From 19e3bda492031529766b3e22b99b5a4cf7c7267eba7e1f2a36e25cb3cb0f666d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Fri, 20 Dec 2024 16:06:06 +0100 Subject: [PATCH] Sync from SUSE:SLFO:Main libnettle revision beecde3c4d24cfc4bf673713bb39b001 --- ...e-powerpc64-remove-m4_unquote-sha256.patch | 75 ++++++++++++ ...ck-offset-for-non-volatile-registers.patch | 45 +++++++ ...werpc64-sha256-fix-loading-overreads.patch | 112 ++++++++++++++++++ libnettle-powerpc64-skip-AES-GCM-test.patch | 13 ++ libnettle.changes | 42 +++++++ libnettle.spec | 9 +- nettle-3.10.tar.gz | 3 + nettle-3.10.tar.gz.sig | Bin 0 -> 374 bytes nettle-3.9.1.tar.gz | 3 - nettle-3.9.1.tar.gz.sig | Bin 374 -> 0 bytes 10 files changed, 297 insertions(+), 5 deletions(-) create mode 100644 libnettle-powerpc64-remove-m4_unquote-sha256.patch create mode 100644 libnettle-powerpc64-sha256-adjust-stack-offset-for-non-volatile-registers.patch create mode 100644 libnettle-powerpc64-sha256-fix-loading-overreads.patch create mode 100644 libnettle-powerpc64-skip-AES-GCM-test.patch create mode 100644 nettle-3.10.tar.gz create mode 100644 nettle-3.10.tar.gz.sig delete mode 100644 nettle-3.9.1.tar.gz delete mode 100644 nettle-3.9.1.tar.gz.sig diff --git a/libnettle-powerpc64-remove-m4_unquote-sha256.patch b/libnettle-powerpc64-remove-m4_unquote-sha256.patch new file mode 100644 index 0000000..e23bb14 --- /dev/null +++ b/libnettle-powerpc64-remove-m4_unquote-sha256.patch @@ -0,0 +1,75 @@ +From 95d7ebbafaea628751e35d2ce1c4c5d2617ed5de Mon Sep 17 00:00:00 2001 +From: Eric Richter +Date: Thu, 20 Jun 2024 13:43:57 -0500 +Subject: [PATCH] powerpc64: remove use of m4_unquote in the load step for + sha256 + +By passing in the constant offset value into the LOAD macro, the use of +m4_unquote to calculate the correct constant GPR can be avoided, +improving readability. + +Signed-off-by: Eric Richter +--- + powerpc64/p8/sha256-compress-n.asm | 36 +++++++++++++++--------------- + 1 file changed, 18 insertions(+), 18 deletions(-) + +diff --git a/powerpc64/p8/sha256-compress-n.asm b/powerpc64/p8/sha256-compress-n.asm +index 4848461e..309db1fa 100644 +--- a/powerpc64/p8/sha256-compress-n.asm ++++ b/powerpc64/p8/sha256-compress-n.asm +@@ -177,34 +177,34 @@ define(`EXTENDROUNDS', ` + ') + + define(`LOAD', ` +- IF_BE(`lxvw4x VSR(IV($1)), m4_unquote(TC`'eval(($1 % 4) * 4)), INPUT') ++ IF_BE(`lxvw4x VSR(IV($1)), $2, INPUT') + IF_LE(` +- lxvd2x VSR(IV($1)), m4_unquote(TC`'eval(($1 % 4) * 4)), INPUT ++ lxvd2x VSR(IV($1)), $2, INPUT + vperm IV($1), IV($1), IV($1), VT0 + ') + ') + + define(`DOLOADS', ` + IF_LE(`DATA_LOAD_VEC(VT0, .load_swap, T1)') +- LOAD(0) +- LOAD(1) +- LOAD(2) +- LOAD(3) ++ LOAD(0, TC0) ++ LOAD(1, TC4) ++ LOAD(2, TC8) ++ LOAD(3, TC12) + addi INPUT, INPUT, 16 +- LOAD(4) +- LOAD(5) +- LOAD(6) +- LOAD(7) ++ LOAD(4, TC0) ++ LOAD(5, TC4) ++ LOAD(6, TC8) ++ LOAD(7, TC12) + addi INPUT, INPUT, 16 +- LOAD(8) +- LOAD(9) +- LOAD(10) +- LOAD(11) ++ LOAD(8, TC0) ++ LOAD(9, TC4) ++ LOAD(10, TC8) ++ LOAD(11, TC12) + addi INPUT, INPUT, 16 +- LOAD(12) +- LOAD(13) +- LOAD(14) +- LOAD(15) ++ LOAD(12, TC0) ++ LOAD(13, TC4) ++ LOAD(14, TC8) ++ LOAD(15, TC12) + addi INPUT, INPUT, 16 + ') + +-- +GitLab + diff --git a/libnettle-powerpc64-sha256-adjust-stack-offset-for-non-volatile-registers.patch b/libnettle-powerpc64-sha256-adjust-stack-offset-for-non-volatile-registers.patch new file mode 100644 index 0000000..bd0e34e --- /dev/null +++ b/libnettle-powerpc64-sha256-adjust-stack-offset-for-non-volatile-registers.patch @@ -0,0 +1,45 @@ +From 9d8b3e93bbfea1da668a28760540a2b25fae4a50 Mon Sep 17 00:00:00 2001 +From: Eric Richter +Date: Thu, 29 Aug 2024 09:44:25 -0500 +Subject: [PATCH] powerpc64/sha256: adjust stack offset for storing + non-volatile registers + +According to the ABI, the stack pointer is quadword aligned, so starting +the stack storage at offset -8, may cause the return address to be +stepped on. Adjusting to use -16 as the starting point, which also +matches other POWER assembly code. + +Signed-off-by: Eric Richter +--- + powerpc64/p8/sha256-compress-n.asm | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/powerpc64/p8/sha256-compress-n.asm b/powerpc64/p8/sha256-compress-n.asm +index 309db1fa..e08ae132 100644 +--- a/powerpc64/p8/sha256-compress-n.asm ++++ b/powerpc64/p8/sha256-compress-n.asm +@@ -216,8 +216,8 @@ PROLOGUE(_nettle_sha256_compress_n) + + C Store non-volatile registers + +- li T0, -8 +- li T1, -24 ++ li T0, -16 ++ li T1, -32 + stvx v20, T0, SP + stvx v21, T1, SP + subi T0, T0, 32 +@@ -321,8 +321,8 @@ PROLOGUE(_nettle_sha256_compress_n) + + + C Restore nonvolatile registers +- li T0, -8 +- li T1, -24 ++ li T0, -16 ++ li T1, -32 + lvx v20, T0, SP + lvx v21, T1, SP + subi T0, T0, 32 +-- +GitLab + diff --git a/libnettle-powerpc64-sha256-fix-loading-overreads.patch b/libnettle-powerpc64-sha256-fix-loading-overreads.patch new file mode 100644 index 0000000..f57ec95 --- /dev/null +++ b/libnettle-powerpc64-sha256-fix-loading-overreads.patch @@ -0,0 +1,112 @@ +From 89ae5b24c6d052aa4d9b14c9a50b3c62b5636d81 Mon Sep 17 00:00:00 2001 +From: Eric Richter +Date: Wed, 11 Sep 2024 13:53:48 -0500 +Subject: [PATCH] powerpc64/sha256: fix loading overreads by loading less and + shifting + +Originally, the 16 input words were loaded with 16 individual vector load +instructions. This has a side effect where the last three loads would +overread 1/2/3 extra words. + +Fix the overread by replacing unnecessary overlapped reads with shifts. +As a consequence, the constant registers for 4,8,12 can be removed, and +also gain about 1~2% in performance. + +Signed-off-by: Eric Richter +--- + powerpc64/p8/sha256-compress-n.asm | 44 +++++++++++------------------- + 1 file changed, 16 insertions(+), 28 deletions(-) + +diff --git a/powerpc64/p8/sha256-compress-n.asm b/powerpc64/p8/sha256-compress-n.asm +index e08ae132..75666deb 100644 +--- a/powerpc64/p8/sha256-compress-n.asm ++++ b/powerpc64/p8/sha256-compress-n.asm +@@ -44,10 +44,7 @@ define(`T1', `r8') + define(`TK', `r9') + define(`COUNT', `r10') + define(`TC0', `0') C Index instructions allow literal 0 instead of a GPR +-define(`TC4', `r11') +-define(`TC8', `r12') +-define(`TC12', `r14') +-define(`TC16', `r15') ++define(`TC16', `r11') + + C State registers + define(`VSA', `v0') +@@ -187,24 +184,24 @@ define(`LOAD', ` + define(`DOLOADS', ` + IF_LE(`DATA_LOAD_VEC(VT0, .load_swap, T1)') + LOAD(0, TC0) +- LOAD(1, TC4) +- LOAD(2, TC8) +- LOAD(3, TC12) ++ vsldoi IV(1), IV(0), IV(0), 4 ++ vsldoi IV(2), IV(0), IV(0), 8 ++ vsldoi IV(3), IV(0), IV(0), 12 + addi INPUT, INPUT, 16 + LOAD(4, TC0) +- LOAD(5, TC4) +- LOAD(6, TC8) +- LOAD(7, TC12) ++ vsldoi IV(5), IV(4), IV(4), 4 ++ vsldoi IV(6), IV(4), IV(4), 8 ++ vsldoi IV(7), IV(4), IV(4), 12 + addi INPUT, INPUT, 16 + LOAD(8, TC0) +- LOAD(9, TC4) +- LOAD(10, TC8) +- LOAD(11, TC12) ++ vsldoi IV(9), IV(8), IV(8), 4 ++ vsldoi IV(10), IV(8), IV(8), 8 ++ vsldoi IV(11), IV(8), IV(8), 12 + addi INPUT, INPUT, 16 + LOAD(12, TC0) +- LOAD(13, TC4) +- LOAD(14, TC8) +- LOAD(15, TC12) ++ vsldoi IV(13), IV(12), IV(12), 4 ++ vsldoi IV(14), IV(12), IV(12), 8 ++ vsldoi IV(15), IV(12), IV(12), 12 + addi INPUT, INPUT, 16 + ') + +@@ -216,6 +213,8 @@ PROLOGUE(_nettle_sha256_compress_n) + + C Store non-volatile registers + ++ ALIGN(16) C Appears necessary for optimal stores ++ li TC16, 16 + li T0, -16 + li T1, -32 + stvx v20, T0, SP +@@ -240,15 +239,8 @@ PROLOGUE(_nettle_sha256_compress_n) + subi T1, T1, 32 + stvx v30, T0, SP + stvx v31, T1, SP +- subi T0, T0, 32 +- subi T1, T1, 32 +- stdx r14, T0, SP +- stdx r15, T1, SP + +- li TC4, 4 +- li TC8, 8 +- li TC12, 12 +- li TC16, 16 ++ ALIGN(16) C Appears necessary for optimal loads + + C Load state values + lxvw4x VSR(VSA), 0, STATE C VSA contains A,B,C,D +@@ -345,10 +337,6 @@ PROLOGUE(_nettle_sha256_compress_n) + subi T1, T1, 32 + lvx v30, T0, SP + lvx v31, T1, SP +- subi T0, T0, 32 +- subi T1, T1, 32 +- ldx r14, T0, SP +- ldx r15, T1, SP + + .done: + mr r3, INPUT +-- +GitLab + diff --git a/libnettle-powerpc64-skip-AES-GCM-test.patch b/libnettle-powerpc64-skip-AES-GCM-test.patch new file mode 100644 index 0000000..e1694da --- /dev/null +++ b/libnettle-powerpc64-skip-AES-GCM-test.patch @@ -0,0 +1,13 @@ +Index: nettle-3.10/testsuite/Makefile.in +=================================================================== +--- nettle-3.10.orig/testsuite/Makefile.in ++++ nettle-3.10/testsuite/Makefile.in +@@ -28,7 +28,7 @@ TS_NETTLE_SOURCES = aes-test.c aes-keywr + streebog-test.c sm3-test.c sm4-test.c \ + serpent-test.c twofish-test.c version-test.c \ + knuth-lfib-test.c \ +- cbc-test.c cfb-test.c ctr-test.c gcm-test.c eax-test.c ccm-test.c \ ++ cbc-test.c cfb-test.c ctr-test.c eax-test.c ccm-test.c \ + cmac-test.c ocb-test.c siv-cmac-test.c siv-gcm-test.c \ + poly1305-test.c chacha-poly1305-test.c \ + hmac-test.c umac-test.c \ diff --git a/libnettle.changes b/libnettle.changes index df3a187..cd730a7 100644 --- a/libnettle.changes +++ b/libnettle.changes @@ -1,3 +1,45 @@ +------------------------------------------------------------------- +Tue Dec 3 08:07:16 UTC 2024 - Pedro Monreal + +- ppcl64le: POWER10 performance enhancements for cryptography [jsc#PED-9904] + * powerpc64/sha256: fix loading overreads by loading less and shifting + * powerpc64/sha256: adjust stack offset for storing non-volatile registers + * powerpc64: remove use of m4_unquote in the load step for sha256 + * Temporarily skip the gcm test: libnettle-powerpc64-skip-AES-GCM-test.patch + * Add patches: + - libnettle-powerpc64-sha256-fix-loading-overreads.patch + - libnettle-powerpc64-sha256-adjust-stack-offset-for-non-volatile-registers.patch + - libnettle-powerpc64-remove-m4_unquote-sha256.patch + +------------------------------------------------------------------- +Mon Jun 17 06:22:31 UTC 2024 - Pedro Monreal + +- Update to 3.10: + * Bug fixes: + - Add missing hash functions sha512_224 and sha512_256 to the + nettle_get_hashes() list. The name values in the + corresponding nettle_hash structs also changed to use + underscore instead of dash, for consistency. + - Fix a few cases of formally undefined calls to memcpy(dst, + NULL, 0), resulting from valid calls to, e.g., + sha256_update(ctx, 0, NULL). + * New features: + - Support RSA-OAEP encryption. Contributed by Nicolas Mora and Daiki Ueno. + - New function sha3_256_shake_output, new functions + sha3_128_init, sha3_128_update, sha3_128_shake, + sha3_128_shake_output. Contributed by Daiki Ueno. + - Added DRBG-CTR with AES256, contributed by Simon Josefsson. + * Optimizations: + - New combined gcm-aes assembly for powerpc64, contributed by Danny Tsen. + - New sha256 assembly for powerpc64, contributed by Eric Richter. + - Improved performance for powerpc64 AES decrypt, by skipping + subkey transformations that don't suit the vncipher instructions. + - Add arm64 CPU feature detection for Android and for Apple systems, + contributed by Foolbar and Tim Kosse, prespectively. + * Miscellaneous: + - New tests for side-channel silence, based on valgrind. + - Delete all md5 assembly code. Delete all sparc32 assembly code. + ------------------------------------------------------------------- Fri Jun 9 07:00:35 UTC 2023 - Pedro Monreal diff --git a/libnettle.spec b/libnettle.spec index e038f1d..3f72188 100644 --- a/libnettle.spec +++ b/libnettle.spec @@ -1,7 +1,7 @@ # # spec file for package libnettle # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %define soname 8 %define hogweed_soname 6 Name: libnettle -Version: 3.9.1 +Version: 3.10 Release: 0 Summary: Cryptographic Library License: GPL-2.0-or-later AND LGPL-2.1-or-later @@ -30,6 +30,11 @@ Source1: https://ftp.gnu.org/gnu/nettle/nettle-%{version}.tar.gz.sig Source2: %{name}.keyring Source3: baselibs.conf Source4: %{name}-rpmlintrc +# PATCH-FIX-UPSTREAM [jsc#PED-9904] ppcl64le: POWER10 performance enhancements for cryptography +Patch1: libnettle-powerpc64-remove-m4_unquote-sha256.patch +Patch2: libnettle-powerpc64-sha256-adjust-stack-offset-for-non-volatile-registers.patch +Patch3: libnettle-powerpc64-sha256-fix-loading-overreads.patch +Patch4: libnettle-powerpc64-skip-AES-GCM-test.patch BuildRequires: autoconf BuildRequires: fipscheck BuildRequires: gmp-devel >= 6.1.0 diff --git a/nettle-3.10.tar.gz b/nettle-3.10.tar.gz new file mode 100644 index 0000000..4b00350 --- /dev/null +++ b/nettle-3.10.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b4c518adb174e484cb4acea54118f02380c7133771e7e9beb98a0787194ee47c +size 2640485 diff --git a/nettle-3.10.tar.gz.sig b/nettle-3.10.tar.gz.sig new file mode 100644 index 0000000000000000000000000000000000000000000000000000000000000000..174abe58f430f7fb03518e089e018abaec3f144e34803e7ac8666e3c10a42fe7 GIT binary patch literal 374 zcmV-+0g3*J0doWZ0SW*e79j*QJTLJ3?q0&}zVn&$S)ceQ#&Vbi0%mUpKmZB}5c64| z_$bD5m>7@=|9A#sWt@v7cM^@74*bM8yc=cLqg%nDCGkt;Hj7Bk}0Xhb(ycZ zb+*!2$SXw|OkIp>7#A?|wpgGk+`kfQPk$lVG^6q?A|tmfwZ%y~uaKgQw1s1mEnM%g zK!rnEMFB>baDG;(PY-|xK)Hu3Cp!4kc+fq5xQ$|GN5+3St;%k@x*uh8509 z9Mm8eCev+g+r|_dOu;mj!FdICrngq`zXND5h5J+(Ch!W-W8uk&e0rn0QFs~!ClR6) z&LrjHpO3KoeB3_eU7!vQj^cjvqXsrLZ!U4;C(CH)8 U-k7gROMxfG79NG7seZKd{#D1XkpKVy literal 0 HcmV?d00001 diff --git a/nettle-3.9.1.tar.gz b/nettle-3.9.1.tar.gz deleted file mode 100644 index 9f180b6..0000000 --- a/nettle-3.9.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ccfeff981b0ca71bbd6fbcb054f407c60ffb644389a5be80d6716d5b550c6ce3 -size 2396741 diff --git a/nettle-3.9.1.tar.gz.sig b/nettle-3.9.1.tar.gz.sig deleted file mode 100644 index 709a2cf1e4c2e91de68465902b0a8cc03a90261449a6b679cff99c5a7901ea35..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 374 zcmV-+0g3*J0doWZ0SW*e79j*QJTLJ3?q0&}zVn&$S)ceQ#&Vbi0%UmS1ON&N5c64| z_$bD5n7vF1|6c81E>pgKDF+SOi&jaYzO%Z=`hG}C6wf2BhNbw~Z;by5+WHB^4VtLL zUXNsRmDta%-0j{*gSkiRXBzX&?N`BAVKw_fx+(jXrLrIcux-aQuR2{#rVaT+(A~dS zytez;<-67SuF&@WrXeBy^*tU?GfeQ(z*fnnrBZj3DB7>$0<=@)@iSe0EJix^U~(*9 zR8XPcccCKR?e+ytUUJ&Knw;3>l*`Y)^BBIf!X@&ZHZsrpZ4o>N23wqO8t@}C2TiZF z`25ydeYpIv7US_TNH#8d=DF9Oo0h+6f$7F-cah{B6Kk^L#q(0$CZFH8<7p4j6U|6# zDK_$%@h}?DvEu*T%GkR4!JVsno_@T!)?U^Zm>F#cWyAE@w6R{Pv U76Lf~{HeR=L}K8^Jw*