From 608e1093de045e927f8af8fa261a0e33581edd34 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 28 Feb 2023 12:50:00 +0800 Subject: [PATCH] Improve comment about conflicts between aesce and sha512-crypto Signed-off-by: Jerry Yu --- include/mbedtls/mbedtls_config.h | 12 +++++++----- library/aesce.h | 2 +- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 774fc948a1..4f51d0a9f3 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2078,11 +2078,13 @@ * \note The code uses Neon intrinsics, so \c CFLAGS must be set to a minimum * of \c -march=armv8-a+crypto . * - * \warning `MBEDTLS_SHA512_USE_A64_CRYPTO_*` should be disabled when enabled - * because unexpected instruction will be generated in AESCE module. - * `MBEDTLS_SHA512_USE_A64_CRYPTO_*` requires \c -march=armv8.2-a+sha3, - * compiler optimizes the code with `eor3` that is part of sha3 - * extension and unexpected in AESCE. + * \warning If the target architecture is set to something that includes the + * SHA3 feature (e.g. `-march=armv8.2-a+sha3`), for example because + * `MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT` is desired, compilers + * generate code for `MBEDTLS_AESCE_C` that includes instructions + * only present with the (optional) SHA3 feature. This will lead to an + * undefined instruction exception if the code is run on a CPU without + * that feature. * * \warning Runtime detection only works on linux. For non-linux operation * system, crypto extension MUST be supported by CPU. diff --git a/library/aesce.h b/library/aesce.h index 1e72e5ba46..da42446997 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -31,7 +31,7 @@ #include "mbedtls/aes.h" -#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \ +#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \ defined(__aarch64__) && !defined(MBEDTLS_HAVE_ARM64) #define MBEDTLS_HAVE_ARM64 #endif