pq_crypto 0.6.1 → 0.6.3

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/arith_native_x86_64.h

@@ -15,14 +15,14 @@
   (3 * 168) /* REJ_UNIFORM_NBLOCKS * SHAKE128_RATE */
 
 #define mlk_rej_uniform_table MLK_NAMESPACE(rej_uniform_table)
-extern const uint8_t mlk_rej_uniform_table[];
+MLK_INTERNAL_DATA_DECLARATION const uint8_t mlk_rej_uniform_table[4096];
 
-#define mlk_rej_uniform_asm MLK_NAMESPACE(rej_uniform_asm)
-MLK_MUST_CHECK_RETURN_VALUE
-uint64_t mlk_rej_uniform_asm(int16_t *r, const uint8_t *buf, unsigned buflen,
-                             const uint8_t *table)
+#define mlk_rej_uniform_avx2_asm MLK_NAMESPACE(rej_uniform_avx2_asm)
+MLK_MUST_CHECK_RETURN_VALUE MLK_SYSV_ABI
+uint64_t mlk_rej_uniform_avx2_asm(int16_t *r, const uint8_t *buf,
+                                  unsigned buflen, const uint8_t *table)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mlkem_rej_uniform.ml. */
+ * in proofs/hol_light/x86_64/proofs/rej_uniform_avx2_asm.ml. */
 __contract__(
     requires(buflen % 12 == 0)
     requires(memory_no_alias(buf, buflen))
@@ -33,10 +33,11 @@ __contract__(
     ensures(array_bound(r, 0, (unsigned) return_value, 0, MLKEM_Q))
 );
 
-#define mlk_ntt_avx2 MLK_NAMESPACE(ntt_avx2)
-void mlk_ntt_avx2(int16_t *r, const int16_t *qdata)
+#define mlk_ntt_avx2_asm MLK_NAMESPACE(ntt_avx2_asm)
+MLK_SYSV_ABI
+void mlk_ntt_avx2_asm(int16_t *r, const int16_t *qdata)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mlkem_ntt.ml */
+ * in proofs/hol_light/x86_64/proofs/ntt_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))
   requires(array_abs_bound(r, 0, MLKEM_N, 8192))
@@ -47,10 +48,11 @@ __contract__(
   /* check-magic: on */
 );
 
-#define mlk_invntt_avx2 MLK_NAMESPACE(invntt_avx2)
-void mlk_invntt_avx2(int16_t *r, const int16_t *qdata)
+#define mlk_invntt_avx2_asm MLK_NAMESPACE(invntt_avx2_asm)
+MLK_SYSV_ABI
+void mlk_invntt_avx2_asm(int16_t *r, const int16_t *qdata)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mlkem_intt.ml */
+ * in proofs/hol_light/x86_64/proofs/intt_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))
   requires(qdata == mlk_qdata)
@@ -60,10 +62,11 @@ __contract__(
   /* check-magic: on */
 );
 
-#define mlk_nttunpack_avx2 MLK_NAMESPACE(nttunpack_avx2)
-void mlk_nttunpack_avx2(int16_t *r)
+#define mlk_nttunpack_avx2_asm MLK_NAMESPACE(nttunpack_avx2_asm)
+MLK_SYSV_ABI
+void mlk_nttunpack_avx2_asm(int16_t *r)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mlkem_unpack.ml */
+ * in proofs/hol_light/x86_64/proofs/nttunpack_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))
   requires(array_bound(r, 0, MLKEM_N, 0, MLKEM_Q))
@@ -74,21 +77,24 @@ __contract__(
     r[i] == old(*(int16_t (*)[MLKEM_N])r)[j])))
 );
 
-#define mlk_reduce_avx2 MLK_NAMESPACE(reduce_avx2)
-void mlk_reduce_avx2(int16_t *r)
+#define mlk_reduce_avx2_asm MLK_NAMESPACE(reduce_avx2_asm)
+MLK_SYSV_ABI
+void mlk_reduce_avx2_asm(int16_t *r)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mlkem_reduce.ml */
+ * in proofs/hol_light/x86_64/proofs/reduce_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))
   assigns(memory_slice(r, sizeof(int16_t) * MLKEM_N))
   ensures(array_bound(r, 0, MLKEM_N, 0, MLKEM_Q))
 );
 
-#define mlk_poly_mulcache_compute_avx2 MLK_NAMESPACE(poly_mulcache_compute_avx2)
-void mlk_poly_mulcache_compute_avx2(int16_t *out, const int16_t *in,
-                                    const int16_t *qdata)
+#define mlk_poly_mulcache_compute_avx2_asm \
+  MLK_NAMESPACE(poly_mulcache_compute_avx2_asm)
+MLK_SYSV_ABI
+void mlk_poly_mulcache_compute_avx2_asm(int16_t *out, const int16_t *in,
+                                        const int16_t *qdata)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mlkem_mulcache_compute.ml */
+ * in proofs/hol_light/x86_64/proofs/poly_mulcache_compute_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(out, sizeof(int16_t) * (MLKEM_N / 2)))
   requires(memory_no_alias(in, sizeof(int16_t) * MLKEM_N))
@@ -97,14 +103,13 @@ __contract__(
   ensures(array_abs_bound(out, 0, MLKEM_N/2, MLKEM_Q))
 );
 
-#define mlk_polyvec_basemul_acc_montgomery_cached_asm_k2 \
-  MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2)
-void mlk_polyvec_basemul_acc_montgomery_cached_asm_k2(int16_t *r,
-                                                      const int16_t *a,
-                                                      const int16_t *b,
-                                                      const int16_t *b_cache)
+#define mlk_polyvec_basemul_acc_montgomery_cached_k2_avx2_asm \
+  MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_k2_avx2_asm)
+MLK_SYSV_ABI
+void mlk_polyvec_basemul_acc_montgomery_cached_k2_avx2_asm(
+    int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_poly_basemul_acc_montgomery_cached_k2.ml.
+ * proofs/hol_light/x86_64/proofs/polyvec_basemul_acc_montgomery_cached_k2_avx2_asm.ml.
  */
 __contract__(
     requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))
@@ -115,14 +120,13 @@ __contract__(
     assigns(memory_slice(r, sizeof(int16_t) * MLKEM_N))
 );
 
-#define mlk_polyvec_basemul_acc_montgomery_cached_asm_k3 \
-  MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3)
-void mlk_polyvec_basemul_acc_montgomery_cached_asm_k3(int16_t *r,
-                                                      const int16_t *a,
-                                                      const int16_t *b,
-                                                      const int16_t *b_cache)
+#define mlk_polyvec_basemul_acc_montgomery_cached_k3_avx2_asm \
+  MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_k3_avx2_asm)
+MLK_SYSV_ABI
+void mlk_polyvec_basemul_acc_montgomery_cached_k3_avx2_asm(
+    int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_poly_basemul_acc_montgomery_cached_k3.ml.
+ * proofs/hol_light/x86_64/proofs/polyvec_basemul_acc_montgomery_cached_k3_avx2_asm.ml.
  */
 __contract__(
     requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))
@@ -133,14 +137,13 @@ __contract__(
     assigns(memory_slice(r, sizeof(int16_t) * MLKEM_N))
 );
 
-#define mlk_polyvec_basemul_acc_montgomery_cached_asm_k4 \
-  MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4)
-void mlk_polyvec_basemul_acc_montgomery_cached_asm_k4(int16_t *r,
-                                                      const int16_t *a,
-                                                      const int16_t *b,
-                                                      const int16_t *b_cache)
+#define mlk_polyvec_basemul_acc_montgomery_cached_k4_avx2_asm \
+  MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_k4_avx2_asm)
+MLK_SYSV_ABI
+void mlk_polyvec_basemul_acc_montgomery_cached_k4_avx2_asm(
+    int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_poly_basemul_acc_montgomery_cached_k4.ml.
+ * proofs/hol_light/x86_64/proofs/polyvec_basemul_acc_montgomery_cached_k4_avx2_asm.ml.
  */
 __contract__(
     requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))
@@ -151,10 +154,11 @@ __contract__(
     assigns(memory_slice(r, sizeof(int16_t) * MLKEM_N))
 );
 
-#define mlk_ntttobytes_avx2 MLK_NAMESPACE(ntttobytes_avx2)
-void mlk_ntttobytes_avx2(uint8_t *r, const int16_t *a)
+#define mlk_ntttobytes_avx2_asm MLK_NAMESPACE(ntttobytes_avx2_asm)
+MLK_SYSV_ABI
+void mlk_ntttobytes_avx2_asm(uint8_t *r, const int16_t *a)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_tobytes.ml.
+ * proofs/hol_light/x86_64/proofs/ntttobytes_avx2_asm.ml.
  */
 __contract__(
   requires(memory_no_alias(r, MLKEM_POLYBYTES))
@@ -163,10 +167,11 @@ __contract__(
   assigns(memory_slice(r, MLKEM_POLYBYTES))
 );
 
-#define mlk_nttfrombytes_avx2 MLK_NAMESPACE(nttfrombytes_avx2)
-void mlk_nttfrombytes_avx2(int16_t *r, const uint8_t *a)
+#define mlk_nttfrombytes_avx2_asm MLK_NAMESPACE(nttfrombytes_avx2_asm)
+MLK_SYSV_ABI
+void mlk_nttfrombytes_avx2_asm(int16_t *r, const uint8_t *a)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_frombytes.ml.
+ * proofs/hol_light/x86_64/proofs/nttfrombytes_avx2_asm.ml.
  */
 __contract__(
   requires(memory_no_alias(a, MLKEM_POLYBYTES))
@@ -175,10 +180,11 @@ __contract__(
   ensures(array_bound(r, 0, MLKEM_N, 0, MLKEM_UINT12_LIMIT))
 );
 
-#define mlk_tomont_avx2 MLK_NAMESPACE(tomont_avx2)
-void mlk_tomont_avx2(int16_t *r)
+#define mlk_tomont_avx2_asm MLK_NAMESPACE(tomont_avx2_asm)
+MLK_SYSV_ABI
+void mlk_tomont_avx2_asm(int16_t *r)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_tomont.ml.
+ * proofs/hol_light/x86_64/proofs/tomont_avx2_asm.ml.
  */
 __contract__(
   requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))
@@ -186,12 +192,13 @@ __contract__(
   ensures(array_abs_bound(r, 0, MLKEM_N, MLKEM_Q))
 );
 
-#define mlk_poly_compress_d4_avx2 MLK_NAMESPACE(poly_compress_d4_avx2)
-void mlk_poly_compress_d4_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4],
-                               const int16_t *MLK_RESTRICT a,
-                               const uint8_t *data)
+#define mlk_poly_compress_d4_avx2_asm MLK_NAMESPACE(poly_compress_d4_avx2_asm)
+MLK_SYSV_ABI
+void mlk_poly_compress_d4_avx2_asm(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4],
+                                   const int16_t *MLK_RESTRICT a,
+                                   const uint8_t *data)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_poly_compress_d4.ml.
+ * proofs/hol_light/x86_64/proofs/poly_compress_d4_avx2_asm.ml.
  */
 __contract__(
   requires(memory_no_alias(r, MLKEM_POLYCOMPRESSEDBYTES_D4))
@@ -201,12 +208,14 @@ __contract__(
   assigns(memory_slice(r, MLKEM_POLYCOMPRESSEDBYTES_D4))
 );
 
-#define mlk_poly_decompress_d4_avx2 MLK_NAMESPACE(poly_decompress_d4_avx2)
-void mlk_poly_decompress_d4_avx2(int16_t *MLK_RESTRICT r,
-                                 const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4],
-                                 const uint8_t *data)
+#define mlk_poly_decompress_d4_avx2_asm \
+  MLK_NAMESPACE(poly_decompress_d4_avx2_asm)
+MLK_SYSV_ABI
+void mlk_poly_decompress_d4_avx2_asm(
+    int16_t *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4],
+    const uint8_t *data)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_poly_decompress_d4.ml.
+ * proofs/hol_light/x86_64/proofs/poly_decompress_d4_avx2_asm.ml.
  */
 __contract__(
   requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))
@@ -216,12 +225,13 @@ __contract__(
   ensures(array_bound(r, 0, MLKEM_N, 0, MLKEM_Q))
 );
 
-#define mlk_poly_compress_d10_avx2 MLK_NAMESPACE(poly_compress_d10_avx2)
-void mlk_poly_compress_d10_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10],
-                                const int16_t *MLK_RESTRICT a,
-                                const uint8_t *data)
+#define mlk_poly_compress_d10_avx2_asm MLK_NAMESPACE(poly_compress_d10_avx2_asm)
+MLK_SYSV_ABI
+void mlk_poly_compress_d10_avx2_asm(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10],
+                                    const int16_t *MLK_RESTRICT a,
+                                    const uint8_t *data)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_poly_compress_d10.ml.
+ * proofs/hol_light/x86_64/proofs/poly_compress_d10_avx2_asm.ml.
  */
 __contract__(
   requires(memory_no_alias(r, MLKEM_POLYCOMPRESSEDBYTES_D10))
@@ -231,12 +241,14 @@ __contract__(
   assigns(memory_slice(r, MLKEM_POLYCOMPRESSEDBYTES_D10))
 );
 
-#define mlk_poly_decompress_d10_avx2 MLK_NAMESPACE(poly_decompress_d10_avx2)
-void mlk_poly_decompress_d10_avx2(
+#define mlk_poly_decompress_d10_avx2_asm \
+  MLK_NAMESPACE(poly_decompress_d10_avx2_asm)
+MLK_SYSV_ABI
+void mlk_poly_decompress_d10_avx2_asm(
     int16_t *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D10],
     const uint8_t *data)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_poly_decompress_d10.ml.
+ * proofs/hol_light/x86_64/proofs/poly_decompress_d10_avx2_asm.ml.
  */
 __contract__(
   requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))
@@ -246,12 +258,13 @@ __contract__(
   ensures(array_bound(r, 0, MLKEM_N, 0, MLKEM_Q))
 );
 
-#define mlk_poly_compress_d5_avx2 MLK_NAMESPACE(poly_compress_d5_avx2)
-void mlk_poly_compress_d5_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5],
-                               const int16_t *MLK_RESTRICT a,
-                               const uint8_t *data)
+#define mlk_poly_compress_d5_avx2_asm MLK_NAMESPACE(poly_compress_d5_avx2_asm)
+MLK_SYSV_ABI
+void mlk_poly_compress_d5_avx2_asm(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5],
+                                   const int16_t *MLK_RESTRICT a,
+                                   const uint8_t *data)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_poly_compress_d5.ml.
+ * proofs/hol_light/x86_64/proofs/poly_compress_d5_avx2_asm.ml.
  */
 __contract__(
   requires(memory_no_alias(r, MLKEM_POLYCOMPRESSEDBYTES_D5))
@@ -261,12 +274,14 @@ __contract__(
   assigns(memory_slice(r, MLKEM_POLYCOMPRESSEDBYTES_D5))
 );
 
-#define mlk_poly_decompress_d5_avx2 MLK_NAMESPACE(poly_decompress_d5_avx2)
-void mlk_poly_decompress_d5_avx2(int16_t *MLK_RESTRICT r,
-                                 const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5],
-                                 const uint8_t *data)
+#define mlk_poly_decompress_d5_avx2_asm \
+  MLK_NAMESPACE(poly_decompress_d5_avx2_asm)
+MLK_SYSV_ABI
+void mlk_poly_decompress_d5_avx2_asm(
+    int16_t *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5],
+    const uint8_t *data)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_poly_decompress_d5.ml.
+ * proofs/hol_light/x86_64/proofs/poly_decompress_d5_avx2_asm.ml.
  */
 __contract__(
   requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))
@@ -276,12 +291,13 @@ __contract__(
   ensures(array_bound(r, 0, MLKEM_N, 0, MLKEM_Q))
 );
 
-#define mlk_poly_compress_d11_avx2 MLK_NAMESPACE(poly_compress_d11_avx2)
-void mlk_poly_compress_d11_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11],
-                                const int16_t *MLK_RESTRICT a,
-                                const uint8_t *data)
+#define mlk_poly_compress_d11_avx2_asm MLK_NAMESPACE(poly_compress_d11_avx2_asm)
+MLK_SYSV_ABI
+void mlk_poly_compress_d11_avx2_asm(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11],
+                                    const int16_t *MLK_RESTRICT a,
+                                    const uint8_t *data)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_poly_compress_d11.ml.
+ * proofs/hol_light/x86_64/proofs/poly_compress_d11_avx2_asm.ml.
  */
 __contract__(
   requires(memory_no_alias(r, MLKEM_POLYCOMPRESSEDBYTES_D11))
@@ -291,12 +307,14 @@ __contract__(
   assigns(memory_slice(r, MLKEM_POLYCOMPRESSEDBYTES_D11))
 );
 
-#define mlk_poly_decompress_d11_avx2 MLK_NAMESPACE(poly_decompress_d11_avx2)
-void mlk_poly_decompress_d11_avx2(
+#define mlk_poly_decompress_d11_avx2_asm \
+  MLK_NAMESPACE(poly_decompress_d11_avx2_asm)
+MLK_SYSV_ABI
+void mlk_poly_decompress_d11_avx2_asm(
     int16_t *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D11],
     const uint8_t *data)
 /* This must be kept in sync with the HOL-Light specification in
- * proofs/hol_light/x86_64/proofs/mlkem_poly_decompress_d11.ml.
+ * proofs/hol_light/x86_64/proofs/poly_decompress_d11_avx2_asm.ml.
  */
 __contract__(
   requires(memory_no_alias(r, sizeof(int16_t) * MLKEM_N))

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/compress_consts.c

@@ -19,25 +19,29 @@
     (defined(MLK_CONFIG_MULTILEVEL_WITH_SHARED) || MLKEM_K == 2 || \
      MLKEM_K == 3)
 
-MLK_ALIGN const uint8_t mlk_compress_d4_data[32] = {
-    0, 0, 0, 0, 4, 0, 0, 0, 1, 0, 0, 0, 5, 0, 0, 0,
-    2, 0, 0, 0, 6, 0, 0, 0, 3, 0, 0, 0, 7, 0, 0, 0, /* permdidx */
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint8_t
+    mlk_compress_d4_data[32] = {
+        0, 0, 0, 0, 4, 0, 0, 0, 1, 0, 0, 0, 5, 0, 0, 0,
+        2, 0, 0, 0, 6, 0, 0, 0, 3, 0, 0, 0, 7, 0, 0, 0, /* permdidx */
 };
 
-MLK_ALIGN const uint8_t mlk_decompress_d4_data[32] = {
-    0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2, 3, 3, 3, 3,
-    4, 4, 4, 4, 5, 5, 5, 5, 6, 6, 6, 6, 7, 7, 7, 7, /* shufbidx */
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint8_t
+    mlk_decompress_d4_data[32] = {
+        0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2, 3, 3, 3, 3,
+        4, 4, 4, 4, 5, 5, 5, 5, 6, 6, 6, 6, 7, 7, 7, 7, /* shufbidx */
 };
 
-MLK_ALIGN const uint8_t mlk_compress_d10_data[32] = {
-    0,   1,   2,   3,   4,   8, 9,  10, 11, 12,  255,
-    255, 255, 255, 255, 255, 9, 10, 11, 12, 255, 255,
-    255, 255, 255, 255, 0,   1, 2,  3,  4,  8, /* shufbidx */
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint8_t
+    mlk_compress_d10_data[32] = {
+        0,   1,   2,   3,   4,   8, 9,  10, 11, 12,  255,
+        255, 255, 255, 255, 255, 9, 10, 11, 12, 255, 255,
+        255, 255, 255, 255, 0,   1, 2,  3,  4,  8, /* shufbidx */
 };
 
-MLK_ALIGN const uint8_t mlk_decompress_d10_data[32] = {
-    0, 1, 1, 2, 2, 3, 3, 4, 5, 6, 6, 7, 7, 8,  8,  9,
-    2, 3, 3, 4, 4, 5, 5, 6, 7, 8, 8, 9, 9, 10, 10, 11, /* shufbidx */
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint8_t
+    mlk_decompress_d10_data[32] = {
+        0, 1, 1, 2, 2, 3, 3, 4, 5, 6, 6, 7, 7, 8,  8,  9,
+        2, 3, 3, 4, 4, 5, 5, 6, 7, 8, 8, 9, 9, 10, 10, 11, /* shufbidx */
 };
 
 #endif /* !MLK_CONFIG_MULTILEVEL_NO_SHARED &&                                 \
@@ -47,7 +51,7 @@ MLK_ALIGN const uint8_t mlk_decompress_d10_data[32] = {
 #if !defined(MLK_CONFIG_MULTILEVEL_NO_SHARED) && \
     (defined(MLK_CONFIG_MULTILEVEL_WITH_SHARED) || MLKEM_K == 4)
 
-MLK_ALIGN const uint8_t
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint8_t
     mlk_compress_d5_data[32] = {
         0, 1,  2,  3,  4,   255, 255, 255, 255, 255, 8,
         9, 10, 11, 12, 255, 9,   10,  11,  12,  255, 0,
@@ -55,33 +59,39 @@ MLK_ALIGN const uint8_t
 };
 
 /* shufbidx[0:32], mask[32:64], shift[64:96] */
-MLK_ALIGN const uint8_t mlk_decompress_d5_data[96] = {
-    0,   0, 0,   1, 1,   1,  1,   2,  2,   3, 3,   3, 3,   4, 4,   4, 5,  5,
-    5,   6, 6,   6, 6,   7,  7,   8,  8,   8, 8,   9, 9,   9, /* shufbidx */
-    31,  0, 224, 3, 124, 0,  128, 15, 240, 1, 62,  0, 192, 7, 248, 0, 31, 0,
-    224, 3, 124, 0, 128, 15, 240, 1,  62,  0, 192, 7, 248, 0, /* mask */
-    0,   4, 32,  0, 0,   1,  8,   0,  64,  0, 0,   2, 16,  0, 128, 0, 0,  4,
-    32,  0, 0,   1, 8,   0,  64,  0,  0,   2, 16,  0, 128, 0, /* shift */
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint8_t
+    mlk_decompress_d5_data[96] = {
+        0,   0, 0,   1, 1,   1,  1,   2,  2,   3, 3,   3, 3,   4, 4,   4, 5,  5,
+        5,   6, 6,   6, 6,   7,  7,   8,  8,   8, 8,   9, 9,   9, /* shufbidx */
+        31,  0, 224, 3, 124, 0,  128, 15, 240, 1, 62,  0, 192, 7, 248, 0, 31, 0,
+        224, 3, 124, 0, 128, 15, 240, 1,  62,  0, 192, 7, 248, 0, /* mask */
+        0,   4, 32,  0, 0,   1,  8,   0,  64,  0, 0,   2, 16,  0, 128, 0, 0,  4,
+        32,  0, 0,   1, 8,   0,  64,  0,  0,   2, 16,  0, 128, 0, /* shift */
 };
 
 /* srlvqidx[0:32], shufbidx[32:64] */
-MLK_ALIGN const uint8_t mlk_compress_d11_data[64] = {
-    10, 0, 0, 0, 0,  0,   0,   0,   30,  0, 0,  0,   0,   0,   0,   0,   10,
-    0,  0, 0, 0, 0,  0,   0,   30,  0,   0, 0,  0,   0,   0,   0, /* srlvqidx */
-    0,  1, 2, 3, 4,  5,   6,   7,   8,   9, 10, 255, 255, 255, 255, 255, 5,
-    6,  7, 8, 9, 10, 255, 255, 255, 255, 0, 0,  1,   2,   3,   4, /* shufbidx */
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint8_t
+    mlk_compress_d11_data[64] =
+        {
+            10,  0,   0,   0,   0,   0,  0, 0, 30, 0, 0,
+            0,   0,   0,   0,   0,   10, 0, 0, 0,  0, 0,
+            0,   0,   30,  0,   0,   0,  0, 0, 0,  0, /* srlvqidx */
+            0,   1,   2,   3,   4,   5,  6, 7, 8,  9, 10,
+            255, 255, 255, 255, 255, 5,  6, 7, 8,  9, 10,
+            255, 255, 255, 255, 0,   0,  1, 2, 3,  4, /* shufbidx */
 };
 
 /* shufbidx[0:32], srlvdidx[32:64], srlvqidx[64:96], shift[96:128] */
-MLK_ALIGN const uint8_t mlk_decompress_d11_data[128] = {
-    0,  1, 1, 2, 2, 3, 4,  5, 5, 6, 6, 7,  8,  9,  9,  10,
-    3,  4, 4, 5, 5, 6, 7,  8, 8, 9, 9, 10, 11, 12, 12, 13, /* shufbidx */
-    0,  0, 0, 0, 1, 0, 0,  0, 0, 0, 0, 0,  0,  0,  0,  0,
-    0,  0, 0, 0, 1, 0, 0,  0, 0, 0, 0, 0,  0,  0,  0,  0, /* srlvdidx */
-    0,  0, 0, 0, 0, 0, 0,  0, 2, 0, 0, 0,  0,  0,  0,  0,
-    0,  0, 0, 0, 0, 0, 0,  0, 2, 0, 0, 0,  0,  0,  0,  0, /* srlvqidx */
-    32, 0, 4, 0, 1, 0, 32, 0, 8, 0, 1, 0,  32, 0,  4,  0,
-    32, 0, 4, 0, 1, 0, 32, 0, 8, 0, 1, 0,  32, 0,  4,  0, /* shift */
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint8_t
+    mlk_decompress_d11_data[128] = {
+        0,  1, 1, 2, 2, 3, 4,  5, 5, 6, 6, 7,  8,  9,  9,  10,
+        3,  4, 4, 5, 5, 6, 7,  8, 8, 9, 9, 10, 11, 12, 12, 13, /* shufbidx */
+        0,  0, 0, 0, 1, 0, 0,  0, 0, 0, 0, 0,  0,  0,  0,  0,
+        0,  0, 0, 0, 1, 0, 0,  0, 0, 0, 0, 0,  0,  0,  0,  0, /* srlvdidx */
+        0,  0, 0, 0, 0, 0, 0,  0, 2, 0, 0, 0,  0,  0,  0,  0,
+        0,  0, 0, 0, 0, 0, 0,  0, 2, 0, 0, 0,  0,  0,  0,  0, /* srlvqidx */
+        32, 0, 4, 0, 1, 0, 32, 0, 8, 0, 1, 0,  32, 0,  4,  0,
+        32, 0, 4, 0, 1, 0, 32, 0, 8, 0, 1, 0,  32, 0,  4,  0, /* shift */
 };
 
 #endif /* !MLK_CONFIG_MULTILEVEL_NO_SHARED && \

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/compress_consts.h

@@ -17,28 +17,28 @@
 #ifndef __ASSEMBLER__
 
 #define mlk_compress_d4_data MLK_NAMESPACE(compress_d4_data)
-extern const uint8_t mlk_compress_d4_data[32];
+MLK_INTERNAL_DATA_DECLARATION const uint8_t mlk_compress_d4_data[32];
 
 #define mlk_decompress_d4_data MLK_NAMESPACE(decompress_d4_data)
-extern const uint8_t mlk_decompress_d4_data[32];
+MLK_INTERNAL_DATA_DECLARATION const uint8_t mlk_decompress_d4_data[32];
 
 #define mlk_compress_d10_data MLK_NAMESPACE(compress_d10_data)
-extern const uint8_t mlk_compress_d10_data[32];
+MLK_INTERNAL_DATA_DECLARATION const uint8_t mlk_compress_d10_data[32];
 
 #define mlk_decompress_d10_data MLK_NAMESPACE(decompress_d10_data)
-extern const uint8_t mlk_decompress_d10_data[32];
+MLK_INTERNAL_DATA_DECLARATION const uint8_t mlk_decompress_d10_data[32];
 
 #define mlk_compress_d5_data MLK_NAMESPACE(compress_d5_data)
-extern const uint8_t mlk_compress_d5_data[32];
+MLK_INTERNAL_DATA_DECLARATION const uint8_t mlk_compress_d5_data[32];
 
 #define mlk_decompress_d5_data MLK_NAMESPACE(decompress_d5_data)
-extern const uint8_t mlk_decompress_d5_data[96];
+MLK_INTERNAL_DATA_DECLARATION const uint8_t mlk_decompress_d5_data[96];
 
 #define mlk_compress_d11_data MLK_NAMESPACE(compress_d11_data)
-extern const uint8_t mlk_compress_d11_data[64];
+MLK_INTERNAL_DATA_DECLARATION const uint8_t mlk_compress_d11_data[64];
 
 #define mlk_decompress_d11_data MLK_NAMESPACE(decompress_d11_data)
-extern const uint8_t mlk_decompress_d11_data[128];
+MLK_INTERNAL_DATA_DECLARATION const uint8_t mlk_decompress_d11_data[128];
 
 #endif /* !__ASSEMBLER__ */
 

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/consts.c

@@ -20,7 +20,7 @@
  * Table of zeta values used in the AVX2 NTTs
  * See autogen for details.
  */
-MLK_ALIGN const int16_t mlk_qdata[624] = {
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const int16_t mlk_qdata[624] = {
     3854,   3340,   2826,   2312,   1798,   1284,   770,    256,    3854,
     3340,   2826,   2312,   1798,   1284,   770,    256,    7,      0,
     6,      0,      5,      0,      4,      0,      3,      0,      2,

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/consts.h

@@ -19,7 +19,7 @@
 
 #ifndef __ASSEMBLER__
 #define mlk_qdata MLK_NAMESPACE(qdata)
-extern const int16_t mlk_qdata[624];
+MLK_INTERNAL_DATA_DECLARATION const int16_t mlk_qdata[624];
 #endif
 
 #endif /* !MLK_NATIVE_X86_64_SRC_CONSTS_H */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/{intt.S → intt_avx2_asm.S}

@@ -34,17 +34,13 @@
 
 /*
  * WARNING: This file is auto-derived from the mlkem-native source file
- *   dev/x86_64/src/intt.S using scripts/simpasm. Do not modify it directly.
+ *   dev/x86_64/src/intt_avx2_asm.S using scripts/simpasm. Do not modify it directly.
  */
 
-#if defined(__ELF__)
-.section .note.GNU-stack,"",@progbits
-#endif
-
 .text
 .balign 4
-.global MLK_ASM_NAMESPACE(invntt_avx2)
-MLK_ASM_FN_SYMBOL(invntt_avx2)
+.global MLK_ASM_NAMESPACE(invntt_avx2_asm)
+MLK_ASM_FN_SYMBOL(invntt_avx2_asm)
 
         .cfi_startproc
         movl $0xd010d01, %eax        # imm = 0xD010D01
@@ -713,7 +709,11 @@ MLK_ASM_FN_SYMBOL(invntt_avx2)
         retq
         .cfi_endproc
 
-MLK_ASM_FN_SIZE(invntt_avx2)
+MLK_ASM_FN_SIZE(invntt_avx2_asm)
 
 #endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && !MLK_CONFIG_MULTILEVEL_NO_SHARED \
         */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/{ntt.S → ntt_avx2_asm.S}

@@ -30,17 +30,13 @@
 
 /*
  * WARNING: This file is auto-derived from the mlkem-native source file
- *   dev/x86_64/src/ntt.S using scripts/simpasm. Do not modify it directly.
+ *   dev/x86_64/src/ntt_avx2_asm.S using scripts/simpasm. Do not modify it directly.
  */
 
-#if defined(__ELF__)
-.section .note.GNU-stack,"",@progbits
-#endif
-
 .text
 .balign 4
-.global MLK_ASM_NAMESPACE(ntt_avx2)
-MLK_ASM_FN_SYMBOL(ntt_avx2)
+.global MLK_ASM_NAMESPACE(ntt_avx2_asm)
+MLK_ASM_FN_SYMBOL(ntt_avx2_asm)
 
         .cfi_startproc
         movl $0xd010d01, %eax        # imm = 0xD010D01
@@ -633,7 +629,11 @@ MLK_ASM_FN_SYMBOL(ntt_avx2)
         retq
         .cfi_endproc
 
-MLK_ASM_FN_SIZE(ntt_avx2)
+MLK_ASM_FN_SIZE(ntt_avx2_asm)
 
 #endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && !MLK_CONFIG_MULTILEVEL_NO_SHARED \
         */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/{nttfrombytes.S → nttfrombytes_avx2_asm.S}

@@ -24,17 +24,13 @@
 
 /*
  * WARNING: This file is auto-derived from the mlkem-native source file
- *   dev/x86_64/src/nttfrombytes.S using scripts/simpasm. Do not modify it directly.
+ *   dev/x86_64/src/nttfrombytes_avx2_asm.S using scripts/simpasm. Do not modify it directly.
  */
 
-#if defined(__ELF__)
-.section .note.GNU-stack,"",@progbits
-#endif
-
 .text
 .balign 4
-.global MLK_ASM_NAMESPACE(nttfrombytes_avx2)
-MLK_ASM_FN_SYMBOL(nttfrombytes_avx2)
+.global MLK_ASM_NAMESPACE(nttfrombytes_avx2_asm)
+MLK_ASM_FN_SYMBOL(nttfrombytes_avx2_asm)
 
         .cfi_startproc
         movl $0xfff0fff, %eax        # imm = 0xFFF0FFF
@@ -187,7 +183,11 @@ MLK_ASM_FN_SYMBOL(nttfrombytes_avx2)
         retq
         .cfi_endproc
 
-MLK_ASM_FN_SIZE(nttfrombytes_avx2)
+MLK_ASM_FN_SIZE(nttfrombytes_avx2_asm)
 
 #endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && !MLK_CONFIG_MULTILEVEL_NO_SHARED \
         */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif