pq_crypto 0.6.2 → 0.6.3

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/{keccak_f1600_x1_scalar_asm.S → keccak_f1600_x1_scalar_aarch64_asm.S}

@@ -9,9 +9,9 @@
 // Author: Matthias Kannwischer <matthias@kannwischer.eu>
 
 /*yaml
-  Name: keccak_f1600_x1_scalar_asm
+  Name: keccak_f1600_x1_scalar_aarch64_asm
   Description: AArch64 scalar implementation of Keccak-f[1600] permutation for single state
-  Signature: void mlk_keccak_f1600_x1_scalar_asm(uint64_t state[25], const uint64_t rc[24])
+  Signature: void mlk_keccak_f1600_x1_scalar_aarch64_asm(uint64_t state[25], const uint64_t rc[24])
   ABI:
     x0:
       type: buffer
@@ -36,17 +36,13 @@
 
 /*
  * WARNING: This file is auto-derived from the mlkem-native source file
- *   dev/fips202/aarch64/src/keccak_f1600_x1_scalar_asm.S using scripts/simpasm. Do not modify it directly.
+ *   dev/fips202/aarch64/src/keccak_f1600_x1_scalar_aarch64_asm.S using scripts/simpasm. Do not modify it directly.
  */
 
-#if defined(__ELF__)
-.section .note.GNU-stack,"",@progbits
-#endif
-
 .text
 .balign 4
-.global MLK_ASM_NAMESPACE(keccak_f1600_x1_scalar_asm)
-MLK_ASM_FN_SYMBOL(keccak_f1600_x1_scalar_asm)
+.global MLK_ASM_NAMESPACE(keccak_f1600_x1_scalar_aarch64_asm)
+MLK_ASM_FN_SYMBOL(keccak_f1600_x1_scalar_aarch64_asm)
 
         .cfi_startproc
         sub sp, sp, #0x80
@@ -369,7 +365,11 @@ Lkeccak_f1600_x1_scalar_loop:
         ret
         .cfi_endproc
 
-MLK_ASM_FN_SIZE(keccak_f1600_x1_scalar_asm)
+MLK_ASM_FN_SIZE(keccak_f1600_x1_scalar_aarch64_asm)
 
 #endif /* MLK_FIPS202_AARCH64_NEED_X1_SCALAR && \
           !MLK_CONFIG_MULTILEVEL_NO_SHARED */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/{keccak_f1600_x1_v84a_asm.S → keccak_f1600_x1_v84a_aarch64_asm.S}

@@ -15,9 +15,9 @@
  */
 
 /*yaml
-  Name: keccak_f1600_x1_v84a_asm
+  Name: keccak_f1600_x1_v84a_aarch64_asm
   Description: AArch64 ARMv8.4-A implementation of Keccak-f[1600] permutation for single state
-  Signature: void mlk_keccak_f1600_x1_v84a_asm(uint64_t state[25], const uint64_t rc[24])
+  Signature: void mlk_keccak_f1600_x1_v84a_aarch64_asm(uint64_t state[25], const uint64_t rc[24])
   ABI:
     x0:
       type: buffer
@@ -53,17 +53,13 @@
 
 /*
  * WARNING: This file is auto-derived from the mlkem-native source file
- *   dev/fips202/aarch64/src/keccak_f1600_x1_v84a_asm.S using scripts/simpasm. Do not modify it directly.
+ *   dev/fips202/aarch64/src/keccak_f1600_x1_v84a_aarch64_asm.S using scripts/simpasm. Do not modify it directly.
  */
 
-#if defined(__ELF__)
-.section .note.GNU-stack,"",@progbits
-#endif
-
 .text
 .balign 4
-.global MLK_ASM_NAMESPACE(keccak_f1600_x1_v84a_asm)
-MLK_ASM_FN_SYMBOL(keccak_f1600_x1_v84a_asm)
+.global MLK_ASM_NAMESPACE(keccak_f1600_x1_v84a_aarch64_asm)
+MLK_ASM_FN_SYMBOL(keccak_f1600_x1_v84a_aarch64_asm)
 
         .cfi_startproc
         sub sp, sp, #0x40
@@ -195,9 +191,13 @@ Lkeccak_f1600_x1_v84a_loop:
         ret
         .cfi_endproc
 
-MLK_ASM_FN_SIZE(keccak_f1600_x1_v84a_asm)
+MLK_ASM_FN_SIZE(keccak_f1600_x1_v84a_aarch64_asm)
 
 #endif /* __ARM_FEATURE_SHA3 */
 
 #endif /* MLK_FIPS202_AARCH64_NEED_X1_V84A && !MLK_CONFIG_MULTILEVEL_NO_SHARED \
         */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/{keccak_f1600_x2_v84a_asm.S → keccak_f1600_x2_v84a_aarch64_asm.S}

@@ -15,9 +15,9 @@
  */
 
 /*yaml
-  Name: keccak_f1600_x2_v84a_asm
+  Name: keccak_f1600_x2_v84a_aarch64_asm
   Description: AArch64 ARMv8.4-A implementation of Keccak-f[1600] permutation for two sequential states
-  Signature: void mlk_keccak_f1600_x2_v84a_asm(uint64_t state[50], const uint64_t rc[24])
+  Signature: void mlk_keccak_f1600_x2_v84a_aarch64_asm(uint64_t state[50], const uint64_t rc[24])
   ABI:
     x0:
       type: buffer
@@ -53,17 +53,13 @@
 
 /*
  * WARNING: This file is auto-derived from the mlkem-native source file
- *   dev/fips202/aarch64/src/keccak_f1600_x2_v84a_asm.S using scripts/simpasm. Do not modify it directly.
+ *   dev/fips202/aarch64/src/keccak_f1600_x2_v84a_aarch64_asm.S using scripts/simpasm. Do not modify it directly.
  */
 
-#if defined(__ELF__)
-.section .note.GNU-stack,"",@progbits
-#endif
-
 .text
 .balign 4
-.global MLK_ASM_NAMESPACE(keccak_f1600_x2_v84a_asm)
-MLK_ASM_FN_SYMBOL(keccak_f1600_x2_v84a_asm)
+.global MLK_ASM_NAMESPACE(keccak_f1600_x2_v84a_aarch64_asm)
+MLK_ASM_FN_SYMBOL(keccak_f1600_x2_v84a_aarch64_asm)
 
         .cfi_startproc
         sub sp, sp, #0x40
@@ -250,9 +246,13 @@ Lkeccak_f1600_x2_v84a_loop:
         ret
         .cfi_endproc
 
-MLK_ASM_FN_SIZE(keccak_f1600_x2_v84a_asm)
+MLK_ASM_FN_SIZE(keccak_f1600_x2_v84a_aarch64_asm)
 
 #endif /* __ARM_FEATURE_SHA3 */
 
 #endif /* MLK_FIPS202_AARCH64_NEED_X2_V84A && !MLK_CONFIG_MULTILEVEL_NO_SHARED \
         */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/{keccak_f1600_x4_v8a_scalar_hybrid_asm.S → keccak_f1600_x4_v8a_scalar_hybrid_aarch64_asm.S}

@@ -9,9 +9,9 @@
 // Author: Matthias Kannwischer <matthias@kannwischer.eu>
 
 /*yaml
-  Name: keccak_f1600_x4_v8a_scalar_hybrid_asm
+  Name: keccak_f1600_x4_v8a_scalar_hybrid_aarch64_asm
   Description: AArch64 hybrid scalar/vector implementation of Keccak-f[1600] permutation for four sequential states
-  Signature: void mlk_keccak_f1600_x4_v8a_scalar_hybrid_asm(uint64_t state[100], const uint64_t rc[24])
+  Signature: void mlk_keccak_f1600_x4_v8a_scalar_hybrid_aarch64_asm(uint64_t state[100], const uint64_t rc[24])
   ABI:
     x0:
       type: buffer
@@ -36,17 +36,13 @@
 
 /*
  * WARNING: This file is auto-derived from the mlkem-native source file
- *   dev/fips202/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm.S using scripts/simpasm. Do not modify it directly.
+ *   dev/fips202/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_aarch64_asm.S using scripts/simpasm. Do not modify it directly.
  */
 
-#if defined(__ELF__)
-.section .note.GNU-stack,"",@progbits
-#endif
-
 .text
 .balign 4
-.global MLK_ASM_NAMESPACE(keccak_f1600_x4_v8a_scalar_hybrid_asm)
-MLK_ASM_FN_SYMBOL(keccak_f1600_x4_v8a_scalar_hybrid_asm)
+.global MLK_ASM_NAMESPACE(keccak_f1600_x4_v8a_scalar_hybrid_aarch64_asm)
+MLK_ASM_FN_SYMBOL(keccak_f1600_x4_v8a_scalar_hybrid_aarch64_asm)
 
         .cfi_startproc
         sub sp, sp, #0xe0
@@ -1070,7 +1066,11 @@ Lkeccak_f1600_x4_v8a_scalar_hybrid_done:
         ret
         .cfi_endproc
 
-MLK_ASM_FN_SIZE(keccak_f1600_x4_v8a_scalar_hybrid_asm)
+MLK_ASM_FN_SIZE(keccak_f1600_x4_v8a_scalar_hybrid_aarch64_asm)
 
 #endif /* MLK_FIPS202_AARCH64_NEED_X4_V8A_SCALAR_HYBRID && \
           !MLK_CONFIG_MULTILEVEL_NO_SHARED */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/{keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm.S → keccak_f1600_x4_v8a_v84a_scalar_hybrid_aarch64_asm.S}

@@ -9,9 +9,9 @@
 // Author: Matthias Kannwischer <matthias@kannwischer.eu>
 
 /*yaml
-  Name: keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm
+  Name: keccak_f1600_x4_v8a_v84a_scalar_hybrid_aarch64_asm
   Description: AArch64 hybrid scalar/vector implementation of Keccak-f[1600] permutation for four sequential states with ARMv8.4-A optimizations
-  Signature: void mlk_keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm(uint64_t state[100], const uint64_t rc[24])
+  Signature: void mlk_keccak_f1600_x4_v8a_v84a_scalar_hybrid_aarch64_asm(uint64_t state[100], const uint64_t rc[24])
   ABI:
     x0:
       type: buffer
@@ -38,17 +38,13 @@
 
 /*
  * WARNING: This file is auto-derived from the mlkem-native source file
- *   dev/fips202/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm.S using scripts/simpasm. Do not modify it directly.
+ *   dev/fips202/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_aarch64_asm.S using scripts/simpasm. Do not modify it directly.
  */
 
-#if defined(__ELF__)
-.section .note.GNU-stack,"",@progbits
-#endif
-
 .text
 .balign 4
-.global MLK_ASM_NAMESPACE(keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm)
-MLK_ASM_FN_SYMBOL(keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm)
+.global MLK_ASM_NAMESPACE(keccak_f1600_x4_v8a_v84a_scalar_hybrid_aarch64_asm)
+MLK_ASM_FN_SYMBOL(keccak_f1600_x4_v8a_v84a_scalar_hybrid_aarch64_asm)
 
         .cfi_startproc
         sub sp, sp, #0xe0
@@ -978,9 +974,13 @@ Lkeccak_f1600_x4_v8a_v84a_scalar_hybrid_done:
         ret
         .cfi_endproc
 
-MLK_ASM_FN_SIZE(keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm)
+MLK_ASM_FN_SIZE(keccak_f1600_x4_v8a_v84a_scalar_hybrid_aarch64_asm)
 
 #endif /* __ARM_FEATURE_SHA3 */
 
 #endif /* MLK_FIPS202_AARCH64_NEED_X4_V8A_V84A_SCALAR_HYBRID && \
           !MLK_CONFIG_MULTILEVEL_NO_SHARED */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/keccakf1600_round_constants.c

@@ -20,15 +20,16 @@
 
 #include "fips202_native_aarch64.h"
 
-MLK_ALIGN const uint64_t mlk_keccakf1600_round_constants[] = {
-    0x0000000000000001, 0x0000000000008082, 0x800000000000808a,
-    0x8000000080008000, 0x000000000000808b, 0x0000000080000001,
-    0x8000000080008081, 0x8000000000008009, 0x000000000000008a,
-    0x0000000000000088, 0x0000000080008009, 0x000000008000000a,
-    0x000000008000808b, 0x800000000000008b, 0x8000000000008089,
-    0x8000000000008003, 0x8000000000008002, 0x8000000000000080,
-    0x000000000000800a, 0x800000008000000a, 0x8000000080008081,
-    0x8000000000008080, 0x0000000080000001, 0x8000000080008008,
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint64_t
+    mlk_keccakf1600_round_constants[24] = {
+        0x0000000000000001, 0x0000000000008082, 0x800000000000808a,
+        0x8000000080008000, 0x000000000000808b, 0x0000000080000001,
+        0x8000000080008081, 0x8000000000008009, 0x000000000000008a,
+        0x0000000000000088, 0x0000000080008009, 0x000000008000000a,
+        0x000000008000808b, 0x800000000000008b, 0x8000000000008089,
+        0x8000000000008003, 0x8000000000008002, 0x8000000000000080,
+        0x000000000000800a, 0x800000008000000a, 0x8000000080008081,
+        0x8000000000008080, 0x0000000080000001, 0x8000000080008008,
 };
 
 #else /* (MLK_FIPS202_AARCH64_NEED_X1_SCALAR ||                               \

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x1_scalar.h

@@ -17,7 +17,8 @@
 MLK_MUST_CHECK_RETURN_VALUE
 static MLK_INLINE int mlk_keccak_f1600_x1_native(uint64_t *state)
 {
-  mlk_keccak_f1600_x1_scalar_asm(state, mlk_keccakf1600_round_constants);
+  mlk_keccak_f1600_x1_scalar_aarch64_asm(state,
+                                         mlk_keccakf1600_round_constants);
   return MLK_NATIVE_FUNC_SUCCESS;
 }
 #endif /* !__ASSEMBLER__ */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x1_v84a.h

@@ -26,7 +26,7 @@ static MLK_INLINE int mlk_keccak_f1600_x1_native(uint64_t *state)
     return MLK_NATIVE_FUNC_FALLBACK;
   }
 
-  mlk_keccak_f1600_x1_v84a_asm(state, mlk_keccakf1600_round_constants);
+  mlk_keccak_f1600_x1_v84a_aarch64_asm(state, mlk_keccakf1600_round_constants);
   return MLK_NATIVE_FUNC_SUCCESS;
 }
 #endif /* !__ASSEMBLER__ */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x2_v84a.h

@@ -26,8 +26,10 @@ static MLK_INLINE int mlk_keccak_f1600_x4_native(uint64_t *state)
     return MLK_NATIVE_FUNC_FALLBACK;
   }
 
-  mlk_keccak_f1600_x2_v84a_asm(state + 0 * 25, mlk_keccakf1600_round_constants);
-  mlk_keccak_f1600_x2_v84a_asm(state + 2 * 25, mlk_keccakf1600_round_constants);
+  mlk_keccak_f1600_x2_v84a_aarch64_asm(state + 0 * 25,
+                                       mlk_keccakf1600_round_constants);
+  mlk_keccak_f1600_x2_v84a_aarch64_asm(state + 2 * 25,
+                                       mlk_keccakf1600_round_constants);
   return MLK_NATIVE_FUNC_SUCCESS;
 }
 #endif /* !__ASSEMBLER__ */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x4_v8a_scalar.h

@@ -17,8 +17,8 @@
 MLK_MUST_CHECK_RETURN_VALUE
 static MLK_INLINE int mlk_keccak_f1600_x4_native(uint64_t *state)
 {
-  mlk_keccak_f1600_x4_v8a_scalar_hybrid_asm(state,
-                                            mlk_keccakf1600_round_constants);
+  mlk_keccak_f1600_x4_v8a_scalar_hybrid_aarch64_asm(
+      state, mlk_keccakf1600_round_constants);
   return MLK_NATIVE_FUNC_SUCCESS;
 }
 #endif /* !__ASSEMBLER__ */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x4_v8a_v84a_scalar.h

@@ -26,7 +26,7 @@ static MLK_INLINE int mlk_keccak_f1600_x4_native(uint64_t *state)
     return MLK_NATIVE_FUNC_FALLBACK;
   }
 
-  mlk_keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm(
+  mlk_keccak_f1600_x4_v8a_v84a_scalar_hybrid_aarch64_asm(
       state, mlk_keccakf1600_round_constants);
   return MLK_NATIVE_FUNC_SUCCESS;
 }

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/fips202_native_armv81m.h

@@ -10,7 +10,8 @@
 /* Keccak round constants in bit-interleaved form */
 #define mlk_keccakf1600_round_constants \
   MLK_NAMESPACE(keccakf1600_round_constants)
-extern const uint32_t mlk_keccakf1600_round_constants[48];
+MLK_INTERNAL_DATA_DECLARATION const uint32_t
+    mlk_keccakf1600_round_constants[48];
 
 #define mlk_keccak_f1600_x4_mve_asm MLK_NAMESPACE(keccak_f1600_x4_mve_asm)
 void mlk_keccak_f1600_x4_mve_asm(uint64_t state[100], uint64_t tmpstate[100],

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/keccak_f1600_x4_mve.S

@@ -28,8 +28,8 @@
       c_parameter: const uint32_t *rc
       description: Keccak round constants in bit-interleaved form (24 pairs of 32-bit words)
   Stack:
-    bytes: 236
-    description: register preservation (44) + SIMD registers (64) + temporary storage (128)
+    bytes: 228
+    description: register preservation (36) + SIMD registers (64) + temporary storage (128)
 */
 
 // ---------------------------------------------------------------------------
@@ -79,9 +79,30 @@
 .global MLK_ASM_NAMESPACE(keccak_f1600_x4_mve_asm)
 MLK_ASM_FN_SYMBOL(keccak_f1600_x4_mve_asm)
 
-        push.w {r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, lr}
+        .cfi_startproc
+        push.w {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+        .cfi_adjust_cfa_offset 0x24
+        .cfi_rel_offset r4, 0x0
+        .cfi_rel_offset r5, 0x4
+        .cfi_rel_offset r6, 0x8
+        .cfi_rel_offset r7, 0xc
+        .cfi_rel_offset r8, 0x10
+        .cfi_rel_offset r9, 0x14
+        .cfi_rel_offset r10, 0x18
+        .cfi_rel_offset r11, 0x1c
+        .cfi_rel_offset lr, 0x20
         vpush {d8, d9, d10, d11, d12, d13, d14, d15}
+        .cfi_adjust_cfa_offset 0x40
+        .cfi_rel_offset d8, 0x0
+        .cfi_rel_offset d9, 0x8
+        .cfi_rel_offset d10, 0x10
+        .cfi_rel_offset d11, 0x18
+        .cfi_rel_offset d12, 0x20
+        .cfi_rel_offset d13, 0x28
+        .cfi_rel_offset d14, 0x30
+        .cfi_rel_offset d15, 0x38
         sub sp, #0x80
+        .cfi_adjust_cfa_offset 0x80
         mov r6, r2
         mov.w lr, #0x18
         mov r2, r0
@@ -90,9 +111,9 @@ MLK_ASM_FN_SYMBOL(keccak_f1600_x4_mve_asm)
         vldrw.u32 q0, [r3]
         vldrw.u32 q1, [r2]
         vldrw.u32 q2, [r2, #32]
-        wls lr, lr, keccak_f1600_x4_mve_asm_roundend @ imm = #0x8c0
+        wls lr, lr, Lkeccak_f1600_x4_mve_asm_roundend @ imm = #0x8c0
 
-keccak_f1600_x4_mve_asm_roundstart:
+Lkeccak_f1600_x4_mve_asm_roundstart:
         vldrw.u32 q6, [r2, #112]
         veor q7, q6, q2
         vldrw.u32 q2, [r2, #80]
@@ -653,15 +674,40 @@ keccak_f1600_x4_mve_asm_roundstart:
         veor q0, q4, q6
         vstrw.32 q0, [r5]
 
-keccak_f1600_x4_mve_asm_roundend_pre:
-        le lr, keccak_f1600_x4_mve_asm_roundstart @ imm = #-0x8c0
+Lkeccak_f1600_x4_mve_asm_roundend_pre:
+        le lr, Lkeccak_f1600_x4_mve_asm_roundstart @ imm = #-0x8c0
 
-keccak_f1600_x4_mve_asm_roundend:
+Lkeccak_f1600_x4_mve_asm_roundend:
         add sp, #0x80
+        .cfi_adjust_cfa_offset -0x80
         vpop {d8, d9, d10, d11, d12, d13, d14, d15}
-        pop.w {r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, pc}
+        .cfi_restore d8
+        .cfi_restore d9
+        .cfi_restore d10
+        .cfi_restore d11
+        .cfi_restore d12
+        .cfi_restore d13
+        .cfi_restore d14
+        .cfi_restore d15
+        .cfi_adjust_cfa_offset -0x40
+        pop.w {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+        .cfi_restore r4
+        .cfi_restore r5
+        .cfi_restore r6
+        .cfi_restore r7
+        .cfi_restore r8
+        .cfi_restore r9
+        .cfi_restore r10
+        .cfi_restore r11
+        .cfi_restore lr
+        .cfi_adjust_cfa_offset -0x24
+        .cfi_endproc
         nop
 
 MLK_ASM_FN_SIZE(keccak_f1600_x4_mve_asm)
 
 #endif /* MLK_FIPS202_ARMV81M_NEED_X4 && !MLK_CONFIG_MULTILEVEL_NO_SHARED */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/keccakf1600_round_constants.c

@@ -16,31 +16,32 @@
  * - low word contains even-indexed bits
  * - high word contains odd-indexed bits
  */
-MLK_ALIGN const uint32_t mlk_keccakf1600_round_constants[48] = {
-    0x00000001, 0x00000000, /* RC0 */
-    0x00000000, 0x00000089, /* RC1 */
-    0x00000000, 0x8000008b, /* RC2 */
-    0x00000000, 0x80008080, /* RC3 */
-    0x00000001, 0x0000008b, /* RC4 */
-    0x00000001, 0x00008000, /* RC5 */
-    0x00000001, 0x80008088, /* RC6 */
-    0x00000001, 0x80000082, /* RC7 */
-    0x00000000, 0x0000000b, /* RC8 */
-    0x00000000, 0x0000000a, /* RC9 */
-    0x00000001, 0x00008082, /* RC10 */
-    0x00000000, 0x00008003, /* RC11 */
-    0x00000001, 0x0000808b, /* RC12 */
-    0x00000001, 0x8000000b, /* RC13 */
-    0x00000001, 0x8000008a, /* RC14 */
-    0x00000001, 0x80000081, /* RC15 */
-    0x00000000, 0x80000081, /* RC16 */
-    0x00000000, 0x80000008, /* RC17 */
-    0x00000000, 0x00000083, /* RC18 */
-    0x00000000, 0x80008003, /* RC19 */
-    0x00000001, 0x80008088, /* RC20 */
-    0x00000000, 0x80000088, /* RC21 */
-    0x00000001, 0x00008000, /* RC22 */
-    0x00000000, 0x80008082, /* RC23 */
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint32_t
+    mlk_keccakf1600_round_constants[48] = {
+        0x00000001, 0x00000000, /* RC0 */
+        0x00000000, 0x00000089, /* RC1 */
+        0x00000000, 0x8000008b, /* RC2 */
+        0x00000000, 0x80008080, /* RC3 */
+        0x00000001, 0x0000008b, /* RC4 */
+        0x00000001, 0x00008000, /* RC5 */
+        0x00000001, 0x80008088, /* RC6 */
+        0x00000001, 0x80000082, /* RC7 */
+        0x00000000, 0x0000000b, /* RC8 */
+        0x00000000, 0x0000000a, /* RC9 */
+        0x00000001, 0x00008082, /* RC10 */
+        0x00000000, 0x00008003, /* RC11 */
+        0x00000001, 0x0000808b, /* RC12 */
+        0x00000001, 0x8000000b, /* RC13 */
+        0x00000001, 0x8000008a, /* RC14 */
+        0x00000001, 0x80000081, /* RC15 */
+        0x00000000, 0x80000081, /* RC16 */
+        0x00000000, 0x80000008, /* RC17 */
+        0x00000000, 0x00000083, /* RC18 */
+        0x00000000, 0x80008003, /* RC19 */
+        0x00000001, 0x80008088, /* RC20 */
+        0x00000000, 0x80000088, /* RC21 */
+        0x00000001, 0x00008000, /* RC22 */
+        0x00000000, 0x80008082, /* RC23 */
 };
 
 #else /* MLK_FIPS202_ARMV81M_NEED_X4 && !MLK_CONFIG_MULTILEVEL_NO_SHARED */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/state_extract_bytes_x4_mve.S

@@ -73,19 +73,39 @@
 .global MLK_ASM_NAMESPACE(keccak_f1600_x4_state_extract_bytes_asm)
 MLK_ASM_FN_SYMBOL(keccak_f1600_x4_state_extract_bytes_asm)
 
+        .cfi_startproc
         push.w {r4, r5, r6, r7, r8, r9, r10, r11, r12, lr}
+        .cfi_adjust_cfa_offset 0x28
+        .cfi_rel_offset r4, 0x0
+        .cfi_rel_offset r5, 0x4
+        .cfi_rel_offset r6, 0x8
+        .cfi_rel_offset r7, 0xc
+        .cfi_rel_offset r8, 0x10
+        .cfi_rel_offset r9, 0x14
+        .cfi_rel_offset r10, 0x18
+        .cfi_rel_offset r11, 0x1c
+        .cfi_rel_offset lr, 0x24
         vpush {d8, d9, d10, d11, d12, d13, d14, d15}
+        .cfi_adjust_cfa_offset 0x40
+        .cfi_rel_offset d8, 0x0
+        .cfi_rel_offset d9, 0x8
+        .cfi_rel_offset d10, 0x10
+        .cfi_rel_offset d11, 0x18
+        .cfi_rel_offset d12, 0x20
+        .cfi_rel_offset d13, 0x28
+        .cfi_rel_offset d14, 0x30
+        .cfi_rel_offset d15, 0x38
         ldr r4, [sp, #0x68]
         ldr.w r10, [sp, #0x6c]
         ldr r6, [sp, #0x70]
         cmp r6, #0x0
-        beq.w keccak_f1600_x4_state_extract_bytes_asm_exit @ imm = #0x2ea
+        beq.w Lkeccak_f1600_x4_state_extract_bytes_asm_exit @ imm = #0x2ea
         and r5, r10, #0x7
         bic r9, r10, #0x7
         add.w r8, r0, r9, lsl #1
         add.w r7, r8, #0x190
         cmp r5, #0x0
-        beq.w keccak_f1600_x4_state_extract_bytes_asm_pre_main @ imm = #0x112
+        beq.w Lkeccak_f1600_x4_state_extract_bytes_asm_pre_main @ imm = #0x112
         vldrw.u32 q0, [r8], #16
         vldrw.u32 q1, [r7], #16
         vrev32.16 q2, q0
@@ -148,29 +168,29 @@ MLK_ASM_FN_SYMBOL(keccak_f1600_x4_state_extract_bytes_asm)
         subs r2, r2, r5
         subs r3, r3, r5
         subs r4, r4, r5
-        vpstttt 
+        vpstttt
         vstrbt.8 q0, [r1], #4
         vstrbt.8 q1, [r2], #4
         vstrbt.8 q2, [r3], #4
         vstrbt.8 q3, [r4], #4
         subs.w r6, r6, lr
         cmp r6, #0x0
-        beq.w keccak_f1600_x4_state_extract_bytes_asm_exit @ imm = #0x1cc
+        beq.w Lkeccak_f1600_x4_state_extract_bytes_asm_exit @ imm = #0x1cc
         vmov q7[2], q7[0], r1, r3
         vmov q7[3], q7[1], r2, r4
-        b keccak_f1600_x4_state_extract_bytes_asm_main_body @ imm = #0xe
+        b Lkeccak_f1600_x4_state_extract_bytes_asm_main_body @ imm = #0xe
 
-keccak_f1600_x4_state_extract_bytes_asm_pre_main:
+Lkeccak_f1600_x4_state_extract_bytes_asm_pre_main:
         vmov q7[2], q7[0], r1, r3
         vmov q7[3], q7[1], r2, r4
         mov.w r12, #0x4
         vsub.i32 q7, q7, r12
 
-keccak_f1600_x4_state_extract_bytes_asm_main_body:
+Lkeccak_f1600_x4_state_extract_bytes_asm_main_body:
         lsr.w lr, r6, #0x3
-        wls lr, lr, keccak_f1600_x4_state_extract_bytes_asm_main_loop_end @ imm = #0xb4
+        wls lr, lr, Lkeccak_f1600_x4_state_extract_bytes_asm_main_loop_end @ imm = #0xb4
 
-keccak_f1600_x4_state_extract_bytes_asm_main_loop_start:
+Lkeccak_f1600_x4_state_extract_bytes_asm_main_loop_start:
         vldrw.u32 q0, [r8], #16
         vldrw.u32 q1, [r7], #16
         vrev32.16 q2, q0
@@ -215,11 +235,11 @@ keccak_f1600_x4_state_extract_bytes_asm_main_loop_start:
         vorr q1, q1, q3
         vstrw.32 q0, [q7, #4]!
         vstrw.32 q1, [q7, #4]!
-        le lr, keccak_f1600_x4_state_extract_bytes_asm_main_loop_start @ imm = #-0xb4
+        le lr, Lkeccak_f1600_x4_state_extract_bytes_asm_main_loop_start @ imm = #-0xb4
 
-keccak_f1600_x4_state_extract_bytes_asm_main_loop_end:
+Lkeccak_f1600_x4_state_extract_bytes_asm_main_loop_end:
         ands r6, r6, #0x7
-        beq keccak_f1600_x4_state_extract_bytes_asm_exit @ imm = #0xee
+        beq Lkeccak_f1600_x4_state_extract_bytes_asm_exit @ imm = #0xee
         mov.w r12, #0x4
         vadd.i32 q7, q7, r12
         vmov r1, r3, q7[2], q7[0]
@@ -275,16 +295,40 @@ keccak_f1600_x4_state_extract_bytes_asm_main_loop_end:
         vmov.f64 d4, d1
         vmov.f64 d6, d3
         vctp.8 r6
-        vpstttt 
+        vpstttt
         vstrbt.8 q0, [r1], #4
         vstrbt.8 q1, [r2], #4
         vstrbt.8 q2, [r3], #4
         vstrbt.8 q3, [r4], #4
 
-keccak_f1600_x4_state_extract_bytes_asm_exit:
+Lkeccak_f1600_x4_state_extract_bytes_asm_exit:
         vpop {d8, d9, d10, d11, d12, d13, d14, d15}
+        .cfi_restore d8
+        .cfi_restore d9
+        .cfi_restore d10
+        .cfi_restore d11
+        .cfi_restore d12
+        .cfi_restore d13
+        .cfi_restore d14
+        .cfi_restore d15
+        .cfi_adjust_cfa_offset -0x40
         pop.w {r4, r5, r6, r7, r8, r9, r10, r11, r12, pc}
+        .cfi_restore r4
+        .cfi_restore r5
+        .cfi_restore r6
+        .cfi_restore r7
+        .cfi_restore r8
+        .cfi_restore r9
+        .cfi_restore r10
+        .cfi_restore r11
+        .cfi_restore lr
+        .cfi_adjust_cfa_offset -0x28
+        .cfi_endproc
 
 MLK_ASM_FN_SIZE(keccak_f1600_x4_state_extract_bytes_asm)
 
 #endif /* MLK_FIPS202_ARMV81M_NEED_X4 && !MLK_CONFIG_MULTILEVEL_NO_SHARED */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif