* [Qemu-devel] [PATCH v3 0/4] target-arm: add SHA-3, SM3 and SHA512 instruction support
@ 2018-01-19 14:17 Ard Biesheuvel
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 1/4] target/arm: implement SHA-512 instructions Ard Biesheuvel
` (3 more replies)
0 siblings, 4 replies; 7+ messages in thread
From: Ard Biesheuvel @ 2018-01-19 14:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, Ard Biesheuvel
This v3 is a follow-up to the single patch 'target/arm: implement SHA-512
instructions' sent out on the 9th of January.
Changes since v2:
- fix thinko in big-endian aware handling of 64-bit quantities: this is not
needed given that the NEON registers are represented as arrays of uint64_t
so they always appear in the correct order.
- add support for SM3 instructions (Chinese SHA derivative)
Changes since v1:
- update SHA512 patch to adhere more closely to the existing style, and to
the way the instruction encodings are classified in the ARM ARM (#1)
- add patch implementing the new SHA3 instructions EOR3/RAX1/XAR/BCAX (#2)
- enable support for these instructions in user mode emulation (#3)
Ard Biesheuvel (4):
target/arm: implement SHA-512 instructions
target/arm: implement SHA-3 instructions
target/arm: implement SM3 instructions
target/arm: enable user-mode SHA-3, SM3 and SHA-512 instruction
support
linux-user/elfload.c | 18 ++
target/arm/cpu.h | 3 +
target/arm/cpu64.c | 3 +
target/arm/crypto_helper.c | 311 +++++++++++++++++++-
target/arm/helper.h | 15 +
target/arm/translate-a64.c | 255 ++++++++++++++++
6 files changed, 604 insertions(+), 1 deletion(-)
--
2.11.0
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Qemu-devel] [PATCH v3 1/4] target/arm: implement SHA-512 instructions
2018-01-19 14:17 [Qemu-devel] [PATCH v3 0/4] target-arm: add SHA-3, SM3 and SHA512 instruction support Ard Biesheuvel
@ 2018-01-19 14:17 ` Ard Biesheuvel
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 2/4] target/arm: implement SHA-3 instructions Ard Biesheuvel
` (2 subsequent siblings)
3 siblings, 0 replies; 7+ messages in thread
From: Ard Biesheuvel @ 2018-01-19 14:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, Ard Biesheuvel
This implements emulation of the new SHA-512 instructions that have
been added as an optional extensions to the ARMv8 Crypto Extensions
in ARM v8.2.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
target/arm/cpu.h | 1 +
target/arm/crypto_helper.c | 99 +++++++++++++++++++-
target/arm/helper.h | 5 +
target/arm/translate-a64.c | 99 ++++++++++++++++++++
4 files changed, 203 insertions(+), 1 deletion(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 96316700dd6f..295529366c0a 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -1340,6 +1340,7 @@ enum arm_features {
ARM_FEATURE_VBAR, /* has cp15 VBAR */
ARM_FEATURE_M_SECURITY, /* M profile Security Extension */
ARM_FEATURE_JAZELLE, /* has (trivial) Jazelle implementation */
+ ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */
};
static inline int arm_feature(CPUARMState *env, int feature)
diff --git a/target/arm/crypto_helper.c b/target/arm/crypto_helper.c
index 3b6df3f41a42..15c22c82ca5e 100644
--- a/target/arm/crypto_helper.c
+++ b/target/arm/crypto_helper.c
@@ -1,7 +1,7 @@
/*
* crypto_helper.c - emulate v8 Crypto Extensions instructions
*
- * Copyright (C) 2013 - 2014 Linaro Ltd <ard.biesheuvel@linaro.org>
+ * Copyright (C) 2013 - 2018 Linaro Ltd <ard.biesheuvel@linaro.org>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -463,3 +463,100 @@ void HELPER(crypto_sha256su1)(CPUARMState *env, uint32_t rd, uint32_t rn,
env->vfp.regs[rd] = make_float64(d.l[0]);
env->vfp.regs[rd + 1] = make_float64(d.l[1]);
}
+
+/*
+ * The SHA-512 logical functions (same as above but using 64-bit operands)
+ */
+
+static uint64_t cho512(uint64_t x, uint64_t y, uint64_t z)
+{
+ return (x & (y ^ z)) ^ z;
+}
+
+static uint64_t maj512(uint64_t x, uint64_t y, uint64_t z)
+{
+ return (x & y) | ((x | y) & z);
+}
+
+static uint64_t S0_512(uint64_t x)
+{
+ return ror64(x, 28) ^ ror64(x, 34) ^ ror64(x, 39);
+}
+
+static uint64_t S1_512(uint64_t x)
+{
+ return ror64(x, 14) ^ ror64(x, 18) ^ ror64(x, 41);
+}
+
+static uint64_t s0_512(uint64_t x)
+{
+ return ror64(x, 1) ^ ror64(x, 8) ^ (x >> 7);
+}
+
+static uint64_t s1_512(uint64_t x)
+{
+ return ror64(x, 19) ^ ror64(x, 61) ^ (x >> 6);
+}
+
+void HELPER(crypto_sha512h)(CPUARMState *env, uint32_t rd, uint32_t rn,
+ uint32_t rm)
+{
+ uint64_t d0 = float64_val(env->vfp.regs[rd]);
+ uint64_t d1 = float64_val(env->vfp.regs[rd + 1]);
+ uint64_t n0 = float64_val(env->vfp.regs[rn]);
+ uint64_t n1 = float64_val(env->vfp.regs[rn + 1]);
+ uint64_t m0 = float64_val(env->vfp.regs[rm]);
+ uint64_t m1 = float64_val(env->vfp.regs[rm + 1]);
+
+ d1 += S1_512(m1) + cho512(m1, n0, n1);
+ d0 += S1_512(d1 + m0) + cho512(d1 + m0, m1, n0);
+
+ env->vfp.regs[rd] = make_float64(d0);
+ env->vfp.regs[rd + 1] = make_float64(d1);
+}
+
+void HELPER(crypto_sha512h2)(CPUARMState *env, uint32_t rd, uint32_t rn,
+ uint32_t rm)
+{
+ uint64_t d0 = float64_val(env->vfp.regs[rd]);
+ uint64_t d1 = float64_val(env->vfp.regs[rd + 1]);
+ uint64_t n0 = float64_val(env->vfp.regs[rn]);
+ uint64_t m0 = float64_val(env->vfp.regs[rm]);
+ uint64_t m1 = float64_val(env->vfp.regs[rm + 1]);
+
+ d1 += S0_512(m0) + maj512(n0, m1, m0);
+ d0 += S0_512(d1) + maj512(d1, m0, m1);
+
+ env->vfp.regs[rd] = make_float64(d0);
+ env->vfp.regs[rd + 1] = make_float64(d1);
+}
+
+void HELPER(crypto_sha512su0)(CPUARMState *env, uint32_t rd, uint32_t rn)
+{
+ uint64_t d0 = float64_val(env->vfp.regs[rd]);
+ uint64_t d1 = float64_val(env->vfp.regs[rd + 1]);
+ uint64_t n0 = float64_val(env->vfp.regs[rn]);
+
+ d0 += s0_512(d1);
+ d1 += s0_512(n0);
+
+ env->vfp.regs[rd] = make_float64(d0);
+ env->vfp.regs[rd + 1] = make_float64(d1);
+}
+
+void HELPER(crypto_sha512su1)(CPUARMState *env, uint32_t rd, uint32_t rn,
+ uint32_t rm)
+{
+ uint64_t d0 = float64_val(env->vfp.regs[rd]);
+ uint64_t d1 = float64_val(env->vfp.regs[rd + 1]);
+ uint64_t n0 = float64_val(env->vfp.regs[rn]);
+ uint64_t n1 = float64_val(env->vfp.regs[rn + 1]);
+ uint64_t m0 = float64_val(env->vfp.regs[rm]);
+ uint64_t m1 = float64_val(env->vfp.regs[rm + 1]);
+
+ d0 += s1_512(n0) + m0;
+ d1 += s1_512(n1) + m1;
+
+ env->vfp.regs[rd] = make_float64(d0);
+ env->vfp.regs[rd + 1] = make_float64(d1);
+}
diff --git a/target/arm/helper.h b/target/arm/helper.h
index 066729e8ad8e..efa75440ce81 100644
--- a/target/arm/helper.h
+++ b/target/arm/helper.h
@@ -534,6 +534,11 @@ DEF_HELPER_4(crypto_sha256h2, void, env, i32, i32, i32)
DEF_HELPER_3(crypto_sha256su0, void, env, i32, i32)
DEF_HELPER_4(crypto_sha256su1, void, env, i32, i32, i32)
+DEF_HELPER_4(crypto_sha512h, void, env, i32, i32, i32)
+DEF_HELPER_4(crypto_sha512h2, void, env, i32, i32, i32)
+DEF_HELPER_3(crypto_sha512su0, void, env, i32, i32)
+DEF_HELPER_4(crypto_sha512su1, void, env, i32, i32, i32)
+
DEF_HELPER_FLAGS_3(crc32, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32)
DEF_HELPER_FLAGS_3(crc32c, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32)
DEF_HELPER_2(dc_zva, void, env, i64)
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
index ba94f7d0456a..ec17391f4ff4 100644
--- a/target/arm/translate-a64.c
+++ b/target/arm/translate-a64.c
@@ -11111,6 +11111,103 @@ static void disas_crypto_two_reg_sha(DisasContext *s, uint32_t insn)
tcg_temp_free_i32(tcg_rn_regno);
}
+/* Crypto three-reg SHA512
+ * 31 21 20 16 15 14 13 12 11 10 9 5 4 0
+ * +-----------------------+------+---+---+-----+--------+------+------+
+ * | 1 1 0 0 1 1 1 0 0 1 1 | Rm | 1 | O | 0 0 | opcode | Rn | Rd |
+ * +-----------------------+------+---+---+-----+--------+------+------+
+ */
+static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn)
+{
+ int opcode = extract32(insn, 10, 2);
+ int o = extract32(insn, 14, 1);
+ int rm = extract32(insn, 16, 5);
+ int rn = extract32(insn, 5, 5);
+ int rd = extract32(insn, 0, 5);
+ TCGv_i32 tcg_rd_regno, tcg_rn_regno, tcg_rm_regno;
+ CryptoThreeOpEnvFn *genfn;
+
+ if (o != 0) {
+ unallocated_encoding(s);
+ return;
+ }
+
+ switch (opcode) {
+ case 0: /* SHA512H */
+ genfn = gen_helper_crypto_sha512h;
+ break;
+ case 1: /* SHA512H2 */
+ genfn = gen_helper_crypto_sha512h2;
+ break;
+ case 2: /* SHA512SU1 */
+ genfn = gen_helper_crypto_sha512su1;
+ break;
+ default:
+ unallocated_encoding(s);
+ return;
+ }
+
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA512)) {
+ unallocated_encoding(s);
+ return;
+ }
+
+ if (!fp_access_check(s)) {
+ return;
+ }
+
+ tcg_rd_regno = tcg_const_i32(rd << 1);
+ tcg_rn_regno = tcg_const_i32(rn << 1);
+ tcg_rm_regno = tcg_const_i32(rm << 1);
+
+ genfn(cpu_env, tcg_rd_regno, tcg_rn_regno, tcg_rm_regno);
+
+ tcg_temp_free_i32(tcg_rd_regno);
+ tcg_temp_free_i32(tcg_rn_regno);
+ tcg_temp_free_i32(tcg_rm_regno);
+}
+
+/* Crypto two-reg SHA512
+ * 31 12 11 10 9 5 4 0
+ * +-----------------------------------------+--------+------+------+
+ * | 1 1 0 0 1 1 1 0 1 1 0 0 0 0 0 0 1 0 0 0 | opcode | Rn | Rd |
+ * +-----------------------------------------+--------+------+------+
+ */
+static void disas_crypto_two_reg_sha512(DisasContext *s, uint32_t insn)
+{
+ int opcode = extract32(insn, 10, 2);
+ int rn = extract32(insn, 5, 5);
+ int rd = extract32(insn, 0, 5);
+ TCGv_i32 tcg_rd_regno, tcg_rn_regno;
+ CryptoTwoOpEnvFn *genfn;
+
+ switch (opcode) {
+ case 0: /* SHA512SU0 */
+ genfn = gen_helper_crypto_sha512su0;
+ break;
+ default:
+ unallocated_encoding(s);
+ return;
+ }
+
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA512)) {
+ unallocated_encoding(s);
+ return;
+ }
+
+ if (!fp_access_check(s)) {
+ return;
+ }
+
+ tcg_rd_regno = tcg_const_i32(rd << 1);
+ tcg_rn_regno = tcg_const_i32(rn << 1);
+
+ genfn(cpu_env, tcg_rd_regno, tcg_rn_regno);
+
+ tcg_temp_free_i32(tcg_rd_regno);
+ tcg_temp_free_i32(tcg_rn_regno);
+}
+
/* C3.6 Data processing - SIMD, inc Crypto
*
* As the decode gets a little complex we are using a table based
@@ -11140,6 +11237,8 @@ static const AArch64DecodeTable data_proc_simd[] = {
{ 0x4e280800, 0xff3e0c00, disas_crypto_aes },
{ 0x5e000000, 0xff208c00, disas_crypto_three_reg_sha },
{ 0x5e280800, 0xff3e0c00, disas_crypto_two_reg_sha },
+ { 0xce608000, 0xffe0b000, disas_crypto_three_reg_sha512 },
+ { 0xcec08000, 0xfffff000, disas_crypto_two_reg_sha512 },
{ 0x00000000, 0x00000000, NULL }
};
--
2.11.0
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Qemu-devel] [PATCH v3 2/4] target/arm: implement SHA-3 instructions
2018-01-19 14:17 [Qemu-devel] [PATCH v3 0/4] target-arm: add SHA-3, SM3 and SHA512 instruction support Ard Biesheuvel
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 1/4] target/arm: implement SHA-512 instructions Ard Biesheuvel
@ 2018-01-19 14:17 ` Ard Biesheuvel
2018-01-22 16:47 ` Peter Maydell
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 3/4] target/arm: implement SM3 instructions Ard Biesheuvel
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 4/4] target/arm: enable user-mode SHA-3, SM3 and SHA-512 instruction support Ard Biesheuvel
3 siblings, 1 reply; 7+ messages in thread
From: Ard Biesheuvel @ 2018-01-19 14:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, Ard Biesheuvel
This implements emulation of the new SHA-3 instructions that have
been added as an optional extensions to the ARMv8 Crypto Extensions
in ARM v8.2.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
target/arm/cpu.h | 1 +
target/arm/crypto_helper.c | 69 +++++++++++++
target/arm/helper.h | 5 +
target/arm/translate-a64.c | 108 +++++++++++++++++++-
4 files changed, 179 insertions(+), 4 deletions(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 295529366c0a..8e355398e3e0 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -1341,6 +1341,7 @@ enum arm_features {
ARM_FEATURE_M_SECURITY, /* M profile Security Extension */
ARM_FEATURE_JAZELLE, /* has (trivial) Jazelle implementation */
ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */
+ ARM_FEATURE_V8_SHA3, /* implements SHA3 part of v8 Crypto Extensions */
};
static inline int arm_feature(CPUARMState *env, int feature)
diff --git a/target/arm/crypto_helper.c b/target/arm/crypto_helper.c
index 15c22c82ca5e..b51fb0bd2897 100644
--- a/target/arm/crypto_helper.c
+++ b/target/arm/crypto_helper.c
@@ -560,3 +560,72 @@ void HELPER(crypto_sha512su1)(CPUARMState *env, uint32_t rd, uint32_t rn,
env->vfp.regs[rd] = make_float64(d0);
env->vfp.regs[rd + 1] = make_float64(d1);
}
+
+void HELPER(crypto_rax1)(CPUARMState *env, uint32_t rd, uint32_t rn,
+ uint32_t rm)
+{
+ uint64_t d0 = float64_val(env->vfp.regs[rd]);
+ uint64_t d1 = float64_val(env->vfp.regs[rd + 1]);
+ uint64_t n0 = float64_val(env->vfp.regs[rn]);
+ uint64_t n1 = float64_val(env->vfp.regs[rn + 1]);
+ uint64_t m0 = float64_val(env->vfp.regs[rm]);
+ uint64_t m1 = float64_val(env->vfp.regs[rm + 1]);
+
+ d0 = n0 ^ rol64(m0, 1);
+ d1 = n1 ^ rol64(m1, 1);
+
+ env->vfp.regs[rd] = make_float64(d0);
+ env->vfp.regs[rd + 1] = make_float64(d1);
+}
+
+void HELPER(crypto_eor3)(CPUARMState *env, uint32_t rd, uint32_t rn,
+ uint32_t ra, uint32_t rm)
+{
+ uint64_t d0, d1;
+ uint64_t n0 = float64_val(env->vfp.regs[rn]);
+ uint64_t n1 = float64_val(env->vfp.regs[rn + 1]);
+ uint64_t a0 = float64_val(env->vfp.regs[ra]);
+ uint64_t a1 = float64_val(env->vfp.regs[ra + 1]);
+ uint64_t m0 = float64_val(env->vfp.regs[rm]);
+ uint64_t m1 = float64_val(env->vfp.regs[rm + 1]);
+
+ d0 = n0 ^ a0 ^ m0;
+ d1 = n1 ^ a1 ^ m1;
+
+ env->vfp.regs[rd] = make_float64(d0);
+ env->vfp.regs[rd + 1] = make_float64(d1);
+}
+
+void HELPER(crypto_bcax)(CPUARMState *env, uint32_t rd, uint32_t rn,
+ uint32_t ra, uint32_t rm)
+{
+ uint64_t d0, d1;
+ uint64_t n0 = float64_val(env->vfp.regs[rn]);
+ uint64_t n1 = float64_val(env->vfp.regs[rn + 1]);
+ uint64_t a0 = float64_val(env->vfp.regs[ra]);
+ uint64_t a1 = float64_val(env->vfp.regs[ra + 1]);
+ uint64_t m0 = float64_val(env->vfp.regs[rm]);
+ uint64_t m1 = float64_val(env->vfp.regs[rm + 1]);
+
+ d0 = n0 ^ (~a0 & m0);
+ d1 = n1 ^ (~a1 & m1);
+
+ env->vfp.regs[rd] = make_float64(d0);
+ env->vfp.regs[rd + 1] = make_float64(d1);
+}
+
+void HELPER(crypto_xar)(CPUARMState *env, uint32_t rd, uint32_t rn,
+ uint32_t imm6, uint32_t rm)
+{
+ uint64_t d0, d1;
+ uint64_t n0 = float64_val(env->vfp.regs[rn]);
+ uint64_t n1 = float64_val(env->vfp.regs[rn + 1]);
+ uint64_t m0 = float64_val(env->vfp.regs[rm]);
+ uint64_t m1 = float64_val(env->vfp.regs[rm + 1]);
+
+ d0 = ror64(n0 ^ m0, imm6);
+ d1 = ror64(n1 ^ m1, imm6);
+
+ env->vfp.regs[rd] = make_float64(d0);
+ env->vfp.regs[rd + 1] = make_float64(d1);
+}
diff --git a/target/arm/helper.h b/target/arm/helper.h
index efa75440ce81..2053ea10b2a5 100644
--- a/target/arm/helper.h
+++ b/target/arm/helper.h
@@ -539,6 +539,11 @@ DEF_HELPER_4(crypto_sha512h2, void, env, i32, i32, i32)
DEF_HELPER_3(crypto_sha512su0, void, env, i32, i32)
DEF_HELPER_4(crypto_sha512su1, void, env, i32, i32, i32)
+DEF_HELPER_4(crypto_rax1, void, env, i32, i32, i32)
+DEF_HELPER_5(crypto_eor3, void, env, i32, i32, i32, i32)
+DEF_HELPER_5(crypto_bcax, void, env, i32, i32, i32, i32)
+DEF_HELPER_5(crypto_xar, void, env, i32, i32, i32, i32)
+
DEF_HELPER_FLAGS_3(crc32, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32)
DEF_HELPER_FLAGS_3(crc32c, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32)
DEF_HELPER_2(dc_zva, void, env, i64)
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
index ec17391f4ff4..c632f584aad6 100644
--- a/target/arm/translate-a64.c
+++ b/target/arm/translate-a64.c
@@ -82,6 +82,8 @@ typedef void NeonGenTwoDoubleOPFn(TCGv_i64, TCGv_i64, TCGv_i64, TCGv_ptr);
typedef void NeonGenOneOpFn(TCGv_i64, TCGv_i64);
typedef void CryptoTwoOpEnvFn(TCGv_ptr, TCGv_i32, TCGv_i32);
typedef void CryptoThreeOpEnvFn(TCGv_ptr, TCGv_i32, TCGv_i32, TCGv_i32);
+typedef void CryptoFourOpEnvFn(TCGv_ptr, TCGv_i32, TCGv_i32, TCGv_i32,
+ TCGv_i32);
/* initialize TCG globals. */
void a64_translate_init(void)
@@ -11125,6 +11127,7 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn)
int rn = extract32(insn, 5, 5);
int rd = extract32(insn, 0, 5);
TCGv_i32 tcg_rd_regno, tcg_rn_regno, tcg_rm_regno;
+ int feature;
CryptoThreeOpEnvFn *genfn;
if (o != 0) {
@@ -11134,20 +11137,24 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn)
switch (opcode) {
case 0: /* SHA512H */
+ feature = ARM_FEATURE_V8_SHA512;
genfn = gen_helper_crypto_sha512h;
break;
case 1: /* SHA512H2 */
+ feature = ARM_FEATURE_V8_SHA512;
genfn = gen_helper_crypto_sha512h2;
break;
case 2: /* SHA512SU1 */
+ feature = ARM_FEATURE_V8_SHA512;
genfn = gen_helper_crypto_sha512su1;
break;
- default:
- unallocated_encoding(s);
- return;
+ case 3: /* RAX1 */
+ feature = ARM_FEATURE_V8_SHA3;
+ genfn = gen_helper_crypto_rax1;
+ break;
}
- if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA512)) {
+ if (!arm_dc_feature(s, feature)) {
unallocated_encoding(s);
return;
}
@@ -11208,6 +11215,97 @@ static void disas_crypto_two_reg_sha512(DisasContext *s, uint32_t insn)
tcg_temp_free_i32(tcg_rn_regno);
}
+/* Crypto four-register
+ * 31 23 22 21 20 16 15 14 10 9 5 4 0
+ * +-------------------+-----+------+---+------+------+------+
+ * | 1 1 0 0 1 1 1 0 0 | Op0 | Rm | 0 | Ra | Rn | Rd |
+ * +-------------------+-----+------+---+------+------+------+
+ */
+static void disas_crypto_four_reg(DisasContext *s, uint32_t insn)
+{
+ int op0 = extract32(insn, 21, 2);
+ int rm = extract32(insn, 16, 5);
+ int ra = extract32(insn, 10, 5);
+ int rn = extract32(insn, 5, 5);
+ int rd = extract32(insn, 0, 5);
+ TCGv_i32 tcg_rd_regno, tcg_rn_regno, tcg_ra_regno, tcg_rm_regno;
+ int feature;
+ CryptoFourOpEnvFn *genfn;
+
+ switch (op0) {
+ case 0: /* EOR3 */
+ feature = ARM_FEATURE_V8_SHA3;
+ genfn = gen_helper_crypto_eor3;
+ break;
+ case 1: /* BCAX */
+ feature = ARM_FEATURE_V8_SHA3;
+ genfn = gen_helper_crypto_bcax;
+ break;
+ default:
+ unallocated_encoding(s);
+ return;
+ }
+
+ if (!arm_dc_feature(s, feature)) {
+ unallocated_encoding(s);
+ return;
+ }
+
+ if (!fp_access_check(s)) {
+ return;
+ }
+
+ tcg_rd_regno = tcg_const_i32(rd << 1);
+ tcg_rn_regno = tcg_const_i32(rn << 1);
+ tcg_ra_regno = tcg_const_i32(ra << 1);
+ tcg_rm_regno = tcg_const_i32(rm << 1);
+
+ genfn(cpu_env, tcg_rd_regno, tcg_rn_regno, tcg_ra_regno, tcg_rm_regno);
+
+ tcg_temp_free_i32(tcg_rd_regno);
+ tcg_temp_free_i32(tcg_rn_regno);
+ tcg_temp_free_i32(tcg_ra_regno);
+ tcg_temp_free_i32(tcg_rm_regno);
+}
+
+/* Crypto XAR
+ * 31 21 20 16 15 10 9 5 4 0
+ * +-----------------------+------+--------+------+------+
+ * | 1 1 0 0 1 1 1 0 1 0 0 | Rm | imm6 | Rn | Rd |
+ * +-----------------------+------+--------+------+------+
+ */
+static void disas_crypto_xar(DisasContext *s, uint32_t insn)
+{
+ int rm = extract32(insn, 16, 5);
+ int imm6 = extract32(insn, 10, 6);
+ int rn = extract32(insn, 5, 5);
+ int rd = extract32(insn, 0, 5);
+ TCGv_i32 tcg_rd_regno, tcg_rn_regno, tcg_imm6, tcg_rm_regno;
+
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA3)) {
+ unallocated_encoding(s);
+ return;
+ }
+
+ if (!fp_access_check(s)) {
+ return;
+ }
+
+ tcg_rd_regno = tcg_const_i32(rd << 1);
+ tcg_rn_regno = tcg_const_i32(rn << 1);
+ tcg_imm6 = tcg_const_i32(imm6);
+ tcg_rm_regno = tcg_const_i32(rm << 1);
+
+ gen_helper_crypto_xar(cpu_env, tcg_rd_regno, tcg_rn_regno, tcg_imm6,
+ tcg_rm_regno);
+
+ tcg_temp_free_i32(tcg_rd_regno);
+ tcg_temp_free_i32(tcg_rn_regno);
+ tcg_temp_free_i32(tcg_imm6);
+ tcg_temp_free_i32(tcg_rm_regno);
+
+}
+
/* C3.6 Data processing - SIMD, inc Crypto
*
* As the decode gets a little complex we are using a table based
@@ -11239,6 +11337,8 @@ static const AArch64DecodeTable data_proc_simd[] = {
{ 0x5e280800, 0xff3e0c00, disas_crypto_two_reg_sha },
{ 0xce608000, 0xffe0b000, disas_crypto_three_reg_sha512 },
{ 0xcec08000, 0xfffff000, disas_crypto_two_reg_sha512 },
+ { 0xce000000, 0xff808000, disas_crypto_four_reg },
+ { 0xce800000, 0xffe00000, disas_crypto_xar },
{ 0x00000000, 0x00000000, NULL }
};
--
2.11.0
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Qemu-devel] [PATCH v3 3/4] target/arm: implement SM3 instructions
2018-01-19 14:17 [Qemu-devel] [PATCH v3 0/4] target-arm: add SHA-3, SM3 and SHA512 instruction support Ard Biesheuvel
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 1/4] target/arm: implement SHA-512 instructions Ard Biesheuvel
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 2/4] target/arm: implement SHA-3 instructions Ard Biesheuvel
@ 2018-01-19 14:17 ` Ard Biesheuvel
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 4/4] target/arm: enable user-mode SHA-3, SM3 and SHA-512 instruction support Ard Biesheuvel
3 siblings, 0 replies; 7+ messages in thread
From: Ard Biesheuvel @ 2018-01-19 14:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, Ard Biesheuvel
This implements emulation of the new SM3 instructions that have
been added as an optional extension to the ARMv8 Crypto Extensions
in ARM v8.2.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
target/arm/cpu.h | 1 +
target/arm/crypto_helper.c | 143 ++++++++++++++++++++
target/arm/helper.h | 5 +
target/arm/translate-a64.c | 100 +++++++++++---
4 files changed, 227 insertions(+), 22 deletions(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 8e355398e3e0..917d15fa346c 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -1342,6 +1342,7 @@ enum arm_features {
ARM_FEATURE_JAZELLE, /* has (trivial) Jazelle implementation */
ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */
ARM_FEATURE_V8_SHA3, /* implements SHA3 part of v8 Crypto Extensions */
+ ARM_FEATURE_V8_SM3, /* implements SM3 part of v8 Crypto Extensions */
};
static inline int arm_feature(CPUARMState *env, int feature)
diff --git a/target/arm/crypto_helper.c b/target/arm/crypto_helper.c
index b51fb0bd2897..6c601351b177 100644
--- a/target/arm/crypto_helper.c
+++ b/target/arm/crypto_helper.c
@@ -629,3 +629,146 @@ void HELPER(crypto_xar)(CPUARMState *env, uint32_t rd, uint32_t rn,
env->vfp.regs[rd] = make_float64(d0);
env->vfp.regs[rd + 1] = make_float64(d1);
}
+
+void HELPER(crypto_sm3partw1)(CPUARMState *env, uint32_t rd, uint32_t rn,
+ uint32_t rm)
+{
+ union CRYPTO_STATE d = { .l = {
+ float64_val(env->vfp.regs[rd]),
+ float64_val(env->vfp.regs[rd + 1])
+ } };
+ union CRYPTO_STATE n = { .l = {
+ float64_val(env->vfp.regs[rn]),
+ float64_val(env->vfp.regs[rn + 1])
+ } };
+ union CRYPTO_STATE m = { .l = {
+ float64_val(env->vfp.regs[rm]),
+ float64_val(env->vfp.regs[rm + 1])
+ } };
+ uint32_t t;
+
+ t = CR_ST_WORD(d, 0) ^ CR_ST_WORD(n, 0) ^ ror32(CR_ST_WORD(m, 1), 17);
+ CR_ST_WORD(d, 0) = t ^ ror32(t, 17) ^ ror32(t, 9);
+
+ t = CR_ST_WORD(d, 1) ^ CR_ST_WORD(n, 1) ^ ror32(CR_ST_WORD(m, 2), 17);
+ CR_ST_WORD(d, 1) = t ^ ror32(t, 17) ^ ror32(t, 9);
+
+ t = CR_ST_WORD(d, 2) ^ CR_ST_WORD(n, 2) ^ ror32(CR_ST_WORD(m, 3), 17);
+ CR_ST_WORD(d, 2) = t ^ ror32(t, 17) ^ ror32(t, 9);
+
+ t = CR_ST_WORD(d, 3) ^ CR_ST_WORD(n, 3) ^ ror32(CR_ST_WORD(d, 0), 17);
+ CR_ST_WORD(d, 3) = t ^ ror32(t, 17) ^ ror32(t, 9);
+
+ env->vfp.regs[rd] = make_float64(d.l[0]);
+ env->vfp.regs[rd + 1] = make_float64(d.l[1]);
+}
+
+void HELPER(crypto_sm3partw2)(CPUARMState *env, uint32_t rd, uint32_t rn,
+ uint32_t rm)
+{
+ union CRYPTO_STATE d = { .l = {
+ float64_val(env->vfp.regs[rd]),
+ float64_val(env->vfp.regs[rd + 1])
+ } };
+ union CRYPTO_STATE n = { .l = {
+ float64_val(env->vfp.regs[rn]),
+ float64_val(env->vfp.regs[rn + 1])
+ } };
+ union CRYPTO_STATE m = { .l = {
+ float64_val(env->vfp.regs[rm]),
+ float64_val(env->vfp.regs[rm + 1])
+ } };
+ uint32_t t = CR_ST_WORD(n, 0) ^ ror32(CR_ST_WORD(m, 0), 25);
+
+ CR_ST_WORD(d, 0) ^= t;
+ CR_ST_WORD(d, 1) ^= CR_ST_WORD(n, 1) ^ ror32(CR_ST_WORD(m, 1), 25);
+ CR_ST_WORD(d, 2) ^= CR_ST_WORD(n, 2) ^ ror32(CR_ST_WORD(m, 2), 25);
+ CR_ST_WORD(d, 3) ^= CR_ST_WORD(n, 3) ^ ror32(CR_ST_WORD(m, 3), 25) ^
+ ror32(t, 17) ^ ror32(t, 2) ^ ror32(t, 26);
+
+ env->vfp.regs[rd] = make_float64(d.l[0]);
+ env->vfp.regs[rd + 1] = make_float64(d.l[1]);
+}
+
+void HELPER(crypto_sm3ss1)(CPUARMState *env, uint32_t rd, uint32_t rn,
+ uint32_t ra, uint32_t rm)
+{
+ union CRYPTO_STATE d;
+ union CRYPTO_STATE a = { .l = {
+ float64_val(env->vfp.regs[ra]),
+ float64_val(env->vfp.regs[ra + 1])
+ } };
+ union CRYPTO_STATE n = { .l = {
+ float64_val(env->vfp.regs[rn]),
+ float64_val(env->vfp.regs[rn + 1])
+ } };
+ union CRYPTO_STATE m = { .l = {
+ float64_val(env->vfp.regs[rm]),
+ float64_val(env->vfp.regs[rm + 1])
+ } };
+
+ CR_ST_WORD(d, 0) = 0;
+ CR_ST_WORD(d, 1) = 0;
+ CR_ST_WORD(d, 2) = 0;
+ CR_ST_WORD(d, 3) = ror32(ror32(CR_ST_WORD(n, 3), 20) + CR_ST_WORD(m, 3) +
+ CR_ST_WORD(a, 3), 25);
+
+ env->vfp.regs[rd] = make_float64(d.l[0]);
+ env->vfp.regs[rd + 1] = make_float64(d.l[1]);
+}
+
+void HELPER(crypto_sm3tt)(CPUARMState *env, uint32_t rd, uint32_t rn,
+ uint32_t rm, uint32_t imm2, uint32_t opcode)
+{
+ union CRYPTO_STATE d = { .l = {
+ float64_val(env->vfp.regs[rd]),
+ float64_val(env->vfp.regs[rd + 1])
+ } };
+ union CRYPTO_STATE n = { .l = {
+ float64_val(env->vfp.regs[rn]),
+ float64_val(env->vfp.regs[rn + 1])
+ } };
+ union CRYPTO_STATE m = { .l = {
+ float64_val(env->vfp.regs[rm]),
+ float64_val(env->vfp.regs[rm + 1])
+ } };
+ uint32_t t;
+
+ assert(imm2 < 4);
+
+ if (opcode == 0 || opcode == 2) {
+ /* SM3TT1A, SM3TT2A */
+ t = par(CR_ST_WORD(d, 3), CR_ST_WORD(d, 2), CR_ST_WORD(d, 1));
+ } else if (opcode == 1) {
+ /* SM3TT1B */
+ t = maj(CR_ST_WORD(d, 3), CR_ST_WORD(d, 2), CR_ST_WORD(d, 1));
+ } else if (opcode == 3) {
+ /* SM3TT2B */
+ t = cho(CR_ST_WORD(d, 3), CR_ST_WORD(d, 2), CR_ST_WORD(d, 1));
+ } else {
+ g_assert_not_reached();
+ }
+
+ t += CR_ST_WORD(d, 0) + CR_ST_WORD(m, imm2);
+
+ CR_ST_WORD(d, 0) = CR_ST_WORD(d, 1);
+
+ if (opcode < 2) {
+ /* SM3TT1A, SM3TT1B */
+ t += CR_ST_WORD(n, 3) ^ ror32(CR_ST_WORD(d, 3), 20);
+
+ CR_ST_WORD(d, 1) = ror32(CR_ST_WORD(d, 2), 23);
+ } else {
+ /* SM3TT2A, SM3TT2B */
+ t += CR_ST_WORD(n, 3);
+ t ^= rol32(t, 9) ^ rol32(t, 17);
+
+ CR_ST_WORD(d, 1) = ror32(CR_ST_WORD(d, 2), 13);
+ }
+
+ CR_ST_WORD(d, 2) = CR_ST_WORD(d, 3);
+ CR_ST_WORD(d, 3) = t;
+
+ env->vfp.regs[rd] = make_float64(d.l[0]);
+ env->vfp.regs[rd + 1] = make_float64(d.l[1]);
+}
diff --git a/target/arm/helper.h b/target/arm/helper.h
index 2053ea10b2a5..913c551bf14b 100644
--- a/target/arm/helper.h
+++ b/target/arm/helper.h
@@ -544,6 +544,11 @@ DEF_HELPER_5(crypto_eor3, void, env, i32, i32, i32, i32)
DEF_HELPER_5(crypto_bcax, void, env, i32, i32, i32, i32)
DEF_HELPER_5(crypto_xar, void, env, i32, i32, i32, i32)
+DEF_HELPER_5(crypto_sm3ss1, void, env, i32, i32, i32, i32)
+DEF_HELPER_6(crypto_sm3tt, void, env, i32, i32, i32, i32, i32)
+DEF_HELPER_4(crypto_sm3partw1, void, env, i32, i32, i32)
+DEF_HELPER_4(crypto_sm3partw2, void, env, i32, i32, i32)
+
DEF_HELPER_FLAGS_3(crc32, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32)
DEF_HELPER_FLAGS_3(crc32c, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32)
DEF_HELPER_2(dc_zva, void, env, i64)
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
index c632f584aad6..9d805d4a7d26 100644
--- a/target/arm/translate-a64.c
+++ b/target/arm/translate-a64.c
@@ -11130,28 +11130,39 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn)
int feature;
CryptoThreeOpEnvFn *genfn;
- if (o != 0) {
- unallocated_encoding(s);
- return;
- }
-
- switch (opcode) {
- case 0: /* SHA512H */
- feature = ARM_FEATURE_V8_SHA512;
- genfn = gen_helper_crypto_sha512h;
- break;
- case 1: /* SHA512H2 */
- feature = ARM_FEATURE_V8_SHA512;
- genfn = gen_helper_crypto_sha512h2;
- break;
- case 2: /* SHA512SU1 */
- feature = ARM_FEATURE_V8_SHA512;
- genfn = gen_helper_crypto_sha512su1;
- break;
- case 3: /* RAX1 */
- feature = ARM_FEATURE_V8_SHA3;
- genfn = gen_helper_crypto_rax1;
- break;
+ if (o == 0) {
+ switch (opcode) {
+ case 0: /* SHA512H */
+ feature = ARM_FEATURE_V8_SHA512;
+ genfn = gen_helper_crypto_sha512h;
+ break;
+ case 1: /* SHA512H2 */
+ feature = ARM_FEATURE_V8_SHA512;
+ genfn = gen_helper_crypto_sha512h2;
+ break;
+ case 2: /* SHA512SU1 */
+ feature = ARM_FEATURE_V8_SHA512;
+ genfn = gen_helper_crypto_sha512su1;
+ break;
+ case 3: /* RAX1 */
+ feature = ARM_FEATURE_V8_SHA3;
+ genfn = gen_helper_crypto_rax1;
+ break;
+ }
+ } else {
+ switch (opcode) {
+ case 0: /* SM3PARTW1 */
+ feature = ARM_FEATURE_V8_SM3;
+ genfn = gen_helper_crypto_sm3partw1;
+ break;
+ case 1: /* SM3PARTW2 */
+ feature = ARM_FEATURE_V8_SM3;
+ genfn = gen_helper_crypto_sm3partw2;
+ break;
+ default:
+ unallocated_encoding(s);
+ return;
+ }
}
if (!arm_dc_feature(s, feature)) {
@@ -11241,6 +11252,10 @@ static void disas_crypto_four_reg(DisasContext *s, uint32_t insn)
feature = ARM_FEATURE_V8_SHA3;
genfn = gen_helper_crypto_bcax;
break;
+ case 2: /* SM3SS1 */
+ feature = ARM_FEATURE_V8_SM3;
+ genfn = gen_helper_crypto_sm3ss1;
+ break;
default:
unallocated_encoding(s);
return;
@@ -11306,6 +11321,46 @@ static void disas_crypto_xar(DisasContext *s, uint32_t insn)
}
+/* Crypto three-reg imm2
+ * 31 21 20 16 15 14 13 12 11 10 9 5 4 0
+ * +-----------------------+------+-----+------+--------+------+------+
+ * | 1 1 0 0 1 1 1 0 0 1 0 | Rm | 1 0 | imm2 | opcode | Rn | Rd |
+ * +-----------------------+------+-----+------+--------+------+------+
+ */
+static void disas_crypto_three_reg_imm2(DisasContext *s, uint32_t insn)
+{
+ int opcode = extract32(insn, 10, 2);
+ int imm2 = extract32(insn, 12, 2);
+ int rm = extract32(insn, 16, 5);
+ int rn = extract32(insn, 5, 5);
+ int rd = extract32(insn, 0, 5);
+ TCGv_i32 tcg_rd_regno, tcg_rn_regno, tcg_rm_regno, tcg_imm2, tcg_opcode;
+
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_SM3)) {
+ unallocated_encoding(s);
+ return;
+ }
+
+ if (!fp_access_check(s)) {
+ return;
+ }
+
+ tcg_rd_regno = tcg_const_i32(rd << 1);
+ tcg_rn_regno = tcg_const_i32(rn << 1);
+ tcg_rm_regno = tcg_const_i32(rm << 1);
+ tcg_imm2 = tcg_const_i32(imm2);
+ tcg_opcode = tcg_const_i32(opcode);
+
+ gen_helper_crypto_sm3tt(cpu_env, tcg_rd_regno, tcg_rn_regno, tcg_rm_regno,
+ tcg_imm2, tcg_opcode);
+
+ tcg_temp_free_i32(tcg_rd_regno);
+ tcg_temp_free_i32(tcg_rn_regno);
+ tcg_temp_free_i32(tcg_rm_regno);
+ tcg_temp_free_i32(tcg_imm2);
+ tcg_temp_free_i32(tcg_opcode);
+}
+
/* C3.6 Data processing - SIMD, inc Crypto
*
* As the decode gets a little complex we are using a table based
@@ -11339,6 +11394,7 @@ static const AArch64DecodeTable data_proc_simd[] = {
{ 0xcec08000, 0xfffff000, disas_crypto_two_reg_sha512 },
{ 0xce000000, 0xff808000, disas_crypto_four_reg },
{ 0xce800000, 0xffe00000, disas_crypto_xar },
+ { 0xce408000, 0xffe0c000, disas_crypto_three_reg_imm2 },
{ 0x00000000, 0x00000000, NULL }
};
--
2.11.0
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Qemu-devel] [PATCH v3 4/4] target/arm: enable user-mode SHA-3, SM3 and SHA-512 instruction support
2018-01-19 14:17 [Qemu-devel] [PATCH v3 0/4] target-arm: add SHA-3, SM3 and SHA512 instruction support Ard Biesheuvel
` (2 preceding siblings ...)
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 3/4] target/arm: implement SM3 instructions Ard Biesheuvel
@ 2018-01-19 14:17 ` Ard Biesheuvel
3 siblings, 0 replies; 7+ messages in thread
From: Ard Biesheuvel @ 2018-01-19 14:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, Ard Biesheuvel
Add support for the new ARMv8.2 SHA-3, SM3 and SHA-512 instructions to
AArch64 user mode emulation.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
linux-user/elfload.c | 18 ++++++++++++++++++
target/arm/cpu64.c | 3 +++
2 files changed, 21 insertions(+)
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 20f3d8c2c373..5d5aa26d2710 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -512,6 +512,21 @@ enum {
ARM_HWCAP_A64_SHA1 = 1 << 5,
ARM_HWCAP_A64_SHA2 = 1 << 6,
ARM_HWCAP_A64_CRC32 = 1 << 7,
+ ARM_HWCAP_A64_ATOMICS = 1 << 8,
+ ARM_HWCAP_A64_FPHP = 1 << 9,
+ ARM_HWCAP_A64_ASIMDHP = 1 << 10,
+ ARM_HWCAP_A64_CPUID = 1 << 11,
+ ARM_HWCAP_A64_ASIMDRDM = 1 << 12,
+ ARM_HWCAP_A64_JSCVT = 1 << 13,
+ ARM_HWCAP_A64_FCMA = 1 << 14,
+ ARM_HWCAP_A64_LRCPC = 1 << 15,
+ ARM_HWCAP_A64_DCPOP = 1 << 16,
+ ARM_HWCAP_A64_SHA3 = 1 << 17,
+ ARM_HWCAP_A64_SM3 = 1 << 18,
+ ARM_HWCAP_A64_SM4 = 1 << 19,
+ ARM_HWCAP_A64_ASIMDDP = 1 << 20,
+ ARM_HWCAP_A64_SHA512 = 1 << 21,
+ ARM_HWCAP_A64_SVE = 1 << 22,
};
#define ELF_HWCAP get_elf_hwcap()
@@ -532,6 +547,9 @@ static uint32_t get_elf_hwcap(void)
GET_FEATURE(ARM_FEATURE_V8_SHA1, ARM_HWCAP_A64_SHA1);
GET_FEATURE(ARM_FEATURE_V8_SHA256, ARM_HWCAP_A64_SHA2);
GET_FEATURE(ARM_FEATURE_CRC, ARM_HWCAP_A64_CRC32);
+ GET_FEATURE(ARM_FEATURE_V8_SHA3, ARM_HWCAP_A64_SHA3);
+ GET_FEATURE(ARM_FEATURE_V8_SM3, ARM_HWCAP_A64_SM3);
+ GET_FEATURE(ARM_FEATURE_V8_SHA512, ARM_HWCAP_A64_SHA512);
#undef GET_FEATURE
return hwcaps;
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index 670c07ab6ed4..56d50ba57194 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -224,6 +224,9 @@ static void aarch64_any_initfn(Object *obj)
set_feature(&cpu->env, ARM_FEATURE_V8_AES);
set_feature(&cpu->env, ARM_FEATURE_V8_SHA1);
set_feature(&cpu->env, ARM_FEATURE_V8_SHA256);
+ set_feature(&cpu->env, ARM_FEATURE_V8_SHA3);
+ set_feature(&cpu->env, ARM_FEATURE_V8_SM3);
+ set_feature(&cpu->env, ARM_FEATURE_V8_SHA512);
set_feature(&cpu->env, ARM_FEATURE_V8_PMULL);
set_feature(&cpu->env, ARM_FEATURE_CRC);
cpu->ctr = 0x80038003; /* 32 byte I and D cacheline size, VIPT icache */
--
2.11.0
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [Qemu-devel] [PATCH v3 2/4] target/arm: implement SHA-3 instructions
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 2/4] target/arm: implement SHA-3 instructions Ard Biesheuvel
@ 2018-01-22 16:47 ` Peter Maydell
2018-01-22 16:48 ` Ard Biesheuvel
0 siblings, 1 reply; 7+ messages in thread
From: Peter Maydell @ 2018-01-22 16:47 UTC (permalink / raw)
To: Ard Biesheuvel; +Cc: QEMU Developers
On 19 January 2018 at 14:17, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
> This implements emulation of the new SHA-3 instructions that have
> been added as an optional extensions to the ARMv8 Crypto Extensions
> in ARM v8.2.
>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> target/arm/cpu.h | 1 +
> target/arm/crypto_helper.c | 69 +++++++++++++
> target/arm/helper.h | 5 +
> target/arm/translate-a64.c | 108 +++++++++++++++++++-
> 4 files changed, 179 insertions(+), 4 deletions(-)
>
> diff --git a/target/arm/cpu.h b/target/arm/cpu.h
> index 295529366c0a..8e355398e3e0 100644
> --- a/target/arm/cpu.h
> +++ b/target/arm/cpu.h
> @@ -1341,6 +1341,7 @@ enum arm_features {
> ARM_FEATURE_M_SECURITY, /* M profile Security Extension */
> ARM_FEATURE_JAZELLE, /* has (trivial) Jazelle implementation */
> ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */
> + ARM_FEATURE_V8_SHA3, /* implements SHA3 part of v8 Crypto Extensions */
> };
>
> diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
> /* initialize TCG globals. */
> void a64_translate_init(void)
> @@ -11125,6 +11127,7 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn)
> int rn = extract32(insn, 5, 5);
> int rd = extract32(insn, 0, 5);
> TCGv_i32 tcg_rd_regno, tcg_rn_regno, tcg_rm_regno;
> + int feature;
> CryptoThreeOpEnvFn *genfn;
>
> if (o != 0) {
> @@ -11134,20 +11137,24 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn)
>
> switch (opcode) {
> case 0: /* SHA512H */
> + feature = ARM_FEATURE_V8_SHA512;
> genfn = gen_helper_crypto_sha512h;
> break;
> case 1: /* SHA512H2 */
> + feature = ARM_FEATURE_V8_SHA512;
> genfn = gen_helper_crypto_sha512h2;
> break;
> case 2: /* SHA512SU1 */
> + feature = ARM_FEATURE_V8_SHA512;
> genfn = gen_helper_crypto_sha512su1;
> break;
I think these lines should have been in patch 1, right?
> - default:
> - unallocated_encoding(s);
> - return;
> + case 3: /* RAX1 */
> + feature = ARM_FEATURE_V8_SHA3;
> + genfn = gen_helper_crypto_rax1;
> + break;
> }
>
> - if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA512)) {
> + if (!arm_dc_feature(s, feature)) {
> unallocated_encoding(s);
> return;
thanks
-- PMM
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Qemu-devel] [PATCH v3 2/4] target/arm: implement SHA-3 instructions
2018-01-22 16:47 ` Peter Maydell
@ 2018-01-22 16:48 ` Ard Biesheuvel
0 siblings, 0 replies; 7+ messages in thread
From: Ard Biesheuvel @ 2018-01-22 16:48 UTC (permalink / raw)
To: Peter Maydell; +Cc: QEMU Developers
On 22 January 2018 at 16:47, Peter Maydell <peter.maydell@linaro.org> wrote:
> On 19 January 2018 at 14:17, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
>> This implements emulation of the new SHA-3 instructions that have
>> been added as an optional extensions to the ARMv8 Crypto Extensions
>> in ARM v8.2.
>>
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> ---
>> target/arm/cpu.h | 1 +
>> target/arm/crypto_helper.c | 69 +++++++++++++
>> target/arm/helper.h | 5 +
>> target/arm/translate-a64.c | 108 +++++++++++++++++++-
>> 4 files changed, 179 insertions(+), 4 deletions(-)
>>
>> diff --git a/target/arm/cpu.h b/target/arm/cpu.h
>> index 295529366c0a..8e355398e3e0 100644
>> --- a/target/arm/cpu.h
>> +++ b/target/arm/cpu.h
>> @@ -1341,6 +1341,7 @@ enum arm_features {
>> ARM_FEATURE_M_SECURITY, /* M profile Security Extension */
>> ARM_FEATURE_JAZELLE, /* has (trivial) Jazelle implementation */
>> ARM_FEATURE_V8_SHA512, /* implements SHA512 part of v8 Crypto Extensions */
>> + ARM_FEATURE_V8_SHA3, /* implements SHA3 part of v8 Crypto Extensions */
>> };
>>
>
>> diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
>> /* initialize TCG globals. */
>> void a64_translate_init(void)
>> @@ -11125,6 +11127,7 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn)
>> int rn = extract32(insn, 5, 5);
>> int rd = extract32(insn, 0, 5);
>> TCGv_i32 tcg_rd_regno, tcg_rn_regno, tcg_rm_regno;
>> + int feature;
>> CryptoThreeOpEnvFn *genfn;
>>
>> if (o != 0) {
>> @@ -11134,20 +11137,24 @@ static void disas_crypto_three_reg_sha512(DisasContext *s, uint32_t insn)
>>
>> switch (opcode) {
>> case 0: /* SHA512H */
>> + feature = ARM_FEATURE_V8_SHA512;
>> genfn = gen_helper_crypto_sha512h;
>> break;
>> case 1: /* SHA512H2 */
>> + feature = ARM_FEATURE_V8_SHA512;
>> genfn = gen_helper_crypto_sha512h2;
>> break;
>> case 2: /* SHA512SU1 */
>> + feature = ARM_FEATURE_V8_SHA512;
>> genfn = gen_helper_crypto_sha512su1;
>> break;
>
> I think these lines should have been in patch 1, right?
>
>> - default:
>> - unallocated_encoding(s);
>> - return;
>> + case 3: /* RAX1 */
>> + feature = ARM_FEATURE_V8_SHA3;
>> + genfn = gen_helper_crypto_rax1;
>> + break;
>> }
>>
>> - if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA512)) {
>> + if (!arm_dc_feature(s, feature)) {
only if I include this line as well
>> unallocated_encoding(s);
>> return;
>
> thanks
> -- PMM
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2018-01-22 16:48 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-01-19 14:17 [Qemu-devel] [PATCH v3 0/4] target-arm: add SHA-3, SM3 and SHA512 instruction support Ard Biesheuvel
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 1/4] target/arm: implement SHA-512 instructions Ard Biesheuvel
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 2/4] target/arm: implement SHA-3 instructions Ard Biesheuvel
2018-01-22 16:47 ` Peter Maydell
2018-01-22 16:48 ` Ard Biesheuvel
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 3/4] target/arm: implement SM3 instructions Ard Biesheuvel
2018-01-19 14:17 ` [Qemu-devel] [PATCH v3 4/4] target/arm: enable user-mode SHA-3, SM3 and SHA-512 instruction support Ard Biesheuvel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).