| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <db513fd8-4723-4b4c-bc14-7da7222617b3@cryptogams.org> Date: Wed, 15 May 2024 11:06:58 +0200 From: Andy Polyakov <appro@...ptogams.org> To: Danny Tsen <dtsen@...ux.ibm.com>, linux-crypto@...r.kernel.org Cc: herbert@...dor.apana.org.au, leitao@...ian.org, nayna@...ux.ibm.com, linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org, mpe@...erman.id.au, ltcgcw@...ux.vnet.ibm.com, dtsen@...ibm.com Subject: Re: [PATCH 1/3] crypto: X25519 low-level primitives for ppc64le. Hi, > +SYM_FUNC_START(x25519_fe51_sqr_times) > ... > + > +.Lsqr_times_loop: > ... > + > + std 9,16(3) > + std 10,24(3) > + std 11,32(3) > + std 7,0(3) > + std 8,8(3) > + bdnz .Lsqr_times_loop I see no reason for why the stores can't be moved outside the loop in question. > +SYM_FUNC_START(x25519_fe51_frombytes) > +.align 5 > + > + li 12, -1 > + srdi 12, 12, 13 # 0x7ffffffffffff > + > + ld 5, 0(4) > + ld 6, 8(4) > + ld 7, 16(4) > + ld 8, 24(4) Is there actual guarantee that the byte input is 64-bit aligned? While it is true that processor is obliged to handle misaligned loads and stores by the ISA specification, them being inefficient doesn't go against it. Most notably inefficiency is likely to be noted at the page boundaries. What I'm trying to say is that it would be more appropriate to avoid the unaligned loads (and stores). Cheers.
Powered by blists - more mailing lists