RFR: 8334999: RISC-V: implement AES single block encryption/decryption intrinsics [v10]

[Arseny Bochkarev]

On Mon, 28 Oct 2024 07:23:15 GMT, Fei Yang <fyang at openjdk.org> wrote:

>> Arseny Bochkarev has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 17 commits:
>> 
>>  - Replace RISCV64 -> riscv64 in comment
>>  - Minor renaming of labels and reg_number
>>  - Use RISCV64 instead of RISCV
>>  - Fixed comment line
>>  - Rename reg_number -> rounds in aes_loadkeys
>>  - Fix typo
>>  - Use same keys for encryption and decryption
>>  - Multiversion decrypt intrinsic
>>  - Use one L_end for all AES key sizes
>>  - Multiversion encryption depending on keylen
>>  - ... and 7 more: https://git.openjdk.org/jdk/compare/d1540e2a...e90b0d05
>
> src/hotspot/cpu/riscv/stubGenerator_riscv.cpp line 2283:
> 
>> 2281:     for (int i = 0; i < rounds; i++) {
>> 2282:       __ vle32_v(working_vregs[i], key);
>> 2283:       __ vrev8_v(working_vregs[i], working_vregs[i]);
> 
> What's is this `vrev8_v` for? I wonder how this maps to the code-samples at [1]. Might deserve a code comment here. 
> 
> [1] https://github.com/riscv/riscv-crypto/blob/main/doc/vector/code-samples/zvkned.s

I'm not very familiar with OpenSSL but I guess it is just uses different endianness when storing the result :shrug:  (compared to [big-endian](https://docs.oracle.com/javase/specs/jvms/se23/html/jvms-2.html#jvms-2.11) JVM). I'll left the note on it in the code

> src/hotspot/cpu/riscv/vm_version_riscv.cpp line 423:
> 
>> 421: 
>> 422:   // AES
>> 423:   if (UseZvkn) {
> 
> Was checking and enablement for `UseAES` VM option missed here?
> 
> Reference: https://github.com/openjdk/jdk/blob/master/src/hotspot/cpu/aarch64/vm_version_aarch64.cpp#L289

Thanks! I like the way it is done in aarch64, so I used it here

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/19960#discussion_r1819743553
PR Review Comment: https://git.openjdk.org/jdk/pull/19960#discussion_r1819743506