-
Notifications
You must be signed in to change notification settings - Fork 160
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Roadmap for adding PowerPC support to Vale #454
Comments
@mamonet, I have also been researching and developing in this area of the repository. The goal is to complete the following bounty: https://www.bountysource.com/issues/88058247-freebl-power-poly1305-mac-vector-acceleration. I was hoping to bring more clarity to the repo and think it might be beneficial to collaborate. Would you be interested in working together on the project? |
@MrDracoG, this issue is more specialized than the issue you have mentioned, working on this issue requires specific qualifications and experience. Let me explain what kind of work is required to accomplish this issue.
It's very difficult to get to the point where you can participate in this support and it's not at all like working on the issue you mentioned. I remember when I optimized AES-GCM algorithm on PowerPC architecture for freebl, it wasn't an easy task, I implemented a research that we wrote based on a novel algorithm using Assembly language to maximize the performance on that platform even though this can't be compared to this work as more specific techniques and approaches are involved here. |
Coming back from vacations... and just seeing this new roadmap. Thanks @mamonet. This seems overall reasonable but maybe @Chris-Hawblitzel has some thoughts on it. |
@msprotz @Chris-Hawblitzel To organize things more, I suggest creating a new branch in this repository to receive the pull requests once verified by IBM crypto team to submit them to HACL* team. Once the complete PowerPC support is in place and has the full functionalities, HACL* team can merge that particular branch to the upstream afterwards. |
This seems good to me -- a branch seems like a good way to go. I'd still like to hear whether @Chris-Hawblitzel will have enough time to follow this work closely (or maybe @parno ?) to make sure you don't get stuck needlessly. |
My advice is to start as simple as possible. I just added a directory https://github.com/project-everest/vale/tree/master/fstar/code/arch/x64simple to show simple definitions of x64 code. It excludes the following features that make the HACL* x64 definitions so complicated:
You can also look at the ARM definitions in https://github.com/project-everest/vale/tree/master/dafny/code/arch/arm -- these are for Dafny, but an F* version wouldn't be that different. |
Thanks, that makes adding support of another architecture much simpler for starters. I noticed that x64simple's modules utilize the the modules in directory https://github.com/project-everest/vale/tree/master/fstar/specs/hardware so I think I need to start with both directories to get the basic functionality of architecture support! |
Yes, that's right. Both directories are necessary. |
ref0: mamonet@ced6472#diff-c94ea0a116213844e7b57cf040c97564ae2d19f7f07e8e5cb3daf2fe7ac2ca82R31 |
I've added the basic PowerPC support to Vale by following the definitions in x64simple implementation mamonet/vale@66c6407 I also added this commit in a different branch to verify the new testing modules of PowerPC arch mamonet/vale@962f11b
Do you recommend adding those optional features to PowerPC support or we can jump right away and implement cryptographic algorithms using that basic support? |
I would recommend starting on the cryptographic algorithms using the basic support. |
In order to proceed with the roadmap, I've pushed a PR project-everest/vale#51 into Vale repository that adds basic PowerPC support. The patch covers more testing cases than the initial one that integrated now to SCons. |
I've added SHA implementation with HACL integration of vale support into my fork of repository mamonet@46e7e73 Hacl integration includes the following features.
SHA implementation in module Vale.SHA.PPC64LE.vaf follows the scheme of x64 SHA module by projecting OpenSSL implementation in high-assurance manner and utilizing common proofs where possible. The module still lacks the high-level proof of processing multiple blocks that supposed to be compatible with My practical observation is that using variable vector operands for example in Performance test |
There's still patches to follow to complete the roadmap. AES-GCM implementation is set to be released soon, there's a delay due to the GCM algorithm change, intel white paper is being implemented now. |
AES-GCM implementation has been added here #777 I aplologize for the dealys. |
Adding support of PowerPC to Vale give the chance to optimize algorithms that can't be improved by vectorization and have hardware-acceleration support, it also gives the flexibility to implement those algorithms using state-of-art researches like implementing the upcoming white paper "Optimize AES-GCM for PowerPC architecture processors" in HACL* which offers 25 times better performance than lookup-table-based C implementation.
It also has the opportunity to get higher speed for the vectorized algorithms by having more control over the execution flow of the assembly implementation.
However, adding support of any architecture to Vale implies a considerable amount of work, there are a lot of Low* and verified assembly modules that have to be implemented before jumping into algorithm implementations.
I'll list an initial roadmap of adding PowerPC support to Vale by following the scheme used for x86_64 architecture, I'll update the roadmap parodically to reflect fresh info or progression.
Vale PowerPC support upstream https://github.com/mamonet/vale
(Implemented modules)
Module
fstar/specs/hardware/PPC64LE.Machine_s
Module
fstar/specs/hardware/PPC64LE.Print_s
Module
fstar/specs/hardware/PPC64LE.Semantics_s
Module
fstar/code/arch/ppc64le/PPC64LE.Vale.Decls
Module
fstar/code/arch/ppc64le/PPC64LE.Vale.State
Module
fstar/code/arch/ppc64le/PPC64LE.Vale.Lemmas
Module
fstar/code/arch/ppc64le/PPC64LE.Vale.StateLemmas
Module
fstar/code/arch/ppc64le/PPC64LE.Vale.Regs
Module
fstar/code/arch/ppc64le/PPC64LE.Vale.Vecs
Module
fstar/code/arch/ppc64le/PPC64LE.Vale.InsMem.vaf
Module
fstar/code/arch/ppc64le/PPC64LE.Vale.InsBasic.vaf
Move operand
Conditional move operand
Add two operands
Add two loaded effective addresses
Add two operands with carry
Add two operands with overflow
Subtract two operands
Subtract two operands with borrow
Multiply two unsigned operands
Multiply two signed operands
Exclusive-or (Xor) two operands
And two operands
Shift left operand
Shift right operand
Module
fstar/code/arch/ppc64le/PPC64LE.Vale.InsVec.vaf
Vector add two operands
Vector exclusive-or (Xor) two operands
Vector And two operands
Vector shift left algebraic
Vector shift right algebraic
Vector shift right algebraic quadword
Vector shift left double by octet immediate (Concatenate two vector registers)
Vector permute
Vector compare equal unsigned doubleword
Module
fstar/code/test/PPC64LE.Test.Memcpy.vaf
Module
fstar/code/test/PPC64LE.Test.Basics.vaf
fstar/code/test/PowerTest.c
andfstar/code/test/PowerTest.ml
(Upcoming update)
module Vale.PPC64LE.CPU_Features_s
Accelerate Chacha20, Poly1305
Accelerate AES, GHASH, SHA-256, and SHA-512.
module Vale.PPC64LE.CryptoInstructions_s
module Vale.PPC64LE.InsAes
Vector AES Cipher
Vector AES Cipher Last
Vector AES Inverse Cipher
Vector AES Inverse Cipher Last
Vector AES SubBytes
module Vale.PPC64LE.InsGcm
Vector Polynomial Multiply-Sum Doubleword
module Vale.PPC64LE.InsSha
Vector SHA-256 Sigma Word
Vector SHA-512 Sigma Doubleword
Code.Crypto.Aes.PPC64LE
Code.Crypto.ECC.PPC64LE
Code.Crypto.Sha.PPC64LE
(Optional features)
Module Vale.PPC64LE.Instructions_s
module Vale.PPC64LE.Leakage_s
module Vale.PPC64LE.Leakage_Ins
module Vale.PPC64LE.Leakage
module Vale.PPC64LE.Leakage_Helpers
module Vale.PPC64LE.QuickCodes
Code.Arch.PPC64LE.Interop
modulesDeveloper Qualifications (B.E.E.):
As usual adding support of PowerPC architecture to Vale will be sponsored by IBM and every update pack will be reviewed by IBM crypto team.
The text was updated successfully, but these errors were encountered: