[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

Andy Polyakov appro at openssl.org
Tue Oct 17 19:58:57 UTC 2017


The branch OpenSSL_1_1_0-stable has been updated
       via  8456e4c0af2524be106d55dd58f4bea681d50e48 (commit)
       via  465766c432e3f3af3114199b7b82bc6b41f7cf78 (commit)
      from  c290d61fd35f2a33cf5e93f9dc74a0929171fc96 (commit)


- Log -----------------------------------------------------------------
commit 8456e4c0af2524be106d55dd58f4bea681d50e48
Author: Patrick Steuer <patrick.steuer at de.ibm.com>
Date:   Mon Jan 30 12:50:54 2017 +0100

    s390x assembly pack: remove capability double-checking.
    
    An instruction's QUERY function is executed at initialization, iff the required
    MSA level is installed. Therefore, it is sufficient to check the bits returned
    by the QUERY functions. The MSA level does not have to be checked at every
    function call.
    crypto/aes/asm/aes-s390x.pl: The AES key schedule must be computed if the
    required KM or KMC function codes are not available. Formally, the availability
    of a KMC function code does not imply the availability of the corresponding KM
    function code.
    
    Signed-off-by: Patrick Steuer <patrick.steuer at de.ibm.com>
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/4501)
    
    (cherry picked from commit af1d638730bdfad85a7fa8c3f157b2828eda7c1d)

commit 465766c432e3f3af3114199b7b82bc6b41f7cf78
Author: Patrick Steuer <patrick.steuer at de.ibm.com>
Date:   Fri Jan 27 09:47:48 2017 +0100

    crypto/aes/asm/aes-s390x.pl: fix $softonly=1 code path.
    
    Signed-off-by: Patrick Steuer <patrick.steuer at de.ibm.com>
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/4501)
    
    (cherry picked from commit 4c5100ce7d66ccff48d6435c1761b5e3281de61f)

-----------------------------------------------------------------------

Summary of changes:
 crypto/aes/asm/aes-s390x.pl     | 20 ++++++--------------
 crypto/modes/asm/ghash-s390x.pl | 13 ++-----------
 crypto/sha/asm/sha1-s390x.pl    |  3 ---
 crypto/sha/asm/sha512-s390x.pl  |  3 ---
 4 files changed, 8 insertions(+), 31 deletions(-)

diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl
index a93d601..804986c 100644
--- a/crypto/aes/asm/aes-s390x.pl
+++ b/crypto/aes/asm/aes-s390x.pl
@@ -813,7 +813,7 @@ _s390x_AES_set_encrypt_key:
 .Lproceed:
 ___
 $code.=<<___ if (!$softonly);
-	# convert bits to km code, [128,192,256]->[18,19,20]
+	# convert bits to km(c) code, [128,192,256]->[18,19,20]
 	lhi	%r5,-128
 	lhi	%r0,18
 	ar	%r5,$bits
@@ -821,13 +821,10 @@ $code.=<<___ if (!$softonly);
 	ar	%r5,%r0
 
 	larl	%r1,OPENSSL_s390xcap_P
-	lg	%r0,0(%r1)
-	tmhl	%r0,0x4000	# check for message-security assist
-	jz	.Lekey_internal
-
 	llihh	%r0,0x8000
 	srlg	%r0,%r0,0(%r5)
-	ng	%r0,48(%r1)	# check kmc capability vector
+	ng	%r0,32(%r1)	# check availability of both km...
+	ng	%r0,48(%r1)	# ...and kmc support for given key length
 	jz	.Lekey_internal
 
 	lmg	%r0,%r1,0($inp)	# just copy 128 bits...
@@ -842,7 +839,7 @@ $code.=<<___ if (!$softonly);
 	stg	%r1,24($key)
 1:	st	$bits,236($key)	# save bits [for debugging purposes]
 	lgr	$t0,%r5
-	st	%r5,240($key)	# save km code
+	st	%r5,240($key)	# save km(c) code
 	lghi	%r2,0
 	br	%r14
 ___
@@ -1439,12 +1436,7 @@ $code.=<<___ if (!$softonly);
 
 .Lctr32_hw_switch:
 ___
-$code.=<<___ if (0);	######### kmctr code was measured to be ~12% slower
-	larl	$s0,OPENSSL_s390xcap_P
-	lg	$s0,8($s0)
-	tmhh	$s0,0x0004	# check for message_security-assist-4
-	jz	.Lctr32_km_loop
-
+$code.=<<___ if (!$softonly && 0);# kmctr code was measured to be ~12% slower
 	llgfr	$s0,%r0
 	lgr	$s1,%r1
 	larl	%r1,OPENSSL_s390xcap_P
@@ -1488,7 +1480,7 @@ $code.=<<___ if (0);	######### kmctr code was measured to be ~12% slower
 	br	$ra
 .align	16
 ___
-$code.=<<___;
+$code.=<<___ if (!$softonly);
 .Lctr32_km_loop:
 	la	$s2,16($sp)
 	lgr	$s3,$fp
diff --git a/crypto/modes/asm/ghash-s390x.pl b/crypto/modes/asm/ghash-s390x.pl
index 65ffaf9..6e628d8 100644
--- a/crypto/modes/asm/ghash-s390x.pl
+++ b/crypto/modes/asm/ghash-s390x.pl
@@ -88,9 +88,6 @@ gcm_gmult_4bit:
 ___
 $code.=<<___ if(!$softonly && 0);	# hardware is slow for single block...
 	larl	%r1,OPENSSL_s390xcap_P
-	lg	%r0,0(%r1)
-	tmhl	%r0,0x4000	# check for message-security-assist
-	jz	.Lsoft_gmult
 	lghi	%r0,0
 	lg	%r1,24(%r1)	# load second word of kimd capabilities vector
 	tmhh	%r1,0x4000	# check for function 65
@@ -126,14 +123,8 @@ gcm_ghash_4bit:
 ___
 $code.=<<___ if(!$softonly);
 	larl	%r1,OPENSSL_s390xcap_P
-	lg	%r0,0(%r1)
-	tmhl	%r0,0x4000	# check for message-security-assist
-	jz	.Lsoft_ghash
-	lghi	%r0,0
-	la	%r1,16($sp)
-	.long	0xb93e0004	# kimd %r0,%r4
-	lg	%r1,24($sp)
-	tmhh	%r1,0x4000	# check for function 65
+	lg	%r0,24(%r1)	# load second word of kimd capabilities vector
+	tmhh	%r0,0x4000	# check for function 65
 	jz	.Lsoft_ghash
 	lghi	%r0,65		# function 65
 	la	%r1,0($Xi)	# H lies right after Xi in gcm128_context
diff --git a/crypto/sha/asm/sha1-s390x.pl b/crypto/sha/asm/sha1-s390x.pl
index b19606c..f8ab1bb 100644
--- a/crypto/sha/asm/sha1-s390x.pl
+++ b/crypto/sha/asm/sha1-s390x.pl
@@ -172,9 +172,6 @@ sha1_block_data_order:
 ___
 $code.=<<___ if ($kimdfunc);
 	larl	%r1,OPENSSL_s390xcap_P
-	lg	%r0,0(%r1)
-	tmhl	%r0,0x4000	# check for message-security assist
-	jz	.Lsoftware
 	lg	%r0,16(%r1)	# check kimd capabilities
 	tmhh	%r0,`0x8000>>$kimdfunc`
 	jz	.Lsoftware
diff --git a/crypto/sha/asm/sha512-s390x.pl b/crypto/sha/asm/sha512-s390x.pl
index 582d393..0935e53 100644
--- a/crypto/sha/asm/sha512-s390x.pl
+++ b/crypto/sha/asm/sha512-s390x.pl
@@ -244,9 +244,6 @@ $Func:
 ___
 $code.=<<___ if ($kimdfunc);
 	larl	%r1,OPENSSL_s390xcap_P
-	lg	%r0,0(%r1)
-	tmhl	%r0,0x4000	# check for message-security assist
-	jz	.Lsoftware
 	lg	%r0,16(%r1)	# check kimd capabilities
 	tmhh	%r0,`0x8000>>$kimdfunc`
 	jz	.Lsoftware


More information about the openssl-commits mailing list