Re: [PATCH] crypto: ecc - Optimize vli additive operations using compiler builtins

Next message: Markus Schneider-Pargmann (TI): "[PATCH v6 05/11] arm64: dts: ti: k3-am62p5-sk: Fix wkup R5F memory region size"
Previous message: Jason Gunthorpe: "Re: [PATCH next] drivers/infiniband/hw/mlx5/data_direct: Use strscpy() to copy strings into arrays"
Next in thread: Fabian: "Re: [PATCH] crypto: ecc - Optimize vli additive operations using compiler builtins"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Stefan Berger

Date: Tue Jun 09 2026 - 15:03:05 EST

On 6/7/26 7:24 AM, Fabian Blatter wrote:

Replace the software carry flag emulation with compiler builtins.

Even the newest compilers struggle with taking advantage of the
hardware carry flag. Compiler builtins allow the compiler to
much more easily achieve this while still remaining constant-time.

It looks like you made vli_usub and vli_uadd constant-time now because otherwise the loops could be ended early once borrow == 0 or carry == 0 respectively. Are all the other functions that operate on the private keys constant-time?