From patchwork Mon Jan 22 17:26:40 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 125448 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1274176ljf; Mon, 22 Jan 2018 09:28:53 -0800 (PST) X-Google-Smtp-Source: AH8x226eAid0C4QCDIJXkA/oEmikZlAYofiJ4Kc/N+vENIDtKo5OwIOrOXua5H8Aq5ng9gT0CIOl X-Received: by 10.37.161.201 with SMTP id a67mr8431713ybi.250.1516642133751; Mon, 22 Jan 2018 09:28:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516642133; cv=none; d=google.com; s=arc-20160816; b=VLxsIk6QCotQp56E8LUltbmemB4B/yxuC6VBvqttsIW1UCxyxmlwDvpj/XdK+X60pX 4qsFHLRAsUPQoFq5eVc0gBpTX4EHdJ4FKI7aGi3xJqnFfr34V7n7qkzoJ69qetBpbUx9 eJdDQ7g1nPvY0ddcYR7omazIx70jHqG990PMKFdbwaIoiZ+QhTpideml3g8JPyEyPU6v TRveHT1hfrXMP4noDd3Ir0fx8B39RI3ddTwwXT1MeC0jRF8xGUoVLJCtZ8fyHMye0gwu eHQcfnDqlWAaoyVhYkbmC09TIRxTZ/oTvHoihKcWN0Cp/hcbWQJFYCAetTnUGpp1nOLf sXLg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:dkim-signature:arc-authentication-results; bh=SFYhx30l52RVCvz3PVkKimqq9ejceq0+601tcozYPbQ=; b=wRS1xkMaD/jStUXSnAz4+mcaVdkwfHQaFvfoEeJNVbh7Vp0pxohBCI2wjHvSga1J66 FYC0uqhPnc+ZfyfNmczuaKcm6JrjAc9oDoOXVVATtlUwpdR0xl+ZTb3Q2Q+WNOE4/E0w 6D94fJDBEkBkTAn68XXx0cIJtuiw0WZyLyRYj29Fm4KOdU7Bsimm2jngA9jFuDf9+fv8 5qtzq2xRNYdvpYOLig99pzlb+UI2Y0nWSLoUpIVvqI0jcqWSyJnQqugONQU5arWBS0VL k95X8t3PUomydcqamTG7Qw0YzeTrP2iX2WfCYUmMerfEg/nk4uMKmBB2oMGC3FXmxKpJ WeHA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=ibJFDw0V; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id n136si3676391ywd.405.2018.01.22.09.28.53 for (version=TLS1 cipher=AES128-SHA bits=128/128); Mon, 22 Jan 2018 09:28:53 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=ibJFDw0V; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:54737 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1edftt-0007n9-4Q for patch@linaro.org; Mon, 22 Jan 2018 12:28:53 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44687) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1edfs0-0006yN-Ap for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:26:57 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1edfry-0004d5-TO for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:26:56 -0500 Received: from mail-wm0-x244.google.com ([2a00:1450:400c:c09::244]:40739) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1edfry-0004ce-KJ for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:26:54 -0500 Received: by mail-wm0-x244.google.com with SMTP id v123so18376370wmd.5 for ; Mon, 22 Jan 2018 09:26:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=SFYhx30l52RVCvz3PVkKimqq9ejceq0+601tcozYPbQ=; b=ibJFDw0V414d1hfUAWBiVDkXIVFoeZxStEiNfBlsAoxPUYrm+V/FsJHScXR7lmxhei EZgRA6wvsdRq1hg3QNJbybUkEPLRupbilUW/AjJAcbrffkpBYoXt+jsAQtlkDYrr031b ARId97ZrqofbN7gwvbW2x4JHsxvRp/A+JjLYo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=SFYhx30l52RVCvz3PVkKimqq9ejceq0+601tcozYPbQ=; b=kA8N6yhIix8KOgDaynyGSKxWgi2KiDhEBpNcmyr3PTvOHay/YltmPGgiTlF7kGqkUJ EuvxXfYGoJ9jz9Pl9zZU4RUqny040MI7t529RxOtQEgQkKMxMlEx9lyH62sob+jPqQ84 hNfjLo53gzhR6A81Qis/VHFhVDkddsxslE4JT57fKH8xf6PCpAoiloes6hOSVP6Ggz6V S4aqWTcF6NEOUTgf1dYotJIb0dM1Pg5+HAFmW90D2mudoZqJUEpw6tvXdosk4rFSLsJa 9q/aCMBM/LLnRCMmcD9ufoEZqanUuHkEL6WhEW9iaT+0J9A2F87TLOTSPAjLrErmWsi4 zSGA== X-Gm-Message-State: AKwxytciXqj26CRq6wpQJwG61PuEP9WlKDdtYUVh+YfWReoB98N2jzuT A82405EEj2TivTsbZ1I3CS9aHcoXnS8= X-Received: by 10.28.152.74 with SMTP id a71mr6331922wme.76.1516642013306; Mon, 22 Jan 2018 09:26:53 -0800 (PST) Received: from localhost.localdomain ([160.163.176.196]) by smtp.gmail.com with ESMTPSA id f76sm5510900wme.2.2018.01.22.09.26.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 22 Jan 2018 09:26:52 -0800 (PST) From: Ard Biesheuvel To: qemu-devel@nongnu.org Date: Mon, 22 Jan 2018 17:26:40 +0000 Message-Id: <20180122172643.29742-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180122172643.29742-1-ard.biesheuvel@linaro.org> References: <20180122172643.29742-1-ard.biesheuvel@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c09::244 Subject: [Qemu-devel] [PATCH v5 1/4] target/arm: implement SHA-512 instructions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Ard Biesheuvel Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" This implements emulation of the new SHA-512 instructions that have been added as an optional extensions to the ARMv8 Crypto Extensions in ARM v8.2. Signed-off-by: Ard Biesheuvel --- target/arm/cpu.h | 1 + target/arm/crypto_helper.c | 75 ++++++++++++- target/arm/helper.h | 5 + target/arm/translate-a64.c | 110 ++++++++++++++++++++ 4 files changed, 190 insertions(+), 1 deletion(-) -- 2.11.0 diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 0a923e42d8bf..32a18510e70b 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1372,6 +1372,7 @@ enum arm_features { ARM_FEATURE_M_SECURITY, /* M profile Security Extension */ ARM_FEATURE_JAZELLE, /* has (trivial) Jazelle implementation */ ARM_FEATURE_SVE, /* has Scalable Vector Extension */ + ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */ }; static inline int arm_feature(CPUARMState *env, int feature) diff --git a/target/arm/crypto_helper.c b/target/arm/crypto_helper.c index 9ca0bdead7bb..fb45948e9f13 100644 --- a/target/arm/crypto_helper.c +++ b/target/arm/crypto_helper.c @@ -1,7 +1,7 @@ /* * crypto_helper.c - emulate v8 Crypto Extensions instructions * - * Copyright (C) 2013 - 2014 Linaro Ltd + * Copyright (C) 2013 - 2018 Linaro Ltd * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -419,3 +419,76 @@ void HELPER(crypto_sha256su1)(void *vd, void *vn, void *vm) rd[0] = d.l[0]; rd[1] = d.l[1]; } + +/* + * The SHA-512 logical functions (same as above but using 64-bit operands) + */ + +static uint64_t cho512(uint64_t x, uint64_t y, uint64_t z) +{ + return (x & (y ^ z)) ^ z; +} + +static uint64_t maj512(uint64_t x, uint64_t y, uint64_t z) +{ + return (x & y) | ((x | y) & z); +} + +static uint64_t S0_512(uint64_t x) +{ + return ror64(x, 28) ^ ror64(x, 34) ^ ror64(x, 39); +} + +static uint64_t S1_512(uint64_t x) +{ + return ror64(x, 14) ^ ror64(x, 18) ^ ror64(x, 41); +} + +static uint64_t s0_512(uint64_t x) +{ + return ror64(x, 1) ^ ror64(x, 8) ^ (x >> 7); +} + +static uint64_t s1_512(uint64_t x) +{ + return ror64(x, 19) ^ ror64(x, 61) ^ (x >> 6); +} + +void HELPER(crypto_sha512h)(void *vd, void *vn, void *vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + + rd[1] += S1_512(rm[1]) + cho512(rm[1], rn[0], rn[1]); + rd[0] += S1_512(rd[1] + rm[0]) + cho512(rd[1] + rm[0], rm[1], rn[0]); +} + +void HELPER(crypto_sha512h2)(void *vd, void *vn, void *vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + + rd[1] += S0_512(rm[0]) + maj512(rn[0], rm[1], rm[0]); + rd[0] += S0_512(rd[1]) + maj512(rd[1], rm[0], rm[1]); +} + +void HELPER(crypto_sha512su0)(void *vd, void *vn) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + + rd[0] += s0_512(rd[1]); + rd[1] += s0_512(rn[0]); +} + +void HELPER(crypto_sha512su1)(void *vd, void *vn, void *vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + + rd[0] += s1_512(rn[0]) + rm[0]; + rd[1] += s1_512(rn[1]) + rm[1]; +} diff --git a/target/arm/helper.h b/target/arm/helper.h index 5dec2e62626b..81d460702867 100644 --- a/target/arm/helper.h +++ b/target/arm/helper.h @@ -534,6 +534,11 @@ DEF_HELPER_FLAGS_3(crypto_sha256h2, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) DEF_HELPER_FLAGS_2(crypto_sha256su0, TCG_CALL_NO_RWG, void, ptr, ptr) DEF_HELPER_FLAGS_3(crypto_sha256su1, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) +DEF_HELPER_FLAGS_3(crypto_sha512h, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) +DEF_HELPER_FLAGS_3(crypto_sha512h2, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) +DEF_HELPER_FLAGS_2(crypto_sha512su0, TCG_CALL_NO_RWG, void, ptr, ptr) +DEF_HELPER_FLAGS_3(crypto_sha512su1, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) + DEF_HELPER_FLAGS_3(crc32, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32) DEF_HELPER_FLAGS_3(crc32c, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32) DEF_HELPER_2(dc_zva, void, env, i64) diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c index 10eef870fee2..888f5a39a283 100644 --- a/target/arm/translate-a64.c +++ b/target/arm/translate-a64.c @@ -11132,6 +11132,114 @@ static void disas_crypto_two_reg_sha(DisasContext *s, uint32_t insn) tcg_temp_free_ptr(tcg_rn_ptr); } +/* Crypto three-reg SHA512 + * 31 21 20 16 15 14 13 12 11 10 9 5 4 0 + * +-----------------------+------+---+---+-----+--------+------+------+ + * | 1 1 0 0 1 1 1 0 0 1 1 | Rm | 1 | O | 0 0 | opcode | Rn | Rd | + * +-----------------------+------+---+---+-----+--------+------+------+ + */ +static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn) +{ + int opcode = extract32(insn, 10, 2); + int o = extract32(insn, 14, 1); + int rm = extract32(insn, 16, 5); + int rn = extract32(insn, 5, 5); + int rd = extract32(insn, 0, 5); + int feature; + CryptoThreeOpFn *genfn; + + if (o == 0) { + switch (opcode) { + case 0: /* SHA512H */ + feature = ARM_FEATURE_V8_SHA512; + genfn = gen_helper_crypto_sha512h; + break; + case 1: /* SHA512H2 */ + feature = ARM_FEATURE_V8_SHA512; + genfn = gen_helper_crypto_sha512h2; + break; + case 2: /* SHA512SU1 */ + feature = ARM_FEATURE_V8_SHA512; + genfn = gen_helper_crypto_sha512su1; + break; + default: + unallocated_encoding(s); + return; + } + } else { + unallocated_encoding(s); + return; + } + + if (!arm_dc_feature(s, feature)) { + unallocated_encoding(s); + return; + } + + if (!fp_access_check(s)) { + return; + } + + if (genfn) { + TCGv_ptr tcg_rd_ptr, tcg_rn_ptr, tcg_rm_ptr; + + tcg_rd_ptr = vec_full_reg_ptr(s, rd); + tcg_rn_ptr = vec_full_reg_ptr(s, rn); + tcg_rm_ptr = vec_full_reg_ptr(s, rm); + + genfn(tcg_rd_ptr, tcg_rn_ptr, tcg_rm_ptr); + + tcg_temp_free_ptr(tcg_rd_ptr); + tcg_temp_free_ptr(tcg_rn_ptr); + tcg_temp_free_ptr(tcg_rm_ptr); + } else { + g_assert_not_reached(); + } +} + +/* Crypto two-reg SHA512 + * 31 12 11 10 9 5 4 0 + * +-----------------------------------------+--------+------+------+ + * | 1 1 0 0 1 1 1 0 1 1 0 0 0 0 0 0 1 0 0 0 | opcode | Rn | Rd | + * +-----------------------------------------+--------+------+------+ + */ +static void disas_crypto_two_reg_sha512(DisasContext *s, uint32_t insn) +{ + int opcode = extract32(insn, 10, 2); + int rn = extract32(insn, 5, 5); + int rd = extract32(insn, 0, 5); + TCGv_ptr tcg_rd_ptr, tcg_rn_ptr; + int feature; + CryptoTwoOpFn *genfn; + + switch (opcode) { + case 0: /* SHA512SU0 */ + feature = ARM_FEATURE_V8_SHA512; + genfn = gen_helper_crypto_sha512su0; + break; + default: + unallocated_encoding(s); + return; + } + + if (!arm_dc_feature(s, feature)) { + unallocated_encoding(s); + return; + } + + if (!fp_access_check(s)) { + return; + } + + tcg_rd_ptr = vec_full_reg_ptr(s, rd); + tcg_rn_ptr = vec_full_reg_ptr(s, rn); + + genfn(tcg_rd_ptr, tcg_rn_ptr); + + tcg_temp_free_ptr(tcg_rd_ptr); + tcg_temp_free_ptr(tcg_rn_ptr); +} + /* C3.6 Data processing - SIMD, inc Crypto * * As the decode gets a little complex we are using a table based @@ -11161,6 +11269,8 @@ static const AArch64DecodeTable data_proc_simd[] = { { 0x4e280800, 0xff3e0c00, disas_crypto_aes }, { 0x5e000000, 0xff208c00, disas_crypto_three_reg_sha }, { 0x5e280800, 0xff3e0c00, disas_crypto_two_reg_sha }, + { 0xce608000, 0xffe0b000, disas_crypto_three_reg_sha512 }, + { 0xcec08000, 0xfffff000, disas_crypto_two_reg_sha512 }, { 0x00000000, 0x00000000, NULL } }; From patchwork Mon Jan 22 17:26:41 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 125450 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1275107ljf; Mon, 22 Jan 2018 09:30:44 -0800 (PST) X-Google-Smtp-Source: AH8x224XCPR/+YUW/8T3b1TDmP0eq1NS0iB78HpK4bDaaVWaXGfeO8HFSpfsNsEjbMnDifY2QVnk X-Received: by 10.129.174.28 with SMTP id m28mr8206397ywh.196.1516642244608; Mon, 22 Jan 2018 09:30:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516642244; cv=none; d=google.com; s=arc-20160816; b=JgkwLLvyW66WxY6NquaX23YoBphlDlrfoI/v6+7eY5x0LfFTsnTozsN4Boq2DC0bMu +UQwQOd4kZEyDDvpGbgkBkbfZfHGK4UrWTLJy5Eh6aJ33fXtA94eu1h0hscAONLA9Hf9 okBG84Ti8fNSIJH2/IKKm906VIWy/GqHzQCa69Luna5wMcnqNnAtbNpnbaS7U1otfVYP 2sp0WXF4ThfSfxFtKp0E76tzievc3h0IwKlARiL+7LlL5TpxSR703+Nlj4YUDhQUCRlT Yuc7aWppeEOuwHoFBMAHWweKbJTXazDMVKglg7EiB/K+Z9zWamTIE7klwt718UuyZgYl iESg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:dkim-signature:arc-authentication-results; bh=dWny6loFNJ3nmB3iQALFtNhMzd6TMwgV6r5m4x0oWHc=; b=EoSXe1Sg1ClgOpn6/J0O4XtP6L7ek+K++ke/Q6ff7MqhEFFCxD1rnfXmfEJnDoYk/1 d4XQW7jQfS2DvQar6kWrYKdEmxJGHt+fp4gmip9gkjJZJDD8m+lDJM0uiU0iPVJVEV7i Rzoe9nxnYES27kDcSppkWx3XizSd1Tvsi8eClz4GFAvTKjXCz5lqicJTa5d04R83eFIF N1mfT7Ql/c3cPe8jtVP+Z5EAMahak1wRSQaL+tZ15N6P4XIxis+DXKAHnNXR4jgQa4BJ mLf/xThaAHU8dHOND5YtTEeb38YmyNAagpMM/C3rSmZYep9HCyVJlU3OD61ApBY9UEba Wpmg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=jWZMLFHA; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id r6si2040621ybg.709.2018.01.22.09.30.44 for (version=TLS1 cipher=AES128-SHA bits=128/128); Mon, 22 Jan 2018 09:30:44 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=jWZMLFHA; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:54797 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1edfvg-0000g5-0E for patch@linaro.org; Mon, 22 Jan 2018 12:30:44 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44709) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1edfs2-0006zM-19 for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:26:59 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1edfs0-0004e3-Ic for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:26:58 -0500 Received: from mail-wm0-x241.google.com ([2a00:1450:400c:c09::241]:46099) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1edfs0-0004dS-AE for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:26:56 -0500 Received: by mail-wm0-x241.google.com with SMTP id 143so17768827wma.5 for ; Mon, 22 Jan 2018 09:26:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=dWny6loFNJ3nmB3iQALFtNhMzd6TMwgV6r5m4x0oWHc=; b=jWZMLFHAD3l3xR8D1oGqujBD16Z6JAMklrNO8WL04CCXUyN9WSgUzmJBmPJn62EXLL ps9nmzAoBXyAfZf/d88bJ0A1Ja8OafURGH0X3qxVcn1fJTDjOnokq418sEM0KlzE47+1 cvrETkyEXM/pN544suqjQ1BFhA81aI+lmzZ6c= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=dWny6loFNJ3nmB3iQALFtNhMzd6TMwgV6r5m4x0oWHc=; b=SordhFZLc4PulHTziwrhgzuh5OWCo5PSsSjQ/Xf1pwlnM/O4sSd+HC1bOOytRFksyU biy4/i9g6fvKmXq+3rlmDqMmVaV81yXHLa+P2mzLtCL8CQSd80pl2mKvoLtDX/1DX3vz k+Drf8hwq31OOPQ5CqsSlBJtPC5VCvUwyG/3NnWgtflCYvv3GZP7SS+ip24WMFGLnNo0 hs1s+QS6B7Ak3gizY/soJ7VtpjCPa+3Uj2hc+8JmnqIhBJX4oh+QRyDvYu14i3LjWScS xMdOYK0YSfLpqzw6suVy7qTCiuT9Ur9ibvZMuq+cyqZtJCaOqiKVPyr/fSnwwYfPze7Z MDNA== X-Gm-Message-State: AKwxytdNcEg9Z62eWN7hGdc9O60samT+KnBpppEz+774OEouXSi4h0yu yvbifslVDXlHp0W+PHAWQfEG+Enohe4= X-Received: by 10.28.136.144 with SMTP id k138mr6116974wmd.131.1516642015002; Mon, 22 Jan 2018 09:26:55 -0800 (PST) Received: from localhost.localdomain ([160.163.176.196]) by smtp.gmail.com with ESMTPSA id f76sm5510900wme.2.2018.01.22.09.26.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 22 Jan 2018 09:26:54 -0800 (PST) From: Ard Biesheuvel To: qemu-devel@nongnu.org Date: Mon, 22 Jan 2018 17:26:41 +0000 Message-Id: <20180122172643.29742-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180122172643.29742-1-ard.biesheuvel@linaro.org> References: <20180122172643.29742-1-ard.biesheuvel@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c09::241 Subject: [Qemu-devel] [PATCH v5 2/4] target/arm: implement SHA-3 instructions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Ard Biesheuvel Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" This implements emulation of the new SHA-3 instructions that have been added as an optional extensions to the ARMv8 Crypto Extensions in ARM v8.2. Signed-off-by: Ard Biesheuvel --- target/arm/cpu.h | 1 + target/arm/translate-a64.c | 148 +++++++++++++++++++- 2 files changed, 145 insertions(+), 4 deletions(-) -- 2.11.0 diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 32a18510e70b..d0b19e0cbc88 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1373,6 +1373,7 @@ enum arm_features { ARM_FEATURE_JAZELLE, /* has (trivial) Jazelle implementation */ ARM_FEATURE_SVE, /* has Scalable Vector Extension */ ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */ + ARM_FEATURE_V8_SHA3, /* implements SHA3 part of v8 Crypto Extensions */ }; static inline int arm_feature(CPUARMState *env, int feature) diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c index 888f5a39a283..10f2e518f303 100644 --- a/target/arm/translate-a64.c +++ b/target/arm/translate-a64.c @@ -11162,9 +11162,10 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn) feature = ARM_FEATURE_V8_SHA512; genfn = gen_helper_crypto_sha512su1; break; - default: - unallocated_encoding(s); - return; + case 3: /* RAX1 */ + feature = ARM_FEATURE_V8_SHA3; + genfn = NULL; + break; } } else { unallocated_encoding(s); @@ -11193,7 +11194,28 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn) tcg_temp_free_ptr(tcg_rn_ptr); tcg_temp_free_ptr(tcg_rm_ptr); } else { - g_assert_not_reached(); + TCGv_i64 tcg_op1, tcg_op2, tcg_res[2]; + int pass; + + tcg_op1 = tcg_temp_new_i64(); + tcg_op2 = tcg_temp_new_i64(); + tcg_res[0] = tcg_temp_new_i64(); + tcg_res[1] = tcg_temp_new_i64(); + + for (pass = 0; pass < 2; pass++) { + read_vec_element(s, tcg_op1, rn, pass, MO_64); + read_vec_element(s, tcg_op2, rm, pass, MO_64); + + tcg_gen_rotli_i64(tcg_res[pass], tcg_op2, 1); + tcg_gen_xor_i64(tcg_res[pass], tcg_res[pass], tcg_op1); + } + write_vec_element(s, tcg_res[0], rd, 0, MO_64); + write_vec_element(s, tcg_res[1], rd, 1, MO_64); + + tcg_temp_free(tcg_op1); + tcg_temp_free(tcg_op2); + tcg_temp_free(tcg_res[0]); + tcg_temp_free(tcg_res[1]); } } @@ -11240,6 +11262,122 @@ static void disas_crypto_two_reg_sha512(DisasContext *s, uint32_t insn) tcg_temp_free_ptr(tcg_rn_ptr); } +/* Crypto four-register + * 31 23 22 21 20 16 15 14 10 9 5 4 0 + * +-------------------+-----+------+---+------+------+------+ + * | 1 1 0 0 1 1 1 0 0 | Op0 | Rm | 0 | Ra | Rn | Rd | + * +-------------------+-----+------+---+------+------+------+ + */ +static void disas_crypto_four_reg(DisasContext *s, uint32_t insn) +{ + int op0 = extract32(insn, 21, 2); + int rm = extract32(insn, 16, 5); + int ra = extract32(insn, 10, 5); + int rn = extract32(insn, 5, 5); + int rd = extract32(insn, 0, 5); + int feature; + + switch (op0) { + case 0: /* EOR3 */ + case 1: /* BCAX */ + feature = ARM_FEATURE_V8_SHA3; + break; + default: + unallocated_encoding(s); + return; + } + + if (!arm_dc_feature(s, feature)) { + unallocated_encoding(s); + return; + } + + if (!fp_access_check(s)) { + return; + } + + if (op0 < 2) { + TCG_i64 tcg_op1, tcg_op2, tcg_op3, tcg_res[2]; + int pass; + + tcg_op1 = tcg_temp_new_i64(); + tcg_op2 = tcg_temp_new_i64(); + tcg_op3 = tcg_temp_new_i64(); + tcg_res[0] = tcg_temp_new_i64(); + tcg_res[1] = tcg_temp_new_i64(); + + for (pass = 0; pass < 2; pass++) { + read_vec_element(s, tcg_op1, rn, pass, MO_64); + read_vec_element(s, tcg_op2, rm, pass, MO_64); + read_vec_element(s, tcg_op3, ra, pass, MO_64); + + if (op0 == 0) { + /* EOR3 */ + tcg_gen_xor_i64(tcg_res[pass], tcg_op2, tcg_op3); + } else { + /* BCAX */ + tcg_gen_andc_i64(tcg_res[pass], tcg_op2, tcg_op3); + } + tcg_gen_xor_i64(tcg_res[pass], tcg_res[pass], tcg_op1); + } + write_vec_element(s, tcg_res[0], rd, 0, MO_64); + write_vec_element(s, tcg_res[1], rd, 1, MO_64); + + tcg_temp_free(tcg_op1); + tcg_temp_free(tcg_op2); + tcg_temp_free(tcg_op3); + tcg_temp_free(tcg_res[0]); + tcg_temp_free(tcg_res[1]); + } else { + g_assert_not_reached(); + } +} + +/* Crypto XAR + * 31 21 20 16 15 10 9 5 4 0 + * +-----------------------+------+--------+------+------+ + * | 1 1 0 0 1 1 1 0 1 0 0 | Rm | imm6 | Rn | Rd | + * +-----------------------+------+--------+------+------+ + */ +static void disas_crypto_xar(DisasContext *s, uint32_t insn) +{ + int rm = extract32(insn, 16, 5); + int imm6 = extract32(insn, 10, 6); + int rn = extract32(insn, 5, 5); + int rd = extract32(insn, 0, 5); + TCGv_i64 tcg_op1, tcg_op2, tcg_res[2]; + int pass; + + if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA3)) { + unallocated_encoding(s); + return; + } + + if (!fp_access_check(s)) { + return; + } + + tcg_op1 = tcg_temp_new_i64(); + tcg_op2 = tcg_temp_new_i64(); + tcg_res[0] = tcg_temp_new_i64(); + tcg_res[1] = tcg_temp_new_i64(); + + for (pass = 0; pass < 2; pass++) { + read_vec_element(s, tcg_op1, rn, pass, MO_64); + read_vec_element(s, tcg_op2, rm, pass, MO_64); + + tcg_gen_xor_i64(tcg_res[pass], tcg_op1, tcg_op2); + tcg_gen_rotri_i64(tcg_res[pass], tcg_res[pass], imm6); + } + write_vec_element(s, tcg_res[0], rd, 0, MO_64); + write_vec_element(s, tcg_res[1], rd, 1, MO_64); + + tcg_temp_free(tcg_op1); + tcg_temp_free(tcg_op2); + tcg_temp_free(tcg_res[0]); + tcg_temp_free(tcg_res[1]); +} + /* C3.6 Data processing - SIMD, inc Crypto * * As the decode gets a little complex we are using a table based @@ -11271,6 +11409,8 @@ static const AArch64DecodeTable data_proc_simd[] = { { 0x5e280800, 0xff3e0c00, disas_crypto_two_reg_sha }, { 0xce608000, 0xffe0b000, disas_crypto_three_reg_sha512 }, { 0xcec08000, 0xfffff000, disas_crypto_two_reg_sha512 }, + { 0xce000000, 0xff808000, disas_crypto_four_reg }, + { 0xce800000, 0xffe00000, disas_crypto_xar }, { 0x00000000, 0x00000000, NULL } }; From patchwork Mon Jan 22 17:26:42 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 125449 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1274216ljf; Mon, 22 Jan 2018 09:28:57 -0800 (PST) X-Google-Smtp-Source: AH8x224BHfi50lJB7PeigGdaCV89NoeNLXpF1n0qTqFo5xRg1xxbL7s8wX5wKuU27mjoVst8rPdk X-Received: by 10.13.226.194 with SMTP id l185mr8393924ywe.47.1516642137886; Mon, 22 Jan 2018 09:28:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516642137; cv=none; d=google.com; s=arc-20160816; b=VtsLv5/ATPOj+ImQBwrCOw6b5xFrCDcfjrnYzr0w0f51riBjPvU2V0ph27mKDYGonU E0FXpHInYm7xtYNUhO0+mV1QoRwz3Dl+LWdyXjPFiTKAkUqiF42UWSXpflTYIoRNSLAJ CFVsor8gg2OAHJUwaF9q3RnQ5U2VZ35Mbys85ul9B2GNwCIVkJv1VC0QLUqzLQsAIexa OhnjXcX5XOXLGJDklxzNt2H76GocrH6/vM7JGsCChARcV2m3ARWRJhj9GK4CvDCMSdBF C2v8rbNMTQSpjDJhRatlRPyw2gt42SvmXCJvax3HvcNfv3GaStnqLtkqmkmNO6wAoWdc rzjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:dkim-signature:arc-authentication-results; bh=z85yE60DelRv9s/vBIYgHXpD/c+5O5wDERsZGson3Qc=; b=DYAM4qXFNf654N9b7IlNEybx+kYFS69TVoaD3KgvFsCwdGrnfkO6JnvmoGEgyPN9Le 8spdmPM8H8lYueY7J5aQkLfVIh1v4LPSEL/snvJHeJZqibOZltH/YM+bQTnwZ16rSifD wqOE2dXe9kAKr1xub76tjvOjCyLDXElGpv+jtzPWfH0zMdajPNAmJN9SuYE2mz65ksQK XNNyi+cCxMU9SmOr+AuIWdy6B6Y5MLYjwJST+gUlMHogejqp/OE/cv0u2DmbFs+Q94Bw 4+BAIyXsay/D1AP7Vv2YDTWcUW2ReiT4NH9ZRTWa37BCdnl+hAfneFpF2a9T81NauPSz lZUA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=LeMbwY0g; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id p202si559013ybc.710.2018.01.22.09.28.57 for (version=TLS1 cipher=AES128-SHA bits=128/128); Mon, 22 Jan 2018 09:28:57 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=LeMbwY0g; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:54741 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1edftx-0007qW-75 for patch@linaro.org; Mon, 22 Jan 2018 12:28:57 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44729) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1edfs3-00070t-V0 for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:27:01 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1edfs2-0004f0-7g for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:26:59 -0500 Received: from mail-wm0-x244.google.com ([2a00:1450:400c:c09::244]:43983) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1edfs1-0004eO-Ts for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:26:58 -0500 Received: by mail-wm0-x244.google.com with SMTP id g1so17768492wmg.2 for ; Mon, 22 Jan 2018 09:26:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=z85yE60DelRv9s/vBIYgHXpD/c+5O5wDERsZGson3Qc=; b=LeMbwY0gwazLDQyCIr7qES/OMG5+zBB5FOdDFt2FXQstkVPKUraYa3mXZ9HusS+sNr wlk5u7EYgxkuongxDeJA0R5NRYOq9/++Lit2XcH3gQvZ1vPZUov2xTToh9rviWZONoB+ 7wTtqCI+peI4oZnM9PFv253yzB89ZiEZdzv9I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=z85yE60DelRv9s/vBIYgHXpD/c+5O5wDERsZGson3Qc=; b=XP2259Hoc2PGp+wa2iIQIJ8+3jbMzs9UGLd6PLZtJAsYmLG1k/6FH/RyJwKErvCpAW c2SIzXLgrQsIspzk2udxuiWcbtaw9ynF3UYzOHTKKvQZFTfPFIVSnkJNFVXZB8nwK2m0 1jPEIGHng4AcGKSmREVijO23ksENJ+Ua40wvq/OlTj4Q8NhNwl5BSq4DC0NsjMP3hkpH A2SITyr55To3TRSTOZPn2je32iaYp1vWo2dYpUuQX1EUsuRxIHRNsIGSQ9oJhoCrhy+k KN2Vreqb5LsTDu4FGGM1mzrAAP4ABwBL6GughTNpQtLA5+cnj3g0IbH9Ue45NGEjWkgQ WzJA== X-Gm-Message-State: AKwxyteRGkpj4owWm47+x1eGMmJ06AZqojXCm/MHPce1yVvR6oAmdW7l C9alwX0Ax2OYD0UYiWyBRT/ftTe7mYM= X-Received: by 10.28.63.16 with SMTP id m16mr6177363wma.102.1516642016628; Mon, 22 Jan 2018 09:26:56 -0800 (PST) Received: from localhost.localdomain ([160.163.176.196]) by smtp.gmail.com with ESMTPSA id f76sm5510900wme.2.2018.01.22.09.26.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 22 Jan 2018 09:26:56 -0800 (PST) From: Ard Biesheuvel To: qemu-devel@nongnu.org Date: Mon, 22 Jan 2018 17:26:42 +0000 Message-Id: <20180122172643.29742-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180122172643.29742-1-ard.biesheuvel@linaro.org> References: <20180122172643.29742-1-ard.biesheuvel@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c09::244 Subject: [Qemu-devel] [PATCH v5 3/4] target/arm: implement SM3 instructions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Ard Biesheuvel Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" This implements emulation of the new SM3 instructions that have been added as an optional extension to the ARMv8 Crypto Extensions in ARM v8.2. Signed-off-by: Ard Biesheuvel --- target/arm/cpu.h | 1 + target/arm/crypto_helper.c | 117 ++++++++++++++++++++ target/arm/helper.h | 5 + target/arm/translate-a64.c | 75 ++++++++++++- 4 files changed, 195 insertions(+), 3 deletions(-) -- 2.11.0 diff --git a/target/arm/cpu.h b/target/arm/cpu.h index d0b19e0cbc88..18383666e02d 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1374,6 +1374,7 @@ enum arm_features { ARM_FEATURE_SVE, /* has Scalable Vector Extension */ ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */ ARM_FEATURE_V8_SHA3, /* implements SHA3 part of v8 Crypto Extensions */ + ARM_FEATURE_V8_SM3, /* implements SM3 part of v8 Crypto Extensions */ }; static inline int arm_feature(CPUARMState *env, int feature) diff --git a/target/arm/crypto_helper.c b/target/arm/crypto_helper.c index fb45948e9f13..c1d9f765cd40 100644 --- a/target/arm/crypto_helper.c +++ b/target/arm/crypto_helper.c @@ -492,3 +492,120 @@ void HELPER(crypto_sha512su1)(void *vd, void *vn, void *vm) rd[0] += s1_512(rn[0]) + rm[0]; rd[1] += s1_512(rn[1]) + rm[1]; } + +void HELPER(crypto_sm3partw1)(void *vd, void *vn, void *vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + union CRYPTO_STATE d = { .l = { rd[0], rd[1] } }; + union CRYPTO_STATE n = { .l = { rn[0], rn[1] } }; + union CRYPTO_STATE m = { .l = { rm[0], rm[1] } }; + uint32_t t; + + t = CR_ST_WORD(d, 0) ^ CR_ST_WORD(n, 0) ^ ror32(CR_ST_WORD(m, 1), 17); + CR_ST_WORD(d, 0) = t ^ ror32(t, 17) ^ ror32(t, 9); + + t = CR_ST_WORD(d, 1) ^ CR_ST_WORD(n, 1) ^ ror32(CR_ST_WORD(m, 2), 17); + CR_ST_WORD(d, 1) = t ^ ror32(t, 17) ^ ror32(t, 9); + + t = CR_ST_WORD(d, 2) ^ CR_ST_WORD(n, 2) ^ ror32(CR_ST_WORD(m, 3), 17); + CR_ST_WORD(d, 2) = t ^ ror32(t, 17) ^ ror32(t, 9); + + t = CR_ST_WORD(d, 3) ^ CR_ST_WORD(n, 3) ^ ror32(CR_ST_WORD(d, 0), 17); + CR_ST_WORD(d, 3) = t ^ ror32(t, 17) ^ ror32(t, 9); + + rd[0] = d.l[0]; + rd[1] = d.l[1]; +} + +void HELPER(crypto_sm3partw2)(void *vd, void *vn, void *vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + union CRYPTO_STATE d = { .l = { rd[0], rd[1] } }; + union CRYPTO_STATE n = { .l = { rn[0], rn[1] } }; + union CRYPTO_STATE m = { .l = { rm[0], rm[1] } }; + uint32_t t = CR_ST_WORD(n, 0) ^ ror32(CR_ST_WORD(m, 0), 25); + + CR_ST_WORD(d, 0) ^= t; + CR_ST_WORD(d, 1) ^= CR_ST_WORD(n, 1) ^ ror32(CR_ST_WORD(m, 1), 25); + CR_ST_WORD(d, 2) ^= CR_ST_WORD(n, 2) ^ ror32(CR_ST_WORD(m, 2), 25); + CR_ST_WORD(d, 3) ^= CR_ST_WORD(n, 3) ^ ror32(CR_ST_WORD(m, 3), 25) ^ + ror32(t, 17) ^ ror32(t, 2) ^ ror32(t, 26); + + rd[0] = d.l[0]; + rd[1] = d.l[1]; +} + +void HELPER(crypto_sm3ss1)(void *vd, void *vn, void *va, void *vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *ra = va; + uint64_t *rm = vm; + union CRYPTO_STATE d; + union CRYPTO_STATE n = { .l = { rn[0], rn[1] } }; + union CRYPTO_STATE a = { .l = { ra[0], ra[1] } }; + union CRYPTO_STATE m = { .l = { rm[0], rm[1] } }; + + CR_ST_WORD(d, 0) = 0; + CR_ST_WORD(d, 1) = 0; + CR_ST_WORD(d, 2) = 0; + CR_ST_WORD(d, 3) = ror32(ror32(CR_ST_WORD(n, 3), 20) + CR_ST_WORD(m, 3) + + CR_ST_WORD(a, 3), 25); + + rd[0] = d.l[0]; + rd[1] = d.l[1]; +} + +void HELPER(crypto_sm3tt)(void *vd, void *vn, void *vm, uint32_t imm2, + uint32_t opcode) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + union CRYPTO_STATE d = { .l = { rd[0], rd[1] } }; + union CRYPTO_STATE n = { .l = { rn[0], rn[1] } }; + union CRYPTO_STATE m = { .l = { rm[0], rm[1] } }; + uint32_t t; + + assert(imm2 < 4); + + if (opcode == 0 || opcode == 2) { + /* SM3TT1A, SM3TT2A */ + t = par(CR_ST_WORD(d, 3), CR_ST_WORD(d, 2), CR_ST_WORD(d, 1)); + } else if (opcode == 1) { + /* SM3TT1B */ + t = maj(CR_ST_WORD(d, 3), CR_ST_WORD(d, 2), CR_ST_WORD(d, 1)); + } else if (opcode == 3) { + /* SM3TT2B */ + t = cho(CR_ST_WORD(d, 3), CR_ST_WORD(d, 2), CR_ST_WORD(d, 1)); + } else { + g_assert_not_reached(); + } + + t += CR_ST_WORD(d, 0) + CR_ST_WORD(m, imm2); + + CR_ST_WORD(d, 0) = CR_ST_WORD(d, 1); + + if (opcode < 2) { + /* SM3TT1A, SM3TT1B */ + t += CR_ST_WORD(n, 3) ^ ror32(CR_ST_WORD(d, 3), 20); + + CR_ST_WORD(d, 1) = ror32(CR_ST_WORD(d, 2), 23); + } else { + /* SM3TT2A, SM3TT2B */ + t += CR_ST_WORD(n, 3); + t ^= rol32(t, 9) ^ rol32(t, 17); + + CR_ST_WORD(d, 1) = ror32(CR_ST_WORD(d, 2), 13); + } + + CR_ST_WORD(d, 2) = CR_ST_WORD(d, 3); + CR_ST_WORD(d, 3) = t; + + rd[0] = d.l[0]; + rd[1] = d.l[1]; +} diff --git a/target/arm/helper.h b/target/arm/helper.h index 81d460702867..2d0bba10c006 100644 --- a/target/arm/helper.h +++ b/target/arm/helper.h @@ -539,6 +539,11 @@ DEF_HELPER_FLAGS_3(crypto_sha512h2, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) DEF_HELPER_FLAGS_2(crypto_sha512su0, TCG_CALL_NO_RWG, void, ptr, ptr) DEF_HELPER_FLAGS_3(crypto_sha512su1, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) +DEF_HELPER_FLAGS_4(crypto_sm3ss1, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, ptr) +DEF_HELPER_FLAGS_5(crypto_sm3tt, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, i32, i32) +DEF_HELPER_FLAGS_3(crypto_sm3partw1, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) +DEF_HELPER_FLAGS_3(crypto_sm3partw2, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) + DEF_HELPER_FLAGS_3(crc32, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32) DEF_HELPER_FLAGS_3(crc32c, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32) DEF_HELPER_2(dc_zva, void, env, i64) diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c index 10f2e518f303..57cf1ded4db7 100644 --- a/target/arm/translate-a64.c +++ b/target/arm/translate-a64.c @@ -11168,8 +11168,19 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn) break; } } else { - unallocated_encoding(s); - return; + switch (opcode) { + case 0: /* SM3PARTW1 */ + feature = ARM_FEATURE_V8_SM3; + genfn = gen_helper_crypto_sm3partw1; + break; + case 1: /* SM3PARTW2 */ + feature = ARM_FEATURE_V8_SM3; + genfn = gen_helper_crypto_sm3partw2; + break; + default: + unallocated_encoding(s); + return; + } } if (!arm_dc_feature(s, feature)) { @@ -11282,6 +11293,9 @@ static void disas_crypto_four_reg(DisasContext *s, uint32_t insn) case 1: /* BCAX */ feature = ARM_FEATURE_V8_SHA3; break; + case 2: /* SM3SS1 */ + feature = ARM_FEATURE_V8_SM3; + break; default: unallocated_encoding(s); return; @@ -11329,7 +11343,20 @@ static void disas_crypto_four_reg(DisasContext *s, uint32_t insn) tcg_temp_free(tcg_res[0]); tcg_temp_free(tcg_res[1]); } else { - g_assert_not_reached(); + TCGv_ptr tcg_rd_ptr, tcg_rn_ptr, tcg_ra_ptr, tcg_rm_ptr; + + tcg_rd_ptr = vec_full_reg_ptr(s, rd); + tcg_rn_ptr = vec_full_reg_ptr(s, rn); + tcg_ra_ptr = vec_full_reg_ptr(s, ra); + tcg_rm_ptr = vec_full_reg_ptr(s, rm); + + gen_helper_crypto_sm3ss1(tcg_rd_ptr, tcg_rn_ptr, tcg_ra_ptr, + tcg_rm_ptr); + + tcg_temp_free_ptr(tcg_rd_ptr); + tcg_temp_free_ptr(tcg_rn_ptr); + tcg_temp_free_ptr(tcg_ra_ptr); + tcg_temp_free_ptr(tcg_rm_ptr); } } @@ -11378,6 +11405,47 @@ static void disas_crypto_xar(DisasContext *s, uint32_t insn) tcg_temp_free(tcg_res[1]); } +/* Crypto three-reg imm2 + * 31 21 20 16 15 14 13 12 11 10 9 5 4 0 + * +-----------------------+------+-----+------+--------+------+------+ + * | 1 1 0 0 1 1 1 0 0 1 0 | Rm | 1 0 | imm2 | opcode | Rn | Rd | + * +-----------------------+------+-----+------+--------+------+------+ + */ +static void disas_crypto_three_reg_imm2(DisasContext *s, uint32_t insn) +{ + int opcode = extract32(insn, 10, 2); + int imm2 = extract32(insn, 12, 2); + int rm = extract32(insn, 16, 5); + int rn = extract32(insn, 5, 5); + int rd = extract32(insn, 0, 5); + TCGv_ptr tcg_rd_ptr, tcg_rn_ptr, tcg_rm_ptr; + TCGv_i32 tcg_imm2, tcg_opcode; + + if (!arm_dc_feature(s, ARM_FEATURE_V8_SM3)) { + unallocated_encoding(s); + return; + } + + if (!fp_access_check(s)) { + return; + } + + tcg_rd_ptr = vec_full_reg_ptr(s, rd); + tcg_rn_ptr = vec_full_reg_ptr(s, rn); + tcg_rm_ptr = vec_full_reg_ptr(s, rm); + tcg_imm2 = tcg_const_i32(imm2); + tcg_opcode = tcg_const_i32(opcode); + + gen_helper_crypto_sm3tt(tcg_rd_ptr, tcg_rn_ptr, tcg_rm_ptr, tcg_imm2, + tcg_opcode); + + tcg_temp_free_ptr(tcg_rd_ptr); + tcg_temp_free_ptr(tcg_rn_ptr); + tcg_temp_free_ptr(tcg_rm_ptr); + tcg_temp_free_i32(tcg_imm2); + tcg_temp_free_i32(tcg_opcode); +} + /* C3.6 Data processing - SIMD, inc Crypto * * As the decode gets a little complex we are using a table based @@ -11411,6 +11479,7 @@ static const AArch64DecodeTable data_proc_simd[] = { { 0xcec08000, 0xfffff000, disas_crypto_two_reg_sha512 }, { 0xce000000, 0xff808000, disas_crypto_four_reg }, { 0xce800000, 0xffe00000, disas_crypto_xar }, + { 0xce408000, 0xffe0c000, disas_crypto_three_reg_imm2 }, { 0x00000000, 0x00000000, NULL } }; From patchwork Mon Jan 22 17:26:43 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 125452 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1275977ljf; Mon, 22 Jan 2018 09:32:35 -0800 (PST) X-Google-Smtp-Source: AH8x225HnfhDhdPehugCLVHAYSaSQ7NxXDF/Wfo1uIoOo0ITDLKqM87Dvk8lQIAU8oyAg+O6V4qV X-Received: by 10.129.237.16 with SMTP id k16mr8053093ywm.430.1516642355199; Mon, 22 Jan 2018 09:32:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516642355; cv=none; d=google.com; s=arc-20160816; b=xa/6SZmvUGrUXT4/GHG08ndtTHZ++f0Aq3xbcyi3yKKFazLB2xeZQU8yRo96W2fCUY boSfO8Oi3aXGfukWgB+2A4KurNwnSaaiVHOy9Ec13WCwXqQ0fJTNBxQrGSHDkAdIgvLc 5j+i/eqe6r9fFgwNlzthynt1Q11WvHeRky7hIGOH39BnV5CNFUBtmj25q/6Fnqmmmj7j t5M9vsMa2nXtg5p6oYgHBYWZDZcw180h5nzkCZ7BhjEJUq0OH6Ovkd0iuu7Pgh5bNYx4 s3kXCeBkJ+vSo9pps+XB0Uv6dQOuP0r28LjJSyOOTxoPsOkVX0KOzEW2iYdf4IJ26z2a L93w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:dkim-signature:arc-authentication-results; bh=fZ5Abu6TieKa9hgICh5l49k34NALWk1BHtQikbbo1TY=; b=MW4w5q4Qo+pGJZcro9t1lucxPqZ5ZqkagDYkLAXGsIhby3zYrdNOwnHwAIlfpMpKMj 1euyoyGIjUkCNldpBRM/cTMdDcq4BN/rwnuRr+wL/mMPHQp9NTBmGad8w5Fp9qrrmHd7 mr6iVKWGA1EaAE+SXD/JlBU7zGWxq7LIzqgvr1MpiAr7u/3demfOuedfTF5oXpAYbMOA q7FubmnFFupqvU5SYOOQEvgL4iua/oD3pozrPMqvUparQv14JGSlQ3AHwgTedZlBVk9Q 6TvQaQyobLVDZRXGQ/Y6OhweUAQRuT5+k96MEDw1OuDWPv0ERicoP2wy98rx21G48nmC mh2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=AvhXhs/T; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id f9si22394ywh.587.2018.01.22.09.32.35 for (version=TLS1 cipher=AES128-SHA bits=128/128); Mon, 22 Jan 2018 09:32:35 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=AvhXhs/T; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:54942 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1edfxS-0002Kx-K8 for patch@linaro.org; Mon, 22 Jan 2018 12:32:34 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44738) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1edfs4-00071R-NQ for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:27:01 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1edfs3-0004g2-Vz for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:27:00 -0500 Received: from mail-wm0-x242.google.com ([2a00:1450:400c:c09::242]:33003) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1edfs3-0004fX-Py for qemu-devel@nongnu.org; Mon, 22 Jan 2018 12:26:59 -0500 Received: by mail-wm0-x242.google.com with SMTP id x4so18473610wmc.0 for ; Mon, 22 Jan 2018 09:26:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=fZ5Abu6TieKa9hgICh5l49k34NALWk1BHtQikbbo1TY=; b=AvhXhs/To7LnS5kg+6S80mVSnxF+oxbEE6nrfL+NpSl5+QDGhWqQicq8g9V3qyPur0 24Dtmav4CXebz8pV2MfOYCHbR2VNxPsUkEmosVyybVU4niKbG/I1F8ix2Ax+uH2g3I7t /YJTIJdqk9gmHXO39OVYvC3gCBFOZ3+daCsWQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=fZ5Abu6TieKa9hgICh5l49k34NALWk1BHtQikbbo1TY=; b=txg/6EGUiL4cNu98bCmHqFdUcZKzcvsrI1PYp+3xnyt407KBk9TFSwQDTfgk6cjvae us9hElud+CUe4auLSA9yK+7LS3hJo7C6lJcz4a4htrsY6r/ycp1Ps9AFLg2jxpiHXTmi gGUtbjj93bPRhUZP+8WCdu2zPjKtFMEAyUTQKy5/a218mHB93tjRevbreR5Seb7ZTFl/ 3t5btr5kF45ViKNiWbckAQPCbVoCo5DyCUugBO5ERGie1jFTaI+lgve/wLRunqRxnm6n HJP4s9ZKvkYZgx3PDgVBXwcweIbP1xJwUcsEykPEz7NqJHYJLS1sdvjCeg+TY9oqXREO qflw== X-Gm-Message-State: AKwxyteGZIcqOZfxd9IYfuQWlONU5hlBwrUhVc3N21gqWco5/ndP/L/X ubJlUQ8yTzkMPCqtEIl+SEJmnmhvJkg= X-Received: by 10.28.15.131 with SMTP id 125mr6134461wmp.24.1516642018523; Mon, 22 Jan 2018 09:26:58 -0800 (PST) Received: from localhost.localdomain ([160.163.176.196]) by smtp.gmail.com with ESMTPSA id f76sm5510900wme.2.2018.01.22.09.26.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 22 Jan 2018 09:26:57 -0800 (PST) From: Ard Biesheuvel To: qemu-devel@nongnu.org Date: Mon, 22 Jan 2018 17:26:43 +0000 Message-Id: <20180122172643.29742-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180122172643.29742-1-ard.biesheuvel@linaro.org> References: <20180122172643.29742-1-ard.biesheuvel@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c09::242 Subject: [Qemu-devel] [PATCH v5 4/4] target/arm: enable user-mode SHA-3, SM3 and SHA-512 instruction support X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Ard Biesheuvel Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Add support for the new ARMv8.2 SHA-3, SM3 and SHA-512 instructions to AArch64 user mode emulation. Reviewed-by: Peter Maydell Signed-off-by: Ard Biesheuvel --- linux-user/elfload.c | 18 ++++++++++++++++++ target/arm/cpu64.c | 3 +++ 2 files changed, 21 insertions(+) -- 2.11.0 diff --git a/linux-user/elfload.c b/linux-user/elfload.c index 20f3d8c2c373..5d5aa26d2710 100644 --- a/linux-user/elfload.c +++ b/linux-user/elfload.c @@ -512,6 +512,21 @@ enum { ARM_HWCAP_A64_SHA1 = 1 << 5, ARM_HWCAP_A64_SHA2 = 1 << 6, ARM_HWCAP_A64_CRC32 = 1 << 7, + ARM_HWCAP_A64_ATOMICS = 1 << 8, + ARM_HWCAP_A64_FPHP = 1 << 9, + ARM_HWCAP_A64_ASIMDHP = 1 << 10, + ARM_HWCAP_A64_CPUID = 1 << 11, + ARM_HWCAP_A64_ASIMDRDM = 1 << 12, + ARM_HWCAP_A64_JSCVT = 1 << 13, + ARM_HWCAP_A64_FCMA = 1 << 14, + ARM_HWCAP_A64_LRCPC = 1 << 15, + ARM_HWCAP_A64_DCPOP = 1 << 16, + ARM_HWCAP_A64_SHA3 = 1 << 17, + ARM_HWCAP_A64_SM3 = 1 << 18, + ARM_HWCAP_A64_SM4 = 1 << 19, + ARM_HWCAP_A64_ASIMDDP = 1 << 20, + ARM_HWCAP_A64_SHA512 = 1 << 21, + ARM_HWCAP_A64_SVE = 1 << 22, }; #define ELF_HWCAP get_elf_hwcap() @@ -532,6 +547,9 @@ static uint32_t get_elf_hwcap(void) GET_FEATURE(ARM_FEATURE_V8_SHA1, ARM_HWCAP_A64_SHA1); GET_FEATURE(ARM_FEATURE_V8_SHA256, ARM_HWCAP_A64_SHA2); GET_FEATURE(ARM_FEATURE_CRC, ARM_HWCAP_A64_CRC32); + GET_FEATURE(ARM_FEATURE_V8_SHA3, ARM_HWCAP_A64_SHA3); + GET_FEATURE(ARM_FEATURE_V8_SM3, ARM_HWCAP_A64_SM3); + GET_FEATURE(ARM_FEATURE_V8_SHA512, ARM_HWCAP_A64_SHA512); #undef GET_FEATURE return hwcaps; diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c index 670c07ab6ed4..56d50ba57194 100644 --- a/target/arm/cpu64.c +++ b/target/arm/cpu64.c @@ -224,6 +224,9 @@ static void aarch64_any_initfn(Object *obj) set_feature(&cpu->env, ARM_FEATURE_V8_AES); set_feature(&cpu->env, ARM_FEATURE_V8_SHA1); set_feature(&cpu->env, ARM_FEATURE_V8_SHA256); + set_feature(&cpu->env, ARM_FEATURE_V8_SHA512); + set_feature(&cpu->env, ARM_FEATURE_V8_SHA3); + set_feature(&cpu->env, ARM_FEATURE_V8_SM3); set_feature(&cpu->env, ARM_FEATURE_V8_PMULL); set_feature(&cpu->env, ARM_FEATURE_CRC); cpu->ctr = 0x80038003; /* 32 byte I and D cacheline size, VIPT icache */