Problem was that my build system was selecting "ar" and "ranlib", where as your build system selects "llvm-ar" and "llvm-ranlib".
Feed Advanced Search
Jan 22 2021
Jan 22 2021
jukivili added a comment to T5255: libgcrypt: build "error: invalid operand for instruction" when compiling with Clang & LTO.
Jan 21 2021
Jan 21 2021
jukivili added a comment to T5255: libgcrypt: build "error: invalid operand for instruction" when compiling with Clang & LTO.
Configure output has still has some differences LTO vs non-LTO:
--- non-lto.log 2021-01-21 22:25:14.966099577 +0200 +++ lto.log 2021-01-21 22:25:23.174086100 +0200 @@ -63,7 +63,7 @@ checking for archiver @FILE support... @ checking for strip... strip checking for ranlib... ranlib -checking command to parse /usr/bin/nm -B output from clang object... ok +checking command to parse /usr/bin/nm -B output from clang object... failed checking for sysroot... no checking for mt... mt checking if mt is a manifest tool... no @@ -75,7 +75,7 @@ checking if clang static flag -static works... yes checking if clang supports -c -o file.o... yes checking if clang supports -c -o file.o... (cached) yes -checking whether the clang linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes +checking whether the clang linker (/usr/bin/ld) supports shared libraries... yes checking whether -lc should be explicitly linked in... no checking dynamic linker characteristics... GNU/Linux ld.so checking how to hardcode library paths into programs... immediate @@ -168,8 +168,8 @@ checking whether 'asm' assembler keyword is supported... yes checking whether '__asm__' assembler keyword is supported... yes checking whether inline assembly memory barrier is supported... yes -checking whether GCC assembler is compatible for ARM assembly implementations... no -checking whether GCC assembler is compatible for ARMv8/Aarch64 assembly implementations... no +checking whether GCC assembler is compatible for ARM assembly implementations... yes +checking whether GCC assembler is compatible for ARMv8/Aarch64 assembly implementations... yes checking whether GCC assembler supports for CFI directives... yes checking whether GCC assembler supports for ELF directives... yes checking for _ prefix in compiled symbols... no @@ -240,7 +240,7 @@ checking if gcc supports -Wno-missing-field-initializers... yes checking if gcc supports -Wpointer-arith... yes checking whether non excutable stack support is requested... yes -checking whether assembler supports --noexecstack option... yes +checking whether assembler supports --noexecstack option... no checking that generated files are newer than configure... done configure: creating ./config.status config.status: creating Makefile
jukivili added a comment to T5255: libgcrypt: build "error: invalid operand for instruction" when compiling with Clang & LTO.
Clang support Intel syntax after all, but not assembler macros that were used. Here's two patches that fix the configure.ac issue and removes use of assembly macros in Intel syntax assembly files:
Jan 20 2021
Jan 20 2021
jukivili committed rC00df9f27181d: Split inline assembly blocks with many memory operands (authored by jukivili).
Split inline assembly blocks with many memory operands
jukivili committed rC81354e911bfa: tests/basic: fix build on ARM32 when NEON disabled (authored by jukivili).
tests/basic: fix build on ARM32 when NEON disabled
jukivili committed rC097148bc89ec: kdf: make self-test test-vector array read-only (authored by jukivili).
kdf: make self-test test-vector array read-only
jukivili committed rCc6425a553729: kdf: add missing null-terminator for self-test test-vector array (authored by jukivili).
kdf: add missing null-terminator for self-test test-vector array
jukivili committed rC807827cda3ba: cipher/bithelp: use __builtin_ctzl when available (authored by jukivili).
cipher/bithelp: use __builtin_ctzl when available
jukivili committed rC477355047e5c: mpi/longlong: make use of compiler provided __builtin_ctz/__builtin_clz (authored by jukivili).
mpi/longlong: make use of compiler provided __builtin_ctz/__builtin_clz
jukivili closed T5196: libgcrypt: s390x/zSeries performance improvements, a subtask of T4460: libgcrypt performance TODOs, as Resolved.
Merged to master.
jukivili closed T5197: libgcrypt: s390x/zSeries AES acceleration, a subtask of T5196: libgcrypt: s390x/zSeries performance improvements, as Resolved.
Merged to master.
jukivili closed T5198: libgcrypt: s390x/zSeries SHA256/SHA512 acceleration, a subtask of T5196: libgcrypt: s390x/zSeries performance improvements, as Resolved.
Merged to master.
jukivili closed T5199: libgcrypt: s390x/zSeries GHASH/AES-GCM acceleration, a subtask of T5196: libgcrypt: s390x/zSeries performance improvements, as Resolved.
jukivili closed T5200: libgcrypt: s390x/zSeries SHA3 acceleration, a subtask of T5196: libgcrypt: s390x/zSeries performance improvements, as Resolved.
Merged to master.
jukivili closed T5201: libgcrypt: s390x/zSeries 128-bit vector implementation of ChaCha20, a subtask of T5196: libgcrypt: s390x/zSeries performance improvements, as Resolved.
jukivili closed T5201: libgcrypt: s390x/zSeries 128-bit vector implementation of ChaCha20 as Resolved.
Merged to master.
jukivili closed T5202: libgcrypt: s390x/zSeries implementation of Poly1305 / ChaCha20-Poly1305 AEAD, a subtask of T5196: libgcrypt: s390x/zSeries performance improvements, as Resolved.
jukivili closed T5202: libgcrypt: s390x/zSeries implementation of Poly1305 / ChaCha20-Poly1305 AEAD as Resolved.
Merged to master.
jukivili closed T5203: libgcrypt: s390x/zSeries SHA1 acceleration, a subtask of T5196: libgcrypt: s390x/zSeries performance improvements, as Resolved.
Merged to master.
jukivili committed rC92fe807aeb7e: Merge remote-tracking branch 'origin/cipher-s390x-optimizations' into master (authored by jukivili).
Merge remote-tracking branch 'origin/cipher-s390x-optimizations' into master
jukivili added a comment to T5257: 32 bit cross build fails on asm code in gcrypt 1.9.0.
jukivili added a comment to T5257: 32 bit cross build fails on asm code in gcrypt 1.9.0.
Thanks for report. I reproduced this by building i386 with optimizations disabled "-O0" (gcc 10). With normal optimization level such as "-O2", the issue does not appear.
jukivili created T5256: libgcrypt, convert Intel syntax x86_64 assembly files to AT&T syntax in the S1 Public space.
jukivili added a comment to T5255: libgcrypt: build "error: invalid operand for instruction" when compiling with Clang & LTO.
Breakage appears to happen in configure.ac. When building with clang without LTO following check gives "no":
Jan 19 2021
Jan 19 2021
jukivili added a comment to T5255: libgcrypt: build "error: invalid operand for instruction" when compiling with Clang & LTO.
Yes, clang + LTO is broken. Maybe there is issue in clang bug tracker for this already?
jukivili added a comment to T5254: libgcrypt 1.9.0 fails make check (selftest).
Maybe this patch helps:
jukivili added a comment to T5251: Compile error on ARMv7 for libgcrypt .
Thanks for you report.
Jan 16 2021
Jan 16 2021
jukivili committed rC1f75681cbba8: Add s390x/zSeries implementation of Poly1305 (authored by jukivili).
Add s390x/zSeries implementation of Poly1305
jukivili committed rC6a0bb9ab7f88: Add s390x/zSeries implementation of ChaCha20 (authored by jukivili).
Add s390x/zSeries implementation of ChaCha20
jukivili committed rC1d13794780e3: hwf-s390x: add VX vector instruction set detection (authored by jukivili).
hwf-s390x: add VX vector instruction set detection
mpi/longlong: add s390x/zSeries macros
Jan 7 2021
Jan 7 2021
jukivili added a comment to T5195: Incorrect HWCAP2 check for AArch32.
Yes, bug is also in 1.8 branch.
Dec 30 2020
Dec 30 2020
jukivili added a comment to T5201: libgcrypt: s390x/zSeries 128-bit vector implementation of ChaCha20.
Reimplemented 8 block parallel in "vertical" orientation.
jukivili added a comment to T5202: libgcrypt: s390x/zSeries implementation of Poly1305 / ChaCha20-Poly1305 AEAD.
With little extra effort, stitched implementation turned out ok after all.
jukivili renamed T5202: libgcrypt: s390x/zSeries implementation of Poly1305 / ChaCha20-Poly1305 AEAD from libgcrypt: s390x/zSeries 128-bit vector implementation of Poly1305 to libgcrypt: s390x/zSeries implementation of Poly1305 / ChaCha20-Poly1305 AEAD.
Dec 28 2020
Dec 28 2020
jukivili committed rC6b6bfd57d0a6: hwf-arm: fix incorrect HWCAP2 for SHA1 and SHA2 on AArch32 (authored by jukivili).
hwf-arm: fix incorrect HWCAP2 for SHA1 and SHA2 on AArch32
jukivili committed rCe47f04b4a289: Add missing prototype for _gcry_mac_selftest (authored by jukivili).
Add missing prototype for _gcry_mac_selftest
Dec 22 2020
Dec 22 2020
jukivili added a comment to T5200: libgcrypt: s390x/zSeries SHA3 acceleration.
Applied to s390x optimizations feature branch:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=7532e27cacb74c92fd561524a0897163b0fcd7f4
jukivili added a comment to T5198: libgcrypt: s390x/zSeries SHA256/SHA512 acceleration.
Applied to s390x optimizations feature branch:
SHA256: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=0b555c3cc7c2b80ec2628685946a6139a1996911
SHA512: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=45f0ec0c4e3b08627cbf7e65f5f110c321710d01
jukivili added a comment to T5203: libgcrypt: s390x/zSeries SHA1 acceleration.
Applied to s390x optimizations feature branch:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=88570515b4ca92a44c4e40c31f877c11cc00ab68
jukivili added a comment to T5199: libgcrypt: s390x/zSeries GHASH/AES-GCM acceleration.
Applied to s390x optimizations feature branch:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=5aeb091f911398217b2e9facb9bdeb05c63d7844
jukivili added a comment to T5197: libgcrypt: s390x/zSeries AES acceleration.
Applied to s390x optimizations feature branch:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=9219d9d1b60c01a4c7dbde05ee6b5b52e0d7d072
jukivili added a comment to T5202: libgcrypt: s390x/zSeries implementation of Poly1305 / ChaCha20-Poly1305 AEAD.
Implemented stitched ChaCha20-Poly1305 (vector ChaCha20 & ALU Poly1305). Unfortunately performance is less than OpenSSL (vector ChaCha20 & vector Poly1305). Instruction latencies make Poly1305 slower than combined OpenSSL ChaCha20+Poly1305, thus it is not possible to reach same performance with stitching. Vector Poly1305 implementation is therefore needed.
jukivili added a comment to T5201: libgcrypt: s390x/zSeries 128-bit vector implementation of ChaCha20.
Currently have 8 block parallel implementation done. Need to check if 6 block parallel approach is better (as used in OpenSSL - benefit being less register pressure and less moving of data between registers and stack).
jukivili renamed T5198: libgcrypt: s390x/zSeries SHA256/SHA512 acceleration from libgcrypt: s390x/zSeries SHA1/SHA256/SHA512 acceleration to libgcrypt: s390x/zSeries SHA256/SHA512 acceleration.
jukivili created T5201: libgcrypt: s390x/zSeries 128-bit vector implementation of ChaCha20 in the S1 Public space.
jukivili renamed T5198: libgcrypt: s390x/zSeries SHA256/SHA512 acceleration from libgcrypt: s380x/zSeries SHA1/SHA256/SHA512 acceleration to libgcrypt: s390x/zSeries SHA1/SHA256/SHA512 acceleration.
jukivili added a parent task for T5196: libgcrypt: s390x/zSeries performance improvements: T4460: libgcrypt performance TODOs.
jukivili updated the task description for T5196: libgcrypt: s390x/zSeries performance improvements.
Thanks for reporting this. You are correct, those HWCAP2_SHA1 and HWCAP2_SHA2 defines are wrong.
Dec 18 2020
Dec 18 2020
Add s390x/zSeries acceleration for SHA3
jukivili committed rC45f0ec0c4e3b: Add s390x/zSeries acceleration for SHA512 (authored by jukivili).
Add s390x/zSeries acceleration for SHA512
jukivili committed rC0b555c3cc7c2: Add s390x/zSeries acceleration for SHA256 (authored by jukivili).
Add s390x/zSeries acceleration for SHA256
jukivili committed rC5aeb091f9113: Add bulk AES-GCM acceleration for s390x/zSeries (authored by jukivili).
Add bulk AES-GCM acceleration for s390x/zSeries
Add s390x/zSeries acceleration for SHA1
Add bulk function interface for GCM mode
Add s390x/zSeries acceleration for AES
Add bulk function interface for OFB mode
jukivili committed rC128054767d5f: hwf: add detection of s390x/zSeries hardware features (authored by jukivili).
hwf: add detection of s390x/zSeries hardware features
jukivili committed rC0e37bb32e215: tests/bench-slope: use same benchmarking for XTS as for other modes (authored by jukivili).
tests/bench-slope: use same benchmarking for XTS as for other modes
jukivili committed rCc59b5b03a063: aarch64: mpi/longlong.h: fix operand size mismatch (authored by jukivili).
aarch64: mpi/longlong.h: fix operand size mismatch
jukivili committed rC8352b0ece523: aarch64: use configure check for assembly ELF directives support (authored by jukivili).
aarch64: use configure check for assembly ELF directives support
Dec 3 2020
Dec 3 2020
jukivili committed rC2065720b5b06: tests/basic: check 32-bit and 64-bit overflow for CTR and ChaCha20 (authored by jukivili).
tests/basic: check 32-bit and 64-bit overflow for CTR and ChaCha20
jukivili committed rC1a83df98b198: Prevent link-time optimization from inlining __gcry_burn_stack (authored by jukivili).
Prevent link-time optimization from inlining __gcry_burn_stack
jukivili committed rCed45eac3b721: chacha20-ppc: fix 32-bit counter overflow handling (authored by jukivili).
chacha20-ppc: fix 32-bit counter overflow handling
jukivili added a comment to T5157: libgcrypt: ARM64 Builds on macOS fail.
AArch64 clang support was added to 'master' on 2018-03-28. One would need to backport commits 8ee38806245ca8452051b1a245f44082323f37f6...9b58e4a03ba3aeff7bae3f40da706977870c9649 to 1.8 branch.
Nov 30 2020
Nov 30 2020
jukivili added a comment to T5157: libgcrypt: ARM64 Builds on macOS fail.
Another issue that comes in to mind is that current ARM/ARM64 HW feature detection most likely wont work on MacOS. Thus HW accelerated AES&SHA&GHASH implementation wont be used.
jukivili added a comment to T5157: libgcrypt: ARM64 Builds on macOS fail.
HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS is never defined on ARM64 as it depends on "$mpi_cpu_arch" == "x86". Instead I think new check for GCC assembly ELF directives would be needed in configure.ac, similar to HAVE_GCC_ASM_CFI_DIRECTIVES check. Following check should work, but I have not yet tested it:
Oct 1 2020
Oct 1 2020
jukivili committed rC4a50c6b88d6d: tests: Fix typo in comment (authored by Tianjia Zhang <tianjia.zhang@linux.alibaba.com>).
tests: Fix typo in comment
jukivili committed rC2051d5bd6f73: rijndael: clean-up prepare_decryption function (authored by jukivili).
rijndael: clean-up prepare_decryption function
jukivili committed rC7679c918ade9: rijndael: clean-up generic bulk functions (authored by jukivili).
rijndael: clean-up generic bulk functions
jukivili committed rC51271eb86bcb: cipher: setup bulk functions at each algorithms key setup (authored by jukivili).
cipher: setup bulk functions at each algorithms key setup
rijndael: tidy do_setkey little bit
Sep 30 2020
Sep 30 2020
jukivili committed rCf96989f0e908: rijndael-aesni: tweak x86_64 AES-NI for better performance on AMD Zen2 (authored by jukivili).
rijndael-aesni: tweak x86_64 AES-NI for better performance on AMD Zen2
Aug 29 2020
Aug 29 2020
jukivili updated subscribers of D501: VPMSUMD accelleration for GCM mode on PPC.
So, things I see are needed to be done for inclusion of this patch are:
- GNU C coding style fixes.
- Adding comment about that this implementation is based on GHASH implementation by Andy Polyakov with original license. This needs to be checked with @werner , but I think following would be sufficient:
Aug 3 2020
Aug 3 2020
jukivili committed rC8d7b1d0a52bd: chacha20-aarch64: improve performance through higher SIMD interleaving (authored by jukivili).
chacha20-aarch64: improve performance through higher SIMD interleaving
jukivili committed rC886120f33bd3: Enable jitter entropy also on non-x86 architectures (authored by jukivili).
Enable jitter entropy also on non-x86 architectures
jukivili committed rCf1c3db3bf40e: tests/bench-slope: improve CPU frequency auto-detection (authored by jukivili).
tests/bench-slope: improve CPU frequency auto-detection
jukivili committed rC4c0e244fc53e: Camellia AES-NI/AVX/AVX2 size optimization (authored by jukivili).
Camellia AES-NI/AVX/AVX2 size optimization
jukivili committed rC4ed9b9494854: random/jitterentropy: fix USE_JENT == JENT_USES_GETTIME code path (authored by jukivili).
random/jitterentropy: fix USE_JENT == JENT_USES_GETTIME code path
Jun 29 2020
Jun 29 2020
jukivili added a comment to D501: VPMSUMD accelleration for GCM mode on PPC.
When I took side-by-side comparison of cryptogams version to this patch, what I find is that they are strikingly similar. Operation/instruction ordering matches closely to parts of ghashp8-ppc.pl. In many parts variable/register names are the same also.
