Skip to content

Add FIPS202 backend for Armv8.1-M+MVE #1224

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 11 commits into
base: main
Choose a base branch
from
Open

Add FIPS202 backend for Armv8.1-M+MVE #1224

wants to merge 11 commits into from

Conversation

bremoran
Copy link

@bremoran bremoran commented Oct 9, 2025

Based on #1220 and on pq-code-package/mldsa-native#462

This PR adds initial support for x4 keccak on armv8.1-m targets.

willieyz and others added 8 commits October 8, 2025 14:34
@willieyz
Build: Add separate LDFLAGS
a8c2eb2 
Signed-off-by: willieyz <[email protected]>
@willieyz
Build: Add EXTRA_MAKEFILE and EXTRA_SOURCES arguments
e26550f 
- When EXTRA_MAKEFILE is passed, it will be included at the start of
  the main Makefile.
  This can be used to configure builds requiring a large number of
  flags (e.g., baremetal builds).

- `EXTRA_SOURCES` can be passed to compile and link additional sources,
   e.g., platform files for baremetal builds.

Signed-off-by: willieyz <[email protected]>
@willieyz
CI: Remove additional_packages inputs from bench_ec2_any.yml
f78075a 
- This commit remove `additional_packages` to get down to max 10 Github
  limits the number of inputs for a workflow_dispatch event to 10.

- We currently have 11 for bench_ec2_any.yml. This removes the
  additional_packages inputs that is never used in our CI.

Signed-off-by: willieyz <[email protected]>
@willieyz
ACVP tests: Add missing EXEC_WRAPPER
b866da6 
`run_acvp` currently does not respect the `EXEC_WRAPPER`
preventing running ACVP tests, e.g., on baremetal targets.

Signed-off-by: willieyz <[email protected]>
@willieyz
Nix: Add a baremetal shell (arm-embedded)
c559c8e 
- This commits adds a new shell: arm-embedded for baremetal targets.

- It includes arm-none-eabi-gcc, qemu, and platform support files from
pqmx (currently limited to the MPS3 AN547 Cortex-M55).

Signed-off-by: willieyz <[email protected]>
@willieyz
Baremetal: Add support for MPS3 AN547 (Cortex-M55) builds
d7dcf73 
- This adds support for testing on the MPS3 AN547 platform in qemu.
- Tests can be excuted using
`EXTRA_MAKEFILE=test/baremetal/platform/m55-an547/platform.mk --no-auto tests all`

- Platform sources (hal, ld script, semihosting) are taken from pqmx.

- `baremetal/platform/m55-an547/platform.mk` sets the required flags
  and other build configuration.

- `test/baremetal/platform/m55-an547/exec_wrapper.py` handles passing
  inputs to the tests (e.g., required for the ACVP tests).

Signed-off-by: willieyz <[email protected]>
@willieyz
CI: Add Baremetal CI
6705b2e 
- Adds CI to exercise the MPS3 AN547 (Cortex-M55) baremetal builds.
- It includes functional tests, KAT tests, and ACVP tests.

Signed-off-by: willieyz <[email protected]>
@bremoran
Add initial commit of armv8.1-m MVE accelerated x4 batched keccak; im…
9c4293d 
…ported from mldsa-native

Signed-off-by: Brendan Moran <[email protected]>
@bremoran bremoran requested a review from a team as a code owner October 9, 2025 14:26
@hanno-becker hanno-becker changed the title Armv8.1 m native Add FIPS202 backend for Armv8.1-M+MVE Oct 10, 2025
@hanno-becker hanno-becker added enhancement New feature or request MVE Relating to Armv8.1-M+MVE architecture labels Oct 10, 2025
@bremoran
Fix compilation & linker errors
3fc966d 
Signed-off-by: Brendan Moran <[email protected]>
@bremoran
Fix linting errors
56016d1 
Signed-off-by: Brendan Moran <[email protected]>
@bremoran
fix namespace error
d2ee594 
Signed-off-by: Brendan Moran <[email protected]>
hanno-becker
hanno-becker requested changes Oct 14, 2025
View reviewed changes
Copy link
Contributor

@hanno-becker hanno-becker left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @bremoran for starting the integration of this exciting MVE optimization.

In mlkem-native, we split a) clean code (pre-SLOTHY), b) optimized code (post-SLOTHY), and c) 'raw' assembly, removing all traces of macros, aliases, etc. The transition from a->b is obviously by running SLOTHY, and the transition from b->c is via simpasm, essentially assembly+disassembly.

We should follow the same structure here.

I expect it to be a bit of work to adjust simpasm, but as a first step, could you:

  • Add the clean / pre-SLOTHY source code in dev/armv81m_clean/src
  • Add the optimized / post-SLOTHY source code in dev/armv81m_opt/src
  • Add any scripts you use to run SLOTHY to dev/armv81m_opt/src; it doesn't have to be reproduced in CI yet, but put it in so we can start reviewing and adjusting it to ultimately make it suitable for CI.
  • Add the optimized / post-SLOTHY source code in mlkem/src/native/armv81_m (as is the case now)
  • Extend autogen (ask @mkannwischer potentially) to synchronize dev/armv81m_opt and mlkem/src/native/armv81_m by copy -- @mkannwischer and I will check what needs doing for simpasm to work with Armv8.1-M+MVE, but we should at least have a synchronization-by-copy to begin with.

@bremoran bremoran mentioned this pull request Oct 14, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hanno-becker hanno-becker hanno-becker requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

enhancement New feature or request MVE Relating to Armv8.1-M+MVE architecture

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bremoran @hanno-becker @willieyz