Add additional instructions required by AES-XTS on x86_64 #215
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pennyannn
force-pushed
the
yppe/other-xts-x86
branch
from
8761129 to
c51f8b3
Compare
pennyannn
changed the title
pennyannn
force-pushed
the
yppe/other-xts-x86
branch
5 times, most recently
from
0e84a1b to
6b879e5
Compare
pennyannn
force-pushed
the
yppe/other-xts-x86
branch
from
6b879e5 to
22d7cc9
Compare
aqjune-aws
reviewed
Apr 11, 2025
pennyannn
force-pushed
the
yppe/other-xts-x86
branch
5 times, most recently
from
74fab47 to
2643849
Compare
pennyannn
force-pushed
the
yppe/other-xts-x86
branch
from
2643849 to
9af7d7b
Compare
aqjune-aws
approved these changes
Apr 18, 2025
There was a problem hiding this comment.
Thanks for separating XORPS from this PR..!
I checked that the implementation is consistent with the descriptions of the instructions in x86 docs, and cosimulator did not found inconsistencies for the newly added instruction patterns.
I added a small patch that uses simdN/usimdN to simplify the formal semantics. Also, added EXPAND_SIMD_RULE which makes the structure of x86 semantics for SIMD analogous to that of Arm side.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes:
This PR adds additional SSE/SSE2 instructions that are used in AES-XTS on x86_64, including multi-byte
NOP,PADDD,PADDQ,PAND,PCMPGTD,PSHUFD,PSRAD, andPXOR.They are tested through hand-written tests. The tests could be removed once the AES-XTS assembly program is integrated into s2n-bignum.
In addition, this PR updates the
allowed_asmfile.Notes:
The multi-byte
NOPappeared in the assembled binary because of the.aligndirective. These.aligndirectives are used for making sure program instructions are aligned properly (https://stackoverflow.com/questions/18113995/performance-optimisations-of-x86-64-assembly-alignment-and-branch-prediction). These.aligndirectives are assembled into multi-byteNOPs to pad up the space. In this PR we add multi-byte NOP that supports from 2-bytes to 9-bytes. However, these multi-byte NOP can be really wild. See https://stackoverflow.com/questions/27714524/x86-multi-byte-nop-and-instruction-prefix, where it points out that Intel can have 11-byte NOP with redundant prefixes. 10-byte and up NOP requires changes to data structures and will be done in another PR.XORPS is subject to constant-time uncertainty because it is not part of the DOIT list. Removed and will be submitted through another PR (#225).
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.