RFR: 8252204: AArch64: Implement SHA3 accelerator/intrinsic [v9]

Vladimir Kozlov kvn at openjdk.java.net
Mon Oct 19 20:29:18 UTC 2020


On Mon, 19 Oct 2020 11:14:22 GMT, Fei Yang <fyang at openjdk.org> wrote:

>> Contributed-by: ard.biesheuvel at linaro.org, dongbo4 at huawei.com
>> 
>> This added an intrinsic for SHA3 using aarch64 v8.2 SHA3 Crypto Extensions.
>> Reference implementation for core SHA-3 transform using ARMv8.2 Crypto Extensions:
>> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/arch/arm64/crypto/sha3-ce-core.S?h=v5.4.52
>> 
>> Trivial adaptation in SHA3. implCompress is needed for the purpose of adding the intrinsic.
>> For SHA3, we need to pass one extra parameter "digestLength" to the stub for the calculation of block size.
>> "digestLength" is also used in for the EOR loop before keccak to differentiate different SHA3 variants.
>> 
>> We added jtreg tests for SHA3 and used QEMU system emulator which supports SHA3 instructions to test the functionality.
>> Patch passed jtreg tier1-3 tests with QEMU system emulator.
>> Also verified with jtreg tier1-3 tests without SHA3 instructions on aarch64-linux-gnu and x86_64-linux-gnu, to make
>> sure that there's no regression.
>> We used one existing JMH test for performance test: test/micro/org/openjdk/bench/java/security/MessageDigests.java
>> We measured the performance benefit with an aarch64 cycle-accurate simulator.
>> Patch delivers 20% - 40% performance improvement depending on specific SHA3 digest length and size of the message.
>> 
>> For now, this feature will not be enabled automatically for aarch64. We can auto-enable this when it is fully tested on
>> real hardware.  But for the above testing purposes, this is auto-enabled when the corresponding hardware feature is
>> detected.
>
> Fei Yang has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains
> 11 commits:
>  - Merge master
>  - Remove unnecessary code changes in vm_version_aarch64.cpp
>  - Merge master
>  - Merge master
>  - Merge master
>  - Merge master
>  - Add sha3 instructions to cpu/aarch64/aarch64-asmtest.py and regenerate the test in assembler_aarch64.cpp:asm_check
>  - Rebase
>  - Merge master
>  - Fix trailing whitespace issue
>  - ... and 1 more: https://git.openjdk.java.net/jdk/compare/e9be2db7...05551701

Always run graalunit testing with new intrinsics. You need to adjust Graal test:
src/jdk.internal.vm.compiler/share/classes/org.graalvm.compiler.hotspot.test/src/org/graalvm/compiler/hotspot/test/CheckGraalIntrinsics.java

-------------

Changes requested by kvn (Reviewer).

PR: https://git.openjdk.java.net/jdk/pull/207



More information about the security-dev mailing list