From 08933d3dbb2bca0cd2feda97ecd36b9cb8f58c50 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 27 Apr 2023 18:28:00 +0800 Subject: [PATCH 1/9] fix compile fail for armclang when target flags are not set at command line, armclang will reports required feature not set error. This is found and verified at 6.20.1. And it does not work for 6.6 Signed-off-by: Jerry Yu --- library/aesce.c | 6 +++--- library/sha256.c | 7 +++++-- library/sha512.c | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 893ed173c..babd9a64b 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -66,9 +66,11 @@ # endif #endif +#include + #if !defined(__ARM_FEATURE_AES) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__clang__) -# pragma clang attribute push (__attribute__((target("aes"))), apply_to=function) +# pragma clang attribute push (__attribute__((target("crypto,aes"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__GNUC__) # pragma GCC push_options @@ -79,8 +81,6 @@ # endif #endif /* !__ARM_FEATURE_AES || MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG */ -#include - #if defined(__linux__) #include #include diff --git a/library/sha256.c b/library/sha256.c index 169229c88..ae1b35ca5 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -57,15 +57,18 @@ #include "mbedtls/platform.h" #if defined(__aarch64__) + # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) + /* *INDENT-OFF* */ +# include # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__clang__) # if __clang_major__ < 4 # error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" # endif -# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) +# pragma clang attribute push (__attribute__((target("crypto,sha2"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__GNUC__) /* FIXME: GCC 5 claims to support Armv8 Crypto Extensions, but some @@ -83,7 +86,7 @@ # endif # endif /* *INDENT-ON* */ -# include + # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) # if defined(__unix__) diff --git a/library/sha512.c b/library/sha512.c index ff92a1b81..5174b657e 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -60,6 +60,7 @@ # if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ +# include /* * Best performance comes from most recent compilers, with intrinsics and -O3. * Must compile with -march=armv8.2-a+sha3, but we can't detect armv8.2-a, and @@ -96,7 +97,6 @@ # endif # endif /* *INDENT-ON* */ -# include # endif # if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) # if defined(__unix__) From 580e06fb07682983231b7bb8bcf7c447fee27896 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 28 Apr 2023 17:42:40 +0800 Subject: [PATCH 2/9] fix armclang compile fail `__ARM_FEATURE_AES` is not defined with `armclang < 6.10`. And it raise error on `target("crypto,aes") Signed-off-by: Jerry Yu --- library/aesce.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index babd9a64b..b46a0e4d3 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -68,7 +68,8 @@ #include -#if !defined(__ARM_FEATURE_AES) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) +#if !(defined(__ARM_FEATURE_CRYPTO) || defined(__ARM_FEATURE_AES)) || \ + defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__clang__) # pragma clang attribute push (__attribute__((target("crypto,aes"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA @@ -79,7 +80,8 @@ # elif defined(_MSC_VER) # error "Required feature(__ARM_FEATURE_AES) is not enabled." # endif -#endif /* !__ARM_FEATURE_AES || MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG */ +#endif /* !(__ARM_FEATURE_CRYPTO || __ARM_FEATURE_AES) || + MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG */ #if defined(__linux__) #include From 22a4d3e2b421834b8729a6007f8f7a0b879d974c Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 28 Apr 2023 17:43:40 +0800 Subject: [PATCH 3/9] fix armclang build fail for sha512. `sha3` support is start from armclang6.10 Signed-off-by: Jerry Yu --- library/sha512.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/library/sha512.c b/library/sha512.c index 5174b657e..fc7de749a 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -77,7 +77,13 @@ */ # if !defined(__ARM_FEATURE_SHA512) || defined(MBEDTLS_ENABLE_ARM_SHA3_EXTENSIONS_COMPILER_FLAG) /* Test Clang first, as it defines __GNUC__ */ -# if defined(__clang__) +# if defined(__ARMCOMPILER_VERSION) +# if __ARMCOMPILER_VERSION < 6090000 +# error "A more recent ArmClang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# endif +# pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# elif defined(__clang__) # if __clang_major__ < 7 # error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # else From c37e260dc5c41cc44c8293a05c3048571dbf43a8 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 28 Apr 2023 17:46:48 +0800 Subject: [PATCH 4/9] Add armclang version requirement for sha512 Signed-off-by: Jerry Yu --- include/mbedtls/mbedtls_config.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 415bb29e9..293e9cd21 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3216,8 +3216,8 @@ * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * - * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or - * Clang >= 7. + * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8, + * Clang >= 7 or ArmClang >= 6.10. * * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. @@ -3241,8 +3241,8 @@ * \note This allows builds with a smaller code size than with * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * - * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or - * Clang >= 7. + * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8, + * Clang >= 7 or ArmClang >= 6.10. * * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. From 6b00f5a13579706a709d15ecbf474848b8d25710 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 4 May 2023 16:30:21 +0800 Subject: [PATCH 5/9] Add guards for arm_neon.h See: https://arm-software.github.io/acle/main/acle.html#arm_neonh Signed-off-by: Jerry Yu --- library/aesce.c | 4 ++++ library/sha256.c | 8 +++++++- library/sha512.c | 6 +++++- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index b46a0e4d3..d939e4a69 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -66,7 +66,11 @@ # endif #endif +#ifdef __ARM_NEON #include +#else +#error "Target does not support NEON instructions" +#endif #if !(defined(__ARM_FEATURE_CRYPTO) || defined(__ARM_FEATURE_AES)) || \ defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) diff --git a/library/sha256.c b/library/sha256.c index ae1b35ca5..104fa8098 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -62,7 +62,13 @@ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ -# include + +# ifdef __ARM_NEON +# include +# else +# error "Target does not support NEON instructions" +# endif + # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__clang__) # if __clang_major__ < 4 diff --git a/library/sha512.c b/library/sha512.c index fc7de749a..3b68801e5 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -60,7 +60,11 @@ # if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ -# include +# ifdef __ARM_NEON +# include +# else +# error "Target does not support NEON instructions" +# endif /* * Best performance comes from most recent compilers, with intrinsics and -O3. * Must compile with -march=armv8.2-a+sha3, but we can't detect armv8.2-a, and From 8e96e78dbe7668f6393434a6fb82449dfb3ed0d1 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 4 May 2023 16:37:30 +0800 Subject: [PATCH 6/9] update document and error message Chang the spell of armclang Signed-off-by: Jerry Yu --- include/mbedtls/mbedtls_config.h | 4 ++-- library/sha512.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 293e9cd21..3ec19b748 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3217,7 +3217,7 @@ * for a non-Aarch64 build it will be silently ignored. * * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8, - * Clang >= 7 or ArmClang >= 6.10. + * Clang >= 7 or armclang >= 6.10. * * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. @@ -3242,7 +3242,7 @@ * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8, - * Clang >= 7 or ArmClang >= 6.10. + * Clang >= 7 or armclang >= 6.10. * * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. diff --git a/library/sha512.c b/library/sha512.c index 3b68801e5..680d79db2 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -83,7 +83,7 @@ /* Test Clang first, as it defines __GNUC__ */ # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION < 6090000 -# error "A more recent ArmClang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "A more recent armclang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA From b1d06bb29e92e81ecdd5abcbe492c59572d7df79 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 5 May 2023 14:05:07 +0800 Subject: [PATCH 7/9] Add error message for old armclang when armclang<6.10, cpu modifiers MUST be specified on command line. Signed-off-by: Jerry Yu --- library/aesce.c | 11 +++++++++-- library/sha256.c | 10 ++++++++-- library/sha512.c | 5 ++++- 3 files changed, 21 insertions(+), 5 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index d939e4a69..65c79f73f 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -74,8 +74,15 @@ #if !(defined(__ARM_FEATURE_CRYPTO) || defined(__ARM_FEATURE_AES)) || \ defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) -# if defined(__clang__) -# pragma clang attribute push (__attribute__((target("crypto,aes"))), apply_to=function) +# if defined(__ARMCOMPILER_VERSION) +# if __ARMCOMPILER_VERSION <= 6090000 +# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_AESCE_C" +# else +# pragma clang attribute push (__attribute__((target("crypto,aes"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# endif +# elif defined(__clang__) +# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__GNUC__) # pragma GCC push_options diff --git a/library/sha256.c b/library/sha256.c index 104fa8098..5df61ac95 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -70,11 +70,17 @@ # endif # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) -# if defined(__clang__) +# if defined(__ARMCOMPILER_VERSION) +# if __ARMCOMPILER_VERSION <= 6090000 +# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# endif +# pragma clang attribute push (__attribute__((target("sha2"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# elif defined(__clang__) # if __clang_major__ < 4 # error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" # endif -# pragma clang attribute push (__attribute__((target("crypto,sha2"))), apply_to=function) +# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__GNUC__) /* FIXME: GCC 5 claims to support Armv8 Crypto Extensions, but some diff --git a/library/sha512.c b/library/sha512.c index 680d79db2..5ed920b98 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -84,9 +84,12 @@ # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION < 6090000 # error "A more recent armclang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# endif +# elif __ARMCOMPILER_VERSION == 6090000 +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA +# endif # elif defined(__clang__) # if __clang_major__ < 7 # error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" From 8bfa24b021c95ab1346348c731fbbdbad204b03b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 5 May 2023 14:35:00 +0800 Subject: [PATCH 8/9] Update compiler versions requirement For time being, we haven't verified MSVC for sha256 and 512. So we do not add msvc information. Signed-off-by: Jerry Yu --- include/mbedtls/mbedtls_config.h | 31 ++++++++++++++++++++++++++----- 1 file changed, 26 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 3ec19b748..fbf464d62 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2113,7 +2113,10 @@ * the CPU when this option is enabled. * * \note Minimum compiler versions for this feature are Clang 4.0, - * GCC 6.0 or MSVC 2019 version 16.11.2. + * armclang 6.6, GCC 6.0 or MSVC 2019 version 16.11.2. + * + * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for + * armclang <= 6.9 * * This module adds support for the AES Armv8-A Cryptographic Extensions on Aarch64 systems. */ @@ -3130,6 +3133,12 @@ * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * + * \note Minimum compiler versions for this feature are Clang 4.0, + * armclang 6.6 or GCC 6.0. + * + * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for + * armclang <= 6.9 + * * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. * @@ -3152,6 +3161,12 @@ * \note This allows builds with a smaller code size than with * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT * + * \note Minimum compiler versions for this feature are Clang 4.0, + * armclang 6.6 or GCC 6.0. + * + * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for + * armclang <= 6.9 + * * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. * @@ -3216,8 +3231,11 @@ * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * - * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8, - * Clang >= 7 or armclang >= 6.10. + * \note Minimum compiler versions for this feature are Clang 7.0, + * armclang 6.9 or GCC 8.0. + * + * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for + * armclang 6.9 * * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. @@ -3241,8 +3259,11 @@ * \note This allows builds with a smaller code size than with * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * - * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8, - * Clang >= 7 or armclang >= 6.10. + * \note Minimum compiler versions for this feature are Clang 7.0, + * armclang 6.9 or GCC 8.0. + * + * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for + * armclang 6.9 * * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. From 893be8d10f7efb078042b4ffdf88a8c35a5f27bf Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 13 Jul 2023 17:32:11 +0800 Subject: [PATCH 9/9] Replace cpu modifier flags `crypto` should be replace with `aes`. See https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions Signed-off-by: Jerry Yu --- library/aesce.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 65c79f73f..ed3cca11d 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -78,11 +78,11 @@ # if __ARMCOMPILER_VERSION <= 6090000 # error "Must use minimum -march=armv8-a+crypto for MBEDTLS_AESCE_C" # else -# pragma clang attribute push (__attribute__((target("crypto,aes"))), apply_to=function) +# pragma clang attribute push (__attribute__((target("aes"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__clang__) -# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) +# pragma clang attribute push (__attribute__((target("aes"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__GNUC__) # pragma GCC push_options