From 48b999cd6eac903470b920c6edc89c74cadbce7b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 3 Mar 2023 15:51:07 +0800 Subject: [PATCH 01/14] Add cpu modifiers for aesce.c Signed-off-by: Jerry Yu --- library/aesce.c | 37 ++++++++++++++++++++++++++++++++----- 1 file changed, 32 insertions(+), 5 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 0f6c323b8..ca7c6928f 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -17,6 +17,23 @@ * limitations under the License. */ +#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ + defined(__clang__) && __clang_major__ < 18 && __clang_major__ > 3 +/* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. + * + * The intrinsic declaration are guarded by predefined ACLE macros in clang: + * these are normally only enabled by the -march option on the command line. + * By defining the macros ourselves we gain access to those declarations without + * requiring -march on the command line. + * + * `arm_neon.h` could be included by any header file, so we put these defines + * at the top of this file, before any includes. + */ +#define __ARM_FEATURE_CRYPTO 1 +#define NEED_TARGET_OPTIONS +#endif /* __aarch64__ && __clang__ && + !__ARM_FEATURE_CRYPTO && __clang_major__ < 18 && __clang_major__ > 3 */ + #include #include "common.h" @@ -30,19 +47,19 @@ # if __clang_major__ < 4 # error "A more recent Clang is required for MBEDTLS_AESCE_C" # endif +# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA #elif defined(__GNUC__) # if __GNUC__ < 6 # error "A more recent GCC is required for MBEDTLS_AESCE_C" # endif +# pragma GCC push_options +# pragma GCC target ("arch=armv8-a+crypto") +# define MBEDTLS_POP_TARGET_PRAGMA #else # error "Only GCC and Clang supported for MBEDTLS_AESCE_C" #endif -#if !defined(__ARM_FEATURE_CRYPTO) -# error "`crypto` feature modifier MUST be enabled for MBEDTLS_AESCE_C." -# error "Typical option for GCC and Clang is `-march=armv8-a+crypto`." -#endif /* !__ARM_FEATURE_CRYPTO */ - #include #if defined(__linux__) @@ -252,6 +269,16 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk, return 0; } + +#if defined(MBEDTLS_POP_TARGET_PRAGMA) +#if defined(__clang__) +#pragma clang attribute pop +#elif defined(__GNUC__) +#pragma GCC pop_options +#endif +#undef MBEDTLS_POP_TARGET_PRAGMA +#endif + #endif /* MBEDTLS_HAVE_ARM64 */ #endif /* MBEDTLS_AESCE_C */ From ae129c3a20735b03b3d2722e46c0e22e56ff62c4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 3 Mar 2023 15:55:56 +0800 Subject: [PATCH 02/14] Add new feature test macros Signed-off-by: Jerry Yu --- library/aesce.c | 5 +++++ library/sha256.c | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/library/aesce.c b/library/aesce.c index ca7c6928f..c61e000a1 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -30,6 +30,11 @@ * at the top of this file, before any includes. */ #define __ARM_FEATURE_CRYPTO 1 +/* See: https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions + * + * `__ARM_FEATURE_CRYPTO` is deprecated. Reserve it for older compilers. + */ +#define __ARM_FEATURE_AES 1 #define NEED_TARGET_OPTIONS #endif /* __aarch64__ && __clang__ && !__ARM_FEATURE_CRYPTO && __clang_major__ < 18 && __clang_major__ > 3 */ diff --git a/library/sha256.c b/library/sha256.c index ca3fa5df9..13fb67908 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -35,6 +35,11 @@ * at the top of this file, before any includes. */ #define __ARM_FEATURE_CRYPTO 1 +/* See: https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions + * + * `__ARM_FEATURE_CRYPTO` is deprecated. Reserve it for older compilers. + */ +#define __ARM_FEATURE_SHA2 1 #define NEED_TARGET_OPTIONS #endif /* __aarch64__ && __clang__ && !__ARM_FEATURE_CRYPTO && __clang_major__ < 18 && __clang_major__ > 3 */ From ad0b2f7677dfb0e4727ca02b2aef296fad03970a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 3 Mar 2023 15:58:49 +0800 Subject: [PATCH 03/14] Enable all arm64 acceleration in travis tests Signed-off-by: Jerry Yu --- .travis.yml | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/.travis.yml b/.travis.yml index cdb79d1aa..d4deb2c5f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -90,15 +90,10 @@ jobs: - gcc script: # Do a manual build+test sequence rather than using all.sh, because - # there's no all.sh component that does what we want. We should set - # CFLAGS for arm64 host CC. + # there's no all.sh component that does what we want. - scripts/config.py full - - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT - - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY - - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - make generated_files - - make CFLAGS='-march=armv8-a+crypto -O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + - make CFLAGS='-O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all' - make test - programs/test/selftest - tests/scripts/test_psa_constant_names.py @@ -118,15 +113,10 @@ jobs: - gnutls-bin script: # Do a manual build+test sequence rather than using all.sh, because - # there's no all.sh component that does what we want. We should set - # CFLAGS for arm64 host CC. + # there's no all.sh component that does what we want. - scripts/config.py full - - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT - - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY - - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - make generated_files - - make CC=clang CFLAGS='-march=armv8-a+crypto -O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + - make CC=clang CFLAGS='-O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all' # GnuTLS supports CAMELLIA but compat.sh doesn't properly enable it. - tests/compat.sh -p GnuTLS -e 'CAMELLIA' - tests/scripts/travis-log-failure.sh From 7b4d9da08ccda3c2e42999bba1a8d52387af3679 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 3 Mar 2023 17:56:54 +0800 Subject: [PATCH 04/14] fix wrong clang version check. Both inline assembly and intrinsic need pragma Signed-off-by: Jerry Yu --- library/sha512.c | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/library/sha512.c b/library/sha512.c index bc92a8de2..9f63cb977 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -23,8 +23,7 @@ */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_SHA512) && \ - defined(__clang__) && __clang_major__ < 18 && \ - __clang_major__ >= 13 && __clang_minor__ > 0 && __clang_patchlevel__ > 0 + defined(__clang__) && __clang_major__ < 18 && __clang_major__ > 7 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: @@ -37,10 +36,8 @@ */ #define __ARM_FEATURE_SHA512 1 #define NEED_TARGET_OPTIONS -#endif /* __aarch64__ && __clang__ && - !__ARM_FEATURE_SHA512 && __clang_major__ < 18 && - __clang_major__ >= 13 && __clang_minor__ > 0 && - __clang_patchlevel__ > 0 */ +#endif /* __aarch64__ && !__ARM_FEATURE_SHA512 && + __clang__ && __clang_major__ < 18 && __clang_major__ > 7 */ #include "common.h" @@ -83,10 +80,6 @@ # if defined(__clang__) # if __clang_major__ < 7 # error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# elif __clang_major__ < 13 || \ - (__clang_major__ == 13 && __clang_minor__ == 0 && \ - __clang_patchlevel__ == 0) - /* We implement the intrinsics with inline assembler, so don't error */ # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA From 490bf08dd985b032f4a9ccccf867302097639930 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 6 Mar 2023 15:21:44 +0800 Subject: [PATCH 05/14] fix comment issues Signed-off-by: Jerry Yu --- library/aesce.c | 6 +++--- library/sha256.c | 6 +++--- library/sha512.c | 3 +-- 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index c61e000a1..687a9fb78 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -32,12 +32,12 @@ #define __ARM_FEATURE_CRYPTO 1 /* See: https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions * - * `__ARM_FEATURE_CRYPTO` is deprecated. Reserve it for older compilers. + * `__ARM_FEATURE_CRYPTO` is deprecated, but we need to continue to specify it + * for older compilers. */ #define __ARM_FEATURE_AES 1 #define NEED_TARGET_OPTIONS -#endif /* __aarch64__ && __clang__ && - !__ARM_FEATURE_CRYPTO && __clang_major__ < 18 && __clang_major__ > 3 */ +#endif #include #include "common.h" diff --git a/library/sha256.c b/library/sha256.c index 13fb67908..2a06a72c0 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -37,12 +37,12 @@ #define __ARM_FEATURE_CRYPTO 1 /* See: https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions * - * `__ARM_FEATURE_CRYPTO` is deprecated. Reserve it for older compilers. + * `__ARM_FEATURE_CRYPTO` is deprecated, but we need to continue to specify it + * for older compilers. */ #define __ARM_FEATURE_SHA2 1 #define NEED_TARGET_OPTIONS -#endif /* __aarch64__ && __clang__ && - !__ARM_FEATURE_CRYPTO && __clang_major__ < 18 && __clang_major__ > 3 */ +#endif #include "common.h" diff --git a/library/sha512.c b/library/sha512.c index 9f63cb977..a7b8c74b4 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -36,8 +36,7 @@ */ #define __ARM_FEATURE_SHA512 1 #define NEED_TARGET_OPTIONS -#endif /* __aarch64__ && !__ARM_FEATURE_SHA512 && - __clang__ && __clang_major__ < 18 && __clang_major__ > 7 */ +#endif #include "common.h" From 77a010e3b39f432ace16ec864ff9da2704eb7635 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 6 Mar 2023 15:27:04 +0800 Subject: [PATCH 06/14] Remove the max version limitation for clang workaround Signed-off-by: Jerry Yu --- library/aesce.c | 2 +- library/sha256.c | 2 +- library/sha512.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 687a9fb78..55010686f 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -18,7 +18,7 @@ */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ - defined(__clang__) && __clang_major__ < 18 && __clang_major__ > 3 + defined(__clang__) && __clang_major__ > 3 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: diff --git a/library/sha256.c b/library/sha256.c index 2a06a72c0..a56c88e6f 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -23,7 +23,7 @@ */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ - defined(__clang__) && __clang_major__ < 18 && __clang_major__ > 3 + defined(__clang__) && __clang_major__ > 3 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: diff --git a/library/sha512.c b/library/sha512.c index a7b8c74b4..dc4479736 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -23,7 +23,7 @@ */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_SHA512) && \ - defined(__clang__) && __clang_major__ < 18 && __clang_major__ > 7 + defined(__clang__) && __clang_major__ > 7 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: From 02487a2123b3b8b6c64c2303747a12e2c5975488 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 6 Mar 2023 15:28:51 +0800 Subject: [PATCH 07/14] Rename target option flag macro Signed-off-by: Jerry Yu --- library/aesce.c | 2 +- library/sha256.c | 4 ++-- library/sha512.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 55010686f..e2b75a237 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -36,7 +36,7 @@ * for older compilers. */ #define __ARM_FEATURE_AES 1 -#define NEED_TARGET_OPTIONS +#define MBEDTLS_NEED_TAGET_OPTIONS #endif #include diff --git a/library/sha256.c b/library/sha256.c index a56c88e6f..46a8831aa 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -41,7 +41,7 @@ * for older compilers. */ #define __ARM_FEATURE_SHA2 1 -#define NEED_TARGET_OPTIONS +#define MBEDTLS_NEED_TAGET_OPTIONS #endif #include "common.h" @@ -60,7 +60,7 @@ # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ -# if !defined(__ARM_FEATURE_CRYPTO) || defined(NEED_TARGET_OPTIONS) +# if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_NEED_TAGET_OPTIONS) # if defined(__clang__) # if __clang_major__ < 4 # error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" diff --git a/library/sha512.c b/library/sha512.c index dc4479736..2c91a2a1d 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -35,7 +35,7 @@ * at the top of this file, before any includes. */ #define __ARM_FEATURE_SHA512 1 -#define NEED_TARGET_OPTIONS +#define MBEDTLS_NEED_TAGET_OPTIONS #endif #include "common.h" @@ -74,7 +74,7 @@ * Clang == 13.0.0 same as clang 12 (only seen on macOS) * Clang >= 13.0.1 has __ARM_FEATURE_SHA512 and intrinsics */ -# if !defined(__ARM_FEATURE_SHA512) || defined(NEED_TARGET_OPTIONS) +# if !defined(__ARM_FEATURE_SHA512) || defined(MBEDTLS_NEED_TAGET_OPTIONS) /* Test Clang first, as it defines __GNUC__ */ # if defined(__clang__) # if __clang_major__ < 7 From 55b3ed74c9e58463bcd741e8fa86c595abef61ab Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 13 Mar 2023 10:46:01 +0800 Subject: [PATCH 08/14] Add reason for arm64 host travis tests Signed-off-by: Jerry Yu --- .travis.yml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index d4deb2c5f..3d8668107 100644 --- a/.travis.yml +++ b/.travis.yml @@ -89,8 +89,11 @@ jobs: packages: - gcc script: - # Do a manual build+test sequence rather than using all.sh, because - # there's no all.sh component that does what we want. + # Do a manual build+test sequence rather than using all.sh. + # + # On Arm64 host of Travis CI, the time of `test_full_cmake_*` exceeds + # limitation of Travis CI. Base on `test_full_cmake_*`, we removed + # `ssl-opt.sh` and GnuTLS compat.sh here to meet the time limitation. - scripts/config.py full - make generated_files - make CFLAGS='-O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all' @@ -112,8 +115,11 @@ jobs: - clang - gnutls-bin script: - # Do a manual build+test sequence rather than using all.sh, because - # there's no all.sh component that does what we want. + # Do a manual build+test sequence rather than using all.sh. + # + # On Arm64 host of Travis CI, the time of `test_full_cmake_*` exceeds + # limitation of Travis CI. Base on `test_full_cmake_*`, we removed + # `ssl-opt.sh` and OpenSSl compat.sh here to meet the time limitation. - scripts/config.py full - make generated_files - make CC=clang CFLAGS='-O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all' From be783866814d69c59639e5828b26e9e265b86fd3 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 13 Mar 2023 10:58:41 +0800 Subject: [PATCH 09/14] Remove documents about command line options. After this PR, the issue has been fixed. Signed-off-by: Jerry Yu --- include/mbedtls/mbedtls_config.h | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 7daba3740..e8b909d0b 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2039,17 +2039,6 @@ * * Requires: MBEDTLS_HAVE_ASM, MBEDTLS_AES_C * - * \note The code uses Neon intrinsics, so \c CFLAGS must be set to a minimum - * of \c -march=armv8-a+crypto . - * - * \warning If the target architecture is set to something that includes the - * SHA3 feature (e.g. `-march=armv8.2-a+sha3`), for example because - * `MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT` is desired, compilers - * generate code for `MBEDTLS_AESCE_C` that includes instructions - * only present with the (optional) SHA3 feature. This will lead to an - * undefined instruction exception if the code is run on a CPU without - * that feature. - * * \warning Runtime detection only works on linux. For non-linux operation * system, crypto extension MUST be supported by CPU. * From 6f86c19d6275da84ff5cc169cef8f5d9281b9467 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 13 Mar 2023 11:03:40 +0800 Subject: [PATCH 10/14] Improve readability for compiler version check Signed-off-by: Jerry Yu --- library/aesce.c | 2 +- library/sha256.c | 2 +- library/sha512.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index e2b75a237..90d6417bb 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -18,7 +18,7 @@ */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ - defined(__clang__) && __clang_major__ > 3 + defined(__clang__) && __clang_major__ >= 4 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: diff --git a/library/sha256.c b/library/sha256.c index 46a8831aa..f69293158 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -23,7 +23,7 @@ */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ - defined(__clang__) && __clang_major__ > 3 + defined(__clang__) && __clang_major__ >= 4 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: diff --git a/library/sha512.c b/library/sha512.c index 2c91a2a1d..814859e13 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -23,7 +23,7 @@ */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_SHA512) && \ - defined(__clang__) && __clang_major__ > 7 + defined(__clang__) && __clang_major__ >= 7 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: From be510fe470ce7923870e4b4e8a95f0b3fd6b8ea0 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 13 Mar 2023 11:26:35 +0800 Subject: [PATCH 11/14] Add experimental warning Signed-off-by: Jerry Yu --- include/mbedtls/mbedtls_config.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index e8b909d0b..754d87876 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2042,6 +2042,9 @@ * \warning Runtime detection only works on linux. For non-linux operation * system, crypto extension MUST be supported by CPU. * + * \warning This option is experimental. For time being, we can not guarantee + * it with CI tests. + * * This module adds support for the AES crypto instructions on Arm64 */ #define MBEDTLS_AESCE_C @@ -3071,6 +3074,9 @@ * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. * + * \warning This option is experimental. For time being, we can not guarantee + * it with CI tests. + * * Requires: MBEDTLS_SHA256_C. * * Module: library/sha256.c @@ -3093,6 +3099,9 @@ * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. * + * \warning This option is experimental. For time being, we can not guarantee + * it with CI tests. + * * Requires: MBEDTLS_SHA256_C. * * Module: library/sha256.c @@ -3149,6 +3158,9 @@ * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. * + * \warning This option is experimental. For time being, we can not guarantee + * it with CI tests. + * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c @@ -3174,6 +3186,9 @@ * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. * + * \warning This option is experimental. For time being, we can not guarantee + * it with CI tests. + * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c From fbf9523449df811530422464567b7dd68500b544 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 14 Mar 2023 10:33:23 +0800 Subject: [PATCH 12/14] Revert "Add experimental warning" This reverts commit be510fe470ce7923870e4b4e8a95f0b3fd6b8ea0. Signed-off-by: Jerry Yu --- include/mbedtls/mbedtls_config.h | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 754d87876..e8b909d0b 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2042,9 +2042,6 @@ * \warning Runtime detection only works on linux. For non-linux operation * system, crypto extension MUST be supported by CPU. * - * \warning This option is experimental. For time being, we can not guarantee - * it with CI tests. - * * This module adds support for the AES crypto instructions on Arm64 */ #define MBEDTLS_AESCE_C @@ -3074,9 +3071,6 @@ * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. * - * \warning This option is experimental. For time being, we can not guarantee - * it with CI tests. - * * Requires: MBEDTLS_SHA256_C. * * Module: library/sha256.c @@ -3099,9 +3093,6 @@ * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. * - * \warning This option is experimental. For time being, we can not guarantee - * it with CI tests. - * * Requires: MBEDTLS_SHA256_C. * * Module: library/sha256.c @@ -3158,9 +3149,6 @@ * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. * - * \warning This option is experimental. For time being, we can not guarantee - * it with CI tests. - * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c @@ -3186,9 +3174,6 @@ * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. * - * \warning This option is experimental. For time being, we can not guarantee - * it with CI tests. - * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c From b28d55b242ad6d179064d791f51f751eafbc63d2 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 14 Mar 2023 10:36:47 +0800 Subject: [PATCH 13/14] fix wrong typo and indent issue Signed-off-by: Jerry Yu --- library/aesce.c | 8 ++++---- library/sha256.c | 4 ++-- library/sha512.c | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 90d6417bb..4ae8b3324 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -36,7 +36,7 @@ * for older compilers. */ #define __ARM_FEATURE_AES 1 -#define MBEDTLS_NEED_TAGET_OPTIONS +#define MBEDTLS_NEED_TARGET_OPTIONS #endif #include @@ -58,9 +58,9 @@ # if __GNUC__ < 6 # error "A more recent GCC is required for MBEDTLS_AESCE_C" # endif -# pragma GCC push_options -# pragma GCC target ("arch=armv8-a+crypto") -# define MBEDTLS_POP_TARGET_PRAGMA +# pragma GCC push_options +# pragma GCC target ("arch=armv8-a+crypto") +# define MBEDTLS_POP_TARGET_PRAGMA #else # error "Only GCC and Clang supported for MBEDTLS_AESCE_C" #endif diff --git a/library/sha256.c b/library/sha256.c index f69293158..29645b06e 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -41,7 +41,7 @@ * for older compilers. */ #define __ARM_FEATURE_SHA2 1 -#define MBEDTLS_NEED_TAGET_OPTIONS +#define MBEDTLS_NEED_TARGET_OPTIONS #endif #include "common.h" @@ -60,7 +60,7 @@ # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ -# if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_NEED_TAGET_OPTIONS) +# if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_NEED_TARGET_OPTIONS) # if defined(__clang__) # if __clang_major__ < 4 # error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" diff --git a/library/sha512.c b/library/sha512.c index 814859e13..3e2be0808 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -35,7 +35,7 @@ * at the top of this file, before any includes. */ #define __ARM_FEATURE_SHA512 1 -#define MBEDTLS_NEED_TAGET_OPTIONS +#define MBEDTLS_NEED_TARGET_OPTIONS #endif #include "common.h" @@ -74,7 +74,7 @@ * Clang == 13.0.0 same as clang 12 (only seen on macOS) * Clang >= 13.0.1 has __ARM_FEATURE_SHA512 and intrinsics */ -# if !defined(__ARM_FEATURE_SHA512) || defined(MBEDTLS_NEED_TAGET_OPTIONS) +# if !defined(__ARM_FEATURE_SHA512) || defined(MBEDTLS_NEED_TARGET_OPTIONS) /* Test Clang first, as it defines __GNUC__ */ # if defined(__clang__) # if __clang_major__ < 7 From ec9be84ae60ed0c1fdedcec1c99d22ab31fd17a5 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 14 Mar 2023 10:42:47 +0800 Subject: [PATCH 14/14] skip pragma when cpu modifier has been set Signed-off-by: Jerry Yu --- library/aesce.c | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 4ae8b3324..7ccfbba08 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -48,22 +48,24 @@ #if defined(MBEDTLS_HAVE_ARM64) -#if defined(__clang__) -# if __clang_major__ < 4 -# error "A more recent Clang is required for MBEDTLS_AESCE_C" +#if !defined(__ARM_FEATURE_AES) || defined(MBEDTLS_NEED_TARGET_OPTIONS) +# if defined(__clang__) +# if __clang_major__ < 4 +# error "A more recent Clang is required for MBEDTLS_AESCE_C" +# endif +# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# elif defined(__GNUC__) +# if __GNUC__ < 6 +# error "A more recent GCC is required for MBEDTLS_AESCE_C" +# endif +# pragma GCC push_options +# pragma GCC target ("arch=armv8-a+crypto") +# define MBEDTLS_POP_TARGET_PRAGMA +# else +# error "Only GCC and Clang supported for MBEDTLS_AESCE_C" # endif -# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) -# define MBEDTLS_POP_TARGET_PRAGMA -#elif defined(__GNUC__) -# if __GNUC__ < 6 -# error "A more recent GCC is required for MBEDTLS_AESCE_C" -# endif -# pragma GCC push_options -# pragma GCC target ("arch=armv8-a+crypto") -# define MBEDTLS_POP_TARGET_PRAGMA -#else -# error "Only GCC and Clang supported for MBEDTLS_AESCE_C" -#endif +#endif /* !__ARM_FEATURE_AES || MBEDTLS_NEED_TARGET_OPTIONS */ #include