Skip to content

x86_64: Replace rej_uniform_eta2/eta4 intrinsics with hand-written assembly #1188

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
jakemas wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

x86_64: Replace rej_uniform_eta2/eta4 intrinsics with hand-written assembly #1188

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions BIBLIOGRAPHY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -279,8 +279,8 @@ source code and documentation.
- [dev/x86_64/src/polyz_unpack_17_avx2_asm.S](dev/x86_64/src/polyz_unpack_17_avx2_asm.S)
- [dev/x86_64/src/polyz_unpack_19_avx2_asm.S](dev/x86_64/src/polyz_unpack_19_avx2_asm.S)
- [dev/x86_64/src/rej_uniform_avx2.c](dev/x86_64/src/rej_uniform_avx2.c)
- [dev/x86_64/src/rej_uniform_eta2_avx2.c](dev/x86_64/src/rej_uniform_eta2_avx2.c)
- [dev/x86_64/src/rej_uniform_eta4_avx2.c](dev/x86_64/src/rej_uniform_eta4_avx2.c)
- [dev/x86_64/src/rej_uniform_eta2_avx2_asm.S](dev/x86_64/src/rej_uniform_eta2_avx2_asm.S)
- [dev/x86_64/src/rej_uniform_eta4_avx2_asm.S](dev/x86_64/src/rej_uniform_eta4_avx2_asm.S)
- [mldsa/src/native/x86_64/src/intt_avx2_asm.S](mldsa/src/native/x86_64/src/intt_avx2_asm.S)
- [mldsa/src/native/x86_64/src/ntt_avx2_asm.S](mldsa/src/native/x86_64/src/ntt_avx2_asm.S)
- [mldsa/src/native/x86_64/src/nttunpack_avx2_asm.S](mldsa/src/native/x86_64/src/nttunpack_avx2_asm.S)
Expand All @@ -297,8 +297,8 @@ source code and documentation.
- [mldsa/src/native/x86_64/src/polyz_unpack_17_avx2_asm.S](mldsa/src/native/x86_64/src/polyz_unpack_17_avx2_asm.S)
- [mldsa/src/native/x86_64/src/polyz_unpack_19_avx2_asm.S](mldsa/src/native/x86_64/src/polyz_unpack_19_avx2_asm.S)
- [mldsa/src/native/x86_64/src/rej_uniform_avx2.c](mldsa/src/native/x86_64/src/rej_uniform_avx2.c)
- [mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2.c](mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2.c)
- [mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2.c](mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2.c)
- [mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2_asm.S](mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2_asm.S)
- [mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2_asm.S](mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2_asm.S)
- [proofs/hol_light/x86_64/mldsa/intt_avx2_asm.S](proofs/hol_light/x86_64/mldsa/intt_avx2_asm.S)
- [proofs/hol_light/x86_64/mldsa/ntt_avx2_asm.S](proofs/hol_light/x86_64/mldsa/ntt_avx2_asm.S)
- [proofs/hol_light/x86_64/mldsa/nttunpack_avx2_asm.S](proofs/hol_light/x86_64/mldsa/nttunpack_avx2_asm.S)
Expand All @@ -310,6 +310,8 @@ source code and documentation.
- [proofs/hol_light/x86_64/mldsa/poly_chknorm_avx2_asm.S](proofs/hol_light/x86_64/mldsa/poly_chknorm_avx2_asm.S)
- [proofs/hol_light/x86_64/mldsa/polyz_unpack_17_avx2_asm.S](proofs/hol_light/x86_64/mldsa/polyz_unpack_17_avx2_asm.S)
- [proofs/hol_light/x86_64/mldsa/polyz_unpack_19_avx2_asm.S](proofs/hol_light/x86_64/mldsa/polyz_unpack_19_avx2_asm.S)
- [proofs/hol_light/x86_64/mldsa/rej_uniform_eta2_avx2_asm.S](proofs/hol_light/x86_64/mldsa/rej_uniform_eta2_avx2_asm.S)
- [proofs/hol_light/x86_64/mldsa/rej_uniform_eta4_avx2_asm.S](proofs/hol_light/x86_64/mldsa/rej_uniform_eta4_avx2_asm.S)

### `Round3_Spec`

Expand Down
6 changes: 4 additions & 2 deletions dev/x86_64/meta.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,8 @@ static MLD_INLINE int mld_rej_uniform_eta2_native(int32_t *r, unsigned len,
* We declassify prior the input data and mark the outputs as secret.
*/
MLD_CT_TESTING_DECLASSIFY(buf, buflen);
outlen = mld_rej_uniform_eta2_avx2(r, buf);
outlen = mld_rej_uniform_eta2_avx2_asm(
r, buf, (const uint8_t *)mld_rej_uniform_table);
MLD_CT_TESTING_SECRET(r, sizeof(int32_t) * outlen);
/* Safety: outlen is at most MLDSA_N and, hence, this cast is safe. */
return (int)outlen;
Expand Down Expand Up @@ -135,7 +136,8 @@ static MLD_INLINE int mld_rej_uniform_eta4_native(int32_t *r, unsigned len,
* We declassify prior the input data and mark the outputs as secret.
*/
MLD_CT_TESTING_DECLASSIFY(buf, buflen);
outlen = mld_rej_uniform_eta4_avx2(r, buf);
outlen = mld_rej_uniform_eta4_avx2_asm(
r, buf, (const uint8_t *)mld_rej_uniform_table);
MLD_CT_TESTING_SECRET(r, sizeof(int32_t) * outlen);
/* Safety: outlen is at most MLDSA_N and, hence, this cast is safe. */
return (int)outlen;
Expand Down
38 changes: 30 additions & 8 deletions dev/x86_64/src/arith_native_x86_64.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,15 +83,37 @@ unsigned mld_rej_uniform_avx2(int32_t *r,
const uint8_t buf[MLD_AVX2_REJ_UNIFORM_BUFLEN]);

#if !defined(MLD_CONFIG_NO_KEYPAIR_API)
#define mld_rej_uniform_eta2_avx2 MLD_NAMESPACE(mld_rej_uniform_eta2_avx2)
MLD_MUST_CHECK_RETURN_VALUE
unsigned mld_rej_uniform_eta2_avx2(
int32_t *r, const uint8_t buf[MLD_AVX2_REJ_UNIFORM_ETA2_BUFLEN]);
#define mld_rej_uniform_eta2_avx2_asm MLD_NAMESPACE(rej_uniform_eta2_avx2_asm)
/* This contract must be kept in sync with the HOL-Light specification
* in proofs/hol_light/x86_64/proofs/rej_uniform_eta2_avx2_asm.ml */
MLD_MUST_CHECK_RETURN_VALUE MLD_SYSV_ABI
unsigned mld_rej_uniform_eta2_avx2_asm(
int32_t *r, const uint8_t buf[MLD_AVX2_REJ_UNIFORM_ETA2_BUFLEN],
const uint8_t *table)
__contract__(
requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
requires(memory_no_alias(buf, MLD_AVX2_REJ_UNIFORM_ETA2_BUFLEN))
requires(table == mld_rej_uniform_table)
assigns(memory_slice(r, sizeof(int32_t) * MLDSA_N))
ensures(return_value <= MLDSA_N)
ensures(array_bound(r, 0, return_value, -2, 2))
);

#define mld_rej_uniform_eta4_avx2 MLD_NAMESPACE(mld_rej_uniform_eta4_avx2)
MLD_MUST_CHECK_RETURN_VALUE
unsigned mld_rej_uniform_eta4_avx2(
int32_t *r, const uint8_t buf[MLD_AVX2_REJ_UNIFORM_ETA4_BUFLEN]);
#define mld_rej_uniform_eta4_avx2_asm MLD_NAMESPACE(rej_uniform_eta4_avx2_asm)
/* This contract must be kept in sync with the HOL-Light specification
* in proofs/hol_light/x86_64/proofs/rej_uniform_eta4_avx2_asm.ml */
MLD_MUST_CHECK_RETURN_VALUE MLD_SYSV_ABI
unsigned mld_rej_uniform_eta4_avx2_asm(
int32_t *r, const uint8_t buf[MLD_AVX2_REJ_UNIFORM_ETA4_BUFLEN],
const uint8_t *table)
__contract__(
requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
requires(memory_no_alias(buf, MLD_AVX2_REJ_UNIFORM_ETA4_BUFLEN))
requires(table == mld_rej_uniform_table)
assigns(memory_slice(r, sizeof(int32_t) * MLDSA_N))
ensures(return_value <= MLDSA_N)
ensures(array_bound(r, 0, return_value, -4, 4))
);
#endif /* !MLD_CONFIG_NO_KEYPAIR_API */

#if !defined(MLD_CONFIG_NO_SIGN_API)
Expand Down
157 changes: 0 additions & 157 deletions dev/x86_64/src/rej_uniform_eta2_avx2.c
View file
Open in desktop

This file was deleted.

Loading
Loading