clang 20.0.0git
Macros | Functions
keylockerintrin.h File Reference

Go to the source code of this file.

Macros

#define __DEFAULT_FN_ATTRS
 
#define __DEFAULT_FN_ATTRS
 

Functions

static __inline__ void __DEFAULT_FN_ATTRS _mm_loadiwkey (unsigned int __ctl, __m128i __intkey, __m128i __enkey_lo, __m128i __enkey_hi)
 Load internal wrapping key from __intkey, __enkey_lo and __enkey_hi.
 
static __inline__ unsigned int __DEFAULT_FN_ATTRS _mm_encodekey128_u32 (unsigned int __htype, __m128i __key, void *__h)
 Wrap a 128-bit AES key from __key into a key handle and output in ((__m128i*)__h) to ((__m128i*)__h) + 2 and a 32-bit value as return.
 
static __inline__ unsigned int __DEFAULT_FN_ATTRS _mm_encodekey256_u32 (unsigned int __htype, __m128i __key_lo, __m128i __key_hi, void *__h)
 Wrap a 256-bit AES key from __key_hi:__key_lo into a key handle, then output handle in ((__m128i*)__h) to ((__m128i*)__h) + 3 and a 32-bit value as return.
 
static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesenc128kl_u8 (__m128i *__odata, __m128i __idata, const void *__h)
 The AESENC128KL performs 10 rounds of AES to encrypt the __idata using the 128-bit key in the handle from the __h.
 
static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesenc256kl_u8 (__m128i *__odata, __m128i __idata, const void *__h)
 The AESENC256KL performs 14 rounds of AES to encrypt the __idata using the 256-bit key in the handle from the __h.
 
static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesdec128kl_u8 (__m128i *__odata, __m128i __idata, const void *__h)
 The AESDEC128KL performs 10 rounds of AES to decrypt the __idata using the 128-bit key in the handle from the __h.
 
static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesdec256kl_u8 (__m128i *__odata, __m128i __idata, const void *__h)
 The AESDEC256KL performs 10 rounds of AES to decrypt the __idata using the 256-bit key in the handle from the __h.
 
static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesencwide128kl_u8 (__m128i __odata[8], const __m128i __idata[8], const void *__h)
 Encrypt __idata[0] to __idata[7] using 128-bit AES key indicated by handle at __h and store each resultant block back from __odata to __odata+7.
 
static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesencwide256kl_u8 (__m128i __odata[8], const __m128i __idata[8], const void *__h)
 Encrypt __idata[0] to __idata[7] using 256-bit AES key indicated by handle at __h and store each resultant block back from __odata to __odata+7.
 
static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesdecwide128kl_u8 (__m128i __odata[8], const __m128i __idata[8], const void *__h)
 Decrypt __idata[0] to __idata[7] using 128-bit AES key indicated by handle at __h and store each resultant block back from __odata to __odata+7.
 
static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesdecwide256kl_u8 (__m128i __odata[8], const __m128i __idata[8], const void *__h)
 Decrypt __idata[0] to __idata[7] using 256-bit AES key indicated by handle at __h and store each resultant block back from __odata to __odata+7.
 

Macro Definition Documentation

◆ __DEFAULT_FN_ATTRS [1/2]

#define __DEFAULT_FN_ATTRS
Value:
__attribute__((__always_inline__, __nodebug__, __target__("kl"),\
__min_vector_width__(128)))
_Float16 __2f16 __attribute__((ext_vector_type(2)))
Zeroes the upper 128 bits (bits 255:128) of all YMM registers.

Definition at line 334 of file keylockerintrin.h.

◆ __DEFAULT_FN_ATTRS [2/2]

#define __DEFAULT_FN_ATTRS
Value:
__attribute__((__always_inline__, __nodebug__, __target__("kl,widekl"),\
__min_vector_width__(128)))

Definition at line 334 of file keylockerintrin.h.

Function Documentation

◆ _mm_aesdec128kl_u8()

static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesdec128kl_u8 ( __m128i *  __odata,
__m128i  __idata,
const void *  __h 
)
static

The AESDEC128KL performs 10 rounds of AES to decrypt the __idata using the 128-bit key in the handle from the __h.

It stores the result in the __odata. And return the affected ZF flag status.

This intrinsic corresponds to the AESDEC128KL instructions.

Handle[383:0] := MEM[__h+383:__h] // Load is not guaranteed to be atomic.
IllegalHandle := (HandleReservedBitSet (Handle[383:0]) ||
(Handle[127:0] AND (CPL > 0)) ||
Handle[383:256] ||
HandleKeyType (Handle[383:0]) != HANDLE_KEY_TYPE_AES128)
IF (IllegalHandle)
ZF := 1
MEM[__odata+127:__odata] := 0
ELSE
(UnwrappedKey, Authentic) := UnwrapKeyAndAuthenticate384 (Handle[383:0], IWKey)
IF (Authentic == 0)
ZF := 1
MEM[__odata+127:__odata] := 0
ELSE
MEM[__odata+127:__odata] := AES128Decrypt (__idata[127:0], UnwrappedKey)
ZF := 0
FI
FI
dst := ZF
OF := 0
SF := 0
AF := 0
PF := 0
CF := 0

Definition at line 284 of file keylockerintrin.h.

◆ _mm_aesdec256kl_u8()

static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesdec256kl_u8 ( __m128i *  __odata,
__m128i  __idata,
const void *  __h 
)
static

The AESDEC256KL performs 10 rounds of AES to decrypt the __idata using the 256-bit key in the handle from the __h.

It stores the result in the __odata. And return the affected ZF flag status.

This intrinsic corresponds to the AESDEC256KL instructions.

Handle[511:0] := MEM[__h+511:__h]
IllegalHandle := (HandleReservedBitSet (Handle[511:0]) ||
(Handle[127:0] AND (CPL > 0)) ||
Handle[383:256] ||
HandleKeyType (Handle[511:0]) != HANDLE_KEY_TYPE_AES256)
IF (IllegalHandle)
ZF := 1
MEM[__odata+127:__odata] := 0
ELSE
(UnwrappedKey, Authentic) := UnwrapKeyAndAuthenticate512 (Handle[511:0], IWKey)
IF (Authentic == 0)
ZF := 1
MEM[__odata+127:__odata] := 0
ELSE
MEM[__odata+127:__odata] := AES256Decrypt (__idata[127:0], UnwrappedKey)
ZF := 0
FI
FI
dst := ZF
OF := 0
SF := 0
AF := 0
PF := 0
CF := 0

Definition at line 323 of file keylockerintrin.h.

◆ _mm_aesdecwide128kl_u8()

static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesdecwide128kl_u8 ( __m128i  __odata[8],
const __m128i  __idata[8],
const void *  __h 
)
static

Decrypt __idata[0] to __idata[7] using 128-bit AES key indicated by handle at __h and store each resultant block back from __odata to __odata+7.

And return the affected ZF flag status.

This intrinsic corresponds to the AESDECWIDE128KL instructions.

Handle[383:0] := MEM[__h+383:__h]
IllegalHandle := ( HandleReservedBitSet (Handle[383:0]) ||
(Handle[127:0] AND (CPL > 0)) ||
Handle[255:128] ||
HandleKeyType (Handle) != HANDLE_KEY_TYPE_AES128 )
IF (IllegalHandle)
ZF := 1
FOR i := 0 to 7
__odata[i] := 0
ENDFOR
ELSE
(UnwrappedKey, Authentic) := UnwrapKeyAndAuthenticate384 (Handle[383:0], IWKey)
IF Authentic == 0
ZF := 1
FOR i := 0 to 7
__odata[i] := 0
ENDFOR
ELSE
FOR i := 0 to 7
__odata[i] := AES128Decrypt (__idata[i], UnwrappedKey)
ENDFOR
ZF := 0
FI
FI
dst := ZF
OF := 0
SF := 0
AF := 0
PF := 0
CF := 0

Definition at line 471 of file keylockerintrin.h.

◆ _mm_aesdecwide256kl_u8()

static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesdecwide256kl_u8 ( __m128i  __odata[8],
const __m128i  __idata[8],
const void *  __h 
)
static

Decrypt __idata[0] to __idata[7] using 256-bit AES key indicated by handle at __h and store each resultant block back from __odata to __odata+7.

And return the affected ZF flag status.

This intrinsic corresponds to the AESDECWIDE256KL instructions.

Handle[511:0] := MEM[__h+511:__h]
IllegalHandle = ( HandleReservedBitSet (Handle[511:0]) ||
(Handle[127:0] AND (CPL > 0)) ||
Handle[255:128] ||
HandleKeyType (Handle) != HANDLE_KEY_TYPE_AES512 )
If (IllegalHandle)
ZF := 1
FOR i := 0 to 7
__odata[i] := 0
ENDFOR
ELSE
(UnwrappedKey, Authentic) := UnwrapKeyAndAuthenticate512 (Handle[511:0], IWKey)
IF Authentic == 0
ZF := 1
FOR i := 0 to 7
__odata[i] := 0
ENDFOR
ELSE
FOR i := 0 to 7
__odata[i] := AES256Decrypt (__idata[i], UnwrappedKey)
ENDFOR
ZF := 0
FI
FI
dst := ZF
OF := 0
SF := 0
AF := 0
PF := 0
CF := 0

Definition at line 517 of file keylockerintrin.h.

◆ _mm_aesenc128kl_u8()

static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesenc128kl_u8 ( __m128i *  __odata,
__m128i  __idata,
const void *  __h 
)
static

The AESENC128KL performs 10 rounds of AES to encrypt the __idata using the 128-bit key in the handle from the __h.

It stores the result in the __odata. And return the affected ZF flag status.

This intrinsic corresponds to the AESENC128KL instructions.

Handle[383:0] := MEM[__h+383:__h] // Load is not guaranteed to be atomic.
IllegalHandle := ( HandleReservedBitSet (Handle[383:0]) ||
(Handle[127:0] AND (CPL > 0)) ||
Handle[383:256] ||
HandleKeyType (Handle[383:0]) != HANDLE_KEY_TYPE_AES128 )
IF (IllegalHandle)
ZF := 1
ELSE
(UnwrappedKey, Authentic) := UnwrapKeyAndAuthenticate384 (Handle[383:0], IWKey)
IF (Authentic == 0)
ZF := 1
ELSE
MEM[__odata+127:__odata] := AES128Encrypt (__idata[127:0], UnwrappedKey)
ZF := 0
FI
FI
dst := ZF
OF := 0
SF := 0
AF := 0
PF := 0
CF := 0

Definition at line 206 of file keylockerintrin.h.

◆ _mm_aesenc256kl_u8()

static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesenc256kl_u8 ( __m128i *  __odata,
__m128i  __idata,
const void *  __h 
)
static

The AESENC256KL performs 14 rounds of AES to encrypt the __idata using the 256-bit key in the handle from the __h.

It stores the result in the __odata. And return the affected ZF flag status.

This intrinsic corresponds to the AESENC256KL instructions.

Handle[511:0] := MEM[__h+511:__h] // Load is not guaranteed to be atomic.
IllegalHandle := ( HandleReservedBitSet (Handle[511:0]) ||
(Handle[127:0] AND (CPL > 0)) ||
Handle[255:128] ||
HandleKeyType (Handle[511:0]) != HANDLE_KEY_TYPE_AES256 )
IF (IllegalHandle)
ZF := 1
MEM[__odata+127:__odata] := 0
ELSE
(UnwrappedKey, Authentic) := UnwrapKeyAndAuthenticate512 (Handle[511:0], IWKey)
IF (Authentic == 0)
ZF := 1
MEM[__odata+127:__odata] := 0
ELSE
MEM[__odata+127:__odata] := AES256Encrypt (__idata[127:0], UnwrappedKey)
ZF := 0
FI
FI
dst := ZF
OF := 0
SF := 0
AF := 0
PF := 0
CF := 0

Definition at line 245 of file keylockerintrin.h.

◆ _mm_aesencwide128kl_u8()

static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesencwide128kl_u8 ( __m128i  __odata[8],
const __m128i  __idata[8],
const void *  __h 
)
static

Encrypt __idata[0] to __idata[7] using 128-bit AES key indicated by handle at __h and store each resultant block back from __odata to __odata+7.

And return the affected ZF flag status.

This intrinsic corresponds to the AESENCWIDE128KL instructions.

Handle := MEM[__h+383:__h]
IllegalHandle := ( HandleReservedBitSet (Handle[383:0]) ||
(Handle[127:0] AND (CPL > 0)) ||
Handle[255:128] ||
HandleKeyType (Handle[383:0]) != HANDLE_KEY_TYPE_AES128 )
IF (IllegalHandle)
ZF := 1
FOR i := 0 to 7
__odata[i] := 0
ENDFOR
ELSE
(UnwrappedKey, Authentic) := UnwrapKeyAndAuthenticate384 (Handle[383:0], IWKey)
IF Authentic == 0
ZF := 1
FOR i := 0 to 7
__odata[i] := 0
ENDFOR
ELSE
FOR i := 0 to 7
__odata[i] := AES128Encrypt (__idata[i], UnwrappedKey)
ENDFOR
ZF := 0
FI
FI
dst := ZF
OF := 0
SF := 0
AF := 0
PF := 0
CF := 0

Definition at line 379 of file keylockerintrin.h.

◆ _mm_aesencwide256kl_u8()

static __inline__ unsigned char __DEFAULT_FN_ATTRS _mm_aesencwide256kl_u8 ( __m128i  __odata[8],
const __m128i  __idata[8],
const void *  __h 
)
static

Encrypt __idata[0] to __idata[7] using 256-bit AES key indicated by handle at __h and store each resultant block back from __odata to __odata+7.

And return the affected ZF flag status.

This intrinsic corresponds to the AESENCWIDE256KL instructions.

Handle[511:0] := MEM[__h+511:__h]
IllegalHandle := ( HandleReservedBitSet (Handle[511:0]) ||
(Handle[127:0] AND (CPL > 0)) ||
Handle[255:128] ||
HandleKeyType (Handle[511:0]) != HANDLE_KEY_TYPE_AES512 )
IF (IllegalHandle)
ZF := 1
FOR i := 0 to 7
__odata[i] := 0
ENDFOR
ELSE
(UnwrappedKey, Authentic) := UnwrapKeyAndAuthenticate512 (Handle[511:0], IWKey)
IF Authentic == 0
ZF := 1
FOR i := 0 to 7
__odata[i] := 0
ENDFOR
ELSE
FOR i := 0 to 7
__odata[i] := AES256Encrypt (__idata[i], UnwrappedKey)
ENDFOR
ZF := 0
FI
FI
dst := ZF
OF := 0
SF := 0
AF := 0
PF := 0
CF := 0

Definition at line 425 of file keylockerintrin.h.

◆ _mm_encodekey128_u32()

static __inline__ unsigned int __DEFAULT_FN_ATTRS _mm_encodekey128_u32 ( unsigned int  __htype,
__m128i  __key,
void *  __h 
)
static

Wrap a 128-bit AES key from __key into a key handle and output in ((__m128i*)__h) to ((__m128i*)__h) + 2 and a 32-bit value as return.

The explicit source operand __htype specifies handle restrictions.

This intrinsic corresponds to the ENCODEKEY128 instructions.

InputKey[127:0] := __key[127:0]
KeyMetadata[2:0] := __htype[2:0]
KeyMetadata[23:3] := 0 // Reserved for future usage
KeyMetadata[27:24] := 0 // KeyType is AES-128 (value of 0)
KeyMetadata[127:28] := 0 // Reserved for future usage
Handle[383:0] := WrapKey128(InputKey[127:0], KeyMetadata[127:0],
IWKey.Integrity Key[127:0], IWKey.Encryption Key[255:0])
dst[0] := IWKey.NoBackup
dst[4:1] := IWKey.KeySource[3:0]
dst[31:5] := 0
MEM[__h+127:__h] := Handle[127:0] // AAD
MEM[__h+255:__h+128] := Handle[255:128] // Integrity Tag
MEM[__h+383:__h+256] := Handle[383:256] // CipherText
OF := 0
SF := 0
ZF := 0
AF := 0
PF := 0
CF := 0

Definition at line 130 of file keylockerintrin.h.

◆ _mm_encodekey256_u32()

static __inline__ unsigned int __DEFAULT_FN_ATTRS _mm_encodekey256_u32 ( unsigned int  __htype,
__m128i  __key_lo,
__m128i  __key_hi,
void *  __h 
)
static

Wrap a 256-bit AES key from __key_hi:__key_lo into a key handle, then output handle in ((__m128i*)__h) to ((__m128i*)__h) + 3 and a 32-bit value as return.

The explicit source operand __htype specifies handle restrictions.

This intrinsic corresponds to the ENCODEKEY256 instructions.

InputKey[127:0] := __key_lo[127:0]
InputKey[255:128] := __key_hi[255:128]
KeyMetadata[2:0] := __htype[2:0]
KeyMetadata[23:3] := 0 // Reserved for future usage
KeyMetadata[27:24] := 1 // KeyType is AES-256 (value of 1)
KeyMetadata[127:28] := 0 // Reserved for future usage
Handle[511:0] := WrapKey256(InputKey[255:0], KeyMetadata[127:0],
IWKey.Integrity Key[127:0], IWKey.Encryption Key[255:0])
dst[0] := IWKey.NoBackup
dst[4:1] := IWKey.KeySource[3:0]
dst[31:5] := 0
MEM[__h+127:__h] := Handle[127:0] // AAD
MEM[__h+255:__h+128] := Handle[255:128] // Tag
MEM[__h+383:__h+256] := Handle[383:256] // CipherText[127:0]
MEM[__h+511:__h+384] := Handle[511:384] // CipherText[255:128]
OF := 0
SF := 0
ZF := 0
AF := 0
PF := 0
CF := 0

Definition at line 167 of file keylockerintrin.h.

◆ _mm_loadiwkey()

static __inline__ void __DEFAULT_FN_ATTRS _mm_loadiwkey ( unsigned int  __ctl,
__m128i  __intkey,
__m128i  __enkey_lo,
__m128i  __enkey_hi 
)
static

Load internal wrapping key from __intkey, __enkey_lo and __enkey_hi.

__ctl will assigned to EAX, whch specifies the KeySource and whether backing up the key is permitted. The 256-bit encryption key is loaded from the two explicit operands (__enkey_lo and __enkey_hi). The 128-bit integrity key is loaded from the implicit operand XMM0 which assigned by __intkey.

This intrinsic corresponds to the LOADIWKEY instructions.

IF CPL > 0 // LOADKWKEY only allowed at ring 0 (supervisor mode)
GP (0)
FI
IF “LOADIWKEY exiting” VM execution control set
VMexit
FI
IF __ctl[4:1] > 1 // Reserved KeySource encoding used
GP (0)
FI
IF __ctl[31:5] != 0 // Reserved bit in __ctl is set
GP (0)
FI
IF __ctl[0] AND (CPUID.19H.ECX[0] == 0) // NoBackup is not supported on this part
GP (0)
FI
IF (__ctl[4:1] == 1) AND (CPUID.19H.ECX[1] == 0) // KeySource of 1 is not supported on this part
GP (0)
FI
IF (__ctl[4:1] == 0) // KeySource of 0.
IWKey.Encryption Key[127:0] := __enkey_hi[127:0]:
IWKey.Encryption Key[255:128] := __enkey_lo[127:0]
IWKey.IntegrityKey[127:0] := __intkey[127:0]
IWKey.NoBackup := __ctl[0]
IWKey.KeySource := __ctl[4:1]
ZF := 0
ELSE // KeySource of 1. See RDSEED definition for details of randomness
IF HW_NRND_GEN.ready == 1 // Full-entropy random data from RDSEED was received
IWKey.Encryption Key[127:0] := __enkey_hi[127:0] XOR HW_NRND_GEN.data[127:0]
IWKey.Encryption Key[255:128] := __enkey_lo[127:0] XOR HW_NRND_GEN.data[255:128]
IWKey.Encryption Key[255:0] := __enkey_hi[127:0]:__enkey_lo[127:0] XOR HW_NRND_GEN.data[255:0]
IWKey.IntegrityKey[127:0] := __intkey[127:0] XOR HW_NRND_GEN.data[383:256]
IWKey.NoBackup := __ctl[0]
IWKey.KeySource := __ctl[4:1]
ZF := 0
ELSE // Random data was not returned from RDSEED. IWKey was not loaded
ZF := 1
FI
FI
dst := ZF
OF := 0
SF := 0
AF := 0
PF := 0
CF := 0

Definition at line 95 of file keylockerintrin.h.