pq_crypto 0.6.2 → 0.6.3

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/state_xor_bytes_x4_mve.S

@@ -72,19 +72,39 @@
 .global MLK_ASM_NAMESPACE(keccak_f1600_x4_state_xor_bytes_asm)
 MLK_ASM_FN_SYMBOL(keccak_f1600_x4_state_xor_bytes_asm)
 
+        .cfi_startproc
         push.w {r4, r5, r6, r7, r8, r9, r10, r11, r12, lr}
+        .cfi_adjust_cfa_offset 0x28
+        .cfi_rel_offset r4, 0x0
+        .cfi_rel_offset r5, 0x4
+        .cfi_rel_offset r6, 0x8
+        .cfi_rel_offset r7, 0xc
+        .cfi_rel_offset r8, 0x10
+        .cfi_rel_offset r9, 0x14
+        .cfi_rel_offset r10, 0x18
+        .cfi_rel_offset r11, 0x1c
+        .cfi_rel_offset lr, 0x24
         vpush {d8, d9, d10, d11, d12, d13, d14, d15}
+        .cfi_adjust_cfa_offset 0x40
+        .cfi_rel_offset d8, 0x0
+        .cfi_rel_offset d9, 0x8
+        .cfi_rel_offset d10, 0x10
+        .cfi_rel_offset d11, 0x18
+        .cfi_rel_offset d12, 0x20
+        .cfi_rel_offset d13, 0x28
+        .cfi_rel_offset d14, 0x30
+        .cfi_rel_offset d15, 0x38
         ldr r4, [sp, #0x68]
         ldr.w r10, [sp, #0x6c]
         ldr r6, [sp, #0x70]
         cmp r6, #0x0
-        beq.w keccak_f1600_x4_state_xor_bytes_asm_exit @ imm = #0x34c
+        beq.w Lkeccak_f1600_x4_state_xor_bytes_asm_exit @ imm = #0x346
         and r5, r10, #0x7
         bic r9, r10, #0x7
         add.w r8, r0, r9, lsl #1
         add.w r7, r8, #0x190
         cmp r5, #0x0
-        beq.w keccak_f1600_x4_state_xor_bytes_asm_pre_main @ imm = #0x132
+        beq.w Lkeccak_f1600_x4_state_xor_bytes_asm_pre_main @ imm = #0x12c
         subs r1, r1, r5
         subs r2, r2, r5
         subs r3, r3, r5
@@ -98,7 +118,7 @@ MLK_ASM_FN_SYMBOL(keccak_f1600_x4_state_xor_bytes_asm)
         vmrs r11, p0
         lsl.w r11, r11, r5
         vmsr p0, r11
-        vpstttt 
+        vpstttt
         vldrbt.u8 q0, [r1], #4
         vldrbt.u8 q1, [r2], #4
         vldrbt.u8 q2, [r3], #4
@@ -163,21 +183,19 @@ MLK_ASM_FN_SYMBOL(keccak_f1600_x4_state_xor_bytes_asm)
         vstrw.32 q5, [r7], #16
         vmov q7[2], q7[0], r1, r3
         vmov q7[3], q7[1], r2, r4
-        cmp r6, #0x0
-        beq.w keccak_f1600_x4_state_xor_bytes_asm_exit @ imm = #0x206
-        b keccak_f1600_x4_state_xor_bytes_asm_main_body @ imm = #0xe
+        b Lkeccak_f1600_x4_state_xor_bytes_asm_main_body @ imm = #0xe
 
-keccak_f1600_x4_state_xor_bytes_asm_pre_main:
+Lkeccak_f1600_x4_state_xor_bytes_asm_pre_main:
         vmov q7[2], q7[0], r1, r3
         vmov q7[3], q7[1], r2, r4
         mov.w r0, #0x4
         vsub.i32 q7, q7, r0
 
-keccak_f1600_x4_state_xor_bytes_asm_main_body:
+Lkeccak_f1600_x4_state_xor_bytes_asm_main_body:
         lsr.w lr, r6, #0x3
-        wls lr, lr, keccak_f1600_x4_state_xor_bytes_asm_main_loop_end @ imm = #0xd4
+        wls lr, lr, Lkeccak_f1600_x4_state_xor_bytes_asm_main_loop_end @ imm = #0xd4
 
-keccak_f1600_x4_state_xor_bytes_asm_main_loop_start:
+Lkeccak_f1600_x4_state_xor_bytes_asm_main_loop_start:
         vldrw.u32 q0, [q7, #4]!
         vldrw.u32 q1, [q7, #4]!
         vmov q2, q0
@@ -230,17 +248,17 @@ keccak_f1600_x4_state_xor_bytes_asm_main_loop_start:
         veor q5, q5, q1
         vstrw.32 q4, [r8], #16
         vstrw.32 q5, [r7], #16
-        le lr, keccak_f1600_x4_state_xor_bytes_asm_main_loop_start @ imm = #-0xd4
+        le lr, Lkeccak_f1600_x4_state_xor_bytes_asm_main_loop_start @ imm = #-0xd4
 
-keccak_f1600_x4_state_xor_bytes_asm_main_loop_end:
+Lkeccak_f1600_x4_state_xor_bytes_asm_main_loop_end:
         ands r6, r6, #0x7
-        beq.w keccak_f1600_x4_state_xor_bytes_asm_exit @ imm = #0x110
+        beq.w Lkeccak_f1600_x4_state_xor_bytes_asm_exit @ imm = #0x110
         mov.w r0, #0x4
         vadd.i32 q7, q7, r0
         vmov r1, r3, q7[2], q7[0]
         vmov r2, r4, q7[3], q7[1]
         vctp.8 r6
-        vpstttt 
+        vpstttt
         vldrbt.u8 q0, [r1]
         vldrbt.u8 q1, [r2]
         vldrbt.u8 q2, [r3]
@@ -304,11 +322,34 @@ keccak_f1600_x4_state_xor_bytes_asm_main_loop_end:
         vstrw.32 q4, [r8], #16
         vstrw.32 q5, [r7], #16
 
-keccak_f1600_x4_state_xor_bytes_asm_exit:
+Lkeccak_f1600_x4_state_xor_bytes_asm_exit:
         vpop {d8, d9, d10, d11, d12, d13, d14, d15}
+        .cfi_restore d8
+        .cfi_restore d9
+        .cfi_restore d10
+        .cfi_restore d11
+        .cfi_restore d12
+        .cfi_restore d13
+        .cfi_restore d14
+        .cfi_restore d15
+        .cfi_adjust_cfa_offset -0x40
         pop.w {r4, r5, r6, r7, r8, r9, r10, r11, r12, pc}
-        nop
+        .cfi_restore r4
+        .cfi_restore r5
+        .cfi_restore r6
+        .cfi_restore r7
+        .cfi_restore r8
+        .cfi_restore r9
+        .cfi_restore r10
+        .cfi_restore r11
+        .cfi_restore lr
+        .cfi_adjust_cfa_offset -0x28
+        .cfi_endproc
 
 MLK_ASM_FN_SIZE(keccak_f1600_x4_state_xor_bytes_asm)
 
 #endif /* MLK_FIPS202_ARMV81M_NEED_X4 && !MLK_CONFIG_MULTILEVEL_NO_SHARED */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/auto.h

@@ -15,7 +15,8 @@
 #include "aarch64/auto.h"
 #endif
 
-#if defined(MLK_SYS_X86_64) && defined(MLK_SYS_X86_64_AVX2)
+/* The x86_64 backend requires toolchain support for the SysV ABI */
+#if defined(MLK_SYS_X86_64_AVX2) && defined(MLK_SYSV_ABI_SUPPORTED)
 #include "x86_64/keccak_f1600_x4_avx2.h"
 #endif
 

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/x86_64/keccak_f1600_x4_avx2.h

@@ -24,8 +24,8 @@ static MLK_INLINE int mlk_keccak_f1600_x4_native(uint64_t *state)
     return MLK_NATIVE_FUNC_FALLBACK;
   }
 
-  mlk_keccak_f1600_x4_avx2(state, mlk_keccakf1600_round_constants,
-                           mlk_keccak_rho8, mlk_keccak_rho56);
+  mlk_keccak_f1600_x4_avx2_asm(state, mlk_keccakf1600_round_constants,
+                               mlk_keccak_rho8, mlk_keccak_rho56);
   return MLK_NATIVE_FUNC_SUCCESS;
 }
 #endif /* !__ASSEMBLER__ */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/x86_64/src/fips202_native_x86_64.h

@@ -17,19 +17,22 @@
 
 #define mlk_keccakf1600_round_constants \
   MLK_NAMESPACE(keccakf1600_round_constants)
-extern const uint64_t mlk_keccakf1600_round_constants[];
+MLK_INTERNAL_DATA_DECLARATION const uint64_t
+    mlk_keccakf1600_round_constants[24];
 
 #define mlk_keccak_rho8 MLK_NAMESPACE(keccak_rho8)
-extern const uint64_t mlk_keccak_rho8[];
+MLK_INTERNAL_DATA_DECLARATION const uint64_t mlk_keccak_rho8[4];
 
 #define mlk_keccak_rho56 MLK_NAMESPACE(keccak_rho56)
-extern const uint64_t mlk_keccak_rho56[];
+MLK_INTERNAL_DATA_DECLARATION const uint64_t mlk_keccak_rho56[4];
 
-#define mlk_keccak_f1600_x4_avx2 MLK_NAMESPACE(keccak_f1600_x4_avx2)
-void mlk_keccak_f1600_x4_avx2(uint64_t states[100], const uint64_t rc[24],
-                              const uint64_t rho8[4], const uint64_t rho56[4])
+#define mlk_keccak_f1600_x4_avx2_asm MLK_NAMESPACE(keccak_f1600_x4_avx2_asm)
+MLK_SYSV_ABI
+void mlk_keccak_f1600_x4_avx2_asm(uint64_t states[100], const uint64_t rc[24],
+                                  const uint64_t rho8[4],
+                                  const uint64_t rho56[4])
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/keccak_f1600_x4_avx2.ml */
+ * in proofs/hol_light/x86_64/proofs/keccak_f1600_x4_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(states, sizeof(uint64_t) * 25 * 4))
   requires(rc == mlk_keccakf1600_round_constants)

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/x86_64/src/{keccak_f1600_x4_avx2.S → keccak_f1600_x4_avx2_asm.S}

@@ -9,21 +9,19 @@
 
 /*
  * WARNING: This file is auto-derived from the mlkem-native source file
- *   dev/fips202/x86_64/src/keccak_f1600_x4_avx2.S using scripts/simpasm. Do not modify it directly.
+ *   dev/fips202/x86_64/src/keccak_f1600_x4_avx2_asm.S using scripts/simpasm. Do not modify it directly.
  */
 
-#if defined(__ELF__)
-.section .note.GNU-stack,"",@progbits
-#endif
-
 .text
 .balign 4
-.global MLK_ASM_NAMESPACE(keccak_f1600_x4_avx2)
-MLK_ASM_FN_SYMBOL(keccak_f1600_x4_avx2)
+.global MLK_ASM_NAMESPACE(keccak_f1600_x4_avx2_asm)
+MLK_ASM_FN_SYMBOL(keccak_f1600_x4_avx2_asm)
 
         .cfi_startproc
+        movq %rsp, %r11
+        .cfi_def_cfa_register %r11
+        andq $-0x20, %rsp
         subq $0x300, %rsp            # imm = 0x300
-        .cfi_adjust_cfa_offset 0x300
         vmovdqu (%rdi), %ymm0
         vmovdqu 0xc8(%rdi), %ymm3
         vmovdqu 0x190(%rdi), %ymm1
@@ -441,11 +439,15 @@ LLkeccak_f1600_x4_avx2:
         vmovhpd %xmm3, 0x188(%rdi)
         vmovq %xmm15, 0x250(%rdi)
         vmovhpd %xmm15, 0x318(%rdi)
-        addq $0x300, %rsp            # imm = 0x300
-        .cfi_adjust_cfa_offset -0x300
+        movq %r11, %rsp
+        .cfi_def_cfa_register %rsp
         retq
         .cfi_endproc
 
-MLK_ASM_FN_SIZE(keccak_f1600_x4_avx2)
+MLK_ASM_FN_SIZE(keccak_f1600_x4_avx2_asm)
 
 #endif /* MLK_FIPS202_X86_64_NEED_X4_AVX2 && !MLK_CONFIG_MULTILEVEL_NO_SHARED */
+
+#if defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/x86_64/src/keccakf1600_constants.c

@@ -17,25 +17,26 @@
 
 #include "fips202_native_x86_64.h"
 
-MLK_ALIGN const uint64_t mlk_keccakf1600_round_constants[] = {
-    0x0000000000000001, 0x0000000000008082, 0x800000000000808a,
-    0x8000000080008000, 0x000000000000808b, 0x0000000080000001,
-    0x8000000080008081, 0x8000000000008009, 0x000000000000008a,
-    0x0000000000000088, 0x0000000080008009, 0x000000008000000a,
-    0x000000008000808b, 0x800000000000008b, 0x8000000000008089,
-    0x8000000000008003, 0x8000000000008002, 0x8000000000000080,
-    0x000000000000800a, 0x800000008000000a, 0x8000000080008081,
-    0x8000000000008080, 0x0000000080000001, 0x8000000080008008,
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint64_t
+    mlk_keccakf1600_round_constants[24] = {
+        0x0000000000000001, 0x0000000000008082, 0x800000000000808a,
+        0x8000000080008000, 0x000000000000808b, 0x0000000080000001,
+        0x8000000080008081, 0x8000000000008009, 0x000000000000008a,
+        0x0000000000000088, 0x0000000080008009, 0x000000008000000a,
+        0x000000008000808b, 0x800000000000008b, 0x8000000000008089,
+        0x8000000000008003, 0x8000000000008002, 0x8000000000000080,
+        0x000000000000800a, 0x800000008000000a, 0x8000000080008081,
+        0x8000000000008080, 0x0000000080000001, 0x8000000080008008,
 };
 
-MLK_ALIGN const uint64_t mlk_keccak_rho8[] = {
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint64_t mlk_keccak_rho8[4] = {
     0x0605040302010007,
     0x0e0d0c0b0a09080f,
     0x1615141312111017,
     0x1e1d1c1b1a19181f,
 };
 
-MLK_ALIGN const uint64_t mlk_keccak_rho56[] = {
+MLK_ALIGN MLK_INTERNAL_DATA_DEFINITION const uint64_t mlk_keccak_rho56[4] = {
     0x0007060504030201,
     0x080f0e0d0c0b0a09,
     0x1017161514131211,