From: Aaron Lindsay <aaron@os.amperecomputing.com>
To: qemu-devel@nongnu.org, qemu-arm@nongnu.org,
"Richard Henderson" <richard.henderson@linaro.org>,
"Vincent Dehors" <vincent.dehors@smile.fr>,
"Alex Bennée" <alex.bennee@linaro.org>,
"Peter Maydell" <peter.maydell@linaro.org>
Cc: Aaron Lindsay <aaron@os.amperecomputing.com>
Subject: [PATCH v2 2/7] target/arm: Implement v8.3 QARMA3 PAC cipher
Date: Wed, 22 Feb 2023 14:35:39 -0500 [thread overview]
Message-ID: <20230222193544.3392713-3-aaron@os.amperecomputing.com> (raw)
In-Reply-To: <20230222193544.3392713-1-aaron@os.amperecomputing.com>
Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/pauth_helper.c | 50 +++++++++++++++++++++++++++++++--------
1 file changed, 40 insertions(+), 10 deletions(-)
diff --git a/target/arm/pauth_helper.c b/target/arm/pauth_helper.c
index e5206453f6..f525ef7fad 100644
--- a/target/arm/pauth_helper.c
+++ b/target/arm/pauth_helper.c
@@ -96,6 +96,21 @@ static uint64_t pac_sub(uint64_t i)
return o;
}
+static uint64_t pac_sub1(uint64_t i)
+{
+ static const uint8_t sub1[16] = {
+ 0xa, 0xd, 0xe, 0x6, 0xf, 0x7, 0x3, 0x5,
+ 0x9, 0x8, 0x0, 0xc, 0xb, 0x1, 0x2, 0x4,
+ };
+ uint64_t o = 0;
+ int b;
+
+ for (b = 0; b < 64; b += 4) {
+ o |= (uint64_t)sub1[(i >> b) & 0xf] << b;
+ }
+ return o;
+}
+
static uint64_t pac_inv_sub(uint64_t i)
{
static const uint8_t inv_sub[16] = {
@@ -209,7 +224,7 @@ static uint64_t tweak_inv_shuffle(uint64_t i)
}
static uint64_t pauth_computepac_architected(uint64_t data, uint64_t modifier,
- ARMPACKey key)
+ ARMPACKey key, bool isqarma3)
{
static const uint64_t RC[5] = {
0x0000000000000000ull,
@@ -219,6 +234,7 @@ static uint64_t pauth_computepac_architected(uint64_t data, uint64_t modifier,
0x452821E638D01377ull,
};
const uint64_t alpha = 0xC0AC29B7C97C50DDull;
+ int iterations = isqarma3 ? 2 : 4;
/*
* Note that in the ARM pseudocode, key0 contains bits <127:64>
* and key1 contains bits <63:0> of the 128-bit key.
@@ -231,7 +247,7 @@ static uint64_t pauth_computepac_architected(uint64_t data, uint64_t modifier,
runningmod = modifier;
workingval = data ^ key0;
- for (i = 0; i <= 4; ++i) {
+ for (i = 0; i <= iterations; ++i) {
roundkey = key1 ^ runningmod;
workingval ^= roundkey;
workingval ^= RC[i];
@@ -239,32 +255,44 @@ static uint64_t pauth_computepac_architected(uint64_t data, uint64_t modifier,
workingval = pac_cell_shuffle(workingval);
workingval = pac_mult(workingval);
}
- workingval = pac_sub(workingval);
+ if (isqarma3)
+ workingval = pac_sub1(workingval);
+ else
+ workingval = pac_sub(workingval);
runningmod = tweak_shuffle(runningmod);
}
roundkey = modk0 ^ runningmod;
workingval ^= roundkey;
workingval = pac_cell_shuffle(workingval);
workingval = pac_mult(workingval);
- workingval = pac_sub(workingval);
+ if (isqarma3)
+ workingval = pac_sub1(workingval);
+ else
+ workingval = pac_sub(workingval);
workingval = pac_cell_shuffle(workingval);
workingval = pac_mult(workingval);
workingval ^= key1;
workingval = pac_cell_inv_shuffle(workingval);
- workingval = pac_inv_sub(workingval);
+ if (isqarma3)
+ workingval = pac_sub1(workingval);
+ else
+ workingval = pac_inv_sub(workingval);
workingval = pac_mult(workingval);
workingval = pac_cell_inv_shuffle(workingval);
workingval ^= key0;
workingval ^= runningmod;
- for (i = 0; i <= 4; ++i) {
- workingval = pac_inv_sub(workingval);
- if (i < 4) {
+ for (i = 0; i <= iterations; ++i) {
+ if (isqarma3)
+ workingval = pac_sub1(workingval);
+ else
+ workingval = pac_inv_sub(workingval);
+ if (i < iterations) {
workingval = pac_mult(workingval);
workingval = pac_cell_inv_shuffle(workingval);
}
runningmod = tweak_inv_shuffle(runningmod);
roundkey = key1 ^ runningmod;
- workingval ^= RC[4 - i];
+ workingval ^= RC[iterations - i];
workingval ^= roundkey;
workingval ^= alpha;
}
@@ -283,7 +311,9 @@ static uint64_t pauth_computepac(CPUARMState *env, uint64_t data,
uint64_t modifier, ARMPACKey key)
{
if (cpu_isar_feature(aa64_pauth_arch_qarma5, env_archcpu(env))) {
- return pauth_computepac_architected(data, modifier, key);
+ return pauth_computepac_architected(data, modifier, key, false);
+ } else if (cpu_isar_feature(aa64_pauth_arch_qarma3, env_archcpu(env))) {
+ return pauth_computepac_architected(data, modifier, key, true);
} else {
return pauth_computepac_impdef(data, modifier, key);
}
--
2.25.1
next prev parent reply other threads:[~2023-02-22 19:38 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-22 19:35 [PATCH v2 0/7] Implement Most ARMv8.3 Pointer Authentication Features Aaron Lindsay
2023-02-22 19:35 ` [PATCH v2 1/7] target/arm: v8.3 PAC ID_AA64ISAR[12] feature-detection Aaron Lindsay
2023-02-22 20:27 ` Richard Henderson
2023-02-23 14:02 ` Peter Maydell
2023-02-22 19:35 ` Aaron Lindsay [this message]
2023-02-22 20:35 ` [PATCH v2 2/7] target/arm: Implement v8.3 QARMA3 PAC cipher Richard Henderson
2023-02-22 19:35 ` [PATCH v2 3/7] target/arm: Implement v8.3 EnhancedPAC Aaron Lindsay
2023-02-22 20:39 ` Richard Henderson
2023-02-22 20:41 ` Richard Henderson
2023-02-22 19:35 ` [PATCH v2 4/7] target/arm: Implement v8.3 Pauth2 Aaron Lindsay
2023-02-22 20:50 ` Richard Henderson
2023-02-22 19:35 ` [PATCH v2 5/7] targer/arm: Inform helpers whether a PAC instruction is 'combined' Aaron Lindsay
2023-02-22 20:56 ` Richard Henderson
2023-02-22 19:35 ` [PATCH v2 6/7] target/arm: Implement v8.3 FPAC and FPACCOMBINE Aaron Lindsay
2023-02-22 21:37 ` Richard Henderson
2023-03-22 20:33 ` Aaron Lindsay
2023-03-22 22:39 ` Richard Henderson
2023-02-22 19:35 ` [PATCH v2 7/7] target/arm: Add CPU properties for most v8.3 PAC features Aaron Lindsay
2023-02-22 22:14 ` Richard Henderson
2023-02-24 11:23 ` Peter Maydell
2023-03-22 20:36 ` Aaron Lindsay
2023-03-22 23:01 ` Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230222193544.3392713-3-aaron@os.amperecomputing.com \
--to=aaron@os.amperecomputing.com \
--cc=alex.bennee@linaro.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=vincent.dehors@smile.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.