Make arithmetic and FIPS202 backends independently configurable

Previously, the configuration option MLKEM_USE_NATIVE would guard
whether native backends would be used or not. Specifically, it would
control both the arithmetic backend and the FIPS202 backend.

The specific choice of backend would then be provided through
MLKEM_NATIVE_{ARITH,FIPS202}_BACKEND.

This setup does allow the user to use a native arithmetic backend
but no native FIPS202 backend -- however, it requires a custom config,
since the default config would auto-define MLKEM_NATIVE_FIPS202_BACKEND
when unset -- this cannot be altered through CFLAGS.

To make everything configurable through CFLAGS as well as a custom
config file, this commit explicitly separates MLKEM_USE_NATIVE in
two configurations options

- MLKEM_USE_NATIVE_BACKEND_ARITH
- MLKEM_USE_NATIVE_BACKEND_FIPS202,

which control whether an arithmetic resp. FIPS202 native backend
should be used.

When those options are set, MLKEM_NATIVE_{ARITH,FIPS202}_BACKEND_FILE
must either be unset -- in which case the default backends will be
used -- or point to a backend metadata file.

Signed-off-by: Becker <[email protected]>

Author: Becker

.github/workflows/bench.yml

@@ -43,7 +43,7 @@ jobs:
           name: Arm Cortex-A55 (Snapdragon 888) benchmarks
           bench_pmu: PERF
           archflags: "-mcpu=cortex-a55 -march=armv8.2-a"
-          cflags: "-flto -static -DFORCE_AARCH64 -DMLKEM_NATIVE_FIPS202_BACKEND=\\\\\\\"fips202/native/aarch64/cortex_a55.h\\\\\\\""
+          cflags: "-flto -static -DFORCE_AARCH64 -DMLKEM_NATIVE_FIPS202_BACKEND_FILE=\\\\\\\"fips202/native/aarch64/cortex_a55.h\\\\\\\""
           bench_extra_args: -w exec-on-a55
         - system: bpi
           name: Bananapi bpi-f3 benchmarks

examples/custom_backend/mlkem_native/custom_config.h

@@ -42,58 +42,78 @@
 #define MLKEM_NAMESPACE_PREFIX CUSTOM_TINY_SHA3
 
 /******************************************************************************
- * Name:        MLKEM_USE_NATIVE
+ * Name:        MLKEM_USE_NATIVE_BACKEND_ARITH
  *
- * Description: Determines whether a native backend should
- *              be used, if available.
+ * Description: Determines whether an native arithmetic backend should be used.
+ *
+ *              The arithmetic backend covers performance critical functions
+ *              such as the number-theoretic transform (NTT).
+ *
+ *              If this option is unset, the C backend will be used.
+ *
+ *              If this option is set, the arithmetic backend to be use is
+ *              determined by MLKEM_NATIVE_ARITH_BACKEND: If the latter is
+ *              unset, the default backend for your the target architecture
+ *              will be used. If set, it must be the name of a backend metadata
+ *              file.
  *
  *              This can also be set using CFLAGS.
  *
  *****************************************************************************/
-#define MLKEM_USE_NATIVE
+/* No native arithmetic backend */
+/* #define MLKEM_USE_NATIVE_BACKEND_ARITH */
 
 /******************************************************************************
- * Name:        MLKEM_NATIVE_ARITH_BACKEND
+ * Name:        MLKEM_NATIVE_ARITH_BACKEND_FILE
  *
  * Description: The arithmetic backend to use.
  *
- *              This must be the filename of an arithmetic
- *              backend. The backend is expected to define
- *
- *              - MLKEM_NATIVE_ARITH_BACKEND_NAME
+ *              If MLKEM_USE_NATIVE_BACKEND_ARITH is unset, this option
+ *              is ignored.
  *
- *                The name of the backend as used in the default namespace.
+ *              If MLKEM_USE_NATIVE_BACKEND_ARITH is set, this option must
+ *              either be undefined or the filename of an arithmetic backend.
+ *              If unset, the default backend will be used.
  *
- *              - MLKEM_NATIVE_ARITH_BACKEND_IMPL
- *
- *                The filename of the implementation of the arithmetic backend.
- *
- *              See the existing backends for more information.
+ *              This can be set using CFLAGS.
  *
  *****************************************************************************/
-/* Let's pretend we don't want an arithmetic backend */
-/* #define MLKEM_NATIVE_ARITH_BACKEND "native/default.h" */
+/* #define MLKEM_NATIVE_ARITH_BACKEND_FILE "native/default.h" */
 
 /******************************************************************************
- * Name:        MLKEM_NATIVE_FIPS202_BACKEND
+ * Name:        MLKEM_USE_NATIVE_BACKEND_FIPS202
  *
- * Description: The FIPS-202 backend to use.
+ * Description: Determines whether an native FIPS202 backend should be used.
  *
- *              This must be the filename of an FIPS-202
- *              backend. The backend is expected to define
+ *              The FIPS202 backend covers 1x/2x/4x-fold Keccak-f1600, which is
+ *              the performance bottleneck of SHA3 and SHAKE.
  *
- *              - MLKEM_NATIVE_FIPS202_BACKEND_NAME
+ *              If this option is unset, the C backend will be used.
  *
- *                The name of the backend as used in the default namespace.
+ *              If this option is set, the FIPS202 backend to be use is
+ *              determined by MLKEM_NATIVE_FIPS202_BACKEND: If the latter is
+ *              unset, the default backend for your the target architecture
+ *              will be used. If set, it must be the name of a backend metadata
+ *              file.
  *
- *              - MLKEM_NATIVE_FIPS202_BACKEND_IMPL
+ *              This can also be set using CFLAGS.
+ *
+ *****************************************************************************/
+#define MLKEM_USE_NATIVE_BACKEND_FIPS202
+
+/******************************************************************************
+ * Name:        MLKEM_NATIVE_FIPS202_BACKEND_FILE
+ *
+ * Description: The FIPS-202 backend to use.
  *
- *                The filename of the implementation of the FIPS-202 backend.
+ *              If MLKEM_USE_NATIVE_BACKEND_FIPS202 is set, this option must
+ *              either be undefined or the filename of a FIPS202 backend.
+ *              If unset, the default backend will be used.
  *
- *              See the existing backends for more information.
+ *              This can be set using CFLAGS.
  *
  *****************************************************************************/
-#define MLKEM_NATIVE_FIPS202_BACKEND "fips202/native/custom/custom.h"
+#define MLKEM_NATIVE_FIPS202_BACKEND_FILE "fips202/native/custom/custom.h"
 
 /******************************************************************************
  * Name:        MLKEM_NATIVE_API_STANDARD

examples/monolithic_build/config_512.h

@@ -49,43 +49,86 @@
 #define MLKEM_NAMESPACE_PREFIX mlkem512
 
 /******************************************************************************
- * Name:        MLKEM_USE_NATIVE
+ * Name:        MLKEM_USE_NATIVE_BACKEND_ARITH
  *
- * Description: Determines whether a native backend should
- *              be used, if available.
+ * Description: Determines whether an native arithmetic backend should be used.
+ *
+ *              The arithmetic backend covers performance critical functions
+ *              such as the number-theoretic transform (NTT).
+ *
+ *              If this option is unset, the C backend will be used.
+ *
+ *              If this option is set, the arithmetic backend to be use is
+ *              determined by MLKEM_NATIVE_ARITH_BACKEND: If the latter is
+ *              unset, the default backend for your the target architecture
+ *              will be used. If set, it must be the name of a backend metadata
+ *              file.
  *
  *              This can also be set using CFLAGS.
  *
  *****************************************************************************/
-/* #define MLKEM_USE_NATIVE */
+#if !defined(MLKEM_USE_NATIVE_BACKEND_ARITH)
+/* #define MLKEM_USE_NATIVE_BACKEND_ARITH */
+#endif
 
 /******************************************************************************
- * Name:        MLKEM_NATIVE_ARITH_BACKEND
+ * Name:        MLKEM_NATIVE_ARITH_BACKEND_FILE
  *
  * Description: The arithmetic backend to use.
  *
- *              This must be the filename of an arithmetic backend.
- *              See the existing backends for examples.
+ *              If MLKEM_USE_NATIVE_BACKEND_ARITH is unset, this option
+ *              is ignored.
+ *
+ *              If MLKEM_USE_NATIVE_BACKEND_ARITH is set, this option must
+ *              either be undefined or the filename of an arithmetic backend.
+ *              If unset, the default backend will be used.
  *
  *              This can be set using CFLAGS.
  *
  *****************************************************************************/
-#if defined(MLKEM_USE_NATIVE) && !defined(MLKEM_NATIVE_ARITH_BACKEND)
-#define MLKEM_NATIVE_ARITH_BACKEND "native/default.h"
-#endif /* MLKEM_NATIVE_ARITH_BACKEND */
+#if defined(MLKEM_USE_NATIVE_BACKEND_ARITH) && \
+    !defined(MLKEM_NATIVE_ARITH_BACKEND_FILE)
+#define MLKEM_NATIVE_ARITH_BACKEND_FILE "native/default.h"
+#endif
+
+/******************************************************************************
+ * Name:        MLKEM_USE_NATIVE_BACKEND_FIPS202
+ *
+ * Description: Determines whether an native FIPS202 backend should be used.
+ *
+ *              The FIPS202 backend covers 1x/2x/4x-fold Keccak-f1600, which is
+ *              the performance bottleneck of SHA3 and SHAKE.
+ *
+ *              If this option is unset, the C backend will be used.
+ *
+ *              If this option is set, the FIPS202 backend to be use is
+ *              determined by MLKEM_NATIVE_FIPS202_BACKEND: If the latter is
+ *              unset, the default backend for your the target architecture
+ *              will be used. If set, it must be the name of a backend metadata
+ *              file.
+ *
+ *              This can also be set using CFLAGS.
+ *
+ *****************************************************************************/
+#if !defined(MLKEM_USE_NATIVE_BACKEND_FIPS202)
+/* #define MLKEM_USE_NATIVE_BACKEND_FIPS202 */
+#endif
 
 /******************************************************************************
- * Name:        MLKEM_NATIVE_FIPS202_BACKEND
+ * Name:        MLKEM_NATIVE_FIPS202_BACKEND_FILE
  *
  * Description: The FIPS-202 backend to use.
  *
- *              This must be the filename of an FIPS-202 backend.
+ *              If MLKEM_USE_NATIVE_BACKEND_FIPS202 is set, this option must
+ *              either be undefined or the filename of a FIPS202 backend.
+ *              If unset, the default backend will be used.
  *
  *              This can be set using CFLAGS.
  *
  *****************************************************************************/
-#if defined(MLKEM_USE_NATIVE) && !defined(MLKEM_NATIVE_FIPS202_BACKEND)
-#define MLKEM_NATIVE_FIPS202_BACKEND "fips202/native/default.h"
-#endif /* MLKEM_NATIVE_FIPS202_BACKEND */
+#if defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) && \
+    !defined(MLKEM_NATIVE_FIPS202_BACKEND_FILE)
+#define MLKEM_NATIVE_FIPS202_BACKEND_FILE "fips202/native/default.h"
+#endif
 
 #endif /* MLkEM_NATIVE_CONFIG_H */

examples/monolithic_build/mlkem_native_monobuild.c

@@ -117,8 +117,8 @@
 #endif
 
 /* mlkem/config.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND)
-#undef MLKEM_NATIVE_ARITH_BACKEND
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_FILE)
+#undef MLKEM_NATIVE_ARITH_BACKEND_FILE
 #endif
 
 /* mlkem/config.h */
@@ -127,8 +127,8 @@
 #endif
 
 /* mlkem/config.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND)
-#undef MLKEM_NATIVE_FIPS202_BACKEND
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_FILE)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_FILE
 #endif
 
 /* mlkem/indcpa.c */

examples/monolithic_build_multilevel/config_1024.h

@@ -50,43 +50,69 @@
 #define MLKEM_NAMESPACE_PREFIX_ADD_LEVEL
 
 /******************************************************************************
- * Name:        MLKEM_USE_NATIVE
+ * Name:        MLKEM_USE_NATIVE_BACKEND_ARITH
  *
- * Description: Determines whether a native backend should
- *              be used, if available.
+ * Description: Determines whether an native arithmetic backend should be used.
+ *
+ *              The arithmetic backend covers performance critical functions
+ *              such as the number-theoretic transform (NTT).
+ *
+ *              If this option is unset, the C backend will be used.
+ *
+ *              If this option is set, the arithmetic backend to be use is
+ *              determined by MLKEM_NATIVE_ARITH_BACKEND: If the latter is
+ *              unset, the default backend for your the target architecture
+ *              will be used. If set, it must be the name of a backend metadata
+ *              file.
  *
  *              This can also be set using CFLAGS.
  *
  *****************************************************************************/
-/* #define MLKEM_USE_NATIVE */
+#if !defined(MLKEM_USE_NATIVE_BACKEND_ARITH)
+/* #define MLKEM_USE_NATIVE_BACKEND_ARITH */
+#endif
 
 /******************************************************************************
- * Name:        MLKEM_NATIVE_ARITH_BACKEND
+ * Name:        MLKEM_NATIVE_ARITH_BACKEND_FILE
  *
  * Description: The arithmetic backend to use.
  *
- *              This must be the filename of an arithmetic backend.
- *              See the existing backends for examples.
+ *              If MLKEM_USE_NATIVE_BACKEND_ARITH is unset, this option
+ *              is ignored.
+ *
+ *              If MLKEM_USE_NATIVE_BACKEND_ARITH is set, this option must
+ *              either be undefined or the filename of an arithmetic backend.
+ *              If unset, the default backend will be used.
  *
  *              This can be set using CFLAGS.
  *
  *****************************************************************************/
-#if defined(MLKEM_USE_NATIVE) && !defined(MLKEM_NATIVE_ARITH_BACKEND)
-#define MLKEM_NATIVE_ARITH_BACKEND "native/default.h"
-#endif /* MLKEM_NATIVE_ARITH_BACKEND */
+#if defined(MLKEM_USE_NATIVE_BACKEND_ARITH) && \
+    !defined(MLKEM_NATIVE_ARITH_BACKEND_FILE)
+#define MLKEM_NATIVE_ARITH_BACKEND_FILE "native/default.h"
+#endif
 
 /******************************************************************************
- * Name:        MLKEM_NATIVE_FIPS202_BACKEND
+ * Name:        MLKEM_USE_NATIVE_BACKEND_FIPS202
  *
- * Description: The FIPS-202 backend to use.
+ * Description: Determines whether an native FIPS202 backend should be used.
  *
- *              This must be the filename of an FIPS-202 backend.
+ *              The FIPS202 backend covers 1x/2x/4x-fold Keccak-f1600, which is
+ *              the performance bottleneck of SHA3 and SHAKE.
  *
- *              This can be set using CFLAGS.
+ *              If this option is unset, the C backend will be used.
+ *
+ *              If this option is set, the FIPS202 backend to be use is
+ *              determined by MLKEM_NATIVE_FIPS202_BACKEND: If the latter is
+ *              unset, the default backend for your the target architecture
+ *              will be used. If set, it must be the name of a backend metadata
+ *              file.
+ *
+ *              This can also be set using CFLAGS.
  *
  *****************************************************************************/
-#if defined(MLKEM_USE_NATIVE) && !defined(MLKEM_NATIVE_FIPS202_BACKEND)
-#define MLKEM_NATIVE_FIPS202_BACKEND "fips202/native/default.h"
-#endif /* MLKEM_NATIVE_FIPS202_BACKEND */
+#if !defined(MLKEM_USE_NATIVE_BACKEND_FIPS202)
+/* #define MLKEM_USE_NATIVE_BACKEND_FIPS202 */
+#endif
 
 #endif /* MLkEM_NATIVE_CONFIG_H */