RFR: 8337632: AES-GCM Algorithm optimization for x86_64 [v3]
Smita Kamath
svkamath at openjdk.org
Mon Sep 23 15:08:38 UTC 2024
On Mon, 2 Sep 2024 10:28:37 GMT, Jatin Bhateja <jbhateja at openjdk.org> wrote:
>> Smita Kamath has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Updated copyright dates and addressed review comments
>
> src/hotspot/cpu/x86/stubGenerator_x86_64_aes.cpp line 286:
>
>> 284: __ push(r15);//holds number of rounds
>> 285: __ push(rbx);//scratch register
>> 286: #ifdef _WIN64
>
> Should we replace these stack access with GPR to scratch register XMM and vice-versa transfers.
I am using all XMM registers from 0-31 in the code, so wont be able to do this change.
> src/hotspot/cpu/x86/stubGenerator_x86_64_ghash.cpp line 60:
>
>> 58: // Polynomial x^128+x^127+x^126+x^121+1
>> 59: ATTRIBUTE_ALIGNED(16) static const uint64_t GHASH_POLYNOMIAL[] = {
>> 60: 0x0000000000000001ULL, 0xC200000000000000ULL,
>
> As per https://www.intel.com/content/dam/develop/external/us/en/documents/clmul-wp-rev-2-02-2014-04-20.pdf and https://www.intel.com/content/dam/www/public/us/en/documents/software-support/enabling-high-performance-gcm.pdf
> reduction polynomial for GHASH should be "x^128 + x^7 + x^2 + x + 1".
>
> Also the polynomial defined in comments is not matching with the bit representation 1100 0010 <119 zeros> 1
The polynomial comes from the implementation mentioned in https://github.com/intel/intel-ipsec-mb/blob/main/lib/include/gcm_vaes_avx512.inc
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17515#discussion_r1771638716
PR Review Comment: https://git.openjdk.org/jdk/pull/17515#discussion_r1771638949
More information about the hotspot-compiler-dev
mailing list