From patchwork Wed Feb 7 11:17:25 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 127160 Delivered-To: patch@linaro.org Received: by 10.46.124.24 with SMTP id x24csp369820ljc; Wed, 7 Feb 2018 03:21:03 -0800 (PST) X-Google-Smtp-Source: AH8x225MjGT2aojDWoTSUgQP0drCcdfSTh+tnBQlSvAidaNgBZZD7wqS+8tzlqOy152vUVmuKeoV X-Received: by 10.13.245.1 with SMTP id e1mr3542721ywf.91.1518002463637; Wed, 07 Feb 2018 03:21:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518002463; cv=none; d=google.com; s=arc-20160816; b=A6WuhCd2Uwr+2AIhCN6/KASqQfUQ1cvS5A67xZu+Dqzlxhw5ZylEpDEGNHNF789iK+ ha1YlkqsUTwC6flL20JhObYQP2sjCfghuFfHzogRo9D1Yc5cqmO45mX52UQMGyUzBHiK RvXc+wkcJFdjMe6IfDlfoXOxJK6nf07sefIvSYymQa8uGOOdmT8LYhb/oXvNS6cu4oT3 X8iboDP1LNPjnerw5CMSLkkVXdK00gvO9HVtfXtJo/L86XIcbikkP7hwdENxzitcTl46 9MOYEPDeViK/EFL2hnk/08SAbfiVa43OUazngevVuceSWB+GFuBBe3vCAqQMZVlPmyZ1 rCrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:dkim-signature:arc-authentication-results; bh=Vvc46QhHvkWYFYoVqHEVwveei10RIvcta28aHDMwRLM=; b=qjxrJVRLfe47+BPJLvbmxz/JxzqVGUl/6d8Iy0gC+eNPGSu/qMkmfBcNjYWOGHTBAy nwVggeBmaSPJs/1uZzh6g026OQWd29J9i7+Xm8Lul5PgdSuDtjsT1L/Uw++HUMgxNjjf O3TwvLp83Cu7+/fK6d+e4TtE1LH/9FZGdG/K9uFKrFHFwJiw5E1aAyhjqf5vUrDQVhfM /EyOCDxI47La4YHPxnIfN8CKmiu42NmW9MS8jmCbcaPN5Ifuyx/uiJa9EE8bSFMn3Wk5 TTfm04uzNrkgncaP1noeFre6kdDCt9tqOeSDMppr9vzzxE+YfZIPvqsYyQKjbfywYoJo a9wQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=PsuDND4/; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id i3si230009ybm.626.2018.02.07.03.21.03 for (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 07 Feb 2018 03:21:03 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=PsuDND4/; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:51706 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejNmh-0006o3-0z for patch@linaro.org; Wed, 07 Feb 2018 06:21:03 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38752) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejNjU-0005DI-7q for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:45 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ejNjR-0005eN-ES for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:44 -0500 Received: from mail-wm0-x244.google.com ([2a00:1450:400c:c09::244]:52068) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ejNjR-0005dn-5S for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:41 -0500 Received: by mail-wm0-x244.google.com with SMTP id r71so2460363wmd.1 for ; Wed, 07 Feb 2018 03:17:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Vvc46QhHvkWYFYoVqHEVwveei10RIvcta28aHDMwRLM=; b=PsuDND4/6alx9eLBxmEmrWHVewLlzWogRZtj8kVp9/odGVu3vTueJK56velMEmS/qh NeR/C9uSf/lmDXr5YMjbyWofz265PbhdT5L+IVC4m/KVt+4KF197G/K64phYtrg2+bAM aTwpu3wapxJYL/CMvRfM9wfGWYQvyHpiOrSeg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Vvc46QhHvkWYFYoVqHEVwveei10RIvcta28aHDMwRLM=; b=fN4wur4JjBvaknP9ZcjSFgiBHZrR4R78t6DeroINHcGxfJzmM1bFcdM0DIPpUFXH/Y wM2/Rdm+WGgclvQSFoldp6WaNUjYmzUKF+SRjKE7BCl8Jl8KkgoBluikZh6rzmHG2WSX wxpge3zGYhAUfZUjUFINBbf4VGxPsZRP+RB9RMtUWUI8E+3xPXNuayJ3K0Uq8kyt0bPl eVdEiCUQsddBOEvWMvWdIh49zRPMBekTTsd409rANPwasKLMobG0D9iaG8SgKglOMC0i eY3u4LOTip7SMAemUchNntgcRFzOwDJxOtuopt7FNaKU3QivuPDXry50e0+9NiLBV/Pi MByg== X-Gm-Message-State: APf1xPBqAIrxSwrzSVh1uGt5IrIWDz71QpCGHmVxtU7aaWGchwP01+8F bQ9uGpALW1qXCRtouFU+ISnsj/coI8M= X-Received: by 10.28.20.206 with SMTP id 197mr4097280wmu.19.1518002259753; Wed, 07 Feb 2018 03:17:39 -0800 (PST) Received: from localhost.localdomain ([196.85.252.149]) by smtp.gmail.com with ESMTPSA id h32sm627629wrf.65.2018.02.07.03.17.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Feb 2018 03:17:38 -0800 (PST) From: Ard Biesheuvel To: qemu-devel@nongnu.org Date: Wed, 7 Feb 2018 11:17:25 +0000 Message-Id: <20180207111729.15737-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180207111729.15737-1-ard.biesheuvel@linaro.org> References: <20180207111729.15737-1-ard.biesheuvel@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c09::244 Subject: [Qemu-devel] [PATCH v6 1/5] target/arm: implement SHA-512 instructions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Ard Biesheuvel Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" This implements emulation of the new SHA-512 instructions that have been added as an optional extensions to the ARMv8 Crypto Extensions in ARM v8.2. Signed-off-by: Ard Biesheuvel --- target/arm/cpu.h | 1 + target/arm/crypto_helper.c | 90 +++++++++++++++- target/arm/helper.h | 5 + target/arm/translate-a64.c | 110 ++++++++++++++++++++ 4 files changed, 205 insertions(+), 1 deletion(-) -- 2.11.0 diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 0a923e42d8bf..32a18510e70b 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1372,6 +1372,7 @@ enum arm_features { ARM_FEATURE_M_SECURITY, /* M profile Security Extension */ ARM_FEATURE_JAZELLE, /* has (trivial) Jazelle implementation */ ARM_FEATURE_SVE, /* has Scalable Vector Extension */ + ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */ }; static inline int arm_feature(CPUARMState *env, int feature) diff --git a/target/arm/crypto_helper.c b/target/arm/crypto_helper.c index 9ca0bdead7bb..3d8d1fb5e7cf 100644 --- a/target/arm/crypto_helper.c +++ b/target/arm/crypto_helper.c @@ -1,7 +1,7 @@ /* * crypto_helper.c - emulate v8 Crypto Extensions instructions * - * Copyright (C) 2013 - 2014 Linaro Ltd + * Copyright (C) 2013 - 2018 Linaro Ltd * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -419,3 +419,91 @@ void HELPER(crypto_sha256su1)(void *vd, void *vn, void *vm) rd[0] = d.l[0]; rd[1] = d.l[1]; } + +/* + * The SHA-512 logical functions (same as above but using 64-bit operands) + */ + +static uint64_t cho512(uint64_t x, uint64_t y, uint64_t z) +{ + return (x & (y ^ z)) ^ z; +} + +static uint64_t maj512(uint64_t x, uint64_t y, uint64_t z) +{ + return (x & y) | ((x | y) & z); +} + +static uint64_t S0_512(uint64_t x) +{ + return ror64(x, 28) ^ ror64(x, 34) ^ ror64(x, 39); +} + +static uint64_t S1_512(uint64_t x) +{ + return ror64(x, 14) ^ ror64(x, 18) ^ ror64(x, 41); +} + +static uint64_t s0_512(uint64_t x) +{ + return ror64(x, 1) ^ ror64(x, 8) ^ (x >> 7); +} + +static uint64_t s1_512(uint64_t x) +{ + return ror64(x, 19) ^ ror64(x, 61) ^ (x >> 6); +} + +void HELPER(crypto_sha512h)(void *vd, void *vn, void *vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + uint64_t d0 = rd[0]; + uint64_t d1 = rd[1]; + + d1 += S1_512(rm[1]) + cho512(rm[1], rn[0], rn[1]); + d0 += S1_512(d1 + rm[0]) + cho512(d1 + rm[0], rm[1], rn[0]); + + rd[0] = d0; + rd[1] = d1; +} + +void HELPER(crypto_sha512h2)(void *vd, void *vn, void *vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + uint64_t d0 = rd[0]; + uint64_t d1 = rd[1]; + + d1 += S0_512(rm[0]) + maj512(rn[0], rm[1], rm[0]); + d0 += S0_512(d1) + maj512(d1, rm[0], rm[1]); + + rd[0] = d0; + rd[1] = d1; +} + +void HELPER(crypto_sha512su0)(void *vd, void *vn) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t d0 = rd[0]; + uint64_t d1 = rd[1]; + + d0 += s0_512(rd[1]); + d1 += s0_512(rn[0]); + + rd[0] = d0; + rd[1] = d1; +} + +void HELPER(crypto_sha512su1)(void *vd, void *vn, void *vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + + rd[0] += s1_512(rn[0]) + rm[0]; + rd[1] += s1_512(rn[1]) + rm[1]; +} diff --git a/target/arm/helper.h b/target/arm/helper.h index 5dec2e62626b..81d460702867 100644 --- a/target/arm/helper.h +++ b/target/arm/helper.h @@ -534,6 +534,11 @@ DEF_HELPER_FLAGS_3(crypto_sha256h2, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) DEF_HELPER_FLAGS_2(crypto_sha256su0, TCG_CALL_NO_RWG, void, ptr, ptr) DEF_HELPER_FLAGS_3(crypto_sha256su1, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) +DEF_HELPER_FLAGS_3(crypto_sha512h, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) +DEF_HELPER_FLAGS_3(crypto_sha512h2, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) +DEF_HELPER_FLAGS_2(crypto_sha512su0, TCG_CALL_NO_RWG, void, ptr, ptr) +DEF_HELPER_FLAGS_3(crypto_sha512su1, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) + DEF_HELPER_FLAGS_3(crc32, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32) DEF_HELPER_FLAGS_3(crc32c, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32) DEF_HELPER_2(dc_zva, void, env, i64) diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c index 10eef870fee2..888f5a39a283 100644 --- a/target/arm/translate-a64.c +++ b/target/arm/translate-a64.c @@ -11132,6 +11132,114 @@ static void disas_crypto_two_reg_sha(DisasContext *s, uint32_t insn) tcg_temp_free_ptr(tcg_rn_ptr); } +/* Crypto three-reg SHA512 + * 31 21 20 16 15 14 13 12 11 10 9 5 4 0 + * +-----------------------+------+---+---+-----+--------+------+------+ + * | 1 1 0 0 1 1 1 0 0 1 1 | Rm | 1 | O | 0 0 | opcode | Rn | Rd | + * +-----------------------+------+---+---+-----+--------+------+------+ + */ +static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn) +{ + int opcode = extract32(insn, 10, 2); + int o = extract32(insn, 14, 1); + int rm = extract32(insn, 16, 5); + int rn = extract32(insn, 5, 5); + int rd = extract32(insn, 0, 5); + int feature; + CryptoThreeOpFn *genfn; + + if (o == 0) { + switch (opcode) { + case 0: /* SHA512H */ + feature = ARM_FEATURE_V8_SHA512; + genfn = gen_helper_crypto_sha512h; + break; + case 1: /* SHA512H2 */ + feature = ARM_FEATURE_V8_SHA512; + genfn = gen_helper_crypto_sha512h2; + break; + case 2: /* SHA512SU1 */ + feature = ARM_FEATURE_V8_SHA512; + genfn = gen_helper_crypto_sha512su1; + break; + default: + unallocated_encoding(s); + return; + } + } else { + unallocated_encoding(s); + return; + } + + if (!arm_dc_feature(s, feature)) { + unallocated_encoding(s); + return; + } + + if (!fp_access_check(s)) { + return; + } + + if (genfn) { + TCGv_ptr tcg_rd_ptr, tcg_rn_ptr, tcg_rm_ptr; + + tcg_rd_ptr = vec_full_reg_ptr(s, rd); + tcg_rn_ptr = vec_full_reg_ptr(s, rn); + tcg_rm_ptr = vec_full_reg_ptr(s, rm); + + genfn(tcg_rd_ptr, tcg_rn_ptr, tcg_rm_ptr); + + tcg_temp_free_ptr(tcg_rd_ptr); + tcg_temp_free_ptr(tcg_rn_ptr); + tcg_temp_free_ptr(tcg_rm_ptr); + } else { + g_assert_not_reached(); + } +} + +/* Crypto two-reg SHA512 + * 31 12 11 10 9 5 4 0 + * +-----------------------------------------+--------+------+------+ + * | 1 1 0 0 1 1 1 0 1 1 0 0 0 0 0 0 1 0 0 0 | opcode | Rn | Rd | + * +-----------------------------------------+--------+------+------+ + */ +static void disas_crypto_two_reg_sha512(DisasContext *s, uint32_t insn) +{ + int opcode = extract32(insn, 10, 2); + int rn = extract32(insn, 5, 5); + int rd = extract32(insn, 0, 5); + TCGv_ptr tcg_rd_ptr, tcg_rn_ptr; + int feature; + CryptoTwoOpFn *genfn; + + switch (opcode) { + case 0: /* SHA512SU0 */ + feature = ARM_FEATURE_V8_SHA512; + genfn = gen_helper_crypto_sha512su0; + break; + default: + unallocated_encoding(s); + return; + } + + if (!arm_dc_feature(s, feature)) { + unallocated_encoding(s); + return; + } + + if (!fp_access_check(s)) { + return; + } + + tcg_rd_ptr = vec_full_reg_ptr(s, rd); + tcg_rn_ptr = vec_full_reg_ptr(s, rn); + + genfn(tcg_rd_ptr, tcg_rn_ptr); + + tcg_temp_free_ptr(tcg_rd_ptr); + tcg_temp_free_ptr(tcg_rn_ptr); +} + /* C3.6 Data processing - SIMD, inc Crypto * * As the decode gets a little complex we are using a table based @@ -11161,6 +11269,8 @@ static const AArch64DecodeTable data_proc_simd[] = { { 0x4e280800, 0xff3e0c00, disas_crypto_aes }, { 0x5e000000, 0xff208c00, disas_crypto_three_reg_sha }, { 0x5e280800, 0xff3e0c00, disas_crypto_two_reg_sha }, + { 0xce608000, 0xffe0b000, disas_crypto_three_reg_sha512 }, + { 0xcec08000, 0xfffff000, disas_crypto_two_reg_sha512 }, { 0x00000000, 0x00000000, NULL } }; From patchwork Wed Feb 7 11:17:26 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 127161 Delivered-To: patch@linaro.org Received: by 10.46.124.24 with SMTP id x24csp370111ljc; Wed, 7 Feb 2018 03:21:26 -0800 (PST) X-Google-Smtp-Source: AH8x227e1cKE/q1TDbZorSENTi7sPsmXFe1pVF3ec9Cm8+uKKkBQDjdLSz4AJiE8Pg+CTFPbdq+j X-Received: by 10.37.129.80 with SMTP id j16mr3811751ybm.9.1518002485907; Wed, 07 Feb 2018 03:21:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518002485; cv=none; d=google.com; s=arc-20160816; b=EKxFdRVLhmSZiarVxdIRVc41uOhDENze+sl04ip8+JDwLxrnZXzIW2NDg0A5+7inAO oJ6lzbbZbj+qegZEBwV5+LBnXhaoMfdy8oEAl9+9KHVe4AQIXy5Z3RlTQ9FJksrOKggO 19tU+prxEzjd4DRcEnBzYT+4sOolULxpysMa1m9KJ9SWB+8fOE9mRlEPqzxBd0qLno5B tpi7rnYyq+VdhnJiFVQ9Sft4MtZV2X77+0NByrHmS1otR0hskGZevnStpPJXPYYGUDMI QKbY5/w5iIPhQvzkOn8XH9s1xlsKLQ80GEYoPv6dOu6adKJLpFnahTKH93Z1AMT5dUQv PlMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:dkim-signature:arc-authentication-results; bh=nMYG/iSulvXqEwNwjkM6ocfYpRorwzriEirPf9UIYks=; b=z11fLFOEn8XKy1DC26tFAAXxXe2D+br9toK+lR4PeGibJ/XEcNa9GKJrBHJ2WkuC3a 5TLwComUSC/kwuUNcPgx2SN4t9XiQuVxnPag1KPaoRmYBDxZMUDISb9uZkXcAgdCT1C1 CXf5qei7HCju+3KlZDRcjS56fhhAkok1kSe87I0L5R2dwKuE6Mq3cayux4inKFb53GmI 07epaEtRYYe9wnGj6D5J77LzKLFXGr61BqGypjO0C/dg8IuIItMAlMVLMcHjx8Gjvwoh nmMh6XL41Rh7HZiGCsl+FGphZ8rk5WunN6FxF0DEUNO5GMJVcWH5rBYYZvf3ztS+ls6+ 3nig== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=A17M+oor; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id f84si213494ywf.598.2018.02.07.03.21.25 for (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 07 Feb 2018 03:21:25 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=A17M+oor; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:51714 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejNn3-000878-5G for patch@linaro.org; Wed, 07 Feb 2018 06:21:25 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38764) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejNjV-0005E0-5m for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:48 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ejNjT-0005g2-Rf for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:45 -0500 Received: from mail-wm0-x243.google.com ([2a00:1450:400c:c09::243]:34348) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ejNjT-0005fD-HX for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:43 -0500 Received: by mail-wm0-x243.google.com with SMTP id j21-v6so22162425wmh.1 for ; Wed, 07 Feb 2018 03:17:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=nMYG/iSulvXqEwNwjkM6ocfYpRorwzriEirPf9UIYks=; b=A17M+oorxHpbJoxhD1gb5YWn6anaWbf+qJcdKin2kqwyKS5eHEGy0PcGcI8HILo8PK QOHQ5Y3/Uk0yWWLE8odms015jyyTTASUiqYyEJqCOODjbIE3JHr3QRWBPIWyrcT11nAj rTbpYak3SgKZjGu0INWVII/rP34Qf82dIaxKE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=nMYG/iSulvXqEwNwjkM6ocfYpRorwzriEirPf9UIYks=; b=fnGF+oiBM9QdyxGW6y9SNcmblmzC7uRoBSNTnbjJMv3fXoh5xzoVy95RaCGZU6+hqM r7AFvv+jF1ftcgCBRGEQzLuaWOov3nNwrjjpZZyuu+zq6X9XGzfvgLFolDCGOXzam6Ua O+NZV980p8fvKomFUJ+sX6ffbUmsIx7b5t9VYm3yb6/rF9BGffgQz8gL/SjsGymrFLmR XOZSQtDwrfTpwPrHN1K2ZSp5v6Fhhv3lUz4qsoTDKzIhPk1tWStA6bnYWR4b3EbwxKgU sso9t70bljm0CeJE34Ofk3IakKkfq1esCmVdPLrDbo4Xf8IuqftLFN+3znaLrtHorkJC OLBQ== X-Gm-Message-State: APf1xPDV3I62eX/Cya+kDnrA1toStyKpVaP0CqRYUWz5SDRYAGrG0WJI x6gijy4WqoE1/RTsTIgdp71L3t0SXjQ= X-Received: by 10.28.185.196 with SMTP id j187mr4914438wmf.94.1518002262072; Wed, 07 Feb 2018 03:17:42 -0800 (PST) Received: from localhost.localdomain ([196.85.252.149]) by smtp.gmail.com with ESMTPSA id h32sm627629wrf.65.2018.02.07.03.17.39 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Feb 2018 03:17:40 -0800 (PST) From: Ard Biesheuvel To: qemu-devel@nongnu.org Date: Wed, 7 Feb 2018 11:17:26 +0000 Message-Id: <20180207111729.15737-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180207111729.15737-1-ard.biesheuvel@linaro.org> References: <20180207111729.15737-1-ard.biesheuvel@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c09::243 Subject: [Qemu-devel] [PATCH v6 2/5] target/arm: implement SHA-3 instructions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Ard Biesheuvel Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" This implements emulation of the new SHA-3 instructions that have been added as an optional extensions to the ARMv8 Crypto Extensions in ARM v8.2. Signed-off-by: Ard Biesheuvel --- target/arm/cpu.h | 1 + target/arm/translate-a64.c | 148 +++++++++++++++++++- 2 files changed, 145 insertions(+), 4 deletions(-) -- 2.11.0 diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 32a18510e70b..d0b19e0cbc88 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1373,6 +1373,7 @@ enum arm_features { ARM_FEATURE_JAZELLE, /* has (trivial) Jazelle implementation */ ARM_FEATURE_SVE, /* has Scalable Vector Extension */ ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */ + ARM_FEATURE_V8_SHA3, /* implements SHA3 part of v8 Crypto Extensions */ }; static inline int arm_feature(CPUARMState *env, int feature) diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c index 888f5a39a283..f697a51ca7ec 100644 --- a/target/arm/translate-a64.c +++ b/target/arm/translate-a64.c @@ -11162,9 +11162,10 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn) feature = ARM_FEATURE_V8_SHA512; genfn = gen_helper_crypto_sha512su1; break; - default: - unallocated_encoding(s); - return; + case 3: /* RAX1 */ + feature = ARM_FEATURE_V8_SHA3; + genfn = NULL; + break; } } else { unallocated_encoding(s); @@ -11193,7 +11194,28 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn) tcg_temp_free_ptr(tcg_rn_ptr); tcg_temp_free_ptr(tcg_rm_ptr); } else { - g_assert_not_reached(); + TCGv_i64 tcg_op1, tcg_op2, tcg_res[2]; + int pass; + + tcg_op1 = tcg_temp_new_i64(); + tcg_op2 = tcg_temp_new_i64(); + tcg_res[0] = tcg_temp_new_i64(); + tcg_res[1] = tcg_temp_new_i64(); + + for (pass = 0; pass < 2; pass++) { + read_vec_element(s, tcg_op1, rn, pass, MO_64); + read_vec_element(s, tcg_op2, rm, pass, MO_64); + + tcg_gen_rotli_i64(tcg_res[pass], tcg_op2, 1); + tcg_gen_xor_i64(tcg_res[pass], tcg_res[pass], tcg_op1); + } + write_vec_element(s, tcg_res[0], rd, 0, MO_64); + write_vec_element(s, tcg_res[1], rd, 1, MO_64); + + tcg_temp_free_i64(tcg_op1); + tcg_temp_free_i64(tcg_op2); + tcg_temp_free_i64(tcg_res[0]); + tcg_temp_free_i64(tcg_res[1]); } } @@ -11240,6 +11262,122 @@ static void disas_crypto_two_reg_sha512(DisasContext *s, uint32_t insn) tcg_temp_free_ptr(tcg_rn_ptr); } +/* Crypto four-register + * 31 23 22 21 20 16 15 14 10 9 5 4 0 + * +-------------------+-----+------+---+------+------+------+ + * | 1 1 0 0 1 1 1 0 0 | Op0 | Rm | 0 | Ra | Rn | Rd | + * +-------------------+-----+------+---+------+------+------+ + */ +static void disas_crypto_four_reg(DisasContext *s, uint32_t insn) +{ + int op0 = extract32(insn, 21, 2); + int rm = extract32(insn, 16, 5); + int ra = extract32(insn, 10, 5); + int rn = extract32(insn, 5, 5); + int rd = extract32(insn, 0, 5); + int feature; + + switch (op0) { + case 0: /* EOR3 */ + case 1: /* BCAX */ + feature = ARM_FEATURE_V8_SHA3; + break; + default: + unallocated_encoding(s); + return; + } + + if (!arm_dc_feature(s, feature)) { + unallocated_encoding(s); + return; + } + + if (!fp_access_check(s)) { + return; + } + + if (op0 < 2) { + TCGv_i64 tcg_op1, tcg_op2, tcg_op3, tcg_res[2]; + int pass; + + tcg_op1 = tcg_temp_new_i64(); + tcg_op2 = tcg_temp_new_i64(); + tcg_op3 = tcg_temp_new_i64(); + tcg_res[0] = tcg_temp_new_i64(); + tcg_res[1] = tcg_temp_new_i64(); + + for (pass = 0; pass < 2; pass++) { + read_vec_element(s, tcg_op1, rn, pass, MO_64); + read_vec_element(s, tcg_op2, rm, pass, MO_64); + read_vec_element(s, tcg_op3, ra, pass, MO_64); + + if (op0 == 0) { + /* EOR3 */ + tcg_gen_xor_i64(tcg_res[pass], tcg_op2, tcg_op3); + } else { + /* BCAX */ + tcg_gen_andc_i64(tcg_res[pass], tcg_op2, tcg_op3); + } + tcg_gen_xor_i64(tcg_res[pass], tcg_res[pass], tcg_op1); + } + write_vec_element(s, tcg_res[0], rd, 0, MO_64); + write_vec_element(s, tcg_res[1], rd, 1, MO_64); + + tcg_temp_free_i64(tcg_op1); + tcg_temp_free_i64(tcg_op2); + tcg_temp_free_i64(tcg_op3); + tcg_temp_free_i64(tcg_res[0]); + tcg_temp_free_i64(tcg_res[1]); + } else { + g_assert_not_reached(); + } +} + +/* Crypto XAR + * 31 21 20 16 15 10 9 5 4 0 + * +-----------------------+------+--------+------+------+ + * | 1 1 0 0 1 1 1 0 1 0 0 | Rm | imm6 | Rn | Rd | + * +-----------------------+------+--------+------+------+ + */ +static void disas_crypto_xar(DisasContext *s, uint32_t insn) +{ + int rm = extract32(insn, 16, 5); + int imm6 = extract32(insn, 10, 6); + int rn = extract32(insn, 5, 5); + int rd = extract32(insn, 0, 5); + TCGv_i64 tcg_op1, tcg_op2, tcg_res[2]; + int pass; + + if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA3)) { + unallocated_encoding(s); + return; + } + + if (!fp_access_check(s)) { + return; + } + + tcg_op1 = tcg_temp_new_i64(); + tcg_op2 = tcg_temp_new_i64(); + tcg_res[0] = tcg_temp_new_i64(); + tcg_res[1] = tcg_temp_new_i64(); + + for (pass = 0; pass < 2; pass++) { + read_vec_element(s, tcg_op1, rn, pass, MO_64); + read_vec_element(s, tcg_op2, rm, pass, MO_64); + + tcg_gen_xor_i64(tcg_res[pass], tcg_op1, tcg_op2); + tcg_gen_rotri_i64(tcg_res[pass], tcg_res[pass], imm6); + } + write_vec_element(s, tcg_res[0], rd, 0, MO_64); + write_vec_element(s, tcg_res[1], rd, 1, MO_64); + + tcg_temp_free_i64(tcg_op1); + tcg_temp_free_i64(tcg_op2); + tcg_temp_free_i64(tcg_res[0]); + tcg_temp_free_i64(tcg_res[1]); +} + /* C3.6 Data processing - SIMD, inc Crypto * * As the decode gets a little complex we are using a table based @@ -11271,6 +11409,8 @@ static const AArch64DecodeTable data_proc_simd[] = { { 0x5e280800, 0xff3e0c00, disas_crypto_two_reg_sha }, { 0xce608000, 0xffe0b000, disas_crypto_three_reg_sha512 }, { 0xcec08000, 0xfffff000, disas_crypto_two_reg_sha512 }, + { 0xce000000, 0xff808000, disas_crypto_four_reg }, + { 0xce800000, 0xffe00000, disas_crypto_xar }, { 0x00000000, 0x00000000, NULL } }; From patchwork Wed Feb 7 11:17:27 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 127159 Delivered-To: patch@linaro.org Received: by 10.46.124.24 with SMTP id x24csp369771ljc; Wed, 7 Feb 2018 03:20:59 -0800 (PST) X-Google-Smtp-Source: AH8x2263qozxS31/fJM1j6kuC040iRYJIFyt7gPT6D0N0eBUe85HyLcuTGDgFcj//QapzANrKa5E X-Received: by 10.129.75.8 with SMTP id y8mr3619201ywa.245.1518002459144; Wed, 07 Feb 2018 03:20:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518002459; cv=none; d=google.com; s=arc-20160816; b=n6DfcAUNwo0j4saLZbvlewIDTGO10ePLVuIQTfGgKynvZ/W+OExmgZwGHPuWM10VZJ e2FDjFg4cMd9fpPab+eC9JAefijHU85nFY9zW4zlt1euxl419DkufuZfPdr0yyxEUbd4 MjVZQrYZs2eSA06Roy5k2QJ+laCDfDXllqYAQn4ZdcN0Nv32EwLy/1rvPVtKsyU3EiSs +/j02Mdy3Xlk2NbhYzRGGBZtnOoyaHd/CQ9UnAl0AFjwCnYP54Dm7pt++zOHMv/QEL3+ utsq3YrJDuKTvgs33Di+vkbZEkiI55U5/vz/pgUwi04hp/0w3ANcUWIvlVn/Cr+Qew2S kXSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:dkim-signature:arc-authentication-results; bh=Ob9l/Xi5wp0UyT5IICQsnkxWhS2pJO+CRHC0J+Pq1m8=; b=E0dDeNg8xatGqaoBYVWyckb8VajGbfpqtK9WGRQzXwKUoVZE5EbkKel5nzxHibYfFJ CvyMoxqC++k/CAe8so+yzMZ0GgsXOC2MHoXm5DefbdUVd43L/BEYPVXI1DKPVeym40TI f6LgB5UZv5cNgXn9D2PaOLmFrtF9pemPCjmHLuoSQY4dztyYBx/pZJ3kC4dIrMPVRDII jWtwMszTCnOGjHMuh5v4MwEk9rJ7dNBqMT91sY6zlouwLPuNps38RYdIjlk4Cc+k7jQw jiao4EgNdy5hoR8wNObCyiGvwLfyriuBYqBUQ19sJtuPOv8fMMVO5Oigi6j9G8j0aJ/Z Zqrg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=b8Il9dfT; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id x79si211544ywg.672.2018.02.07.03.20.58 for (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 07 Feb 2018 03:20:59 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=b8Il9dfT; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:51705 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejNmc-0006lA-A8 for patch@linaro.org; Wed, 07 Feb 2018 06:20:58 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38791) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejNjW-0005EZ-Vh for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:48 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ejNjV-0005hN-Eh for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:46 -0500 Received: from mail-wm0-x243.google.com ([2a00:1450:400c:c09::243]:39471) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ejNjV-0005gb-4X for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:45 -0500 Received: by mail-wm0-x243.google.com with SMTP id b21so2585507wme.4 for ; Wed, 07 Feb 2018 03:17:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Ob9l/Xi5wp0UyT5IICQsnkxWhS2pJO+CRHC0J+Pq1m8=; b=b8Il9dfT4I654KN7gcLHWh2PxNKgfSN/hrjJe+okwg9bMYe0UTDS7FuvPohP1G0qgM wIoaSQPaCPRFoMwRlxDwt2r7SbWMKPVN6zwzTBJ4DfcVauHmXRqqhMMUhftssAt0W9Jw 3cKTu3Uyl5lGJKM+orsZiHxain7+99c+0dpT4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Ob9l/Xi5wp0UyT5IICQsnkxWhS2pJO+CRHC0J+Pq1m8=; b=byGsuqwkOok51axA0hsBUtdaI9nycBcuuF7lsgoxfxDVKPNv2LwvTGQBupj4jomjsx rv1LJWitijiurUP02dzLOiPjkzErQaE+49JM79ndUINh/VGOb1KvxZIEJ4OhPIkNBQOE Rn8+qOIBclgHsEcg83HkuVLuYlnJH5mbxU8tyw72/GkGe0cXfVd+791BLC8xmxKgRX8N QMNjZBmPLYBPht0BlRv9+95oV9d14C5isjKfUbyFRdOf63OtxNFdcEOgbTPObDWwJi+i OZuw7jYlg+uH6m0uNuXzIKadKLTyiQ1YBUHKGVJiNvmOiWJw+siMe1n1y5otbuHWeun4 deYw== X-Gm-Message-State: APf1xPDH7v3TLXTeieSkGX1oyAsIokjAzNwbv2hi+hM//exIdpGlClFT J9BCtEB6AjKTt7zMLxa0i1AY8PlQX8Q= X-Received: by 10.28.125.68 with SMTP id y65mr4233016wmc.106.1518002263822; Wed, 07 Feb 2018 03:17:43 -0800 (PST) Received: from localhost.localdomain ([196.85.252.149]) by smtp.gmail.com with ESMTPSA id h32sm627629wrf.65.2018.02.07.03.17.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Feb 2018 03:17:42 -0800 (PST) From: Ard Biesheuvel To: qemu-devel@nongnu.org Date: Wed, 7 Feb 2018 11:17:27 +0000 Message-Id: <20180207111729.15737-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180207111729.15737-1-ard.biesheuvel@linaro.org> References: <20180207111729.15737-1-ard.biesheuvel@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c09::243 Subject: [Qemu-devel] [PATCH v6 3/5] target/arm: implement SM3 instructions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Ard Biesheuvel Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" This implements emulation of the new SM3 instructions that have been added as an optional extension to the ARMv8 Crypto Extensions in ARM v8.2. Signed-off-by: Ard Biesheuvel --- target/arm/cpu.h | 1 + target/arm/crypto_helper.c | 96 ++++++++++++++++++++ target/arm/helper.h | 4 + target/arm/translate-a64.c | 88 +++++++++++++++++- 4 files changed, 186 insertions(+), 3 deletions(-) -- 2.11.0 diff --git a/target/arm/cpu.h b/target/arm/cpu.h index d0b19e0cbc88..18383666e02d 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1374,6 +1374,7 @@ enum arm_features { ARM_FEATURE_SVE, /* has Scalable Vector Extension */ ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */ ARM_FEATURE_V8_SHA3, /* implements SHA3 part of v8 Crypto Extensions */ + ARM_FEATURE_V8_SM3, /* implements SM3 part of v8 Crypto Extensions */ }; static inline int arm_feature(CPUARMState *env, int feature) diff --git a/target/arm/crypto_helper.c b/target/arm/crypto_helper.c index 3d8d1fb5e7cf..2f6744edb088 100644 --- a/target/arm/crypto_helper.c +++ b/target/arm/crypto_helper.c @@ -507,3 +507,99 @@ void HELPER(crypto_sha512su1)(void *vd, void *vn, void *vm) rd[0] += s1_512(rn[0]) + rm[0]; rd[1] += s1_512(rn[1]) + rm[1]; } + +void HELPER(crypto_sm3partw1)(void *vd, void *vn, void *vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + union CRYPTO_STATE d = { .l = { rd[0], rd[1] } }; + union CRYPTO_STATE n = { .l = { rn[0], rn[1] } }; + union CRYPTO_STATE m = { .l = { rm[0], rm[1] } }; + uint32_t t; + + t = CR_ST_WORD(d, 0) ^ CR_ST_WORD(n, 0) ^ ror32(CR_ST_WORD(m, 1), 17); + CR_ST_WORD(d, 0) = t ^ ror32(t, 17) ^ ror32(t, 9); + + t = CR_ST_WORD(d, 1) ^ CR_ST_WORD(n, 1) ^ ror32(CR_ST_WORD(m, 2), 17); + CR_ST_WORD(d, 1) = t ^ ror32(t, 17) ^ ror32(t, 9); + + t = CR_ST_WORD(d, 2) ^ CR_ST_WORD(n, 2) ^ ror32(CR_ST_WORD(m, 3), 17); + CR_ST_WORD(d, 2) = t ^ ror32(t, 17) ^ ror32(t, 9); + + t = CR_ST_WORD(d, 3) ^ CR_ST_WORD(n, 3) ^ ror32(CR_ST_WORD(d, 0), 17); + CR_ST_WORD(d, 3) = t ^ ror32(t, 17) ^ ror32(t, 9); + + rd[0] = d.l[0]; + rd[1] = d.l[1]; +} + +void HELPER(crypto_sm3partw2)(void *vd, void *vn, void *vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + union CRYPTO_STATE d = { .l = { rd[0], rd[1] } }; + union CRYPTO_STATE n = { .l = { rn[0], rn[1] } }; + union CRYPTO_STATE m = { .l = { rm[0], rm[1] } }; + uint32_t t = CR_ST_WORD(n, 0) ^ ror32(CR_ST_WORD(m, 0), 25); + + CR_ST_WORD(d, 0) ^= t; + CR_ST_WORD(d, 1) ^= CR_ST_WORD(n, 1) ^ ror32(CR_ST_WORD(m, 1), 25); + CR_ST_WORD(d, 2) ^= CR_ST_WORD(n, 2) ^ ror32(CR_ST_WORD(m, 2), 25); + CR_ST_WORD(d, 3) ^= CR_ST_WORD(n, 3) ^ ror32(CR_ST_WORD(m, 3), 25) ^ + ror32(t, 17) ^ ror32(t, 2) ^ ror32(t, 26); + + rd[0] = d.l[0]; + rd[1] = d.l[1]; +} + +void HELPER(crypto_sm3tt)(void *vd, void *vn, void *vm, uint32_t imm2, + uint32_t opcode) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + union CRYPTO_STATE d = { .l = { rd[0], rd[1] } }; + union CRYPTO_STATE n = { .l = { rn[0], rn[1] } }; + union CRYPTO_STATE m = { .l = { rm[0], rm[1] } }; + uint32_t t; + + assert(imm2 < 4); + + if (opcode == 0 || opcode == 2) { + /* SM3TT1A, SM3TT2A */ + t = par(CR_ST_WORD(d, 3), CR_ST_WORD(d, 2), CR_ST_WORD(d, 1)); + } else if (opcode == 1) { + /* SM3TT1B */ + t = maj(CR_ST_WORD(d, 3), CR_ST_WORD(d, 2), CR_ST_WORD(d, 1)); + } else if (opcode == 3) { + /* SM3TT2B */ + t = cho(CR_ST_WORD(d, 3), CR_ST_WORD(d, 2), CR_ST_WORD(d, 1)); + } else { + g_assert_not_reached(); + } + + t += CR_ST_WORD(d, 0) + CR_ST_WORD(m, imm2); + + CR_ST_WORD(d, 0) = CR_ST_WORD(d, 1); + + if (opcode < 2) { + /* SM3TT1A, SM3TT1B */ + t += CR_ST_WORD(n, 3) ^ ror32(CR_ST_WORD(d, 3), 20); + + CR_ST_WORD(d, 1) = ror32(CR_ST_WORD(d, 2), 23); + } else { + /* SM3TT2A, SM3TT2B */ + t += CR_ST_WORD(n, 3); + t ^= rol32(t, 9) ^ rol32(t, 17); + + CR_ST_WORD(d, 1) = ror32(CR_ST_WORD(d, 2), 13); + } + + CR_ST_WORD(d, 2) = CR_ST_WORD(d, 3); + CR_ST_WORD(d, 3) = t; + + rd[0] = d.l[0]; + rd[1] = d.l[1]; +} diff --git a/target/arm/helper.h b/target/arm/helper.h index 81d460702867..9d9f42cc89a6 100644 --- a/target/arm/helper.h +++ b/target/arm/helper.h @@ -539,6 +539,10 @@ DEF_HELPER_FLAGS_3(crypto_sha512h2, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) DEF_HELPER_FLAGS_2(crypto_sha512su0, TCG_CALL_NO_RWG, void, ptr, ptr) DEF_HELPER_FLAGS_3(crypto_sha512su1, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) +DEF_HELPER_FLAGS_5(crypto_sm3tt, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, i32, i32) +DEF_HELPER_FLAGS_3(crypto_sm3partw1, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) +DEF_HELPER_FLAGS_3(crypto_sm3partw2, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) + DEF_HELPER_FLAGS_3(crc32, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32) DEF_HELPER_FLAGS_3(crc32c, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32) DEF_HELPER_2(dc_zva, void, env, i64) diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c index f697a51ca7ec..afa1e7b5a27f 100644 --- a/target/arm/translate-a64.c +++ b/target/arm/translate-a64.c @@ -11168,8 +11168,19 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn) break; } } else { - unallocated_encoding(s); - return; + switch (opcode) { + case 0: /* SM3PARTW1 */ + feature = ARM_FEATURE_V8_SM3; + genfn = gen_helper_crypto_sm3partw1; + break; + case 1: /* SM3PARTW2 */ + feature = ARM_FEATURE_V8_SM3; + genfn = gen_helper_crypto_sm3partw2; + break; + default: + unallocated_encoding(s); + return; + } } if (!arm_dc_feature(s, feature)) { @@ -11282,6 +11293,9 @@ static void disas_crypto_four_reg(DisasContext *s, uint32_t insn) case 1: /* BCAX */ feature = ARM_FEATURE_V8_SHA3; break; + case 2: /* SM3SS1 */ + feature = ARM_FEATURE_V8_SM3; + break; default: unallocated_encoding(s); return; @@ -11329,7 +11343,33 @@ static void disas_crypto_four_reg(DisasContext *s, uint32_t insn) tcg_temp_free_i64(tcg_res[0]); tcg_temp_free_i64(tcg_res[1]); } else { - g_assert_not_reached(); + TCGv_i32 tcg_op1, tcg_op2, tcg_op3, tcg_res, tcg_zero; + + tcg_op1 = tcg_temp_new_i32(); + tcg_op2 = tcg_temp_new_i32(); + tcg_op3 = tcg_temp_new_i32(); + tcg_res = tcg_temp_new_i32(); + tcg_zero = tcg_const_i32(0); + + read_vec_element_i32(s, tcg_op1, rn, 3, MO_32); + read_vec_element_i32(s, tcg_op2, rm, 3, MO_32); + read_vec_element_i32(s, tcg_op3, ra, 3, MO_32); + + tcg_gen_rotri_i32(tcg_res, tcg_op1, 20); + tcg_gen_add_i32(tcg_res, tcg_res, tcg_op2); + tcg_gen_add_i32(tcg_res, tcg_res, tcg_op3); + tcg_gen_rotri_i32(tcg_res, tcg_res, 25); + + write_vec_element_i32(s, tcg_zero, rd, 0, MO_32); + write_vec_element_i32(s, tcg_zero, rd, 1, MO_32); + write_vec_element_i32(s, tcg_zero, rd, 2, MO_32); + write_vec_element_i32(s, tcg_res, rd, 3, MO_32); + + tcg_temp_free_i32(tcg_op1); + tcg_temp_free_i32(tcg_op2); + tcg_temp_free_i32(tcg_op3); + tcg_temp_free_i32(tcg_res); + tcg_temp_free_i32(tcg_zero); } } @@ -11378,6 +11418,47 @@ static void disas_crypto_xar(DisasContext *s, uint32_t insn) tcg_temp_free_i64(tcg_res[1]); } +/* Crypto three-reg imm2 + * 31 21 20 16 15 14 13 12 11 10 9 5 4 0 + * +-----------------------+------+-----+------+--------+------+------+ + * | 1 1 0 0 1 1 1 0 0 1 0 | Rm | 1 0 | imm2 | opcode | Rn | Rd | + * +-----------------------+------+-----+------+--------+------+------+ + */ +static void disas_crypto_three_reg_imm2(DisasContext *s, uint32_t insn) +{ + int opcode = extract32(insn, 10, 2); + int imm2 = extract32(insn, 12, 2); + int rm = extract32(insn, 16, 5); + int rn = extract32(insn, 5, 5); + int rd = extract32(insn, 0, 5); + TCGv_ptr tcg_rd_ptr, tcg_rn_ptr, tcg_rm_ptr; + TCGv_i32 tcg_imm2, tcg_opcode; + + if (!arm_dc_feature(s, ARM_FEATURE_V8_SM3)) { + unallocated_encoding(s); + return; + } + + if (!fp_access_check(s)) { + return; + } + + tcg_rd_ptr = vec_full_reg_ptr(s, rd); + tcg_rn_ptr = vec_full_reg_ptr(s, rn); + tcg_rm_ptr = vec_full_reg_ptr(s, rm); + tcg_imm2 = tcg_const_i32(imm2); + tcg_opcode = tcg_const_i32(opcode); + + gen_helper_crypto_sm3tt(tcg_rd_ptr, tcg_rn_ptr, tcg_rm_ptr, tcg_imm2, + tcg_opcode); + + tcg_temp_free_ptr(tcg_rd_ptr); + tcg_temp_free_ptr(tcg_rn_ptr); + tcg_temp_free_ptr(tcg_rm_ptr); + tcg_temp_free_i32(tcg_imm2); + tcg_temp_free_i32(tcg_opcode); +} + /* C3.6 Data processing - SIMD, inc Crypto * * As the decode gets a little complex we are using a table based @@ -11411,6 +11492,7 @@ static const AArch64DecodeTable data_proc_simd[] = { { 0xcec08000, 0xfffff000, disas_crypto_two_reg_sha512 }, { 0xce000000, 0xff808000, disas_crypto_four_reg }, { 0xce800000, 0xffe00000, disas_crypto_xar }, + { 0xce408000, 0xffe0c000, disas_crypto_three_reg_imm2 }, { 0x00000000, 0x00000000, NULL } }; From patchwork Wed Feb 7 11:17:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 127163 Delivered-To: patch@linaro.org Received: by 10.46.124.24 with SMTP id x24csp374638ljc; Wed, 7 Feb 2018 03:27:41 -0800 (PST) X-Google-Smtp-Source: AH8x226qJuta5LkhlkhahR+V1J/P1S+asqmaDpjd+8QifuSMIdfRwm8dk+xgJCb/8E/9HRMrWWnF X-Received: by 10.129.76.80 with SMTP id z77mr3693525ywa.298.1518002860876; Wed, 07 Feb 2018 03:27:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518002860; cv=none; d=google.com; s=arc-20160816; b=O7V9usVDn68gghUxyt/DdBgl0JHdSW2yxPIxIsMNfmxiNR+QkMzGGDA52HdkfhIPXv DPLr6dY2UOHLmCDGxg+EcEUxXrU7n3i+IJyHq01Sec8ZyNj3XHTMzsYIHttyqngzeOMP ctkT/hyegXJwLB89uJfJHOoTSQ1A2XaDCccyDaw7qTr6lJEvxXoH95/ipzyAxKMk373i ZM8PljezjwhOyeuGWCsMEG213XAyIcfqTvh4HhFCecUNIlENJW/HVJTtufHhxDVnQaRc vCrHMIG9jNuKLqIaDfR+NsY/xPCBqYd5XVUKuuNJYmin/JPaEzyi0YPJjsvnge1kaGFF vk8Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:dkim-signature:arc-authentication-results; bh=Hx1N9l2lwkdFcqwNOph1+2zM76bVu02xfjWoZddsSc4=; b=fa5KwFmSumOvbom9y5ihvJULcv7fUVN1qz8okL1m8rPz2j07hj2X6WOX/0en51glKQ xg1MrebDUkvTFertE9zqSm8USWO+8eMFMoQDYurqWtIatP3EnKAEPNo8jdGwdfQWfLzo A+bw0lj0OOrjaxlKTS2mun5YPKUjKH/f23l3Rovk0l3tRTc/HFH3uzPsN3RCiFAvQl+2 BFywdbgK5CmMCx8RATdJ7c/PuufCTbw/kQG4lzXvxPYRRS1WTk95CCxF+bzu0FacCks1 oVcO8UaXi+GrT7SKLeU5Y/dIYtF91PxLdTvcSc04qqzX+cUurlIwnuuIpV1snZiPKJYF 0spQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=a88AuwPq; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id a81si235317ybg.640.2018.02.07.03.27.40 for (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 07 Feb 2018 03:27:40 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=a88AuwPq; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:52117 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejNt6-00056m-7k for patch@linaro.org; Wed, 07 Feb 2018 06:27:40 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38806) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejNjY-0005El-Cw for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:49 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ejNjX-0005ii-2J for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:48 -0500 Received: from mail-wm0-x244.google.com ([2a00:1450:400c:c09::244]:54682) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ejNjW-0005hv-P7 for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:47 -0500 Received: by mail-wm0-x244.google.com with SMTP id i186so2425369wmi.4 for ; Wed, 07 Feb 2018 03:17:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Hx1N9l2lwkdFcqwNOph1+2zM76bVu02xfjWoZddsSc4=; b=a88AuwPqCP4QkjYy8nOjg2ylDurOp0/F6v8vWX/SlJqwRREeSMpD+geEFxSAQ/1opi GyapuOl51FiXurrc0xGpkb4OAWriHhtCTaEPGDvm5E0SWEw0Ar0s/w6xqnexVIVroePK vgh2gOyWFC2+swi33FScZsb6VjBoM0pwEiSKY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Hx1N9l2lwkdFcqwNOph1+2zM76bVu02xfjWoZddsSc4=; b=tqhrQQTyZTaMgh9qCUIQMPAxJhIgOWKz2tx6nUwunC6Aif1E1iShAidtl+WrjM01ue rQDo9NtcxCBZ3UtuSUy889ZGCYDkxU39p4ecwPm4DHHMzYcvnIIdWNWvGRgXa0QAl9is PjGT8cMS5wczuV44RiVnbrD6wNkwQE7uANchLIlvKqJVmBRKOFep4nZ2GNnih5ismyJ6 OT4+zDyH9edcUjPmyTpdX6bZ+udg9OQiSVLvAsBFSGgMrG2mlZ/WA/IWcbgkVUP3JzTE hkvSVlT9mA3OHPj4eVfClR/TRnX8XBkqmiVhnPNV06EA7urFoHsfs3bLaO4w0H0A9yN/ pMIg== X-Gm-Message-State: APf1xPBMq5qT46JNmy+a9gCsrcn+RfqjVkq5BIYN82IeCcAOxLXlEntq 9ZmTVY6GsI5LRk5WlTV+SyeCbhOnIx4= X-Received: by 10.28.21.73 with SMTP id 70mr1719862wmv.152.1518002265500; Wed, 07 Feb 2018 03:17:45 -0800 (PST) Received: from localhost.localdomain ([196.85.252.149]) by smtp.gmail.com with ESMTPSA id h32sm627629wrf.65.2018.02.07.03.17.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Feb 2018 03:17:44 -0800 (PST) From: Ard Biesheuvel To: qemu-devel@nongnu.org Date: Wed, 7 Feb 2018 11:17:28 +0000 Message-Id: <20180207111729.15737-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180207111729.15737-1-ard.biesheuvel@linaro.org> References: <20180207111729.15737-1-ard.biesheuvel@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c09::244 Subject: [Qemu-devel] [PATCH v6 4/5] target/arm: implement SM4 instructions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Ard Biesheuvel Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" This implements emulation of the new SM4 instructions that have been added as an optional extension to the ARMv8 Crypto Extensions in ARM v8.2. Signed-off-by: Ard Biesheuvel --- target/arm/cpu.h | 1 + target/arm/crypto_helper.c | 91 ++++++++++++++++++++ target/arm/helper.h | 3 + target/arm/translate-a64.c | 8 ++ 4 files changed, 103 insertions(+) -- 2.11.0 diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 18383666e02d..bad13a76d06c 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1375,6 +1375,7 @@ enum arm_features { ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */ ARM_FEATURE_V8_SHA3, /* implements SHA3 part of v8 Crypto Extensions */ ARM_FEATURE_V8_SM3, /* implements SM3 part of v8 Crypto Extensions */ + ARM_FEATURE_V8_SM4, /* implements SM4 part of v8 Crypto Extensions */ }; static inline int arm_feature(CPUARMState *env, int feature) diff --git a/target/arm/crypto_helper.c b/target/arm/crypto_helper.c index 2f6744edb088..cc339ea7e0ca 100644 --- a/target/arm/crypto_helper.c +++ b/target/arm/crypto_helper.c @@ -603,3 +603,94 @@ void HELPER(crypto_sm3tt)(void *vd, void *vn, void *vm, uint32_t imm2, rd[0] = d.l[0]; rd[1] = d.l[1]; } + +static uint8_t const sm4_sbox[] = { + 0xd6, 0x90, 0xe9, 0xfe, 0xcc, 0xe1, 0x3d, 0xb7, + 0x16, 0xb6, 0x14, 0xc2, 0x28, 0xfb, 0x2c, 0x05, + 0x2b, 0x67, 0x9a, 0x76, 0x2a, 0xbe, 0x04, 0xc3, + 0xaa, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99, + 0x9c, 0x42, 0x50, 0xf4, 0x91, 0xef, 0x98, 0x7a, + 0x33, 0x54, 0x0b, 0x43, 0xed, 0xcf, 0xac, 0x62, + 0xe4, 0xb3, 0x1c, 0xa9, 0xc9, 0x08, 0xe8, 0x95, + 0x80, 0xdf, 0x94, 0xfa, 0x75, 0x8f, 0x3f, 0xa6, + 0x47, 0x07, 0xa7, 0xfc, 0xf3, 0x73, 0x17, 0xba, + 0x83, 0x59, 0x3c, 0x19, 0xe6, 0x85, 0x4f, 0xa8, + 0x68, 0x6b, 0x81, 0xb2, 0x71, 0x64, 0xda, 0x8b, + 0xf8, 0xeb, 0x0f, 0x4b, 0x70, 0x56, 0x9d, 0x35, + 0x1e, 0x24, 0x0e, 0x5e, 0x63, 0x58, 0xd1, 0xa2, + 0x25, 0x22, 0x7c, 0x3b, 0x01, 0x21, 0x78, 0x87, + 0xd4, 0x00, 0x46, 0x57, 0x9f, 0xd3, 0x27, 0x52, + 0x4c, 0x36, 0x02, 0xe7, 0xa0, 0xc4, 0xc8, 0x9e, + 0xea, 0xbf, 0x8a, 0xd2, 0x40, 0xc7, 0x38, 0xb5, + 0xa3, 0xf7, 0xf2, 0xce, 0xf9, 0x61, 0x15, 0xa1, + 0xe0, 0xae, 0x5d, 0xa4, 0x9b, 0x34, 0x1a, 0x55, + 0xad, 0x93, 0x32, 0x30, 0xf5, 0x8c, 0xb1, 0xe3, + 0x1d, 0xf6, 0xe2, 0x2e, 0x82, 0x66, 0xca, 0x60, + 0xc0, 0x29, 0x23, 0xab, 0x0d, 0x53, 0x4e, 0x6f, + 0xd5, 0xdb, 0x37, 0x45, 0xde, 0xfd, 0x8e, 0x2f, + 0x03, 0xff, 0x6a, 0x72, 0x6d, 0x6c, 0x5b, 0x51, + 0x8d, 0x1b, 0xaf, 0x92, 0xbb, 0xdd, 0xbc, 0x7f, + 0x11, 0xd9, 0x5c, 0x41, 0x1f, 0x10, 0x5a, 0xd8, + 0x0a, 0xc1, 0x31, 0x88, 0xa5, 0xcd, 0x7b, 0xbd, + 0x2d, 0x74, 0xd0, 0x12, 0xb8, 0xe5, 0xb4, 0xb0, + 0x89, 0x69, 0x97, 0x4a, 0x0c, 0x96, 0x77, 0x7e, + 0x65, 0xb9, 0xf1, 0x09, 0xc5, 0x6e, 0xc6, 0x84, + 0x18, 0xf0, 0x7d, 0xec, 0x3a, 0xdc, 0x4d, 0x20, + 0x79, 0xee, 0x5f, 0x3e, 0xd7, 0xcb, 0x39, 0x48, +}; + +void HELPER(crypto_sm4e)(void *vd, void *vn) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + union CRYPTO_STATE d = { .l = { rd[0], rd[1] } }; + union CRYPTO_STATE n = { .l = { rn[0], rn[1] } }; + uint32_t t, i; + + for (i = 0; i < 4; i++) { + t = CR_ST_WORD(d, (i + 1) % 4) ^ + CR_ST_WORD(d, (i + 2) % 4) ^ + CR_ST_WORD(d, (i + 3) % 4) ^ + CR_ST_WORD(n, i); + + t = sm4_sbox[t & 0xff] | + sm4_sbox[(t >> 8) & 0xff] << 8 | + sm4_sbox[(t >> 16) & 0xff] << 16 | + sm4_sbox[(t >> 24) & 0xff] << 24; + + CR_ST_WORD(d, i) ^= t ^ rol32(t, 2) ^ rol32(t, 10) ^ rol32(t, 18) ^ + rol32(t, 24); + } + + rd[0] = d.l[0]; + rd[1] = d.l[1]; +} + +void HELPER(crypto_sm4ekey)(void *vd, void *vn, void* vm) +{ + uint64_t *rd = vd; + uint64_t *rn = vn; + uint64_t *rm = vm; + union CRYPTO_STATE d; + union CRYPTO_STATE n = { .l = { rn[0], rn[1] } }; + union CRYPTO_STATE m = { .l = { rm[0], rm[1] } }; + uint32_t t, i; + + d = n; + for (i = 0; i < 4; i++) { + t = CR_ST_WORD(d, (i + 1) % 4) ^ + CR_ST_WORD(d, (i + 2) % 4) ^ + CR_ST_WORD(d, (i + 3) % 4) ^ + CR_ST_WORD(m, i); + + t = sm4_sbox[t & 0xff] | + sm4_sbox[(t >> 8) & 0xff] << 8 | + sm4_sbox[(t >> 16) & 0xff] << 16 | + sm4_sbox[(t >> 24) & 0xff] << 24; + + CR_ST_WORD(d, i) ^= t ^ rol32(t, 13) ^ rol32(t, 23); + } + + rd[0] = d.l[0]; + rd[1] = d.l[1]; +} diff --git a/target/arm/helper.h b/target/arm/helper.h index 9d9f42cc89a6..6383d7d09e0d 100644 --- a/target/arm/helper.h +++ b/target/arm/helper.h @@ -543,6 +543,9 @@ DEF_HELPER_FLAGS_5(crypto_sm3tt, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, i32, i32) DEF_HELPER_FLAGS_3(crypto_sm3partw1, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) DEF_HELPER_FLAGS_3(crypto_sm3partw2, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) +DEF_HELPER_FLAGS_2(crypto_sm4e, TCG_CALL_NO_RWG, void, ptr, ptr) +DEF_HELPER_FLAGS_3(crypto_sm4ekey, TCG_CALL_NO_RWG, void, ptr, ptr, ptr) + DEF_HELPER_FLAGS_3(crc32, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32) DEF_HELPER_FLAGS_3(crc32c, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32) DEF_HELPER_2(dc_zva, void, env, i64) diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c index afa1e7b5a27f..186f2ebae9f2 100644 --- a/target/arm/translate-a64.c +++ b/target/arm/translate-a64.c @@ -11177,6 +11177,10 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn) feature = ARM_FEATURE_V8_SM3; genfn = gen_helper_crypto_sm3partw2; break; + case 2: /* SM4EKEY */ + feature = ARM_FEATURE_V8_SM4; + genfn = gen_helper_crypto_sm4ekey; + break; default: unallocated_encoding(s); return; @@ -11250,6 +11254,10 @@ static void disas_crypto_two_reg_sha512(DisasContext *s, uint32_t insn) feature = ARM_FEATURE_V8_SHA512; genfn = gen_helper_crypto_sha512su0; break; + case 1: /* SM4E */ + feature = ARM_FEATURE_V8_SM4; + genfn = gen_helper_crypto_sm4e; + break; default: unallocated_encoding(s); return; From patchwork Wed Feb 7 11:17:29 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 127162 Delivered-To: patch@linaro.org Received: by 10.46.124.24 with SMTP id x24csp371768ljc; Wed, 7 Feb 2018 03:23:45 -0800 (PST) X-Google-Smtp-Source: AH8x227oKF3h+ihJQy3pzhzMBP4vAyL8/xQMrUiHXeSShKvnmFlKONcw2nDfTiqf1l1aXqmVkQlD X-Received: by 10.129.117.69 with SMTP id q66mr3557543ywc.273.1518002625271; Wed, 07 Feb 2018 03:23:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518002625; cv=none; d=google.com; s=arc-20160816; b=nOmteT8+fsLnQe82OYJSHbrAIGyqHKYyGrdNyCUbM2zrZtgHfqxc1Y4c6QbdiU9Ckh kL7GnzQjsi4WgZVqcBry0BCTVufUUEoudR2KRrfjAl4WuKdec+nwqmWOwvw8+jwd1g7n jvZ6SYda6vvoctZe/CXOwJw3JCUc0jp+7vEt2B4vLlfbehejy3uvB55bEqcakPHgmTo/ rxTbmF7Vy494RWojDyz3t7rTbFtbJsLxEXWgovO1+BGZsTerHxeU0pVlnD0Zl90sPm+x 7iTpGwsc0AvEw5df0WAL8S6Wwisf0qUO2CxwNnCEesngJgc10iK1W/SQzO5GawqFfUY0 5MRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:dkim-signature:arc-authentication-results; bh=0E8xRuXjt6tHNmF2FMIetywkxa2Ci1p121AN/nSrBIE=; b=E+U6SyUmr8ulr4hvmo/0xuloK/T748Q3b+6JXVHi0SS1g0djjm46Aqd+8GaqvHT91u urnzGwgfDazb4B3NuUylXoSOHbVo3WIN890uf50fzMWTKRhb9QyfLR+AOPfZFeP2kFRS QcCl27kswoVLmYA2h2zxT+/1UGvI7nCRby4Q3v5QWuKOp/sb+3fCEL7q5YrU1s959B8S x4SOCbQcOAi84KQuVHlJtUnL7yGd/ZQQQtq/AhGZI4ANAK6M6ofLPvTApH9ucxPtKbnZ pUH/Ye1QQ8eCWxJFfKE5NCW49m4NV8F3uVsPhKwC9XOJcnYbYCUgFZ39/aVbEKc7UgZM WGIA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=Gx4630wz; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id m6si224470ybc.353.2018.02.07.03.23.45 for (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 07 Feb 2018 03:23:45 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=Gx4630wz; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:51913 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejNpI-0001Fz-HI for patch@linaro.org; Wed, 07 Feb 2018 06:23:44 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38818) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejNjZ-0005Fl-H2 for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:53 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ejNjY-0005js-J1 for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:49 -0500 Received: from mail-wm0-x244.google.com ([2a00:1450:400c:c09::244]:54084) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ejNjY-0005jA-Bq for qemu-devel@nongnu.org; Wed, 07 Feb 2018 06:17:48 -0500 Received: by mail-wm0-x244.google.com with SMTP id t74so2448365wme.3 for ; Wed, 07 Feb 2018 03:17:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=0E8xRuXjt6tHNmF2FMIetywkxa2Ci1p121AN/nSrBIE=; b=Gx4630wzk12pmYyYy2oYpPBcQ+AVqZYzK5pyWAxkFPBOzCyJ3eLK7zSle3irFxPj54 TONTMo1qCXo8iXk19ScQXko9y5/lnDik0De0pxea3LS09m5FrLem5PVZaJEB+Ynydfyb qJOK3EFljze/VzDLsMlee3yehlIvi9yWcYdig= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=0E8xRuXjt6tHNmF2FMIetywkxa2Ci1p121AN/nSrBIE=; b=ihNLq7VhtY9wJ6UTYDTmS1m9jz0Ci2Ob54Cc84x2Y25XZn8GToFQSiIQOVB9Munm4v aHUjlRC1qKpsG7VFVn2gW9l2s4r5olvgYmk8iHabCl3j7GsXKtDXup0+sWTvhWsWRl/9 wZbHrxW8IlWMWawOE3kRSCcdwWLABGInAykNqqwGxW/P8pmVnC6HNJNWYjehgeC6TPnR l8rGpJNReeju5CQhzB/6PGgGxn5znOCA3VOU7JyFFkG3D0kYws7UuJ54+LlXvPbqraN5 Et5dtZuOpTnicVh6yxha3HKYi0m3+Hf0kZMtdBZz7GrdmgW79nOzOzDv+RIJ0ICCPkk5 lWaA== X-Gm-Message-State: APf1xPDOH/t3J+D7s4RaVRQzWK3hhQ8c0Voncul6yYV+58AoL3OxchR3 +Nm+XaCnt1tS32tswf/b4x8bpIuOIgQ= X-Received: by 10.28.47.80 with SMTP id v77mr4263229wmv.23.1518002267143; Wed, 07 Feb 2018 03:17:47 -0800 (PST) Received: from localhost.localdomain ([196.85.252.149]) by smtp.gmail.com with ESMTPSA id h32sm627629wrf.65.2018.02.07.03.17.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Feb 2018 03:17:46 -0800 (PST) From: Ard Biesheuvel To: qemu-devel@nongnu.org Date: Wed, 7 Feb 2018 11:17:29 +0000 Message-Id: <20180207111729.15737-6-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180207111729.15737-1-ard.biesheuvel@linaro.org> References: <20180207111729.15737-1-ard.biesheuvel@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c09::244 Subject: [Qemu-devel] [PATCH v6 5/5] target/arm: enable user-mode SHA-3, SM3, SM4 and SHA-512 instruction support X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Ard Biesheuvel Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Add support for the new ARMv8.2 SHA-3, SM3, SM4 and SHA-512 instructions to AArch64 user mode emulation. Signed-off-by: Ard Biesheuvel --- linux-user/elfload.c | 19 +++++++++++++++++++ target/arm/cpu64.c | 4 ++++ 2 files changed, 23 insertions(+) -- 2.11.0 diff --git a/linux-user/elfload.c b/linux-user/elfload.c index 20f3d8c2c373..7922ab8eab79 100644 --- a/linux-user/elfload.c +++ b/linux-user/elfload.c @@ -512,6 +512,21 @@ enum { ARM_HWCAP_A64_SHA1 = 1 << 5, ARM_HWCAP_A64_SHA2 = 1 << 6, ARM_HWCAP_A64_CRC32 = 1 << 7, + ARM_HWCAP_A64_ATOMICS = 1 << 8, + ARM_HWCAP_A64_FPHP = 1 << 9, + ARM_HWCAP_A64_ASIMDHP = 1 << 10, + ARM_HWCAP_A64_CPUID = 1 << 11, + ARM_HWCAP_A64_ASIMDRDM = 1 << 12, + ARM_HWCAP_A64_JSCVT = 1 << 13, + ARM_HWCAP_A64_FCMA = 1 << 14, + ARM_HWCAP_A64_LRCPC = 1 << 15, + ARM_HWCAP_A64_DCPOP = 1 << 16, + ARM_HWCAP_A64_SHA3 = 1 << 17, + ARM_HWCAP_A64_SM3 = 1 << 18, + ARM_HWCAP_A64_SM4 = 1 << 19, + ARM_HWCAP_A64_ASIMDDP = 1 << 20, + ARM_HWCAP_A64_SHA512 = 1 << 21, + ARM_HWCAP_A64_SVE = 1 << 22, }; #define ELF_HWCAP get_elf_hwcap() @@ -532,6 +547,10 @@ static uint32_t get_elf_hwcap(void) GET_FEATURE(ARM_FEATURE_V8_SHA1, ARM_HWCAP_A64_SHA1); GET_FEATURE(ARM_FEATURE_V8_SHA256, ARM_HWCAP_A64_SHA2); GET_FEATURE(ARM_FEATURE_CRC, ARM_HWCAP_A64_CRC32); + GET_FEATURE(ARM_FEATURE_V8_SHA3, ARM_HWCAP_A64_SHA3); + GET_FEATURE(ARM_FEATURE_V8_SM3, ARM_HWCAP_A64_SM3); + GET_FEATURE(ARM_FEATURE_V8_SM4, ARM_HWCAP_A64_SM4); + GET_FEATURE(ARM_FEATURE_V8_SHA512, ARM_HWCAP_A64_SHA512); #undef GET_FEATURE return hwcaps; diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c index 670c07ab6ed4..1c330adc281b 100644 --- a/target/arm/cpu64.c +++ b/target/arm/cpu64.c @@ -224,6 +224,10 @@ static void aarch64_any_initfn(Object *obj) set_feature(&cpu->env, ARM_FEATURE_V8_AES); set_feature(&cpu->env, ARM_FEATURE_V8_SHA1); set_feature(&cpu->env, ARM_FEATURE_V8_SHA256); + set_feature(&cpu->env, ARM_FEATURE_V8_SHA512); + set_feature(&cpu->env, ARM_FEATURE_V8_SHA3); + set_feature(&cpu->env, ARM_FEATURE_V8_SM3); + set_feature(&cpu->env, ARM_FEATURE_V8_SM4); set_feature(&cpu->env, ARM_FEATURE_V8_PMULL); set_feature(&cpu->env, ARM_FEATURE_CRC); cpu->ctr = 0x80038003; /* 32 byte I and D cacheline size, VIPT icache */