diff options
| author | miod <> | 2016-11-04 17:30:30 +0000 |
|---|---|---|
| committer | miod <> | 2016-11-04 17:30:30 +0000 |
| commit | 723502d9588ba0e1cc08af1b12654917da74d440 (patch) | |
| tree | 77b413175d422148cfb0ef7b2062340230aa5413 /src/lib/libcrypto/aes | |
| parent | 391f8ce21bb7929810460a73e2fde2c80540848d (diff) | |
| download | openbsd-723502d9588ba0e1cc08af1b12654917da74d440.tar.gz openbsd-723502d9588ba0e1cc08af1b12654917da74d440.tar.bz2 openbsd-723502d9588ba0e1cc08af1b12654917da74d440.zip | |
Replace all uses of magic numbers when operating on OPENSSL_ia32_P[] by
meaningful constants in a private header file, so that reviewers can actually
get a chance to figure out what the code is attempting to do without knowing
all cpuid bits.
While there, turn it from an array of two 32-bit ints into a properly aligned
64-bit int.
Use of OPENSSL_ia32_P is now restricted to the assembler parts. C code will
now always use OPENSSL_cpu_caps() and check for the proper bits in the
whole 64-bit word it returns.
i386 tests and ok jsing@
Diffstat (limited to 'src/lib/libcrypto/aes')
| -rw-r--r-- | src/lib/libcrypto/aes/asm/aes-586.pl | 10 | ||||
| -rwxr-xr-x | src/lib/libcrypto/aes/asm/aes-x86_64.pl | 6 | ||||
| -rw-r--r-- | src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl | 7 |
3 files changed, 13 insertions, 10 deletions
diff --git a/src/lib/libcrypto/aes/asm/aes-586.pl b/src/lib/libcrypto/aes/asm/aes-586.pl index aab40e6f1c..3ba8a26eaa 100644 --- a/src/lib/libcrypto/aes/asm/aes-586.pl +++ b/src/lib/libcrypto/aes/asm/aes-586.pl | |||
| @@ -1187,7 +1187,7 @@ sub enclast() | |||
| 1187 | &lea ($tbl,&DWP(2048+128,$tbl,$s1)); | 1187 | &lea ($tbl,&DWP(2048+128,$tbl,$s1)); |
| 1188 | 1188 | ||
| 1189 | if (!$x86only) { | 1189 | if (!$x86only) { |
| 1190 | &bt (&DWP(0,$s0),25); # check for SSE bit | 1190 | &bt (&DWP(0,$s0),"\$IA32CAP_BIT0_SSE"); # check for SSE bit |
| 1191 | &jnc (&label("x86")); | 1191 | &jnc (&label("x86")); |
| 1192 | 1192 | ||
| 1193 | &movq ("mm0",&QWP(0,$acc)); | 1193 | &movq ("mm0",&QWP(0,$acc)); |
| @@ -1976,7 +1976,7 @@ sub declast() | |||
| 1976 | &lea ($tbl,&DWP(2048+128,$tbl,$s1)); | 1976 | &lea ($tbl,&DWP(2048+128,$tbl,$s1)); |
| 1977 | 1977 | ||
| 1978 | if (!$x86only) { | 1978 | if (!$x86only) { |
| 1979 | &bt (&DWP(0,$s0),25); # check for SSE bit | 1979 | &bt (&DWP(0,$s0),"\$IA32CAP_BIT0_SSE"); # check for SSE bit |
| 1980 | &jnc (&label("x86")); | 1980 | &jnc (&label("x86")); |
| 1981 | 1981 | ||
| 1982 | &movq ("mm0",&QWP(0,$acc)); | 1982 | &movq ("mm0",&QWP(0,$acc)); |
| @@ -2054,7 +2054,7 @@ my $mark=&DWP(76+240,"esp"); # copy of aes_key->rounds | |||
| 2054 | &test ($s2,15); | 2054 | &test ($s2,15); |
| 2055 | &jnz (&label("slow_way")); | 2055 | &jnz (&label("slow_way")); |
| 2056 | if (!$x86only) { | 2056 | if (!$x86only) { |
| 2057 | &bt (&DWP(0,$s0),28); # check for hyper-threading bit | 2057 | &bt (&DWP(0,$s0),"\$IA32CAP_BIT0_HT"); # check for hyper-threading bit |
| 2058 | &jc (&label("slow_way")); | 2058 | &jc (&label("slow_way")); |
| 2059 | } | 2059 | } |
| 2060 | # pre-allocate aligned stack frame... | 2060 | # pre-allocate aligned stack frame... |
| @@ -2364,7 +2364,7 @@ my $mark=&DWP(76+240,"esp"); # copy of aes_key->rounds | |||
| 2364 | &jb (&label("slow_enc_tail")); | 2364 | &jb (&label("slow_enc_tail")); |
| 2365 | 2365 | ||
| 2366 | if (!$x86only) { | 2366 | if (!$x86only) { |
| 2367 | &bt ($_tmp,25); # check for SSE bit | 2367 | &bt ($_tmp,"\$IA32CAP_BIT0_SSE"); # check for SSE bit |
| 2368 | &jnc (&label("slow_enc_x86")); | 2368 | &jnc (&label("slow_enc_x86")); |
| 2369 | 2369 | ||
| 2370 | &movq ("mm0",&QWP(0,$key)); # load iv | 2370 | &movq ("mm0",&QWP(0,$key)); # load iv |
| @@ -2479,7 +2479,7 @@ my $mark=&DWP(76+240,"esp"); # copy of aes_key->rounds | |||
| 2479 | #--------------------------- SLOW DECRYPT ---------------------------# | 2479 | #--------------------------- SLOW DECRYPT ---------------------------# |
| 2480 | &set_label("slow_decrypt",16); | 2480 | &set_label("slow_decrypt",16); |
| 2481 | if (!$x86only) { | 2481 | if (!$x86only) { |
| 2482 | &bt ($_tmp,25); # check for SSE bit | 2482 | &bt ($_tmp,"\$IA32CAP_BIT0_SSE"); # check for SSE bit |
| 2483 | &jnc (&label("slow_dec_loop_x86")); | 2483 | &jnc (&label("slow_dec_loop_x86")); |
| 2484 | 2484 | ||
| 2485 | &set_label("slow_dec_loop_sse",4); | 2485 | &set_label("slow_dec_loop_sse",4); |
diff --git a/src/lib/libcrypto/aes/asm/aes-x86_64.pl b/src/lib/libcrypto/aes/asm/aes-x86_64.pl index f75e90ba87..c37fd55648 100755 --- a/src/lib/libcrypto/aes/asm/aes-x86_64.pl +++ b/src/lib/libcrypto/aes/asm/aes-x86_64.pl | |||
| @@ -1655,6 +1655,7 @@ $code.=<<___; | |||
| 1655 | .type AES_cbc_encrypt,\@function,6 | 1655 | .type AES_cbc_encrypt,\@function,6 |
| 1656 | .align 16 | 1656 | .align 16 |
| 1657 | .extern OPENSSL_ia32cap_P | 1657 | .extern OPENSSL_ia32cap_P |
| 1658 | .hidden OPENSSL_ia32cap_P | ||
| 1658 | .globl asm_AES_cbc_encrypt | 1659 | .globl asm_AES_cbc_encrypt |
| 1659 | .hidden asm_AES_cbc_encrypt | 1660 | .hidden asm_AES_cbc_encrypt |
| 1660 | asm_AES_cbc_encrypt: | 1661 | asm_AES_cbc_encrypt: |
| @@ -1684,7 +1685,7 @@ AES_cbc_encrypt: | |||
| 1684 | jb .Lcbc_slow_prologue | 1685 | jb .Lcbc_slow_prologue |
| 1685 | test \$15,%rdx | 1686 | test \$15,%rdx |
| 1686 | jnz .Lcbc_slow_prologue | 1687 | jnz .Lcbc_slow_prologue |
| 1687 | bt \$28,%r10d | 1688 | bt \$IA32CAP_BIT0_HT,%r10d |
| 1688 | jc .Lcbc_slow_prologue | 1689 | jc .Lcbc_slow_prologue |
| 1689 | 1690 | ||
| 1690 | # allocate aligned stack frame... | 1691 | # allocate aligned stack frame... |
| @@ -1944,7 +1945,7 @@ AES_cbc_encrypt: | |||
| 1944 | lea ($key,%rax),%rax | 1945 | lea ($key,%rax),%rax |
| 1945 | mov %rax,$keyend | 1946 | mov %rax,$keyend |
| 1946 | 1947 | ||
| 1947 | # pick Te4 copy which can't "overlap" with stack frame or key scdedule | 1948 | # pick Te4 copy which can't "overlap" with stack frame or key schedule |
| 1948 | lea 2048($sbox),$sbox | 1949 | lea 2048($sbox),$sbox |
| 1949 | lea 768-8(%rsp),%rax | 1950 | lea 768-8(%rsp),%rax |
| 1950 | sub $sbox,%rax | 1951 | sub $sbox,%rax |
| @@ -2814,6 +2815,7 @@ ___ | |||
| 2814 | 2815 | ||
| 2815 | $code =~ s/\`([^\`]*)\`/eval($1)/gem; | 2816 | $code =~ s/\`([^\`]*)\`/eval($1)/gem; |
| 2816 | 2817 | ||
| 2818 | print "#include \"x86_arch.h\"\n"; | ||
| 2817 | print $code; | 2819 | print $code; |
| 2818 | 2820 | ||
| 2819 | close STDOUT; | 2821 | close STDOUT; |
diff --git a/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl b/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl index 39b504cbe5..bc6c8f3fc0 100644 --- a/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl +++ b/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl | |||
| @@ -83,6 +83,7 @@ open OUT,"| \"$^X\" $xlate $flavour $output"; | |||
| 83 | $code.=<<___; | 83 | $code.=<<___; |
| 84 | .text | 84 | .text |
| 85 | .extern OPENSSL_ia32cap_P | 85 | .extern OPENSSL_ia32cap_P |
| 86 | .hidden OPENSSL_ia32cap_P | ||
| 86 | 87 | ||
| 87 | .globl aesni_cbc_sha1_enc | 88 | .globl aesni_cbc_sha1_enc |
| 88 | .type aesni_cbc_sha1_enc,\@abi-omnipotent | 89 | .type aesni_cbc_sha1_enc,\@abi-omnipotent |
| @@ -93,10 +94,10 @@ aesni_cbc_sha1_enc: | |||
| 93 | mov OPENSSL_ia32cap_P+4(%rip),%r11d | 94 | mov OPENSSL_ia32cap_P+4(%rip),%r11d |
| 94 | ___ | 95 | ___ |
| 95 | $code.=<<___ if ($avx); | 96 | $code.=<<___ if ($avx); |
| 96 | and \$`1<<28`,%r11d # mask AVX bit | 97 | and \$IA32CAP_MASK1_AVX,%r11d # mask AVX bit |
| 97 | and \$`1<<30`,%r10d # mask "Intel CPU" bit | 98 | and \$IA32CAP_MASK0_INTEL,%r10d # mask "Intel CPU" bit |
| 98 | or %r11d,%r10d | 99 | or %r11d,%r10d |
| 99 | cmp \$`1<<28|1<<30`,%r10d | 100 | cmp \$(IA32CAP_MASK1_AVX|IA32CAP_MASK0_INTEL),%r10d |
| 100 | je aesni_cbc_sha1_enc_avx | 101 | je aesni_cbc_sha1_enc_avx |
| 101 | ___ | 102 | ___ |
| 102 | $code.=<<___; | 103 | $code.=<<___; |