Merge pull request #8035 from daverodgman/aesce-support-perf

Make mbedtls_aesce_has_support more efficient
This commit is contained in:
Dave Rodgman 2023-08-21 14:39:08 +00:00 committed by GitHub
commit 65204f8fc8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 47 additions and 23 deletions

View file

@ -653,7 +653,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
#endif #endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
if (mbedtls_aesce_has_support()) { if (MBEDTLS_AESCE_HAS_SUPPORT()) {
return mbedtls_aesce_setkey_enc((unsigned char *) RK, key, keybits); return mbedtls_aesce_setkey_enc((unsigned char *) RK, key, keybits);
} }
#endif #endif
@ -765,7 +765,7 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
#endif #endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
if (mbedtls_aesce_has_support()) { if (MBEDTLS_AESCE_HAS_SUPPORT()) {
mbedtls_aesce_inverse_key( mbedtls_aesce_inverse_key(
(unsigned char *) RK, (unsigned char *) RK,
(const unsigned char *) (cty.buf + cty.rk_offset), (const unsigned char *) (cty.buf + cty.rk_offset),
@ -1092,7 +1092,7 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
#endif #endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
if (mbedtls_aesce_has_support()) { if (MBEDTLS_AESCE_HAS_SUPPORT()) {
return mbedtls_aesce_crypt_ecb(ctx, mode, input, output); return mbedtls_aesce_crypt_ecb(ctx, mode, input, output);
} }
#endif #endif
@ -1911,7 +1911,7 @@ int mbedtls_aes_self_test(int verbose)
} else } else
#endif #endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
if (mbedtls_aesce_has_support()) { if (MBEDTLS_AESCE_HAS_SUPPORT()) {
mbedtls_printf(" AES note: using AESCE.\n"); mbedtls_printf(" AES note: using AESCE.\n");
} else } else
#endif #endif

View file

@ -94,28 +94,40 @@
#endif /* !(__ARM_FEATURE_CRYPTO || __ARM_FEATURE_AES) || #endif /* !(__ARM_FEATURE_CRYPTO || __ARM_FEATURE_AES) ||
MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG */ MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG */
#if defined(__linux__) #if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
#include <asm/hwcap.h> #include <asm/hwcap.h>
#include <sys/auxv.h> #include <sys/auxv.h>
#endif
signed char mbedtls_aesce_has_support_result = -1;
#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
/* /*
* AES instruction support detection routine * AES instruction support detection routine
*/ */
int mbedtls_aesce_has_support(void) int mbedtls_aesce_has_support_impl(void)
{ {
#if defined(__linux__) /* To avoid many calls to getauxval, cache the result. This is
* thread-safe, because we store the result in a char so cannot
* be vulnerable to non-atomic updates.
* It is possible that we could end up setting result more than
* once, but that is harmless.
*/
if (mbedtls_aesce_has_support_result == -1) {
unsigned long auxval = getauxval(AT_HWCAP); unsigned long auxval = getauxval(AT_HWCAP);
return (auxval & (HWCAP_ASIMD | HWCAP_AES)) == if ((auxval & (HWCAP_ASIMD | HWCAP_AES)) ==
(HWCAP_ASIMD | HWCAP_AES); (HWCAP_ASIMD | HWCAP_AES)) {
#else mbedtls_aesce_has_support_result = 1;
/* Assume AES instructions are supported. */ } else {
return 1; mbedtls_aesce_has_support_result = 0;
#endif }
}
return mbedtls_aesce_has_support_result;
} }
#endif #endif
#endif /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
/* Single round of AESCE encryption */ /* Single round of AESCE encryption */
#define AESCE_ENCRYPT_ROUND \ #define AESCE_ENCRYPT_ROUND \
block = vaeseq_u8(block, vld1q_u8(keys)); \ block = vaeseq_u8(block, vld1q_u8(keys)); \

View file

@ -42,17 +42,29 @@
extern "C" { extern "C" {
#endif #endif
#if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
extern signed char mbedtls_aesce_has_support_result;
/** /**
* \brief Internal function to detect the crypto extension in CPUs. * \brief Internal function to detect the crypto extension in CPUs.
* *
* \return 1 if CPU has support for the feature, 0 otherwise * \return 1 if CPU has support for the feature, 0 otherwise
*/ */
#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) int mbedtls_aesce_has_support_impl(void);
int mbedtls_aesce_has_support(void);
#else
#define mbedtls_aesce_has_support() 1
#endif
#define MBEDTLS_AESCE_HAS_SUPPORT() (mbedtls_aesce_has_support_result == -1 ? \
mbedtls_aesce_has_support_impl() : \
mbedtls_aesce_has_support_result)
#else /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
/* If we are not on Linux, we can't detect support so assume that it's supported.
* Similarly, assume support if MBEDTLS_AES_USE_HARDWARE_ONLY is set.
*/
#define MBEDTLS_AESCE_HAS_SUPPORT() 1
#endif /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
/** /**
* \brief Internal AES-ECB block encryption and decryption * \brief Internal AES-ECB block encryption and decryption

View file

@ -98,7 +98,7 @@ static int gcm_gen_table(mbedtls_gcm_context *ctx)
#endif #endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
if (mbedtls_aesce_has_support()) { if (MBEDTLS_AESCE_HAS_SUPPORT()) {
return 0; return 0;
} }
#endif #endif
@ -209,7 +209,7 @@ static void gcm_mult(mbedtls_gcm_context *ctx, const unsigned char x[16],
#endif /* MBEDTLS_AESNI_HAVE_CODE */ #endif /* MBEDTLS_AESNI_HAVE_CODE */
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
if (mbedtls_aesce_has_support()) { if (MBEDTLS_AESCE_HAS_SUPPORT()) {
unsigned char h[16]; unsigned char h[16];
/* mbedtls_aesce_gcm_mult needs big-endian input */ /* mbedtls_aesce_gcm_mult needs big-endian input */
@ -886,7 +886,7 @@ int mbedtls_gcm_self_test(int verbose)
#endif #endif
#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
if (mbedtls_aesce_has_support()) { if (MBEDTLS_AESCE_HAS_SUPPORT()) {
mbedtls_printf(" GCM note: using AESCE.\n"); mbedtls_printf(" GCM note: using AESCE.\n");
} else } else
#endif #endif