[openssl] master update
patrick.steuer at de.ibm.com
patrick.steuer at de.ibm.com
Sat Jun 29 21:22:19 UTC 2019
The branch master has been updated
via da93b5cc2bc931b998f33ee432bc1ae2b38fccca (commit)
via e382f507fb67863be02bfa69b08533cc55f0cd96 (commit)
from bc42bd6298702a1abf70aa6383d36886dd5af4b3 (commit)
- Log -----------------------------------------------------------------
commit da93b5cc2bc931b998f33ee432bc1ae2b38fccca
Author: Patrick Steuer <patrick.steuer at de.ibm.com>
Date: Wed Jun 26 23:41:35 2019 +0200
s390x assembly pack: update OPENSSL_s390xcap(3)
Add description of capability vector's pcc and kma parts.
Signed-off-by: Patrick Steuer <patrick.steuer at de.ibm.com>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9258)
commit e382f507fb67863be02bfa69b08533cc55f0cd96
Author: Patrick Steuer <patrick.steuer at de.ibm.com>
Date: Thu Jun 27 01:07:54 2019 +0200
s390x assembly pack: add support for pcc and kma instructions
Signed-off-by: Patrick Steuer <patrick.steuer at de.ibm.com>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9258)
-----------------------------------------------------------------------
Summary of changes:
crypto/s390x_arch.h | 22 ++++++++
crypto/s390xcap.c | 119 ++++++++++++++++++++++++++++++++++++++++++
crypto/s390xcpuid.pl | 71 +++++++++++++++++++++++++
doc/man3/OPENSSL_s390xcap.pod | 21 ++++++--
4 files changed, 230 insertions(+), 3 deletions(-)
diff --git a/crypto/s390x_arch.h b/crypto/s390x_arch.h
index 501283e..5e12542 100644
--- a/crypto/s390x_arch.h
+++ b/crypto/s390x_arch.h
@@ -26,6 +26,9 @@ void s390x_kmf(const unsigned char *in, size_t len, unsigned char *out,
unsigned int fc, void *param);
void s390x_kma(const unsigned char *aad, size_t alen, const unsigned char *in,
size_t len, unsigned char *out, unsigned int fc, void *param);
+int s390x_pcc(unsigned int fc, void *param);
+int s390x_kdsa(unsigned int fc, void *param, const unsigned char *in,
+ size_t len);
/*
* The field elements of OPENSSL_s390xcap_P are the 64-bit words returned by
@@ -45,6 +48,8 @@ struct OPENSSL_s390xcap_st {
unsigned long long kmf[2];
unsigned long long prno[2];
unsigned long long kma[2];
+ unsigned long long pcc[2];
+ unsigned long long kdsa[2];
};
extern struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P;
@@ -69,6 +74,8 @@ extern struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P;
# define S390X_KMF 0x90
# define S390X_PRNO 0xa0
# define S390X_KMA 0xb0
+# define S390X_PCC 0xc0
+# define S390X_KDSA 0xd0
/* Facility Bit Numbers */
# define S390X_MSA 17 /* message-security-assist */
@@ -80,6 +87,7 @@ extern struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P;
# define S390X_VXD 134 /* vector packed decimal */
# define S390X_VXE 135 /* vector enhancements 1 */
# define S390X_MSA8 146 /* message-security-assist-ext. 8 */
+# define S390X_MSA9 155 /* message-security-assist-ext. 9 */
/* Function Codes */
@@ -111,10 +119,24 @@ extern struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P;
# define S390X_SHA_512_DRNG 3
# define S390X_TRNG 114
+/* pcc */
+# define S390X_SCALAR_MULTIPLY_P256 64
+# define S390X_SCALAR_MULTIPLY_P384 65
+# define S390X_SCALAR_MULTIPLY_P521 66
+
+/* kdsa */
+# define S390X_ECDSA_VERIFY_P256 1
+# define S390X_ECDSA_VERIFY_P384 2
+# define S390X_ECDSA_VERIFY_P521 3
+# define S390X_ECDSA_SIGN_P256 9
+# define S390X_ECDSA_SIGN_P384 10
+# define S390X_ECDSA_SIGN_P521 11
+
/* Register 0 Flags */
# define S390X_DECRYPT 0x80
# define S390X_KMA_LPC 0x100
# define S390X_KMA_LAAD 0x200
# define S390X_KMA_HS 0x400
+# define S390X_KDSA_D 0x80
#endif
diff --git a/crypto/s390xcap.c b/crypto/s390xcap.c
index 717849e..b75eacf 100644
--- a/crypto/s390xcap.c
+++ b/crypto/s390xcap.c
@@ -137,6 +137,10 @@ void OPENSSL_cpuid_setup(void)
OPENSSL_s390xcap_P.prno[1] &= cap.prno[1];
OPENSSL_s390xcap_P.kma[0] &= cap.kma[0];
OPENSSL_s390xcap_P.kma[1] &= cap.kma[1];
+ OPENSSL_s390xcap_P.pcc[0] &= cap.pcc[0];
+ OPENSSL_s390xcap_P.pcc[1] &= cap.pcc[1];
+ OPENSSL_s390xcap_P.kdsa[0] &= cap.kdsa[0];
+ OPENSSL_s390xcap_P.kdsa[1] &= cap.kdsa[1];
}
}
@@ -163,6 +167,8 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
/*.kmf = */{0ULL, 0ULL},
/*.prno = */{0ULL, 0ULL},
/*.kma = */{0ULL, 0ULL},
+ /*.pcc = */{0ULL, 0ULL},
+ /*.kdsa = */{0ULL, 0ULL},
};
/*-
@@ -189,6 +195,8 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
/*.kmf = */{0ULL, 0ULL},
/*.prno = */{0ULL, 0ULL},
/*.kma = */{0ULL, 0ULL},
+ /*.pcc = */{0ULL, 0ULL},
+ /*.kdsa = */{0ULL, 0ULL},
};
/*-
@@ -220,6 +228,8 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
/*.kmf = */{0ULL, 0ULL},
/*.prno = */{0ULL, 0ULL},
/*.kma = */{0ULL, 0ULL},
+ /*.pcc = */{0ULL, 0ULL},
+ /*.kdsa = */{0ULL, 0ULL},
};
/*-
@@ -257,6 +267,8 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
/*.kmf = */{0ULL, 0ULL},
/*.prno = */{0ULL, 0ULL},
/*.kma = */{0ULL, 0ULL},
+ /*.pcc = */{0ULL, 0ULL},
+ /*.kdsa = */{0ULL, 0ULL},
};
/*-
@@ -313,6 +325,9 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
0ULL},
/*.prno = */{0ULL, 0ULL},
/*.kma = */{0ULL, 0ULL},
+ /*.pcc = */{S390X_CAPBIT(S390X_QUERY),
+ 0ULL},
+ /*.kdsa = */{0ULL, 0ULL},
};
/*-
@@ -369,6 +384,9 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
0ULL},
/*.prno = */{0ULL, 0ULL},
/*.kma = */{0ULL, 0ULL},
+ /*.pcc = */{S390X_CAPBIT(S390X_QUERY),
+ 0ULL},
+ /*.kdsa = */{0ULL, 0ULL},
};
/*-
@@ -429,6 +447,9 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
| S390X_CAPBIT(S390X_SHA_512_DRNG),
0ULL},
/*.kma = */{0ULL, 0ULL},
+ /*.pcc = */{S390X_CAPBIT(S390X_QUERY),
+ 0ULL},
+ /*.kdsa = */{0ULL, 0ULL},
};
/*-
@@ -508,6 +529,101 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
| S390X_CAPBIT(S390X_AES_192)
| S390X_CAPBIT(S390X_AES_256),
0ULL},
+ /*.pcc = */{S390X_CAPBIT(S390X_QUERY),
+ 0ULL},
+ /*.kdsa = */{0ULL, 0ULL},
+ };
+
+ /*-
+ * z15 (2019) - z/Architecture POP SA22-7832-12
+ * Implements MSA and MSA1-9.
+ */
+ static const struct OPENSSL_s390xcap_st z15 = {
+ /*.stfle = */{S390X_CAPBIT(S390X_MSA)
+ | S390X_CAPBIT(S390X_STCKF)
+ | S390X_CAPBIT(S390X_MSA5),
+ S390X_CAPBIT(S390X_MSA3)
+ | S390X_CAPBIT(S390X_MSA4),
+ S390X_CAPBIT(S390X_VX)
+ | S390X_CAPBIT(S390X_VXD)
+ | S390X_CAPBIT(S390X_VXE)
+ | S390X_CAPBIT(S390X_MSA8),
+ 0ULL},
+ /*.kimd = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_SHA_1)
+ | S390X_CAPBIT(S390X_SHA_256)
+ | S390X_CAPBIT(S390X_SHA_512)
+ | S390X_CAPBIT(S390X_SHA3_224)
+ | S390X_CAPBIT(S390X_SHA3_256)
+ | S390X_CAPBIT(S390X_SHA3_384)
+ | S390X_CAPBIT(S390X_SHA3_512)
+ | S390X_CAPBIT(S390X_SHAKE_128)
+ | S390X_CAPBIT(S390X_SHAKE_256),
+ S390X_CAPBIT(S390X_GHASH)},
+ /*.klmd = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_SHA_1)
+ | S390X_CAPBIT(S390X_SHA_256)
+ | S390X_CAPBIT(S390X_SHA_512)
+ | S390X_CAPBIT(S390X_SHA3_224)
+ | S390X_CAPBIT(S390X_SHA3_256)
+ | S390X_CAPBIT(S390X_SHA3_384)
+ | S390X_CAPBIT(S390X_SHA3_512)
+ | S390X_CAPBIT(S390X_SHAKE_128)
+ | S390X_CAPBIT(S390X_SHAKE_256),
+ 0ULL},
+ /*.km = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_AES_128)
+ | S390X_CAPBIT(S390X_AES_192)
+ | S390X_CAPBIT(S390X_AES_256)
+ | S390X_CAPBIT(S390X_XTS_AES_128)
+ | S390X_CAPBIT(S390X_XTS_AES_256),
+ 0ULL},
+ /*.kmc = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_AES_128)
+ | S390X_CAPBIT(S390X_AES_192)
+ | S390X_CAPBIT(S390X_AES_256),
+ 0ULL},
+ /*.kmac = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_AES_128)
+ | S390X_CAPBIT(S390X_AES_192)
+ | S390X_CAPBIT(S390X_AES_256),
+ 0ULL},
+ /*.kmctr = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_AES_128)
+ | S390X_CAPBIT(S390X_AES_192)
+ | S390X_CAPBIT(S390X_AES_256),
+ 0ULL},
+ /*.kmo = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_AES_128)
+ | S390X_CAPBIT(S390X_AES_192)
+ | S390X_CAPBIT(S390X_AES_256),
+ 0ULL},
+ /*.kmf = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_AES_128)
+ | S390X_CAPBIT(S390X_AES_192)
+ | S390X_CAPBIT(S390X_AES_256),
+ 0ULL},
+ /*.prno = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_SHA_512_DRNG),
+ S390X_CAPBIT(S390X_TRNG)},
+ /*.kma = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_AES_128)
+ | S390X_CAPBIT(S390X_AES_192)
+ | S390X_CAPBIT(S390X_AES_256),
+ 0ULL},
+ /*.pcc = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_SCALAR_MULTIPLY_P256)
+ | S390X_CAPBIT(S390X_SCALAR_MULTIPLY_P384)
+ | S390X_CAPBIT(S390X_SCALAR_MULTIPLY_P521),
+ 0ULL},
+ /*.kdsa = */{S390X_CAPBIT(S390X_QUERY)
+ | S390X_CAPBIT(S390X_ECDSA_VERIFY_P256)
+ | S390X_CAPBIT(S390X_ECDSA_VERIFY_P384)
+ | S390X_CAPBIT(S390X_ECDSA_VERIFY_P521)
+ | S390X_CAPBIT(S390X_ECDSA_SIGN_P256)
+ | S390X_CAPBIT(S390X_ECDSA_SIGN_P384)
+ | S390X_CAPBIT(S390X_ECDSA_SIGN_P521),
+ 0ULL},
};
char *tok_begin, *tok_end, *buff, tok[S390X_STFLE_MAX][LEN + 1];
@@ -551,6 +667,8 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
else if TOK_FUNC(kmf)
else if TOK_FUNC(prno)
else if TOK_FUNC(kma)
+ else if TOK_FUNC(pcc)
+ else if TOK_FUNC(kdsa)
/* CPU model tokens */
else if TOK_CPU(z900)
@@ -561,6 +679,7 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
else if TOK_CPU(zEC12)
else if TOK_CPU(z13)
else if TOK_CPU(z14)
+ else if TOK_CPU(z15)
/* whitespace(ignored) or invalid tokens */
else {
diff --git a/crypto/s390xcpuid.pl b/crypto/s390xcpuid.pl
index 790fbc2..2678b21 100755
--- a/crypto/s390xcpuid.pl
+++ b/crypto/s390xcpuid.pl
@@ -77,8 +77,13 @@ OPENSSL_s390x_functions:
stg %r0,S390X_PRNO+8(%r4)
stg %r0,S390X_KMA(%r4)
stg %r0,S390X_KMA+8(%r4)
+ stg %r0,S390X_PCC(%r4)
+ stg %r0,S390X_PCC+8(%r4)
+ stg %r0,S390X_KDSA(%r4)
+ stg %r0,S390X_KDSA+8(%r4)
lmg %r2,%r3,S390X_STFLE(%r4)
+
tmhl %r2,0x4000 # check for message-security-assist
jz .Lret
@@ -102,6 +107,13 @@ OPENSSL_s390x_functions:
la %r1,S390X_KMAC(%r4)
.long 0xb91e0042 # kmac %r4,%r2
+ tmhh %r3,0x0003 # check for message-security-assist-3
+ jz .Lret
+
+ lghi %r0,S390X_QUERY # query pcc capability vector
+ la %r1,S390X_PCC(%r4)
+ .long 0xb92c0000 # pcc
+
tmhh %r3,0x0004 # check for message-security-assist-4
jz .Lret
@@ -125,6 +137,7 @@ OPENSSL_s390x_functions:
.long 0xb93c0042 # prno %r4,%r2
lg %r2,S390X_STFLE+16(%r4)
+
tmhl %r2,0x2000 # check for message-security-assist-8
jz .Lret
@@ -132,6 +145,13 @@ OPENSSL_s390x_functions:
la %r1,S390X_KMA(%r4)
.long 0xb9294022 # kma %r2,%r4,%r2
+ tmhl %r2,0x0010 # check for message-security-assist-9
+ jz .Lret
+
+ lghi %r0,S390X_QUERY # query kdsa capability vector
+ la %r1,S390X_KDSA(%r4)
+ .long 0xb93a0002 # kdsa %r0,%r2
+
.Lret:
br $ra
.size OPENSSL_s390x_functions,.-OPENSSL_s390x_functions
@@ -422,6 +442,57 @@ s390x_kma:
___
}
+################
+# void s390x_pcc(unsigned int fc, void *param)
+{
+my ($fc,$param) = map("%r$_",(2..3));
+$code.=<<___;
+.globl s390x_pcc
+.type s390x_pcc,\@function
+.align 16
+s390x_pcc:
+ lr %r0,$fc
+ l${g}r %r1,$param
+ lhi %r2,0
+
+ .long 0xb92c0000 # pcc
+ brc 1,.-4 # pay attention to "partial completion"
+ brc 7,.Lpcc_err # if CC==0 return 0, else return 1
+.Lpcc_out:
+ br $ra
+.Lpcc_err:
+ lhi %r2,1
+ j .Lpcc_out
+.size s390x_pcc,.-s390x_pcc
+___
+}
+
+################
+# void s390x_kdsa(unsigned int fc, void *param,
+# const unsigned char *in, size_t len)
+{
+my ($fc,$param,$in,$len) = map("%r$_",(2..5));
+$code.=<<___;
+.globl s390x_kdsa
+.type s390x_kdsa,\@function
+.align 16
+s390x_kdsa:
+ lr %r0,$fc
+ l${g}r %r1,$param
+ lhi %r2,0
+
+ .long 0xb93a0004 # kdsa %r0,$in
+ brc 1,.-4 # pay attention to "partial completion"
+ brc 7,.Lkdsa_err # if CC==0 return 0, else return 1
+.Lkdsa_out:
+ br $ra
+.Lkdsa_err:
+ lhi %r2,1
+ j .Lkdsa_out
+.size s390x_kdsa,.-s390x_kdsa
+___
+}
+
$code.=<<___;
.section .init
brasl $ra,OPENSSL_cpuid_setup
diff --git a/doc/man3/OPENSSL_s390xcap.pod b/doc/man3/OPENSSL_s390xcap.pod
index 34c029a..e45da44 100644
--- a/doc/man3/OPENSSL_s390xcap.pod
+++ b/doc/man3/OPENSSL_s390xcap.pod
@@ -34,14 +34,14 @@ There are three types of tokens:
The name of a processor generation. A bit in the environment variable's
mask is set to one if and only if the specified processor generation
implements the corresponding instruction set extension. Possible values
-are z900, z990, z9, z10, z196, zEC12, z13 and z14.
+are z900, z990, z9, z10, z196, zEC12, z13, z14 and z15.
=item <string>:<mask>:<mask>
The name of an instruction followed by two 64-bit masks. The part of the
environment variable's mask corresponding to the specified instruction is
set to the specified 128-bit mask. Possible values are kimd, klmd, km, kmc,
-kmac, kmctr, kmo, kmf, prno and kma.
+kmac, kmctr, kmo, kmf, prno, kma, pcc and kdsa.
=item stfle:<mask>:<mask>:<mask>
@@ -139,6 +139,21 @@ the numbering is continuous across 64-bit mask boundaries.
# 20 1<<43 KMA-GCM-AES-256
:
+ pcc :
+ :
+ # 64 1<<63 PCC-Scalar-Multiply-P256
+ # 65 1<<62 PCC-Scalar-Multiply-P384
+ # 66 1<<61 PCC-Scalar-Multiply-P521
+
+ kdsa :
+ # 1 1<<62 KDSA-ECDSA-Verify-P256
+ # 2 1<<61 KDSA-ECDSA-Verify-P384
+ # 3 1<<60 KDSA-ECDSA-Verify-P521
+ # 9 1<<54 KDSA-ECDSA-Sign-P256
+ # 10 1<<53 KDSA-ECDSA-Sign-P384
+ # 11 1<<52 KDSA-ECDSA-Sign-P521
+ :
+
=head1 RETURN VALUES
Not available.
@@ -159,7 +174,7 @@ Disables the KM-XTS-AES and and the KIMD-SHAKE function codes:
=head1 SEE ALSO
-[1] z/Architecture Principles of Operation, SA22-7832-11
+[1] z/Architecture Principles of Operation, SA22-7832-12
=head1 COPYRIGHT
More information about the openssl-commits
mailing list