From 35f2b26fd80c223976eb68c05d305764388fc096 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 15 Feb 2023 11:35:55 +0800 Subject: [PATCH 01/11] move cpu modifier flags check to source file Signed-off-by: Jerry Yu --- include/mbedtls/check_config.h | 39 +--------------------------------- library/sha256.c | 5 +++++ library/sha512.c | 38 +++++++++++++++++++++++++++++++++ 3 files changed, 44 insertions(+), 38 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 1efabdc1fd..21daabe489 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -708,41 +708,6 @@ #if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT) #error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_*" #endif -/* - * Best performance comes from most recent compilers, with intrinsics and -O3. - * Must compile with -march=armv8.2-a+sha3, but we can't detect armv8.2-a, and - * can't always detect __ARM_FEATURE_SHA512 (notably clang 7-12). - * - * GCC < 8 won't work at all (lacks the sha512 instructions) - * GCC >= 8 uses intrinsics, sets __ARM_FEATURE_SHA512 - * - * Clang < 7 won't work at all (lacks the sha512 instructions) - * Clang 7-12 don't have intrinsics (but we work around that with inline - * assembler) or __ARM_FEATURE_SHA512 - * Clang == 13.0.0 same as clang 12 (only seen on macOS) - * Clang >= 13.0.1 has __ARM_FEATURE_SHA512 and intrinsics - */ -#if defined(__aarch64__) && !defined(__ARM_FEATURE_SHA512) - /* Test Clang first, as it defines __GNUC__ */ -# if defined(__clang__) -# if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# elif __clang_major__ < 13 || \ - (__clang_major__ == 13 && __clang_minor__ == 0 && __clang_patchlevel__ == 0) - /* We implement the intrinsics with inline assembler, so don't error */ -# else -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# endif -# elif defined(__GNUC__) -# if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# else -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# endif -# else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# endif -#endif #endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ @@ -763,9 +728,7 @@ #if defined(MBEDTLS_SHA256_ALT) || defined(MBEDTLS_SHA256_PROCESS_ALT) #error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_A64_CRYPTO_*" #endif -#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) -#error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" -#endif + #endif #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && \ diff --git a/library/sha256.c b/library/sha256.c index cb09a71ec1..010f4bc02f 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -37,6 +37,11 @@ #if defined(__aarch64__) # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +/* *INDENT-OFF* */ +# if !defined(__ARM_FEATURE_CRYPTO) +# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# endif +/* *INDENT-ON* */ # include # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) diff --git a/library/sha512.c b/library/sha512.c index efcbed413f..767857f344 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -43,6 +43,44 @@ #if defined(__aarch64__) # if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +/* *INDENT-OFF* */ +/* + * Best performance comes from most recent compilers, with intrinsics and -O3. + * Must compile with -march=armv8.2-a+sha3, but we can't detect armv8.2-a, and + * can't always detect __ARM_FEATURE_SHA512 (notably clang 7-12). + * + * GCC < 8 won't work at all (lacks the sha512 instructions) + * GCC >= 8 uses intrinsics, sets __ARM_FEATURE_SHA512 + * + * Clang < 7 won't work at all (lacks the sha512 instructions) + * Clang 7-12 don't have intrinsics (but we work around that with inline + * assembler) or __ARM_FEATURE_SHA512 + * Clang == 13.0.0 same as clang 12 (only seen on macOS) + * Clang >= 13.0.1 has __ARM_FEATURE_SHA512 and intrinsics + */ +#if !defined(__ARM_FEATURE_SHA512) + /* Test Clang first, as it defines __GNUC__ */ +# if defined(__clang__) +# if __clang_major__ < 7 +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# elif __clang_major__ < 13 || \ + (__clang_major__ == 13 && __clang_minor__ == 0 && __clang_patchlevel__ == 0) + /* We implement the intrinsics with inline assembler, so don't error */ +# else +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# endif +# elif defined(__GNUC__) +# if __GNUC__ < 8 +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# else +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# endif +# else +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# endif +#endif +/* *INDENT-ON* */ + # include # endif # if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) From 64e5d4a2cdb64c274c0001a281b3c5c583c87f0c Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 15 Feb 2023 11:46:57 +0800 Subject: [PATCH 02/11] Replace error output with target pragma if possible Signed-off-by: Jerry Yu --- library/sha256.c | 24 ++++++++++++++++++++- library/sha512.c | 54 +++++++++++++++++++++++++++++------------------- 2 files changed, 56 insertions(+), 22 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 010f4bc02f..4321765519 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -39,7 +39,29 @@ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ # if !defined(__ARM_FEATURE_CRYPTO) -# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# if defined(__clang__) +# if __clang_major__ < 18 + /* TODO: Re-consider above after https://reviews.llvm.org/D131064 + * merged. + * + * The intrinsic declaration are guarded with ACLE predefined macros + * in clang, and those macros are only enabled with command line. + * Define the macros can enable those declaration and avoid compile + * error on it. + */ +# define __ARM_FEATURE_CRYPTO 1 +# endif +# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# elif defined(__GNUC__) +# if __GNUC__ < 6 /* TODO: check sha256 compatible for GCC */ +# error "A more recent GCC is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# else +# pragma GCC target ("arch=armv8-a+crypto") +# endif +# else +# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# endif # endif /* *INDENT-ON* */ # include diff --git a/library/sha512.c b/library/sha512.c index 767857f344..fec974a36b 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -58,29 +58,41 @@ * Clang == 13.0.0 same as clang 12 (only seen on macOS) * Clang >= 13.0.1 has __ARM_FEATURE_SHA512 and intrinsics */ -#if !defined(__ARM_FEATURE_SHA512) - /* Test Clang first, as it defines __GNUC__ */ -# if defined(__clang__) -# if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# elif __clang_major__ < 13 || \ - (__clang_major__ == 13 && __clang_minor__ == 0 && __clang_patchlevel__ == 0) - /* We implement the intrinsics with inline assembler, so don't error */ -# else -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# if !defined(__ARM_FEATURE_SHA512) + /* Test Clang first, as it defines __GNUC__ */ +# if defined(__clang__) +# if __clang_major__ < 7 +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# elif __clang_major__ < 13 || \ + (__clang_major__ == 13 && __clang_minor__ == 0 && \ + __clang_patchlevel__ == 0) + /* We implement the intrinsics with inline assembler, so don't error */ +# else +# if __clang_major__ < 18 + /* TODO: Re-consider above after https://reviews.llvm.org/D131064 + * merged. + * + * The intrinsic declaration are guarded with ACLE predefined macros + * in clang, and those macros are only enabled with command line. + * Define the macros can enable those declaration and avoid compile + * error on it. + */ +# define __ARM_FEATURE_SHA512 1 +# endif +# pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# endif +# elif defined(__GNUC__) +# if __GNUC__ < 8 +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# else +# pragma GCC target ("arch=armv8.2-a+sha3") +# endif +# else +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# endif # endif -# elif defined(__GNUC__) -# if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# else -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# endif -# else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# endif -#endif /* *INDENT-ON* */ - # include # endif # if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) From 92fc538a22b94fa8e8ef47935ccc69be603a5bf7 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 16 Feb 2023 11:17:11 +0800 Subject: [PATCH 03/11] Add attribute popup Signed-off-by: Jerry Yu --- library/sha256.c | 5 +++++ library/sha512.c | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/library/sha256.c b/library/sha256.c index 4321765519..49a233d63f 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -380,6 +380,11 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, SHA256_BLOCK_SIZE) ? 0 : -1; } +#if defined(MBEDTLS_POP_TARGET_PRAGMA) +#pragma clang attribute pop +#undef MBEDTLS_POP_TARGET_PRAGMA +#endif + #endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ diff --git a/library/sha512.c b/library/sha512.c index fec974a36b..827c08f34f 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -566,6 +566,11 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, SHA512_BLOCK_SIZE) ? 0 : -1; } +#if defined(MBEDTLS_POP_TARGET_PRAGMA) +#pragma clang attribute pop +#undef MBEDTLS_POP_TARGET_PRAGMA +#endif + #endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ From 2f2c04956dead5d508a4b9af808a1e6892dd225b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 16 Feb 2023 14:24:46 +0800 Subject: [PATCH 04/11] Add GCC options pop Reduce the scope of target pragma to meet behavior of clang. Signed-off-by: Jerry Yu --- library/sha256.c | 6 ++++++ library/sha512.c | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/library/sha256.c b/library/sha256.c index 49a233d63f..81c011b338 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -57,7 +57,9 @@ # if __GNUC__ < 6 /* TODO: check sha256 compatible for GCC */ # error "A more recent GCC is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" # else +# pragma GCC push_options # pragma GCC target ("arch=armv8-a+crypto") +# define MBEDTLS_POP_TARGET_PRAGMA # endif # else # error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_A64_CRYPTO_*" @@ -381,7 +383,11 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, } #if defined(MBEDTLS_POP_TARGET_PRAGMA) +#if defined(__clang__) #pragma clang attribute pop +#elif defined(__GNUC__) +#pragma GCC pop_options +#endif #undef MBEDTLS_POP_TARGET_PRAGMA #endif diff --git a/library/sha512.c b/library/sha512.c index 827c08f34f..df8c5a9c1d 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -86,7 +86,9 @@ # if __GNUC__ < 8 # error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # else +# pragma GCC push_options # pragma GCC target ("arch=armv8.2-a+sha3") +# define MBEDTLS_POP_TARGET_PRAGMA # endif # else # error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" @@ -567,7 +569,11 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, } #if defined(MBEDTLS_POP_TARGET_PRAGMA) +#if defined(__clang__) #pragma clang attribute pop +#elif defined(__GNUC__) +#pragma GCC pop_options +#endif #undef MBEDTLS_POP_TARGET_PRAGMA #endif From 8ae6a0193c04fa76759791c31d43f36313e43ce0 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 16 Feb 2023 15:16:20 +0800 Subject: [PATCH 05/11] Add comments about gcc-5 Signed-off-by: Jerry Yu --- library/sha256.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/sha256.c b/library/sha256.c index 81c011b338..bf9af6b5a9 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -54,7 +54,10 @@ # pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__GNUC__) -# if __GNUC__ < 6 /* TODO: check sha256 compatible for GCC */ + /* FIXME: GCC-5 annouce crypto extension, but some intrinsic are missed. + * Known miss intrinsic can be workaround. + */ +# if __GNUC__ < 6 # error "A more recent GCC is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" # else # pragma GCC push_options From 383cbf42a03f4aebf8184f3e340db5bb05748e0f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 16 Feb 2023 15:16:43 +0800 Subject: [PATCH 06/11] Add minimum version of sha256 for clang Signed-off-by: Jerry Yu --- library/sha256.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/sha256.c b/library/sha256.c index bf9af6b5a9..d5be7aa19c 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -40,7 +40,9 @@ /* *INDENT-OFF* */ # if !defined(__ARM_FEATURE_CRYPTO) # if defined(__clang__) -# if __clang_major__ < 18 +# if __clang_major__ < 4 +# error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# elif __clang_major__ < 18 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 * merged. * From a135deeece11aa23ce2002336c87a64405d6ef58 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 16 Feb 2023 16:56:22 +0800 Subject: [PATCH 07/11] Move clang bug workaround to the head of file Signed-off-by: Jerry Yu --- library/sha256.c | 34 +++++++++++++++++++++++----------- library/sha512.c | 37 ++++++++++++++++++++++++++----------- 2 files changed, 49 insertions(+), 22 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index d5be7aa19c..c167dbe1a8 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -22,8 +22,31 @@ * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf */ +#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ + defined(__clang__) && __clang_major__ < 18 && __clang_major__ > 3 +/* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. + * + * The intrinsic declaration are guarded with ACLE predefined macros in clang, + * and those macros are only enabled with command line. Define the macros can + * enable those declaration and avoid compile error on it. + */ +#define __ARM_FEATURE_CRYPTO 1 +#pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) +#define MBEDTLS_POP_TARGET_PRAGMA +#endif /* __aarch64__ && __clang__ && + !__ARM_FEATURE_CRYPTO && __clang_major__ < 18 && __clang_major__ > 3 */ + #include "common.h" +#if defined(MBEDTLS_POP_TARGET_PRAGMA) && \ + !(defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY)) +#if defined(__clang__) +#pragma clang attribute pop +#endif +#undef MBEDTLS_POP_TARGET_PRAGMA +#endif + #if defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA224_C) #include "mbedtls/sha256.h" @@ -42,16 +65,6 @@ # if defined(__clang__) # if __clang_major__ < 4 # error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" -# elif __clang_major__ < 18 - /* TODO: Re-consider above after https://reviews.llvm.org/D131064 - * merged. - * - * The intrinsic declaration are guarded with ACLE predefined macros - * in clang, and those macros are only enabled with command line. - * Define the macros can enable those declaration and avoid compile - * error on it. - */ -# define __ARM_FEATURE_CRYPTO 1 # endif # pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA @@ -398,7 +411,6 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, #endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ - #if !defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha256_process_many_c mbedtls_internal_sha256_process_many #define mbedtls_internal_sha256_process_c mbedtls_internal_sha256_process diff --git a/library/sha512.c b/library/sha512.c index df8c5a9c1d..d0e6d47df8 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -22,8 +22,34 @@ * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf */ +#if defined(__aarch64__) && !defined(__ARM_FEATURE_SHA512) && \ + defined(__clang__) && __clang_major__ < 18 && \ + __clang_major__ >= 13 && __clang_minor__ > 0 && __clang_patchlevel__ > 0 +/* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. + * + * The intrinsic declaration are guarded with ACLE predefined macros in clang, + * and those macros are only enabled with command line. Define the macros can + * enable those declaration and avoid compile error on it. + */ +#define __ARM_FEATURE_SHA512 1 +#pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) +#define MBEDTLS_POP_TARGET_PRAGMA +#endif /* __aarch64__ && __clang__ && + !__ARM_FEATURE_SHA512 && __clang_major__ < 18 && + __clang_major__ >= 13 && __clang_minor__ > 0 && + __clang_patchlevel__ > 0 */ + #include "common.h" +#if defined(MBEDTLS_POP_TARGET_PRAGMA) && \ + !(defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)) +#if defined(__clang__) +#pragma clang attribute pop +#endif +#undef MBEDTLS_POP_TARGET_PRAGMA +#endif + #if defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA384_C) #include "mbedtls/sha512.h" @@ -68,17 +94,6 @@ __clang_patchlevel__ == 0) /* We implement the intrinsics with inline assembler, so don't error */ # else -# if __clang_major__ < 18 - /* TODO: Re-consider above after https://reviews.llvm.org/D131064 - * merged. - * - * The intrinsic declaration are guarded with ACLE predefined macros - * in clang, and those macros are only enabled with command line. - * Define the macros can enable those declaration and avoid compile - * error on it. - */ -# define __ARM_FEATURE_SHA512 1 -# endif # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif From f7dccb303b0472ecc7a8071ec166b48fa70b2a39 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 16 Feb 2023 17:37:58 +0800 Subject: [PATCH 08/11] Remove limitation for sha256/512 arm64 accelerator Signed-off-by: Jerry Yu --- include/mbedtls/mbedtls_config.h | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 9ae51c964a..244dcca537 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3087,9 +3087,6 @@ * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * - * \note The code uses Neon intrinsics, so \c CFLAGS must be set to a minimum - * of \c -march=armv8-a+crypto. - * * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. * @@ -3112,9 +3109,6 @@ * \note This allows builds with a smaller code size than with * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT * - * \note The code uses Neon intrinsics, so \c CFLAGS must be set to a minimum - * of \c -march=armv8-a+crypto. - * * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. * @@ -3169,9 +3163,7 @@ * for a non-Aarch64 build it will be silently ignored. * * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or - * Clang >= 7, and \c CFLAGS must be set to a minimum of - * \c -march=armv8.2-a+sha3. An optimisation level of \c -O3 generates the - * fastest code. + * Clang >= 7. * * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. @@ -3196,9 +3188,7 @@ * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or - * Clang >= 7, and \c CFLAGS must be set to a minimum of - * \c -march=armv8.2-a+sha3. An optimisation level of \c -O3 generates the - * fastest code. + * Clang >= 7. * * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. From ba4ec24c79289fcc82609e02ceb9a4da180a5550 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 21 Feb 2023 15:59:13 +0800 Subject: [PATCH 09/11] fix code style failure Signed-off-by: Jerry Yu --- library/sha256.c | 4 ++-- library/sha512.c | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index c167dbe1a8..8c2e6f9e07 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -34,13 +34,13 @@ #pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) #define MBEDTLS_POP_TARGET_PRAGMA #endif /* __aarch64__ && __clang__ && - !__ARM_FEATURE_CRYPTO && __clang_major__ < 18 && __clang_major__ > 3 */ + !__ARM_FEATURE_CRYPTO && __clang_major__ < 18 && __clang_major__ > 3 */ #include "common.h" #if defined(MBEDTLS_POP_TARGET_PRAGMA) && \ !(defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY)) + defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY)) #if defined(__clang__) #pragma clang attribute pop #endif diff --git a/library/sha512.c b/library/sha512.c index d0e6d47df8..26b46318d3 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -35,15 +35,15 @@ #pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) #define MBEDTLS_POP_TARGET_PRAGMA #endif /* __aarch64__ && __clang__ && - !__ARM_FEATURE_SHA512 && __clang_major__ < 18 && - __clang_major__ >= 13 && __clang_minor__ > 0 && - __clang_patchlevel__ > 0 */ + !__ARM_FEATURE_SHA512 && __clang_major__ < 18 && + __clang_major__ >= 13 && __clang_minor__ > 0 && + __clang_patchlevel__ > 0 */ #include "common.h" #if defined(MBEDTLS_POP_TARGET_PRAGMA) && \ !(defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)) + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)) #if defined(__clang__) #pragma clang attribute pop #endif From 4d786a732bbff893d1ce6abf8b30c6d5fecf3588 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 22 Feb 2023 11:01:07 +0800 Subject: [PATCH 10/11] Fix regression issue for clang workaround. Signed-off-by: Jerry Yu --- library/sha256.c | 17 +++++------------ library/sha512.c | 8 +++++--- 2 files changed, 10 insertions(+), 15 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 8c2e6f9e07..d18f228487 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -29,24 +29,17 @@ * The intrinsic declaration are guarded with ACLE predefined macros in clang, * and those macros are only enabled with command line. Define the macros can * enable those declaration and avoid compile error on it. + * + * `arm_neon.h` might be included in any head files. On the top of this file, we + * can guarantee this workaround always work. */ #define __ARM_FEATURE_CRYPTO 1 -#pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) -#define MBEDTLS_POP_TARGET_PRAGMA +#define NEED_TARGET_OPTIONS #endif /* __aarch64__ && __clang__ && !__ARM_FEATURE_CRYPTO && __clang_major__ < 18 && __clang_major__ > 3 */ #include "common.h" -#if defined(MBEDTLS_POP_TARGET_PRAGMA) && \ - !(defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY)) -#if defined(__clang__) -#pragma clang attribute pop -#endif -#undef MBEDTLS_POP_TARGET_PRAGMA -#endif - #if defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA224_C) #include "mbedtls/sha256.h" @@ -61,7 +54,7 @@ # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ -# if !defined(__ARM_FEATURE_CRYPTO) +# if !defined(__ARM_FEATURE_CRYPTO) || defined(NEED_TARGET_OPTIONS) # if defined(__clang__) # if __clang_major__ < 4 # error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" diff --git a/library/sha512.c b/library/sha512.c index 26b46318d3..919cf20410 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -30,10 +30,12 @@ * The intrinsic declaration are guarded with ACLE predefined macros in clang, * and those macros are only enabled with command line. Define the macros can * enable those declaration and avoid compile error on it. + * + * `arm_neon.h` might be included in any head files. On the top of this file, we + * can guarantee this workaround always work. */ #define __ARM_FEATURE_SHA512 1 -#pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) -#define MBEDTLS_POP_TARGET_PRAGMA +#define NEED_TARGET_OPTIONS #endif /* __aarch64__ && __clang__ && !__ARM_FEATURE_SHA512 && __clang_major__ < 18 && __clang_major__ >= 13 && __clang_minor__ > 0 && @@ -84,7 +86,7 @@ * Clang == 13.0.0 same as clang 12 (only seen on macOS) * Clang >= 13.0.1 has __ARM_FEATURE_SHA512 and intrinsics */ -# if !defined(__ARM_FEATURE_SHA512) +# if !defined(__ARM_FEATURE_SHA512) || defined(NEED_TARGET_OPTIONS) /* Test Clang first, as it defines __GNUC__ */ # if defined(__clang__) # if __clang_major__ < 7 From fc2e128fc9a858d04fd6dc8624fd07ef5f04f6b7 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 27 Feb 2023 11:16:56 +0800 Subject: [PATCH 11/11] Fix grammar issues and remove useless code Signed-off-by: Jerry Yu --- library/sha256.c | 11 ++++++----- library/sha512.c | 20 ++++++-------------- 2 files changed, 12 insertions(+), 19 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index d18f228487..23cd406c37 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -26,12 +26,13 @@ defined(__clang__) && __clang_major__ < 18 && __clang_major__ > 3 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * - * The intrinsic declaration are guarded with ACLE predefined macros in clang, - * and those macros are only enabled with command line. Define the macros can - * enable those declaration and avoid compile error on it. + * The intrinsic declaration are guarded by predefined ACLE macros in clang: + * these are normally only enabled by the -march option on the command line. + * By defining the macros ourselves we gain access to those declarations without + * requiring -march on the command line. * - * `arm_neon.h` might be included in any head files. On the top of this file, we - * can guarantee this workaround always work. + * `arm_neon.h` could be included by any header file, so we put these defines + * at the top of this file, before any includes. */ #define __ARM_FEATURE_CRYPTO 1 #define NEED_TARGET_OPTIONS diff --git a/library/sha512.c b/library/sha512.c index 919cf20410..bc92a8de21 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -27,12 +27,13 @@ __clang_major__ >= 13 && __clang_minor__ > 0 && __clang_patchlevel__ > 0 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * - * The intrinsic declaration are guarded with ACLE predefined macros in clang, - * and those macros are only enabled with command line. Define the macros can - * enable those declaration and avoid compile error on it. + * The intrinsic declaration are guarded by predefined ACLE macros in clang: + * these are normally only enabled by the -march option on the command line. + * By defining the macros ourselves we gain access to those declarations without + * requiring -march on the command line. * - * `arm_neon.h` might be included in any head files. On the top of this file, we - * can guarantee this workaround always work. + * `arm_neon.h` could be included by any header file, so we put these defines + * at the top of this file, before any includes. */ #define __ARM_FEATURE_SHA512 1 #define NEED_TARGET_OPTIONS @@ -43,15 +44,6 @@ #include "common.h" -#if defined(MBEDTLS_POP_TARGET_PRAGMA) && \ - !(defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)) -#if defined(__clang__) -#pragma clang attribute pop -#endif -#undef MBEDTLS_POP_TARGET_PRAGMA -#endif - #if defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA384_C) #include "mbedtls/sha512.h"