RFR: 8355216: Accelerate P-256 arithmetic on aarch64 [v4]
Andrew Dinn
adinn at openjdk.org
Mon Feb 9 21:32:25 UTC 2026
On Thu, 5 Feb 2026 21:31:34 GMT, Ben Perez <bperez at openjdk.org> wrote:
>> n.b. Note that you can use `vs_even(a_vec)` and `vs_odd(a_vec)` to select vector subsequences `a_vec[0]` and `a_vec[2]` or `a_vec[1]` and `a_vec[3]` respectively. Likewise, there is `vs_front` and `vs_back` to select the first and second halves of the vector sequence.
>
> fixed this and in the process found a bug in the `vs_ldpq` method - it increased the address by 64 each iteration instead of 32
Oh, yes, well spotted. I checked the kyber/dilithium code and it appears all existing uses were only loading into a VSeq<2> so the bug never showed.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27946#discussion_r2781809207
More information about the security-dev
mailing list