[PATCH v2 2/2] Add SM4 ARMv8/AArch64/CE assembly implementation

Tianjia Zhang tianjia.zhang at linux.alibaba.com
Tue Mar 1 09:58:34 CET 2022 

Hi Jussi,

On 3/1/22 3:26 PM, Jussi Kivilinna wrote:
> Hello,
> 
> On 1.3.2022 6.38, Tianjia Zhang wrote:
>> new file mode 100644
>> index 00000000..57e84683
>> --- /dev/null
>> +++ b/cipher/sm4-armv8-aarch64-ce.S
>> @@ -0,0 +1,568 @@
>> +/* sm4-armv8-aarch64-ce.S  -  ARMv8/AArch64/CE accelerated SM4 cipher
>> + *
>> + * Copyright (C) 2022 Alibaba Group.
>> + * Copyright (C) 2022 Tianjia Zhang <tianjia.zhang at linux.alibaba.com>
>> + *
>> + * This file is part of Libgcrypt.
>> + *
>> + * Libgcrypt is free software; you can redistribute it and/or modify
>> + * it under the terms of the GNU Lesser General Public License as
>> + * published by the Free Software Foundation; either version 2.1 of
>> + * the License, or (at your option) any later version.
>> + *
>> + * Libgcrypt is distributed in the hope that it will be useful,
>> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
>> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
>> + * GNU Lesser General Public License for more details.
>> + *
>> + * You should have received a copy of the GNU Lesser General Public
>> + * License along with this program; if not, see 
>> <http://www.gnu.org/licenses/>.
>> + */
>> +
>> +#include "asm-common-aarch64.h"
>> +
>> +#if defined(__AARCH64EL__) && \
>> +    defined(HAVE_COMPATIBLE_GCC_AARCH64_PLATFORM_AS) && \
>> +    defined(HAVE_GCC_INLINE_ASM_AARCH64_CRYPTO_SM) && \
>> +    defined(USE_SM4)
>> +
>> +.cpu generic+simd+crypto
>> +
>> +.irp b, 0, 1, 2, 3, 4, 5, 6, 7, 16, 24, 25, 26, 27, 28, 29, 30, 31
>> +    .set .Lv\b\().4s, \b
>> +.endr
>> +
>> +.macro sm4e, vd, vn
>> +    .inst 0xcec08400 | (.L\vn << 5) | .L\vd
>> +.endm
>> +
>> +.macro sm4ekey, vd, vn, vm
>> +    .inst 0xce60c800 | (.L\vm << 16) | (.L\vn << 5) | .L\vd
>> +.endm
> 
> I meant that the problem is that ".macro"/".endm"/".set"/".irp" may not 
> be not supported by all compilers/assemblers. Implementation here could 
> either:
> - Rely on assembler supporting these instructions and use "sm4e" and 
> "sm4ekey" directly or
> - Use preprocessor #define macros instead of assembler .macros to 
> provide these instructions. Something like this could work:
> 
> #define vecnum_v0 0
> #define vecnum_v1 1
> #define vecnum_v2 2
> #define vecnum_v3 3
> #define vecnum_v4 4
> #define vecnum_v5 5
> #define vecnum_v6 6
> #define vecnum_v7 7
> #define vecnum_v16 16
> #define vecnum_v24 24
> #define vecnum_v25 25
> #define vecnum_v26 26
> #define vecnum_v27 27
> #define vecnum_v28 28
> #define vecnum_v29 29
> #define vecnum_v30 30
> #define vecnum_v31 31
> 
> #define sm4e(vd,vn) \
>    .inst (0xcec08400 | (vecnum_##vn << 5) | vecnum_##vd)
> 
> #define sm4ekey(vd, vn, vm) \
>    .inst (0xce60c800 | (vecnum_##vm << 16) | (vecnum_##vn << 5) | 
> vecnum_##vd)
> 
> ...
> 
> #define crypt_blk4(b0, b1, b2, b3)         \
>          rev32 b0.16b, b0.16b;              \
>          rev32 b1.16b, b1.16b;              \
>          rev32 b2.16b, b2.16b;              \
>          rev32 b3.16b, b3.16b;              \
>          sm4e(b0, v24);                     \
>          sm4e(b1, v24);                     \
> 
> -Jussi

Thanks for your suggestion, using #define can solve this problem.

Cheers,
Tianjia

More information about the Gcrypt-devel mailing list