From 5ed7b2dec246ac27ce303884089c8e4e3ef4524c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 3 Oct 2023 18:00:44 +0100 Subject: [PATCH 01/44] Introduce MBEDTLS_ARCH_IS_ARMV8 Signed-off-by: Dave Rodgman --- include/mbedtls/build_info.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 533e076e0a..9b9f5f2ac9 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -74,6 +74,17 @@ #define MBEDTLS_ARCH_IS_X86 #endif +/* This is defined if the architecture is Armv8, or higher */ +#if !defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(__ARM_ARCH) +#if __ARM_ARCH >= 8 +#define MBEDTLS_ARCH_IS_ARMV8 +#endif +#elif defined(MBEDTLS_ARCH_IS_ARM64) +#define MBEDTLS_ARCH_IS_ARMV8 +#endif +#endif + #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 #endif From cc5bf4946f9376f9410ca145953f4d77ed7b3044 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 3 Oct 2023 18:02:56 +0100 Subject: [PATCH 02/44] Make SHA256 depend on Armv8, not aarch64 Signed-off-by: Dave Rodgman --- include/mbedtls/check_config.h | 5 ++--- library/sha256.c | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index e18e9a5fc6..1580707832 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -865,9 +865,8 @@ #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && \ - !defined(__aarch64__) && !defined(_M_ARM64) -#error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) +#error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Armv8 system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/library/sha256.c b/library/sha256.c index 223badf00f..83dcc81564 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -56,7 +56,7 @@ #include "mbedtls/platform.h" -#if defined(__aarch64__) +#if defined(MBEDTLS_ARCH_IS_ARMV8) # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) From d9e8083d262c9cfa24cd70bdb17c70ce04391632 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:17:46 +0100 Subject: [PATCH 03/44] Add tests for SHA256 on ARMCE for thumb, arm and aarch64 Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9e1d84f5de..1d9f32d9d5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4354,6 +4354,27 @@ component_build_aes_aesce_armcc () { armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" } +component_build_sha_armce () { + # Test variations of SHA256 Armv8 crypto extensions + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" +} + # For timebeing, no VIA Padlock platform available. component_build_aes_via_padlock () { From 793e264fbbd2ea57213f0d577d42d22cb50880b7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:36:20 +0100 Subject: [PATCH 04/44] Fix indentation Signed-off-by: Dave Rodgman --- library/sha256.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/sha256.c b/library/sha256.c index 83dcc81564..55f8d635cc 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -69,7 +69,7 @@ # error "Target does not support NEON instructions" # endif -# if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) +# if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 # error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" From ebe4292a9ce6fda09f061fb6c4c2977efb739a34 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:36:44 +0100 Subject: [PATCH 05/44] Improve behaviour on gcc targetting arm or thumb Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/sha256.c b/library/sha256.c index 55f8d635cc..f0eb6ad58c 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -101,6 +101,10 @@ # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_COMPILER_IS_GCC) && !defined(MBEDTLS_ARCH_IS_ARM64) +# warning "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" +# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# endif # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ From 86908590977819e18bea5b3e097d00ab47fe65e0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:40:25 +0100 Subject: [PATCH 06/44] Improve docs Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index af07613954..14d19aeb6f 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3280,7 +3280,8 @@ * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, - * armclang 6.6 or GCC 6.0. + * armclang 6.6 or GCC 6.0. Targetting Thumb or 32-bit arm with GCC is not + * supported. * * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 From d30728cf5e3e6fde80a082976cffe6493c6a300c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 18:04:39 +0100 Subject: [PATCH 07/44] Add Changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/sha256-armce-arm.txt diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt new file mode 100644 index 0000000000..aaa6e39dbf --- /dev/null +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -0,0 +1,4 @@ +Features + * Support Armv8 Crypto Extension acceleration for SHA-256 + when compiling for Thumb or 32-bit Arm. + From 04d0d06e83729d991a5deb90163f911c8b8c10c1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 18:05:08 +0100 Subject: [PATCH 08/44] Code style Signed-off-by: Dave Rodgman --- library/sha256.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/sha256.c b/library/sha256.c index f0eb6ad58c..00a01ea3d6 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -102,7 +102,8 @@ # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) # if defined(MBEDTLS_COMPILER_IS_GCC) && !defined(MBEDTLS_ARCH_IS_ARM64) -# warning "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" +# warning \ + "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" # undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT # endif # if defined(__unix__) From 9ed1853093cf1bf748a84b112a90e100a6307f8f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 00:06:47 +0100 Subject: [PATCH 09/44] require clang 4 for testing Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1d9f32d9d5..b7f4f4df63 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4354,6 +4354,12 @@ component_build_aes_aesce_armcc () { armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" } +support_build_sha_armce() { + # clang >= 4 is required to build with SHA extensions + ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" + [ "${ver}" -ge 4 ] +} + component_build_sha_armce () { # Test variations of SHA256 Armv8 crypto extensions scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT From ca92f50e124abea85870ece48d5ee2fe365ce859 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 08:24:55 +0100 Subject: [PATCH 10/44] Update docs for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 14d19aeb6f..3d44b075cd 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3277,7 +3277,7 @@ * If not, the library will fall back to the C implementation. * * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building - * for a non-Aarch64 build it will be silently ignored. + * for a non-Armv8 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. Targetting Thumb or 32-bit arm with GCC is not From bfe6021e8541e3643e97e3e7b254c53900ceb06e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 08:31:22 +0100 Subject: [PATCH 11/44] Improve docs Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 3d44b075cd..2b9e29ba20 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3280,8 +3280,11 @@ * for a non-Armv8 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, - * armclang 6.6 or GCC 6.0. Targetting Thumb or 32-bit arm with GCC is not - * supported. + * armclang 6.6 or GCC 6.0. + * + * \note GCC for Thumb or 32-bit Armv8 targets supports accelerated SHA-256 + * via #MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY, but does not support runtime + * detection via #MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. * * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 From 7ed619d3fa0d4d80df7eec1cd1e90abf861a2941 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 09:39:56 +0100 Subject: [PATCH 12/44] Enable run-time detection for Thumb and Arm Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 4 ---- library/sha256.c | 12 +++++++----- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 2b9e29ba20..a104114b4d 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3282,10 +3282,6 @@ * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. * - * \note GCC for Thumb or 32-bit Armv8 targets supports accelerated SHA-256 - * via #MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY, but does not support runtime - * detection via #MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. - * * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 * diff --git a/library/sha256.c b/library/sha256.c index 00a01ea3d6..b603b86c98 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -44,6 +44,9 @@ #define MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG #endif +/* Ensure that SIG_SETMASK is defined when -std=c99 is used. */ +#define _GNU_SOURCE + #include "common.h" #if defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA224_C) @@ -101,11 +104,6 @@ # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) -# if defined(MBEDTLS_COMPILER_IS_GCC) && !defined(MBEDTLS_ARCH_IS_ARM64) -# warning \ - "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT -# endif # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -185,7 +183,11 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) if (setjmp(return_from_sigill) == 0) { /* First return only */ /* If this traps, we will return a second time from setjmp() with 1 */ +#if defined(MBEDTLS_ARCH_IS_ARM64) asm ("sha256h q0, q0, v0.4s" : : : "v0"); +#else + asm ("sha256h.32 q0, q0, q0" : : : "q0"); +#endif ret = 1; } From cd65400c48ca10020f948c87f78cdd71fcc9a6a8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 09:40:07 +0100 Subject: [PATCH 13/44] Add tests for runtime detection Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b7f4f4df63..32d1a1527a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4379,6 +4379,13 @@ component_build_sha_armce () { msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + } # For timebeing, no VIA Padlock platform available. From 3ba9ce3c1def3278791704fe40d6cc38be201c97 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 09:58:33 +0100 Subject: [PATCH 14/44] Warn if using runtime detection and no Neon Signed-off-by: Dave Rodgman --- library/sha256.c | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index b603b86c98..8315b71f39 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -61,17 +61,24 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8) -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) - /* *INDENT-OFF* */ -# ifdef __ARM_NEON -# include -# else -# error "Target does not support NEON instructions" +# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# ifdef __ARM_NEON +# include +# else +# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# warning "Target does not support NEON instructions" +# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# else +# error "Target does not support NEON instructions" +# endif +# endif # endif +# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 From 790370b3924779f5f1cc015359df13a3484e8ba1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 11:01:31 +0100 Subject: [PATCH 15/44] code style Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 8315b71f39..c6a118d92c 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -61,8 +61,6 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8) -/* *INDENT-OFF* */ - # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) # ifdef __ARM_NEON @@ -79,6 +77,8 @@ # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +/* *INDENT-OFF* */ + # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 From 9a36f4cb97a887ab3f654538b04ce59820b7d504 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 11:25:52 +0100 Subject: [PATCH 16/44] Fix cast errors on IAR Signed-off-by: Dave Rodgman --- library/sha256.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index c6a118d92c..37f68c743e 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -336,10 +336,10 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( uint32x4_t abcd_orig = abcd; uint32x4_t efgh_orig = efgh; - uint32x4_t sched0 = (uint32x4_t) vld1q_u8(msg + 16 * 0); - uint32x4_t sched1 = (uint32x4_t) vld1q_u8(msg + 16 * 1); - uint32x4_t sched2 = (uint32x4_t) vld1q_u8(msg + 16 * 2); - uint32x4_t sched3 = (uint32x4_t) vld1q_u8(msg + 16 * 3); + uint32x4_t sched0 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 0)); + uint32x4_t sched1 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 1)); + uint32x4_t sched2 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 2)); + uint32x4_t sched3 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 3)); #if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ /* Will be true if not defined */ /* Untested on BE */ From bc2d2179beb74b70d6d4e497438bd9a554703fa6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 11:36:26 +0100 Subject: [PATCH 17/44] Update baremetal config to exclude MBEDTLS_SHAxxx_USE_A64_CRYPTO_IF_PRESENT Signed-off-by: Dave Rodgman --- scripts/config.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/config.py b/scripts/config.py index 17fbe653a3..1a71cb35f9 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -278,6 +278,8 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_THREADING_C', # requires a threading interface 'MBEDTLS_THREADING_PTHREAD', # requires pthread 'MBEDTLS_TIMING_C', # requires a clock + 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): From 8ba9f42acd43520fc5577724e7e44ae2c2cbbf7d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 10:46:25 +0100 Subject: [PATCH 18/44] Fix arch detection for auto setting of clang flags Signed-off-by: Dave Rodgman --- library/sha256.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 37f68c743e..e655cf8b91 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -22,8 +22,17 @@ * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf */ -#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ - defined(__clang__) && __clang_major__ >= 4 +#if defined(__clang__) && (__clang_major__ >= 4) + +/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8 in the following #if, + * but that is defined by build_info.h, and we need this block to happen first. */ +#if defined(__ARM_ARCH) +#if __ARM_ARCH >= 8 +#define MBEDTLS_SHA256_ARCH_IS_ARMV8 +#endif +#endif + +#if defined(MBEDTLS_SHA256_ARCH_IS_ARMV8) && !defined(__ARM_FEATURE_CRYPTO) /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: @@ -44,6 +53,8 @@ #define MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG #endif +#endif /* defined(__clang__) && (__clang_major__ >= 4) */ + /* Ensure that SIG_SETMASK is defined when -std=c99 is used. */ #define _GNU_SOURCE From 78d78462ac9ba048d026647dd2cdfbd0eaffd561 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 09:53:44 +0100 Subject: [PATCH 19/44] Make asm without side-effects not optimisable-out Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index e655cf8b91..18be8a4b9f 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -202,9 +202,9 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) if (setjmp(return_from_sigill) == 0) { /* First return only */ /* If this traps, we will return a second time from setjmp() with 1 */ #if defined(MBEDTLS_ARCH_IS_ARM64) - asm ("sha256h q0, q0, v0.4s" : : : "v0"); + asm volatile ("sha256h q0, q0, v0.4s" : : : "v0"); #else - asm ("sha256h.32 q0, q0, q0" : : : "q0"); + asm volatile ("sha256h.32 q0, q0, q0" : : : "q0"); #endif ret = 1; } From 88d806254535a1430527655488be7102b3518008 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 10:14:26 +0100 Subject: [PATCH 20/44] Fix excess newline Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index aaa6e39dbf..c1211f0c9e 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,4 +1,3 @@ Features * Support Armv8 Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. - From 94a634db96d692a470e3c7d0098fca7ab6b8680d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 12:59:29 +0100 Subject: [PATCH 21/44] Rename A64 config options Signed-off-by: Dave Rodgman --- include/mbedtls/config_adjust_legacy_crypto.h | 15 ++++ include/mbedtls/mbedtls_config.h | 86 ++++++++++++++----- library/sha256.c | 72 ++++++++-------- library/sha512.c | 70 +++++++-------- tests/scripts/all.sh | 53 +++++++----- 5 files changed, 181 insertions(+), 115 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 65bea1a6e6..78a5bb1d80 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -184,4 +184,19 @@ #define MBEDTLS_PK_HAVE_ECC_KEYS #endif /* MBEDTLS_PK_USE_PSA_EC_DATA || MBEDTLS_ECP_C */ +/* Backwards compatibility for some macros which were renamed to reflect that + * they are related to Armv8, not aarch64. */ +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +#endif +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +#endif +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +#endif +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +#endif + #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index a104114b4d..f9ad2b6f9a 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3270,13 +3270,13 @@ #define MBEDTLS_SHA256_C /** - * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building * for a non-Armv8 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, @@ -3285,27 +3285,38 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 * - * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. + * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA256_C. * * Module: library/sha256.c * - * Uncomment to have the library check for the A64 SHA-256 crypto extensions + * Uncomment to have the library check for the Armv8 SHA-256 crypto extensions * and use them if available. */ +//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + +/* + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. @@ -3313,17 +3324,28 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 * - * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. + * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA256_C. * * Module: library/sha256.c * - * Uncomment to have the library use the A64 SHA-256 crypto extensions + * Uncomment to have the library use the Armv8 SHA-256 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY +//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + +/* + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ +//#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT /** * \def MBEDTLS_SHA384_C @@ -3368,13 +3390,13 @@ #define MBEDTLS_SHA3_C /** - * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 7.0, @@ -3383,27 +3405,38 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. + * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library check for the A64 SHA-512 crypto extensions + * Uncomment to have the library check for the Armv8 SHA-512 crypto extensions * and use them if available. */ +//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + +/* + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY + * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 7.0, * armclang 6.9 or GCC 8.0. @@ -3411,16 +3444,27 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. + * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library use the A64 SHA-512 crypto extensions + * Uncomment to have the library use the Armv8 SHA-512 crypto extensions * unconditionally. */ +//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY + +/* + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY /** diff --git a/library/sha256.c b/library/sha256.c index 18be8a4b9f..96aa25e591 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -72,34 +72,34 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8) -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) # ifdef __ARM_NEON # include # else -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) # warning "Target does not support NEON instructions" -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT # else # error "Target does not support NEON instructions" # endif # endif # endif -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) /* *INDENT-OFF* */ # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 -# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("sha2"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__clang__) # if __clang_major__ < 4 -# error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA @@ -108,20 +108,20 @@ * intrinsics are missing. Missing intrinsics could be worked around. */ # if __GNUC__ < 6 -# error "A more recent GCC is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8-a+crypto") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -132,19 +132,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA2) static int mbedtls_a64_crypto_sha256_determine_support(void) @@ -174,7 +174,7 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) static jmp_buf return_from_sigill; /* - * A64 SHA256 support detection via SIGILL + * Armv8 SHA256 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -215,11 +215,11 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) return ret; } #else -#warning "No mechanism to detect A64_CRYPTO found, using C code only" -#undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA2, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA256_ALT) @@ -321,10 +321,10 @@ static const uint32_t K[] = #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) # define mbedtls_internal_sha256_process_many_a64_crypto mbedtls_internal_sha256_process_many # define mbedtls_internal_sha256_process_a64_crypto mbedtls_internal_sha256_process #endif @@ -424,9 +424,9 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() */ static @@ -439,7 +439,7 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, SHA256_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -450,14 +450,14 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, #undef MBEDTLS_POP_TARGET_PRAGMA #endif -#if !defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha256_process_many_c mbedtls_internal_sha256_process_many #define mbedtls_internal_sha256_process_c mbedtls_internal_sha256_process #endif #if !defined(MBEDTLS_SHA256_PROCESS_ALT) && \ - !defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) + !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #define SHR(x, n) (((x) & 0xFFFFFFFF) >> (n)) #define ROTR(x, n) (SHR(x, n) | ((x) << (32 - (n)))) @@ -485,9 +485,9 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, (d) += local.temp1; (h) = local.temp1 + local.temp2; \ } while (0) -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() */ static @@ -577,10 +577,10 @@ int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) static size_t mbedtls_internal_sha256_process_many_c( mbedtls_sha256_context *ctx, const uint8_t *data, size_t len) @@ -601,10 +601,10 @@ static size_t mbedtls_internal_sha256_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha256_has_support(void) { @@ -639,7 +639,7 @@ int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, } } -#endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ /* diff --git a/library/sha512.c b/library/sha512.c index e739af2546..14c9343e34 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -57,8 +57,8 @@ #include "mbedtls/platform.h" #if defined(__aarch64__) -# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) /* *INDENT-OFF* */ # ifdef __ARM_NEON # include @@ -83,35 +83,35 @@ /* Test Clang first, as it defines __GNUC__ */ # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION < 6090000 -# error "A more recent armclang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # elif __ARMCOMPILER_VERSION == 6090000 -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__clang__) # if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__GNUC__) # if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8.2-a+sha3") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -122,19 +122,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY -# undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA512) static int mbedtls_a64_crypto_sha512_determine_support(void) @@ -161,9 +161,9 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) * SHA-512 support. So we fall back to the C code only. */ #if defined(_MSC_VER) -#pragma message "No mechanism to detect A64_CRYPTO found, using C code only" +#pragma message "No mechanism to detect ARMV8_CRYPTO found, using C code only" #else -#warning "No mechanism to detect A64_CRYPTO found, using C code only" +#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" #endif #elif defined(__unix__) && defined(SIG_SETMASK) /* Detection with SIGILL, setjmp() and longjmp() */ @@ -173,7 +173,7 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) static jmp_buf return_from_sigill; /* - * A64 SHA512 support detection via SIGILL + * Armv8 SHA512 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -210,11 +210,11 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) return ret; } #else -#warning "No mechanism to detect A64_CRYPTO found, using C code only" -#undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT +#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA512, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA512_ALT) @@ -352,10 +352,10 @@ static const uint64_t K[80] = }; #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) # define mbedtls_internal_sha512_process_many_a64_crypto mbedtls_internal_sha512_process_many # define mbedtls_internal_sha512_process_a64_crypto mbedtls_internal_sha512_process #endif @@ -567,9 +567,9 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -582,7 +582,7 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, SHA512_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -594,17 +594,17 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #endif -#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha512_process_many_c mbedtls_internal_sha512_process_many #define mbedtls_internal_sha512_process_c mbedtls_internal_sha512_process #endif -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -701,10 +701,10 @@ int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) static size_t mbedtls_internal_sha512_process_many_c( mbedtls_sha512_context *ctx, const uint8_t *data, size_t len) @@ -725,10 +725,10 @@ static size_t mbedtls_internal_sha512_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha512_has_support(void) { @@ -763,7 +763,7 @@ int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, } } -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ /* * SHA-512 process buffer diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 32d1a1527a..1892ef869a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2245,12 +2245,12 @@ component_build_module_alt () { # The SpecifiedECDomain parsing code accesses mbedtls_ecp_group fields # directly and assumes the implementation works with partial groups. scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED - # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_A64_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY + # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable # MBEDTLS_XXX_YYY_ALT which are for single functions. @@ -3464,10 +3464,10 @@ config_psa_crypto_hash_use_psa () { scripts/config.py unset MBEDTLS_SHA1_C scripts/config.py unset MBEDTLS_SHA224_C scripts/config.py unset MBEDTLS_SHA256_C # see external RNG below - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA3_C fi } @@ -4332,7 +4332,7 @@ component_build_aes_aesce_armcc () { scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4340,7 +4340,7 @@ component_build_aes_aesce_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM msg "AESCE, build with default configuration." @@ -4362,30 +4362,37 @@ support_build_sha_armce() { component_build_sha_armce () { # Test variations of SHA256 Armv8 crypto extensions - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, arm" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" + # test the deprecated form of the config option + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" + # test the deprecated form of the config option + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - } # For timebeing, no VIA Padlock platform available. @@ -4929,7 +4936,7 @@ component_build_armcc () { msg "build: ARM Compiler 5" scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4937,7 +4944,7 @@ component_build_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM From 5d4ef83e01645a40d07b945f8b70501f190ffd90 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 13:04:07 +0100 Subject: [PATCH 22/44] Fix hwcap detection on 32-bit Arm Signed-off-by: Dave Rodgman --- library/sha256.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/library/sha256.c b/library/sha256.c index 96aa25e591..fe343e7a43 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -126,6 +126,7 @@ # if defined(__linux__) /* Our preferred method of detection is getauxval() */ # include +# include # endif /* Use SIGILL on Unix, and fall back to it on Linux */ # include @@ -146,11 +147,16 @@ * Capability detection code comes early, so we can disable * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found */ -#if defined(HWCAP_SHA2) +#if defined(MBEDTLS_ARCH_IS_ARM64) && defined(HWCAP_SHA2) static int mbedtls_a64_crypto_sha256_determine_support(void) { return (getauxval(AT_HWCAP) & HWCAP_SHA2) ? 1 : 0; } +#elif defined(MBEDTLS_ARCH_IS_ARM32) && defined(HWCAP2_SHA2) +static int mbedtls_a64_crypto_sha256_determine_support(void) +{ + return (getauxval(AT_HWCAP2) & HWCAP2_SHA2) ? 1 : 0; +} #elif defined(__APPLE__) static int mbedtls_a64_crypto_sha256_determine_support(void) { From 6ab314f71d0fe0f4c39d78cdd57e0b65ea1a10b8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:00:17 +0100 Subject: [PATCH 23/44] More config option renaming Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 4 ++ include/mbedtls/check_config.h | 38 +++++++++---------- include/mbedtls/config_adjust_legacy_crypto.h | 8 ++-- include/mbedtls/mbedtls_config.h | 2 +- scripts/config.py | 4 ++ 5 files changed, 32 insertions(+), 24 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index c1211f0c9e..13d4dda1ad 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,3 +1,7 @@ Features * Support Armv8 Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. +New deprecations + * Rename the SHAxxx_USE_A64_CRYPTO_yyy config options to + SHAxxx_USE_ARMV8_CRYPTO_yyy. The old names may still be + used, but are deprecated. diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 1580707832..24b3e03e21 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -829,44 +829,44 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*" +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C" +#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA512_C" #endif #if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT) -#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_*" +#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" #endif -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__) -#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) && !defined(__aarch64__) +#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY defined on non-Aarch64 system" #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA256_USE_A64_CRYPTO_*" +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA256_C) -#error "MBEDTLS_SHA256_USE_A64_CRYPTO_* defined without MBEDTLS_SHA256_C" +#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA256_C" #endif #if defined(MBEDTLS_SHA256_ALT) || defined(MBEDTLS_SHA256_PROCESS_ALT) -#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_A64_CRYPTO_*" +#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" #endif #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) -#error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Armv8 system" +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) +#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8 system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 78a5bb1d80..bd356da592 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -186,16 +186,16 @@ /* Backwards compatibility for some macros which were renamed to reflect that * they are related to Armv8, not aarch64. */ -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) #define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY #endif diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index f9ad2b6f9a..0cbb0ee41a 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3345,7 +3345,7 @@ * This name is now deprecated, but may still be used as an alternative form for * this option. */ -//#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +//#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY /** * \def MBEDTLS_SHA384_C diff --git a/scripts/config.py b/scripts/config.py index 1a71cb35f9..619782b892 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -215,6 +215,8 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) @@ -280,6 +282,8 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_TIMING_C', # requires a clock 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): From c5861d5bf254bd991dd266cdab295216c36ca578 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:01:54 +0100 Subject: [PATCH 24/44] Code style Signed-off-by: Dave Rodgman --- include/mbedtls/config_adjust_legacy_crypto.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index bd356da592..9144c4963d 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -186,13 +186,15 @@ /* Backwards compatibility for some macros which were renamed to reflect that * they are related to Armv8, not aarch64. */ -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \ + !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ + !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif #if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) From f097bef6ea9a8a83d08281c5435cf43946fe375d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:56:35 +0100 Subject: [PATCH 25/44] Refer to Armv8-A (not Armv8) in docs Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 2 +- include/mbedtls/check_config.h | 2 +- include/mbedtls/mbedtls_config.h | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index 13d4dda1ad..bff70f5000 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,5 +1,5 @@ Features - * Support Armv8 Crypto Extension acceleration for SHA-256 + * Support Armv8-A Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. New deprecations * Rename the SHAxxx_USE_A64_CRYPTO_yyy config options to diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 24b3e03e21..0dba0a872e 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -866,7 +866,7 @@ #endif #if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) -#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8 system" +#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8-A system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 0cbb0ee41a..595b8cd890 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3277,7 +3277,7 @@ * If not, the library will fall back to the C implementation. * * \note If MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building - * for a non-Armv8 build it will be silently ignored. + * for a non-Armv8-A build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. @@ -3296,7 +3296,7 @@ * * Module: library/sha256.c * - * Uncomment to have the library check for the Armv8 SHA-256 crypto extensions + * Uncomment to have the library check for the Armv8-A SHA-256 crypto extensions * and use them if available. */ //#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT @@ -3335,7 +3335,7 @@ * * Module: library/sha256.c * - * Uncomment to have the library use the Armv8 SHA-256 crypto extensions + * Uncomment to have the library use the Armv8-A SHA-256 crypto extensions * unconditionally. */ //#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY @@ -3416,7 +3416,7 @@ * * Module: library/sha512.c * - * Uncomment to have the library check for the Armv8 SHA-512 crypto extensions + * Uncomment to have the library check for the Armv8-A SHA-512 crypto extensions * and use them if available. */ //#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT @@ -3455,7 +3455,7 @@ * * Module: library/sha512.c * - * Uncomment to have the library use the Armv8 SHA-512 crypto extensions + * Uncomment to have the library use the Armv8-A SHA-512 crypto extensions * unconditionally. */ //#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY From fe9fda81aabf178eb241670d1aced3810e7be7b2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:51:06 +0100 Subject: [PATCH 26/44] Rename MBEDTLS_ARCH_IS_ARMV8 to MBEDTLS_ARCH_IS_ARMV8_A Signed-off-by: Dave Rodgman --- include/mbedtls/build_info.h | 19 ++++++++++++------- include/mbedtls/check_config.h | 2 +- library/sha256.c | 10 +++++----- 3 files changed, 18 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 9b9f5f2ac9..b09c5dd096 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -74,14 +74,19 @@ #define MBEDTLS_ARCH_IS_X86 #endif -/* This is defined if the architecture is Armv8, or higher */ -#if !defined(MBEDTLS_ARCH_IS_ARMV8) -#if defined(__ARM_ARCH) -#if __ARM_ARCH >= 8 -#define MBEDTLS_ARCH_IS_ARMV8 +/* This is defined if the architecture is Armv8-A, or higher */ +#if !defined(MBEDTLS_ARCH_IS_ARMV8_A) +#if defined(__ARM_ARCH) && defined(__ARM_ARCH_PROFILE) +#if (__ARM_ARCH >= 8) && (__ARM_ARCH_PROFILE == 'A') +/* GCC, clang, armclang and IAR */ +#define MBEDTLS_ARCH_IS_ARMV8_A #endif -#elif defined(MBEDTLS_ARCH_IS_ARM64) -#define MBEDTLS_ARCH_IS_ARMV8 +#elif defined(__ARM_ARCH_8A) +/* Alternative defined by clang */ +#define MBEDTLS_ARCH_IS_ARMV8_A +#elif defined(_M_ARM64) || defined(_M_ARM64EC) +/* MSVC ARM64 is at least Armv8.0-A */ +#define MBEDTLS_ARCH_IS_ARMV8_A #endif #endif diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 0dba0a872e..eac2266187 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -865,7 +865,7 @@ #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A) #error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8-A system" #endif diff --git a/library/sha256.c b/library/sha256.c index fe343e7a43..763c71076b 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -24,15 +24,15 @@ #if defined(__clang__) && (__clang_major__ >= 4) -/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8 in the following #if, +/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8_A in the following #if, * but that is defined by build_info.h, and we need this block to happen first. */ -#if defined(__ARM_ARCH) +#if defined(__ARM_ARCH) && (__ARM_ARCH_PROFILE == 'A') #if __ARM_ARCH >= 8 -#define MBEDTLS_SHA256_ARCH_IS_ARMV8 +#define MBEDTLS_SHA256_ARCH_IS_ARMV8_A #endif #endif -#if defined(MBEDTLS_SHA256_ARCH_IS_ARMV8) && !defined(__ARM_FEATURE_CRYPTO) +#if defined(MBEDTLS_SHA256_ARCH_IS_ARMV8_A) && !defined(__ARM_FEATURE_CRYPTO) /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: @@ -70,7 +70,7 @@ #include "mbedtls/platform.h" -#if defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(MBEDTLS_ARCH_IS_ARMV8_A) # if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) From 5b89c55bb853aab5936e5845d61eb58e91a324f2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:59:02 +0100 Subject: [PATCH 27/44] Rename MBEDTLS_SHAxxx_USE_ARMV8_yyy to MBEDTLS_SHAxxx_USE_ARMV8_A_yyy Signed-off-by: Dave Rodgman --- include/mbedtls/check_config.h | 38 +++++------ include/mbedtls/config_adjust_legacy_crypto.h | 16 ++--- include/mbedtls/mbedtls_config.h | 48 +++++++------- library/sha256.c | 64 +++++++++---------- library/sha512.c | 58 ++++++++--------- scripts/config.py | 8 +-- tests/scripts/all.sh | 48 +++++++------- 7 files changed, 140 insertions(+), 140 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index eac2266187..b346f1f6ea 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -829,44 +829,44 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA512_C" +#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA512_C" #endif #if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT) -#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" #endif -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) && !defined(__aarch64__) -#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) && !defined(__aarch64__) +#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY defined on non-Aarch64 system" #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA256_C) -#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA256_C" +#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA256_C" #endif #if defined(MBEDTLS_SHA256_ALT) || defined(MBEDTLS_SHA256_PROCESS_ALT) -#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" #endif #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A) -#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8-A system" +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A) +#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY defined on non-Armv8-A system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 9144c4963d..c8791fc63e 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -187,18 +187,18 @@ /* Backwards compatibility for some macros which were renamed to reflect that * they are related to Armv8, not aarch64. */ #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \ - !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) -#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) -#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) +#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY #endif #if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ - !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) -#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY #endif #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 595b8cd890..49ae7218e0 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3270,13 +3270,13 @@ #define MBEDTLS_SHA256_C /** - * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building * for a non-Armv8-A build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, @@ -3289,8 +3289,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. + * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA256_C. * @@ -3299,24 +3299,24 @@ * Uncomment to have the library check for the Armv8-A SHA-256 crypto extensions * and use them if available. */ -//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT /* - * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. * This name is now deprecated, but may still be used as an alternative form for * this option. */ //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + * MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. @@ -3328,8 +3328,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. + * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA256_C. * @@ -3338,10 +3338,10 @@ * Uncomment to have the library use the Armv8-A SHA-256 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY /* - * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. * This name is now deprecated, but may still be used as an alternative form for * this option. */ @@ -3390,13 +3390,13 @@ #define MBEDTLS_SHA3_C /** - * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 7.0, @@ -3409,8 +3409,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. + * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA512_C. * @@ -3419,24 +3419,24 @@ * Uncomment to have the library check for the Armv8-A SHA-512 crypto extensions * and use them if available. */ -//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT /* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. * This name is now deprecated, but may still be used as an alternative form for * this option. */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY + * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 7.0, * armclang 6.9 or GCC 8.0. @@ -3448,8 +3448,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. + * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA512_C. * @@ -3458,10 +3458,10 @@ * Uncomment to have the library use the Armv8-A SHA-512 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY /* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. * This name is now deprecated, but may still be used as an alternative form for * this option. */ diff --git a/library/sha256.c b/library/sha256.c index 763c71076b..726f5fb565 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -72,34 +72,34 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8_A) -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) # ifdef __ARM_NEON # include # else -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) # warning "Target does not support NEON instructions" -# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT # else # error "Target does not support NEON instructions" # endif # endif # endif -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) /* *INDENT-OFF* */ # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 -# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("sha2"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__clang__) # if __clang_major__ < 4 -# error "A more recent Clang is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA @@ -108,20 +108,20 @@ * intrinsics are missing. Missing intrinsics could be worked around. */ # if __GNUC__ < 6 -# error "A more recent GCC is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8-a+crypto") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -133,19 +133,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY -# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY +# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(MBEDTLS_ARCH_IS_ARM64) && defined(HWCAP_SHA2) static int mbedtls_a64_crypto_sha256_determine_support(void) @@ -222,10 +222,10 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) } #else #warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" -#undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +#undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA2, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA256_ALT) @@ -327,10 +327,10 @@ static const uint32_t K[] = #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) # define mbedtls_internal_sha256_process_many_a64_crypto mbedtls_internal_sha256_process_many # define mbedtls_internal_sha256_process_a64_crypto mbedtls_internal_sha256_process #endif @@ -430,7 +430,7 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() @@ -445,7 +445,7 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, SHA256_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -456,14 +456,14 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, #undef MBEDTLS_POP_TARGET_PRAGMA #endif -#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha256_process_many_c mbedtls_internal_sha256_process_many #define mbedtls_internal_sha256_process_c mbedtls_internal_sha256_process #endif #if !defined(MBEDTLS_SHA256_PROCESS_ALT) && \ - !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) + !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) #define SHR(x, n) (((x) & 0xFFFFFFFF) >> (n)) #define ROTR(x, n) (SHR(x, n) | ((x) << (32 - (n)))) @@ -491,7 +491,7 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, (d) += local.temp1; (h) = local.temp1 + local.temp2; \ } while (0) -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() @@ -583,10 +583,10 @@ int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) static size_t mbedtls_internal_sha256_process_many_c( mbedtls_sha256_context *ctx, const uint8_t *data, size_t len) @@ -607,10 +607,10 @@ static size_t mbedtls_internal_sha256_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha256_has_support(void) { @@ -645,7 +645,7 @@ int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, } } -#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT */ /* diff --git a/library/sha512.c b/library/sha512.c index 14c9343e34..ab13e841eb 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -57,8 +57,8 @@ #include "mbedtls/platform.h" #if defined(__aarch64__) -# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) /* *INDENT-OFF* */ # ifdef __ARM_NEON # include @@ -83,35 +83,35 @@ /* Test Clang first, as it defines __GNUC__ */ # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION < 6090000 -# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # elif __ARMCOMPILER_VERSION == 6090000 -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__clang__) # if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__GNUC__) # if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8.2-a+sha3") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -122,19 +122,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY -# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY +# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA512) static int mbedtls_a64_crypto_sha512_determine_support(void) @@ -211,10 +211,10 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) } #else #warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" -#undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +#undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA512, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA512_ALT) @@ -352,10 +352,10 @@ static const uint64_t K[80] = }; #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) # define mbedtls_internal_sha512_process_many_a64_crypto mbedtls_internal_sha512_process_many # define mbedtls_internal_sha512_process_a64_crypto mbedtls_internal_sha512_process #endif @@ -567,7 +567,7 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() @@ -582,7 +582,7 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, SHA512_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -594,15 +594,15 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #endif -#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha512_process_many_c mbedtls_internal_sha512_process_many #define mbedtls_internal_sha512_process_c mbedtls_internal_sha512_process #endif -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() @@ -701,10 +701,10 @@ int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) static size_t mbedtls_internal_sha512_process_many_c( mbedtls_sha512_context *ctx, const uint8_t *data, size_t len) @@ -725,10 +725,10 @@ static size_t mbedtls_internal_sha512_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha512_has_support(void) { @@ -763,7 +763,7 @@ int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, } } -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ /* * SHA-512 process buffer diff --git a/scripts/config.py b/scripts/config.py index 619782b892..6e32e3db23 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -215,8 +215,8 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) @@ -282,8 +282,8 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_TIMING_C', # requires a clock 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1892ef869a..5be96a5868 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2245,12 +2245,12 @@ component_build_module_alt () { # The SpecifiedECDomain parsing code accesses mbedtls_ecp_group fields # directly and assumes the implementation works with partial groups. scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED - # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY - # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY + # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY + # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable # MBEDTLS_XXX_YYY_ALT which are for single functions. @@ -3464,10 +3464,10 @@ config_psa_crypto_hash_use_psa () { scripts/config.py unset MBEDTLS_SHA1_C scripts/config.py unset MBEDTLS_SHA224_C scripts/config.py unset MBEDTLS_SHA256_C # see external RNG below - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA3_C fi } @@ -4332,7 +4332,7 @@ component_build_aes_aesce_armcc () { scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4340,7 +4340,7 @@ component_build_aes_aesce_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM msg "AESCE, build with default configuration." @@ -4362,36 +4362,36 @@ support_build_sha_armce() { component_build_sha_armce () { # Test variations of SHA256 Armv8 crypto extensions - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, arm" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, thumb" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, arm" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, thumb" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" } @@ -4936,7 +4936,7 @@ component_build_armcc () { msg "build: ARM Compiler 5" scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4944,7 +4944,7 @@ component_build_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM From be7915aa6ceddaaf81652c0072ea5fd2b2466932 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 10:46:38 +0100 Subject: [PATCH 28/44] Revert renaming of SHA512 options Signed-off-by: Dave Rodgman --- include/mbedtls/check_config.h | 20 +++--- include/mbedtls/config_adjust_legacy_crypto.h | 7 -- include/mbedtls/mbedtls_config.h | 42 +++-------- library/sha512.c | 70 +++++++++---------- scripts/config.py | 8 +-- tests/scripts/all.sh | 12 ++-- 6 files changed, 64 insertions(+), 95 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index b346f1f6ea..3df6ede441 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -829,24 +829,24 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA512_C" +#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C" #endif #if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT) -#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_*" #endif -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) && !defined(__aarch64__) -#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__) +#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" #endif #if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index c8791fc63e..9bb1f88f4e 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -193,12 +193,5 @@ #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) #define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ - !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) -#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT -#endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY -#endif #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 49ae7218e0..b5c0d58798 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3390,13 +3390,13 @@ #define MBEDTLS_SHA3_C /** - * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 7.0, @@ -3405,38 +3405,27 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. - * That name is deprecated, but may still be used as an alternative form for this - * option. - * - * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. + * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library check for the Armv8-A SHA-512 crypto extensions + * Uncomment to have the library check for the A64 SHA-512 crypto extensions * and use them if available. */ -//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT - -/* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. - * This name is now deprecated, but may still be used as an alternative form for - * this option. - */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY + * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 7.0, * armclang 6.9 or GCC 8.0. @@ -3444,27 +3433,16 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. - * That name is deprecated, but may still be used as an alternative form for this - * option. - * - * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. + * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library use the Armv8-A SHA-512 crypto extensions + * Uncomment to have the library use the A64 SHA-512 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY - -/* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. - * This name is now deprecated, but may still be used as an alternative form for - * this option. - */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY /** diff --git a/library/sha512.c b/library/sha512.c index ab13e841eb..e739af2546 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -57,8 +57,8 @@ #include "mbedtls/platform.h" #if defined(__aarch64__) -# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ # ifdef __ARM_NEON # include @@ -83,35 +83,35 @@ /* Test Clang first, as it defines __GNUC__ */ # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION < 6090000 -# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "A more recent armclang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # elif __ARMCOMPILER_VERSION == 6090000 -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__clang__) # if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__GNUC__) # if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8.2-a+sha3") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -122,19 +122,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY -# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY +# undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA512) static int mbedtls_a64_crypto_sha512_determine_support(void) @@ -161,9 +161,9 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) * SHA-512 support. So we fall back to the C code only. */ #if defined(_MSC_VER) -#pragma message "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#pragma message "No mechanism to detect A64_CRYPTO found, using C code only" #else -#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#warning "No mechanism to detect A64_CRYPTO found, using C code only" #endif #elif defined(__unix__) && defined(SIG_SETMASK) /* Detection with SIGILL, setjmp() and longjmp() */ @@ -173,7 +173,7 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) static jmp_buf return_from_sigill; /* - * Armv8 SHA512 support detection via SIGILL + * A64 SHA512 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -210,11 +210,11 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) return ret; } #else -#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" -#undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT +#warning "No mechanism to detect A64_CRYPTO found, using C code only" +#undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA512, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA512_ALT) @@ -352,10 +352,10 @@ static const uint64_t K[80] = }; #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) # define mbedtls_internal_sha512_process_many_a64_crypto mbedtls_internal_sha512_process_many # define mbedtls_internal_sha512_process_a64_crypto mbedtls_internal_sha512_process #endif @@ -567,9 +567,9 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and Armv8 + * This function is for internal use only if we are building both C and A64 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -582,7 +582,7 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, SHA512_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -594,17 +594,17 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #endif -#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha512_process_many_c mbedtls_internal_sha512_process_many #define mbedtls_internal_sha512_process_c mbedtls_internal_sha512_process #endif -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and Armv8 + * This function is for internal use only if we are building both C and A64 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -701,10 +701,10 @@ int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) static size_t mbedtls_internal_sha512_process_many_c( mbedtls_sha512_context *ctx, const uint8_t *data, size_t len) @@ -725,10 +725,10 @@ static size_t mbedtls_internal_sha512_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha512_has_support(void) { @@ -763,7 +763,7 @@ int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, } } -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ /* * SHA-512 process buffer diff --git a/scripts/config.py b/scripts/config.py index 6e32e3db23..eeda6e18dd 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -214,9 +214,8 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_PSA_INJECT_ENTROPY', # conflicts with platform entropy sources 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) @@ -280,10 +279,9 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_THREADING_C', # requires a threading interface 'MBEDTLS_THREADING_PTHREAD', # requires pthread 'MBEDTLS_TIMING_C', # requires a clock - 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_A64_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5be96a5868..49492651d8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2248,9 +2248,9 @@ component_build_module_alt () { # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY + # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable # MBEDTLS_XXX_YYY_ALT which are for single functions. @@ -3467,7 +3467,7 @@ config_psa_crypto_hash_use_psa () { scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA3_C fi } @@ -4332,7 +4332,7 @@ component_build_aes_aesce_armcc () { scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4936,7 +4936,7 @@ component_build_armcc () { msg "build: ARM Compiler 5" scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, From d680d4fbf909f78ff6a163a3206d8dd2ef1c83d7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 11:05:22 +0100 Subject: [PATCH 29/44] SHA256 renaming - fix some missed things Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 4 ++-- tests/scripts/depends.py | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index bff70f5000..46b2ca2a2e 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -2,6 +2,6 @@ Features * Support Armv8-A Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. New deprecations - * Rename the SHAxxx_USE_A64_CRYPTO_yyy config options to - SHAxxx_USE_ARMV8_CRYPTO_yyy. The old names may still be + * Rename the SHA256_USE_A64_CRYPTO_xxx config options to + SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still be used, but are deprecated. diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index e925641519..96529de7da 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -262,16 +262,16 @@ REVERSE_DEPENDENCIES = { 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED'], 'MBEDTLS_SHA256_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED', 'MBEDTLS_ENTROPY_FORCE_SHA256', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', 'MBEDTLS_LMS_C', 'MBEDTLS_LMS_PRIVATE'], 'MBEDTLS_SHA512_C': ['MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY'], 'MBEDTLS_SHA224_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED', 'MBEDTLS_ENTROPY_FORCE_SHA256', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY'], + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY'], 'MBEDTLS_X509_RSASSA_PSS_SUPPORT': [] } From 830dc3dc71667a85fc09ae56c3c876998eaef53f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 11:20:16 +0100 Subject: [PATCH 30/44] Improve Changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index 46b2ca2a2e..0f9754460a 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -2,6 +2,6 @@ Features * Support Armv8-A Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. New deprecations - * Rename the SHA256_USE_A64_CRYPTO_xxx config options to - SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still be - used, but are deprecated. + * Rename the MBEDTLS_SHA256_USE_A64_CRYPTO_xxx config options to + MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still + be used, but are deprecated. From 9be3cf077624e44eea551cb65866272fdbb76453 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 14:47:55 +0100 Subject: [PATCH 31/44] Fix a couple of typos related to renaming options Signed-off-by: Dave Rodgman --- scripts/config.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index eeda6e18dd..3173be483b 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -214,7 +214,7 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_PSA_INJECT_ENTROPY', # conflicts with platform entropy sources 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_A_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) @@ -279,7 +279,7 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_THREADING_C', # requires a threading interface 'MBEDTLS_THREADING_PTHREAD', # requires pthread 'MBEDTLS_TIMING_C', # requires a clock - 'MBEDTLS_SHA256_USE_A64_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) From c20d8992662d92604954bd5692efa636b8016b25 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 15:01:35 +0100 Subject: [PATCH 32/44] Adjust messages in all.sh Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 4c96f8688a..ce06c11c82 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4360,7 +4360,7 @@ component_build_sha_armce () { scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, thumb" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT @@ -4373,10 +4373,10 @@ component_build_sha_armce () { scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, arm" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, thumb" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" } From f4b415c369d1ae35655c8de36a4e6e4ff243eb0a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 16:11:42 +0100 Subject: [PATCH 33/44] Test instructions built/not built Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 67 ++++++++++++++++++++++++++++++++------------ 1 file changed, 49 insertions(+), 18 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ce06c11c82..253f6c0fa1 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4346,38 +4346,69 @@ support_build_sha_armce() { } component_build_sha_armce () { - # Test variations of SHA256 Armv8 crypto extensions scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + + + # Test variations of SHA256 Armv8 crypto extensions scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, aarch64" - make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, arm" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, aarch64" - make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + # examine the disassembly for presence of SHA instructions + for opt in MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT; do + scripts/config.py set ${opt} + msg "${opt} clang, test A32 crypto instructions built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S" + grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "${opt} clang, test T32 crypto instructions built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S" + grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "${opt} clang, test aarch64 crypto instructions built" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S" + grep -E 'sha256[a-z0-9]+\s+[qv]' library/sha256.o + scripts/config.py unset ${opt} + done + + + # examine the disassembly for absence of SHA instructions + msg "clang, test A32 crypto instructions not built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S" + not grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "clang, test T32 crypto instructions not built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S" + not grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "clang, test aarch64 crypto instructions not built" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S" + not grep -E 'sha256[a-z0-9]+\s+[qv]' library/sha256.o } # For timebeing, no VIA Padlock platform available. From 4fd868e4b1786b07af1500d5edc264353a460169 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 09:09:42 +0100 Subject: [PATCH 34/44] Refer to Armv8-A (not Armv8) in comments Co-authored-by: Jerry Yu Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 726f5fb565..a6d0a7a46d 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -180,7 +180,7 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) static jmp_buf return_from_sigill; /* - * Armv8 SHA256 support detection via SIGILL + * Armv8-A SHA256 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -432,7 +432,7 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( #if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and Armv8 + * This function is for internal use only if we are building both C and Armv8-A * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() */ static From 0d3fe733cc6835bac635ce2f2c4ed25ce526a77b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 11:00:49 +0100 Subject: [PATCH 35/44] Clarify changelog Co-authored-by: Tom Cosgrove Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index 0f9754460a..5b18eb3fc6 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,6 +1,6 @@ Features * Support Armv8-A Crypto Extension acceleration for SHA-256 - when compiling for Thumb or 32-bit Arm. + when compiling for Thumb (T32) or 32-bit Arm (A32). New deprecations * Rename the MBEDTLS_SHA256_USE_A64_CRYPTO_xxx config options to MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still From 7cb635a56340785bcf2b61caef9ac70df6e014ca Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 16:14:51 +0100 Subject: [PATCH 36/44] Adjust the full config Signed-off-by: Dave Rodgman --- scripts/config.py | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/config.py b/scripts/config.py index 3173be483b..5f49f2d8c1 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -216,6 +216,7 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_A_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # setting *_USE_ARMV8_A_CRYPTO is sufficient 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) From d85277c62e3618681f8d2d2d5921b73d143cdf8d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 09:22:54 +0100 Subject: [PATCH 37/44] Doxygen fixes Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index b5c0d58798..f2451cb4c6 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3301,7 +3301,9 @@ */ //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT -/* +/** + * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + * * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. * This name is now deprecated, but may still be used as an alternative form for * this option. @@ -3325,7 +3327,7 @@ * armclang <= 6.9 * * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. - * That name is deprecated, but may still be used as an alternative form for this + * That name is \deprecated, but may still be used as an alternative form for this * option. * * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same @@ -3340,7 +3342,9 @@ */ //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY -/* +/** + * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + * * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. * This name is now deprecated, but may still be used as an alternative form for * this option. From ab0cff5b4e3215c7c5b4541a10a6397fd59bb4ff Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 09:32:04 +0100 Subject: [PATCH 38/44] Require asm/hwcap.h for testing Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 253f6c0fa1..aec54c1668 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4341,8 +4341,13 @@ component_build_aes_aesce_armcc () { support_build_sha_armce() { # clang >= 4 is required to build with SHA extensions - ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - [ "${ver}" -ge 4 ] + clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" + + # we need asm/hwcap.h available for runtime detection + echo '#include ' | clang -E - >/dev/null 2>&1 + have_hwcap=$? + + [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 0 ]] } component_build_sha_armce () { From 7821df3e8baab741b6753223d1d971078609cfa9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 09:38:44 +0100 Subject: [PATCH 39/44] Adjust use of deprecated in Doxygen Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index f2451cb4c6..73229ea912 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3327,7 +3327,7 @@ * armclang <= 6.9 * * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. - * That name is \deprecated, but may still be used as an alternative form for this + * That name is deprecated, but may still be used as an alternative form for this * option. * * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same From 768bc143ad8aad064bdee6033bdcc69b2cb362a4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 10:15:55 +0100 Subject: [PATCH 40/44] Fix hwcap test for CI Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index aec54c1668..22289e5432 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4344,10 +4344,9 @@ support_build_sha_armce() { clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 - have_hwcap=$? + echo '#include ' | clang -E - >/dev/null 2>&1 && no_hwcap=0 || no_hwcap=1 - [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 0 ]] + [[ "${clang_ver}" -ge 4 && "${no_hwcap}" -eq 0 ]] } component_build_sha_armce () { From 37801d714b6f72b349536a9ed1b5663edbb0524c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 16:06:55 +0100 Subject: [PATCH 41/44] Invert no_hwcap variable Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 22289e5432..91ed1a566d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4344,9 +4344,9 @@ support_build_sha_armce() { clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 && no_hwcap=0 || no_hwcap=1 + echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 - [[ "${clang_ver}" -ge 4 && "${no_hwcap}" -eq 0 ]] + [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] } component_build_sha_armce () { From d35b188a5cf0e9e706129a8a04bebbfd3047d3c3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 16 Oct 2023 10:25:30 +0100 Subject: [PATCH 42/44] Make component_build_aes_aesce_armcc silent Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 91ed1a566d..8adf3f485e 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4340,13 +4340,18 @@ component_build_aes_aesce_armcc () { } support_build_sha_armce() { - # clang >= 4 is required to build with SHA extensions - clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" + if ( $(which clang > /dev/null) ); then + # clang >= 4 is required to build with SHA extensions + clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 + # we need asm/hwcap.h available for runtime detection + echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 - [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] + [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] + else + # clang not available + false + fi } component_build_sha_armce () { From f2ea08ae5039e30fba8289ea26a0d04f432852c0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 16 Oct 2023 11:37:28 +0100 Subject: [PATCH 43/44] Improve test for clang presence Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8adf3f485e..28767eb3f3 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4340,7 +4340,7 @@ component_build_aes_aesce_armcc () { } support_build_sha_armce() { - if ( $(which clang > /dev/null) ); then + if command -v clang > /dev/null ; then # clang >= 4 is required to build with SHA extensions clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" From 66d5512571305e3aed3bf5a28e0ee7a5c020bad4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 23 Oct 2023 15:12:32 +0100 Subject: [PATCH 44/44] Remove dependency on asm/hwcap.h Signed-off-by: Dave Rodgman --- library/sha256.c | 8 +++++++- tests/scripts/all.sh | 5 +---- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index a6d0a7a46d..596b2c533f 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -126,7 +126,13 @@ # if defined(__linux__) /* Our preferred method of detection is getauxval() */ # include -# include +/* These are not always defined via sys/auxv.h */ +# if !defined(HWCAP_SHA2) +# define HWCAP_SHA2 (1 << 6) +# endif +# if !defined(HWCAP2_SHA2) +# define HWCAP2_SHA2 (1 << 3) +# endif # endif /* Use SIGILL on Unix, and fall back to it on Linux */ # include diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 28767eb3f3..114f27109d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4344,10 +4344,7 @@ support_build_sha_armce() { # clang >= 4 is required to build with SHA extensions clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 - - [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] + [[ "${clang_ver}" -ge 4 ]] else # clang not available false