From 1d7fc9f76066927f9e7b7f4a7d293541b8baf727 Mon Sep 17 00:00:00 2001 From: Justin Smith Date: Wed, 28 Feb 2024 12:46:04 -0500 Subject: [PATCH] Take other part of fix --- crypto/fipsmodule/sha/asm/sha256-armv4.pl | 19 ++++++++++++++++--- .../ios-arm/crypto/fipsmodule/sha256-armv4.S | 19 ++++++++++++++++--- .../crypto/fipsmodule/sha256-armv4.S | 19 ++++++++++++++++--- 3 files changed, 48 insertions(+), 9 deletions(-) diff --git a/crypto/fipsmodule/sha/asm/sha256-armv4.pl b/crypto/fipsmodule/sha/asm/sha256-armv4.pl index 0c635170d76..718d6bef09b 100644 --- a/crypto/fipsmodule/sha/asm/sha256-armv4.pl +++ b/crypto/fipsmodule/sha/asm/sha256-armv4.pl @@ -241,7 +241,7 @@ sub BODY_16_XX { ldr r12,[r12] #endif tst r12,#ARMV8_SHA256 - bne .LARMv8 + bne .LK256_add_armv8 tst r12,#ARMV7_NEON bne .LNEON #endif @@ -639,12 +639,25 @@ () # define INST(a,b,c,d) .byte a,b,c,d # endif +.LK256_shortcut_armv8: +@ PC is 8 bytes ahead in Arm mode and 4 bytes ahead in Thumb mode. +#if defined(__thumb2__) +.word K256-(.LK256_add_armv8+4) +#else +.word K256-(.LK256_add_armv8+8) +#endif + .type sha256_block_data_order_armv8,%function .align 5 sha256_block_data_order_armv8: -.LARMv8: + @ K256 is too far to reference from one ADR command in Thumb mode. In + @ Arm mode, we could make it fit by aligning the ADR offset to a 64-byte + @ boundary. For simplicity, just load the offset from .LK256_shortcut_armv8. + ldr $Ktbl,.LK256_shortcut_armv8 +.LK256_add_armv8: + add $Ktbl,pc,$Ktbl + vld1.32 {$ABCD,$EFGH},[$ctx] - sub $Ktbl,$Ktbl,#256+32 add $len,$inp,$len,lsl#6 @ len to point at the end of inp b .Loop_v8 diff --git a/generated-src/ios-arm/crypto/fipsmodule/sha256-armv4.S b/generated-src/ios-arm/crypto/fipsmodule/sha256-armv4.S index 91901f25fac..4000978c945 100644 --- a/generated-src/ios-arm/crypto/fipsmodule/sha256-armv4.S +++ b/generated-src/ios-arm/crypto/fipsmodule/sha256-armv4.S @@ -115,7 +115,7 @@ Lsha256_block_data_order: ldr r12,[r12] #endif tst r12,#ARMV8_SHA256 - bne LARMv8 + bne LK256_add_armv8 tst r12,#ARMV7_NEON bne LNEON #endif @@ -2705,14 +2705,27 @@ L_00_48: # define INST(a,b,c,d) .byte a,b,c,d # endif +LK256_shortcut_armv8: +@ PC is 8 bytes ahead in Arm mode and 4 bytes ahead in Thumb mode. +#if defined(__thumb2__) +.word K256-(LK256_add_armv8+4) +#else +.word K256-(LK256_add_armv8+8) +#endif + #ifdef __thumb2__ .thumb_func sha256_block_data_order_armv8 #endif .align 5 sha256_block_data_order_armv8: -LARMv8: + @ K256 is too far to reference from one ADR command in Thumb mode. In + @ Arm mode, we could make it fit by aligning the ADR offset to a 64-byte + @ boundary. For simplicity, just load the offset from .LK256_shortcut_armv8. + ldr r3,LK256_shortcut_armv8 +LK256_add_armv8: + add r3,pc,r3 + vld1.32 {q0,q1},[r0] - sub r3,r3,#256+32 add r2,r1,r2,lsl#6 @ len to point at the end of inp b Loop_v8 diff --git a/generated-src/linux-arm/crypto/fipsmodule/sha256-armv4.S b/generated-src/linux-arm/crypto/fipsmodule/sha256-armv4.S index ff4eeb42e0b..a48d1a559af 100644 --- a/generated-src/linux-arm/crypto/fipsmodule/sha256-armv4.S +++ b/generated-src/linux-arm/crypto/fipsmodule/sha256-armv4.S @@ -113,7 +113,7 @@ sha256_block_data_order: ldr r12,[r12] #endif tst r12,#ARMV8_SHA256 - bne .LARMv8 + bne .LK256_add_armv8 tst r12,#ARMV7_NEON bne .LNEON #endif @@ -2701,12 +2701,25 @@ sha256_block_data_order_neon: # define INST(a,b,c,d) .byte a,b,c,d # endif +.LK256_shortcut_armv8: +@ PC is 8 bytes ahead in Arm mode and 4 bytes ahead in Thumb mode. +#if defined(__thumb2__) +.word K256-(.LK256_add_armv8+4) +#else +.word K256-(.LK256_add_armv8+8) +#endif + .type sha256_block_data_order_armv8,%function .align 5 sha256_block_data_order_armv8: -.LARMv8: + @ K256 is too far to reference from one ADR command in Thumb mode. In + @ Arm mode, we could make it fit by aligning the ADR offset to a 64-byte + @ boundary. For simplicity, just load the offset from .LK256_shortcut_armv8. + ldr r3,.LK256_shortcut_armv8 +.LK256_add_armv8: + add r3,pc,r3 + vld1.32 {q0,q1},[r0] - sub r3,r3,#256+32 add r2,r1,r2,lsl#6 @ len to point at the end of inp b .Loop_v8