arm/tcg/crypto_helper.c | 143 ++------------------------------- 3 files changed, 153 insertions(+), 138 deletions(-) diff --git a/include/crypto/aes.h b/include/crypto/aes.h index 822d64588c..24b073d569 100644 --- a/include/crypto/aes.h +++ b/include/crypto/aes.h @@ -34,6 +34,12 @@ extern const uint8_t AES_isbox[256]; extern const uint8_t AES_shifts[16]; extern const uint8_t AES_ishifts[16]; +/* AES MixColumns, for use with rot32. */ +extern const uint32_t AES_mc_rot[256]; + +/* AES InvMixColumns, for use with rot32. */ +extern const uint32_t AES_imc_rot[256]; + /* AES InvMixColumns */ /* AES_imc[x][0] = [x].[0e, 09, 0d, 0b]; */ /* AES_imc[x][1] = [x].[0b, 0e, 09, 0d]; */ diff --git a/crypto/aes.c b/crypto/aes.c index af72ff7779..72c95c38fb 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -116,6 +116,148 @@ const uint8_t AES_ishifts[16] = { 0, 13, 10, 7, 4, 1, 14, 11, 8, 5, 2, 15, 12, 9, 6, 3 }; +/* + * MixColumns lookup table, for use with rot32. + * From Arm ARM pseudocode. + */ +const uint32_t AES_mc_rot[256] = { + 0x00000000, 0x03010102, 0x06020204, 0x05030306, + 0x0c040408, 0x0f05050a, 0x0a06060c, 0x0907070e, + 0x18080810, 0x1b090912, 0x1e0a0a14, 0x1d0b0b16, + 0x140c0c18, 0x170d0d1a, 0x120e0e1c, 0x110f0f1e, + 0x30101020, 0x33111122, 0x36121224, 0x35131326, + 0x3c141428, 0x3f15152a, 0x3a16162c, 0x3917172e, + 0x28181830, 0x2b191932, 0x2e1a1a34, 0x2d1b1b36, + 0x241c1c38, 0x271d1d3a, 0x221e1e3c, 0x211f1f3e, + 0x60202040, 0x63212142, 0x66222244, 0x65232346, + 0x6c242448, 0x6f25254a, 0x6a26264c, 0x6927274e, + 0x78282850, 0x7b292952, 0x7e2a2a54, 0x7d2b2b56, + 0x742c2c58, 0x772d2d5a, 0x722e2e5c, 0x712f2f5e, + 0x50303060, 0x53313162, 0x56323264, 0x55333366, + 0x5c343468, 0x5f35356a, 0x5a36366c, 0x5937376e, + 0x48383870, 0x4b393972, 0x4e3a3a74, 0x4d3b3b76, + 0x443c3c78, 0x473d3d7a, 0x423e3e7c, 0x413f3f7e, + 0xc0404080, 0xc3414182, 0xc6424284, 0xc5434386, + 0xcc444488, 0xcf45458a, 0xca46468c, 0xc947478e, + 0xd8484890, 0xdb494992, 0xde4a4a94, 0xdd4b4b96, + 0xd44c4c98, 0xd74d4d9a, 0xd24e4e9c, 0xd14f4f9e, + 0xf05050a0, 0xf35151a2, 0xf65252a4, 0xf55353a6, + 0xfc5454a8, 0xff5555aa, 0xfa5656ac, 0xf95757ae, + 0xe85858b0, 0xeb5959b2, 0xee5a5ab4, 0xed5b5bb6, + 0xe45c5cb8, 0xe75d5dba, 0xe25e5ebc, 0xe15f5fbe, + 0xa06060c0, 0xa36161c2, 0xa66262c4, 0xa56363c6, + 0xac6464c8, 0xaf6565ca, 0xaa6666cc, 0xa96767ce, + 0xb86868d0, 0xbb6969d2, 0xbe6a6ad4, 0xbd6b6bd6, + 0xb46c6cd8, 0xb76d6dda, 0xb26e6edc, 0xb16f6fde, + 0x907070e0, 0x937171e2, 0x967272e4, 0x957373e6, + 0x9c7474e8, 0x9f7575ea, 0x9a7676ec, 0x997777ee, + 0x887878f0, 0x8b7979f2, 0x8e7a7af4, 0x8d7b7bf6, + 0x847c7cf8, 0x877d7dfa, 0x827e7efc, 0x817f7ffe, + 0x9b80801b, 0x98818119, 0x9d82821f, 0x9e83831d, + 0x97848413, 0x94858511, 0x91868617, 0x92878715, + 0x8388880b, 0x80898909, 0x858a8a0f, 0x868b8b0d, + 0x8f8c8c03, 0x8c8d8d01, 0x898e8e07, 0x8a8f8f05, + 0xab90903b, 0xa8919139, 0xad92923f, 0xae93933d, + 0xa7949433, 0xa4959531, 0xa1969637, 0xa2979735, + 0xb398982b, 0xb0999929, 0xb59a9a2f, 0xb69b9b2d, + 0xbf9c9c23, 0xbc9d9d21, 0xb99e9e27, 0xba9f9f25, + 0xfba0a05b, 0xf8a1a159, 0xfda2a25f, 0xfea3a35d, + 0xf7a4a453, 0xf4a5a551, 0xf1a6a657, 0xf2a7a755, + 0xe3a8a84b, 0xe0a9a949, 0xe5aaaa4f, 0xe6abab4d, + 0xefacac43, 0xecadad41, 0xe9aeae47, 0xeaafaf45, + 0xcbb0b07b, 0xc8b1b179, 0xcdb2b27f, 0xceb3b37d, + 0xc7b4b473, 0xc4b5b571, 0xc1b6b677, 0xc2b7b775, + 0xd3b8b86b, 0xd0b9b969, 0xd5baba6f, 0xd6bbbb6d, + 0xdfbcbc63, 0xdcbdbd61, 0xd9bebe67, 0xdabfbf65, + 0x5bc0c09b, 0x58c1c199, 0x5dc2c29f, 0x5ec3c39d, + 0x57c4c493, 0x54c5c591, 0x51c6c697, 0x52c7c795, + 0x43c8c88b, 0x40c9c989, 0x45caca8f, 0x46cbcb8d, + 0x4fcccc83, 0x4ccdcd81, 0x49cece87, 0x4acfcf85, + 0x6bd0d0bb, 0x68d1d1b9, 0x6dd2d2bf, 0x6ed3d3bd, + 0x67d4d4b3, 0x64d5d5b1, 0x61d6d6b7, 0x62d7d7b5, + 0x73d8d8ab, 0x70d9d9a9, 0x75dadaaf, 0x76dbdbad, + 0x7fdcdca3, 0x7cdddda1, 0x79dedea7, 0x7adfdfa5, + 0x3be0e0db, 0x38e1e1d9, 0x3de2e2df, 0x3ee3e3dd, + 0x37e4e4d3, 0x34e5e5d1, 0x31e6e6d7, 0x32e7e7d5, + 0x23e8e8cb, 0x20e9e9c9, 0x25eaeacf, 0x26ebebcd, + 0x2fececc3, 0x2cededc1, 0x29eeeec7, 0x2aefefc5, + 0x0bf0f0fb, 0x08f1f1f9, 0x0df2f2ff, 0x0ef3f3fd, + 0x07f4f4f3, 0x04f5f5f1, 0x01f6f6f7, 0x02f7f7f5, + 0x13f8f8eb, 0x10f9f9e9, 0x15fafaef, 0x16fbfbed, + 0x1ffcfce3, 0x1cfdfde1, 0x19fefee7, 0x1affffe5, +}; + +/* + * Inverse MixColumns lookup table, for use with rot32. + * From Arm ARM pseudocode. + */ +const uint32_t AES_imc_rot[256] = { + 0x00000000, 0x0b0d090e, 0x161a121c, 0x1d171b12, + 0x2c342438, 0x27392d36, 0x3a2e3624, 0x31233f2a, + 0x58684870, 0x5365417e, 0x4e725a6c, 0x457f5362, + 0x745c6c48, 0x7f516546, 0x62467e54, 0x694b775a, + 0xb0d090e0, 0xbbdd99ee, 0xa6ca82fc, 0xadc78bf2, + 0x9ce4b4d8, 0x97e9bdd6, 0x8afea6c4, 0x81f3afca, + 0xe8b8d890, 0xe3b5d19e, 0xfea2ca8c, 0xf5afc382, + 0xc48cfca8, 0xcf81f5a6, 0xd296eeb4, 0xd99be7ba, + 0x7bbb3bdb, 0x70b632d5, 0x6da129c7, 0x66ac20c9, + 0x578f1fe3, 0x5c8216ed, 0x41950dff, 0x4a9804f1, + 0x23d373ab, 0x28de7aa5, 0x35c961b7, 0x3ec468b9, + 0x0fe75793, 0x04ea5e9d, 0x19fd458f, 0x12f04c81, + 0xcb6bab3b, 0xc066a235, 0xdd71b927, 0xd67cb029, + 0xe75f8f03, 0xec52860d, 0xf1459d1f, 0xfa489411, + 0x9303e34b, 0x980eea45, 0x8519f157, 0x8e14f859, + 0xbf37c773, 0xb43ace7d, 0xa92dd56f, 0xa220dc61, + 0xf66d76ad, 0xfd607fa3, 0xe07764b1, 0xeb7a6dbf, + 0xda595295, 0xd1545b9b, 0xcc434089, 0xc74e4987, + 0xae053edd, 0xa50837d3, 0xb81f2cc1, 0xb31225cf, + 0x82311ae5, 0x893c13eb, 0x942b08f9, 0x9f2601f7, + 0x46bde64d, 0x4db0ef43, 0x50a7f451, 0x5baafd5f, + 0x6a89c275, 0x6184cb7b, 0x7c93d069, 0x779ed967, + 0x1ed5ae3d, 0x15d8a733, 0x08cfbc21, 0x03c2b52f, + 0x32e18a05, 0x39ec830b, 0x24fb9819, 0x2ff69117, + 0x8dd64d76, 0x86db4478, 0x9bcc5f6a, 0x90c15664, + 0xa1e2694e, 0xaaef6040, 0xb7f87b52, 0xbcf5725c, + 0xd5be0506, 0xdeb30c08, 0xc3a4171a, 0xc8a91e14, + 0xf98a213e, 0xf2872830, 0xef903322, 0xe49d3a2c, + 0x3d06dd96, 0x360bd498, 0x2b1ccf8a, 0x2011c684, + 0x1132f9ae, 0x1a3ff0a0, 0x0728ebb2, 0x0c25e2bc, + 0x656e95e6, 0x6e639ce8, 0x737487fa, 0x78798ef4, + 0x495ab1de, 0x4257b8d0, 0x5f40a3c2, 0x544daacc, + 0xf7daec41, 0xfcd7e54f, 0xe1c0fe5d, 0xeacdf753, + 0xdbeec879, 0xd0e3c177, 0xcdf4da65, 0xc6f9d36b, + 0xafb2a431, 0xa4bfad3f, 0xb9a8b62d, 0xb2a5bf23, + 0x83868009, 0x888b8907, 0x959c9215, 0x9e919b1b, + 0x470a7ca1, 0x4c0775af, 0x51106ebd, 0x5a1d67b3, + 0x6b3e5899, 0x60335197, 0x7d244a85, 0x7629438b, + 0x1f6234d1, 0x146f3ddf, 0x097826cd, 0x02752fc3, + 0x335610e9, 0x385b19e7, 0x254c02f5, 0x2e410bfb, + 0x8c61d79a, 0x876cde94, 0x9a7bc586, 0x9176cc88, + 0xa055f3a2, 0xab58faac, 0xb64fe1be, 0xbd42e8b0, + 0xd4099fea, 0xdf0496e4, 0xc2138df6, 0xc91e84f8, + 0xf83dbbd2, 0xf330b2dc, 0xee27a9ce, 0xe52aa0c0, + 0x3cb1477a, 0x37bc4e74, 0x2aab5566, 0x21a65c68, + 0x10856342, 0x1b886a4c, 0x069f715e, 0x0d927850, + 0x64d90f0a, 0x6fd40604, 0x72c31d16, 0x79ce1418, + 0x48ed2b32, 0x43e0223c, 0x5ef7392e, 0x55fa3020, + 0x01b79aec, 0x0aba93e2, 0x17ad88f0, 0x1ca081fe, + 0x2d83bed4, 0x268eb7da, 0x3b99acc8, 0x3094a5c6, + 0x59dfd29c, 0x52d2db92, 0x4fc5c080, 0x44c8c98e, + 0x75ebf6a4, 0x7ee6ffaa, 0x63f1e4b8, 0x68fcedb6, + 0xb1670a0c, 0xba6a0302, 0xa77d1810, 0xac70111e, + 0x9d532e34, 0x965e273a, 0x8b493c28, 0x80443526, + 0xe90f427c, 0xe2024b72, 0xff155060, 0xf418596e, + 0xc53b6644, 0xce366f4a, 0xd3217458, 0xd82c7d56, + 0x7a0ca137, 0x7101a839, 0x6c16b32b, 0x671bba25, + 0x5638850f, 0x5d358c01, 0x40229713, 0x4b2f9e1d, + 0x2264e947, 0x2969e049, 0x347efb5b, 0x3f73f255, + 0x0e50cd7f, 0x055dc471, 0x184adf63, 0x1347d66d, + 0xcadc31d7, 0xc1d138d9, 0xdcc623cb, 0xd7cb2ac5, + 0xe6e815ef, 0xede51ce1, 0xf0f207f3, 0xfbff0efd, + 0x92b479a7, 0x99b970a9, 0x84ae6bbb, 0x8fa362b5, + 0xbe805d9f, 0xb58d5491, 0xa89a4f83, 0xa397468d, +}; + /* AES_imc[x][0] = [x].[0e, 09, 0d, 0b]; */ /* AES_imc[x][1] = [x].[0b, 0e, 09, 0d]; */ /* AES_imc[x][2] = [x].[0d, 0b, 0e, 09]; */ diff --git a/target/arm/tcg/crypto_helper.c b/target/arm/tcg/crypto_helper.c index d28690321f..06254939d2 100644 --- a/target/arm/tcg/crypto_helper.c +++ b/target/arm/tcg/crypto_helper.c @@ -80,149 +80,16 @@ void HELPER(crypto_aese)(void *vd, void *vn, void *vm, uint32_t desc) static void do_crypto_aesmc(uint64_t *rd, uint64_t *rm, bool decrypt) { - static uint32_t const mc[][256] = { { - /* MixColumns lookup table */ - 0x00000000, 0x03010102, 0x06020204, 0x05030306, - 0x0c040408, 0x0f05050a, 0x0a06060c, 0x0907070e, - 0x18080810, 0x1b090912, 0x1e0a0a14, 0x1d0b0b16, - 0x140c0c18, 0x170d0d1a, 0x120e0e1c, 0x110f0f1e, - 0x30101020, 0x33111122, 0x36121224, 0x35131326, - 0x3c141428, 0x3f15152a, 0x3a16162c, 0x3917172e, - 0x28181830, 0x2b191932, 0x2e1a1a34, 0x2d1b1b36, - 0x241c1c38, 0x271d1d3a, 0x221e1e3c, 0x211f1f3e, - 0x60202040, 0x63212142, 0x66222244, 0x65232346, - 0x6c242448, 0x6f25254a, 0x6a26264c, 0x6927274e, - 0x78282850, 0x7b292952, 0x7e2a2a54, 0x7d2b2b56, - 0x742c2c58, 0x772d2d5a, 0x722e2e5c, 0x712f2f5e, - 0x50303060, 0x53313162, 0x56323264, 0x55333366, - 0x5c343468, 0x5f35356a, 0x5a36366c, 0x5937376e, - 0x48383870, 0x4b393972, 0x4e3a3a74, 0x4d3b3b76, - 0x443c3c78, 0x473d3d7a, 0x423e3e7c, 0x413f3f7e, - 0xc0404080, 0xc3414182, 0xc6424284, 0xc5434386, - 0xcc444488, 0xcf45458a, 0xca46468c, 0xc947478e, - 0xd8484890, 0xdb494992, 0xde4a4a94, 0xdd4b4b96, - 0xd44c4c98, 0xd74d4d9a, 0xd24e4e9c, 0xd14f4f9e, - 0xf05050a0, 0xf35151a2, 0xf65252a4, 0xf55353a6, - 0xfc5454a8, 0xff5555aa, 0xfa5656ac, 0xf95757ae, - 0xe85858b0, 0xeb5959b2, 0xee5a5ab4, 0xed5b5bb6, - 0xe45c5cb8, 0xe75d5dba, 0xe25e5ebc, 0xe15f5fbe, - 0xa06060c0, 0xa36161c2, 0xa66262c4, 0xa56363c6, - 0xac6464c8, 0xaf6565ca, 0xaa6666cc, 0xa96767ce, - 0xb86868d0, 0xbb6969d2, 0xbe6a6ad4, 0xbd6b6bd6, - 0xb46c6cd8, 0xb76d6dda, 0xb26e6edc, 0xb16f6fde, - 0x907070e0, 0x937171e2, 0x967272e4, 0x957373e6, - 0x9c7474e8, 0x9f7575ea, 0x9a7676ec, 0x997777ee, - 0x887878f0, 0x8b7979f2, 0x8e7a7af4, 0x8d7b7bf6, - 0x847c7cf8, 0x877d7dfa, 0x827e7efc, 0x817f7ffe, - 0x9b80801b, 0x98818119, 0x9d82821f, 0x9e83831d, - 0x97848413, 0x94858511, 0x91868617, 0x92878715, - 0x8388880b, 0x80898909, 0x858a8a0f, 0x868b8b0d, - 0x8f8c8c03, 0x8c8d8d01, 0x898e8e07, 0x8a8f8f05, - 0xab90903b, 0xa8919139, 0xad92923f, 0xae93933d, - 0xa7949433, 0xa4959531, 0xa1969637, 0xa2979735, - 0xb398982b, 0xb0999929, 0xb59a9a2f, 0xb69b9b2d, - 0xbf9c9c23, 0xbc9d9d21, 0xb99e9e27, 0xba9f9f25, - 0xfba0a05b, 0xf8a1a159, 0xfda2a25f, 0xfea3a35d, - 0xf7a4a453, 0xf4a5a551, 0xf1a6a657, 0xf2a7a755, - 0xe3a8a84b, 0xe0a9a949, 0xe5aaaa4f, 0xe6abab4d, - 0xefacac43, 0xecadad41, 0xe9aeae47, 0xeaafaf45, - 0xcbb0b07b, 0xc8b1b179, 0xcdb2b27f, 0xceb3b37d, - 0xc7b4b473, 0xc4b5b571, 0xc1b6b677, 0xc2b7b775, - 0xd3b8b86b, 0xd0b9b969, 0xd5baba6f, 0xd6bbbb6d, - 0xdfbcbc63, 0xdcbdbd61, 0xd9bebe67, 0xdabfbf65, - 0x5bc0c09b, 0x58c1c199, 0x5dc2c29f, 0x5ec3c39d, - 0x57c4c493, 0x54c5c591, 0x51c6c697, 0x52c7c795, - 0x43c8c88b, 0x40c9c989, 0x45caca8f, 0x46cbcb8d, - 0x4fcccc83, 0x4ccdcd81, 0x49cece87, 0x4acfcf85, - 0x6bd0d0bb, 0x68d1d1b9, 0x6dd2d2bf, 0x6ed3d3bd, - 0x67d4d4b3, 0x64d5d5b1, 0x61d6d6b7, 0x62d7d7b5, - 0x73d8d8ab, 0x70d9d9a9, 0x75dadaaf, 0x76dbdbad, - 0x7fdcdca3, 0x7cdddda1, 0x79dedea7, 0x7adfdfa5, - 0x3be0e0db, 0x38e1e1d9, 0x3de2e2df, 0x3ee3e3dd, - 0x37e4e4d3, 0x34e5e5d1, 0x31e6e6d7, 0x32e7e7d5, - 0x23e8e8cb, 0x20e9e9c9, 0x25eaeacf, 0x26ebebcd, - 0x2fececc3, 0x2cededc1, 0x29eeeec7, 0x2aefefc5, - 0x0bf0f0fb, 0x08f1f1f9, 0x0df2f2ff, 0x0ef3f3fd, - 0x07f4f4f3, 0x04f5f5f1, 0x01f6f6f7, 0x02f7f7f5, - 0x13f8f8eb, 0x10f9f9e9, 0x15fafaef, 0x16fbfbed, - 0x1ffcfce3, 0x1cfdfde1, 0x19fefee7, 0x1affffe5, - }, { - /* Inverse MixColumns lookup table */ - 0x00000000, 0x0b0d090e, 0x161a121c, 0x1d171b12, - 0x2c342438, 0x27392d36, 0x3a2e3624, 0x31233f2a, - 0x58684870, 0x5365417e, 0x4e725a6c, 0x457f5362, - 0x745c6c48, 0x7f516546, 0x62467e54, 0x694b775a, - 0xb0d090e0, 0xbbdd99ee, 0xa6ca82fc, 0xadc78bf2, - 0x9ce4b4d8, 0x97e9bdd6, 0x8afea6c4, 0x81f3afca, - 0xe8b8d890, 0xe3b5d19e, 0xfea2ca8c, 0xf5afc382, - 0xc48cfca8, 0xcf81f5a6, 0xd296eeb4, 0xd99be7ba, - 0x7bbb3bdb, 0x70b632d5, 0x6da129c7, 0x66ac20c9, - 0x578f1fe3, 0x5c8216ed, 0x41950dff, 0x4a9804f1, - 0x23d373ab, 0x28de7aa5, 0x35c961b7, 0x3ec468b9, - 0x0fe75793, 0x04ea5e9d, 0x19fd458f, 0x12f04c81, - 0xcb6bab3b, 0xc066a235, 0xdd71b927, 0xd67cb029, - 0xe75f8f03, 0xec52860d, 0xf1459d1f, 0xfa489411, - 0x9303e34b, 0x980eea45, 0x8519f157, 0x8e14f859, - 0xbf37c773, 0xb43ace7d, 0xa92dd56f, 0xa220dc61, - 0xf66d76ad, 0xfd607fa3, 0xe07764b1, 0xeb7a6dbf, - 0xda595295, 0xd1545b9b, 0xcc434089, 0xc74e4987, - 0xae053edd, 0xa50837d3, 0xb81f2cc1, 0xb31225cf, - 0x82311ae5, 0x893c13eb, 0x942b08f9, 0x9f2601f7, - 0x46bde64d, 0x4db0ef43, 0x50a7f451, 0x5baafd5f, - 0x6a89c275, 0x6184cb7b, 0x7c93d069, 0x779ed967, - 0x1ed5ae3d, 0x15d8a733, 0x08cfbc21, 0x03c2b52f, - 0x32e18a05, 0x39ec830b, 0x24fb9819, 0x2ff69117, - 0x8dd64d76, 0x86db4478, 0x9bcc5f6a, 0x90c15664, - 0xa1e2694e, 0xaaef6040, 0xb7f87b52, 0xbcf5725c, - 0xd5be0506, 0xdeb30c08, 0xc3a4171a, 0xc8a91e14, - 0xf98a213e, 0xf2872830, 0xef903322, 0xe49d3a2c, - 0x3d06dd96, 0x360bd498, 0x2b1ccf8a, 0x2011c684, - 0x1132f9ae, 0x1a3ff0a0, 0x0728ebb2, 0x0c25e2bc, - 0x656e95e6, 0x6e639ce8, 0x737487fa, 0x78798ef4, - 0x495ab1de, 0x4257b8d0, 0x5f40a3c2, 0x544daacc, - 0xf7daec41, 0xfcd7e54f, 0xe1c0fe5d, 0xeacdf753, - 0xdbeec879, 0xd0e3c177, 0xcdf4da65, 0xc6f9d36b, - 0xafb2a431, 0xa4bfad3f, 0xb9a8b62d, 0xb2a5bf23, - 0x83868009, 0x888b8907, 0x959c9215, 0x9e919b1b, - 0x470a7ca1, 0x4c0775af, 0x51106ebd, 0x5a1d67b3, - 0x6b3e5899, 0x60335197, 0x7d244a85, 0x7629438b, - 0x1f6234d1, 0x146f3ddf, 0x097826cd, 0x02752fc3, - 0x335610e9, 0x385b19e7, 0x254c02f5, 0x2e410bfb, - 0x8c61d79a, 0x876cde94, 0x9a7bc586, 0x9176cc88, - 0xa055f3a2, 0xab58faac, 0xb64fe1be, 0xbd42e8b0, - 0xd4099fea, 0xdf0496e4, 0xc2138df6, 0xc91e84f8, - 0xf83dbbd2, 0xf330b2dc, 0xee27a9ce, 0xe52aa0c0, - 0x3cb1477a, 0x37bc4e74, 0x2aab5566, 0x21a65c68, - 0x10856342, 0x1b886a4c, 0x069f715e, 0x0d927850, - 0x64d90f0a, 0x6fd40604, 0x72c31d16, 0x79ce1418, - 0x48ed2b32, 0x43e0223c, 0x5ef7392e, 0x55fa3020, - 0x01b79aec, 0x0aba93e2, 0x17ad88f0, 0x1ca081fe, - 0x2d83bed4, 0x268eb7da, 0x3b99acc8, 0x3094a5c6, - 0x59dfd29c, 0x52d2db92, 0x4fc5c080, 0x44c8c98e, - 0x75ebf6a4, 0x7ee6ffaa, 0x63f1e4b8, 0x68fcedb6, - 0xb1670a0c, 0xba6a0302, 0xa77d1810, 0xac70111e, - 0x9d532e34, 0x965e273a, 0x8b493c28, 0x80443526, - 0xe90f427c, 0xe2024b72, 0xff155060, 0xf418596e, - 0xc53b6644, 0xce366f4a, 0xd3217458, 0xd82c7d56, - 0x7a0ca137, 0x7101a839, 0x6c16b32b, 0x671bba25, - 0x5638850f, 0x5d358c01, 0x40229713, 0x4b2f9e1d, - 0x2264e947, 0x2969e049, 0x347efb5b, 0x3f73f255, - 0x0e50cd7f, 0x055dc471, 0x184adf63, 0x1347d66d, - 0xcadc31d7, 0xc1d138d9, 0xdcc623cb, 0xd7cb2ac5, - 0xe6e815ef, 0xede51ce1, 0xf0f207f3, 0xfbff0efd, - 0x92b479a7, 0x99b970a9, 0x84ae6bbb, 0x8fa362b5, - 0xbe805d9f, 0xb58d5491, 0xa89a4f83, 0xa397468d, - } }; - union CRYPTO_STATE st = { .l = { rm[0], rm[1] } }; + const uint32_t *mc = decrypt ? AES_imc_rot : AES_mc_rot; int i; for (i = 0; i < 16; i += 4) { CR_ST_WORD(st, i >> 2) = - mc[decrypt][CR_ST_BYTE(st, i)] ^ - rol32(mc[decrypt][CR_ST_BYTE(st, i + 1)], 8) ^ - rol32(mc[decrypt][CR_ST_BYTE(st, i + 2)], 16) ^ - rol32(mc[decrypt][CR_ST_BYTE(st, i + 3)], 24); + mc[CR_ST_BYTE(st, i)] ^ + rol32(mc[CR_ST_BYTE(st, i + 1)], 8) ^ + rol32(mc[CR_ST_BYTE(st, i + 2)], 16) ^ + rol32(mc[CR_ST_BYTE(st, i + 3)], 24); } rd[0] = st.l[0]; From patchwork Sat Jun 3 02:33:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266014 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5DCF9C77B7A for ; Sat, 3 Jun 2023 02:35:24 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H6Q-0000T6-FK; Fri, 02 Jun 2023 22:34:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6E-0000Jz-Bl for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:39 -0400 Received: from mail-oo1-xc2a.google.com ([2607:f8b0:4864:20::c2a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H67-0004hU-IL for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:37 -0400 Received: by mail-oo1-xc2a.google.com with SMTP id 006d021491bc7-5585f2f070bso1975903eaf.0 for ; Fri, 02 Jun 2023 19:34:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759670; x=1688351670; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=tqOStWj9wy4vSlw/JP9FJsk77s8bELBPoB35SE08RZM=; b=WulAntH4HE494wgcKNFlm7uZR/9kx2mCN6tD/4dh5C3ACPdKg7Dw3/yaDQ8fZNWrBC 8iLvOMXWVKEb6g2j8snAnRY9/Hmh5GKCgQrAfglN8ZpAs0jtsX1U1zVQGQTTYPiAtFni vOhaR1OKU3CAd4u+QX5zLDOWHGRJh9FHV0wpWG6YgDBPAr549mCeTvKN5k6al/Al6Ki9 Pt05l+3RTE1AsWecOamac0yfGmjIwohCg6sdsxm6Em/CLO9bd/YWCKSVlZy/SmIN3spN IHg8LIrLnf02h8bQkauGTexDzowD8L9O/i9KXk4uiBWH4dZyfOC+SqUnib2I0iXZDCLI sEvA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759670; x=1688351670; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tqOStWj9wy4vSlw/JP9FJsk77s8bELBPoB35SE08RZM=; b=MTYeb+njlBtRLVCUX7NMeLFK0CxKh5IApaogj8ok4vWmHmIdrtPJz3/wajuTgCOE1a qHucmvMT/l9i+usyPU3W1Q9UlnfVaoNXZDkteB6iiI+gD+XqoBt7sG9f+MWoOV4MP6BK PzNXXS87QSTW9EvZDBU3CQo7K+I0gJkgW1zFnUihGizWJLpehZczSLO6hov/iJDrB6z1 QnXEwO2yCD+xLYp04EIgaiLi6Qwoqw4VXr51cSX/Ex5qZkD4xDHgJJ1mHCnw0S2x0JIW hDr+2x/+5ZxA6xoDhW+aFX+qG5wwcHkZPAwPIs+ILvnMXqsTselgEk5UHkuMsickvpQV /C7w== X-Gm-Message-State: AC+VfDxJdNtHksv9rZ0vosFW0et7r+PRtbFnHGQsO9f/GMmwmTNsq79i DjcWnHFdexe6N4nT+IMLrJadGb6/SzfJOKTiWF8= X-Google-Smtp-Source: ACHHUZ6Zp3NpI0IFZC90XcTdO5xbFxfmBGtgdydhL6dF2odJZCEpCfhEm4TqnjD4N6s8WRk1C82TAA== X-Received: by 2002:a05:6358:7208:b0:125:83c8:72f6 with SMTP id h8-20020a056358720800b0012583c872f6mr15392888rwa.0.1685759670394; Fri, 02 Jun 2023 19:34:30 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:29 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 03/35] crypto/aes: Add constants for ShiftRows, InvShiftRows Date: Fri, 2 Jun 2023 19:33:54 -0700 Message-Id: <20230603023426.1064431-4-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::c2a; envelope-from=richard.henderson@linaro.org; helo=mail-oo1-xc2a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org These symbols will avoid the indirection through memory when fully unrolling some new primitives. Signed-off-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daudé --- crypto/aes.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 48 insertions(+), 2 deletions(-) diff --git a/crypto/aes.c b/crypto/aes.c index 72c95c38fb..1309a13e91 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -108,12 +108,58 @@ const uint8_t AES_isbox[256] = { 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D, }; +/* AES ShiftRows, for complete unrolling. */ +enum { + AES_SH_0 = 0x0, + AES_SH_1 = 0x5, + AES_SH_2 = 0xa, + AES_SH_3 = 0xf, + AES_SH_4 = 0x4, + AES_SH_5 = 0x9, + AES_SH_6 = 0xe, + AES_SH_7 = 0x3, + AES_SH_8 = 0x8, + AES_SH_9 = 0xd, + AES_SH_A = 0x2, + AES_SH_B = 0x7, + AES_SH_C = 0xc, + AES_SH_D = 0x1, + AES_SH_E = 0x6, + AES_SH_F = 0xb, +}; + const uint8_t AES_shifts[16] = { - 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11 + AES_SH_0, AES_SH_1, AES_SH_2, AES_SH_3, + AES_SH_4, AES_SH_5, AES_SH_6, AES_SH_7, + AES_SH_8, AES_SH_9, AES_SH_A, AES_SH_B, + AES_SH_C, AES_SH_D, AES_SH_E, AES_SH_F, +}; + +/* AES InvShiftRows, for complete unrolling. */ +enum { + AES_ISH_0 = 0x0, + AES_ISH_1 = 0xd, + AES_ISH_2 = 0xa, + AES_ISH_3 = 0x7, + AES_ISH_4 = 0x4, + AES_ISH_5 = 0x1, + AES_ISH_6 = 0xe, + AES_ISH_7 = 0xb, + AES_ISH_8 = 0x8, + AES_ISH_9 = 0x5, + AES_ISH_A = 0x2, + AES_ISH_B = 0xf, + AES_ISH_C = 0xc, + AES_ISH_D = 0x9, + AES_ISH_E = 0x6, + AES_ISH_F = 0x3, }; const uint8_t AES_ishifts[16] = { - 0, 13, 10, 7, 4, 1, 14, 11, 8, 5, 2, 15, 12, 9, 6, 3 + AES_ISH_0, AES_ISH_1, AES_ISH_2, AES_ISH_3, + AES_ISH_4, AES_ISH_5, AES_ISH_6, AES_ISH_7, + AES_ISH_8, AES_ISH_9, AES_ISH_A, AES_ISH_B, + AES_ISH_C, AES_ISH_D, AES_ISH_E, AES_ISH_F, }; /* From patchwork Sat Jun 3 02:33:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266034 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 858EAC7EE2A for ; Sat, 3 Jun 2023 02:39:07 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H6V-0000Wo-9W; Fri, 02 Jun 2023 22:34:55 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6G-0000Kd-QZ for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:41 -0400 Received: from mail-pj1-x102c.google.com ([2607:f8b0:4864:20::102c]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H69-0004hx-JZ for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:40 -0400 Received: by mail-pj1-x102c.google.com with SMTP id 98e67ed59e1d1-2566ed9328eso2312993a91.2 for ; Fri, 02 Jun 2023 19:34:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759671; x=1688351671; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=XCCJzw+rwFcyJFSIAMn2E7LGE9pt/wVOH2bIPCZG1D0=; b=h87KHV6/FBRlIIQ2hK8YT35Hr7dATRYaOnko6G1wAO2rPl6yvv7pQY6hbxZbhAbZnL ySF/eZgUnve3QWjIO8VFnGVAKGoa4Jf7GGnwzgXY1P/HG4OavBkto9NlMEo8+NL579GY o1ESXSwwAJjaxFQtNw2KE+l4w6AZcwvdcQzfxpkMEEogA8dgYOdC4qVBiGJ0ITzLlhhL XQIOfpkwcaZwxkDjgfRbtx//0rNkp6ieFSH2GMM5oqq9iH5y8ST90j0iMCaGEpgSaOSG +kmJNFRvszYuokkegxXo6yCBW+QmlldY7/i4JOLFEUNWAi/82BxBEWg4ZzsawCNaEZIE 40LA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759671; x=1688351671; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=XCCJzw+rwFcyJFSIAMn2E7LGE9pt/wVOH2bIPCZG1D0=; b=bhDLzRttjQeLpbUV2kDuqGjAg1NZcIBJ8hDGRHZJdpdnpAOnNigtoKEmWD4WbfnFNs jwNKXvcdP+9kUhPoDsdeBoUvmmBaDDfo8lpxDEqGpnw2TF2TGF9lRJNzMlAVqyZr65+w fGc/Tln1o/55wd7PVfhThyzTJUJl+bgyn68I6H0kTL3VYGyZbDqZmP2boVDotgzQHnOG w1wZc92LK5KB/vtCYXSZsivBuc23EJLaoEfVV34E6NLttTnD5HtPBfnWW3FNQMwJ1A4w 86nBMp7iiM6lJ2axKSMf6M39+kRCMmwi4YfR7NFzilI+b+qTWdozduwNWs03tB95Lban Y8CA== X-Gm-Message-State: AC+VfDwUPjLzXQ60F5RAUvXNZpuKhY5y7pnWLheWan6xe4ZW3RcWKXNR hg93iX1q1VnIy3FtSC0f6hS2fz8L+Y03KaaI3Mg= X-Google-Smtp-Source: ACHHUZ6LLlenU/GEs1wjeTpTLZUD+4OGWdOAKAwwziHp5T9vc/xm1oDx7Sh8li9qaLU8TcJeDpSU8w== X-Received: by 2002:a17:90a:e006:b0:255:2dde:17cc with SMTP id u6-20020a17090ae00600b002552dde17ccmr1501795pjy.47.1685759671275; Fri, 02 Jun 2023 19:34:31 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:30 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 04/35] crypto: Add aesenc_SB_SR Date: Fri, 2 Jun 2023 19:33:55 -0700 Message-Id: <20230603023426.1064431-5-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::102c; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x102c.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Start adding infrastructure for accelerating guest AES. Begin with a SubBytes + ShiftRows primitive. Signed-off-by: Richard Henderson --- host/include/generic/host/aes-round.h | 15 +++++++++ include/crypto/aes-round.h | 41 +++++++++++++++++++++++ crypto/aes.c | 47 +++++++++++++++++++++++++++ 3 files changed, 103 insertions(+) create mode 100644 host/include/generic/host/aes-round.h create mode 100644 include/crypto/aes-round.h diff --git a/host/include/generic/host/aes-round.h b/host/include/generic/host/aes-round.h new file mode 100644 index 0000000000..598242c603 --- /dev/null +++ b/host/include/generic/host/aes-round.h @@ -0,0 +1,15 @@ +/* + * No host specific aes acceleration. + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef HOST_AES_ROUND_H +#define HOST_AES_ROUND_H + +#define HAVE_AES_ACCEL false +#define ATTR_AES_ACCEL + +void aesenc_SB_SR_accel(AESState *, const AESState *, bool) + QEMU_ERROR("unsupported accel"); + +#endif diff --git a/include/crypto/aes-round.h b/include/crypto/aes-round.h new file mode 100644 index 0000000000..784e1daee6 --- /dev/null +++ b/include/crypto/aes-round.h @@ -0,0 +1,41 @@ +/* + * SPDX-License-Identifier: GPL-2.0-or-later + * AES round fragments, generic version + * + * Copyright (C) 2023 Linaro, Ltd. + */ + +#ifndef CRYPTO_AES_ROUND_H +#define CRYPTO_AES_ROUND_H + +/* Hosts with acceleration will usually need a 16-byte vector type. */ +typedef uint8_t AESStateVec __attribute__((vector_size(16))); + +typedef union { + uint8_t b[16]; + uint32_t w[4]; + uint64_t d[4]; + AESStateVec v; +} AESState; + +#include "host/aes-round.h" + +/* + * Perform SubBytes + ShiftRows. + */ + +void aesenc_SB_SR_gen(AESState *ret, const AESState *st); +void aesenc_SB_SR_genrev(AESState *ret, const AESState *st); + +static inline void aesenc_SB_SR(AESState *r, const AESState *st, bool be) +{ + if (HAVE_AES_ACCEL) { + aesenc_SB_SR_accel(r, st, be); + } else if (HOST_BIG_ENDIAN == be) { + aesenc_SB_SR_gen(r, st); + } else { + aesenc_SB_SR_genrev(r, st); + } +} + +#endif /* CRYPTO_AES_ROUND_H */ diff --git a/crypto/aes.c b/crypto/aes.c index 1309a13e91..708838315a 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -29,6 +29,7 @@ */ #include "qemu/osdep.h" #include "crypto/aes.h" +#include "crypto/aes-round.h" typedef uint32_t u32; typedef uint8_t u8; @@ -1251,6 +1252,52 @@ static const u32 rcon[] = { 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ }; +/* Perform SubBytes + ShiftRows. */ +static inline void +aesenc_SB_SR_swap(AESState *r, const AESState *st, bool swap) +{ + const int swap_b = swap ? 15 : 0; + uint8_t t; + + /* These four indexes are not swizzled. */ + r->b[swap_b ^ 0x0] = AES_sbox[st->b[swap_b ^ AES_SH_0]]; + r->b[swap_b ^ 0x4] = AES_sbox[st->b[swap_b ^ AES_SH_4]]; + r->b[swap_b ^ 0x8] = AES_sbox[st->b[swap_b ^ AES_SH_8]]; + r->b[swap_b ^ 0xc] = AES_sbox[st->b[swap_b ^ AES_SH_C]]; + + /* Otherwise, break cycles. */ + + t = AES_sbox[st->b[swap_b ^ AES_SH_D]]; + r->b[swap_b ^ 0x1] = AES_sbox[st->b[swap_b ^ AES_SH_1]]; + r->b[swap_b ^ 0x5] = AES_sbox[st->b[swap_b ^ AES_SH_5]]; + r->b[swap_b ^ 0x9] = AES_sbox[st->b[swap_b ^ AES_SH_9]]; + r->b[swap_b ^ 0xd] = t; + + t = AES_sbox[st->b[swap_b ^ AES_SH_A]]; + r->b[swap_b ^ 0x2] = AES_sbox[st->b[swap_b ^ AES_SH_2]]; + r->b[swap_b ^ 0xa] = t; + + t = AES_sbox[st->b[swap_b ^ AES_SH_E]]; + r->b[swap_b ^ 0x6] = AES_sbox[st->b[swap_b ^ AES_SH_6]]; + r->b[swap_b ^ 0xe] = t; + + t = AES_sbox[st->b[swap_b ^ AES_SH_7]]; + r->b[swap_b ^ 0x3] = AES_sbox[st->b[swap_b ^ AES_SH_3]]; + r->b[swap_b ^ 0xf] = AES_sbox[st->b[swap_b ^ AES_SH_F]]; + r->b[swap_b ^ 0xb] = AES_sbox[st->b[swap_b ^ AES_SH_B]]; + r->b[swap_b ^ 0x7] = t; +} + +void aesenc_SB_SR_gen(AESState *r, const AESState *st) +{ + aesenc_SB_SR_swap(r, st, false); +} + +void aesenc_SB_SR_genrev(AESState *r, const AESState *st) +{ + aesenc_SB_SR_swap(r, st, true); +} + /** * Expand the cipher key into the encryption key schedule. */ From patchwork Sat Jun 3 02:33:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266015 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BDF89C7EE2C for ; Sat, 3 Jun 2023 02:35:24 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H6S-0000VZ-U8; Fri, 02 Jun 2023 22:34:54 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6F-0000K7-Db for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:41 -0400 Received: from mail-pj1-x102b.google.com ([2607:f8b0:4864:20::102b]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H69-0004iW-Ez for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:38 -0400 Received: by mail-pj1-x102b.google.com with SMTP id 98e67ed59e1d1-25669acf1b0so2383049a91.0 for ; Fri, 02 Jun 2023 19:34:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759672; x=1688351672; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bzPaKBoi+AazRfwP5mOI7xFIN7w0g/MQbp2bpj2kQAc=; b=c8VUY7fqmPG9KJzwKTDju8ivBFkRd5H/Zurp/BuEHnmVfYeVhlS1lBBQIc5e0ozit4 F5nMpmYPIOV1IrHa7IsWo1jiXpLczDqm3DjeTkF/0A1/BD9WfKaLNGNLeJJJpG3m/7zc 2W2aS9RzlsZ4NC78L1Wv6oxD3DPXzZRkBpOZhr7xGOLnWjhDSZq8bERk3UFMqduKo8s3 mX7rurpOTGQd2JVU1LFY4wrzSzBMHYEZdpTJFrXw6ItMpqERJ1lsNsjsmgZ17gPt12QD aYzPhE7d+SsQS2xs1sAaMwmV68ZaZgWK283lVJjdVqz+1l64UlFbzIy871i3KqgR2ggQ eyPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759672; x=1688351672; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bzPaKBoi+AazRfwP5mOI7xFIN7w0g/MQbp2bpj2kQAc=; b=ALpWF5J6D5F6GklvxWEwG6viaRkuXJfiZ653AZ7VtyXUNJ2xbTvUQuZxEux51rAenw 2AA0TMcCJ8syKsdxB9PT1SFO5z6CIcP5DQjq1YQFuLLW3e1qNIEcM0KDMGTU6GNFpmpn b2wgAx3t1SxsIBjK731pDnsbJwwRwY5EkAPvOTLgezpQHJnx0YDLz/Q1f8ghl0SY/5TK uEh2YIwCFM4Dn0VzFTai0ipgx5sUcqBTibdAGJa2v9tE3hbCtfDuuHhM4SRw+SvhZHQ8 XkKXTKUR0fXg/Xq/lYEBFeYTk0pU7sR+cIKDsdUydUEYfXfHcOyux8l63xnSTnlp9yMs Lp7A== X-Gm-Message-State: AC+VfDzVpJ9MJJXYaeA13ZScNA0XPc4hSZuDwbqVXH/KlpWY6XTIZjF8 LeF7yB4Wm8AsWmSIH08dsCdHpSgINZ3PHWc7d5Q= X-Google-Smtp-Source: ACHHUZ74GG32sCsz02zvQBpeFpfE4e5SJu7pFh04QWQ4rOB9dPSZrVB11Qn/aAPV5WyNvFraWzTDkw== X-Received: by 2002:a17:90b:4a4f:b0:250:9e7b:2798 with SMTP id lb15-20020a17090b4a4f00b002509e7b2798mr1509757pjb.18.1685759672216; Fri, 02 Jun 2023 19:34:32 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:31 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 05/35] target/i386: Use aesenc_SB_SR Date: Fri, 2 Jun 2023 19:33:56 -0700 Message-Id: <20230603023426.1064431-6-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::102b; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x102b.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AESENCLAST instruction. Signed-off-by: Richard Henderson --- target/i386/ops_sse.h | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/target/i386/ops_sse.h b/target/i386/ops_sse.h index fb63af7afa..31e1f6edc7 100644 --- a/target/i386/ops_sse.h +++ b/target/i386/ops_sse.h @@ -19,6 +19,7 @@ */ #include "crypto/aes.h" +#include "crypto/aes-round.h" #if SHIFT == 0 #define Reg MMXReg @@ -2202,12 +2203,14 @@ void glue(helper_aesenc, SUFFIX)(CPUX86State *env, Reg *d, Reg *v, Reg *s) void glue(helper_aesenclast, SUFFIX)(CPUX86State *env, Reg *d, Reg *v, Reg *s) { - int i; - Reg st = *v; - Reg rk = *s; + for (int i = 0; i < SHIFT; i++) { + AESState *ad = (AESState *)&d->ZMM_X(i); + AESState *st = (AESState *)&v->ZMM_X(i); + AESState *rk = (AESState *)&s->ZMM_X(i); + AESState t; - for (i = 0; i < 8 << SHIFT; i++) { - d->B(i) = rk.B(i) ^ (AES_sbox[st.B(AES_shifts[i & 15] + (i & ~15))]); + aesenc_SB_SR(&t, st, false); + ad->v = t.v ^ rk->v; } } From patchwork Sat Jun 3 02:33:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 73D51C77B7A for ; Sat, 3 Jun 2023 02:36:55 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H6c-0000ZC-AU; Fri, 02 Jun 2023 22:35:02 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6I-0000My-C6 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:43 -0400 Received: from mail-ot1-x32c.google.com ([2607:f8b0:4864:20::32c]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6A-0004j7-Ai for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:41 -0400 Received: by mail-ot1-x32c.google.com with SMTP id 46e09a7af769-6af6de9fb74so2490784a34.2 for ; Fri, 02 Jun 2023 19:34:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759673; x=1688351673; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=oe26BuCyJMyrdOPsjHo9JPVC3OcUjCngbFzXRSOAiwY=; b=l7xGIS2KHsPo4GDujafSMdei50jKLFDvYFnqDWrQUHBGNFadUvTaey/ZO/oaROcdou r3eGT9isMHt/9KXeEEGft3FQrjprKE9iC89Qi+Lqf+VIKQ0mMzOrNW7HJYxhD5dL5UWE KNioY4D+EmIOLgiJwwnxxqZTqn2Yv5ca6J6ZAehrosf7h0qONhXi7vWZW/lJNRaO+PWm vqIaDQF+8OYNfwsUtP5YNUQejlvjKJIRCCaVzCUx3U9hRacaqBUkGYGWPi1veuJ/Uk6f 2YmNo2iG3R2KwdJjJFKaEru9zGY1Y3srwQMeGQsMZ3L2H3wpIdrG2EOSb1vRlv8jEdGg Brpg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759673; x=1688351673; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=oe26BuCyJMyrdOPsjHo9JPVC3OcUjCngbFzXRSOAiwY=; b=KT6aXmuu6zLuAR7WFnBXIEgGhGQCwD6+FGdmgGOhHd9sCTmMaQETnqm4Pm9X1XSVRN KTj7OIKer7I5bQPPQYcHIPQ3iFu6oHSECCbVXeP18d1nZ0MmGab0Ei9NsQQC/3u56ICF 1Wa8hdyY0JsQA4UbcVNl/Vf3Ud/Dx8DOr/AFrpGhL8W3yYqViYiSM6kZRSmwc2JZSOFi QVHBz9oqEHJ1XU+lz9/ayEn5b1iU/YKf9zOFaZdBxXLHQtvWMBc5ZsTjeQfw/4/bx7i3 t+GYx7J5pQZRJkxp1gSzQIXWmbxhxW9YGgrDJ+86SXxmbgcF6zhd7+qovkVt046/TVU8 0IfQ== X-Gm-Message-State: AC+VfDzfi62hzTOR2AzQ/vDoSvClGg1CR33HmZqwgCOqO14GyBoaG0WN UwkQYh2osYksIDU88VtQknVK4dSbP1WeGbWlXeo= X-Google-Smtp-Source: ACHHUZ6evDR0QRS8MuUgroSYKWS04S8PCcMRAIwczmsJGQFUr/cFD4DD9342n95zYd3NrLpqcpwk2Q== X-Received: by 2002:a05:6358:ce1a:b0:127:d8c1:b829 with SMTP id gt26-20020a056358ce1a00b00127d8c1b829mr7254454rwb.27.1685759673153; Fri, 02 Jun 2023 19:34:33 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:32 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 06/35] target/arm: Demultiplex AESE and AESMC Date: Fri, 2 Jun 2023 19:33:57 -0700 Message-Id: <20230603023426.1064431-7-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::32c; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x32c.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Split these helpers so that we are not passing 'decrypt' within the simd descriptor. Signed-off-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daudé --- target/arm/helper.h | 2 ++ target/arm/tcg/sve.decode | 4 ++-- target/arm/tcg/crypto_helper.c | 37 +++++++++++++++++++++++---------- target/arm/tcg/translate-a64.c | 13 ++++-------- target/arm/tcg/translate-neon.c | 4 ++-- target/arm/tcg/translate-sve.c | 8 ++++--- 6 files changed, 41 insertions(+), 27 deletions(-) diff --git a/target/arm/helper.h b/target/arm/helper.h index 3335c2b10b..95e32a697a 100644 --- a/target/arm/helper.h +++ b/target/arm/helper.h @@ -552,7 +552,9 @@ DEF_HELPER_FLAGS_2(neon_qzip16, TCG_CALL_NO_RWG, void, ptr, ptr) DEF_HELPER_FLAGS_2(neon_qzip32, TCG_CALL_NO_RWG, void, ptr, ptr) DEF_HELPER_FLAGS_4(crypto_aese, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, i32) +DEF_HELPER_FLAGS_4(crypto_aesd, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, i32) DEF_HELPER_FLAGS_3(crypto_aesmc, TCG_CALL_NO_RWG, void, ptr, ptr, i32) +DEF_HELPER_FLAGS_3(crypto_aesimc, TCG_CALL_NO_RWG, void, ptr, ptr, i32) DEF_HELPER_FLAGS_4(crypto_sha1su0, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, i32) DEF_HELPER_FLAGS_4(crypto_sha1c, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, i32) diff --git a/target/arm/tcg/sve.decode b/target/arm/tcg/sve.decode index 14b3a69c36..04b6fcc0cf 100644 --- a/target/arm/tcg/sve.decode +++ b/target/arm/tcg/sve.decode @@ -1629,8 +1629,8 @@ STNT1_zprz 1110010 .. 10 ..... 001 ... ..... ..... \ ### SVE2 Crypto Extensions # SVE2 crypto unary operations -# AESMC and AESIMC -AESMC 01000101 00 10000011100 decrypt:1 00000 rd:5 +AESMC 01000101 00 10000011100 0 00000 rd:5 +AESIMC 01000101 00 10000011100 1 00000 rd:5 # SVE2 crypto destructive binary operations AESE 01000101 00 10001 0 11100 0 ..... ..... @rdn_rm_e0 diff --git a/target/arm/tcg/crypto_helper.c b/target/arm/tcg/crypto_helper.c index 06254939d2..75882d9ea3 100644 --- a/target/arm/tcg/crypto_helper.c +++ b/target/arm/tcg/crypto_helper.c @@ -45,11 +45,9 @@ static void clear_tail_16(void *vd, uint32_t desc) clear_tail(vd, opr_sz, max_sz); } -static void do_crypto_aese(uint64_t *rd, uint64_t *rn, - uint64_t *rm, bool decrypt) +static void do_crypto_aese(uint64_t *rd, uint64_t *rn, uint64_t *rm, + const uint8_t *sbox, const uint8_t *shift) { - static uint8_t const * const sbox[2] = { AES_sbox, AES_isbox }; - static uint8_t const * const shift[2] = { AES_shifts, AES_ishifts }; union CRYPTO_STATE rk = { .l = { rm[0], rm[1] } }; union CRYPTO_STATE st = { .l = { rn[0], rn[1] } }; int i; @@ -60,7 +58,7 @@ static void do_crypto_aese(uint64_t *rd, uint64_t *rn, /* combine ShiftRows operation and sbox substitution */ for (i = 0; i < 16; i++) { - CR_ST_BYTE(st, i) = sbox[decrypt][CR_ST_BYTE(rk, shift[decrypt][i])]; + CR_ST_BYTE(st, i) = sbox[CR_ST_BYTE(rk, shift[i])]; } rd[0] = st.l[0]; @@ -70,18 +68,26 @@ static void do_crypto_aese(uint64_t *rd, uint64_t *rn, void HELPER(crypto_aese)(void *vd, void *vn, void *vm, uint32_t desc) { intptr_t i, opr_sz = simd_oprsz(desc); - bool decrypt = simd_data(desc); for (i = 0; i < opr_sz; i += 16) { - do_crypto_aese(vd + i, vn + i, vm + i, decrypt); + do_crypto_aese(vd + i, vn + i, vm + i, AES_sbox, AES_shifts); } clear_tail(vd, opr_sz, simd_maxsz(desc)); } -static void do_crypto_aesmc(uint64_t *rd, uint64_t *rm, bool decrypt) +void HELPER(crypto_aesd)(void *vd, void *vn, void *vm, uint32_t desc) +{ + intptr_t i, opr_sz = simd_oprsz(desc); + + for (i = 0; i < opr_sz; i += 16) { + do_crypto_aese(vd + i, vn + i, vm + i, AES_isbox, AES_ishifts); + } + clear_tail(vd, opr_sz, simd_maxsz(desc)); +} + +static void do_crypto_aesmc(uint64_t *rd, uint64_t *rm, const uint32_t *mc) { union CRYPTO_STATE st = { .l = { rm[0], rm[1] } }; - const uint32_t *mc = decrypt ? AES_imc_rot : AES_mc_rot; int i; for (i = 0; i < 16; i += 4) { @@ -99,10 +105,19 @@ static void do_crypto_aesmc(uint64_t *rd, uint64_t *rm, bool decrypt) void HELPER(crypto_aesmc)(void *vd, void *vm, uint32_t desc) { intptr_t i, opr_sz = simd_oprsz(desc); - bool decrypt = simd_data(desc); for (i = 0; i < opr_sz; i += 16) { - do_crypto_aesmc(vd + i, vm + i, decrypt); + do_crypto_aesmc(vd + i, vm + i, AES_mc_rot); + } + clear_tail(vd, opr_sz, simd_maxsz(desc)); +} + +void HELPER(crypto_aesimc)(void *vd, void *vm, uint32_t desc) +{ + intptr_t i, opr_sz = simd_oprsz(desc); + + for (i = 0; i < opr_sz; i += 16) { + do_crypto_aesmc(vd + i, vm + i, AES_imc_rot); } clear_tail(vd, opr_sz, simd_maxsz(desc)); } diff --git a/target/arm/tcg/translate-a64.c b/target/arm/tcg/translate-a64.c index 741a608739..3a97216d9b 100644 --- a/target/arm/tcg/translate-a64.c +++ b/target/arm/tcg/translate-a64.c @@ -13416,7 +13416,6 @@ static void disas_crypto_aes(DisasContext *s, uint32_t insn) int opcode = extract32(insn, 12, 5); int rn = extract32(insn, 5, 5); int rd = extract32(insn, 0, 5); - int decrypt; gen_helper_gvec_2 *genfn2 = NULL; gen_helper_gvec_3 *genfn3 = NULL; @@ -13427,20 +13426,16 @@ static void disas_crypto_aes(DisasContext *s, uint32_t insn) switch (opcode) { case 0x4: /* AESE */ - decrypt = 0; genfn3 = gen_helper_crypto_aese; break; case 0x6: /* AESMC */ - decrypt = 0; genfn2 = gen_helper_crypto_aesmc; break; case 0x5: /* AESD */ - decrypt = 1; - genfn3 = gen_helper_crypto_aese; + genfn3 = gen_helper_crypto_aesd; break; case 0x7: /* AESIMC */ - decrypt = 1; - genfn2 = gen_helper_crypto_aesmc; + genfn2 = gen_helper_crypto_aesimc; break; default: unallocated_encoding(s); @@ -13451,9 +13446,9 @@ static void disas_crypto_aes(DisasContext *s, uint32_t insn) return; } if (genfn2) { - gen_gvec_op2_ool(s, true, rd, rn, decrypt, genfn2); + gen_gvec_op2_ool(s, true, rd, rn, 0, genfn2); } else { - gen_gvec_op3_ool(s, true, rd, rd, rn, decrypt, genfn3); + gen_gvec_op3_ool(s, true, rd, rd, rn, 0, genfn3); } } diff --git a/target/arm/tcg/translate-neon.c b/target/arm/tcg/translate-neon.c index af8685a4ac..bb92ee411d 100644 --- a/target/arm/tcg/translate-neon.c +++ b/target/arm/tcg/translate-neon.c @@ -3455,9 +3455,9 @@ static bool trans_VMVN(DisasContext *s, arg_2misc *a) } WRAP_2M_3_OOL_FN(gen_AESE, gen_helper_crypto_aese, 0) -WRAP_2M_3_OOL_FN(gen_AESD, gen_helper_crypto_aese, 1) +WRAP_2M_3_OOL_FN(gen_AESD, gen_helper_crypto_aesd, 0) WRAP_2M_2_OOL_FN(gen_AESMC, gen_helper_crypto_aesmc, 0) -WRAP_2M_2_OOL_FN(gen_AESIMC, gen_helper_crypto_aesmc, 1) +WRAP_2M_2_OOL_FN(gen_AESIMC, gen_helper_crypto_aesimc, 0) WRAP_2M_2_OOL_FN(gen_SHA1H, gen_helper_crypto_sha1h, 0) WRAP_2M_2_OOL_FN(gen_SHA1SU1, gen_helper_crypto_sha1su1, 0) WRAP_2M_2_OOL_FN(gen_SHA256SU0, gen_helper_crypto_sha256su0, 0) diff --git a/target/arm/tcg/translate-sve.c b/target/arm/tcg/translate-sve.c index 92ab290106..553c79cfe3 100644 --- a/target/arm/tcg/translate-sve.c +++ b/target/arm/tcg/translate-sve.c @@ -7116,12 +7116,14 @@ TRANS_FEAT(USDOT_zzzz, aa64_sve_i8mm, gen_gvec_ool_arg_zzzz, a->esz == 2 ? gen_helper_gvec_usdot_b : NULL, a, 0) TRANS_FEAT_NONSTREAMING(AESMC, aa64_sve2_aes, gen_gvec_ool_zz, - gen_helper_crypto_aesmc, a->rd, a->rd, a->decrypt) + gen_helper_crypto_aesmc, a->rd, a->rd, 0) +TRANS_FEAT_NONSTREAMING(AESIMC, aa64_sve2_aes, gen_gvec_ool_zz, + gen_helper_crypto_aesimc, a->rd, a->rd, 0) TRANS_FEAT_NONSTREAMING(AESE, aa64_sve2_aes, gen_gvec_ool_arg_zzz, - gen_helper_crypto_aese, a, false) + gen_helper_crypto_aese, a, 0) TRANS_FEAT_NONSTREAMING(AESD, aa64_sve2_aes, gen_gvec_ool_arg_zzz, - gen_helper_crypto_aese, a, true) + gen_helper_crypto_aesd, a, 0) TRANS_FEAT_NONSTREAMING(SM4E, aa64_sve2_sm4, gen_gvec_ool_arg_zzz, gen_helper_crypto_sm4e, a, 0) From patchwork Sat Jun 3 02:33:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266036 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3679DC7EE2A for ; Sat, 3 Jun 2023 02:39:13 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H6i-0000eF-A4; Fri, 02 Jun 2023 22:35:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6J-0000N7-Lx for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:43 -0400 Received: from mail-oo1-xc32.google.com ([2607:f8b0:4864:20::c32]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6C-0004jh-30 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:43 -0400 Received: by mail-oo1-xc32.google.com with SMTP id 006d021491bc7-55554ab909cso1963382eaf.2 for ; Fri, 02 Jun 2023 19:34:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759674; x=1688351674; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bOy/7D0V1nmDJKV8o/vdRKDOk9tiJCT68kr08p43Sdw=; b=li2am/BJj+JZ0uuZCArtt3g71WyZK8tFfJvww2JvF0VlvmhwjFx2eE+9Mu2JuGVAKa 4jOWht5+1j5Ggo1d7tlGjNe6c4YeCrspx2PktjCQwRhhqMjrRIG6ezgpww+HZTbxvbhM 7cwAanA3EclRTUDwexpTZhSWGV6eCK6m6OyhUtKqOTQ3MQOUd2KxRe75TNzJrsf6KGV5 hyRJ6PYL1++vPB+oA5qB2SMUPknxWG6ehxOuAJkW26etfu8BcplO4ah8HqRsmhURUVCh Atkqn1NZTuaoj5Khxn0G9P4qPA+222IIHvmTI3Kb7kPp+0Ful1LNxgEeIwXHUAW6oWzS n5Mw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759674; x=1688351674; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bOy/7D0V1nmDJKV8o/vdRKDOk9tiJCT68kr08p43Sdw=; b=i+4ejfeP5glq+vh1Mw1zA/K6lx9Z+qe8uhF0JcRv3pGLb9EaqymXvSOngZDYEN+mdI 6zby0KYOpdWwcinruCS/Hvx+DUp1rExWAnmcwTcwGauVXgm8S9ur5t3edbb3R6US5Q4m uzwvNZCA9fv4djlhZ4rsIDOjyIfsGqrd8pt29Lc5cfBAFBERHSXDS0RC7+FwftjoeMTV LfOvxWZoMFL/eGxoqhAmfUVrNURVE26d4gmD/3H//tLa0sXJwqhT9juHqHhLMj5sUI2w wTYbz5NxK2DJ71HmPid1mthoIX62fES7ZaYC+1K8iDgKm7BNLbm+gXlJBbOfVkYRbnHp 9Dww== X-Gm-Message-State: AC+VfDxwQFRfeFKTzcV4pgbThKRjX3jzLbxpfHSOx+ht2esqC2wdWNqD k+izt+RERbi/A+0PDf9uz0CalKDDyb0MXBA24no= X-Google-Smtp-Source: ACHHUZ5mzo2T35ovn97ow/mPL4AjKLb+HB0Z72c0JMxEPHpf30EkSk52l9svj+ubpWV8wiNIqEx3xg== X-Received: by 2002:a05:6358:9103:b0:125:9f49:b1b9 with SMTP id q3-20020a056358910300b001259f49b1b9mr11044333rwq.12.1685759674092; Fri, 02 Jun 2023 19:34:34 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:33 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 07/35] target/arm: Use aesenc_SB_SR Date: Fri, 2 Jun 2023 19:33:58 -0700 Message-Id: <20230603023426.1064431-8-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::c32; envelope-from=richard.henderson@linaro.org; helo=mail-oo1-xc32.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AESE instruction. Signed-off-by: Richard Henderson --- target/arm/tcg/crypto_helper.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/target/arm/tcg/crypto_helper.c b/target/arm/tcg/crypto_helper.c index 75882d9ea3..5cebc88f5f 100644 --- a/target/arm/tcg/crypto_helper.c +++ b/target/arm/tcg/crypto_helper.c @@ -15,6 +15,7 @@ #include "exec/helper-proto.h" #include "tcg/tcg-gvec-desc.h" #include "crypto/aes.h" +#include "crypto/aes-round.h" #include "crypto/sm4.h" #include "vec_internal.h" @@ -70,7 +71,22 @@ void HELPER(crypto_aese)(void *vd, void *vn, void *vm, uint32_t desc) intptr_t i, opr_sz = simd_oprsz(desc); for (i = 0; i < opr_sz; i += 16) { - do_crypto_aese(vd + i, vn + i, vm + i, AES_sbox, AES_shifts); + AESState *ad = (AESState *)(vd + i); + AESState *st = (AESState *)(vn + i); + AESState *rk = (AESState *)(vm + i); + AESState t; + + /* Our uint64_t are in the wrong order for big-endian. */ + if (HOST_BIG_ENDIAN) { + t.d[0] = st->d[1] ^ rk->d[1]; + t.d[1] = st->d[0] ^ rk->d[0]; + aesenc_SB_SR(&t, &t, false); + ad->d[0] = t.d[1]; + ad->d[1] = t.d[0]; + } else { + t.v = st->v ^ rk->v; + aesenc_SB_SR(ad, &t, false); + } } clear_tail(vd, opr_sz, simd_maxsz(desc)); } From patchwork Sat Jun 3 02:33:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266019 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2A9E3C7EE2A for ; Sat, 3 Jun 2023 02:36:10 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H79-0001FY-1g; Fri, 02 Jun 2023 22:35:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6K-0000NL-KD for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:44 -0400 Received: from mail-ot1-x32f.google.com ([2607:f8b0:4864:20::32f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6D-0004k6-W4 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:44 -0400 Received: by mail-ot1-x32f.google.com with SMTP id 46e09a7af769-6af81142b6dso2604546a34.2 for ; Fri, 02 Jun 2023 19:34:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759675; x=1688351675; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Ko4mUpXNJpSKRU+jwfwgaI1zE5ZSDmdfftH6D/6Zwyw=; b=OYA2c8b9a6S6deJOFUjfiguCyVeRey68yFzwwLgZL7WvscUnp9+3jXWdHbuob0dCVz qb3ySFT+oHI7vJx9YJ0iaQ/JJJoSFqpUMDULAoxp4aLAD+QwmIuoN/Quc5lt9FyG7yyO piG8L72y5lrwmIvyOf/53WpKP/eF+rgfBCz5WECWlvIgWUWk2pc+Wbw3QSMVVnKlE75S XYnO2VeiLVE6VxY4x9IGpMPWOWV5cs7+YVPANMpqMW4oTB6jbChH3XfvEmPVtDXvNPIp sVUla6CbwEgqEmgBl2oXFitw0fRoOSLi2rBF+LNj/TKrd76yWiHNE2Qsmmpg3/6ExMrt wriA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759675; x=1688351675; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ko4mUpXNJpSKRU+jwfwgaI1zE5ZSDmdfftH6D/6Zwyw=; b=YneL+vzsaNE8UjX2bY1H4rvIYRj8QbH0n4YKz6ix/dKOMgTmpWZzv4BuGVFsYJPeMo 6Hvp06mLFZpHkG91Fm0k9tySFLDbIttLfEa3qlWacxnZ3FaBYlbwWwP99qk2BEKMfRmH tI319gAY/aKL3uLLdatIKK7WEpUGLNmRA5o1uSnl9NPvkIQeEdSwnsw+9hD68wEOsCaN AdnGUc9O3IpTkYE/uTvtZB25L6oTeUAJ/UFzIoG2Xwzns/a2NjaTf+W5bDnATbl9XfWG xd7FWlcnPyzPgVM0a8vApFLAd0cKAw2PGbxujXIw/qtUcN4glNLwkVntSpzv23LhxP6Q hI5g== X-Gm-Message-State: AC+VfDzx6saPZwU6hpnlTInMV57BCj1YgZvoBheXyAPAeb1xljyxAgWt GbEjimeoBnnw39F8w0Y61pZorP6DQY/iHbtZlNs= X-Google-Smtp-Source: ACHHUZ7rxacPrGgIJ7EVTab9VZp6/Kaln+0jswm7mz4gTlXLfT2yFfyNbIe743+2G6LzWHGxa+YCzA== X-Received: by 2002:a05:6358:591a:b0:123:39c6:3168 with SMTP id g26-20020a056358591a00b0012339c63168mr16556626rwf.24.1685759675003; Fri, 02 Jun 2023 19:34:35 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:34 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 08/35] target/ppc: Use aesenc_SB_SR Date: Fri, 2 Jun 2023 19:33:59 -0700 Message-Id: <20230603023426.1064431-9-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::32f; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x32f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the VCIPHERLAST instruction. Signed-off-by: Richard Henderson --- target/ppc/int_helper.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/target/ppc/int_helper.c b/target/ppc/int_helper.c index d97a7f1f28..b49e17685b 100644 --- a/target/ppc/int_helper.c +++ b/target/ppc/int_helper.c @@ -25,6 +25,7 @@ #include "qemu/log.h" #include "exec/helper-proto.h" #include "crypto/aes.h" +#include "crypto/aes-round.h" #include "fpu/softfloat.h" #include "qapi/error.h" #include "qemu/guest-random.h" @@ -2947,13 +2948,13 @@ void helper_vcipher(ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b) void helper_vcipherlast(ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b) { - ppc_avr_t result; - int i; + AESState *ad = (AESState *)r; + AESState *st = (AESState *)a; + AESState *rk = (AESState *)b; + AESState t; - VECTOR_FOR_INORDER_I(i, u8) { - result.VsrB(i) = b->VsrB(i) ^ (AES_sbox[a->VsrB(AES_shifts[i])]); - } - *r = result; + aesenc_SB_SR(&t, st, true); + ad->v = t.v ^ rk->v; } void helper_vncipher(ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b) From patchwork Sat Jun 3 02:34:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266020 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 31E11C77B7A for ; Sat, 3 Jun 2023 02:36:37 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7A-0001Iw-Tn; Fri, 02 Jun 2023 22:35:36 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6O-0000Ql-6d for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:49 -0400 Received: from mail-pj1-x1030.google.com ([2607:f8b0:4864:20::1030]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6E-0004kc-68 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:46 -0400 Received: by mail-pj1-x1030.google.com with SMTP id 98e67ed59e1d1-2566ed9328eso2313037a91.2 for ; Fri, 02 Jun 2023 19:34:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759676; x=1688351676; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=st6PzalavgCIfa1mLbkYdK6syTJLzgLb0TShIkAxcYc=; b=eu57VacCrY1/LMwxdklfi1K3qcDmiRRgDW4YLIXYJiTLPMUFmdQk1IEV+iVMLJ6LpH g3oI9TwkWdClsmO37RubzYx+xcFgWwXSTx3k3MFTziJbifrvfd9UODr7iOh4mdxcI7aY yxYSRsgs8vfQTaULFHKAzpRmVHvJCs6Hw9XWLMpbqh1fLO2P6cfz7PgDULlQ+h+z8RPA UrApLgdv905ooZ+4mK9xSu0SDjkaO1MZkxFaQtdLql79IJJ0SfyFoUNDoUqeoDSWlYVi e2yRKYKJpHH8VYM32CtZqK2ThU4aJCRwsmfLz2x6/AMHP6em6fFmDfTVco1EUd+RJPIm QR4g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759676; x=1688351676; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=st6PzalavgCIfa1mLbkYdK6syTJLzgLb0TShIkAxcYc=; b=M6eH2jY0AOYMBXh2IZWGq6yE0C/wVJems5TR2kS3ClGocWnArsHg4V6jDunUEp6E6G +r0NXkRc6PrRJZI9e2V+0ncDnzrcAqknso3EgDAWI6qfjHOZopa9a/L5AF7UNkoyLiwi jdbHDUeS4pYYaJXuLU+fT/IFsrbcSPwCCp84nhiwivHdrPQIE/OUCdDha0T13O+06UIB BNiX+YRxSD71HWxLvn1SUDRrgsHn0JONiGV8u7H0jJh0nw3TGHBTWd0e9+dz5xipOmGE cpBSgpCJiSdtCdLTOS8ZwOrN7jbL3eeqdV5B/RRd8i/OuDzJ41PMHyMpxd9G8uFp3j3h 0WGw== X-Gm-Message-State: AC+VfDyUECD0dUUVpi/2zBNbeTAlsPHok+pdrlho+6UHOQge857+ByLE t4hNOaN8ykvhYiH//8C5pzOgfyTWNl6kjIS2x60= X-Google-Smtp-Source: ACHHUZ7hcJEirzvgidInDIkZDs5cKwX5UGwdUmTi2BNB13IGXPpOSgKdj0SrlqExzbCsY1NmO9up4Q== X-Received: by 2002:a17:90b:b0d:b0:256:8fae:4d50 with SMTP id bf13-20020a17090b0b0d00b002568fae4d50mr1644839pjb.21.1685759675928; Fri, 02 Jun 2023 19:34:35 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:35 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 09/35] target/riscv: Use aesenc_SB_SR Date: Fri, 2 Jun 2023 19:34:00 -0700 Message-Id: <20230603023426.1064431-10-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::1030; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1030.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AES64ES instruction. Signed-off-by: Richard Henderson --- target/riscv/crypto_helper.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/target/riscv/crypto_helper.c b/target/riscv/crypto_helper.c index 2ef30281b1..82d7f3a060 100644 --- a/target/riscv/crypto_helper.c +++ b/target/riscv/crypto_helper.c @@ -22,6 +22,7 @@ #include "exec/exec-all.h" #include "exec/helper-proto.h" #include "crypto/aes.h" +#include "crypto/aes-round.h" #include "crypto/sm4.h" #define AES_XTIME(a) \ @@ -200,7 +201,12 @@ target_ulong HELPER(aes64esm)(target_ulong rs1, target_ulong rs2) target_ulong HELPER(aes64es)(target_ulong rs1, target_ulong rs2) { - return aes64_operation(rs1, rs2, true, false); + AESState t; + + t.d[HOST_BIG_ENDIAN] = rs1; + t.d[!HOST_BIG_ENDIAN] = rs2; + aesenc_SB_SR(&t, &t, false); + return t.d[HOST_BIG_ENDIAN]; } target_ulong HELPER(aes64ds)(target_ulong rs1, target_ulong rs2) From patchwork Sat Jun 3 02:34:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266024 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 89470C7EE2A for ; Sat, 3 Jun 2023 02:36:49 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H73-0000zu-0v; Fri, 02 Jun 2023 22:35:29 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6M-0000PO-6w for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:47 -0400 Received: from mail-pj1-x1032.google.com ([2607:f8b0:4864:20::1032]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6E-0004kr-69 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:45 -0400 Received: by mail-pj1-x1032.google.com with SMTP id 98e67ed59e1d1-2566e60cc5aso2197442a91.3 for ; Fri, 02 Jun 2023 19:34:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759676; x=1688351676; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=4c8qUMHO4QYaPr2JjtCuB1xQVEFevNFHiNcj1R21h14=; b=epLYAXEJFNFefIqeqmEw3HxEbhK1dc99u8W+rGxuBQ6TmM8IZhSIqttR6r5O6sOLSe BIpn+Ukq7DyWdlpH9B5CFkpNIrjJuKCrI/WCCz1uGrzwZj3SUXrmI8Yxv9R+jtxzdtYj eigE1XyYZEkEiWsSZN0V7LZt6LP/eQZW8gryvvRDnQxjpAxY7tI1oh1ZDzQ+I8lGA81V h131LlsERljKLXk+qW1WGkZ6Dmq9tqtdV/s/6pBT4b7/YD/WH4fFR1yRfBpIU9j7FJBP rt5gTZtCMXqzo/6CLpPqwwUTpHg4qWPdej/Mi6+/FDfV9sAHp3w54fLr7bZ/2joDk15L DPgQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759676; x=1688351676; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4c8qUMHO4QYaPr2JjtCuB1xQVEFevNFHiNcj1R21h14=; b=dob0rEIsQU6dpR924dAMCBNzDaosqvuTlxLr6geu0gPohqtTUuNclmkPkB1DjBySM0 LrFVkE6mZIdMeTwkFe2pRUFtBOKXAoymJi5q/LKpXiOywz2W+jVNIIE3a9dc/eksgsAZ /uZgX9Z+NeCMxEFR91nc11SQYHfcEORKtNG88gVRC7b0AglK67W0RG8HDOo3udez15Tl 4u9s7sZgJ28pzAxe05wbF+2KN+tSScjqmrSa32Uc7DtUSwiwZj8nR80JYQU5Jrx7QlJo 4MfQsneI760mAhRkfwHuKcKwa8KgbOgV6/fNQb8bCkr5CI9sJCERbnkeKsg/PAUhLEBm sYJw== X-Gm-Message-State: AC+VfDwsIhpWM8pY87bef54ZbJDlzQ3yu8KliYwidDUB7njmKVDt3yyk CUDJUXxrdhuNaldKxj2BxB5E34tIWC9joGEomd0= X-Google-Smtp-Source: ACHHUZ5p+HRleTk4zZTiwTxFEbAtxJGH8+EhASTHYLIQy02mOJdABA0MRj6qheBlEfYP/snwmC55Xw== X-Received: by 2002:a17:90a:c58e:b0:258:cb10:5e8c with SMTP id l14-20020a17090ac58e00b00258cb105e8cmr1541115pjt.20.1685759676727; Fri, 02 Jun 2023 19:34:36 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:36 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 10/35] crypto: Add aesdec_ISB_ISR Date: Fri, 2 Jun 2023 19:34:01 -0700 Message-Id: <20230603023426.1064431-11-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::1032; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1032.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Add a primitive for InvSubBytes + InvShiftRows. Signed-off-by: Richard Henderson --- host/include/generic/host/aes-round.h | 3 ++ include/crypto/aes-round.h | 18 +++++++++++ crypto/aes.c | 46 +++++++++++++++++++++++++++ 3 files changed, 67 insertions(+) diff --git a/host/include/generic/host/aes-round.h b/host/include/generic/host/aes-round.h index 598242c603..cb4fed61fe 100644 --- a/host/include/generic/host/aes-round.h +++ b/host/include/generic/host/aes-round.h @@ -12,4 +12,7 @@ void aesenc_SB_SR_accel(AESState *, const AESState *, bool) QEMU_ERROR("unsupported accel"); +void aesdec_ISB_ISR_accel(AESState *, const AESState *, bool) + QEMU_ERROR("unsupported accel"); + #endif diff --git a/include/crypto/aes-round.h b/include/crypto/aes-round.h index 784e1daee6..ff1914bd63 100644 --- a/include/crypto/aes-round.h +++ b/include/crypto/aes-round.h @@ -38,4 +38,22 @@ static inline void aesenc_SB_SR(AESState *r, const AESState *st, bool be) } } +/* + * Perform InvSubBytes + InvShiftRows. + */ + +void aesdec_ISB_ISR_gen(AESState *ret, const AESState *st); +void aesdec_ISB_ISR_genrev(AESState *ret, const AESState *st); + +static inline void aesdec_ISB_ISR(AESState *r, const AESState *st, bool be) +{ + if (HAVE_AES_ACCEL) { + aesdec_ISB_ISR_accel(r, st, be); + } else if (HOST_BIG_ENDIAN == be) { + aesdec_ISB_ISR_gen(r, st); + } else { + aesdec_ISB_ISR_genrev(r, st); + } +} + #endif /* CRYPTO_AES_ROUND_H */ diff --git a/crypto/aes.c b/crypto/aes.c index 708838315a..937377647f 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -1298,6 +1298,52 @@ void aesenc_SB_SR_genrev(AESState *r, const AESState *st) aesenc_SB_SR_swap(r, st, true); } +/* Perform InvSubBytes + InvShiftRows. */ +static inline void +aesdec_ISB_ISR_swap(AESState *r, const AESState *st, bool swap) +{ + const int swap_b = swap ? 15 : 0; + uint8_t t; + + /* These four indexes are not swizzled. */ + r->b[swap_b ^ 0x0] = AES_isbox[st->b[swap_b ^ AES_ISH_0]]; + r->b[swap_b ^ 0x4] = AES_isbox[st->b[swap_b ^ AES_ISH_4]]; + r->b[swap_b ^ 0x8] = AES_isbox[st->b[swap_b ^ AES_ISH_8]]; + r->b[swap_b ^ 0xc] = AES_isbox[st->b[swap_b ^ AES_ISH_C]]; + + /* Otherwise, break cycles. */ + + t = AES_isbox[st->b[swap_b ^ AES_ISH_5]]; + r->b[swap_b ^ 0x1] = AES_isbox[st->b[swap_b ^ AES_ISH_1]]; + r->b[swap_b ^ 0xd] = AES_isbox[st->b[swap_b ^ AES_ISH_D]]; + r->b[swap_b ^ 0x9] = AES_isbox[st->b[swap_b ^ AES_ISH_9]]; + r->b[swap_b ^ 0x5] = t; + + t = AES_isbox[st->b[swap_b ^ AES_ISH_A]]; + r->b[swap_b ^ 0x2] = AES_isbox[st->b[swap_b ^ AES_ISH_2]]; + r->b[swap_b ^ 0xa] = t; + + t = AES_isbox[st->b[swap_b ^ AES_ISH_E]]; + r->b[swap_b ^ 0x6] = AES_isbox[st->b[swap_b ^ AES_ISH_6]]; + r->b[swap_b ^ 0xe] = t; + + t = AES_isbox[st->b[swap_b ^ AES_ISH_F]]; + r->b[swap_b ^ 0x3] = AES_isbox[st->b[swap_b ^ AES_ISH_3]]; + r->b[swap_b ^ 0x7] = AES_isbox[st->b[swap_b ^ AES_ISH_7]]; + r->b[swap_b ^ 0xb] = AES_isbox[st->b[swap_b ^ AES_ISH_B]]; + r->b[swap_b ^ 0xf] = t; +} + +void aesdec_ISB_ISR_gen(AESState *r, const AESState *st) +{ + aesdec_ISB_ISR_swap(r, st, false); +} + +void aesdec_ISB_ISR_genrev(AESState *r, const AESState *st) +{ + aesdec_ISB_ISR_swap(r, st, true); +} + /** * Expand the cipher key into the encryption key schedule. */ From patchwork Sat Jun 3 02:34:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266018 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9F092C7EE2C for ; Sat, 3 Jun 2023 02:36:09 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7B-0001Jh-31; Fri, 02 Jun 2023 22:35:38 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6O-0000Qf-1c for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:48 -0400 Received: from mail-ot1-x335.google.com ([2607:f8b0:4864:20::335]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6F-0004l8-RS for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:47 -0400 Received: by mail-ot1-x335.google.com with SMTP id 46e09a7af769-6af6f49e41cso2582273a34.2 for ; Fri, 02 Jun 2023 19:34:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759677; x=1688351677; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=XkRgnPsc0Ve6BufNeSHHC/2pZ6sOVWVoi1e0lmM14MQ=; b=nvfMKk7KtkK3U2aye2JQ5Hub0UYgYp2CJfccQEzqOJroixiktXEuswj6zJph3rS2kV Eye0wliBHUThuARCeXYu6xvPZ8ribE1DvuW6LfO8AR9lXqAz/XaGBT+RGaje3/ruO85p 7VuXM/tF8uOOCsuvsq+jndA7GDgoNcO4x+gytr/Z5n05gSQcjdsYtE5AgorbR4GNZqRY 9ITBjK2UdlLHEV+r23oaoIXP/BfGo1r+6ChLkPrPmTzN/4l1f2VgEDe8CPkRBz7c+cph weIzUgeT0VZwsOs3jep+w8wMolBidcWKqy8nWT3CGG4kHVkMykAMpE76f2jYSQHMmUMv 8v3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759677; x=1688351677; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=XkRgnPsc0Ve6BufNeSHHC/2pZ6sOVWVoi1e0lmM14MQ=; b=LLhRuGTCywvvqJSeMU4yrQ9kkhI57VCn5cajFDJUbeUH7wS6RZ60XQyQ9ePFKfr11G ZQrhGt7GAYJZDU5xRELgSWsRyjOKWPWnEoBHW0faZOZqTS3sDJnHo/wQcgHSeSn8e/VV dYyg4qEat+qA6SsBZL/k1emaF/3cxAE2FNOyjLf2zMJY6JrVqB4ZWZhGm7dXrhE6tith GSIUdmlAYYd4vMmpV3TnN38QUHOE6M0ab6cK94r7LCiZSPpxObHtFTswBClNXPdpvmHb feP0oCfxmnKFuRltZrWgvekN5g+1n03NLRdoiwy5YGLZ3djmxnytHIG6f9A0jvUukOO9 uISA== X-Gm-Message-State: AC+VfDwB8FI8uZGsz8lEySCsnYAj/cKaVYUI2Z395LEmlIbiiQLLpjxu adylP2TBJ9/k41m2vEIcK3Sx3d4Yslx7VubCv/A= X-Google-Smtp-Source: ACHHUZ7VlM9IWW6bY0QF257SLhMWdCOgesJoeL5MRHNGhKqr71BDPgFpxVYI7aoQxd82qcVfxris4g== X-Received: by 2002:a05:6358:3403:b0:125:908e:22c9 with SMTP id h3-20020a056358340300b00125908e22c9mr13305538rwd.10.1685759677532; Fri, 02 Jun 2023 19:34:37 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:37 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 11/35] target/i386: Use aesdec_ISB_ISR Date: Fri, 2 Jun 2023 19:34:02 -0700 Message-Id: <20230603023426.1064431-12-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::335; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x335.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AESDECLAST instruction. Signed-off-by: Richard Henderson --- target/i386/ops_sse.h | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/target/i386/ops_sse.h b/target/i386/ops_sse.h index 31e1f6edc7..036eabdf95 100644 --- a/target/i386/ops_sse.h +++ b/target/i386/ops_sse.h @@ -2177,12 +2177,14 @@ void glue(helper_aesdec, SUFFIX)(CPUX86State *env, Reg *d, Reg *v, Reg *s) void glue(helper_aesdeclast, SUFFIX)(CPUX86State *env, Reg *d, Reg *v, Reg *s) { - int i; - Reg st = *v; - Reg rk = *s; + for (int i = 0; i < SHIFT; i++) { + AESState *ad = (AESState *)&d->ZMM_X(i); + AESState *st = (AESState *)&v->ZMM_X(i); + AESState *rk = (AESState *)&s->ZMM_X(i); + AESState t; - for (i = 0; i < 8 << SHIFT; i++) { - d->B(i) = rk.B(i) ^ (AES_isbox[st.B(AES_ishifts[i & 15] + (i & ~15))]); + aesdec_ISB_ISR(&t, st, false); + ad->v = t.v ^ rk->v; } } From patchwork Sat Jun 3 02:34:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266047 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 16128C7EE2A for ; Sat, 3 Jun 2023 02:41:07 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7T-0001cJ-Pv; Fri, 02 Jun 2023 22:35:55 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6Q-0000TA-Es for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:50 -0400 Received: from mail-oi1-x22e.google.com ([2607:f8b0:4864:20::22e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6G-0004lz-TG for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:49 -0400 Received: by mail-oi1-x22e.google.com with SMTP id 5614622812f47-39a523e8209so1801360b6e.0 for ; Fri, 02 Jun 2023 19:34:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759678; x=1688351678; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=yhUARdFwT69t+H+UUFeebMxz0PxbDKgvhvhPEqctC4I=; b=Uq8hu11wQLayBSb3c6ieisDPShW0TcpdGSI8lMUzeA3DRB7916sc2Tm9u0Wxw+N9Mg +PoRseCpiH0mbuthHqiqOq1UFmJX72kVzPdUWRDXU1uzArZu4l0TQhCGECa9BhXnQNTx QjRwL8yb6HI1uPnbygSsYYBHSxwbdzh8vRiAMIHXQWTkVkFXP2AfxbplZ9PtcdJYPiki 99GIy1/XUhOcMPm64hZx6rNiTfyDUW4bIBMVPbpihPB/ssWmBuVqgqSMnvR3xy5btfdZ MbFQSEsqfrLB1r7LizeieBfFgQIY1REQA7qdFgj5iZepxLyXPg6HjK+do85QRsM1i9J8 EeCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759678; x=1688351678; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yhUARdFwT69t+H+UUFeebMxz0PxbDKgvhvhPEqctC4I=; b=frCkB7PNLNyTYTMsiPrr0mloj/H5Z+48YmYpbzVa1hLCC34+BkVYZJi7MZJtr2TZI+ dRExn6cQp3+m9QJqKQVI6VuL9Z5YSjn9Psxq82kMurSrY/DhC+31sYVR8C2+buWIxa9w FIQIvluESTcYklwUJylT4L4sjBMj4TDx545giOz5mmVfaUjwsF0imjUAwKxfLQjTDGof D3XykOinmOwBlAC9RiThzieBqGrqvUJzieHYDELRAnm7hCFloX1cQcbza10g6Ie5l0IB rOwsxF5z1qgoMv9M643Lce4WGvwSnaKIvEPY/c1hNXLMYNOxn9o+A9CD8QA4mToAZuG+ J2vA== X-Gm-Message-State: AC+VfDzbmI9uQ7UWxE3yOMZ9bFWP+WJ3g77OfZXKo+L7+KDQ1icMp90q TjvHD6qXT/UzV2LqDMLneAVfO0UENqcUaWiPTTw= X-Google-Smtp-Source: ACHHUZ7xIx+iOoGsYhqnUVh08AxXCQDVFxvffWU83GCKIYDFi9Te/Ay8Cn62uaSPwfLuKdboRCHLCg== X-Received: by 2002:a05:6358:2486:b0:125:8739:c7b0 with SMTP id m6-20020a056358248600b001258739c7b0mr8098284rwc.3.1685759678321; Fri, 02 Jun 2023 19:34:38 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:37 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 12/35] target/arm: Use aesdec_ISB_ISR Date: Fri, 2 Jun 2023 19:34:03 -0700 Message-Id: <20230603023426.1064431-13-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::22e; envelope-from=richard.henderson@linaro.org; helo=mail-oi1-x22e.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AESD instruction. Signed-off-by: Richard Henderson --- target/arm/tcg/crypto_helper.c | 37 +++++++++++++++------------------- 1 file changed, 16 insertions(+), 21 deletions(-) diff --git a/target/arm/tcg/crypto_helper.c b/target/arm/tcg/crypto_helper.c index 5cebc88f5f..d7b644851f 100644 --- a/target/arm/tcg/crypto_helper.c +++ b/target/arm/tcg/crypto_helper.c @@ -46,26 +46,6 @@ static void clear_tail_16(void *vd, uint32_t desc) clear_tail(vd, opr_sz, max_sz); } -static void do_crypto_aese(uint64_t *rd, uint64_t *rn, uint64_t *rm, - const uint8_t *sbox, const uint8_t *shift) -{ - union CRYPTO_STATE rk = { .l = { rm[0], rm[1] } }; - union CRYPTO_STATE st = { .l = { rn[0], rn[1] } }; - int i; - - /* xor state vector with round key */ - rk.l[0] ^= st.l[0]; - rk.l[1] ^= st.l[1]; - - /* combine ShiftRows operation and sbox substitution */ - for (i = 0; i < 16; i++) { - CR_ST_BYTE(st, i) = sbox[CR_ST_BYTE(rk, shift[i])]; - } - - rd[0] = st.l[0]; - rd[1] = st.l[1]; -} - void HELPER(crypto_aese)(void *vd, void *vn, void *vm, uint32_t desc) { intptr_t i, opr_sz = simd_oprsz(desc); @@ -96,7 +76,22 @@ void HELPER(crypto_aesd)(void *vd, void *vn, void *vm, uint32_t desc) intptr_t i, opr_sz = simd_oprsz(desc); for (i = 0; i < opr_sz; i += 16) { - do_crypto_aese(vd + i, vn + i, vm + i, AES_isbox, AES_ishifts); + AESState *ad = (AESState *)(vd + i); + AESState *st = (AESState *)(vn + i); + AESState *rk = (AESState *)(vm + i); + AESState t; + + /* Our uint64_t are in the wrong order for big-endian. */ + if (HOST_BIG_ENDIAN) { + t.d[0] = st->d[1] ^ rk->d[1]; + t.d[1] = st->d[0] ^ rk->d[0]; + aesdec_ISB_ISR(&t, &t, false); + ad->d[0] = t.d[1]; + ad->d[1] = t.d[0]; + } else { + t.v = st->v ^ rk->v; + aesdec_ISB_ISR(ad, &t, false); + } } clear_tail(vd, opr_sz, simd_maxsz(desc)); } From patchwork Sat Jun 3 02:34:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266039 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 004CEC7EE2A for ; Sat, 3 Jun 2023 02:39:45 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7S-0001XV-Aw; Fri, 02 Jun 2023 22:35:54 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6Q-0000T7-D4 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:50 -0400 Received: from mail-oi1-x236.google.com ([2607:f8b0:4864:20::236]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6G-0004mC-Ug for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:49 -0400 Received: by mail-oi1-x236.google.com with SMTP id 5614622812f47-3942c6584f0so2046750b6e.3 for ; Fri, 02 Jun 2023 19:34:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759679; x=1688351679; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=u69UQkBy31b+t/zyg2gVlBb3lh+xndEyIjHtbKZIvTU=; b=pWvCC9uQQxp9QIFTEsfnyKcJ00EqthHlH/bPANtGH3qmEF+6+kVSTbiHumeWYbky7B h1btG8baW59HZuI7EznMBCFaPhx76Zjpe0WBBiUtvr7NRfQ0oTD55o3bdgeS7q9+z/lU WnqNqRkFfC+yoOBPmSANLLq4MjxiFA1F9oSCCz3X7pnjObtCZDsUJr4+7/SJQ2CviIqZ JCyMEGR9WoIo+xg7SDJlpp3iMQatpPjKd7PBgb1hdYgH0OKs2ZTmNTNiKikD5oJZwoxS dT5MJzvzameFTkJATJZVzr//h3V39a1ccvj/vyIKgvfSS7BDJONUMoLQFoCFWfpsKR4E LDMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759679; x=1688351679; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=u69UQkBy31b+t/zyg2gVlBb3lh+xndEyIjHtbKZIvTU=; b=AehZj1GSEPanEydTJkKgqR2oKpyWg8U8Km+PVXzhMVoMR/jGI0S79rmhFyhPU/lisn ey+wcPOveCbuxM7jg9f80lDKcTj1Kg8mrwYBrx4yiTfqq2BbsvcDZ9Q/qsmP9boHOnDS BGP/E5B7XjCh0wt6qmfHFgizvPtzKobMBXZJR6WmzQ5kcNL6bYCHPYrpDy4njR60OLPA oCP4S1jzuTYaUJ07hhRA296TWu955dK7qB+4hGvCTN+gpDfZaCCxnAcuButbuKEkkmo3 hBBokRazoDqKMLj+3nGm2MduV6HEfT693SSS1ElgPNwC097PKgD3zOqVoabhLFGqaNsS CBGw== X-Gm-Message-State: AC+VfDw0Pzy8EySUSDweAU/lQeWCUDu0aRsFf+ySm9+KK9qef9ilpC8v sl0kX09PGj8optt3N2np/A6E5J4oZPnRy5Ctp4Y= X-Google-Smtp-Source: ACHHUZ7r9IRsVMS9yA2yj0TeW8+gY2GeLrmqqaeWPJI92nKgHGOLBphGZm3sdAk7QfefIHztRJCEDA== X-Received: by 2002:a05:6808:649:b0:396:63a:a715 with SMTP id z9-20020a056808064900b00396063aa715mr1698260oih.56.1685759679191; Fri, 02 Jun 2023 19:34:39 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:38 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 13/35] target/ppc: Use aesdec_ISB_ISR Date: Fri, 2 Jun 2023 19:34:04 -0700 Message-Id: <20230603023426.1064431-14-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::236; envelope-from=richard.henderson@linaro.org; helo=mail-oi1-x236.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the VNCIPHERLAST instruction. Signed-off-by: Richard Henderson --- target/ppc/int_helper.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/target/ppc/int_helper.c b/target/ppc/int_helper.c index b49e17685b..444beb1779 100644 --- a/target/ppc/int_helper.c +++ b/target/ppc/int_helper.c @@ -2979,13 +2979,13 @@ void helper_vncipher(ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b) void helper_vncipherlast(ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b) { - ppc_avr_t result; - int i; + AESState *ad = (AESState *)r; + AESState *st = (AESState *)a; + AESState *rk = (AESState *)b; + AESState t; - VECTOR_FOR_INORDER_I(i, u8) { - result.VsrB(i) = b->VsrB(i) ^ (AES_isbox[a->VsrB(AES_ishifts[i])]); - } - *r = result; + aesdec_ISB_ISR(&t, st, true); + ad->v = t.v ^ rk->v; } void helper_vshasigmaw(ppc_avr_t *r, ppc_avr_t *a, uint32_t st_six) From patchwork Sat Jun 3 02:34:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266028 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id CA366C77B7A for ; Sat, 3 Jun 2023 02:37:20 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7Z-0001ns-V7; Fri, 02 Jun 2023 22:36:02 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6R-0000UZ-7Q for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:52 -0400 Received: from mail-pj1-x102e.google.com ([2607:f8b0:4864:20::102e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6H-0004hw-1w for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:50 -0400 Received: by mail-pj1-x102e.google.com with SMTP id 98e67ed59e1d1-2565a9107d2so2322307a91.0 for ; Fri, 02 Jun 2023 19:34:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759680; x=1688351680; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=11EWrKINFsH+SvkqdqGZ5XtHPyVtDgI6yppAcs9Mu0U=; b=W4TnemlQOdwUkdm7ZRDKkfAm0H2JTj7+PKqzzujkoXcKMZD0i15A44eieGCxLlgb6G xRL+ptnh0haPWPylgQIzSE1WOd1/G/YtAbkojwmqNXhNkpCLFiCxoElwilEz98qFNAd1 anFaf3g29wAbsvVPIljHRElS/JFzDyP0+1OgLDInDL7aDNcqqbE4x0rNPokrsE02ncMh hcbDJglcaBSmePTkK23DByA/9Mym4RbD7XUgIza7dAs7x6i6Q1FsYJqd4U9acyycTP2t d+14o9tQ94kIU0pRQL0Y7PrTGkIW/fT6CQFKuCIICR55MIIiuVYqB+xGIy3wu24LUZxO DYmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759680; x=1688351680; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=11EWrKINFsH+SvkqdqGZ5XtHPyVtDgI6yppAcs9Mu0U=; b=kIwpEEgLfElw8HctgXANToj6EHp+LYmB0s6zyqOI53Zq8sR+i4dy38PjcJ0S2Oe8bM CqHXWDnGOLFIqnWZZ+VnSinc6m2K1BhyPrpqYdtFP8nKJw/E3rer2596zVRn/5py0fQf 7Jrwr/A03u6xWAySlpljeaMNY78TkYFNqpBg5DnCJUpBYpD/5+NJj7LZytrFF/56MBt+ BqOaf6dr5YlyenGJZCUQ0AL8wZRresgZhuUTDdJJhNU44ybUVnz0iSqsDiL+2Be3DwXc KnBQIG92EAtjv44rj084CbWGKyZ9YtzxSaCGQwBywb1By0MsKnZILoI5O1tfCG0uNHvO xRhA== X-Gm-Message-State: AC+VfDx48jyqexD3RqGayziHU1x9TcXBFBVcx4Q9zjQNN162itBCGdei 7UGzFz+Nyne08MjCmmL1qJigqBjHKpfVH+UlzbE= X-Google-Smtp-Source: ACHHUZ4g+egPcPKtRdi0zi2+e4B83UNK47jmNWjIbfcmaf8P5Xqq1bIorYW+qT4uRTncDic8FP7TPg== X-Received: by 2002:a17:90a:e506:b0:256:797b:5039 with SMTP id t6-20020a17090ae50600b00256797b5039mr1607191pjy.9.1685759679977; Fri, 02 Jun 2023 19:34:39 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:39 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 14/35] target/riscv: Use aesdec_ISB_ISR Date: Fri, 2 Jun 2023 19:34:05 -0700 Message-Id: <20230603023426.1064431-15-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::102e; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x102e.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AES64DS instruction. Signed-off-by: Richard Henderson --- target/riscv/crypto_helper.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/target/riscv/crypto_helper.c b/target/riscv/crypto_helper.c index 82d7f3a060..08191b4b2a 100644 --- a/target/riscv/crypto_helper.c +++ b/target/riscv/crypto_helper.c @@ -211,7 +211,12 @@ target_ulong HELPER(aes64es)(target_ulong rs1, target_ulong rs2) target_ulong HELPER(aes64ds)(target_ulong rs1, target_ulong rs2) { - return aes64_operation(rs1, rs2, false, false); + AESState t; + + t.d[HOST_BIG_ENDIAN] = rs1; + t.d[!HOST_BIG_ENDIAN] = rs2; + aesdec_ISB_ISR(&t, &t, false); + return t.d[HOST_BIG_ENDIAN]; } target_ulong HELPER(aes64dsm)(target_ulong rs1, target_ulong rs2) From patchwork Sat Jun 3 02:34:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266029 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id CFF13C7EE2E for ; Sat, 3 Jun 2023 02:37:51 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7b-0002BG-Te; Fri, 02 Jun 2023 22:36:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6S-0000VO-QP for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:52 -0400 Received: from mail-pj1-x1036.google.com ([2607:f8b0:4864:20::1036]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6H-0004gg-Ra for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:51 -0400 Received: by mail-pj1-x1036.google.com with SMTP id 98e67ed59e1d1-25692ff86cdso2203826a91.2 for ; Fri, 02 Jun 2023 19:34:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759681; x=1688351681; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=zW8uKUqyby77vFb+kcmc/9SNvfH+fH4gy1v+d8423No=; b=Mfu4bVkwE8o3O1EzRKhCM4DJV77q1NQnUX2hGjAQ0ud0mCAJ3sZv21DZHwSMHgXcZr MPdb/xNsF3zOKwaOmoTB8RK/nm4uyI3G83s1HAu3qWBUgClRbKsc/Cu049UslI8JlOvv by0LBWfwjt/7RW2xEY+T5ndMMhGq23lbLwErsY328wpDv5BejTykWs7wQyNoh7GaWA76 qNFqhGTNbMBdZtUPvmsQCtvMoYiuh2rapfalbWJYKFNrtKJ/TT/6vroQTQzq0evd9DLH ApwZfg+rJi1JB5CSflWXlsn2XDjvNrlgw6SRHRBhdUBS9huWUpeLacIS3LK4BqyGO+XF Xvkg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759681; x=1688351681; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=zW8uKUqyby77vFb+kcmc/9SNvfH+fH4gy1v+d8423No=; b=BrcaLDqQftQk+qVC3uCXYC7VqNgTWLJAyVqmNjBOtUe3BG06LZM/MW4D64DOQ2AC6L ZdFQswFWg206B+ohIU41AFTDbjfTmBuN0m/sKIOmX7siLfDIbk6gwfLz1T/0KEOnit9c +fKZw2R1nIFFf5CMmFReE5ay/cPBKaAmFR0fwxOB57dSeZ/QlyqrBl4vQI2LmDwcYxhz 7G9FVTEcTK/8dtgcAdlXrEaUfgHzvn1hTVvaCfbE/VstOHgePd2eWkyeriU/cGHqzeBd fZLTP6eYszNWM/jb4wmZMDI28J3PviqYgDkzT1FoTf9xrgCMuGz7PGWvX8IfkORrVjWE c+jg== X-Gm-Message-State: AC+VfDyuLnxJi2FHnT9TW5rc1/rjilx2seHhGNWGXQ7EfUCd2458PAlk ZP//Uj5Yda2gV0UV/Knm0mvBGwNcA2M7zRljrtw= X-Google-Smtp-Source: ACHHUZ7npLDvlgzvppv7P0fTxBlcwkgr6etFZLUsib88WVteHTf2YAJKHGMUkf2JWUTFs6+07Uakig== X-Received: by 2002:a17:90a:aa0c:b0:256:468b:fb50 with SMTP id k12-20020a17090aaa0c00b00256468bfb50mr1599783pjq.47.1685759680791; Fri, 02 Jun 2023 19:34:40 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:40 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 15/35] crypto: Add aesenc_MC Date: Fri, 2 Jun 2023 19:34:06 -0700 Message-Id: <20230603023426.1064431-16-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::1036; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1036.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Add a primitive for MixColumns. Signed-off-by: Richard Henderson --- host/include/generic/host/aes-round.h | 3 ++ include/crypto/aes-round.h | 18 +++++++++ crypto/aes.c | 58 +++++++++++++++++++++++++++ 3 files changed, 79 insertions(+) diff --git a/host/include/generic/host/aes-round.h b/host/include/generic/host/aes-round.h index cb4fed61fe..7c48db24b6 100644 --- a/host/include/generic/host/aes-round.h +++ b/host/include/generic/host/aes-round.h @@ -9,6 +9,9 @@ #define HAVE_AES_ACCEL false #define ATTR_AES_ACCEL +void aesenc_MC_accel(AESState *, const AESState *, bool) + QEMU_ERROR("unsupported accel"); + void aesenc_SB_SR_accel(AESState *, const AESState *, bool) QEMU_ERROR("unsupported accel"); diff --git a/include/crypto/aes-round.h b/include/crypto/aes-round.h index ff1914bd63..f25e9572a3 100644 --- a/include/crypto/aes-round.h +++ b/include/crypto/aes-round.h @@ -38,6 +38,24 @@ static inline void aesenc_SB_SR(AESState *r, const AESState *st, bool be) } } +/* + * Perform MixColumns. + */ + +void aesenc_MC_gen(AESState *ret, const AESState *st); +void aesenc_MC_genrev(AESState *ret, const AESState *st); + +static inline void aesenc_MC(AESState *r, const AESState *st, bool be) +{ + if (HAVE_AES_ACCEL) { + aesenc_MC_accel(r, st, be); + } else if (HOST_BIG_ENDIAN == be) { + aesenc_MC_gen(r, st); + } else { + aesenc_MC_genrev(r, st); + } +} + /* * Perform InvSubBytes + InvShiftRows. */ diff --git a/crypto/aes.c b/crypto/aes.c index 937377647f..c7123eddd5 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -28,6 +28,8 @@ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "qemu/osdep.h" +#include "qemu/bswap.h" +#include "qemu/bitops.h" #include "crypto/aes.h" #include "crypto/aes-round.h" @@ -1298,6 +1300,62 @@ void aesenc_SB_SR_genrev(AESState *r, const AESState *st) aesenc_SB_SR_swap(r, st, true); } +/* Perform MixColumns. */ +static inline void +aesenc_MC_swap(AESState *r, const AESState *st, bool swap) +{ + int swap_b = swap * 0xf; + int swap_w = swap * 0x3; + bool be = HOST_BIG_ENDIAN ^ swap; + uint32_t t; + + t = ( AES_mc_rot[st->b[swap_b ^ 0x0]] ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0x1]], 8) ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0x2]], 16) ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0x3]], 24)); + if (be) { + t = bswap32(t); + } + r->w[swap_w ^ 0] = t; + + t = ( AES_mc_rot[st->b[swap_b ^ 0x4]] ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0x5]], 8) ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0x6]], 16) ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0x7]], 24)); + if (be) { + t = bswap32(t); + } + r->w[swap_w ^ 1] = t; + + t = ( AES_mc_rot[st->b[swap_b ^ 0x8]] ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0x9]], 8) ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0xA]], 16) ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0xB]], 24)); + if (be) { + t = bswap32(t); + } + r->w[swap_w ^ 2] = t; + + t = ( AES_mc_rot[st->b[swap_b ^ 0xC]] ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0xD]], 8) ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0xE]], 16) ^ + rol32(AES_mc_rot[st->b[swap_b ^ 0xF]], 24)); + if (be) { + t = bswap32(t); + } + r->w[swap_w ^ 3] = t; +} + +void aesenc_MC_gen(AESState *r, const AESState *st) +{ + aesenc_MC_swap(r, st, false); +} + +void aesenc_MC_genrev(AESState *r, const AESState *st) +{ + aesenc_MC_swap(r, st, true); +} + /* Perform InvSubBytes + InvShiftRows. */ static inline void aesdec_ISB_ISR_swap(AESState *r, const AESState *st, bool swap) From patchwork Sat Jun 3 02:34:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266032 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A2C05C7EE2A for ; Sat, 3 Jun 2023 02:38:07 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7f-0002iP-V5; Fri, 02 Jun 2023 22:36:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6U-0000WI-Q3 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:55 -0400 Received: from mail-pj1-x102b.google.com ([2607:f8b0:4864:20::102b]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6I-0004iW-K5 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:53 -0400 Received: by mail-pj1-x102b.google.com with SMTP id 98e67ed59e1d1-25669acf1b0so2383103a91.0 for ; Fri, 02 Jun 2023 19:34:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759681; x=1688351681; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=NHMbOR1QTwjqbFmiHyO/57gsxTa7l7mfudPzWiBLsfE=; b=O2kQUFMAJssvVwjdVtP543asKyifbJiYycdkVPl+LZYcIhJF1fqerPkgNWxGM1XZuD 6mVUtF1V9ahNEaLp0k8pqGKg31CdyO/ivX1u3LBpz+kknxm0njxuGI5DrPYOM0jehVjm wUZB05plRK+X1kC+r5uu4rEQUNVxbNYUiO5cFhxHYiSQiTlt5SjVHvjCpAl7iKf9jP5O G6M7sdgNUw0+J812mFTijS3ygJt9RGyCKKllwvilwyhnObYw70a1wMN7ycVkBML2iaxo gSp+GYhldBVRPfM/kaDwR/s1yansMNDpe5Eo3ooADUWVZR9GuwUAIBkbJPaJ6o/BkOyE zgeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759681; x=1688351681; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NHMbOR1QTwjqbFmiHyO/57gsxTa7l7mfudPzWiBLsfE=; b=SD2xLNtzGGomYfr1ZcJGkhRBD2cVoM1y1eUf6oSAYmH9jWqVAqKJ/Koc6ORhkIkMOz B7rPPsnBKEkTigak6K2t/QdA4DufbEddc3FNx+IN35LkVprYLkK6djmp3cBURwfRQ1eu 3IfmmVvK4tYU+xRpftJJmWmNJ2R3d/NvQAaRa25MXwoqALvf+RqUsX5JKre7To74s5Zf 08ifUwJ947OC7OnqvygkTAjW2/WbYcnM1W1bBVT9eVSzgtfK996eRPWZMKsokaePQF49 v8KsSjY/URXXyzWHye4wCek669pVmpmF2dLfbpOPtrTMHr5wSdy1NurYC/9PJb+PvP9p Gg7A== X-Gm-Message-State: AC+VfDwWd4Fp8s9AeF46oxJCjCq/UN2Rs6znF9HqX4mlm0+c1f8PTeAb nSyLtKgylvw2WbhzZ3hTRCbU2MykF7c7e3ap1bk= X-Google-Smtp-Source: ACHHUZ5dFs35VUvuE694zuW0MPC2Zc3fUQY6PEC+/UQ/OYdlsdGEVzOhpD6AxsDSiChiHAuO0CLMOw== X-Received: by 2002:a17:90a:de96:b0:258:b097:f692 with SMTP id n22-20020a17090ade9600b00258b097f692mr1512947pjv.43.1685759681615; Fri, 02 Jun 2023 19:34:41 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:41 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 16/35] target/arm: Use aesenc_MC Date: Fri, 2 Jun 2023 19:34:07 -0700 Message-Id: <20230603023426.1064431-17-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::102b; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x102b.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AESMC instruction. Signed-off-by: Richard Henderson --- target/arm/tcg/crypto_helper.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/target/arm/tcg/crypto_helper.c b/target/arm/tcg/crypto_helper.c index d7b644851f..a0fec08771 100644 --- a/target/arm/tcg/crypto_helper.c +++ b/target/arm/tcg/crypto_helper.c @@ -118,7 +118,20 @@ void HELPER(crypto_aesmc)(void *vd, void *vm, uint32_t desc) intptr_t i, opr_sz = simd_oprsz(desc); for (i = 0; i < opr_sz; i += 16) { - do_crypto_aesmc(vd + i, vm + i, AES_mc_rot); + AESState *ad = (AESState *)(vd + i); + AESState *st = (AESState *)(vm + i); + AESState t; + + /* Our uint64_t are in the wrong order for big-endian. */ + if (HOST_BIG_ENDIAN) { + t.d[0] = st->d[1]; + t.d[1] = st->d[0]; + aesenc_MC(&t, &t, false); + ad->d[0] = t.d[1]; + ad->d[1] = t.d[0]; + } else { + aesenc_MC(ad, st, false); + } } clear_tail(vd, opr_sz, simd_maxsz(desc)); } From patchwork Sat Jun 3 02:34:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266040 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2EDC5C7EE29 for ; Sat, 3 Jun 2023 02:39:59 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7S-0001YC-S5; Fri, 02 Jun 2023 22:35:54 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6Y-0000YT-6C for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:58 -0400 Received: from mail-ot1-x332.google.com ([2607:f8b0:4864:20::332]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6J-0004ji-4j for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:55 -0400 Received: by mail-ot1-x332.google.com with SMTP id 46e09a7af769-6af86627460so2592268a34.1 for ; Fri, 02 Jun 2023 19:34:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759682; x=1688351682; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0wKOO1FAtFF3YwGmhqnt2BeIDIxwiIxGWe3l6hDjdbg=; b=mjTK71ob7GjP/xwxSRkvrfZUzZqHy7PRFKcB/FaG5z5FLHKDDZG9E/zB8SMxmVwcnY ncISwBJ2F6ygndSjQ0VhNC/uP2OZTVGSAaTL2vUztKq/4tNMcdhhbGF7QoggekS0DjnM t4Oo87AgFMv5nWSunz60uP33XmHRTO/6WwsJRj309HbBq06JOLVvwYdiBfTW3XfQhz1g SkSUaOQg4EoeVmwtq8iUgoh38fUuTwVhrjb+DcXw94pspGCKOhfxF+IKHfJTYGhDuvhq xNqZy5ZJLX0SLVCpELybSvJH5hlTxXU/9jMAqLDPa4Frzm3Et5o2zmPnuxk4QXBtkMsv u2NA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759682; x=1688351682; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0wKOO1FAtFF3YwGmhqnt2BeIDIxwiIxGWe3l6hDjdbg=; b=UwxMauvpzepUgWbO9CE82FcjPkZo0TwbKSNLrBKiSJBUwwEW2MV95Bae/LyWXErBhm QdrnhQhqt+X+jfUENbZrXAA8W2VW08UqAccHcVGscifDlX3buabEXl0f82omOH4F9P52 ptKZkT3kFTMgzrPt1iKfDBzz6B7kzZbE7090YKxCy6kshMgoLgCcKcBWd2zlPfen2obm DkXHb1SMj54rwGrIc3xZWag7Gi16bAegolxWguV45zBtHFQMdGc6tJmdVwbH8ztjQnjG tMy7wSQB+CyaOXb6/yKrOgm0NLXqzyzcoHbxJiJQiNZgMAc4LTid80no6uSjZ0T7OjLV Ksxg== X-Gm-Message-State: AC+VfDzEo80VXYkrom74+/hNqGWVy06iYYn5WM42T3+H90z5QMZgVPTU +mSY9yu4vkT3btieintNfg6wkblqX+l77Cxlhnk= X-Google-Smtp-Source: ACHHUZ5KBh2jT2L0QTSLE1+I7HLD/nGdtaV8989RYVMfIvRLB4HpkC0EgAlgU3kkgHTDZ2Iecu49ew== X-Received: by 2002:a05:6358:7208:b0:125:83c8:72f6 with SMTP id h8-20020a056358720800b0012583c872f6mr15393663rwa.0.1685759682440; Fri, 02 Jun 2023 19:34:42 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:42 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 17/35] crypto: Add aesdec_IMC Date: Fri, 2 Jun 2023 19:34:08 -0700 Message-Id: <20230603023426.1064431-18-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::332; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x332.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Add a primitive for InvMixColumns. Signed-off-by: Richard Henderson --- host/include/generic/host/aes-round.h | 3 ++ include/crypto/aes-round.h | 18 +++++++++ crypto/aes.c | 57 +++++++++++++++++++++++++++ 3 files changed, 78 insertions(+) diff --git a/host/include/generic/host/aes-round.h b/host/include/generic/host/aes-round.h index 7c48db24b6..1e9b97d274 100644 --- a/host/include/generic/host/aes-round.h +++ b/host/include/generic/host/aes-round.h @@ -15,6 +15,9 @@ void aesenc_MC_accel(AESState *, const AESState *, bool) void aesenc_SB_SR_accel(AESState *, const AESState *, bool) QEMU_ERROR("unsupported accel"); +void aesdec_IMC_accel(AESState *, const AESState *, bool) + QEMU_ERROR("unsupported accel"); + void aesdec_ISB_ISR_accel(AESState *, const AESState *, bool) QEMU_ERROR("unsupported accel"); diff --git a/include/crypto/aes-round.h b/include/crypto/aes-round.h index f25e9572a3..2d962ede0b 100644 --- a/include/crypto/aes-round.h +++ b/include/crypto/aes-round.h @@ -74,4 +74,22 @@ static inline void aesdec_ISB_ISR(AESState *r, const AESState *st, bool be) } } +/* + * Perform InvMixColumns. + */ + +void aesdec_IMC_gen(AESState *ret, const AESState *st); +void aesdec_IMC_genrev(AESState *ret, const AESState *st); + +static inline void aesdec_IMC(AESState *r, const AESState *st, bool be) +{ + if (HAVE_AES_ACCEL) { + aesdec_IMC_accel(r, st, be); + } else if (HOST_BIG_ENDIAN == be) { + aesdec_IMC_gen(r, st); + } else { + aesdec_IMC_genrev(r, st); + } +} + #endif /* CRYPTO_AES_ROUND_H */ diff --git a/crypto/aes.c b/crypto/aes.c index c7123eddd5..4e654e5404 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -1402,6 +1402,63 @@ void aesdec_ISB_ISR_genrev(AESState *r, const AESState *st) aesdec_ISB_ISR_swap(r, st, true); } +/* Perform InvMixColumns. */ +static inline void +aesdec_IMC_swap(AESState *r, const AESState *st, bool swap) +{ + int swap_b = swap * 0xf; + int swap_w = swap * 0x3; + bool be = HOST_BIG_ENDIAN ^ swap; + uint32_t t; + + /* Note that AES_imc is encoded for big-endian. */ + t = (AES_imc[st->b[swap_b ^ 0x0]][0] ^ + AES_imc[st->b[swap_b ^ 0x1]][1] ^ + AES_imc[st->b[swap_b ^ 0x2]][2] ^ + AES_imc[st->b[swap_b ^ 0x3]][3]); + if (!be) { + t = bswap32(t); + } + r->w[swap_w ^ 0] = t; + + t = (AES_imc[st->b[swap_b ^ 0x4]][0] ^ + AES_imc[st->b[swap_b ^ 0x5]][1] ^ + AES_imc[st->b[swap_b ^ 0x6]][2] ^ + AES_imc[st->b[swap_b ^ 0x7]][3]); + if (!be) { + t = bswap32(t); + } + r->w[swap_w ^ 1] = t; + + t = (AES_imc[st->b[swap_b ^ 0x8]][0] ^ + AES_imc[st->b[swap_b ^ 0x9]][1] ^ + AES_imc[st->b[swap_b ^ 0xA]][2] ^ + AES_imc[st->b[swap_b ^ 0xB]][3]); + if (!be) { + t = bswap32(t); + } + r->w[swap_w ^ 2] = t; + + t = (AES_imc[st->b[swap_b ^ 0xC]][0] ^ + AES_imc[st->b[swap_b ^ 0xD]][1] ^ + AES_imc[st->b[swap_b ^ 0xE]][2] ^ + AES_imc[st->b[swap_b ^ 0xF]][3]); + if (!be) { + t = bswap32(t); + } + r->w[swap_w ^ 3] = t; +} + +void aesdec_IMC_gen(AESState *r, const AESState *st) +{ + aesdec_IMC_swap(r, st, false); +} + +void aesdec_IMC_genrev(AESState *r, const AESState *st) +{ + aesdec_IMC_swap(r, st, true); +} + /** * Expand the cipher key into the encryption key schedule. */ From patchwork Sat Jun 3 02:34:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266021 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D1A5EC7EE2A for ; Sat, 3 Jun 2023 02:36:36 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H78-0001F0-KK; Fri, 02 Jun 2023 22:35:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6Y-0000YY-7Q for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:58 -0400 Received: from mail-ot1-x333.google.com ([2607:f8b0:4864:20::333]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6L-0004ov-P1 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:57 -0400 Received: by mail-ot1-x333.google.com with SMTP id 46e09a7af769-6af6f4a0e11so2507709a34.0 for ; Fri, 02 Jun 2023 19:34:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759683; x=1688351683; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=CR+1wQt05yIfbzYy2NzsdTF5VaBo8C6ok0NyR/w15ro=; b=cM/+/ur4rjw5nqT4msbq5UKx4MSGFppNiSsdaZ7S3gi8JPQhIGu+h8a6FWfzbKSzK/ +SIigdwBr+Qu2wbsiH3TmI2V54fOCAfsW2L7q+RwUqwpp2UrN0aEnvcwRKocrnh/EEXJ QfAnfJZ8jva07HBH7V+enleV1UB30XuONhTWxuluplKf6gsGfY2dP5sCVr4o/KbPl4mS rWLn/KxJbcE28WHHCMTTTxuAyXuWOUNw5LDJ4HuOGtoDDV+3jn0TEFqh6+aSjRTHrVbK wLjdP+MgH1b6G//XnE3y9aOXBWljBZZ6aOm21k4TuqMvq2/32JDnd4DJAiVTRnKkxReJ etOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759683; x=1688351683; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=CR+1wQt05yIfbzYy2NzsdTF5VaBo8C6ok0NyR/w15ro=; b=iuGhPvHP4XBR5PH1EV5WkUdRYftMB+BrgyS0kovMDJ6IcDBumFd4dhVokWQ2le0z+n mwmXBH9t9lEXuE6m5SiX5nIwFO2HmDA9DCGSM9QuBUonOEJYe2j84YK6oad9cv/IYInX WU5mwjvWIGTea3Wks524Grcou1+X+bAeNOqGE5XIUlp1b2uEFb6pVkSFs0yHEZYC4/rJ JPGJgDSr+e5cZNV0Yj1LKolnEAJvFWIyGfhO33lxsc0k/zUgLRwHiN4xMqS0mVyEjFwk npVkIlZ65FO3OsonYtNTWcwzESdGj96pyCPZWrPzPm2pMi4DAKQ6fygNmjZodkLHnrDt 6hEQ== X-Gm-Message-State: AC+VfDw+Sho0E9Sf+qY0V6AMiSG8XwgDid80h0BaPsBP245+/t9Wlwb2 neRq7cCLuXQVXbDPvCohMD7xiJ/CF4MHG3tWNDc= X-Google-Smtp-Source: ACHHUZ7M/pISKqlVyvua5qo1LKWROLOJj8o55RQo1B4no6rT4jQ0lHgVnC3rijrXpNtaW2Gle8Zz2A== X-Received: by 2002:a05:6358:4e24:b0:127:f3a4:f484 with SMTP id cf36-20020a0563584e2400b00127f3a4f484mr2590129rwb.2.1685759683225; Fri, 02 Jun 2023 19:34:43 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:42 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 18/35] target/i386: Use aesdec_IMC Date: Fri, 2 Jun 2023 19:34:09 -0700 Message-Id: <20230603023426.1064431-19-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::333; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x333.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AESIMC instruction. Signed-off-by: Richard Henderson --- target/i386/ops_sse.h | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/target/i386/ops_sse.h b/target/i386/ops_sse.h index 036eabdf95..0187651140 100644 --- a/target/i386/ops_sse.h +++ b/target/i386/ops_sse.h @@ -2219,15 +2219,10 @@ void glue(helper_aesenclast, SUFFIX)(CPUX86State *env, Reg *d, Reg *v, Reg *s) #if SHIFT == 1 void glue(helper_aesimc, SUFFIX)(CPUX86State *env, Reg *d, Reg *s) { - int i; - Reg tmp = *s; + AESState *ad = (AESState *)&d->ZMM_X(0); + AESState *st = (AESState *)&s->ZMM_X(0); - for (i = 0 ; i < 4 ; i++) { - d->L(i) = bswap32(AES_imc[tmp.B(4 * i + 0)][0] ^ - AES_imc[tmp.B(4 * i + 1)][1] ^ - AES_imc[tmp.B(4 * i + 2)][2] ^ - AES_imc[tmp.B(4 * i + 3)][3]); - } + aesdec_IMC(ad, st, false); } void glue(helper_aeskeygenassist, SUFFIX)(CPUX86State *env, Reg *d, Reg *s, From patchwork Sat Jun 3 02:34:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 09212C7EE2C for ; Sat, 3 Jun 2023 02:36:50 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7a-0001zu-Bw; Fri, 02 Jun 2023 22:36:02 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6Y-0000Yk-T1 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:00 -0400 Received: from mail-ot1-x32a.google.com ([2607:f8b0:4864:20::32a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6L-0004h0-QM for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:58 -0400 Received: by mail-ot1-x32a.google.com with SMTP id 46e09a7af769-6af6de9fb74so2490894a34.2 for ; Fri, 02 Jun 2023 19:34:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759684; x=1688351684; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+YFVL2L2QA+ZkXwvHRHmXGuXkbx8P36rhNWAOgf26Pg=; b=oRS0PYnmD+5wCuExj+8PtfO0JQv9WU0admlkMcCX+7zB8RROvU/Hw+ffvD9xJH4X6r CKIS1n/Z5y609Molv4KVjOI+iwRqj4FdQwt/uPk7jZPeKEj+5rI5mfVeTEnCBTNJ//GC OqOhVgtVN2U0EWnNevMa0LCVDoP617lRZ+jkNXEsjkExvP985jMsOP9K0wxz9OoKihFu 0Adn0fHKJ+gZoCNvqsOqm01Xzc9fgWqwibOg51GTcqEMIfA9OnUakPpwlD39LhFBw10n 3YH5WYFAqIBsY+u1H4CTvoLYIBLE4/tl2CKtPA10SYkyjboqfbPyQMKK3bx6lUiL7a9R sY4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759684; x=1688351684; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+YFVL2L2QA+ZkXwvHRHmXGuXkbx8P36rhNWAOgf26Pg=; b=Rsh1Z3iG0xvhHY27uovPcz8P6A0Nc2hVMq9ToSZH0G4ao8zch1iFgJEG7zex4lVDfR 9hgN+R3msYGq0ekYEs5HgPkIxmoyy6EOCmbMZgkwPyoNWeDuFBc1FczVCHK7U1MImjex FGOuXxDiegLF3v6//dCQJfUVZ8FM9EqpQhFfUZ0XgQzcrjjR2N0GPnP3UWLsUdnj02WY nbqGCsHu0vYOMTk859IGOCvUEDHrbiZsozzQuf6pWa+DXOEl3JyQllGn4AA7/XgKm90u UWHk6dGFt6gJQLTi9HKh3PBra8foglKTP+mUEsG4RVQpTiSg3Dkpo/OOGumTsDyF22M6 P/vg== X-Gm-Message-State: AC+VfDyRSYdT+bbj1Yf/DwoAt8vFPdkP8flfThvW4RXKDFppnxlqa2Va NLnUozSnmEGooijSL0/ZgyanWoZONBP04fk5fS8= X-Google-Smtp-Source: ACHHUZ6CiJMVpcms9iO0uN/OpG3oZ2NYj3N0wx/NbwZ3enxB3LUq24AWz/jUM1DEjfFKqHiZq9gBXA== X-Received: by 2002:a05:6358:1a87:b0:128:6cca:f306 with SMTP id gm7-20020a0563581a8700b001286ccaf306mr922957rwb.30.1685759684031; Fri, 02 Jun 2023 19:34:44 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:43 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 19/35] target/arm: Use aesdec_IMC Date: Fri, 2 Jun 2023 19:34:10 -0700 Message-Id: <20230603023426.1064431-20-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::32a; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x32a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AESIMC instruction. We have converted everything to crypto/aes-round.h; crypto/aes.h is no longer needed. Signed-off-by: Richard Henderson --- target/arm/tcg/crypto_helper.c | 33 ++++++++++++++------------------- 1 file changed, 14 insertions(+), 19 deletions(-) diff --git a/target/arm/tcg/crypto_helper.c b/target/arm/tcg/crypto_helper.c index a0fec08771..d2da80f2ba 100644 --- a/target/arm/tcg/crypto_helper.c +++ b/target/arm/tcg/crypto_helper.c @@ -14,7 +14,6 @@ #include "cpu.h" #include "exec/helper-proto.h" #include "tcg/tcg-gvec-desc.h" -#include "crypto/aes.h" #include "crypto/aes-round.h" #include "crypto/sm4.h" #include "vec_internal.h" @@ -96,23 +95,6 @@ void HELPER(crypto_aesd)(void *vd, void *vn, void *vm, uint32_t desc) clear_tail(vd, opr_sz, simd_maxsz(desc)); } -static void do_crypto_aesmc(uint64_t *rd, uint64_t *rm, const uint32_t *mc) -{ - union CRYPTO_STATE st = { .l = { rm[0], rm[1] } }; - int i; - - for (i = 0; i < 16; i += 4) { - CR_ST_WORD(st, i >> 2) = - mc[CR_ST_BYTE(st, i)] ^ - rol32(mc[CR_ST_BYTE(st, i + 1)], 8) ^ - rol32(mc[CR_ST_BYTE(st, i + 2)], 16) ^ - rol32(mc[CR_ST_BYTE(st, i + 3)], 24); - } - - rd[0] = st.l[0]; - rd[1] = st.l[1]; -} - void HELPER(crypto_aesmc)(void *vd, void *vm, uint32_t desc) { intptr_t i, opr_sz = simd_oprsz(desc); @@ -141,7 +123,20 @@ void HELPER(crypto_aesimc)(void *vd, void *vm, uint32_t desc) intptr_t i, opr_sz = simd_oprsz(desc); for (i = 0; i < opr_sz; i += 16) { - do_crypto_aesmc(vd + i, vm + i, AES_imc_rot); + AESState *ad = (AESState *)(vd + i); + AESState *st = (AESState *)(vm + i); + AESState t; + + /* Our uint64_t are in the wrong order for big-endian. */ + if (HOST_BIG_ENDIAN) { + t.d[0] = st->d[1]; + t.d[1] = st->d[0]; + aesdec_IMC(&t, &t, false); + ad->d[0] = t.d[1]; + ad->d[1] = t.d[0]; + } else { + aesdec_IMC(ad, st, false); + } } clear_tail(vd, opr_sz, simd_maxsz(desc)); } From patchwork Sat Jun 3 02:34:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266035 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 62A4BC7EE2E for ; Sat, 3 Jun 2023 02:39:09 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7i-0003Ak-U4; Fri, 02 Jun 2023 22:36:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6Y-0000Yi-Rw for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:00 -0400 Received: from mail-pj1-x102f.google.com ([2607:f8b0:4864:20::102f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6M-0004pt-SA for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:34:58 -0400 Received: by mail-pj1-x102f.google.com with SMTP id 98e67ed59e1d1-2566f66190dso2373421a91.1 for ; Fri, 02 Jun 2023 19:34:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759685; x=1688351685; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=wQ8F8Kb2wJ2DKdMIB35CF/n9u+q7RrVY1fodNqQRp9I=; b=c41H7RHtdP8dTTtMU++Ah94Krs9OQfFvZPzpV3LrEVDBoYAxSkeATbO5wQIaWrqJQL AwdcdXRryaeMapjssm3DABAS+qbP5b/s6Fjt0jkNmKGJ7uOuaUB+B7QHfl//l/V3lXJ2 gPqKiuQXwjnhc2x2SEUgsxPBZoToUsu80bLUblGibJBauzZ1SchjJYobwC+fKd+eCUgj b7O3h1DWsxeYfvkhnYiauY4AA7PIfuCs1bFj4sWvwyBKAqlFLMBAoQDnkkIqN4BO1L7x lAWuZRGfaKSe65QMnr0/5TVDpNR/ZP0B8DTyc+KsXb1yoPPZyEF5QDZjqX6HCGXUe5yL +9JQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759685; x=1688351685; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wQ8F8Kb2wJ2DKdMIB35CF/n9u+q7RrVY1fodNqQRp9I=; b=iu8XXdAiWJ5KyosZPgKPOWX3OcvUiLC04az7g0/17cmiIBn/m8uISx993SR8hSni0Q wmrlV/fsdUahnU0aLMzw38VE40+EiE6HzZxpLYuKBU+LwrZXCt1ioHuweuL80NEFpOi4 WYqc180/CxSVKas44omODJKl+NB3eqBFHkDXFYGeAZ2AUH1YjVeb+lxmX5jX1Dw2zkeH vr3SLtWR/XynSfnNbqmrtBWHDY2LDNxqjbCE2TaKM1hh8OYwheT+mA1iwMWtJBQE0Eet hj1JoGocLUofQX11GdfNO5HveHFAZ0bxVeBXIuVlP/mmlX3PiufpmqP8jIW/gvsjQcx+ qxdQ== X-Gm-Message-State: AC+VfDzQkKnBkVzCdY4b2OgHtG7Wk0sm0hYEk4iLxh26yWVnFB/RD2/x SV3Q719UADBidO/MP8gyfP2awTRLWcHfMJ2VBKo= X-Google-Smtp-Source: ACHHUZ7lredXQot5JooQKoqerUhUQx8VeMv1NuddohyF8K7put2QRHygQ5LNJkMaGuUId573dGCGaw== X-Received: by 2002:a17:90a:1d6:b0:256:69e2:7b7b with SMTP id 22-20020a17090a01d600b0025669e27b7bmr1598449pjd.7.1685759685099; Fri, 02 Jun 2023 19:34:45 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:44 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 20/35] target/riscv: Use aesdec_IMC Date: Fri, 2 Jun 2023 19:34:11 -0700 Message-Id: <20230603023426.1064431-21-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::102f; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x102f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AES64IM instruction. Signed-off-by: Richard Henderson --- target/riscv/crypto_helper.c | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/target/riscv/crypto_helper.c b/target/riscv/crypto_helper.c index 08191b4b2a..64004b2329 100644 --- a/target/riscv/crypto_helper.c +++ b/target/riscv/crypto_helper.c @@ -270,17 +270,12 @@ target_ulong HELPER(aes64ks1i)(target_ulong rs1, target_ulong rnum) target_ulong HELPER(aes64im)(target_ulong rs1) { - uint64_t RS1 = rs1; - uint32_t col_0 = RS1 & 0xFFFFFFFF; - uint32_t col_1 = RS1 >> 32; - target_ulong result; + AESState t; - col_0 = AES_INVMIXCOLUMN(col_0); - col_1 = AES_INVMIXCOLUMN(col_1); - - result = ((uint64_t)col_1 << 32) | col_0; - - return result; + t.d[HOST_BIG_ENDIAN] = rs1; + t.d[!HOST_BIG_ENDIAN] = 0; + aesdec_IMC(&t, &t, false); + return t.d[HOST_BIG_ENDIAN]; } target_ulong HELPER(sm4ed)(target_ulong rs1, target_ulong rs2, From patchwork Sat Jun 3 02:34:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266022 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1B0ECC7EE2C for ; Sat, 3 Jun 2023 02:36:39 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7g-0002nr-Gc; Fri, 02 Jun 2023 22:36:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6a-0000Zb-HJ for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:02 -0400 Received: from mail-oo1-xc29.google.com ([2607:f8b0:4864:20::c29]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6N-0004qu-Vd for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:00 -0400 Received: by mail-oo1-xc29.google.com with SMTP id 006d021491bc7-5555765c6d3so2132643eaf.1 for ; Fri, 02 Jun 2023 19:34:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759687; x=1688351687; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=cUWhRH6bLO/8WDIHOPro6jgbCs/NIT/Ha8MzhIm17R0=; b=ybVZ1UbgBANik3IeRyPOgM0DFMDX83pd4yTUwLXnfBUiYNhHh97Bcl69uNp747T+lR EQ125jLTT1inn5vwgaWPfEvjUF7xJNCRPrBE5sUiy9aCfwq/vUmQ0bgQ3b8hAlWT4Amm L6xTqWLMaIRtaHpcm1hMOSxo1BgYpy2H6C9tKp5jgYtNYWDQSuGxVj64XPHvrIT02aEO 0RcTuvIxplgTQ2k5Gl4N+rfp9pafShC18YhQIQ+U2LSKz2+lQFR3u1cAoeKG1PTeS8q8 Hm8a/SmNQdk4SjxP2ka//7A3q6NF93mrJcSv0RX8L8ZQlB/mADuu8YggoOrkheXr2oRz nusg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759687; x=1688351687; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=cUWhRH6bLO/8WDIHOPro6jgbCs/NIT/Ha8MzhIm17R0=; b=H8Bh2/0XACoaRDecPOnWYwOwl+N6tj8ADN13MMxljeXlJPJYtHfIdVDSnFjW/D9utO vDySclEh3HuFT5p1mgB235GMY0RFOhd7wYMToFlOuJaI+cluNy74ONZ6pDq1Y60NuSJY Ttw9aE0KkNQcVNP/ny0ClpxfbA6YNKbVyQxaUBIGx8kmpyT+qtkWQqkPSjBtst2etNXR OKdCgj/i0XSWKzpUVzvV4x3UQkijhmB+oF7K62+XwuvZ8caHpUQ1IjpRUq1I0R07Je0x iZa1J74lE36faoT9FdPc14zehifKSQ42FcDtPBsGTWwFxNmbtEbSrBZfhZMt8T+dBZUr 0tRQ== X-Gm-Message-State: AC+VfDyM7Iry8TjsHjpNQQwe1N7hJMYEi8mSNTkYb9HAo/fMFGfDqCIY umyB+QH5tUSqeMUg3KlwqBRe/o7JP/xga/lthX8= X-Google-Smtp-Source: ACHHUZ7ZmTblILgP2lF1Yfvdkux+hUiq6VTxiwy4MI9YOOGNDuSxloWJCdIGqVBPmxN52OTvKSXlOg== X-Received: by 2002:a05:6358:7188:b0:123:390b:178f with SMTP id t8-20020a056358718800b00123390b178fmr13315118rwt.5.1685759686747; Fri, 02 Jun 2023 19:34:46 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:45 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 21/35] crypto: Add aesenc_SB_SR_MC_AK Date: Fri, 2 Jun 2023 19:34:12 -0700 Message-Id: <20230603023426.1064431-22-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::c29; envelope-from=richard.henderson@linaro.org; helo=mail-oo1-xc29.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Add a primitive for SubBytes + ShiftRows + MixColumns + AddRoundKey. Signed-off-by: Richard Henderson --- host/include/generic/host/aes-round.h | 4 ++ include/crypto/aes-round.h | 21 ++++++++++ crypto/aes.c | 56 +++++++++++++++++++++++++++ 3 files changed, 81 insertions(+) diff --git a/host/include/generic/host/aes-round.h b/host/include/generic/host/aes-round.h index 1e9b97d274..dc2c751ac3 100644 --- a/host/include/generic/host/aes-round.h +++ b/host/include/generic/host/aes-round.h @@ -15,6 +15,10 @@ void aesenc_MC_accel(AESState *, const AESState *, bool) void aesenc_SB_SR_accel(AESState *, const AESState *, bool) QEMU_ERROR("unsupported accel"); +void aesenc_SB_SR_MC_AK_accel(AESState *, const AESState *, + const AESState *, bool) + QEMU_ERROR("unsupported accel"); + void aesdec_IMC_accel(AESState *, const AESState *, bool) QEMU_ERROR("unsupported accel"); diff --git a/include/crypto/aes-round.h b/include/crypto/aes-round.h index 2d962ede0b..aefa17fcc3 100644 --- a/include/crypto/aes-round.h +++ b/include/crypto/aes-round.h @@ -56,6 +56,27 @@ static inline void aesenc_MC(AESState *r, const AESState *st, bool be) } } +/* + * Perform SubBytes + ShiftRows + MixColumns + AddRoundKey. + */ + +void aesenc_SB_SR_MC_AK_gen(AESState *ret, const AESState *st, + const AESState *rk); +void aesenc_SB_SR_MC_AK_genrev(AESState *ret, const AESState *st, + const AESState *rk); + +static inline void aesenc_SB_SR_MC_AK(AESState *r, const AESState *st, + const AESState *rk, bool be) +{ + if (HAVE_AES_ACCEL) { + aesenc_SB_SR_MC_AK_accel(r, st, rk, be); + } else if (HOST_BIG_ENDIAN == be) { + aesenc_SB_SR_MC_AK_gen(r, st, rk); + } else { + aesenc_SB_SR_MC_AK_genrev(r, st, rk); + } +} + /* * Perform InvSubBytes + InvShiftRows. */ diff --git a/crypto/aes.c b/crypto/aes.c index 4e654e5404..6172495b46 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -1356,6 +1356,62 @@ void aesenc_MC_genrev(AESState *r, const AESState *st) aesenc_MC_swap(r, st, true); } +/* Perform SubBytes + ShiftRows + MixColumns + AddRoundKey. */ +static inline void +aesenc_SB_SR_MC_AK_swap(AESState *r, const AESState *st, + const AESState *rk, bool swap) +{ + int swap_b = swap * 0xf; + int swap_w = swap * 0x3; + bool be = HOST_BIG_ENDIAN ^ swap; + uint32_t w0, w1, w2, w3; + + w0 = (AES_Te0[st->b[swap_b ^ AES_SH_0]] ^ + AES_Te1[st->b[swap_b ^ AES_SH_1]] ^ + AES_Te2[st->b[swap_b ^ AES_SH_2]] ^ + AES_Te3[st->b[swap_b ^ AES_SH_3]]); + + w1 = (AES_Te0[st->b[swap_b ^ AES_SH_4]] ^ + AES_Te1[st->b[swap_b ^ AES_SH_5]] ^ + AES_Te2[st->b[swap_b ^ AES_SH_6]] ^ + AES_Te3[st->b[swap_b ^ AES_SH_7]]); + + w2 = (AES_Te0[st->b[swap_b ^ AES_SH_8]] ^ + AES_Te1[st->b[swap_b ^ AES_SH_9]] ^ + AES_Te2[st->b[swap_b ^ AES_SH_A]] ^ + AES_Te3[st->b[swap_b ^ AES_SH_B]]); + + w3 = (AES_Te0[st->b[swap_b ^ AES_SH_C]] ^ + AES_Te1[st->b[swap_b ^ AES_SH_D]] ^ + AES_Te2[st->b[swap_b ^ AES_SH_E]] ^ + AES_Te3[st->b[swap_b ^ AES_SH_F]]); + + /* Note that AES_TeX is encoded for big-endian. */ + if (!be) { + w0 = bswap32(w0); + w1 = bswap32(w1); + w2 = bswap32(w2); + w3 = bswap32(w3); + } + + r->w[swap_w ^ 0] = rk->w[swap_w ^ 0] ^ w0; + r->w[swap_w ^ 1] = rk->w[swap_w ^ 1] ^ w1; + r->w[swap_w ^ 2] = rk->w[swap_w ^ 2] ^ w2; + r->w[swap_w ^ 3] = rk->w[swap_w ^ 3] ^ w3; +} + +void aesenc_SB_SR_MC_AK_gen(AESState *r, const AESState *st, + const AESState *rk) +{ + aesenc_SB_SR_MC_AK_swap(r, st, rk, false); +} + +void aesenc_SB_SR_MC_AK_genrev(AESState *r, const AESState *st, + const AESState *rk) +{ + aesenc_SB_SR_MC_AK_swap(r, st, rk, true); +} + /* Perform InvSubBytes + InvShiftRows. */ static inline void aesdec_ISB_ISR_swap(AESState *r, const AESState *st, bool swap) From patchwork Sat Jun 3 02:34:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266031 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0D35BC7EE2C for ; Sat, 3 Jun 2023 02:38:03 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7h-0002xV-Iu; Fri, 02 Jun 2023 22:36:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6b-0000aM-Ji for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:02 -0400 Received: from mail-ot1-x334.google.com ([2607:f8b0:4864:20::334]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6P-0004rf-Bm for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:01 -0400 Received: by mail-ot1-x334.google.com with SMTP id 46e09a7af769-6af74ca9f4aso2703161a34.3 for ; Fri, 02 Jun 2023 19:34:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759687; x=1688351687; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=xQJo2C3OKYrLdgG+Avv/itkRaFPUqHtuD2xcYh5Lh3Y=; b=OdXJUkKlmbPfOIMb4syHFC9vqCA+CKjZqxnq3kv6h4Z5znXuxTl126Ci6RAxADj7Ew vkAKmgkAx1asIQSc+sWpnSJyrguLuzoq2M2P8MjPCjz9mzUCQuE1MUs7ULJbf6eRNyBv lmfBmvYwzRUA2pcuWHXY0k0H28CqCA/HZJlt3r9C+ncfxRVgnmgu6igPSiaO+lbfnVJU QuN4Dlls9KZWNvu01cbpxJa+IG8xPXYQjTsJIMkn93y43HCNqLp0WjKAl1Y0tT0hOWvt vF74OPKA+qKn3L/9M8cp7BU+6H69Db6DO73cKKyLeA2yKjqtfLIV4Kwn9mPWht73ysu4 ciog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759687; x=1688351687; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xQJo2C3OKYrLdgG+Avv/itkRaFPUqHtuD2xcYh5Lh3Y=; b=c1kIw73+SXKYDcL/2ekUkWYXRVlP/gcx20VQk3aC8P+g1ZVBUCRTPookHwhHKGP43M ckBcdAcHqNUJgC94BTJuYmKg14w+/EAl1N3k3FpsRrDwkq+GPqMnC7j1Zrr0i48e48XZ WTbj/U85VGqC6l7igur80QM6zHKpDU3/e2Xyuc7+XyAG4s/vrDTpczx4YtzvHBQE7NdH ZKxU9G/Dl3e/+1jL6IVgLRjWAnREwQVaEaHZdwZDSg+PuPj+0tZ0C+xS/gUW3j/UsLuT mJRkCESW9amOXY8Mn0pDbIHw1hSzWxo8WfpCVSaT86SXpugliepcAPUZwxtC7VjDG+tU uuiA== X-Gm-Message-State: AC+VfDzYW69FPt9RF71+9TQyW4WnbxIzfhyMitnmIV1NJxOhDCjimE58 GKKDgLL8dJ4vOoL3RUIHbG3IRK4Yp/4aCTheuy0= X-Google-Smtp-Source: ACHHUZ6K+lWlDOTAeUEFtcOfA/A5VTgW5oUjvsptqbKaf2TQ6hiujjzcb/bRVyarCSiq3fRSb1wVzQ== X-Received: by 2002:a05:6358:4315:b0:123:3ea3:2bd2 with SMTP id r21-20020a056358431500b001233ea32bd2mr11882291rwc.32.1685759687666; Fri, 02 Jun 2023 19:34:47 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:47 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 22/35] target/i386: Use aesenc_SB_SR_MC_AK Date: Fri, 2 Jun 2023 19:34:13 -0700 Message-Id: <20230603023426.1064431-23-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::334; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x334.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AESENC instruction. Signed-off-by: Richard Henderson --- target/i386/ops_sse.h | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/target/i386/ops_sse.h b/target/i386/ops_sse.h index 0187651140..c7a2c586f4 100644 --- a/target/i386/ops_sse.h +++ b/target/i386/ops_sse.h @@ -2190,16 +2190,12 @@ void glue(helper_aesdeclast, SUFFIX)(CPUX86State *env, Reg *d, Reg *v, Reg *s) void glue(helper_aesenc, SUFFIX)(CPUX86State *env, Reg *d, Reg *v, Reg *s) { - int i; - Reg st = *v; - Reg rk = *s; + for (int i = 0; i < SHIFT; i++) { + AESState *ad = (AESState *)&d->ZMM_X(i); + AESState *st = (AESState *)&v->ZMM_X(i); + AESState *rk = (AESState *)&s->ZMM_X(i); - for (i = 0 ; i < 2 << SHIFT ; i++) { - int j = i & 3; - d->L(i) = rk.L(i) ^ bswap32(AES_Te0[st.B(AES_shifts[4 * j + 0])] ^ - AES_Te1[st.B(AES_shifts[4 * j + 1])] ^ - AES_Te2[st.B(AES_shifts[4 * j + 2])] ^ - AES_Te3[st.B(AES_shifts[4 * j + 3])]); + aesenc_SB_SR_MC_AK(ad, st, rk, false); } } From patchwork Sat Jun 3 02:34:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266044 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C0AAAC7EE2A for ; Sat, 3 Jun 2023 02:40:40 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7j-0003C5-Bp; Fri, 02 Jun 2023 22:36:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6e-0000cb-BS for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:05 -0400 Received: from mail-pj1-x1033.google.com ([2607:f8b0:4864:20::1033]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6Q-0004sA-40 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:03 -0400 Received: by mail-pj1-x1033.google.com with SMTP id 98e67ed59e1d1-2566f66190dso2373451a91.1 for ; Fri, 02 Jun 2023 19:34:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759688; x=1688351688; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=jW/LkFvDYs7wuWSeKP7O4G0IgkgaVuXTO9qaWXdUTaM=; b=hnPFh4f+AWxBJf5sbiE7g8pqu1YrrALaXeTJJCgO4St7e6bMBIWNOHxZUk97tx2Qj9 /dwDaOxRJdEKwwVA8MUBdz0TNFlFMP4b9wsZJpraNGTqO44pczDLLXawC3LlGP73+Hst mcJipySYYmPK9m2GQ/OUMeGJKtrmuMJIewlUg5YrSCS1s+HninI5yMAyjW+3WldrwIaZ iH+Ww38QCpGOGlxwnVVeQnwzuLSLXMamJyuSGkYjOhZuNYsFtNhXOEsoAqdsNMy89CDb HXDyDgDVglMZlJatc+hC1LgVaJaOtbf6xwix+7ARTsyrYX+ZXyU1MCapzXBy6GWiAJpW t/Sw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759688; x=1688351688; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jW/LkFvDYs7wuWSeKP7O4G0IgkgaVuXTO9qaWXdUTaM=; b=Tp6fnGE8qzlSn5Lv8sEs2ZV99Ngt8FszG473Lst7gTFHYIDyklLNZ7ztsmbT3bmnVY m0t7OxveuwFbCSeyAnQMi6pywe2VKdabRbBG4JGkloKuSnnjp8mbD73LAUJjWeM6myiY GLuivXtXwxdTyMyy/hZ0Mg4IUQAa5R1/flMaUdCbJgANp4oZ0QzO6O6jicvZBtzyo3ZN ZXkcdU7wCBuH0Wny6dCGtj0AR6OLQ9yzCO8LHdYPk3NqnD92VG8h01T7zklVfLDaJpDM VdJ08H0eyO30e+Q8gs7DfJfd3EMqEGwUoi7P9Njets8z9zPjatcmaCkzKz8xHDccc07H D3UA== X-Gm-Message-State: AC+VfDwKQJtfPJ25A2DBBBO7/CEEkj44S1M46K9uJPaJRMPmizwAHCjj 5VcOO0Yq0kgI42d6rvu/IQhV7+sA8/oRRbUDTpM= X-Google-Smtp-Source: ACHHUZ68DEKYRLeblRCSawuJDl/wKRCbCuA3o4wxiR1CDCeIeidKUdR7MICjqBdvdJehFB5FMJi6cQ== X-Received: by 2002:a17:90b:4c51:b0:258:6e0d:26e3 with SMTP id np17-20020a17090b4c5100b002586e0d26e3mr1337673pjb.48.1685759688708; Fri, 02 Jun 2023 19:34:48 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:48 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 23/35] target/ppc: Use aesenc_SB_SR_MC_AK Date: Fri, 2 Jun 2023 19:34:14 -0700 Message-Id: <20230603023426.1064431-24-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::1033; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1033.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the VCIPHER instruction. Signed-off-by: Richard Henderson --- target/ppc/int_helper.c | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/target/ppc/int_helper.c b/target/ppc/int_helper.c index 444beb1779..c7f8b39e9a 100644 --- a/target/ppc/int_helper.c +++ b/target/ppc/int_helper.c @@ -2933,17 +2933,11 @@ void helper_vsbox(ppc_avr_t *r, ppc_avr_t *a) void helper_vcipher(ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b) { - ppc_avr_t result; - int i; + AESState *ad = (AESState *)r; + AESState *st = (AESState *)a; + AESState *rk = (AESState *)b; - VECTOR_FOR_INORDER_I(i, u32) { - result.VsrW(i) = b->VsrW(i) ^ - (AES_Te0[a->VsrB(AES_shifts[4 * i + 0])] ^ - AES_Te1[a->VsrB(AES_shifts[4 * i + 1])] ^ - AES_Te2[a->VsrB(AES_shifts[4 * i + 2])] ^ - AES_Te3[a->VsrB(AES_shifts[4 * i + 3])]); - } - *r = result; + aesenc_SB_SR_MC_AK(ad, st, rk, true); } void helper_vcipherlast(ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b) From patchwork Sat Jun 3 02:34:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266037 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id AEF20C7EE29 for ; Sat, 3 Jun 2023 02:39:20 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7T-0001ZK-0y; Fri, 02 Jun 2023 22:35:55 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6e-0000ca-B7 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:05 -0400 Received: from mail-ot1-x32c.google.com ([2607:f8b0:4864:20::32c]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6Q-0004j7-Lq for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:03 -0400 Received: by mail-ot1-x32c.google.com with SMTP id 46e09a7af769-6af6de9fb74so2490962a34.2 for ; Fri, 02 Jun 2023 19:34:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759690; x=1688351690; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=KjbdSIi7AgQurj1OT59iZ2YBwJtnwTAVxN3qZ4NMVr0=; b=xN+me5NeFll1hb8CNm18UjfyRJJTTCflg+QGVAVSXSDP1GSrRTNBnFgF2CinLlWMBA 0SPyQ3hGIYlWUigkIDIWY9OszUiXTHKLMHxgXv41vNYwmVwT+vnZG5tESMGg8OQkeFFU bHOmg1LC1eIlr5ahLFQ2B4uFXITEk0qexoh6ojNMvEhmL57nSBabjUXy7KEA+f8jsdiP zBmltHFZkFX1W0JefwdVdL+3nsTkOZ+jeBLzlUstnJsCWxNrH3KSAxCo55yR2rt116dy Ovn8zePeXW4DxCjZ8GVcZY/q2ZwWLZamOL/7Wy7UYZAgure5Aoik19AL5+GD806cmbX3 N1Vw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759690; x=1688351690; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KjbdSIi7AgQurj1OT59iZ2YBwJtnwTAVxN3qZ4NMVr0=; b=Ry75eIJbQsznslbYISmFXllQJkAOqGWZijB2GbaIs0/aTgtQgNP708qkHu4TH0/TuL IWpGvBuWrp41j5e861wCpDb7zsGTaYDOrQbj8UQF9pDyG13049sxVKYTlyCEIGSTWkSF mLQ/nwzWDy1d+RMYILJsTB2fEiEP6VPo01jqCuoSEnwILXNn4S9S9QYG3mpmYS/IkCim IZO+a35XLCKGRYxjIXBnGChrAxXh0XEVe0DzUQ2bEXW2CiGyHtii5mvSvWduTcY65iI1 6yOMRvdGiJsefXlOwtjkcdqORjRzKm35LjZx+6tqVDZwaM95V9fsjJI0oDRLBZ1+Ugy9 Cd5A== X-Gm-Message-State: AC+VfDynaLub0xSAIdvMZUEpOk5DUYdWabWbFtfqPX3iKQjUeAhRGtaI YG+onQcG9MA4OtLNUM65lFpo3/2TkHdM/6NtPM8= X-Google-Smtp-Source: ACHHUZ7oGt7KGD+nc06Fhth04xhWePjT6jCabd4H3z/EVrD5fpMJhjV/aABieT1CQhfTkpsU6MQbOA== X-Received: by 2002:a05:6358:cd22:b0:127:fb1b:6b16 with SMTP id gv34-20020a056358cd2200b00127fb1b6b16mr1458591rwb.15.1685759689753; Fri, 02 Jun 2023 19:34:49 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:49 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 24/35] target/riscv: Use aesenc_SB_SR_MC_AK Date: Fri, 2 Jun 2023 19:34:15 -0700 Message-Id: <20230603023426.1064431-25-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::32c; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x32c.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AES64ESM instruction. Signed-off-by: Richard Henderson --- target/riscv/crypto_helper.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/target/riscv/crypto_helper.c b/target/riscv/crypto_helper.c index 64004b2329..71694b787c 100644 --- a/target/riscv/crypto_helper.c +++ b/target/riscv/crypto_helper.c @@ -196,7 +196,16 @@ static inline target_ulong aes64_operation(target_ulong rs1, target_ulong rs2, target_ulong HELPER(aes64esm)(target_ulong rs1, target_ulong rs2) { - return aes64_operation(rs1, rs2, true, true); + AESState t, z = { }; + + /* + * This instruction does not include a round key, + * so supply a zero to our primitive. + */ + t.d[HOST_BIG_ENDIAN] = rs1; + t.d[!HOST_BIG_ENDIAN] = rs2; + aesenc_SB_SR_MC_AK(&t, &t, &z, false); + return t.d[HOST_BIG_ENDIAN]; } target_ulong HELPER(aes64es)(target_ulong rs1, target_ulong rs2) From patchwork Sat Jun 3 02:34:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266027 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C23DBC77B7A for ; Sat, 3 Jun 2023 02:37:11 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7b-0002BD-R7; Fri, 02 Jun 2023 22:36:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6q-0000go-F9 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:18 -0400 Received: from mail-oi1-x22f.google.com ([2607:f8b0:4864:20::22f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6S-0004tr-Gj for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:15 -0400 Received: by mail-oi1-x22f.google.com with SMTP id 5614622812f47-394c7ba4cb5so2054503b6e.1 for ; Fri, 02 Jun 2023 19:34:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759691; x=1688351691; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/Wfwarj28UsVRxtCJ9/8wlBpJ8nucgIhos+4a7OUH+Q=; b=Y1hPjCFss8YZsHfg5LjjFGYIj2qFOlPjuekeWGntqcZ7QBwGCeAgKWxidn2pZqmjaY 5skjFoPp/JjcY89/EPkKVKPmOi5lRISCbNBN2lhsNbzLQRd/X3MzhaPhr5DZAzaPUkna vLPAsD6u/SMB1zpaUEFDHr4CjQo+LlLR3P7jRRgkUik9QSK4RhDOYb0hDbBAab02JjPN gc/Cxqmg+bzz+rBLEIGUV0ndzBQmJkaQRmLfjxW9MYsOCIug6FvFqeHzGPviP6UzrLfO tyCXMzqDoN4wa+yBiRA6isbZLBDfy+T3F2PxzCK1H6OCxTlFnbS+FjJW6SU48/oMVJgr viEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759691; x=1688351691; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/Wfwarj28UsVRxtCJ9/8wlBpJ8nucgIhos+4a7OUH+Q=; b=LqlLEA4oKcXGa2OurERQiM0PxGsRQeaMHV+E88M8HytOLz9JfRVCoQM+hdiWfLwg+c oFDgq4aTgEGTJWGg/N2Jn37iJpa53jlKiZDyo3iUjDnheoI37gTyHX+vFeTKqozIxMBR dMrjGhabLtSOuktdjdTj+xcZBEP2Al+96/haQPCyf9muCkxyNDwM1Djdn/Mv9n6wCGok MWcW2XV3rCdDP33eVmmb6yjfcVBcZqLoHXIiZNlb7nnwd/NnQhAe9LwnoPYE1ZTpxJ4Y 5pAGADM9jdsuczBgPRj/7ORnNFB0ZEIImfPEcIYAjYZV4uNM2ttGm0sbs2hXT33GpukC Um5Q== X-Gm-Message-State: AC+VfDyQw1maqRGd/5QAIrWwHySpZYdgbhols/88+MX4Owo4Dq8Uzy14 WOdlsLcc45eEe95ia0CGjuQM25XBK5ugXWfroTY= X-Google-Smtp-Source: ACHHUZ6/U1mUIkZ3yS8ra1m4zW+tB9Be51Sg3vyg2/YT6GyhzblPPMLNmJWqcLNIX7tYlLo1WDUpNQ== X-Received: by 2002:a05:6808:2998:b0:396:9fe5:1a65 with SMTP id ex24-20020a056808299800b003969fe51a65mr1767640oib.16.1685759690795; Fri, 02 Jun 2023 19:34:50 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:50 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 25/35] crypto: Add aesdec_ISB_ISR_IMC_AK Date: Fri, 2 Jun 2023 19:34:16 -0700 Message-Id: <20230603023426.1064431-26-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::22f; envelope-from=richard.henderson@linaro.org; helo=mail-oi1-x22f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Add a primitive for InvSubBytes + InvShiftRows + InvMixColumns + AddRoundKey. Signed-off-by: Richard Henderson --- host/include/generic/host/aes-round.h | 4 ++ include/crypto/aes-round.h | 21 ++++++++++ crypto/aes.c | 56 +++++++++++++++++++++++++++ 3 files changed, 81 insertions(+) diff --git a/host/include/generic/host/aes-round.h b/host/include/generic/host/aes-round.h index dc2c751ac3..848436379d 100644 --- a/host/include/generic/host/aes-round.h +++ b/host/include/generic/host/aes-round.h @@ -25,4 +25,8 @@ void aesdec_IMC_accel(AESState *, const AESState *, bool) void aesdec_ISB_ISR_accel(AESState *, const AESState *, bool) QEMU_ERROR("unsupported accel"); +void aesdec_ISB_ISR_IMC_AK_accel(AESState *, const AESState *, + const AESState *, bool) + QEMU_ERROR("unsupported accel"); + #endif diff --git a/include/crypto/aes-round.h b/include/crypto/aes-round.h index aefa17fcc3..352687ce11 100644 --- a/include/crypto/aes-round.h +++ b/include/crypto/aes-round.h @@ -113,4 +113,25 @@ static inline void aesdec_IMC(AESState *r, const AESState *st, bool be) } } +/* + * Perform InvSubBytes + InvShiftRows + InvMixColumns + AddRoundKey. + */ + +void aesdec_ISB_ISR_IMC_AK_gen(AESState *ret, const AESState *st, + const AESState *rk); +void aesdec_ISB_ISR_IMC_AK_genrev(AESState *ret, const AESState *st, + const AESState *rk); + +static inline void aesdec_ISB_ISR_IMC_AK(AESState *r, const AESState *st, + const AESState *rk, bool be) +{ + if (HAVE_AES_ACCEL) { + aesdec_ISB_ISR_IMC_AK_accel(r, st, rk, be); + } else if (HOST_BIG_ENDIAN == be) { + aesdec_ISB_ISR_IMC_AK_gen(r, st, rk); + } else { + aesdec_ISB_ISR_IMC_AK_genrev(r, st, rk); + } +} + #endif /* CRYPTO_AES_ROUND_H */ diff --git a/crypto/aes.c b/crypto/aes.c index 6172495b46..1696086868 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -1515,6 +1515,62 @@ void aesdec_IMC_genrev(AESState *r, const AESState *st) aesdec_IMC_swap(r, st, true); } +/* Perform InvSubBytes + InvShiftRows + InvMixColumns + AddRoundKey. */ +static inline void +aesdec_ISB_ISR_IMC_AK_swap(AESState *r, const AESState *st, + const AESState *rk, bool swap) +{ + int swap_b = swap * 0xf; + int swap_w = swap * 0x3; + bool be = HOST_BIG_ENDIAN ^ swap; + uint32_t w0, w1, w2, w3; + + w0 = (AES_Td0[st->b[swap_b ^ AES_ISH_0]] ^ + AES_Td1[st->b[swap_b ^ AES_ISH_1]] ^ + AES_Td2[st->b[swap_b ^ AES_ISH_2]] ^ + AES_Td3[st->b[swap_b ^ AES_ISH_3]]); + + w1 = (AES_Td0[st->b[swap_b ^ AES_ISH_4]] ^ + AES_Td1[st->b[swap_b ^ AES_ISH_5]] ^ + AES_Td2[st->b[swap_b ^ AES_ISH_6]] ^ + AES_Td3[st->b[swap_b ^ AES_ISH_7]]); + + w2 = (AES_Td0[st->b[swap_b ^ AES_ISH_8]] ^ + AES_Td1[st->b[swap_b ^ AES_ISH_9]] ^ + AES_Td2[st->b[swap_b ^ AES_ISH_A]] ^ + AES_Td3[st->b[swap_b ^ AES_ISH_B]]); + + w3 = (AES_Td0[st->b[swap_b ^ AES_ISH_C]] ^ + AES_Td1[st->b[swap_b ^ AES_ISH_D]] ^ + AES_Td2[st->b[swap_b ^ AES_ISH_E]] ^ + AES_Td3[st->b[swap_b ^ AES_ISH_F]]); + + /* Note that AES_TdX is encoded for big-endian. */ + if (!be) { + w0 = bswap32(w0); + w1 = bswap32(w1); + w2 = bswap32(w2); + w3 = bswap32(w3); + } + + r->w[swap_w ^ 0] = rk->w[swap_w ^ 0] ^ w0; + r->w[swap_w ^ 1] = rk->w[swap_w ^ 1] ^ w1; + r->w[swap_w ^ 2] = rk->w[swap_w ^ 2] ^ w2; + r->w[swap_w ^ 3] = rk->w[swap_w ^ 3] ^ w3; +} + +void aesdec_ISB_ISR_IMC_AK_gen(AESState *r, const AESState *st, + const AESState *rk) +{ + aesdec_ISB_ISR_IMC_AK_swap(r, st, rk, false); +} + +void aesdec_ISB_ISR_IMC_AK_genrev(AESState *r, const AESState *st, + const AESState *rk) +{ + aesdec_ISB_ISR_IMC_AK_swap(r, st, rk, true); +} + /** * Expand the cipher key into the encryption key schedule. */ From patchwork Sat Jun 3 02:34:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266023 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 76CDBC77B7A for ; Sat, 3 Jun 2023 02:36:42 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7c-0002I5-R7; Fri, 02 Jun 2023 22:36:04 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6q-0000gp-F8 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:18 -0400 Received: from mail-oi1-x22f.google.com ([2607:f8b0:4864:20::22f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6S-0004uA-OE for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:13 -0400 Received: by mail-oi1-x22f.google.com with SMTP id 5614622812f47-39a50fcc719so2044287b6e.2 for ; Fri, 02 Jun 2023 19:34:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759691; x=1688351691; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8ad1hEuB2NS1Bh4h8rcRJdaP7SG2+aNgQWOiVbHdswo=; b=mi3qZA1RBOv1nNuNU1fAUDLAx2E9RqCzeuZJy/sa4SU+TNE2xUyY2ktXs19qNqnryC aMpT9VftJURQGgG8/eYBCuJRcuOI0lhpzNrba7bFAS+z919DWltjVQ5WJ4HEt3Jvf50G pzSLpu8Nsr+gUM5dtZ93ZpCrGxebgJuUVNF2duYFuSoPq3SmYbCQmiPEtrSL+Y64XjSQ hnWsOGLIBZQSxeVz3TBhwKFSnPo0Y6hI6LYiIsDG2f2ExRtFu7xDDB9EhIGl21P/ZeQw J7tgjP5pDqEqPVT1H4lVlPQQj6y12Xla5mo09B8IBEtiNAOB8VK6nMMaqC3KvYPSwW/g AX8g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759691; x=1688351691; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8ad1hEuB2NS1Bh4h8rcRJdaP7SG2+aNgQWOiVbHdswo=; b=FEkB4OMwlqQZxL62A0WoBbJH2Na57yhE264Pn9QmaVwUAsZNNUVRQB+DspPYe6YInX 8K5GSSCSCbR8r6mfEW3HkQzQ9eTqvcGrjXk88gSekzcgwPiQG8513NmFcwNVbYj11tVr bmtwrF/a7Hub/EeoIYLLvv7/ho1CsZlc3EI2yKfusEgVvVlXdlesq5qRfFkChc0s5+sL JbAyHHnW6S/AcjOixwC8KIGigemnzZDLJVbjOxXVmUzL+lps60/d00aCyuZ3oO1WDTi/ WjdE/lRuNoOaZxzGgE97ylmQzgVDkLklogpPBI79OFA3f98b9PlxaFb04EVJl14L1O8h KpSw== X-Gm-Message-State: AC+VfDwW7/bGo2qs5HZr1E6QfMcdG+7UQzLY+kTiDAMb2C3spO3+1+0z lQSydSkUR1BzySYS1DpUPpjblWQd0uyeT3axpvw= X-Google-Smtp-Source: ACHHUZ5tqCLZSQWlsXq5iVv6gLBvFFxUryspklQ0r9ui9w+8fPWi5FAZgw1SWyKttXvMxRj+ogGDjQ== X-Received: by 2002:aca:1703:0:b0:398:4588:ff22 with SMTP id j3-20020aca1703000000b003984588ff22mr1887358oii.43.1685759691664; Fri, 02 Jun 2023 19:34:51 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:51 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 26/35] target/i386: Use aesdec_ISB_ISR_IMC_AK Date: Fri, 2 Jun 2023 19:34:17 -0700 Message-Id: <20230603023426.1064431-27-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::22f; envelope-from=richard.henderson@linaro.org; helo=mail-oi1-x22f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AESDEC instruction. Signed-off-by: Richard Henderson --- target/i386/ops_sse.h | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/target/i386/ops_sse.h b/target/i386/ops_sse.h index c7a2c586f4..e666bd5068 100644 --- a/target/i386/ops_sse.h +++ b/target/i386/ops_sse.h @@ -2162,16 +2162,12 @@ void glue(helper_pclmulqdq, SUFFIX)(CPUX86State *env, Reg *d, Reg *v, Reg *s, void glue(helper_aesdec, SUFFIX)(CPUX86State *env, Reg *d, Reg *v, Reg *s) { - int i; - Reg st = *v; - Reg rk = *s; + for (int i = 0; i < SHIFT; i++) { + AESState *ad = (AESState *)&d->ZMM_X(i); + AESState *st = (AESState *)&v->ZMM_X(i); + AESState *rk = (AESState *)&s->ZMM_X(i); - for (i = 0 ; i < 2 << SHIFT ; i++) { - int j = i & 3; - d->L(i) = rk.L(i) ^ bswap32(AES_Td0[st.B(AES_ishifts[4 * j + 0])] ^ - AES_Td1[st.B(AES_ishifts[4 * j + 1])] ^ - AES_Td2[st.B(AES_ishifts[4 * j + 2])] ^ - AES_Td3[st.B(AES_ishifts[4 * j + 3])]); + aesdec_ISB_ISR_IMC_AK(ad, st, rk, false); } } From patchwork Sat Jun 3 02:34:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266049 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D03BDC7EE29 for ; Sat, 3 Jun 2023 02:41:28 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7m-0003ap-AL; Fri, 02 Jun 2023 22:36:14 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6q-0000gm-Ds for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:18 -0400 Received: from mail-yb1-xb30.google.com ([2607:f8b0:4864:20::b30]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6U-0004ur-FP for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:15 -0400 Received: by mail-yb1-xb30.google.com with SMTP id 3f1490d57ef6-bad97da58adso3064732276.1 for ; Fri, 02 Jun 2023 19:34:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759692; x=1688351692; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Tk9bxJV83GbbH2kAWa5wG6tFQX4+USMPaSbOItp9Yr4=; b=hubYscbVYaGRJ6WCxlPBRl43PB2R6SzU8tCFZqcHReJCSo6MbjpKqHtHgh7J3OXcfN vzW702l8WYTg3z3gKs3KDmpMk6pLPnoCWY2FfT8P1wC5hPrOvQI/28tDb27xPUfdonz+ Id7bzSxK297QMVYrONqMiRDQOe3jhv/vW9jJ58OMq7FkueSd6HNkA2cUkisI1TieEXhi NxluAacMJ4eExvPFzMaEfQHY9GuCzG1NpZebfv83XctKThcYmq+0KxO1RAFqZRr7yuF3 YXOcojqGjC5ZCefTDCWtvKHpDFbn258cqgxzdlcJAsMnOicxTlvgBh6Cx954EHj7PHmc mXnA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759692; x=1688351692; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Tk9bxJV83GbbH2kAWa5wG6tFQX4+USMPaSbOItp9Yr4=; b=ERcdS476PX5rTjyam1Q4IGG95vqww5lw6YUZgByICkpWGlMt/198Qs9lPeZ7nMxJzi dB9DE7iDMl1UEJ9QFpCPGlZs40W7UHXz6kMXLZblPslgOB1snhk6ooh2qtD7MQUgKDhN iApCn9GeuiVlHc6LUlvbgLVwHEXhAVwYvxaeqOWGVu5sK8y+21piiYrGzFT2CNhmgfYD 0XAsOWrrgd0+PvffThjkdOys68MpTYtBsYl9RJLsAoQ7KcJ+YBZ9HCHFsQdh2NTfgoqd A9j/UfpxFgxnZLwxeWUfU0jU+/RgQ+ozstqpR/42t1Xk2ZjWL4x10fATftm9kcuD3GTk 08Tg== X-Gm-Message-State: AC+VfDweHsDgJma06YicGTBf3LvYP6Dc5tz/qGxMdhY4chb2XUMgNQ1G 5eaBDK1ZkTU8W9wH7g5TVyA1mXVZeSzKQaRdH9o= X-Google-Smtp-Source: ACHHUZ5F5iyLn9Lip/RKIGAZ2MCqIthp8H10BoBcKAao1veSUBJ8wovYNnsJO2vIZiwQQAGMn80/Tg== X-Received: by 2002:a25:be92:0:b0:ba5:ee5a:f41c with SMTP id i18-20020a25be92000000b00ba5ee5af41cmr5243743ybk.1.1685759692663; Fri, 02 Jun 2023 19:34:52 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:52 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 27/35] target/riscv: Use aesdec_ISB_ISR_IMC_AK Date: Fri, 2 Jun 2023 19:34:18 -0700 Message-Id: <20230603023426.1064431-28-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::b30; envelope-from=richard.henderson@linaro.org; helo=mail-yb1-xb30.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the AES64DSM instruction. This was the last use of aes64_operation and its support macros, so remove them all. Signed-off-by: Richard Henderson --- target/riscv/crypto_helper.c | 101 ++++------------------------------- 1 file changed, 10 insertions(+), 91 deletions(-) diff --git a/target/riscv/crypto_helper.c b/target/riscv/crypto_helper.c index 71694b787c..affa8292d1 100644 --- a/target/riscv/crypto_helper.c +++ b/target/riscv/crypto_helper.c @@ -104,96 +104,6 @@ target_ulong HELPER(aes32dsi)(target_ulong rs1, target_ulong rs2, return aes32_operation(shamt, rs1, rs2, false, false); } -#define BY(X, I) ((X >> (8 * I)) & 0xFF) - -#define AES_SHIFROWS_LO(RS1, RS2) ( \ - (((RS1 >> 24) & 0xFF) << 56) | (((RS2 >> 48) & 0xFF) << 48) | \ - (((RS2 >> 8) & 0xFF) << 40) | (((RS1 >> 32) & 0xFF) << 32) | \ - (((RS2 >> 56) & 0xFF) << 24) | (((RS2 >> 16) & 0xFF) << 16) | \ - (((RS1 >> 40) & 0xFF) << 8) | (((RS1 >> 0) & 0xFF) << 0)) - -#define AES_INVSHIFROWS_LO(RS1, RS2) ( \ - (((RS2 >> 24) & 0xFF) << 56) | (((RS2 >> 48) & 0xFF) << 48) | \ - (((RS1 >> 8) & 0xFF) << 40) | (((RS1 >> 32) & 0xFF) << 32) | \ - (((RS1 >> 56) & 0xFF) << 24) | (((RS2 >> 16) & 0xFF) << 16) | \ - (((RS2 >> 40) & 0xFF) << 8) | (((RS1 >> 0) & 0xFF) << 0)) - -#define AES_MIXBYTE(COL, B0, B1, B2, B3) ( \ - BY(COL, B3) ^ BY(COL, B2) ^ AES_GFMUL(BY(COL, B1), 3) ^ \ - AES_GFMUL(BY(COL, B0), 2)) - -#define AES_MIXCOLUMN(COL) ( \ - AES_MIXBYTE(COL, 3, 0, 1, 2) << 24 | \ - AES_MIXBYTE(COL, 2, 3, 0, 1) << 16 | \ - AES_MIXBYTE(COL, 1, 2, 3, 0) << 8 | AES_MIXBYTE(COL, 0, 1, 2, 3) << 0) - -#define AES_INVMIXBYTE(COL, B0, B1, B2, B3) ( \ - AES_GFMUL(BY(COL, B3), 0x9) ^ AES_GFMUL(BY(COL, B2), 0xd) ^ \ - AES_GFMUL(BY(COL, B1), 0xb) ^ AES_GFMUL(BY(COL, B0), 0xe)) - -#define AES_INVMIXCOLUMN(COL) ( \ - AES_INVMIXBYTE(COL, 3, 0, 1, 2) << 24 | \ - AES_INVMIXBYTE(COL, 2, 3, 0, 1) << 16 | \ - AES_INVMIXBYTE(COL, 1, 2, 3, 0) << 8 | \ - AES_INVMIXBYTE(COL, 0, 1, 2, 3) << 0) - -static inline target_ulong aes64_operation(target_ulong rs1, target_ulong rs2, - bool enc, bool mix) -{ - uint64_t RS1 = rs1; - uint64_t RS2 = rs2; - uint64_t result; - uint64_t temp; - uint32_t col_0; - uint32_t col_1; - - if (enc) { - temp = AES_SHIFROWS_LO(RS1, RS2); - temp = (((uint64_t)AES_sbox[(temp >> 0) & 0xFF] << 0) | - ((uint64_t)AES_sbox[(temp >> 8) & 0xFF] << 8) | - ((uint64_t)AES_sbox[(temp >> 16) & 0xFF] << 16) | - ((uint64_t)AES_sbox[(temp >> 24) & 0xFF] << 24) | - ((uint64_t)AES_sbox[(temp >> 32) & 0xFF] << 32) | - ((uint64_t)AES_sbox[(temp >> 40) & 0xFF] << 40) | - ((uint64_t)AES_sbox[(temp >> 48) & 0xFF] << 48) | - ((uint64_t)AES_sbox[(temp >> 56) & 0xFF] << 56)); - if (mix) { - col_0 = temp & 0xFFFFFFFF; - col_1 = temp >> 32; - - col_0 = AES_MIXCOLUMN(col_0); - col_1 = AES_MIXCOLUMN(col_1); - - result = ((uint64_t)col_1 << 32) | col_0; - } else { - result = temp; - } - } else { - temp = AES_INVSHIFROWS_LO(RS1, RS2); - temp = (((uint64_t)AES_isbox[(temp >> 0) & 0xFF] << 0) | - ((uint64_t)AES_isbox[(temp >> 8) & 0xFF] << 8) | - ((uint64_t)AES_isbox[(temp >> 16) & 0xFF] << 16) | - ((uint64_t)AES_isbox[(temp >> 24) & 0xFF] << 24) | - ((uint64_t)AES_isbox[(temp >> 32) & 0xFF] << 32) | - ((uint64_t)AES_isbox[(temp >> 40) & 0xFF] << 40) | - ((uint64_t)AES_isbox[(temp >> 48) & 0xFF] << 48) | - ((uint64_t)AES_isbox[(temp >> 56) & 0xFF] << 56)); - if (mix) { - col_0 = temp & 0xFFFFFFFF; - col_1 = temp >> 32; - - col_0 = AES_INVMIXCOLUMN(col_0); - col_1 = AES_INVMIXCOLUMN(col_1); - - result = ((uint64_t)col_1 << 32) | col_0; - } else { - result = temp; - } - } - - return result; -} - target_ulong HELPER(aes64esm)(target_ulong rs1, target_ulong rs2) { AESState t, z = { }; @@ -230,7 +140,16 @@ target_ulong HELPER(aes64ds)(target_ulong rs1, target_ulong rs2) target_ulong HELPER(aes64dsm)(target_ulong rs1, target_ulong rs2) { - return aes64_operation(rs1, rs2, false, true); + AESState t, z = { }; + + /* + * This instruction does not include a round key, + * so supply a zero to our primitive. + */ + t.d[HOST_BIG_ENDIAN] = rs1; + t.d[!HOST_BIG_ENDIAN] = rs2; + aesdec_ISB_ISR_IMC_AK(&t, &t, &z, false); + return t.d[HOST_BIG_ENDIAN]; } target_ulong HELPER(aes64ks2)(target_ulong rs1, target_ulong rs2) From patchwork Sat Jun 3 02:34:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266041 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 06239C7EE29 for ; Sat, 3 Jun 2023 02:40:04 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7n-0003lM-62; Fri, 02 Jun 2023 22:36:15 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6t-0000oN-Rd for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:21 -0400 Received: from mail-pj1-x102b.google.com ([2607:f8b0:4864:20::102b]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6V-0004v8-Bl for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:17 -0400 Received: by mail-pj1-x102b.google.com with SMTP id 98e67ed59e1d1-256931ec244so2369561a91.3 for ; Fri, 02 Jun 2023 19:34:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759693; x=1688351693; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+ALpb0XwJHZTdJw+MYvX3tX7xTZblIMqFiH2Syk8o8k=; b=syOQYYxoFafcm0mgy//b4KwRHZjTXdcHU6BREb/+K7hYw2acIudlHLyDz7b0nu0oRF jg394tecvc7Zp4rNdRSazXhaLmPdAYkl0noTpF+8h8WQuc/CL++d89namrZ5d/7haCLr SgO/GIIP+vif939cmCgZZ3PhwBKTdQkUpd7t9Vz/MhI2r1vRNz6Up2VGie3XooStuQsr lfVR6Kk4eMGnA07aFzcXEGFT0qwV2u0hn+MUSik7WMFe3gmDVGssBH9QXIwhHegTU+vw zxsYlar6+mymw6cG998XEKIIma2fFrE7yiRzV5zpaFHqzvqqA+TfkDbMEQ3yUDEHTMIP AuRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759693; x=1688351693; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+ALpb0XwJHZTdJw+MYvX3tX7xTZblIMqFiH2Syk8o8k=; b=W4vMMLKSTHr5kIN3KUNYxoglgQ+B+JjEu0SJElVHTp1MVaS8elGfGIZNzRTPPSvf6G diW5LboRrbWDvXalxleMbsS9h02MP8Igj8by+wrNn+ZuzLXaw/KTBzgMdMNs4MTEbCJg nU34BOgENMl/0NfGDj05Xoo3D6INpFEvudGFQkXD9Q9mP9binLJ6SwtnKIm9K2vK6nYJ AUo3rzQXIzukh8M531qKxECKWSlXDysz91sgHaMAbE3LbSm5/Tgrm31Vaizzklc3ilVG Tr8+G4dqqk0wLWuD3mmAKWSCiuFq3REA1Fpud+UwhQbTrkWVNexo9fYBxZSo6l3ESron RHZg== X-Gm-Message-State: AC+VfDyOdtjVthv6KtqUSkQKw/tAMHnhNVg4YYvMg3N4BuwyIgZx+zbM tEjVZVYNgaqi5u/GLiip8TgM3HdGWQF0VEQsYoM= X-Google-Smtp-Source: ACHHUZ6QAp/BiZ+IASgPWsUqCfp8a0cwDLEki5BE2AqHhBwAagcYP9zz2oyowCdXEE3fxZCUsTY2Vg== X-Received: by 2002:a17:90a:9201:b0:255:cddf:a0c8 with SMTP id m1-20020a17090a920100b00255cddfa0c8mr1458511pjo.41.1685759693465; Fri, 02 Jun 2023 19:34:53 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:53 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 28/35] crypto: Add aesdec_ISB_ISR_AK_IMC Date: Fri, 2 Jun 2023 19:34:19 -0700 Message-Id: <20230603023426.1064431-29-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::102b; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x102b.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Add a primitive for InvSubBytes + InvShiftRows + AddRoundKey + InvMixColumns. Signed-off-by: Richard Henderson --- host/include/generic/host/aes-round.h | 4 ++++ include/crypto/aes-round.h | 21 +++++++++++++++++++++ crypto/aes.c | 20 ++++++++++++++++++++ 3 files changed, 45 insertions(+) diff --git a/host/include/generic/host/aes-round.h b/host/include/generic/host/aes-round.h index 848436379d..84f82e53d8 100644 --- a/host/include/generic/host/aes-round.h +++ b/host/include/generic/host/aes-round.h @@ -25,6 +25,10 @@ void aesdec_IMC_accel(AESState *, const AESState *, bool) void aesdec_ISB_ISR_accel(AESState *, const AESState *, bool) QEMU_ERROR("unsupported accel"); +void aesdec_ISB_ISR_AK_IMC_accel(AESState *, const AESState *, + const AESState *, bool) + QEMU_ERROR("unsupported accel"); + void aesdec_ISB_ISR_IMC_AK_accel(AESState *, const AESState *, const AESState *, bool) QEMU_ERROR("unsupported accel"); diff --git a/include/crypto/aes-round.h b/include/crypto/aes-round.h index 352687ce11..b48b87671c 100644 --- a/include/crypto/aes-round.h +++ b/include/crypto/aes-round.h @@ -113,6 +113,27 @@ static inline void aesdec_IMC(AESState *r, const AESState *st, bool be) } } +/* + * Perform InvSubBytes + InvShiftRows + AddRoundKey + InvMixColumns. + */ + +void aesdec_ISB_ISR_AK_IMC_gen(AESState *ret, const AESState *st, + const AESState *rk); +void aesdec_ISB_ISR_AK_IMC_genrev(AESState *ret, const AESState *st, + const AESState *rk); + +static inline void aesdec_ISB_ISR_AK_IMC(AESState *r, const AESState *st, + const AESState *rk, bool be) +{ + if (HAVE_AES_ACCEL) { + aesdec_ISB_ISR_AK_IMC_accel(r, st, rk, be); + } else if (HOST_BIG_ENDIAN == be) { + aesdec_ISB_ISR_AK_IMC_gen(r, st, rk); + } else { + aesdec_ISB_ISR_AK_IMC_genrev(r, st, rk); + } +} + /* * Perform InvSubBytes + InvShiftRows + InvMixColumns + AddRoundKey. */ diff --git a/crypto/aes.c b/crypto/aes.c index 1696086868..c0e4bc5580 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -1571,6 +1571,26 @@ void aesdec_ISB_ISR_IMC_AK_genrev(AESState *r, const AESState *st, aesdec_ISB_ISR_IMC_AK_swap(r, st, rk, true); } +void aesdec_ISB_ISR_AK_IMC_gen(AESState *r, const AESState *st, + const AESState *rk) +{ + AESState t; + + aesdec_ISB_ISR_gen(&t, st); + t.v ^= rk->v; + aesdec_IMC_gen(r, &t); +} + +void aesdec_ISB_ISR_AK_IMC_genrev(AESState *r, const AESState *st, + const AESState *rk) +{ + AESState t; + + aesdec_ISB_ISR_genrev(&t, st); + t.v ^= rk->v; + aesdec_IMC_genrev(r, &t); +} + /** * Expand the cipher key into the encryption key schedule. */ From patchwork Sat Jun 3 02:34:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266038 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 46243C7EE2A for ; Sat, 3 Jun 2023 02:39:40 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7n-0003o1-Cc; Fri, 02 Jun 2023 22:36:15 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6x-0000pP-Dh for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:26 -0400 Received: from mail-pj1-x1033.google.com ([2607:f8b0:4864:20::1033]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6Y-0004vp-EV for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:22 -0400 Received: by mail-pj1-x1033.google.com with SMTP id 98e67ed59e1d1-2564dc37c3eso3107502a91.0 for ; Fri, 02 Jun 2023 19:34:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759694; x=1688351694; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=L7j1qOyZnLIkCNuPi4WOfNPianJuONVzsXzr21BD5RU=; b=O7XQIc+VPk/DPm7uOmMGUPM6X5YgzjqL1G4pHzDjguIF3VSyyFwzx/wpMTF7NtKMDe iMNBVUTD14uSa8ib51gTeqCYLUQ4M82/qjQmNs3Ok32il0rQSkXnrwXQ+aXe1sZ3fhrq zwiMf8hOVvDypYq/lX+LF7KlMO4pGzeNsNXF4eRT7YRiG7htAktF4DSw3bwgx0E8ZpWa wA/506oE/55hv55OFgvELFPiWUST9/zrWsnMBC9nORdIRlr5rfgoKClLJfpH/ydReGdX rMP5Nsa3Lc8YYGEEhWPPR4Ba/rXyYBmwTlDXHKdwcK7hkNOxFe3W3FhPL3RAl1HUIV66 TqoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759694; x=1688351694; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=L7j1qOyZnLIkCNuPi4WOfNPianJuONVzsXzr21BD5RU=; b=k9YNuUCY5FtBhOBEJgulld6edNpQMG3KKfS+1uEEM8wiJYbRQT7YYKAiw3eaz6AeNH AuBUR1lU9cPQxYwKpsJd4R/XTZh9koi0BmQPWEA+QEq/hyEUv2KQZ7S+H6BCzcwoEFTX qOsjH9cGOCy837C+yJTVhR5TmHVTyrrk8ExDiUit7yGocnqIiXxNVpTaXdbsXzFZF4MU r6vRFZvn50QLNGtb/9vVzj5ZZcfDZct4OcX1IVClIEfFQeG8icVKF2K2HiCmOJvwx208 c2+jp2X6qk61fvRWb1yLUW8XNXNByQMoYw5GRPWMr0m0kCWCtfff1anHWbHnmlErTSHi FIFA== X-Gm-Message-State: AC+VfDwmHNVJVS4mKAN9CI8KOM4eSa4eEo6KuZbdZpbe+6njVmx0+FrW NMjWyPW4SF+80J8lmL9zVo68nn7THmb/owcQh18= X-Google-Smtp-Source: ACHHUZ7XtT/GoojrBbSSp/Tn94gQdCwh6E49FgE8WeDnNC1fToVAyAIxItxVD7RXi/bAids4lbVxdg== X-Received: by 2002:a17:90a:4ca4:b0:23f:962e:825d with SMTP id k33-20020a17090a4ca400b0023f962e825dmr1510097pjh.1.1685759694215; Fri, 02 Jun 2023 19:34:54 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:53 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 29/35] target/ppc: Use aesdec_ISB_ISR_AK_IMC Date: Fri, 2 Jun 2023 19:34:20 -0700 Message-Id: <20230603023426.1064431-30-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::1033; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1033.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This implements the VNCIPHER instruction. Signed-off-by: Richard Henderson --- target/ppc/int_helper.c | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) diff --git a/target/ppc/int_helper.c b/target/ppc/int_helper.c index c7f8b39e9a..8ae10ad748 100644 --- a/target/ppc/int_helper.c +++ b/target/ppc/int_helper.c @@ -2953,22 +2953,11 @@ void helper_vcipherlast(ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b) void helper_vncipher(ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b) { - /* This differs from what is written in ISA V2.07. The RTL is */ - /* incorrect and will be fixed in V2.07B. */ - int i; - ppc_avr_t tmp; + AESState *ad = (AESState *)r; + AESState *st = (AESState *)a; + AESState *rk = (AESState *)b; - VECTOR_FOR_INORDER_I(i, u8) { - tmp.VsrB(i) = b->VsrB(i) ^ AES_isbox[a->VsrB(AES_ishifts[i])]; - } - - VECTOR_FOR_INORDER_I(i, u32) { - r->VsrW(i) = - AES_imc[tmp.VsrB(4 * i + 0)][0] ^ - AES_imc[tmp.VsrB(4 * i + 1)][1] ^ - AES_imc[tmp.VsrB(4 * i + 2)][2] ^ - AES_imc[tmp.VsrB(4 * i + 3)][3]; - } + aesdec_ISB_ISR_AK_IMC(ad, st, rk, true); } void helper_vncipherlast(ppc_avr_t *r, ppc_avr_t *a, ppc_avr_t *b) From patchwork Sat Jun 3 02:34:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266048 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 87C87C7EE2A for ; Sat, 3 Jun 2023 02:41:20 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7m-0003cm-G1; Fri, 02 Jun 2023 22:36:14 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6x-0000pR-Dx for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:26 -0400 Received: from mail-pj1-x1029.google.com ([2607:f8b0:4864:20::1029]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6X-0004gf-To for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:22 -0400 Received: by mail-pj1-x1029.google.com with SMTP id 98e67ed59e1d1-25692ff86cdso2203916a91.2 for ; Fri, 02 Jun 2023 19:34:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759695; x=1688351695; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kNP2zyW8a/3zpm8uEbmA/6lobMvEh7YHX80EYdU3SXU=; b=BnAVKMkGxLA6AjAae2AixlrVHz0iUBvtcBISy2LoYF46cPv5KypVDa4U8kYrMWawdF bZrR8qlahpU87znKyRO/y3S4+1KJogEC5cVoxTGRWxc9UVFyXgVYrBR6wdKd0YInMqmI H9WLcF4KKjPzBYi3diY9Yuv3dPBjlm+/8lqac2D2lI8EmDmvfEzvKS2NLZxgxo0njtC+ zgCSoKDRMUof1Yl8rDkMLKUxvGj0y6Kf64MT7d0vYBwnHMCDOISQ8GV1zZI/LI2vQqnt serqBxSW1pHpCsrJO34ob39GFbduqrAe8qeZ6KdayO6zNuCQFyB4GBet64/yELxxrGXM DqdA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759695; x=1688351695; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kNP2zyW8a/3zpm8uEbmA/6lobMvEh7YHX80EYdU3SXU=; b=SuFHJVJ0N8kvaRH7uauS0EqJr/jCYVBnWmERsBlgO9FDnQODH85bN0iQ9svXAYgK1q zlVQjT58dmqw3bIP0ivutWBoZ1gfDXl72xLZdhnDC+QPPHfauHYEmPYJwtPGHY/wKe6Y cSHo+cPra4Z7COLgePSHXIdy7OSwv74svOUSRXmtQuAaCDVt7a4PWGmndzWKp5rPjcyo DnW9HBGBmOxm4LDpJHel4iboF1IQC8IjiXIHStoRKi+5u7MG3wGEsiqAWXxiYeFItypn mV6W4VWailTueqWeHsBLm10WR9DRRqygWisSqlw3qpTWVKNlXxzFgUrzpuzhd5mbM34U lj8A== X-Gm-Message-State: AC+VfDyrLG8dl9DIybK1w67CF5+jDp7AOG/xWcX6QiNSyuLcQ4OvDsJM spIQnUPSMBpAUaWHii47LK0NT9MhJZze8J4epqA= X-Google-Smtp-Source: ACHHUZ6CA2r+MygaV8EJi72FAOM7/yOSnbS85+mh5ZCqv59qCuN/67lT5QlgcqkEzDqyRE9lDmlrug== X-Received: by 2002:a17:90a:4e8f:b0:256:937:48dc with SMTP id o15-20020a17090a4e8f00b00256093748dcmr1506291pjh.40.1685759695216; Fri, 02 Jun 2023 19:34:55 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:54 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 30/35] host/include/i386: Implement aes-round.h Date: Fri, 2 Jun 2023 19:34:21 -0700 Message-Id: <20230603023426.1064431-31-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::1029; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1029.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Detect AES in cpuinfo; implement the accel hooks. Signed-off-by: Richard Henderson --- host/include/i386/host/aes-round.h | 148 +++++++++++++++++++++++++++ host/include/i386/host/cpuinfo.h | 1 + host/include/x86_64/host/aes-round.h | 1 + util/cpuinfo-i386.c | 3 + 4 files changed, 153 insertions(+) create mode 100644 host/include/i386/host/aes-round.h create mode 100644 host/include/x86_64/host/aes-round.h diff --git a/host/include/i386/host/aes-round.h b/host/include/i386/host/aes-round.h new file mode 100644 index 0000000000..b67e20578d --- /dev/null +++ b/host/include/i386/host/aes-round.h @@ -0,0 +1,148 @@ +/* + * x86 specific aes acceleration. + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef HOST_AES_ROUND_H +#define HOST_AES_ROUND_H + +#include "host/cpuinfo.h" +#include + +#if defined(__AES__) && defined(__SSSE3__) +# define HAVE_AES_ACCEL true +# define ATTR_AES_ACCEL +#else +# define HAVE_AES_ACCEL likely(cpuinfo & CPUINFO_AES) +# define ATTR_AES_ACCEL __attribute__((target("aes,ssse3"))) +#endif + +static inline __m128i ATTR_AES_ACCEL +aes_accel_bswap(__m128i x) +{ + return _mm_shuffle_epi8(x, _mm_set_epi8(0, 1, 2, 3, 4, 5, 6, 7, 8, + 9, 10, 11, 12, 13, 14, 15)); +} + +static inline void ATTR_AES_ACCEL +aesenc_MC_accel(AESState *ret, const AESState *st, bool be) +{ + __m128i t = (__m128i)st->v; + __m128i z = _mm_setzero_si128(); + + if (be) { + t = aes_accel_bswap(t); + t = _mm_aesdeclast_si128(t, z); + t = _mm_aesenc_si128(t, z); + t = aes_accel_bswap(t); + } else { + t = _mm_aesdeclast_si128(t, z); + t = _mm_aesenc_si128(t, z); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesenc_SB_SR_accel(AESState *ret, const AESState *st, bool be) +{ + __m128i t = (__m128i)st->v; + __m128i z = _mm_setzero_si128(); + + if (be) { + t = aes_accel_bswap(t); + t = _mm_aesenclast_si128(t, z); + t = aes_accel_bswap(t); + } else { + t = _mm_aesenclast_si128(t, z); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesenc_SB_SR_MC_AK_accel(AESState *ret, const AESState *st, + const AESState *rk, bool be) +{ + __m128i t = (__m128i)st->v; + __m128i k = (__m128i)rk->v; + + if (be) { + t = aes_accel_bswap(t); + k = aes_accel_bswap(k); + t = _mm_aesenc_si128(t, k); + t = aes_accel_bswap(t); + } else { + t = _mm_aesenc_si128(t, k); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesdec_IMC_accel(AESState *ret, const AESState *st, bool be) +{ + __m128i t = (__m128i)st->v; + + if (be) { + t = aes_accel_bswap(t); + t = _mm_aesimc_si128(t); + t = aes_accel_bswap(t); + } else { + t = _mm_aesimc_si128(t); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesdec_ISB_ISR_accel(AESState *ret, const AESState *st, bool be) +{ + __m128i t = (__m128i)st->v; + __m128i z = _mm_setzero_si128(); + + if (be) { + t = aes_accel_bswap(t); + t = _mm_aesdeclast_si128(t, z); + t = aes_accel_bswap(t); + } else { + t = _mm_aesdeclast_si128(t, z); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesdec_ISB_ISR_AK_IMC_accel(AESState *ret, const AESState *st, + const AESState *rk, bool be) +{ + __m128i t = (__m128i)st->v; + __m128i k = (__m128i)rk->v; + + if (be) { + t = aes_accel_bswap(t); + k = aes_accel_bswap(k); + k = _mm_aesimc_si128(k); + t = _mm_aesdec_si128(t, k); + t = aes_accel_bswap(t); + } else { + k = _mm_aesimc_si128(k); + t = _mm_aesdec_si128(t, k); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesdec_ISB_ISR_IMC_AK_accel(AESState *ret, const AESState *st, + const AESState *rk, bool be) +{ + __m128i t = (__m128i)st->v; + __m128i k = (__m128i)rk->v; + + if (be) { + t = aes_accel_bswap(t); + k = aes_accel_bswap(k); + t = _mm_aesdec_si128(t, k); + t = aes_accel_bswap(t); + } else { + t = _mm_aesdec_si128(t, k); + } + ret->v = (AESStateVec)t; +} + +#endif diff --git a/host/include/i386/host/cpuinfo.h b/host/include/i386/host/cpuinfo.h index a6537123cf..073d0a426f 100644 --- a/host/include/i386/host/cpuinfo.h +++ b/host/include/i386/host/cpuinfo.h @@ -26,6 +26,7 @@ #define CPUINFO_AVX512VBMI2 (1u << 15) #define CPUINFO_ATOMIC_VMOVDQA (1u << 16) #define CPUINFO_ATOMIC_VMOVDQU (1u << 17) +#define CPUINFO_AES (1u << 18) /* Initialized with a constructor. */ extern unsigned cpuinfo; diff --git a/host/include/x86_64/host/aes-round.h b/host/include/x86_64/host/aes-round.h new file mode 100644 index 0000000000..7da13f5424 --- /dev/null +++ b/host/include/x86_64/host/aes-round.h @@ -0,0 +1 @@ +#include "host/include/i386/host/aes-round.h" diff --git a/util/cpuinfo-i386.c b/util/cpuinfo-i386.c index ab6143d9e7..3a7b7e0ad1 100644 --- a/util/cpuinfo-i386.c +++ b/util/cpuinfo-i386.c @@ -40,6 +40,9 @@ unsigned __attribute__((constructor)) cpuinfo_init(void) info |= (c & bit_MOVBE ? CPUINFO_MOVBE : 0); info |= (c & bit_POPCNT ? CPUINFO_POPCNT : 0); + /* Our AES support requires PSHUFB as well. */ + info |= ((c & bit_AES) && (c & bit_SSSE3) ? CPUINFO_AES : 0); + /* For AVX features, we must check available and usable. */ if ((c & bit_AVX) && (c & bit_OSXSAVE)) { unsigned bv = xgetbv_low(0); From patchwork Sat Jun 3 02:34:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266043 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 43A40C7EE2C for ; Sat, 3 Jun 2023 02:40:39 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7j-0003Cf-Dp; Fri, 02 Jun 2023 22:36:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6y-0000sv-Iz for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:26 -0400 Received: from mail-yb1-xb35.google.com ([2607:f8b0:4864:20::b35]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6Y-0004wO-IT for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:24 -0400 Received: by mail-yb1-xb35.google.com with SMTP id 3f1490d57ef6-ba8afcc82c0so3044099276.2 for ; Fri, 02 Jun 2023 19:34:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759696; x=1688351696; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=m3OHDG5WK7pMNPAxl55tD/qKqCZQ1l17wihsUptzQ58=; b=ibkNH62KmMxPoUq17zOh3oLg47my8C4QKa7P7f2qQs2nGPYb8lZWIbGUhGBgOiK4NI kAwgvUc5ZTHy61UEzmZ3wRKFZ/w/UMDhLS3DUz8wXtNn8jRruCIHDtQB/i6KuLDEBioZ ederaqCUOGp2eFkSNPw503RXhASm67MxlmZwHDFTaMrpaWEl0pmlJLQjxTfGSWSIHDak LmkbIXxd6+WgXNEJsazwpXvyMtJdX/BBaQ4fI2MXV6/qYqE/GI4Dg5Ru+onW2tuwX/Qu 6oDgcMyroooykMxHYKcAfFioaMRJL8O5mLNm7Y6kWGqIg2BDF54uZOrvIXzazrGM8RwJ 9wwQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759696; x=1688351696; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=m3OHDG5WK7pMNPAxl55tD/qKqCZQ1l17wihsUptzQ58=; b=L3Qligm5XJo2/E8CGn3FI//Baddb6kVSY6nBbZhf1Hbk2YCdG0ceWmUe8kuJ65Gamv 1m2DOknWv5lMaAxRxlhn+8IYWu+78ADu9Sw0pxjvojicAE8iIxgYLLT4L15HTa2ojWIp AsGxAuUH/ifdL3TvzEDD3n6DLMJszhnZenLS4ovSuS7TM3850Y573AiJNPGMGskEl34F PicmM2MSZpdYlH5m18eEK5AjPNonLZd3pcf0U+j43ypO5FwrtjxWF3HBg4ibQkrGWzzX kbl6EWhzfqI5cgAymitUdS6s4QFud9NDB8jswjHJ2zRTFFIAp/OHVuLbRM1HOB+x9Z8i T2lg== X-Gm-Message-State: AC+VfDxuEjqphtM36TJujX+aIfAy2uoP7TZFIR3EnJhqP7DGV0F0cLHS eeZcxgs6TuVpMnMX8fPuyCB+WRYNxAHLXXoXyPk= X-Google-Smtp-Source: ACHHUZ76AjUwHThURAVw7smpE0g25zx8SUI14WtIuByygliUY4WVQEn+wg0CKYKoTOm+Y33IU30HBw== X-Received: by 2002:a25:d846:0:b0:ba8:3b3d:3dc0 with SMTP id p67-20020a25d846000000b00ba83b3d3dc0mr5224104ybg.65.1685759696030; Fri, 02 Jun 2023 19:34:56 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:55 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 31/35] host/include/aarch64: Implement aes-round.h Date: Fri, 2 Jun 2023 19:34:22 -0700 Message-Id: <20230603023426.1064431-32-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::b35; envelope-from=richard.henderson@linaro.org; helo=mail-yb1-xb35.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Detect AES in cpuinfo; implement the accel hooks. Signed-off-by: Richard Henderson --- host/include/aarch64/host/aes-round.h | 204 ++++++++++++++++++++++++++ host/include/aarch64/host/cpuinfo.h | 1 + util/cpuinfo-aarch64.c | 2 + 3 files changed, 207 insertions(+) create mode 100644 host/include/aarch64/host/aes-round.h diff --git a/host/include/aarch64/host/aes-round.h b/host/include/aarch64/host/aes-round.h new file mode 100644 index 0000000000..27ca823db6 --- /dev/null +++ b/host/include/aarch64/host/aes-round.h @@ -0,0 +1,204 @@ +/* + * AArch64 specific aes acceleration. + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef HOST_AES_ROUND_H +#define HOST_AES_ROUND_H + +#include "host/cpuinfo.h" +#include + +#ifdef __ARM_FEATURE_AES +# define HAVE_AES_ACCEL true +# define ATTR_AES_ACCEL +#else +# define HAVE_AES_ACCEL likely(cpuinfo & CPUINFO_AES) +# define ATTR_AES_ACCEL __attribute__((target("+crypto"))) +#endif + +static inline uint8x16_t aes_accel_bswap(uint8x16_t x) +{ + /* No arm_neon.h primitive, and the compilers don't share builtins. */ +#ifdef __clang__ + return __builtin_shufflevector(x, x, 15, 14, 13, 12, 11, 10, 9, 8, + 7, 6, 5, 4, 3, 2, 1, 0); +#else + return __builtin_shuffle(x, (uint8x16_t) + { 15, 14, 13, 12, 11, 10, 9, 8, + 7, 6, 5, 4, 3, 2, 1, 0, }); +#endif +} + +/* + * Through clang 15, the aes inlines are only defined if __ARM_FEATURE_AES; + * one cannot use __attribute__((target)) to make them appear after the fact. + * Therefore we must fallback to inline asm. + */ +#ifdef __ARM_FEATURE_AES +# define aes_accel_aesd vaesdq_u8 +# define aes_accel_aese vaeseq_u8 +# define aes_accel_aesmc vaesmcq_u8 +# define aes_accel_aesimc vaesimcq_u8 +#else +static inline uint8x16_t aes_accel_aesd(uint8x16_t d, uint8x16_t k) +{ + asm(".arch_extension aes\n\t" + "aesd %0.16b, %1.16b" : "+w"(d) : "w"(k)); + return d; +} + +static inline uint8x16_t aes_accel_aese(uint8x16_t d, uint8x16_t k) +{ + asm(".arch_extension aes\n\t" + "aese %0.16b, %1.16b" : "+w"(d) : "w"(k)); + return d; +} + +static inline uint8x16_t aes_accel_aesmc(uint8x16_t d) +{ + asm(".arch_extension aes\n\t" + "aesmc %0.16b, %1.16b" : "=w"(d) : "w"(d)); + return d; +} + +static inline uint8x16_t aes_accel_aesimc(uint8x16_t d) +{ + asm(".arch_extension aes\n\t" + "aesimc %0.16b, %1.16b" : "=w"(d) : "w"(d)); + return d; +} +#endif /* __ARM_FEATURE_AES */ + +static inline void ATTR_AES_ACCEL +aesenc_MC_accel(AESState *ret, const AESState *st, bool be) +{ + uint8x16_t t = (uint8x16_t)st->v; + + if (be) { + t = aes_accel_bswap(t); + t = aes_accel_aesmc(t); + t = aes_accel_bswap(t); + } else { + t = aes_accel_aesmc(t); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesenc_SB_SR_accel(AESState *ret, const AESState *st, bool be) +{ + uint8x16_t t = (uint8x16_t)st->v; + uint8x16_t z = { }; + + if (be) { + t = aes_accel_bswap(t); + t = aes_accel_aese(t, z); + t = aes_accel_bswap(t); + } else { + t = aes_accel_aese(t, z); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesenc_SB_SR_MC_AK_accel(AESState *ret, const AESState *st, + const AESState *rk, bool be) +{ + uint8x16_t t = (uint8x16_t)st->v; + uint8x16_t k = (uint8x16_t)rk->v; + uint8x16_t z = { }; + + if (be) { + t = aes_accel_bswap(t); + k = aes_accel_bswap(k); + t = aes_accel_aese(t, z); + t = aes_accel_aesmc(t); + t = veorq_u8(t, k); + t = aes_accel_bswap(t); + } else { + t = aes_accel_aese(t, z); + t = aes_accel_aesmc(t); + t = veorq_u8(t, k); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesdec_IMC_accel(AESState *ret, const AESState *st, bool be) +{ + uint8x16_t t = (uint8x16_t)st->v; + + if (be) { + t = aes_accel_bswap(t); + t = aes_accel_aesimc(t); + t = aes_accel_bswap(t); + } else { + t = aes_accel_aesimc(t); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesdec_ISB_ISR_accel(AESState *ret, const AESState *st, bool be) +{ + uint8x16_t t = (uint8x16_t)st->v; + uint8x16_t z = { }; + + if (be) { + t = aes_accel_bswap(t); + t = aes_accel_aesd(t, z); + t = aes_accel_bswap(t); + } else { + t = aes_accel_aesd(t, z); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesdec_ISB_ISR_AK_IMC_accel(AESState *ret, const AESState *st, + const AESState *rk, bool be) +{ + uint8x16_t t = (uint8x16_t)st->v; + uint8x16_t k = (uint8x16_t)rk->v; + uint8x16_t z = { }; + + if (be) { + t = aes_accel_bswap(t); + k = aes_accel_bswap(k); + t = aes_accel_aesd(t, z); + t = veorq_u8(t, k); + t = aes_accel_aesimc(t); + t = aes_accel_bswap(t); + } else { + t = aes_accel_aesd(t, z); + t = veorq_u8(t, k); + t = aes_accel_aesimc(t); + } + ret->v = (AESStateVec)t; +} + +static inline void ATTR_AES_ACCEL +aesdec_ISB_ISR_IMC_AK_accel(AESState *ret, const AESState *st, + const AESState *rk, bool be) +{ + uint8x16_t t = (uint8x16_t)st->v; + uint8x16_t k = (uint8x16_t)rk->v; + uint8x16_t z = { }; + + if (be) { + t = aes_accel_bswap(t); + k = aes_accel_bswap(k); + t = aes_accel_aesd(t, z); + t = aes_accel_aesimc(t); + t = veorq_u8(t, k); + t = aes_accel_bswap(t); + } else { + t = aes_accel_aesd(t, z); + t = aes_accel_aesimc(t); + t = veorq_u8(t, k); + } + ret->v = (AESStateVec)t; +} + +#endif diff --git a/host/include/aarch64/host/cpuinfo.h b/host/include/aarch64/host/cpuinfo.h index 82227890b4..05feeb4f43 100644 --- a/host/include/aarch64/host/cpuinfo.h +++ b/host/include/aarch64/host/cpuinfo.h @@ -9,6 +9,7 @@ #define CPUINFO_ALWAYS (1u << 0) /* so cpuinfo is nonzero */ #define CPUINFO_LSE (1u << 1) #define CPUINFO_LSE2 (1u << 2) +#define CPUINFO_AES (1u << 3) /* Initialized with a constructor. */ extern unsigned cpuinfo; diff --git a/util/cpuinfo-aarch64.c b/util/cpuinfo-aarch64.c index f99acb7884..ababc39550 100644 --- a/util/cpuinfo-aarch64.c +++ b/util/cpuinfo-aarch64.c @@ -56,10 +56,12 @@ unsigned __attribute__((constructor)) cpuinfo_init(void) unsigned long hwcap = qemu_getauxval(AT_HWCAP); info |= (hwcap & HWCAP_ATOMICS ? CPUINFO_LSE : 0); info |= (hwcap & HWCAP_USCAT ? CPUINFO_LSE2 : 0); + info |= (hwcap & HWCAP_AES ? CPUINFO_AES: 0); #endif #ifdef CONFIG_DARWIN info |= sysctl_for_bool("hw.optional.arm.FEAT_LSE") * CPUINFO_LSE; info |= sysctl_for_bool("hw.optional.arm.FEAT_LSE2") * CPUINFO_LSE2; + info |= sysctl_for_bool("hw.optional.arm.FEAT_AES") * CPUINFO_AES; #endif cpuinfo = info; From patchwork Sat Jun 3 02:34:23 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266045 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0074AC7EE2A for ; Sat, 3 Jun 2023 02:40:54 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7p-0004AI-HB; Fri, 02 Jun 2023 22:36:17 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6y-0000ss-8K for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:25 -0400 Received: from mail-qk1-x731.google.com ([2607:f8b0:4864:20::731]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6Y-0004wk-IH for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:23 -0400 Received: by mail-qk1-x731.google.com with SMTP id af79cd13be357-75d461874f4so645485a.0 for ; Fri, 02 Jun 2023 19:34:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759697; x=1688351697; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=QGMX7Kmh8esce5VLR2nbZ8lMlpbn5/iajAqYWdVT+94=; b=VEgbogGyphWwR5fRNqSKXpk3Y7XLQ6U5LzHpBL1tIAM2pk/QCVdHy66gevHb0EtcA7 Wp1kYJr6xOHPKSFhAYg8ZZnWUhCR4qqh2C/EZniyNQI9trGJ5Luxarr3+wxAODz7rO1t 0YtWfWnPGOLoibk+wj9koxMOvxcdjUH12aOPboP9nYTu5I9fwNDCbXqCAVM7u/i2zBN7 kKcj5yiF/G2WWpLo3KvWxEVp4AP2RDMkIRb6vdyu/P/PPhuZBJwv95JKsRv5g7jZKJjn HBcMMjWK2WWWDEk6l7Kcn4A4a4toAzPldH5sC+X+WNTu24kcfckSUTQkyMt9Avuq6uza izog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759697; x=1688351697; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QGMX7Kmh8esce5VLR2nbZ8lMlpbn5/iajAqYWdVT+94=; b=VuQ8u73jMQmT0ZJDDhpryXnqqEfwP0Bz5lpQUiXoAXohp/TQcVnuhbndueVw9+dQK/ Rwi/CLC5CsrEQWmBPdToCJXlNozxNHSwn4qss3MsqwbUcjb2JAPr1yzoI5ZL5JnTE3sO GhEJdb8Z5McMd5QP90bfbV6meIggBKz+whny9A/wFflfy+EIz6idPyuvAhwF0JPhriYo kwYXlue+J+Z7ISu+KACdFz70fYtP9dabQ7dz332dkTbJH03l220IpoCMdyOleuAjjIn/ dNDf47QMga/4pwE95pa9S72UmN5s3kVJPYOygwwpdFIP6waOwon6Gwxbrstmoa5jKKvl 6h3g== X-Gm-Message-State: AC+VfDzZjo3HRfKrWQUQ9GbpxS3bDwIiJZPe67+UUnsdU2Hv/sZXabbY ndM/Lv+H2gedEoJ0p6FPjARFypnUyXSTkVxmHno= X-Google-Smtp-Source: ACHHUZ5q5d9Twhi5lqybwORdng92xbp6OulV8u/ald9G05JjSlw0eQctLhbadIcilRMQiXIcO2PtZg== X-Received: by 2002:a05:620a:3956:b0:75b:23a0:decf with SMTP id qs22-20020a05620a395600b0075b23a0decfmr17215772qkn.77.1685759696862; Fri, 02 Jun 2023 19:34:56 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:56 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 32/35] crypto: Remove AES_shifts, AES_ishifts Date: Fri, 2 Jun 2023 19:34:23 -0700 Message-Id: <20230603023426.1064431-33-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::731; envelope-from=richard.henderson@linaro.org; helo=mail-qk1-x731.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org These arrays are no longer used, replaced by AES_SH_*, AES_ISH_*. Signed-off-by: Richard Henderson --- include/crypto/aes.h | 4 ---- crypto/aes.c | 14 -------------- 2 files changed, 18 deletions(-) diff --git a/include/crypto/aes.h b/include/crypto/aes.h index 24b073d569..aa8b54065d 100644 --- a/include/crypto/aes.h +++ b/include/crypto/aes.h @@ -30,10 +30,6 @@ void AES_decrypt(const unsigned char *in, unsigned char *out, extern const uint8_t AES_sbox[256]; extern const uint8_t AES_isbox[256]; -/* AES ShiftRows and InvShiftRows */ -extern const uint8_t AES_shifts[16]; -extern const uint8_t AES_ishifts[16]; - /* AES MixColumns, for use with rot32. */ extern const uint32_t AES_mc_rot[256]; diff --git a/crypto/aes.c b/crypto/aes.c index c0e4bc5580..4438d4dcdc 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -131,13 +131,6 @@ enum { AES_SH_F = 0xb, }; -const uint8_t AES_shifts[16] = { - AES_SH_0, AES_SH_1, AES_SH_2, AES_SH_3, - AES_SH_4, AES_SH_5, AES_SH_6, AES_SH_7, - AES_SH_8, AES_SH_9, AES_SH_A, AES_SH_B, - AES_SH_C, AES_SH_D, AES_SH_E, AES_SH_F, -}; - /* AES InvShiftRows, for complete unrolling. */ enum { AES_ISH_0 = 0x0, @@ -158,13 +151,6 @@ enum { AES_ISH_F = 0x3, }; -const uint8_t AES_ishifts[16] = { - AES_ISH_0, AES_ISH_1, AES_ISH_2, AES_ISH_3, - AES_ISH_4, AES_ISH_5, AES_ISH_6, AES_ISH_7, - AES_ISH_8, AES_ISH_9, AES_ISH_A, AES_ISH_B, - AES_ISH_C, AES_ISH_D, AES_ISH_E, AES_ISH_F, -}; - /* * MixColumns lookup table, for use with rot32. * From Arm ARM pseudocode. From patchwork Sat Jun 3 02:34:24 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266042 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C6BC6C7EE29 for ; Sat, 3 Jun 2023 02:40:25 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7o-00045T-J5; Fri, 02 Jun 2023 22:36:16 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H6z-0000vG-N7 for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:27 -0400 Received: from mail-oo1-xc2a.google.com ([2607:f8b0:4864:20::c2a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6Z-0004hU-4Q for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:25 -0400 Received: by mail-oo1-xc2a.google.com with SMTP id 006d021491bc7-5585f2f070bso1976148eaf.0 for ; Fri, 02 Jun 2023 19:34:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759698; x=1688351698; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=1mv65yNQBKfmXk/1RwKfHXFoTLsAO9uOSejtwcDxftk=; b=xFjVBowNsUokOTOx0vKDL21/yd7TvEYnuulS2RLvbeWbtteiUgQDR3Gvwlbb+LgiKE 7QK+3Q2eHM0/o9/Vpb06aexLd6GzW93iOPnjIgnCaWNy92mCZ0AFqOoztavJlztTTO32 2jyXUSwgSPIpaUJLfSnChosuoRnkS6HBMQpLi4F6DQLRoH4JRGWx7xYjR6QQIu6+rrLd 1iL9GMAx1MxzWKb/nmsxksP928Rk/5J8kynkv8punKQzX3OGlBHOqPvhplnzsjRpj1Wx uz9LQNPGC6XfNy7Ndsj8tyI/uKd2WPbB31O2ydwquAgOPmNhiG6OXwN3lHL+g4jUhEX4 TIRw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759698; x=1688351698; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1mv65yNQBKfmXk/1RwKfHXFoTLsAO9uOSejtwcDxftk=; b=F+fbtyXvoLCbt4rHgi3uFhggGBI+FzGoJw9w5k9er1Uj3lHNcbpvf0eI1UTsGfoOpn 0LKjYla4i70bA7GfiG4bG6F5Rd5Lo+YqA89GJ/BRAxZyFg59Cym+xHsUzxuhYY0tJuyd I1DWRGK5JlZ+/S0RRFNyG8823iBcR571fYLdVceSNUDrPyAlVEh7h8V2A8TVIw275BNu H7oE+Oirjos2NHp7F6MjorUFJC3+LlEDF1ax82fHJdD+m8txETeLd6EX306bURwZxf+l pxlF1GausmJSPsNrCPUtA32TrQC6AesXBVjOJzf9y+iw40c4SxC6HJvIXYc6wLJaoaaD JxHQ== X-Gm-Message-State: AC+VfDwKSaZ41gArV0cj6r8crXCx9M5LH/ELDLJ58sBBg/RF/jJk9My8 JzZlQEyf7xpxCOjXiCGi/xIunQqGL+gSHXHlZvY= X-Google-Smtp-Source: ACHHUZ6b7rPsIc0Xsuz9ezjJe35Jlwoys51qYU7deD6jVYX6rmFU285siak+YOvgmmxMaMzor1Eq0w== X-Received: by 2002:a05:6358:e497:b0:123:1637:45d1 with SMTP id by23-20020a056358e49700b00123163745d1mr13082108rwb.14.1685759698318; Fri, 02 Jun 2023 19:34:58 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:57 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 33/35] crypto: Implement aesdec_IMC with AES_imc_rot Date: Fri, 2 Jun 2023 19:34:24 -0700 Message-Id: <20230603023426.1064431-34-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::c2a; envelope-from=richard.henderson@linaro.org; helo=mail-oo1-xc2a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This method uses one uint32_t * 256 table instead of 4, which means its data cache overhead is less. Signed-off-by: Richard Henderson --- crypto/aes.c | 41 ++++++++++++++++++++--------------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/crypto/aes.c b/crypto/aes.c index 4438d4dcdc..914ccf38ef 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -1453,39 +1453,38 @@ aesdec_IMC_swap(AESState *r, const AESState *st, bool swap) bool be = HOST_BIG_ENDIAN ^ swap; uint32_t t; - /* Note that AES_imc is encoded for big-endian. */ - t = (AES_imc[st->b[swap_b ^ 0x0]][0] ^ - AES_imc[st->b[swap_b ^ 0x1]][1] ^ - AES_imc[st->b[swap_b ^ 0x2]][2] ^ - AES_imc[st->b[swap_b ^ 0x3]][3]); - if (!be) { + t = ( AES_imc_rot[st->b[swap_b ^ 0x0]] ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0x1]], 8) ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0x2]], 16) ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0x3]], 24)); + if (be) { t = bswap32(t); } r->w[swap_w ^ 0] = t; - t = (AES_imc[st->b[swap_b ^ 0x4]][0] ^ - AES_imc[st->b[swap_b ^ 0x5]][1] ^ - AES_imc[st->b[swap_b ^ 0x6]][2] ^ - AES_imc[st->b[swap_b ^ 0x7]][3]); - if (!be) { + t = ( AES_imc_rot[st->b[swap_b ^ 0x4]] ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0x5]], 8) ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0x6]], 16) ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0x7]], 24)); + if (be) { t = bswap32(t); } r->w[swap_w ^ 1] = t; - t = (AES_imc[st->b[swap_b ^ 0x8]][0] ^ - AES_imc[st->b[swap_b ^ 0x9]][1] ^ - AES_imc[st->b[swap_b ^ 0xA]][2] ^ - AES_imc[st->b[swap_b ^ 0xB]][3]); - if (!be) { + t = ( AES_imc_rot[st->b[swap_b ^ 0x8]] ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0x9]], 8) ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0xA]], 16) ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0xB]], 24)); + if (be) { t = bswap32(t); } r->w[swap_w ^ 2] = t; - t = (AES_imc[st->b[swap_b ^ 0xC]][0] ^ - AES_imc[st->b[swap_b ^ 0xD]][1] ^ - AES_imc[st->b[swap_b ^ 0xE]][2] ^ - AES_imc[st->b[swap_b ^ 0xF]][3]); - if (!be) { + t = ( AES_imc_rot[st->b[swap_b ^ 0xC]] ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0xD]], 8) ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0xE]], 16) ^ + rol32(AES_imc_rot[st->b[swap_b ^ 0xF]], 24)); + if (be) { t = bswap32(t); } r->w[swap_w ^ 3] = t; From patchwork Sat Jun 3 02:34:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266046 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B7D32C7EE2A for ; Sat, 3 Jun 2023 02:40:57 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7r-0004GB-7H; Fri, 02 Jun 2023 22:36:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H72-0000wq-1f for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:28 -0400 Received: from mail-ot1-x32f.google.com ([2607:f8b0:4864:20::32f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6a-0004yU-Fv for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:27 -0400 Received: by mail-ot1-x32f.google.com with SMTP id 46e09a7af769-6af6f83fc49so2603172a34.3 for ; Fri, 02 Jun 2023 19:35:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759699; x=1688351699; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=sYzMB9fj08x06v/LDSuU5FGyyv+vrNPIknfj+PBugOU=; b=oyZIVeLyts6d6d/zVAUp3x217gcQyI4jFsSpEgqTnTG9uK6PpPivtWhDngBslX91t0 XJJsF4nk7m+mn4m9/zXTISBuBND2t4j7e32vYA4BX4FAhU+GXyafPnyf5O38UXZUh1lf 7KDXdqlAoMBsSNq0iID1DE2n2/xAEFSfdEj+TPwooi6gd+sMjZt90X8o5h2O5MTszAiH b+jsKPC1IjAsQ8jcYB7Gt9Rw8SGXQU7rKqDdsAlwiPiWFdEAkccLCqBPrfX17aiDeuxw B9mvOZYg6r2J0YHxgYEM+GtKq3w+aUwnXQEF08+FqTYEyyoyDlbitnS5X0ZfavbadPdm k2cA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759699; x=1688351699; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sYzMB9fj08x06v/LDSuU5FGyyv+vrNPIknfj+PBugOU=; b=A1dtiGozE3RXcvo64XOietxfd9pWjPrkRVNaKjB1+wTedetzfmHBSaZQI+KitP6+RL ddQi1xU2M4GfctZhx89Yg3fs8FVcyts0xrMf7QL/3uvpJw2k5uO3NT+gdHnQuhH9tj2S JTARNx2savpebXoIXVSbbjEIjKdpdyTSRsSKK/qcXw7hWDc31rKSBv9PrbnPZWAiA4QS DkBqhOyQJxznPv5EaNjJ83vLh2ISXQf8pyaY2dx396VgqeXuf7+a0LA+B2XkJqw2PDsl PY8Qb5H8fTpAGRCsVEfGffIjO9BVAsMFGxE09y/M0A8wJ4BXCaFa3/c+v7hJmTgFxEcZ 57cw== X-Gm-Message-State: AC+VfDx/SQAmEKAjgp2EZAFV8J5Bsb1US+h03c20khlQVZiJ2vKOyXCe PeDuT2L09ETx8cKb303zPpJcy019FfxPQpcUPQY= X-Google-Smtp-Source: ACHHUZ6YIAo0UBhd4Ia+bHqyGmNv/I3Ax7+HRk3+BCvE90fz9az+DaRAoZEAVuOeS+wrQWjxatVv/Q== X-Received: by 2002:a05:6358:720d:b0:123:30f2:a07f with SMTP id h13-20020a056358720d00b0012330f2a07fmr16148902rwa.26.1685759699167; Fri, 02 Jun 2023 19:34:59 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:58 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 34/35] crypto: Remove AES_imc Date: Fri, 2 Jun 2023 19:34:25 -0700 Message-Id: <20230603023426.1064431-35-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::32f; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x32f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This array is no longer used. Signed-off-by: Richard Henderson --- include/crypto/aes.h | 7 -- crypto/aes.c | 264 ------------------------------------------- 2 files changed, 271 deletions(-) diff --git a/include/crypto/aes.h b/include/crypto/aes.h index aa8b54065d..99209f51b9 100644 --- a/include/crypto/aes.h +++ b/include/crypto/aes.h @@ -36,13 +36,6 @@ extern const uint32_t AES_mc_rot[256]; /* AES InvMixColumns, for use with rot32. */ extern const uint32_t AES_imc_rot[256]; -/* AES InvMixColumns */ -/* AES_imc[x][0] = [x].[0e, 09, 0d, 0b]; */ -/* AES_imc[x][1] = [x].[0b, 0e, 09, 0d]; */ -/* AES_imc[x][2] = [x].[0d, 0b, 0e, 09]; */ -/* AES_imc[x][3] = [x].[09, 0d, 0b, 0e]; */ -extern const uint32_t AES_imc[256][4]; - /* AES_Te0[x] = S [x].[02, 01, 01, 03]; AES_Te1[x] = S [x].[03, 02, 01, 01]; diff --git a/crypto/aes.c b/crypto/aes.c index 914ccf38ef..4d84bef520 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -293,270 +293,6 @@ const uint32_t AES_imc_rot[256] = { 0xbe805d9f, 0xb58d5491, 0xa89a4f83, 0xa397468d, }; -/* AES_imc[x][0] = [x].[0e, 09, 0d, 0b]; */ -/* AES_imc[x][1] = [x].[0b, 0e, 09, 0d]; */ -/* AES_imc[x][2] = [x].[0d, 0b, 0e, 09]; */ -/* AES_imc[x][3] = [x].[09, 0d, 0b, 0e]; */ -const uint32_t AES_imc[256][4] = { - { 0x00000000, 0x00000000, 0x00000000, 0x00000000, }, /* x=00 */ - { 0x0E090D0B, 0x0B0E090D, 0x0D0B0E09, 0x090D0B0E, }, /* x=01 */ - { 0x1C121A16, 0x161C121A, 0x1A161C12, 0x121A161C, }, /* x=02 */ - { 0x121B171D, 0x1D121B17, 0x171D121B, 0x1B171D12, }, /* x=03 */ - { 0x3824342C, 0x2C382434, 0x342C3824, 0x24342C38, }, /* x=04 */ - { 0x362D3927, 0x27362D39, 0x3927362D, 0x2D392736, }, /* x=05 */ - { 0x24362E3A, 0x3A24362E, 0x2E3A2436, 0x362E3A24, }, /* x=06 */ - { 0x2A3F2331, 0x312A3F23, 0x23312A3F, 0x3F23312A, }, /* x=07 */ - { 0x70486858, 0x58704868, 0x68587048, 0x48685870, }, /* x=08 */ - { 0x7E416553, 0x537E4165, 0x65537E41, 0x4165537E, }, /* x=09 */ - { 0x6C5A724E, 0x4E6C5A72, 0x724E6C5A, 0x5A724E6C, }, /* x=0A */ - { 0x62537F45, 0x4562537F, 0x7F456253, 0x537F4562, }, /* x=0B */ - { 0x486C5C74, 0x74486C5C, 0x5C74486C, 0x6C5C7448, }, /* x=0C */ - { 0x4665517F, 0x7F466551, 0x517F4665, 0x65517F46, }, /* x=0D */ - { 0x547E4662, 0x62547E46, 0x4662547E, 0x7E466254, }, /* x=0E */ - { 0x5A774B69, 0x695A774B, 0x4B695A77, 0x774B695A, }, /* x=0F */ - { 0xE090D0B0, 0xB0E090D0, 0xD0B0E090, 0x90D0B0E0, }, /* x=10 */ - { 0xEE99DDBB, 0xBBEE99DD, 0xDDBBEE99, 0x99DDBBEE, }, /* x=11 */ - { 0xFC82CAA6, 0xA6FC82CA, 0xCAA6FC82, 0x82CAA6FC, }, /* x=12 */ - { 0xF28BC7AD, 0xADF28BC7, 0xC7ADF28B, 0x8BC7ADF2, }, /* x=13 */ - { 0xD8B4E49C, 0x9CD8B4E4, 0xE49CD8B4, 0xB4E49CD8, }, /* x=14 */ - { 0xD6BDE997, 0x97D6BDE9, 0xE997D6BD, 0xBDE997D6, }, /* x=15 */ - { 0xC4A6FE8A, 0x8AC4A6FE, 0xFE8AC4A6, 0xA6FE8AC4, }, /* x=16 */ - { 0xCAAFF381, 0x81CAAFF3, 0xF381CAAF, 0xAFF381CA, }, /* x=17 */ - { 0x90D8B8E8, 0xE890D8B8, 0xB8E890D8, 0xD8B8E890, }, /* x=18 */ - { 0x9ED1B5E3, 0xE39ED1B5, 0xB5E39ED1, 0xD1B5E39E, }, /* x=19 */ - { 0x8CCAA2FE, 0xFE8CCAA2, 0xA2FE8CCA, 0xCAA2FE8C, }, /* x=1A */ - { 0x82C3AFF5, 0xF582C3AF, 0xAFF582C3, 0xC3AFF582, }, /* x=1B */ - { 0xA8FC8CC4, 0xC4A8FC8C, 0x8CC4A8FC, 0xFC8CC4A8, }, /* x=1C */ - { 0xA6F581CF, 0xCFA6F581, 0x81CFA6F5, 0xF581CFA6, }, /* x=1D */ - { 0xB4EE96D2, 0xD2B4EE96, 0x96D2B4EE, 0xEE96D2B4, }, /* x=1E */ - { 0xBAE79BD9, 0xD9BAE79B, 0x9BD9BAE7, 0xE79BD9BA, }, /* x=1F */ - { 0xDB3BBB7B, 0x7BDB3BBB, 0xBB7BDB3B, 0x3BBB7BDB, }, /* x=20 */ - { 0xD532B670, 0x70D532B6, 0xB670D532, 0x32B670D5, }, /* x=21 */ - { 0xC729A16D, 0x6DC729A1, 0xA16DC729, 0x29A16DC7, }, /* x=22 */ - { 0xC920AC66, 0x66C920AC, 0xAC66C920, 0x20AC66C9, }, /* x=23 */ - { 0xE31F8F57, 0x57E31F8F, 0x8F57E31F, 0x1F8F57E3, }, /* x=24 */ - { 0xED16825C, 0x5CED1682, 0x825CED16, 0x16825CED, }, /* x=25 */ - { 0xFF0D9541, 0x41FF0D95, 0x9541FF0D, 0x0D9541FF, }, /* x=26 */ - { 0xF104984A, 0x4AF10498, 0x984AF104, 0x04984AF1, }, /* x=27 */ - { 0xAB73D323, 0x23AB73D3, 0xD323AB73, 0x73D323AB, }, /* x=28 */ - { 0xA57ADE28, 0x28A57ADE, 0xDE28A57A, 0x7ADE28A5, }, /* x=29 */ - { 0xB761C935, 0x35B761C9, 0xC935B761, 0x61C935B7, }, /* x=2A */ - { 0xB968C43E, 0x3EB968C4, 0xC43EB968, 0x68C43EB9, }, /* x=2B */ - { 0x9357E70F, 0x0F9357E7, 0xE70F9357, 0x57E70F93, }, /* x=2C */ - { 0x9D5EEA04, 0x049D5EEA, 0xEA049D5E, 0x5EEA049D, }, /* x=2D */ - { 0x8F45FD19, 0x198F45FD, 0xFD198F45, 0x45FD198F, }, /* x=2E */ - { 0x814CF012, 0x12814CF0, 0xF012814C, 0x4CF01281, }, /* x=2F */ - { 0x3BAB6BCB, 0xCB3BAB6B, 0x6BCB3BAB, 0xAB6BCB3B, }, /* x=30 */ - { 0x35A266C0, 0xC035A266, 0x66C035A2, 0xA266C035, }, /* x=31 */ - { 0x27B971DD, 0xDD27B971, 0x71DD27B9, 0xB971DD27, }, /* x=32 */ - { 0x29B07CD6, 0xD629B07C, 0x7CD629B0, 0xB07CD629, }, /* x=33 */ - { 0x038F5FE7, 0xE7038F5F, 0x5FE7038F, 0x8F5FE703, }, /* x=34 */ - { 0x0D8652EC, 0xEC0D8652, 0x52EC0D86, 0x8652EC0D, }, /* x=35 */ - { 0x1F9D45F1, 0xF11F9D45, 0x45F11F9D, 0x9D45F11F, }, /* x=36 */ - { 0x119448FA, 0xFA119448, 0x48FA1194, 0x9448FA11, }, /* x=37 */ - { 0x4BE30393, 0x934BE303, 0x03934BE3, 0xE303934B, }, /* x=38 */ - { 0x45EA0E98, 0x9845EA0E, 0x0E9845EA, 0xEA0E9845, }, /* x=39 */ - { 0x57F11985, 0x8557F119, 0x198557F1, 0xF1198557, }, /* x=3A */ - { 0x59F8148E, 0x8E59F814, 0x148E59F8, 0xF8148E59, }, /* x=3B */ - { 0x73C737BF, 0xBF73C737, 0x37BF73C7, 0xC737BF73, }, /* x=3C */ - { 0x7DCE3AB4, 0xB47DCE3A, 0x3AB47DCE, 0xCE3AB47D, }, /* x=3D */ - { 0x6FD52DA9, 0xA96FD52D, 0x2DA96FD5, 0xD52DA96F, }, /* x=3E */ - { 0x61DC20A2, 0xA261DC20, 0x20A261DC, 0xDC20A261, }, /* x=3F */ - { 0xAD766DF6, 0xF6AD766D, 0x6DF6AD76, 0x766DF6AD, }, /* x=40 */ - { 0xA37F60FD, 0xFDA37F60, 0x60FDA37F, 0x7F60FDA3, }, /* x=41 */ - { 0xB16477E0, 0xE0B16477, 0x77E0B164, 0x6477E0B1, }, /* x=42 */ - { 0xBF6D7AEB, 0xEBBF6D7A, 0x7AEBBF6D, 0x6D7AEBBF, }, /* x=43 */ - { 0x955259DA, 0xDA955259, 0x59DA9552, 0x5259DA95, }, /* x=44 */ - { 0x9B5B54D1, 0xD19B5B54, 0x54D19B5B, 0x5B54D19B, }, /* x=45 */ - { 0x894043CC, 0xCC894043, 0x43CC8940, 0x4043CC89, }, /* x=46 */ - { 0x87494EC7, 0xC787494E, 0x4EC78749, 0x494EC787, }, /* x=47 */ - { 0xDD3E05AE, 0xAEDD3E05, 0x05AEDD3E, 0x3E05AEDD, }, /* x=48 */ - { 0xD33708A5, 0xA5D33708, 0x08A5D337, 0x3708A5D3, }, /* x=49 */ - { 0xC12C1FB8, 0xB8C12C1F, 0x1FB8C12C, 0x2C1FB8C1, }, /* x=4A */ - { 0xCF2512B3, 0xB3CF2512, 0x12B3CF25, 0x2512B3CF, }, /* x=4B */ - { 0xE51A3182, 0x82E51A31, 0x3182E51A, 0x1A3182E5, }, /* x=4C */ - { 0xEB133C89, 0x89EB133C, 0x3C89EB13, 0x133C89EB, }, /* x=4D */ - { 0xF9082B94, 0x94F9082B, 0x2B94F908, 0x082B94F9, }, /* x=4E */ - { 0xF701269F, 0x9FF70126, 0x269FF701, 0x01269FF7, }, /* x=4F */ - { 0x4DE6BD46, 0x464DE6BD, 0xBD464DE6, 0xE6BD464D, }, /* x=50 */ - { 0x43EFB04D, 0x4D43EFB0, 0xB04D43EF, 0xEFB04D43, }, /* x=51 */ - { 0x51F4A750, 0x5051F4A7, 0xA75051F4, 0xF4A75051, }, /* x=52 */ - { 0x5FFDAA5B, 0x5B5FFDAA, 0xAA5B5FFD, 0xFDAA5B5F, }, /* x=53 */ - { 0x75C2896A, 0x6A75C289, 0x896A75C2, 0xC2896A75, }, /* x=54 */ - { 0x7BCB8461, 0x617BCB84, 0x84617BCB, 0xCB84617B, }, /* x=55 */ - { 0x69D0937C, 0x7C69D093, 0x937C69D0, 0xD0937C69, }, /* x=56 */ - { 0x67D99E77, 0x7767D99E, 0x9E7767D9, 0xD99E7767, }, /* x=57 */ - { 0x3DAED51E, 0x1E3DAED5, 0xD51E3DAE, 0xAED51E3D, }, /* x=58 */ - { 0x33A7D815, 0x1533A7D8, 0xD81533A7, 0xA7D81533, }, /* x=59 */ - { 0x21BCCF08, 0x0821BCCF, 0xCF0821BC, 0xBCCF0821, }, /* x=5A */ - { 0x2FB5C203, 0x032FB5C2, 0xC2032FB5, 0xB5C2032F, }, /* x=5B */ - { 0x058AE132, 0x32058AE1, 0xE132058A, 0x8AE13205, }, /* x=5C */ - { 0x0B83EC39, 0x390B83EC, 0xEC390B83, 0x83EC390B, }, /* x=5D */ - { 0x1998FB24, 0x241998FB, 0xFB241998, 0x98FB2419, }, /* x=5E */ - { 0x1791F62F, 0x2F1791F6, 0xF62F1791, 0x91F62F17, }, /* x=5F */ - { 0x764DD68D, 0x8D764DD6, 0xD68D764D, 0x4DD68D76, }, /* x=60 */ - { 0x7844DB86, 0x867844DB, 0xDB867844, 0x44DB8678, }, /* x=61 */ - { 0x6A5FCC9B, 0x9B6A5FCC, 0xCC9B6A5F, 0x5FCC9B6A, }, /* x=62 */ - { 0x6456C190, 0x906456C1, 0xC1906456, 0x56C19064, }, /* x=63 */ - { 0x4E69E2A1, 0xA14E69E2, 0xE2A14E69, 0x69E2A14E, }, /* x=64 */ - { 0x4060EFAA, 0xAA4060EF, 0xEFAA4060, 0x60EFAA40, }, /* x=65 */ - { 0x527BF8B7, 0xB7527BF8, 0xF8B7527B, 0x7BF8B752, }, /* x=66 */ - { 0x5C72F5BC, 0xBC5C72F5, 0xF5BC5C72, 0x72F5BC5C, }, /* x=67 */ - { 0x0605BED5, 0xD50605BE, 0xBED50605, 0x05BED506, }, /* x=68 */ - { 0x080CB3DE, 0xDE080CB3, 0xB3DE080C, 0x0CB3DE08, }, /* x=69 */ - { 0x1A17A4C3, 0xC31A17A4, 0xA4C31A17, 0x17A4C31A, }, /* x=6A */ - { 0x141EA9C8, 0xC8141EA9, 0xA9C8141E, 0x1EA9C814, }, /* x=6B */ - { 0x3E218AF9, 0xF93E218A, 0x8AF93E21, 0x218AF93E, }, /* x=6C */ - { 0x302887F2, 0xF2302887, 0x87F23028, 0x2887F230, }, /* x=6D */ - { 0x223390EF, 0xEF223390, 0x90EF2233, 0x3390EF22, }, /* x=6E */ - { 0x2C3A9DE4, 0xE42C3A9D, 0x9DE42C3A, 0x3A9DE42C, }, /* x=6F */ - { 0x96DD063D, 0x3D96DD06, 0x063D96DD, 0xDD063D96, }, /* x=70 */ - { 0x98D40B36, 0x3698D40B, 0x0B3698D4, 0xD40B3698, }, /* x=71 */ - { 0x8ACF1C2B, 0x2B8ACF1C, 0x1C2B8ACF, 0xCF1C2B8A, }, /* x=72 */ - { 0x84C61120, 0x2084C611, 0x112084C6, 0xC6112084, }, /* x=73 */ - { 0xAEF93211, 0x11AEF932, 0x3211AEF9, 0xF93211AE, }, /* x=74 */ - { 0xA0F03F1A, 0x1AA0F03F, 0x3F1AA0F0, 0xF03F1AA0, }, /* x=75 */ - { 0xB2EB2807, 0x07B2EB28, 0x2807B2EB, 0xEB2807B2, }, /* x=76 */ - { 0xBCE2250C, 0x0CBCE225, 0x250CBCE2, 0xE2250CBC, }, /* x=77 */ - { 0xE6956E65, 0x65E6956E, 0x6E65E695, 0x956E65E6, }, /* x=78 */ - { 0xE89C636E, 0x6EE89C63, 0x636EE89C, 0x9C636EE8, }, /* x=79 */ - { 0xFA877473, 0x73FA8774, 0x7473FA87, 0x877473FA, }, /* x=7A */ - { 0xF48E7978, 0x78F48E79, 0x7978F48E, 0x8E7978F4, }, /* x=7B */ - { 0xDEB15A49, 0x49DEB15A, 0x5A49DEB1, 0xB15A49DE, }, /* x=7C */ - { 0xD0B85742, 0x42D0B857, 0x5742D0B8, 0xB85742D0, }, /* x=7D */ - { 0xC2A3405F, 0x5FC2A340, 0x405FC2A3, 0xA3405FC2, }, /* x=7E */ - { 0xCCAA4D54, 0x54CCAA4D, 0x4D54CCAA, 0xAA4D54CC, }, /* x=7F */ - { 0x41ECDAF7, 0xF741ECDA, 0xDAF741EC, 0xECDAF741, }, /* x=80 */ - { 0x4FE5D7FC, 0xFC4FE5D7, 0xD7FC4FE5, 0xE5D7FC4F, }, /* x=81 */ - { 0x5DFEC0E1, 0xE15DFEC0, 0xC0E15DFE, 0xFEC0E15D, }, /* x=82 */ - { 0x53F7CDEA, 0xEA53F7CD, 0xCDEA53F7, 0xF7CDEA53, }, /* x=83 */ - { 0x79C8EEDB, 0xDB79C8EE, 0xEEDB79C8, 0xC8EEDB79, }, /* x=84 */ - { 0x77C1E3D0, 0xD077C1E3, 0xE3D077C1, 0xC1E3D077, }, /* x=85 */ - { 0x65DAF4CD, 0xCD65DAF4, 0xF4CD65DA, 0xDAF4CD65, }, /* x=86 */ - { 0x6BD3F9C6, 0xC66BD3F9, 0xF9C66BD3, 0xD3F9C66B, }, /* x=87 */ - { 0x31A4B2AF, 0xAF31A4B2, 0xB2AF31A4, 0xA4B2AF31, }, /* x=88 */ - { 0x3FADBFA4, 0xA43FADBF, 0xBFA43FAD, 0xADBFA43F, }, /* x=89 */ - { 0x2DB6A8B9, 0xB92DB6A8, 0xA8B92DB6, 0xB6A8B92D, }, /* x=8A */ - { 0x23BFA5B2, 0xB223BFA5, 0xA5B223BF, 0xBFA5B223, }, /* x=8B */ - { 0x09808683, 0x83098086, 0x86830980, 0x80868309, }, /* x=8C */ - { 0x07898B88, 0x8807898B, 0x8B880789, 0x898B8807, }, /* x=8D */ - { 0x15929C95, 0x9515929C, 0x9C951592, 0x929C9515, }, /* x=8E */ - { 0x1B9B919E, 0x9E1B9B91, 0x919E1B9B, 0x9B919E1B, }, /* x=8F */ - { 0xA17C0A47, 0x47A17C0A, 0x0A47A17C, 0x7C0A47A1, }, /* x=90 */ - { 0xAF75074C, 0x4CAF7507, 0x074CAF75, 0x75074CAF, }, /* x=91 */ - { 0xBD6E1051, 0x51BD6E10, 0x1051BD6E, 0x6E1051BD, }, /* x=92 */ - { 0xB3671D5A, 0x5AB3671D, 0x1D5AB367, 0x671D5AB3, }, /* x=93 */ - { 0x99583E6B, 0x6B99583E, 0x3E6B9958, 0x583E6B99, }, /* x=94 */ - { 0x97513360, 0x60975133, 0x33609751, 0x51336097, }, /* x=95 */ - { 0x854A247D, 0x7D854A24, 0x247D854A, 0x4A247D85, }, /* x=96 */ - { 0x8B432976, 0x768B4329, 0x29768B43, 0x4329768B, }, /* x=97 */ - { 0xD134621F, 0x1FD13462, 0x621FD134, 0x34621FD1, }, /* x=98 */ - { 0xDF3D6F14, 0x14DF3D6F, 0x6F14DF3D, 0x3D6F14DF, }, /* x=99 */ - { 0xCD267809, 0x09CD2678, 0x7809CD26, 0x267809CD, }, /* x=9A */ - { 0xC32F7502, 0x02C32F75, 0x7502C32F, 0x2F7502C3, }, /* x=9B */ - { 0xE9105633, 0x33E91056, 0x5633E910, 0x105633E9, }, /* x=9C */ - { 0xE7195B38, 0x38E7195B, 0x5B38E719, 0x195B38E7, }, /* x=9D */ - { 0xF5024C25, 0x25F5024C, 0x4C25F502, 0x024C25F5, }, /* x=9E */ - { 0xFB0B412E, 0x2EFB0B41, 0x412EFB0B, 0x0B412EFB, }, /* x=9F */ - { 0x9AD7618C, 0x8C9AD761, 0x618C9AD7, 0xD7618C9A, }, /* x=A0 */ - { 0x94DE6C87, 0x8794DE6C, 0x6C8794DE, 0xDE6C8794, }, /* x=A1 */ - { 0x86C57B9A, 0x9A86C57B, 0x7B9A86C5, 0xC57B9A86, }, /* x=A2 */ - { 0x88CC7691, 0x9188CC76, 0x769188CC, 0xCC769188, }, /* x=A3 */ - { 0xA2F355A0, 0xA0A2F355, 0x55A0A2F3, 0xF355A0A2, }, /* x=A4 */ - { 0xACFA58AB, 0xABACFA58, 0x58ABACFA, 0xFA58ABAC, }, /* x=A5 */ - { 0xBEE14FB6, 0xB6BEE14F, 0x4FB6BEE1, 0xE14FB6BE, }, /* x=A6 */ - { 0xB0E842BD, 0xBDB0E842, 0x42BDB0E8, 0xE842BDB0, }, /* x=A7 */ - { 0xEA9F09D4, 0xD4EA9F09, 0x09D4EA9F, 0x9F09D4EA, }, /* x=A8 */ - { 0xE49604DF, 0xDFE49604, 0x04DFE496, 0x9604DFE4, }, /* x=A9 */ - { 0xF68D13C2, 0xC2F68D13, 0x13C2F68D, 0x8D13C2F6, }, /* x=AA */ - { 0xF8841EC9, 0xC9F8841E, 0x1EC9F884, 0x841EC9F8, }, /* x=AB */ - { 0xD2BB3DF8, 0xF8D2BB3D, 0x3DF8D2BB, 0xBB3DF8D2, }, /* x=AC */ - { 0xDCB230F3, 0xF3DCB230, 0x30F3DCB2, 0xB230F3DC, }, /* x=AD */ - { 0xCEA927EE, 0xEECEA927, 0x27EECEA9, 0xA927EECE, }, /* x=AE */ - { 0xC0A02AE5, 0xE5C0A02A, 0x2AE5C0A0, 0xA02AE5C0, }, /* x=AF */ - { 0x7A47B13C, 0x3C7A47B1, 0xB13C7A47, 0x47B13C7A, }, /* x=B0 */ - { 0x744EBC37, 0x37744EBC, 0xBC37744E, 0x4EBC3774, }, /* x=B1 */ - { 0x6655AB2A, 0x2A6655AB, 0xAB2A6655, 0x55AB2A66, }, /* x=B2 */ - { 0x685CA621, 0x21685CA6, 0xA621685C, 0x5CA62168, }, /* x=B3 */ - { 0x42638510, 0x10426385, 0x85104263, 0x63851042, }, /* x=B4 */ - { 0x4C6A881B, 0x1B4C6A88, 0x881B4C6A, 0x6A881B4C, }, /* x=B5 */ - { 0x5E719F06, 0x065E719F, 0x9F065E71, 0x719F065E, }, /* x=B6 */ - { 0x5078920D, 0x0D507892, 0x920D5078, 0x78920D50, }, /* x=B7 */ - { 0x0A0FD964, 0x640A0FD9, 0xD9640A0F, 0x0FD9640A, }, /* x=B8 */ - { 0x0406D46F, 0x6F0406D4, 0xD46F0406, 0x06D46F04, }, /* x=B9 */ - { 0x161DC372, 0x72161DC3, 0xC372161D, 0x1DC37216, }, /* x=BA */ - { 0x1814CE79, 0x791814CE, 0xCE791814, 0x14CE7918, }, /* x=BB */ - { 0x322BED48, 0x48322BED, 0xED48322B, 0x2BED4832, }, /* x=BC */ - { 0x3C22E043, 0x433C22E0, 0xE0433C22, 0x22E0433C, }, /* x=BD */ - { 0x2E39F75E, 0x5E2E39F7, 0xF75E2E39, 0x39F75E2E, }, /* x=BE */ - { 0x2030FA55, 0x552030FA, 0xFA552030, 0x30FA5520, }, /* x=BF */ - { 0xEC9AB701, 0x01EC9AB7, 0xB701EC9A, 0x9AB701EC, }, /* x=C0 */ - { 0xE293BA0A, 0x0AE293BA, 0xBA0AE293, 0x93BA0AE2, }, /* x=C1 */ - { 0xF088AD17, 0x17F088AD, 0xAD17F088, 0x88AD17F0, }, /* x=C2 */ - { 0xFE81A01C, 0x1CFE81A0, 0xA01CFE81, 0x81A01CFE, }, /* x=C3 */ - { 0xD4BE832D, 0x2DD4BE83, 0x832DD4BE, 0xBE832DD4, }, /* x=C4 */ - { 0xDAB78E26, 0x26DAB78E, 0x8E26DAB7, 0xB78E26DA, }, /* x=C5 */ - { 0xC8AC993B, 0x3BC8AC99, 0x993BC8AC, 0xAC993BC8, }, /* x=C6 */ - { 0xC6A59430, 0x30C6A594, 0x9430C6A5, 0xA59430C6, }, /* x=C7 */ - { 0x9CD2DF59, 0x599CD2DF, 0xDF599CD2, 0xD2DF599C, }, /* x=C8 */ - { 0x92DBD252, 0x5292DBD2, 0xD25292DB, 0xDBD25292, }, /* x=C9 */ - { 0x80C0C54F, 0x4F80C0C5, 0xC54F80C0, 0xC0C54F80, }, /* x=CA */ - { 0x8EC9C844, 0x448EC9C8, 0xC8448EC9, 0xC9C8448E, }, /* x=CB */ - { 0xA4F6EB75, 0x75A4F6EB, 0xEB75A4F6, 0xF6EB75A4, }, /* x=CC */ - { 0xAAFFE67E, 0x7EAAFFE6, 0xE67EAAFF, 0xFFE67EAA, }, /* x=CD */ - { 0xB8E4F163, 0x63B8E4F1, 0xF163B8E4, 0xE4F163B8, }, /* x=CE */ - { 0xB6EDFC68, 0x68B6EDFC, 0xFC68B6ED, 0xEDFC68B6, }, /* x=CF */ - { 0x0C0A67B1, 0xB10C0A67, 0x67B10C0A, 0x0A67B10C, }, /* x=D0 */ - { 0x02036ABA, 0xBA02036A, 0x6ABA0203, 0x036ABA02, }, /* x=D1 */ - { 0x10187DA7, 0xA710187D, 0x7DA71018, 0x187DA710, }, /* x=D2 */ - { 0x1E1170AC, 0xAC1E1170, 0x70AC1E11, 0x1170AC1E, }, /* x=D3 */ - { 0x342E539D, 0x9D342E53, 0x539D342E, 0x2E539D34, }, /* x=D4 */ - { 0x3A275E96, 0x963A275E, 0x5E963A27, 0x275E963A, }, /* x=D5 */ - { 0x283C498B, 0x8B283C49, 0x498B283C, 0x3C498B28, }, /* x=D6 */ - { 0x26354480, 0x80263544, 0x44802635, 0x35448026, }, /* x=D7 */ - { 0x7C420FE9, 0xE97C420F, 0x0FE97C42, 0x420FE97C, }, /* x=D8 */ - { 0x724B02E2, 0xE2724B02, 0x02E2724B, 0x4B02E272, }, /* x=D9 */ - { 0x605015FF, 0xFF605015, 0x15FF6050, 0x5015FF60, }, /* x=DA */ - { 0x6E5918F4, 0xF46E5918, 0x18F46E59, 0x5918F46E, }, /* x=DB */ - { 0x44663BC5, 0xC544663B, 0x3BC54466, 0x663BC544, }, /* x=DC */ - { 0x4A6F36CE, 0xCE4A6F36, 0x36CE4A6F, 0x6F36CE4A, }, /* x=DD */ - { 0x587421D3, 0xD3587421, 0x21D35874, 0x7421D358, }, /* x=DE */ - { 0x567D2CD8, 0xD8567D2C, 0x2CD8567D, 0x7D2CD856, }, /* x=DF */ - { 0x37A10C7A, 0x7A37A10C, 0x0C7A37A1, 0xA10C7A37, }, /* x=E0 */ - { 0x39A80171, 0x7139A801, 0x017139A8, 0xA8017139, }, /* x=E1 */ - { 0x2BB3166C, 0x6C2BB316, 0x166C2BB3, 0xB3166C2B, }, /* x=E2 */ - { 0x25BA1B67, 0x6725BA1B, 0x1B6725BA, 0xBA1B6725, }, /* x=E3 */ - { 0x0F853856, 0x560F8538, 0x38560F85, 0x8538560F, }, /* x=E4 */ - { 0x018C355D, 0x5D018C35, 0x355D018C, 0x8C355D01, }, /* x=E5 */ - { 0x13972240, 0x40139722, 0x22401397, 0x97224013, }, /* x=E6 */ - { 0x1D9E2F4B, 0x4B1D9E2F, 0x2F4B1D9E, 0x9E2F4B1D, }, /* x=E7 */ - { 0x47E96422, 0x2247E964, 0x642247E9, 0xE9642247, }, /* x=E8 */ - { 0x49E06929, 0x2949E069, 0x692949E0, 0xE0692949, }, /* x=E9 */ - { 0x5BFB7E34, 0x345BFB7E, 0x7E345BFB, 0xFB7E345B, }, /* x=EA */ - { 0x55F2733F, 0x3F55F273, 0x733F55F2, 0xF2733F55, }, /* x=EB */ - { 0x7FCD500E, 0x0E7FCD50, 0x500E7FCD, 0xCD500E7F, }, /* x=EC */ - { 0x71C45D05, 0x0571C45D, 0x5D0571C4, 0xC45D0571, }, /* x=ED */ - { 0x63DF4A18, 0x1863DF4A, 0x4A1863DF, 0xDF4A1863, }, /* x=EE */ - { 0x6DD64713, 0x136DD647, 0x47136DD6, 0xD647136D, }, /* x=EF */ - { 0xD731DCCA, 0xCAD731DC, 0xDCCAD731, 0x31DCCAD7, }, /* x=F0 */ - { 0xD938D1C1, 0xC1D938D1, 0xD1C1D938, 0x38D1C1D9, }, /* x=F1 */ - { 0xCB23C6DC, 0xDCCB23C6, 0xC6DCCB23, 0x23C6DCCB, }, /* x=F2 */ - { 0xC52ACBD7, 0xD7C52ACB, 0xCBD7C52A, 0x2ACBD7C5, }, /* x=F3 */ - { 0xEF15E8E6, 0xE6EF15E8, 0xE8E6EF15, 0x15E8E6EF, }, /* x=F4 */ - { 0xE11CE5ED, 0xEDE11CE5, 0xE5EDE11C, 0x1CE5EDE1, }, /* x=F5 */ - { 0xF307F2F0, 0xF0F307F2, 0xF2F0F307, 0x07F2F0F3, }, /* x=F6 */ - { 0xFD0EFFFB, 0xFBFD0EFF, 0xFFFBFD0E, 0x0EFFFBFD, }, /* x=F7 */ - { 0xA779B492, 0x92A779B4, 0xB492A779, 0x79B492A7, }, /* x=F8 */ - { 0xA970B999, 0x99A970B9, 0xB999A970, 0x70B999A9, }, /* x=F9 */ - { 0xBB6BAE84, 0x84BB6BAE, 0xAE84BB6B, 0x6BAE84BB, }, /* x=FA */ - { 0xB562A38F, 0x8FB562A3, 0xA38FB562, 0x62A38FB5, }, /* x=FB */ - { 0x9F5D80BE, 0xBE9F5D80, 0x80BE9F5D, 0x5D80BE9F, }, /* x=FC */ - { 0x91548DB5, 0xB591548D, 0x8DB59154, 0x548DB591, }, /* x=FD */ - { 0x834F9AA8, 0xA8834F9A, 0x9AA8834F, 0x4F9AA883, }, /* x=FE */ - { 0x8D4697A3, 0xA38D4697, 0x97A38D46, 0x4697A38D, }, /* x=FF */ -}; - - /* AES_Te0[x] = S [x].[02, 01, 01, 03]; From patchwork Sat Jun 3 02:34:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 13266033 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 035EFC7EE2C for ; Sat, 3 Jun 2023 02:38:26 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q5H7q-0004D8-6d; Fri, 02 Jun 2023 22:36:18 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q5H71-0000wi-Fd for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:28 -0400 Received: from mail-pj1-x102e.google.com ([2607:f8b0:4864:20::102e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q5H6a-0004gh-Pp for qemu-devel@nongnu.org; Fri, 02 Jun 2023 22:35:27 -0400 Received: by mail-pj1-x102e.google.com with SMTP id 98e67ed59e1d1-2566e60cc5aso2197595a91.3 for ; Fri, 02 Jun 2023 19:35:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685759700; x=1688351700; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0Dd2jXwqOSMO1nqixbSgaeVm5nf1PledKp5sgwRvXSU=; b=zItMre++g0fLp1IS+k+WEAdL6Q1Ng3uMO4HTfEWUyc9H+MRX2oBiBNIY2cARIATzWP lSlCitjACHwBgtAQH44+BAJjUDePHopx0VwqkfHljp5TqvblUpW40qIW8rZurKOHzbWa Ce0h4ajlQUfC7fpGa8q9/UHDI74Ocgo+2J4tCV0osPaLaMWi/oLY2JI7tIPC4g8NkKuM 8PHCI9UkWY9Uh8ZzlIOPcoSlvlF6BlOUD2oKdJAPrZuUDNiCGYbPeTVYH3wB0yYxdmMk ikJ3Ua04dKrES5DDtiPwQkzjdAvEphhSQIErDRemiodWqD/vl6bCZY5dFd8zIODhtrtE R3AA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685759700; x=1688351700; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0Dd2jXwqOSMO1nqixbSgaeVm5nf1PledKp5sgwRvXSU=; b=Ix/owyt7XGrtHxiPq+nOWM1jNo/K4TbOivsNd8Gj2Lx3CVT39bkRgcdLiV51IaLbFd 87+F04N+xENJeoNDgFIvY6RiHulQOYuaWbbtpAYB+kVwrmfZWt8Lb4xFwX+IddY90ik3 lBJR+27cSTfiDNSnPbyNTIV3lFQgkBjTAfKOxgqCC0BWakl02TRJTwQchywUSXGWESxh Qz99RGxPLa3FvfPhdX4MaGvBh7SBFRYWa61YgIP6MDcdfEvmSOnU9klrf3pe6pglOSNQ YzHhRJhZV0BUE4S1+LOpUGvsx87OnOkyxxFplvS0703SKrBilAIseNN2BKiqknGhhRUv 1Abg== X-Gm-Message-State: AC+VfDxHK6FiyCFU+ENbLbDZizFgagnrB65++0LVN0CQ+H9tKBeyAUC2 0OPwhFOwQ1aaEw3M5wkyIa8X+BtAs8tPf+hFjAM= X-Google-Smtp-Source: ACHHUZ5z3LwaRfY4JG6dQ3f+DfS1l81450SVgaMJpiO/stAx9kO5kCQXGJ7TTVIICaK8qTEFHS89PQ== X-Received: by 2002:a17:90a:4e8f:b0:256:937:48dc with SMTP id o15-20020a17090a4e8f00b00256093748dcmr1506448pjh.40.1685759699964; Fri, 02 Jun 2023 19:34:59 -0700 (PDT) Received: from stoup.. ([2602:ae:1598:4c01:66a6:82c2:d794:68f6]) by smtp.gmail.com with ESMTPSA id e91-20020a17090a6fe400b002508d73f4e8sm3914289pjk.57.2023.06.02.19.34.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Jun 2023 19:34:59 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Cc: ardb@kernel.org, berrange@redhat.com, qemu-arm@nongnu.org, qemu-ppc@nongnu.org, qemu-riscv@nongnu.org, pbonzini@redhat.com Subject: [PATCH 35/35] crypto: Unexport AES_*_rot, AES_TeN, AES_TdN Date: Fri, 2 Jun 2023 19:34:26 -0700 Message-Id: <20230603023426.1064431-36-richard.henderson@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230603023426.1064431-1-richard.henderson@linaro.org> References: <20230603023426.1064431-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::102e; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x102e.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org These arrays are no longer used outside of aes.c. Signed-off-by: Richard Henderson --- include/crypto/aes.h | 25 ------------------------- crypto/aes.c | 33 +++++++++++++++++++++------------ 2 files changed, 21 insertions(+), 37 deletions(-) diff --git a/include/crypto/aes.h b/include/crypto/aes.h index 99209f51b9..709d4d226b 100644 --- a/include/crypto/aes.h +++ b/include/crypto/aes.h @@ -30,29 +30,4 @@ void AES_decrypt(const unsigned char *in, unsigned char *out, extern const uint8_t AES_sbox[256]; extern const uint8_t AES_isbox[256]; -/* AES MixColumns, for use with rot32. */ -extern const uint32_t AES_mc_rot[256]; - -/* AES InvMixColumns, for use with rot32. */ -extern const uint32_t AES_imc_rot[256]; - -/* -AES_Te0[x] = S [x].[02, 01, 01, 03]; -AES_Te1[x] = S [x].[03, 02, 01, 01]; -AES_Te2[x] = S [x].[01, 03, 02, 01]; -AES_Te3[x] = S [x].[01, 01, 03, 02]; -AES_Te4[x] = S [x].[01, 01, 01, 01]; - -AES_Td0[x] = Si[x].[0e, 09, 0d, 0b]; -AES_Td1[x] = Si[x].[0b, 0e, 09, 0d]; -AES_Td2[x] = Si[x].[0d, 0b, 0e, 09]; -AES_Td3[x] = Si[x].[09, 0d, 0b, 0e]; -AES_Td4[x] = Si[x].[01, 01, 01, 01]; -*/ - -extern const uint32_t AES_Te0[256], AES_Te1[256], AES_Te2[256], - AES_Te3[256], AES_Te4[256]; -extern const uint32_t AES_Td0[256], AES_Td1[256], AES_Td2[256], - AES_Td3[256], AES_Td4[256]; - #endif diff --git a/crypto/aes.c b/crypto/aes.c index 4d84bef520..c51b1c1d5e 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -155,7 +155,7 @@ enum { * MixColumns lookup table, for use with rot32. * From Arm ARM pseudocode. */ -const uint32_t AES_mc_rot[256] = { +static const uint32_t AES_mc_rot[256] = { 0x00000000, 0x03010102, 0x06020204, 0x05030306, 0x0c040408, 0x0f05050a, 0x0a06060c, 0x0907070e, 0x18080810, 0x1b090912, 0x1e0a0a14, 0x1d0b0b16, @@ -226,7 +226,7 @@ const uint32_t AES_mc_rot[256] = { * Inverse MixColumns lookup table, for use with rot32. * From Arm ARM pseudocode. */ -const uint32_t AES_imc_rot[256] = { +static const uint32_t AES_imc_rot[256] = { 0x00000000, 0x0b0d090e, 0x161a121c, 0x1d171b12, 0x2c342438, 0x27392d36, 0x3a2e3624, 0x31233f2a, 0x58684870, 0x5365417e, 0x4e725a6c, 0x457f5362, @@ -308,7 +308,7 @@ AES_Td3[x] = Si[x].[09, 0d, 0b, 0e]; AES_Td4[x] = Si[x].[01, 01, 01, 01]; */ -const uint32_t AES_Te0[256] = { +static const uint32_t AES_Te0[256] = { 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU, 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U, 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU, @@ -374,7 +374,8 @@ const uint32_t AES_Te0[256] = { 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U, 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU, }; -const uint32_t AES_Te1[256] = { + +static const uint32_t AES_Te1[256] = { 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU, 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U, 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU, @@ -440,7 +441,8 @@ const uint32_t AES_Te1[256] = { 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU, 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U, }; -const uint32_t AES_Te2[256] = { + +static const uint32_t AES_Te2[256] = { 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU, 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U, 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU, @@ -506,8 +508,8 @@ const uint32_t AES_Te2[256] = { 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU, 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U, }; -const uint32_t AES_Te3[256] = { +static const uint32_t AES_Te3[256] = { 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U, 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U, 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U, @@ -573,7 +575,8 @@ const uint32_t AES_Te3[256] = { 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, }; -const uint32_t AES_Te4[256] = { + +static const uint32_t AES_Te4[256] = { 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU, 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U, 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU, @@ -639,7 +642,8 @@ const uint32_t AES_Te4[256] = { 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU, 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U, }; -const uint32_t AES_Td0[256] = { + +static const uint32_t AES_Td0[256] = { 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U, @@ -705,7 +709,8 @@ const uint32_t AES_Td0[256] = { 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U, 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U, }; -const uint32_t AES_Td1[256] = { + +static const uint32_t AES_Td1[256] = { 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU, 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U, 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU, @@ -771,7 +776,8 @@ const uint32_t AES_Td1[256] = { 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U, 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U, }; -const uint32_t AES_Td2[256] = { + +static const uint32_t AES_Td2[256] = { 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U, 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U, 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U, @@ -838,7 +844,8 @@ const uint32_t AES_Td2[256] = { 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U, 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U, }; -const uint32_t AES_Td3[256] = { + +static const uint32_t AES_Td3[256] = { 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU, 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU, 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U, @@ -904,7 +911,8 @@ const uint32_t AES_Td3[256] = { 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, }; -const uint32_t AES_Td4[256] = { + +static const uint32_t AES_Td4[256] = { 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U, 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U, 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU, @@ -970,6 +978,7 @@ const uint32_t AES_Td4[256] = { 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U, 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU, }; + static const u32 rcon[] = { 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000,