Patch BoringSSL files for C tests

See #1684 (comment)
mit-plv · Oct 22, 2023 · f4f6951 · f4f6951
1 parent 6d981bc
commit f4f6951
Show file tree

Hide file tree

Showing 2 changed files with 69 additions and 0 deletions.
diff --git a/etc/ci/boringssl-patches/2023-10-05-p256-adx.patch b/etc/ci/boringssl-patches/2023-10-05-p256-adx.patch
@@ -0,0 +1,62 @@
+commit 20c9406971b39d214d4d6997f3a6e3ec772c440a
+Author: Andres Erbsen <[email protected]>
+Date:   Mon Sep 25 19:28:44 2023 +0000
+
+    Add table-independent x86+adx asm for P-256
+
+    With -march=haswell -DOPENSSL_SMALL=1 on cascadelake:
+    Did 9999 ECDH P-256 operations in 1062469us (9411.1 ops/sec) [+63.5%]
+    Did 25000 ECDSA P-256 signing operations in 1028302us (24311.9 ops/sec) [+48.9%]
+    Did 11004 ECDSA P-256 verify operations in 1072646us (10258.7 ops/sec) [+58.8%]
+
+    Same configuration measured no performance difference on haswell.
+
+    The added assembly code occupies 1352 bytes.
+
+    Change-Id: I42635b7a9bf24d942817976a5d4ce269f642251c
+    Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/63185
+    Reviewed-by: David Benjamin <[email protected]>
+    Commit-Queue: David Benjamin <[email protected]>
+
+diff --git a/third_party/fiat/p256_64.h b/third_party/fiat/p256_64.h
+index c77263843..a691407b6 100644
+--- a/third_party/fiat/p256_64.h
++++ b/third_party/fiat/p256_64.h
+@@ -1,3 +1,9 @@
++#include "../../crypto/internal.h"
++#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__) && defined(__x86_64__)
++void fiat_p256_adx_mul(uint64_t*, const uint64_t*, const uint64_t*);
++void fiat_p256_adx_sqr(uint64_t*, const uint64_t*);
++#endif
++
+ /* Autogenerated: 'src/ExtractionOCaml/word_by_word_montgomery' --inline --static --use-value-barrier p256 64 '2^256 - 2^224 + 2^192 + 2^96 - 1' mul square add sub opp from_montgomery to_montgomery nonzero selectznz to_bytes from_bytes one msat divstep divstep_precomp */
+ /* curve description: p256 */
+ /* machine_wordsize = 64 (from "64") */
+@@ -165,6 +171,13 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_cmovznz_u64(uint64_t* out1, fiat_p25
+  *
+  */
+ static FIAT_P256_FIAT_INLINE void fiat_p256_mul(fiat_p256_montgomery_domain_field_element out1, const fiat_p256_montgomery_domain_field_element arg1, const fiat_p256_montgomery_domain_field_element arg2) {
++#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__) && defined(__x86_64__)
++  if (CRYPTO_is_BMI1_capable() && CRYPTO_is_BMI2_capable() &&
++    CRYPTO_is_ADX_capable()) {
++      fiat_p256_adx_mul(out1, arg1, arg2);
++      return;
++  }
++#endif
+   uint64_t x1;
+   uint64_t x2;
+   uint64_t x3;
+@@ -472,6 +485,13 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_mul(fiat_p256_montgomery_domain_fiel
+  *
+  */
+ static FIAT_P256_FIAT_INLINE void fiat_p256_square(fiat_p256_montgomery_domain_field_element out1, const fiat_p256_montgomery_domain_field_element arg1) {
++#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__) && defined(__x86_64__)
++  if (CRYPTO_is_BMI1_capable() && CRYPTO_is_BMI2_capable() &&
++    CRYPTO_is_ADX_capable()) {
++      fiat_p256_adx_sqr(out1, arg1);
++      return;
++  }
++#endif
+   uint64_t x1;
+   uint64_t x2;
+   uint64_t x3;
diff --git a/etc/ci/test-fiat-c-boringssl.sh b/etc/ci/test-fiat-c-boringssl.sh
@@ -1,6 +1,8 @@
 #!/usr/bin/env bash
 # USAGE: $0 SUBCOMPONENT (e.g., fiat-c/src)
 
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
 ################################################################################
 # Tests for BoringSSL
 ################################################################################
@@ -32,6 +34,11 @@ echo "::group::Patching BoringSSL"
         cp "${SUBCOMPONENT_PATH}/${i/.h/.c}" "$i" || exit $?
       done ) || exit $?
     ( cd third_party/fiat && git --no-pager diff )
+    ( cd third_party/fiat &&
+      for i in "$DIR/boringssl-patches"/*.patch; do
+        git apply "$i"
+      done ) || exit $?
+    ( cd third_party/fiat && git --no-pager diff )
 }) || exit $?
 echo "::endgroup::"