diff options
| author | Patrick Steuer <patrick.steuer@de.ibm.com> | 2017-01-30 12:50:54 +0100 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2017-10-17 21:58:43 +0200 |
| commit | 8456e4c0af2524be106d55dd58f4bea681d50e48 (patch) | |
| tree | 773c3c6fe3cf7aec7ab7eabf1d8aacca5e7a3e38 | |
| parent | 465766c432e3f3af3114199b7b82bc6b41f7cf78 (diff) | |
| download | openssl-new-8456e4c0af2524be106d55dd58f4bea681d50e48.tar.gz | |
s390x assembly pack: remove capability double-checking.
An instruction's QUERY function is executed at initialization, iff the required
MSA level is installed. Therefore, it is sufficient to check the bits returned
by the QUERY functions. The MSA level does not have to be checked at every
function call.
crypto/aes/asm/aes-s390x.pl: The AES key schedule must be computed if the
required KM or KMC function codes are not available. Formally, the availability
of a KMC function code does not imply the availability of the corresponding KM
function code.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4501)
(cherry picked from commit af1d638730bdfad85a7fa8c3f157b2828eda7c1d)
| -rw-r--r-- | crypto/aes/asm/aes-s390x.pl | 16 | ||||
| -rw-r--r-- | crypto/modes/asm/ghash-s390x.pl | 13 | ||||
| -rw-r--r-- | crypto/sha/asm/sha1-s390x.pl | 3 | ||||
| -rw-r--r-- | crypto/sha/asm/sha512-s390x.pl | 3 |
4 files changed, 6 insertions, 29 deletions
diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl index ca575f18da..804986ccce 100644 --- a/crypto/aes/asm/aes-s390x.pl +++ b/crypto/aes/asm/aes-s390x.pl @@ -813,7 +813,7 @@ _s390x_AES_set_encrypt_key: .Lproceed: ___ $code.=<<___ if (!$softonly); - # convert bits to km code, [128,192,256]->[18,19,20] + # convert bits to km(c) code, [128,192,256]->[18,19,20] lhi %r5,-128 lhi %r0,18 ar %r5,$bits @@ -821,13 +821,10 @@ $code.=<<___ if (!$softonly); ar %r5,%r0 larl %r1,OPENSSL_s390xcap_P - lg %r0,0(%r1) - tmhl %r0,0x4000 # check for message-security assist - jz .Lekey_internal - llihh %r0,0x8000 srlg %r0,%r0,0(%r5) - ng %r0,48(%r1) # check kmc capability vector + ng %r0,32(%r1) # check availability of both km... + ng %r0,48(%r1) # ...and kmc support for given key length jz .Lekey_internal lmg %r0,%r1,0($inp) # just copy 128 bits... @@ -842,7 +839,7 @@ $code.=<<___ if (!$softonly); stg %r1,24($key) 1: st $bits,236($key) # save bits [for debugging purposes] lgr $t0,%r5 - st %r5,240($key) # save km code + st %r5,240($key) # save km(c) code lghi %r2,0 br %r14 ___ @@ -1440,11 +1437,6 @@ $code.=<<___ if (!$softonly); .Lctr32_hw_switch: ___ $code.=<<___ if (!$softonly && 0);# kmctr code was measured to be ~12% slower - larl $s0,OPENSSL_s390xcap_P - lg $s0,8($s0) - tmhh $s0,0x0004 # check for message_security-assist-4 - jz .Lctr32_km_loop - llgfr $s0,%r0 lgr $s1,%r1 larl %r1,OPENSSL_s390xcap_P diff --git a/crypto/modes/asm/ghash-s390x.pl b/crypto/modes/asm/ghash-s390x.pl index 65ffaf98bc..6e628d8823 100644 --- a/crypto/modes/asm/ghash-s390x.pl +++ b/crypto/modes/asm/ghash-s390x.pl @@ -88,9 +88,6 @@ gcm_gmult_4bit: ___ $code.=<<___ if(!$softonly && 0); # hardware is slow for single block... larl %r1,OPENSSL_s390xcap_P - lg %r0,0(%r1) - tmhl %r0,0x4000 # check for message-security-assist - jz .Lsoft_gmult lghi %r0,0 lg %r1,24(%r1) # load second word of kimd capabilities vector tmhh %r1,0x4000 # check for function 65 @@ -126,14 +123,8 @@ gcm_ghash_4bit: ___ $code.=<<___ if(!$softonly); larl %r1,OPENSSL_s390xcap_P - lg %r0,0(%r1) - tmhl %r0,0x4000 # check for message-security-assist - jz .Lsoft_ghash - lghi %r0,0 - la %r1,16($sp) - .long 0xb93e0004 # kimd %r0,%r4 - lg %r1,24($sp) - tmhh %r1,0x4000 # check for function 65 + lg %r0,24(%r1) # load second word of kimd capabilities vector + tmhh %r0,0x4000 # check for function 65 jz .Lsoft_ghash lghi %r0,65 # function 65 la %r1,0($Xi) # H lies right after Xi in gcm128_context diff --git a/crypto/sha/asm/sha1-s390x.pl b/crypto/sha/asm/sha1-s390x.pl index b19606c5c5..f8ab1bbaed 100644 --- a/crypto/sha/asm/sha1-s390x.pl +++ b/crypto/sha/asm/sha1-s390x.pl @@ -172,9 +172,6 @@ sha1_block_data_order: ___ $code.=<<___ if ($kimdfunc); larl %r1,OPENSSL_s390xcap_P - lg %r0,0(%r1) - tmhl %r0,0x4000 # check for message-security assist - jz .Lsoftware lg %r0,16(%r1) # check kimd capabilities tmhh %r0,`0x8000>>$kimdfunc` jz .Lsoftware diff --git a/crypto/sha/asm/sha512-s390x.pl b/crypto/sha/asm/sha512-s390x.pl index 582d393cef..0935e5396f 100644 --- a/crypto/sha/asm/sha512-s390x.pl +++ b/crypto/sha/asm/sha512-s390x.pl @@ -244,9 +244,6 @@ $Func: ___ $code.=<<___ if ($kimdfunc); larl %r1,OPENSSL_s390xcap_P - lg %r0,0(%r1) - tmhl %r0,0x4000 # check for message-security assist - jz .Lsoftware lg %r0,16(%r1) # check kimd capabilities tmhh %r0,`0x8000>>$kimdfunc` jz .Lsoftware |