summaryrefslogtreecommitdiff
path: root/src/lib/libc
diff options
context:
space:
mode:
Diffstat (limited to '')
-rwxr-xr-xsrc/lib/libcrypto/aes/asm/aes-x86_64.pl26
-rw-r--r--src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl8
-rw-r--r--src/lib/libcrypto/aes/asm/aesni-x86_64.pl32
-rw-r--r--src/lib/libcrypto/aes/asm/bsaes-x86_64.pl28
-rw-r--r--src/lib/libcrypto/aes/asm/vpaes-x86_64.pl28
-rw-r--r--src/lib/libcrypto/bn/arch/amd64/bignum_add.S2
-rw-r--r--src/lib/libcrypto/bn/arch/amd64/bignum_cmadd.S2
-rw-r--r--src/lib/libcrypto/bn/arch/amd64/bignum_cmul.S2
-rw-r--r--src/lib/libcrypto/bn/arch/amd64/bignum_mul.S2
-rw-r--r--src/lib/libcrypto/bn/arch/amd64/bignum_mul_4_8_alt.S2
-rw-r--r--src/lib/libcrypto/bn/arch/amd64/bignum_mul_8_16_alt.S2
-rw-r--r--src/lib/libcrypto/bn/arch/amd64/bignum_sqr.S2
-rw-r--r--src/lib/libcrypto/bn/arch/amd64/bignum_sqr_4_8_alt.S2
-rw-r--r--src/lib/libcrypto/bn/arch/amd64/bignum_sqr_8_16_alt.S2
-rw-r--r--src/lib/libcrypto/bn/arch/amd64/bignum_sub.S2
-rw-r--r--src/lib/libcrypto/bn/arch/amd64/word_clz.S2
-rw-r--r--src/lib/libcrypto/bn/asm/modexp512-x86_64.pl10
-rwxr-xr-xsrc/lib/libcrypto/bn/asm/x86_64-mont.pl6
-rwxr-xr-xsrc/lib/libcrypto/bn/asm/x86_64-mont5.pl10
-rw-r--r--src/lib/libcrypto/bn/s2n_bignum_internal.h6
-rw-r--r--src/lib/libcrypto/camellia/asm/cmll-x86_64.pl16
-rwxr-xr-xsrc/lib/libcrypto/md5/asm/md5-x86_64.pl2
-rw-r--r--src/lib/libcrypto/modes/asm/ghash-x86_64.pl8
-rwxr-xr-xsrc/lib/libcrypto/perlasm/x86_64-xlate.pl16
-rw-r--r--src/lib/libcrypto/rc4/asm/rc4-md5-x86_64.pl4
-rwxr-xr-xsrc/lib/libcrypto/rc4/asm/rc4-x86_64.pl4
-rwxr-xr-xsrc/lib/libcrypto/sha/asm/sha1-x86_64.pl8
-rwxr-xr-xsrc/lib/libcrypto/sha/asm/sha512-x86_64.pl2
-rw-r--r--src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl2
-rw-r--r--src/lib/libcrypto/x86_64cpuid.pl4
30 files changed, 132 insertions, 110 deletions
diff --git a/src/lib/libcrypto/aes/asm/aes-x86_64.pl b/src/lib/libcrypto/aes/asm/aes-x86_64.pl
index 78ba20ca59..299214800b 100755
--- a/src/lib/libcrypto/aes/asm/aes-x86_64.pl
+++ b/src/lib/libcrypto/aes/asm/aes-x86_64.pl
@@ -318,7 +318,7 @@ $code.=<<___;
318.type _x86_64_AES_encrypt,\@abi-omnipotent 318.type _x86_64_AES_encrypt,\@abi-omnipotent
319.align 16 319.align 16
320_x86_64_AES_encrypt: 320_x86_64_AES_encrypt:
321 endbr64 321 _CET_ENDBR
322 xor 0($key),$s0 # xor with key 322 xor 0($key),$s0 # xor with key
323 xor 4($key),$s1 323 xor 4($key),$s1
324 xor 8($key),$s2 324 xor 8($key),$s2
@@ -549,7 +549,7 @@ $code.=<<___;
549.type _x86_64_AES_encrypt_compact,\@abi-omnipotent 549.type _x86_64_AES_encrypt_compact,\@abi-omnipotent
550.align 16 550.align 16
551_x86_64_AES_encrypt_compact: 551_x86_64_AES_encrypt_compact:
552 endbr64 552 _CET_ENDBR
553 lea 128($sbox),$inp # size optimization 553 lea 128($sbox),$inp # size optimization
554 mov 0-128($inp),$acc1 # prefetch Te4 554 mov 0-128($inp),$acc1 # prefetch Te4
555 mov 32-128($inp),$acc2 555 mov 32-128($inp),$acc2
@@ -595,7 +595,7 @@ $code.=<<___;
595.hidden asm_AES_encrypt 595.hidden asm_AES_encrypt
596asm_AES_encrypt: 596asm_AES_encrypt:
597AES_encrypt: 597AES_encrypt:
598 endbr64 598 _CET_ENDBR
599 push %rbx 599 push %rbx
600 push %rbp 600 push %rbp
601 push %r12 601 push %r12
@@ -887,7 +887,7 @@ $code.=<<___;
887.type _x86_64_AES_decrypt,\@abi-omnipotent 887.type _x86_64_AES_decrypt,\@abi-omnipotent
888.align 16 888.align 16
889_x86_64_AES_decrypt: 889_x86_64_AES_decrypt:
890 endbr64 890 _CET_ENDBR
891 xor 0($key),$s0 # xor with key 891 xor 0($key),$s0 # xor with key
892 xor 4($key),$s1 892 xor 4($key),$s1
893 xor 8($key),$s2 893 xor 8($key),$s2
@@ -1142,7 +1142,7 @@ $code.=<<___;
1142.type _x86_64_AES_decrypt_compact,\@abi-omnipotent 1142.type _x86_64_AES_decrypt_compact,\@abi-omnipotent
1143.align 16 1143.align 16
1144_x86_64_AES_decrypt_compact: 1144_x86_64_AES_decrypt_compact:
1145 endbr64 1145 _CET_ENDBR
1146 lea 128($sbox),$inp # size optimization 1146 lea 128($sbox),$inp # size optimization
1147 mov 0-128($inp),$acc1 # prefetch Td4 1147 mov 0-128($inp),$acc1 # prefetch Td4
1148 mov 32-128($inp),$acc2 1148 mov 32-128($inp),$acc2
@@ -1197,7 +1197,7 @@ $code.=<<___;
1197.hidden asm_AES_decrypt 1197.hidden asm_AES_decrypt
1198asm_AES_decrypt: 1198asm_AES_decrypt:
1199AES_decrypt: 1199AES_decrypt:
1200 endbr64 1200 _CET_ENDBR
1201 push %rbx 1201 push %rbx
1202 push %rbp 1202 push %rbp
1203 push %r12 1203 push %r12
@@ -1297,7 +1297,7 @@ $code.=<<___;
1297.type AES_set_encrypt_key,\@function,3 1297.type AES_set_encrypt_key,\@function,3
1298.align 16 1298.align 16
1299AES_set_encrypt_key: 1299AES_set_encrypt_key:
1300 endbr64 1300 _CET_ENDBR
1301 push %rbx 1301 push %rbx
1302 push %rbp 1302 push %rbp
1303 push %r12 # redundant, but allows to share 1303 push %r12 # redundant, but allows to share
@@ -1323,7 +1323,7 @@ AES_set_encrypt_key:
1323.type _x86_64_AES_set_encrypt_key,\@abi-omnipotent 1323.type _x86_64_AES_set_encrypt_key,\@abi-omnipotent
1324.align 16 1324.align 16
1325_x86_64_AES_set_encrypt_key: 1325_x86_64_AES_set_encrypt_key:
1326 endbr64 1326 _CET_ENDBR
1327 mov %esi,%ecx # %ecx=bits 1327 mov %esi,%ecx # %ecx=bits
1328 mov %rdi,%rsi # %rsi=userKey 1328 mov %rdi,%rsi # %rsi=userKey
1329 mov %rdx,%rdi # %rdi=key 1329 mov %rdx,%rdi # %rdi=key
@@ -1569,7 +1569,7 @@ $code.=<<___;
1569.type AES_set_decrypt_key,\@function,3 1569.type AES_set_decrypt_key,\@function,3
1570.align 16 1570.align 16
1571AES_set_decrypt_key: 1571AES_set_decrypt_key:
1572 endbr64 1572 _CET_ENDBR
1573 push %rbx 1573 push %rbx
1574 push %rbp 1574 push %rbp
1575 push %r12 1575 push %r12
@@ -1669,7 +1669,7 @@ $code.=<<___;
1669.hidden asm_AES_cbc_encrypt 1669.hidden asm_AES_cbc_encrypt
1670asm_AES_cbc_encrypt: 1670asm_AES_cbc_encrypt:
1671AES_cbc_encrypt: 1671AES_cbc_encrypt:
1672 endbr64 1672 _CET_ENDBR
1673 cmp \$0,%rdx # check length 1673 cmp \$0,%rdx # check length
1674 je .Lcbc_epilogue 1674 je .Lcbc_epilogue
1675 pushfq 1675 pushfq
@@ -2561,7 +2561,7 @@ $code.=<<___;
2561.type block_se_handler,\@abi-omnipotent 2561.type block_se_handler,\@abi-omnipotent
2562.align 16 2562.align 16
2563block_se_handler: 2563block_se_handler:
2564 endbr64 2564 _CET_ENDBR
2565 push %rsi 2565 push %rsi
2566 push %rdi 2566 push %rdi
2567 push %rbx 2567 push %rbx
@@ -2620,7 +2620,7 @@ block_se_handler:
2620.type key_se_handler,\@abi-omnipotent 2620.type key_se_handler,\@abi-omnipotent
2621.align 16 2621.align 16
2622key_se_handler: 2622key_se_handler:
2623 endbr64 2623 _CET_ENDBR
2624 push %rsi 2624 push %rsi
2625 push %rdi 2625 push %rdi
2626 push %rbx 2626 push %rbx
@@ -2678,7 +2678,7 @@ key_se_handler:
2678.type cbc_se_handler,\@abi-omnipotent 2678.type cbc_se_handler,\@abi-omnipotent
2679.align 16 2679.align 16
2680cbc_se_handler: 2680cbc_se_handler:
2681 endbr64 2681 _CET_ENDBR
2682 push %rsi 2682 push %rsi
2683 push %rdi 2683 push %rdi
2684 push %rbx 2684 push %rbx
diff --git a/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl b/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl
index 879d16793f..5eb5b7bf65 100644
--- a/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl
+++ b/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl
@@ -89,7 +89,7 @@ $code.=<<___;
89.type aesni_cbc_sha1_enc,\@abi-omnipotent 89.type aesni_cbc_sha1_enc,\@abi-omnipotent
90.align 16 90.align 16
91aesni_cbc_sha1_enc: 91aesni_cbc_sha1_enc:
92 endbr64 92 _CET_ENDBR
93 # caller should check for SSSE3 and AES-NI bits 93 # caller should check for SSSE3 and AES-NI bits
94 mov OPENSSL_ia32cap_P+0(%rip),%r10d 94 mov OPENSSL_ia32cap_P+0(%rip),%r10d
95 mov OPENSSL_ia32cap_P+4(%rip),%r11d 95 mov OPENSSL_ia32cap_P+4(%rip),%r11d
@@ -133,7 +133,7 @@ $code.=<<___;
133.type aesni_cbc_sha1_enc_ssse3,\@function,6 133.type aesni_cbc_sha1_enc_ssse3,\@function,6
134.align 16 134.align 16
135aesni_cbc_sha1_enc_ssse3: 135aesni_cbc_sha1_enc_ssse3:
136 endbr64 136 _CET_ENDBR
137 mov `($win64?56:8)`(%rsp),$inp # load 7th argument 137 mov `($win64?56:8)`(%rsp),$inp # load 7th argument
138 #shr \$6,$len # debugging artefact 138 #shr \$6,$len # debugging artefact
139 #jz .Lepilogue_ssse3 # debugging artefact 139 #jz .Lepilogue_ssse3 # debugging artefact
@@ -652,7 +652,7 @@ $code.=<<___;
652.type aesni_cbc_sha1_enc_avx,\@function,6 652.type aesni_cbc_sha1_enc_avx,\@function,6
653.align 16 653.align 16
654aesni_cbc_sha1_enc_avx: 654aesni_cbc_sha1_enc_avx:
655 endbr64 655 _CET_ENDBR
656 mov `($win64?56:8)`(%rsp),$inp # load 7th argument 656 mov `($win64?56:8)`(%rsp),$inp # load 7th argument
657 #shr \$6,$len # debugging artefact 657 #shr \$6,$len # debugging artefact
658 #jz .Lepilogue_avx # debugging artefact 658 #jz .Lepilogue_avx # debugging artefact
@@ -1103,7 +1103,7 @@ $code.=<<___;
1103.type ssse3_handler,\@abi-omnipotent 1103.type ssse3_handler,\@abi-omnipotent
1104.align 16 1104.align 16
1105ssse3_handler: 1105ssse3_handler:
1106 endbr64 1106 _CET_ENDBR
1107 push %rsi 1107 push %rsi
1108 push %rdi 1108 push %rdi
1109 push %rbx 1109 push %rbx
diff --git a/src/lib/libcrypto/aes/asm/aesni-x86_64.pl b/src/lib/libcrypto/aes/asm/aesni-x86_64.pl
index 07d40a84ab..43013a51fb 100644
--- a/src/lib/libcrypto/aes/asm/aesni-x86_64.pl
+++ b/src/lib/libcrypto/aes/asm/aesni-x86_64.pl
@@ -242,7 +242,7 @@ $code.=<<___;
242.type ${PREFIX}_encrypt,\@abi-omnipotent 242.type ${PREFIX}_encrypt,\@abi-omnipotent
243.align 16 243.align 16
244${PREFIX}_encrypt: 244${PREFIX}_encrypt:
245 endbr64 245 _CET_ENDBR
246 movups ($inp),$inout0 # load input 246 movups ($inp),$inout0 # load input
247 mov 240($key),$rounds # key->rounds 247 mov 240($key),$rounds # key->rounds
248___ 248___
@@ -256,7 +256,7 @@ $code.=<<___;
256.type ${PREFIX}_decrypt,\@abi-omnipotent 256.type ${PREFIX}_decrypt,\@abi-omnipotent
257.align 16 257.align 16
258${PREFIX}_decrypt: 258${PREFIX}_decrypt:
259 endbr64 259 _CET_ENDBR
260 movups ($inp),$inout0 # load input 260 movups ($inp),$inout0 # load input
261 mov 240($key),$rounds # key->rounds 261 mov 240($key),$rounds # key->rounds
262___ 262___
@@ -286,7 +286,7 @@ $code.=<<___;
286.type _aesni_${dir}rypt3,\@abi-omnipotent 286.type _aesni_${dir}rypt3,\@abi-omnipotent
287.align 16 287.align 16
288_aesni_${dir}rypt3: 288_aesni_${dir}rypt3:
289 endbr64 289 _CET_ENDBR
290 $movkey ($key),$rndkey0 290 $movkey ($key),$rndkey0
291 shr \$1,$rounds 291 shr \$1,$rounds
292 $movkey 16($key),$rndkey1 292 $movkey 16($key),$rndkey1
@@ -331,7 +331,7 @@ $code.=<<___;
331.type _aesni_${dir}rypt4,\@abi-omnipotent 331.type _aesni_${dir}rypt4,\@abi-omnipotent
332.align 16 332.align 16
333_aesni_${dir}rypt4: 333_aesni_${dir}rypt4:
334 endbr64 334 _CET_ENDBR
335 $movkey ($key),$rndkey0 335 $movkey ($key),$rndkey0
336 shr \$1,$rounds 336 shr \$1,$rounds
337 $movkey 16($key),$rndkey1 337 $movkey 16($key),$rndkey1
@@ -377,7 +377,7 @@ $code.=<<___;
377.type _aesni_${dir}rypt6,\@abi-omnipotent 377.type _aesni_${dir}rypt6,\@abi-omnipotent
378.align 16 378.align 16
379_aesni_${dir}rypt6: 379_aesni_${dir}rypt6:
380 endbr64 380 _CET_ENDBR
381 $movkey ($key),$rndkey0 381 $movkey ($key),$rndkey0
382 shr \$1,$rounds 382 shr \$1,$rounds
383 $movkey 16($key),$rndkey1 383 $movkey 16($key),$rndkey1
@@ -442,7 +442,7 @@ $code.=<<___;
442.type _aesni_${dir}rypt8,\@abi-omnipotent 442.type _aesni_${dir}rypt8,\@abi-omnipotent
443.align 16 443.align 16
444_aesni_${dir}rypt8: 444_aesni_${dir}rypt8:
445 endbr64 445 _CET_ENDBR
446 $movkey ($key),$rndkey0 446 $movkey ($key),$rndkey0
447 shr \$1,$rounds 447 shr \$1,$rounds
448 $movkey 16($key),$rndkey1 448 $movkey 16($key),$rndkey1
@@ -531,7 +531,7 @@ $code.=<<___;
531.type aesni_ecb_encrypt,\@function,5 531.type aesni_ecb_encrypt,\@function,5
532.align 16 532.align 16
533aesni_ecb_encrypt: 533aesni_ecb_encrypt:
534 endbr64 534 _CET_ENDBR
535 and \$-16,$len 535 and \$-16,$len
536 jz .Lecb_ret 536 jz .Lecb_ret
537 537
@@ -837,7 +837,7 @@ $code.=<<___;
837.type aesni_ccm64_encrypt_blocks,\@function,6 837.type aesni_ccm64_encrypt_blocks,\@function,6
838.align 16 838.align 16
839aesni_ccm64_encrypt_blocks: 839aesni_ccm64_encrypt_blocks:
840 endbr64 840 _CET_ENDBR
841___ 841___
842$code.=<<___ if ($win64); 842$code.=<<___ if ($win64);
843 lea -0x58(%rsp),%rsp 843 lea -0x58(%rsp),%rsp
@@ -1025,7 +1025,7 @@ $code.=<<___;
1025.type aesni_ctr32_encrypt_blocks,\@function,5 1025.type aesni_ctr32_encrypt_blocks,\@function,5
1026.align 16 1026.align 16
1027aesni_ctr32_encrypt_blocks: 1027aesni_ctr32_encrypt_blocks:
1028 endbr64 1028 _CET_ENDBR
1029 lea (%rsp),%rax 1029 lea (%rsp),%rax
1030 push %rbp 1030 push %rbp
1031 sub \$$frame_size,%rsp 1031 sub \$$frame_size,%rsp
@@ -2487,7 +2487,7 @@ $code.=<<___;
2487.type ${PREFIX}_set_decrypt_key,\@abi-omnipotent 2487.type ${PREFIX}_set_decrypt_key,\@abi-omnipotent
2488.align 16 2488.align 16
2489${PREFIX}_set_decrypt_key: 2489${PREFIX}_set_decrypt_key:
2490 endbr64 2490 _CET_ENDBR
2491 sub \$8,%rsp 2491 sub \$8,%rsp
2492 call __aesni_set_encrypt_key 2492 call __aesni_set_encrypt_key
2493 shl \$4,$bits # rounds-1 after _aesni_set_encrypt_key 2493 shl \$4,$bits # rounds-1 after _aesni_set_encrypt_key
@@ -2538,7 +2538,7 @@ $code.=<<___;
2538.type ${PREFIX}_set_encrypt_key,\@abi-omnipotent 2538.type ${PREFIX}_set_encrypt_key,\@abi-omnipotent
2539.align 16 2539.align 16
2540${PREFIX}_set_encrypt_key: 2540${PREFIX}_set_encrypt_key:
2541 endbr64 2541 _CET_ENDBR
2542__aesni_set_encrypt_key: 2542__aesni_set_encrypt_key:
2543 sub \$8,%rsp 2543 sub \$8,%rsp
2544 mov \$-1,%rax 2544 mov \$-1,%rax
@@ -2760,7 +2760,7 @@ $code.=<<___ if ($PREFIX eq "aesni");
2760.type ecb_se_handler,\@abi-omnipotent 2760.type ecb_se_handler,\@abi-omnipotent
2761.align 16 2761.align 16
2762ecb_se_handler: 2762ecb_se_handler:
2763 endbr64 2763 _CET_ENDBR
2764 push %rsi 2764 push %rsi
2765 push %rdi 2765 push %rdi
2766 push %rbx 2766 push %rbx
@@ -2780,7 +2780,7 @@ ecb_se_handler:
2780.type ccm64_se_handler,\@abi-omnipotent 2780.type ccm64_se_handler,\@abi-omnipotent
2781.align 16 2781.align 16
2782ccm64_se_handler: 2782ccm64_se_handler:
2783 endbr64 2783 _CET_ENDBR
2784 push %rsi 2784 push %rsi
2785 push %rdi 2785 push %rdi
2786 push %rbx 2786 push %rbx
@@ -2822,7 +2822,7 @@ ccm64_se_handler:
2822.type ctr32_se_handler,\@abi-omnipotent 2822.type ctr32_se_handler,\@abi-omnipotent
2823.align 16 2823.align 16
2824ctr32_se_handler: 2824ctr32_se_handler:
2825 endbr64 2825 _CET_ENDBR
2826 push %rsi 2826 push %rsi
2827 push %rdi 2827 push %rdi
2828 push %rbx 2828 push %rbx
@@ -2858,7 +2858,7 @@ ctr32_se_handler:
2858.type xts_se_handler,\@abi-omnipotent 2858.type xts_se_handler,\@abi-omnipotent
2859.align 16 2859.align 16
2860xts_se_handler: 2860xts_se_handler:
2861 endbr64 2861 _CET_ENDBR
2862 push %rsi 2862 push %rsi
2863 push %rdi 2863 push %rdi
2864 push %rbx 2864 push %rbx
@@ -2900,7 +2900,7 @@ $code.=<<___;
2900.type cbc_se_handler,\@abi-omnipotent 2900.type cbc_se_handler,\@abi-omnipotent
2901.align 16 2901.align 16
2902cbc_se_handler: 2902cbc_se_handler:
2903 endbr64 2903 _CET_ENDBR
2904 push %rsi 2904 push %rsi
2905 push %rdi 2905 push %rdi
2906 push %rbx 2906 push %rbx
diff --git a/src/lib/libcrypto/aes/asm/bsaes-x86_64.pl b/src/lib/libcrypto/aes/asm/bsaes-x86_64.pl
index 7098ba27f4..c44a338114 100644
--- a/src/lib/libcrypto/aes/asm/bsaes-x86_64.pl
+++ b/src/lib/libcrypto/aes/asm/bsaes-x86_64.pl
@@ -813,7 +813,7 @@ $code.=<<___;
813.type _bsaes_encrypt8,\@abi-omnipotent 813.type _bsaes_encrypt8,\@abi-omnipotent
814.align 64 814.align 64
815_bsaes_encrypt8: 815_bsaes_encrypt8:
816 endbr64 816 _CET_ENDBR
817 lea .LBS0(%rip), $const # constants table 817 lea .LBS0(%rip), $const # constants table
818 818
819 movdqa ($key), @XMM[9] # round 0 key 819 movdqa ($key), @XMM[9] # round 0 key
@@ -878,7 +878,7 @@ $code.=<<___;
878.type _bsaes_decrypt8,\@abi-omnipotent 878.type _bsaes_decrypt8,\@abi-omnipotent
879.align 64 879.align 64
880_bsaes_decrypt8: 880_bsaes_decrypt8:
881 endbr64 881 _CET_ENDBR
882 lea .LBS0(%rip), $const # constants table 882 lea .LBS0(%rip), $const # constants table
883 883
884 movdqa ($key), @XMM[9] # round 0 key 884 movdqa ($key), @XMM[9] # round 0 key
@@ -970,7 +970,7 @@ $code.=<<___;
970.type _bsaes_key_convert,\@abi-omnipotent 970.type _bsaes_key_convert,\@abi-omnipotent
971.align 16 971.align 16
972_bsaes_key_convert: 972_bsaes_key_convert:
973 endbr64 973 _CET_ENDBR
974 lea .Lmasks(%rip), $const 974 lea .Lmasks(%rip), $const
975 movdqu ($inp), %xmm7 # load round 0 key 975 movdqu ($inp), %xmm7 # load round 0 key
976 lea 0x10($inp), $inp 976 lea 0x10($inp), $inp
@@ -1060,7 +1060,7 @@ $code.=<<___;
1060.type bsaes_enc_key_convert,\@function,2 1060.type bsaes_enc_key_convert,\@function,2
1061.align 16 1061.align 16
1062bsaes_enc_key_convert: 1062bsaes_enc_key_convert:
1063 endbr64 1063 _CET_ENDBR
1064 mov 240($inp),%r10d # pass rounds 1064 mov 240($inp),%r10d # pass rounds
1065 mov $inp,%rcx # pass key 1065 mov $inp,%rcx # pass key
1066 mov $out,%rax # pass key schedule 1066 mov $out,%rax # pass key schedule
@@ -1075,7 +1075,7 @@ bsaes_enc_key_convert:
1075.align 16 1075.align 16
1076bsaes_encrypt_128: 1076bsaes_encrypt_128:
1077.Lenc128_loop: 1077.Lenc128_loop:
1078 endbr64 1078 _CET_ENDBR
1079 movdqu 0x00($inp), @XMM[0] # load input 1079 movdqu 0x00($inp), @XMM[0] # load input
1080 movdqu 0x10($inp), @XMM[1] 1080 movdqu 0x10($inp), @XMM[1]
1081 movdqu 0x20($inp), @XMM[2] 1081 movdqu 0x20($inp), @XMM[2]
@@ -1108,7 +1108,7 @@ bsaes_encrypt_128:
1108.type bsaes_dec_key_convert,\@function,2 1108.type bsaes_dec_key_convert,\@function,2
1109.align 16 1109.align 16
1110bsaes_dec_key_convert: 1110bsaes_dec_key_convert:
1111 endbr64 1111 _CET_ENDBR
1112 mov 240($inp),%r10d # pass rounds 1112 mov 240($inp),%r10d # pass rounds
1113 mov $inp,%rcx # pass key 1113 mov $inp,%rcx # pass key
1114 mov $out,%rax # pass key schedule 1114 mov $out,%rax # pass key schedule
@@ -1123,7 +1123,7 @@ bsaes_dec_key_convert:
1123.type bsaes_decrypt_128,\@function,4 1123.type bsaes_decrypt_128,\@function,4
1124.align 16 1124.align 16
1125bsaes_decrypt_128: 1125bsaes_decrypt_128:
1126 endbr64 1126 _CET_ENDBR
1127.Ldec128_loop: 1127.Ldec128_loop:
1128 movdqu 0x00($inp), @XMM[0] # load input 1128 movdqu 0x00($inp), @XMM[0] # load input
1129 movdqu 0x10($inp), @XMM[1] 1129 movdqu 0x10($inp), @XMM[1]
@@ -1169,7 +1169,7 @@ $code.=<<___;
1169.type bsaes_ecb_encrypt_blocks,\@abi-omnipotent 1169.type bsaes_ecb_encrypt_blocks,\@abi-omnipotent
1170.align 16 1170.align 16
1171bsaes_ecb_encrypt_blocks: 1171bsaes_ecb_encrypt_blocks:
1172 endbr64 1172 _CET_ENDBR
1173 mov %rsp, %rax 1173 mov %rsp, %rax
1174.Lecb_enc_prologue: 1174.Lecb_enc_prologue:
1175 push %rbp 1175 push %rbp
@@ -1371,7 +1371,7 @@ $code.=<<___;
1371.type bsaes_ecb_decrypt_blocks,\@abi-omnipotent 1371.type bsaes_ecb_decrypt_blocks,\@abi-omnipotent
1372.align 16 1372.align 16
1373bsaes_ecb_decrypt_blocks: 1373bsaes_ecb_decrypt_blocks:
1374 endbr64 1374 _CET_ENDBR
1375 mov %rsp, %rax 1375 mov %rsp, %rax
1376.Lecb_dec_prologue: 1376.Lecb_dec_prologue:
1377 push %rbp 1377 push %rbp
@@ -1577,7 +1577,7 @@ $code.=<<___;
1577.type bsaes_cbc_encrypt,\@abi-omnipotent 1577.type bsaes_cbc_encrypt,\@abi-omnipotent
1578.align 16 1578.align 16
1579bsaes_cbc_encrypt: 1579bsaes_cbc_encrypt:
1580 endbr64 1580 _CET_ENDBR
1581___ 1581___
1582$code.=<<___ if ($win64); 1582$code.=<<___ if ($win64);
1583 mov 48(%rsp),$arg6 # pull direction flag 1583 mov 48(%rsp),$arg6 # pull direction flag
@@ -1865,7 +1865,7 @@ $code.=<<___;
1865.type bsaes_ctr32_encrypt_blocks,\@abi-omnipotent 1865.type bsaes_ctr32_encrypt_blocks,\@abi-omnipotent
1866.align 16 1866.align 16
1867bsaes_ctr32_encrypt_blocks: 1867bsaes_ctr32_encrypt_blocks:
1868 endbr64 1868 _CET_ENDBR
1869 mov %rsp, %rax 1869 mov %rsp, %rax
1870.Lctr_enc_prologue: 1870.Lctr_enc_prologue:
1871 push %rbp 1871 push %rbp
@@ -2107,7 +2107,7 @@ $code.=<<___;
2107.type bsaes_xts_encrypt,\@abi-omnipotent 2107.type bsaes_xts_encrypt,\@abi-omnipotent
2108.align 16 2108.align 16
2109bsaes_xts_encrypt: 2109bsaes_xts_encrypt:
2110 endbr64 2110 _CET_ENDBR
2111 mov %rsp, %rax 2111 mov %rsp, %rax
2112.Lxts_enc_prologue: 2112.Lxts_enc_prologue:
2113 push %rbp 2113 push %rbp
@@ -2489,7 +2489,7 @@ $code.=<<___;
2489.type bsaes_xts_decrypt,\@abi-omnipotent 2489.type bsaes_xts_decrypt,\@abi-omnipotent
2490.align 16 2490.align 16
2491bsaes_xts_decrypt: 2491bsaes_xts_decrypt:
2492 endbr64 2492 _CET_ENDBR
2493 mov %rsp, %rax 2493 mov %rsp, %rax
2494.Lxts_dec_prologue: 2494.Lxts_dec_prologue:
2495 push %rbp 2495 push %rbp
@@ -2966,7 +2966,7 @@ $code.=<<___;
2966.type se_handler,\@abi-omnipotent 2966.type se_handler,\@abi-omnipotent
2967.align 16 2967.align 16
2968se_handler: 2968se_handler:
2969 endbr64 2969 _CET_ENDBR
2970 push %rsi 2970 push %rsi
2971 push %rdi 2971 push %rdi
2972 push %rbx 2972 push %rbx
diff --git a/src/lib/libcrypto/aes/asm/vpaes-x86_64.pl b/src/lib/libcrypto/aes/asm/vpaes-x86_64.pl
index 8ff8d8602b..7d92e8d8ca 100644
--- a/src/lib/libcrypto/aes/asm/vpaes-x86_64.pl
+++ b/src/lib/libcrypto/aes/asm/vpaes-x86_64.pl
@@ -82,7 +82,7 @@ $code.=<<___;
82.type _vpaes_encrypt_core,\@abi-omnipotent 82.type _vpaes_encrypt_core,\@abi-omnipotent
83.align 16 83.align 16
84_vpaes_encrypt_core: 84_vpaes_encrypt_core:
85 endbr64 85 _CET_ENDBR
86 mov %rdx, %r9 86 mov %rdx, %r9
87 mov \$16, %r11 87 mov \$16, %r11
88 mov 240(%rdx),%eax 88 mov 240(%rdx),%eax
@@ -173,7 +173,7 @@ _vpaes_encrypt_core:
173.type _vpaes_decrypt_core,\@abi-omnipotent 173.type _vpaes_decrypt_core,\@abi-omnipotent
174.align 16 174.align 16
175_vpaes_decrypt_core: 175_vpaes_decrypt_core:
176 endbr64 176 _CET_ENDBR
177 mov %rdx, %r9 # load key 177 mov %rdx, %r9 # load key
178 mov 240(%rdx),%eax 178 mov 240(%rdx),%eax
179 movdqa %xmm9, %xmm1 179 movdqa %xmm9, %xmm1
@@ -281,7 +281,7 @@ _vpaes_decrypt_core:
281.type _vpaes_schedule_core,\@abi-omnipotent 281.type _vpaes_schedule_core,\@abi-omnipotent
282.align 16 282.align 16
283_vpaes_schedule_core: 283_vpaes_schedule_core:
284 endbr64 284 _CET_ENDBR
285 # rdi = key 285 # rdi = key
286 # rsi = size in bits 286 # rsi = size in bits
287 # rdx = buffer 287 # rdx = buffer
@@ -467,7 +467,7 @@ _vpaes_schedule_core:
467.type _vpaes_schedule_192_smear,\@abi-omnipotent 467.type _vpaes_schedule_192_smear,\@abi-omnipotent
468.align 16 468.align 16
469_vpaes_schedule_192_smear: 469_vpaes_schedule_192_smear:
470 endbr64 470 _CET_ENDBR
471 pshufd \$0x80, %xmm6, %xmm0 # d c 0 0 -> c 0 0 0 471 pshufd \$0x80, %xmm6, %xmm0 # d c 0 0 -> c 0 0 0
472 pxor %xmm0, %xmm6 # -> c+d c 0 0 472 pxor %xmm0, %xmm6 # -> c+d c 0 0
473 pshufd \$0xFE, %xmm7, %xmm0 # b a _ _ -> b b b a 473 pshufd \$0xFE, %xmm7, %xmm0 # b a _ _ -> b b b a
@@ -499,7 +499,7 @@ _vpaes_schedule_192_smear:
499.type _vpaes_schedule_round,\@abi-omnipotent 499.type _vpaes_schedule_round,\@abi-omnipotent
500.align 16 500.align 16
501_vpaes_schedule_round: 501_vpaes_schedule_round:
502 endbr64 502 _CET_ENDBR
503 # extract rcon from xmm8 503 # extract rcon from xmm8
504 pxor %xmm1, %xmm1 504 pxor %xmm1, %xmm1
505 palignr \$15, %xmm8, %xmm1 505 palignr \$15, %xmm8, %xmm1
@@ -567,7 +567,7 @@ _vpaes_schedule_low_round:
567.type _vpaes_schedule_transform,\@abi-omnipotent 567.type _vpaes_schedule_transform,\@abi-omnipotent
568.align 16 568.align 16
569_vpaes_schedule_transform: 569_vpaes_schedule_transform:
570 endbr64 570 _CET_ENDBR
571 movdqa %xmm9, %xmm1 571 movdqa %xmm9, %xmm1
572 pandn %xmm0, %xmm1 572 pandn %xmm0, %xmm1
573 psrld \$4, %xmm1 573 psrld \$4, %xmm1
@@ -606,7 +606,7 @@ _vpaes_schedule_transform:
606.type _vpaes_schedule_mangle,\@abi-omnipotent 606.type _vpaes_schedule_mangle,\@abi-omnipotent
607.align 16 607.align 16
608_vpaes_schedule_mangle: 608_vpaes_schedule_mangle:
609 endbr64 609 _CET_ENDBR
610 movdqa %xmm0, %xmm4 # save xmm0 for later 610 movdqa %xmm0, %xmm4 # save xmm0 for later
611 movdqa .Lk_mc_forward(%rip),%xmm5 611 movdqa .Lk_mc_forward(%rip),%xmm5
612 test %rcx, %rcx 612 test %rcx, %rcx
@@ -680,7 +680,7 @@ _vpaes_schedule_mangle:
680.type ${PREFIX}_set_encrypt_key,\@function,3 680.type ${PREFIX}_set_encrypt_key,\@function,3
681.align 16 681.align 16
682${PREFIX}_set_encrypt_key: 682${PREFIX}_set_encrypt_key:
683 endbr64 683 _CET_ENDBR
684___ 684___
685$code.=<<___ if ($win64); 685$code.=<<___ if ($win64);
686 lea -0xb8(%rsp),%rsp 686 lea -0xb8(%rsp),%rsp
@@ -729,7 +729,7 @@ $code.=<<___;
729.type ${PREFIX}_set_decrypt_key,\@function,3 729.type ${PREFIX}_set_decrypt_key,\@function,3
730.align 16 730.align 16
731${PREFIX}_set_decrypt_key: 731${PREFIX}_set_decrypt_key:
732 endbr64 732 _CET_ENDBR
733___ 733___
734$code.=<<___ if ($win64); 734$code.=<<___ if ($win64);
735 lea -0xb8(%rsp),%rsp 735 lea -0xb8(%rsp),%rsp
@@ -783,7 +783,7 @@ $code.=<<___;
783.type ${PREFIX}_encrypt,\@function,3 783.type ${PREFIX}_encrypt,\@function,3
784.align 16 784.align 16
785${PREFIX}_encrypt: 785${PREFIX}_encrypt:
786 endbr64 786 _CET_ENDBR
787___ 787___
788$code.=<<___ if ($win64); 788$code.=<<___ if ($win64);
789 lea -0xb8(%rsp),%rsp 789 lea -0xb8(%rsp),%rsp
@@ -827,7 +827,7 @@ $code.=<<___;
827.type ${PREFIX}_decrypt,\@function,3 827.type ${PREFIX}_decrypt,\@function,3
828.align 16 828.align 16
829${PREFIX}_decrypt: 829${PREFIX}_decrypt:
830 endbr64 830 _CET_ENDBR
831___ 831___
832$code.=<<___ if ($win64); 832$code.=<<___ if ($win64);
833 lea -0xb8(%rsp),%rsp 833 lea -0xb8(%rsp),%rsp
@@ -877,7 +877,7 @@ $code.=<<___;
877.type ${PREFIX}_cbc_encrypt,\@function,6 877.type ${PREFIX}_cbc_encrypt,\@function,6
878.align 16 878.align 16
879${PREFIX}_cbc_encrypt: 879${PREFIX}_cbc_encrypt:
880 endbr64 880 _CET_ENDBR
881 xchg $key,$len 881 xchg $key,$len
882___ 882___
883($len,$key)=($key,$len); 883($len,$key)=($key,$len);
@@ -961,7 +961,7 @@ $code.=<<___;
961.type _vpaes_preheat,\@abi-omnipotent 961.type _vpaes_preheat,\@abi-omnipotent
962.align 16 962.align 16
963_vpaes_preheat: 963_vpaes_preheat:
964 endbr64 964 _CET_ENDBR
965 lea .Lk_s0F(%rip), %r10 965 lea .Lk_s0F(%rip), %r10
966 movdqa -0x20(%r10), %xmm10 # .Lk_inv 966 movdqa -0x20(%r10), %xmm10 # .Lk_inv
967 movdqa -0x10(%r10), %xmm11 # .Lk_inv+16 967 movdqa -0x10(%r10), %xmm11 # .Lk_inv+16
@@ -1092,7 +1092,7 @@ $code.=<<___;
1092.type se_handler,\@abi-omnipotent 1092.type se_handler,\@abi-omnipotent
1093.align 16 1093.align 16
1094se_handler: 1094se_handler:
1095 endbr64 1095 _CET_ENDBR
1096 push %rsi 1096 push %rsi
1097 push %rdi 1097 push %rdi
1098 push %rbx 1098 push %rbx
diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_add.S b/src/lib/libcrypto/bn/arch/amd64/bignum_add.S
index 06298ca69e..5fe4aae7a1 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bignum_add.S
+++ b/src/lib/libcrypto/bn/arch/amd64/bignum_add.S
@@ -49,7 +49,7 @@
49 49
50 50
51S2N_BN_SYMBOL(bignum_add): 51S2N_BN_SYMBOL(bignum_add):
52 endbr64 52 _CET_ENDBR
53 53
54#if WINDOWS_ABI 54#if WINDOWS_ABI
55 push rdi 55 push rdi
diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_cmadd.S b/src/lib/libcrypto/bn/arch/amd64/bignum_cmadd.S
index 5ad712749f..25ba17bce2 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bignum_cmadd.S
+++ b/src/lib/libcrypto/bn/arch/amd64/bignum_cmadd.S
@@ -54,7 +54,7 @@
54 54
55 55
56S2N_BN_SYMBOL(bignum_cmadd): 56S2N_BN_SYMBOL(bignum_cmadd):
57 endbr64 57 _CET_ENDBR
58 58
59#if WINDOWS_ABI 59#if WINDOWS_ABI
60 push rdi 60 push rdi
diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_cmul.S b/src/lib/libcrypto/bn/arch/amd64/bignum_cmul.S
index 9199c8f48b..12f785d63a 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bignum_cmul.S
+++ b/src/lib/libcrypto/bn/arch/amd64/bignum_cmul.S
@@ -51,7 +51,7 @@
51 51
52 52
53S2N_BN_SYMBOL(bignum_cmul): 53S2N_BN_SYMBOL(bignum_cmul):
54 endbr64 54 _CET_ENDBR
55 55
56#if WINDOWS_ABI 56#if WINDOWS_ABI
57 push rdi 57 push rdi
diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_mul.S b/src/lib/libcrypto/bn/arch/amd64/bignum_mul.S
index 2d7ed19091..a3552679a2 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bignum_mul.S
+++ b/src/lib/libcrypto/bn/arch/amd64/bignum_mul.S
@@ -59,7 +59,7 @@
59 59
60 60
61S2N_BN_SYMBOL(bignum_mul): 61S2N_BN_SYMBOL(bignum_mul):
62 endbr64 62 _CET_ENDBR
63 63
64#if WINDOWS_ABI 64#if WINDOWS_ABI
65 push rdi 65 push rdi
diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_mul_4_8_alt.S b/src/lib/libcrypto/bn/arch/amd64/bignum_mul_4_8_alt.S
index f02b09b288..70ff69e372 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bignum_mul_4_8_alt.S
+++ b/src/lib/libcrypto/bn/arch/amd64/bignum_mul_4_8_alt.S
@@ -72,7 +72,7 @@
72 adc h, rdx 72 adc h, rdx
73 73
74S2N_BN_SYMBOL(bignum_mul_4_8_alt): 74S2N_BN_SYMBOL(bignum_mul_4_8_alt):
75 endbr64 75 _CET_ENDBR
76 76
77#if WINDOWS_ABI 77#if WINDOWS_ABI
78 push rdi 78 push rdi
diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_mul_8_16_alt.S b/src/lib/libcrypto/bn/arch/amd64/bignum_mul_8_16_alt.S
index 97be83e1f7..066403b074 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bignum_mul_8_16_alt.S
+++ b/src/lib/libcrypto/bn/arch/amd64/bignum_mul_8_16_alt.S
@@ -72,7 +72,7 @@
72 adc h, rdx 72 adc h, rdx
73 73
74S2N_BN_SYMBOL(bignum_mul_8_16_alt): 74S2N_BN_SYMBOL(bignum_mul_8_16_alt):
75 endbr64 75 _CET_ENDBR
76 76
77#if WINDOWS_ABI 77#if WINDOWS_ABI
78 push rdi 78 push rdi
diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr.S b/src/lib/libcrypto/bn/arch/amd64/bignum_sqr.S
index c4a0cabf35..54e3f59442 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr.S
+++ b/src/lib/libcrypto/bn/arch/amd64/bignum_sqr.S
@@ -62,7 +62,7 @@
62#define llshort ebp 62#define llshort ebp
63 63
64S2N_BN_SYMBOL(bignum_sqr): 64S2N_BN_SYMBOL(bignum_sqr):
65 endbr64 65 _CET_ENDBR
66 66
67#if WINDOWS_ABI 67#if WINDOWS_ABI
68 push rdi 68 push rdi
diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_4_8_alt.S b/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_4_8_alt.S
index b228414dce..7c534ae907 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_4_8_alt.S
+++ b/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_4_8_alt.S
@@ -71,7 +71,7 @@
71 adc c, 0 71 adc c, 0
72 72
73S2N_BN_SYMBOL(bignum_sqr_4_8_alt): 73S2N_BN_SYMBOL(bignum_sqr_4_8_alt):
74 endbr64 74 _CET_ENDBR
75 75
76#if WINDOWS_ABI 76#if WINDOWS_ABI
77 push rdi 77 push rdi
diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_8_16_alt.S b/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_8_16_alt.S
index 04efeec7e2..ac0b6f96c2 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_8_16_alt.S
+++ b/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_8_16_alt.S
@@ -103,7 +103,7 @@
103 adc c, 0 103 adc c, 0
104 104
105S2N_BN_SYMBOL(bignum_sqr_8_16_alt): 105S2N_BN_SYMBOL(bignum_sqr_8_16_alt):
106 endbr64 106 _CET_ENDBR
107 107
108#if WINDOWS_ABI 108#if WINDOWS_ABI
109 push rdi 109 push rdi
diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_sub.S b/src/lib/libcrypto/bn/arch/amd64/bignum_sub.S
index 11a9bd7edd..3ff8a30510 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bignum_sub.S
+++ b/src/lib/libcrypto/bn/arch/amd64/bignum_sub.S
@@ -49,7 +49,7 @@
49 49
50 50
51S2N_BN_SYMBOL(bignum_sub): 51S2N_BN_SYMBOL(bignum_sub):
52 endbr64 52 _CET_ENDBR
53 53
54#if WINDOWS_ABI 54#if WINDOWS_ABI
55 push rdi 55 push rdi
diff --git a/src/lib/libcrypto/bn/arch/amd64/word_clz.S b/src/lib/libcrypto/bn/arch/amd64/word_clz.S
index 464a9d90fc..3926fcd4b0 100644
--- a/src/lib/libcrypto/bn/arch/amd64/word_clz.S
+++ b/src/lib/libcrypto/bn/arch/amd64/word_clz.S
@@ -30,7 +30,7 @@
30 .text 30 .text
31 31
32S2N_BN_SYMBOL(word_clz): 32S2N_BN_SYMBOL(word_clz):
33 endbr64 33 _CET_ENDBR
34 34
35#if WINDOWS_ABI 35#if WINDOWS_ABI
36 push rdi 36 push rdi
diff --git a/src/lib/libcrypto/bn/asm/modexp512-x86_64.pl b/src/lib/libcrypto/bn/asm/modexp512-x86_64.pl
index af78fff541..8645d5adcc 100644
--- a/src/lib/libcrypto/bn/asm/modexp512-x86_64.pl
+++ b/src/lib/libcrypto/bn/asm/modexp512-x86_64.pl
@@ -347,7 +347,7 @@ $code.=<<___;
347.type MULADD_128x512,\@abi-omnipotent 347.type MULADD_128x512,\@abi-omnipotent
348.align 16 348.align 16
349MULADD_128x512: 349MULADD_128x512:
350 endbr64 350 _CET_ENDBR
351___ 351___
352 &MULSTEP_512([map("%r$_",(8..15))], "(+8*0)(%rcx)", "%rsi", "%rbp", "%rbx"); 352 &MULSTEP_512([map("%r$_",(8..15))], "(+8*0)(%rcx)", "%rsi", "%rbp", "%rbx");
353$code.=<<___; 353$code.=<<___;
@@ -415,7 +415,7 @@ $code.=<<___;
415.type mont_reduce,\@abi-omnipotent 415.type mont_reduce,\@abi-omnipotent
416.align 16 416.align 16
417mont_reduce: 417mont_reduce:
418 endbr64 418 _CET_ENDBR
419___ 419___
420 420
421my $STACK_DEPTH = 8; 421my $STACK_DEPTH = 8;
@@ -678,7 +678,7 @@ $code.=<<___;
678.type mont_mul_a3b,\@abi-omnipotent 678.type mont_mul_a3b,\@abi-omnipotent
679.align 16 679.align 16
680mont_mul_a3b: 680mont_mul_a3b:
681 endbr64 681 _CET_ENDBR
682 # 682 #
683 # multiply tmp = src1 * src2 683 # multiply tmp = src1 * src2
684 # For multiply: dst = rcx, src1 = rdi, src2 = rsi 684 # For multiply: dst = rcx, src1 = rdi, src2 = rsi
@@ -1080,7 +1080,7 @@ $code.=<<___;
1080.type sqr_reduce,\@abi-omnipotent 1080.type sqr_reduce,\@abi-omnipotent
1081.align 16 1081.align 16
1082sqr_reduce: 1082sqr_reduce:
1083 endbr64 1083 _CET_ENDBR
1084 mov (+$pResult_offset+8)(%rsp), %rcx 1084 mov (+$pResult_offset+8)(%rsp), %rcx
1085___ 1085___
1086 &SQR_512("%rsp+$tmp16_offset+8", "%rcx", [map("%r$_",(10..15,8..9))], "%rbx", "%rbp", "%rsi", "%rdi"); 1086 &SQR_512("%rsp+$tmp16_offset+8", "%rcx", [map("%r$_",(10..15,8..9))], "%rbx", "%rbp", "%rsi", "%rdi");
@@ -1110,7 +1110,7 @@ $code.=<<___;
1110.globl mod_exp_512 1110.globl mod_exp_512
1111.type mod_exp_512,\@function,4 1111.type mod_exp_512,\@function,4
1112mod_exp_512: 1112mod_exp_512:
1113 endbr64 1113 _CET_ENDBR
1114 push %rbp 1114 push %rbp
1115 push %rbx 1115 push %rbx
1116 push %r12 1116 push %r12
diff --git a/src/lib/libcrypto/bn/asm/x86_64-mont.pl b/src/lib/libcrypto/bn/asm/x86_64-mont.pl
index 6f5ab331e2..30cfab4fce 100755
--- a/src/lib/libcrypto/bn/asm/x86_64-mont.pl
+++ b/src/lib/libcrypto/bn/asm/x86_64-mont.pl
@@ -63,7 +63,7 @@ $code=<<___;
63.type bn_mul_mont,\@function,6 63.type bn_mul_mont,\@function,6
64.align 16 64.align 16
65bn_mul_mont: 65bn_mul_mont:
66 endbr64 66 _CET_ENDBR
67 test \$3,${num}d 67 test \$3,${num}d
68 jnz .Lmul_enter 68 jnz .Lmul_enter
69 cmp \$8,${num}d 69 cmp \$8,${num}d
@@ -279,7 +279,7 @@ $code.=<<___;
279.align 16 279.align 16
280bn_mul4x_mont: 280bn_mul4x_mont:
281.Lmul4x_enter: 281.Lmul4x_enter:
282 endbr64 282 _CET_ENDBR
283 push %rbx 283 push %rbx
284 push %rbp 284 push %rbp
285 push %r12 285 push %r12
@@ -707,7 +707,7 @@ $code.=<<___;
707.align 16 707.align 16
708bn_sqr4x_mont: 708bn_sqr4x_mont:
709.Lsqr4x_enter: 709.Lsqr4x_enter:
710 endbr64 710 _CET_ENDBR
711 push %rbx 711 push %rbx
712 push %rbp 712 push %rbp
713 push %r12 713 push %r12
diff --git a/src/lib/libcrypto/bn/asm/x86_64-mont5.pl b/src/lib/libcrypto/bn/asm/x86_64-mont5.pl
index 3b3325a6cc..38751ec5de 100755
--- a/src/lib/libcrypto/bn/asm/x86_64-mont5.pl
+++ b/src/lib/libcrypto/bn/asm/x86_64-mont5.pl
@@ -57,7 +57,7 @@ $code=<<___;
57.type bn_mul_mont_gather5,\@function,6 57.type bn_mul_mont_gather5,\@function,6
58.align 64 58.align 64
59bn_mul_mont_gather5: 59bn_mul_mont_gather5:
60 endbr64 60 _CET_ENDBR
61 test \$3,${num}d 61 test \$3,${num}d
62 jnz .Lmul_enter 62 jnz .Lmul_enter
63 cmp \$8,${num}d 63 cmp \$8,${num}d
@@ -388,7 +388,7 @@ $code.=<<___;
388.type bn_mul4x_mont_gather5,\@function,6 388.type bn_mul4x_mont_gather5,\@function,6
389.align 16 389.align 16
390bn_mul4x_mont_gather5: 390bn_mul4x_mont_gather5:
391 endbr64 391 _CET_ENDBR
392.Lmul4x_enter: 392.Lmul4x_enter:
393 mov ${num}d,${num}d 393 mov ${num}d,${num}d
394 movd `($win64?56:8)`(%rsp),%xmm5 # load 7th argument 394 movd `($win64?56:8)`(%rsp),%xmm5 # load 7th argument
@@ -927,7 +927,7 @@ $code.=<<___;
927.type bn_scatter5,\@abi-omnipotent 927.type bn_scatter5,\@abi-omnipotent
928.align 16 928.align 16
929bn_scatter5: 929bn_scatter5:
930 endbr64 930 _CET_ENDBR
931 cmp \$0, $num 931 cmp \$0, $num
932 jz .Lscatter_epilogue 932 jz .Lscatter_epilogue
933 lea ($tbl,$idx,8),$tbl 933 lea ($tbl,$idx,8),$tbl
@@ -946,7 +946,7 @@ bn_scatter5:
946.type bn_gather5,\@abi-omnipotent 946.type bn_gather5,\@abi-omnipotent
947.align 16 947.align 16
948bn_gather5: 948bn_gather5:
949 endbr64 949 _CET_ENDBR
950.LSEH_begin_bn_gather5: # Win64 thing, but harmless in other cases 950.LSEH_begin_bn_gather5: # Win64 thing, but harmless in other cases
951 # I can't trust assembler to use specific encoding:-( 951 # I can't trust assembler to use specific encoding:-(
952 .byte 0x4c,0x8d,0x14,0x24 # lea (%rsp),%r10 952 .byte 0x4c,0x8d,0x14,0x24 # lea (%rsp),%r10
@@ -1057,7 +1057,7 @@ $code.=<<___;
1057.type mul_handler,\@abi-omnipotent 1057.type mul_handler,\@abi-omnipotent
1058.align 16 1058.align 16
1059mul_handler: 1059mul_handler:
1060 endbr64 1060 _CET_ENDBR
1061 push %rsi 1061 push %rsi
1062 push %rdi 1062 push %rdi
1063 push %rbx 1063 push %rbx
diff --git a/src/lib/libcrypto/bn/s2n_bignum_internal.h b/src/lib/libcrypto/bn/s2n_bignum_internal.h
index f413688338..b82db7d019 100644
--- a/src/lib/libcrypto/bn/s2n_bignum_internal.h
+++ b/src/lib/libcrypto/bn/s2n_bignum_internal.h
@@ -18,6 +18,12 @@
18# define S2N_BN_SYMBOL(name) name 18# define S2N_BN_SYMBOL(name) name
19#endif 19#endif
20 20
21#ifdef __CET__
22# include <cet.h>
23#else
24# define _CET_ENDBR
25#endif
26
21#define S2N_BN_SYM_VISIBILITY_DIRECTIVE(name) .globl S2N_BN_SYMBOL(name) 27#define S2N_BN_SYM_VISIBILITY_DIRECTIVE(name) .globl S2N_BN_SYMBOL(name)
22#ifdef S2N_BN_HIDE_SYMBOLS 28#ifdef S2N_BN_HIDE_SYMBOLS
23# ifdef __APPLE__ 29# ifdef __APPLE__
diff --git a/src/lib/libcrypto/camellia/asm/cmll-x86_64.pl b/src/lib/libcrypto/camellia/asm/cmll-x86_64.pl
index 3ceed3e899..187f0596d7 100644
--- a/src/lib/libcrypto/camellia/asm/cmll-x86_64.pl
+++ b/src/lib/libcrypto/camellia/asm/cmll-x86_64.pl
@@ -116,7 +116,7 @@ $code=<<___;
116.type Camellia_EncryptBlock,\@abi-omnipotent 116.type Camellia_EncryptBlock,\@abi-omnipotent
117.align 16 117.align 16
118Camellia_EncryptBlock: 118Camellia_EncryptBlock:
119 endbr64 119 _CET_ENDBR
120 movl \$128,%eax 120 movl \$128,%eax
121 subl $arg0d,%eax 121 subl $arg0d,%eax
122 movl \$3,$arg0d 122 movl \$3,$arg0d
@@ -129,7 +129,7 @@ Camellia_EncryptBlock:
129.align 16 129.align 16
130.Lenc_rounds: 130.Lenc_rounds:
131Camellia_EncryptBlock_Rounds: 131Camellia_EncryptBlock_Rounds:
132 endbr64 132 _CET_ENDBR
133 push %rbx 133 push %rbx
134 push %rbp 134 push %rbp
135 push %r13 135 push %r13
@@ -178,7 +178,7 @@ Camellia_EncryptBlock_Rounds:
178.type _x86_64_Camellia_encrypt,\@abi-omnipotent 178.type _x86_64_Camellia_encrypt,\@abi-omnipotent
179.align 16 179.align 16
180_x86_64_Camellia_encrypt: 180_x86_64_Camellia_encrypt:
181 endbr64 181 _CET_ENDBR
182 xor 0($key),@S[1] 182 xor 0($key),@S[1]
183 xor 4($key),@S[0] # ^=key[0-3] 183 xor 4($key),@S[0] # ^=key[0-3]
184 xor 8($key),@S[3] 184 xor 8($key),@S[3]
@@ -229,7 +229,7 @@ $code.=<<___;
229.type Camellia_DecryptBlock,\@abi-omnipotent 229.type Camellia_DecryptBlock,\@abi-omnipotent
230.align 16 230.align 16
231Camellia_DecryptBlock: 231Camellia_DecryptBlock:
232 endbr64 232 _CET_ENDBR
233 movl \$128,%eax 233 movl \$128,%eax
234 subl $arg0d,%eax 234 subl $arg0d,%eax
235 movl \$3,$arg0d 235 movl \$3,$arg0d
@@ -242,7 +242,7 @@ Camellia_DecryptBlock:
242.align 16 242.align 16
243.Ldec_rounds: 243.Ldec_rounds:
244Camellia_DecryptBlock_Rounds: 244Camellia_DecryptBlock_Rounds:
245 endbr64 245 _CET_ENDBR
246 push %rbx 246 push %rbx
247 push %rbp 247 push %rbp
248 push %r13 248 push %r13
@@ -291,7 +291,7 @@ Camellia_DecryptBlock_Rounds:
291.type _x86_64_Camellia_decrypt,\@abi-omnipotent 291.type _x86_64_Camellia_decrypt,\@abi-omnipotent
292.align 16 292.align 16
293_x86_64_Camellia_decrypt: 293_x86_64_Camellia_decrypt:
294 endbr64 294 _CET_ENDBR
295 xor 0($key),@S[1] 295 xor 0($key),@S[1]
296 xor 4($key),@S[0] # ^=key[0-3] 296 xor 4($key),@S[0] # ^=key[0-3]
297 xor 8($key),@S[3] 297 xor 8($key),@S[3]
@@ -406,7 +406,7 @@ $code.=<<___;
406.type Camellia_Ekeygen,\@function,3 406.type Camellia_Ekeygen,\@function,3
407.align 16 407.align 16
408Camellia_Ekeygen: 408Camellia_Ekeygen:
409 endbr64 409 _CET_ENDBR
410 push %rbx 410 push %rbx
411 push %rbp 411 push %rbp
412 push %r13 412 push %r13
@@ -637,7 +637,7 @@ $code.=<<___;
637.type Camellia_cbc_encrypt,\@function,6 637.type Camellia_cbc_encrypt,\@function,6
638.align 16 638.align 16
639Camellia_cbc_encrypt: 639Camellia_cbc_encrypt:
640 endbr64 640 _CET_ENDBR
641 cmp \$0,%rdx 641 cmp \$0,%rdx
642 je .Lcbc_abort 642 je .Lcbc_abort
643 push %rbx 643 push %rbx
diff --git a/src/lib/libcrypto/md5/asm/md5-x86_64.pl b/src/lib/libcrypto/md5/asm/md5-x86_64.pl
index 06d69094f4..5001c34724 100755
--- a/src/lib/libcrypto/md5/asm/md5-x86_64.pl
+++ b/src/lib/libcrypto/md5/asm/md5-x86_64.pl
@@ -128,7 +128,7 @@ $code .= <<EOF;
128.globl md5_block_asm_data_order 128.globl md5_block_asm_data_order
129.type md5_block_asm_data_order,\@function,3 129.type md5_block_asm_data_order,\@function,3
130md5_block_asm_data_order: 130md5_block_asm_data_order:
131 endbr64 131 _CET_ENDBR
132 push %rbp 132 push %rbp
133 push %rbx 133 push %rbx
134 push %r12 134 push %r12
diff --git a/src/lib/libcrypto/modes/asm/ghash-x86_64.pl b/src/lib/libcrypto/modes/asm/ghash-x86_64.pl
index 4fded507c8..f3caac15d6 100644
--- a/src/lib/libcrypto/modes/asm/ghash-x86_64.pl
+++ b/src/lib/libcrypto/modes/asm/ghash-x86_64.pl
@@ -412,7 +412,7 @@ $code.=<<___;
412.type gcm_init_clmul,\@abi-omnipotent 412.type gcm_init_clmul,\@abi-omnipotent
413.align 16 413.align 16
414gcm_init_clmul: 414gcm_init_clmul:
415 endbr64 415 _CET_ENDBR
416 movdqu ($Xip),$Hkey 416 movdqu ($Xip),$Hkey
417 pshufd \$0b01001110,$Hkey,$Hkey # dword swap 417 pshufd \$0b01001110,$Hkey,$Hkey # dword swap
418 418
@@ -450,7 +450,7 @@ $code.=<<___;
450.type gcm_gmult_clmul,\@abi-omnipotent 450.type gcm_gmult_clmul,\@abi-omnipotent
451.align 16 451.align 16
452gcm_gmult_clmul: 452gcm_gmult_clmul:
453 endbr64 453 _CET_ENDBR
454 movdqu ($Xip),$Xi 454 movdqu ($Xip),$Xi
455 movdqa .Lbswap_mask(%rip),$T3 455 movdqa .Lbswap_mask(%rip),$T3
456 movdqu ($Htbl),$Hkey 456 movdqu ($Htbl),$Hkey
@@ -478,7 +478,7 @@ $code.=<<___;
478.type gcm_ghash_clmul,\@abi-omnipotent 478.type gcm_ghash_clmul,\@abi-omnipotent
479.align 16 479.align 16
480gcm_ghash_clmul: 480gcm_ghash_clmul:
481 endbr64 481 _CET_ENDBR
482___ 482___
483$code.=<<___ if ($win64); 483$code.=<<___ if ($win64);
484.LSEH_begin_gcm_ghash_clmul: 484.LSEH_begin_gcm_ghash_clmul:
@@ -689,7 +689,7 @@ $code.=<<___;
689.type se_handler,\@abi-omnipotent 689.type se_handler,\@abi-omnipotent
690.align 16 690.align 16
691se_handler: 691se_handler:
692 endbr64 692 _CET_ENDBR
693 push %rsi 693 push %rsi
694 push %rdi 694 push %rdi
695 push %rbx 695 push %rbx
diff --git a/src/lib/libcrypto/perlasm/x86_64-xlate.pl b/src/lib/libcrypto/perlasm/x86_64-xlate.pl
index 5dbed2a8c4..325e7cf583 100755
--- a/src/lib/libcrypto/perlasm/x86_64-xlate.pl
+++ b/src/lib/libcrypto/perlasm/x86_64-xlate.pl
@@ -781,6 +781,22 @@ ___
781OPTION DOTNAME 781OPTION DOTNAME
782___ 782___
783} 783}
784
785if ($nasm) {
786 print <<___;
787\%define _CET_ENDBR
788___
789} else {
790 print <<___;
791#if defined(__CET__)
792#include <cet.h>
793#else
794#define _CET_ENDBR
795#endif
796
797___
798}
799
784print "#include \"x86_arch.h\"\n"; 800print "#include \"x86_arch.h\"\n";
785 801
786while($line=<>) { 802while($line=<>) {
diff --git a/src/lib/libcrypto/rc4/asm/rc4-md5-x86_64.pl b/src/lib/libcrypto/rc4/asm/rc4-md5-x86_64.pl
index 3190e6a8e7..e5e8aa08a1 100644
--- a/src/lib/libcrypto/rc4/asm/rc4-md5-x86_64.pl
+++ b/src/lib/libcrypto/rc4/asm/rc4-md5-x86_64.pl
@@ -109,7 +109,7 @@ $code.=<<___;
109.globl $func 109.globl $func
110.type $func,\@function,$nargs 110.type $func,\@function,$nargs
111$func: 111$func:
112 endbr64 112 _CET_ENDBR
113 cmp \$0,$len 113 cmp \$0,$len
114 je .Labort 114 je .Labort
115 push %rbx 115 push %rbx
@@ -454,7 +454,7 @@ $code.=<<___;
454.type RC4_set_key,\@function,3 454.type RC4_set_key,\@function,3
455.align 16 455.align 16
456RC4_set_key: 456RC4_set_key:
457 endbr64 457 _CET_ENDBR
458 lea 8($dat),$dat 458 lea 8($dat),$dat
459 lea ($inp,$len),$inp 459 lea ($inp,$len),$inp
460 neg $len 460 neg $len
diff --git a/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl b/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl
index 0472acce8a..a9cf9d1bdf 100755
--- a/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl
+++ b/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl
@@ -128,7 +128,7 @@ $code=<<___;
128.type RC4,\@function,4 128.type RC4,\@function,4
129.align 16 129.align 16
130RC4: 130RC4:
131 endbr64 131 _CET_ENDBR
132 or $len,$len 132 or $len,$len
133 jne .Lentry 133 jne .Lentry
134 ret 134 ret
@@ -435,7 +435,7 @@ $code.=<<___;
435.type RC4_set_key,\@function,3 435.type RC4_set_key,\@function,3
436.align 16 436.align 16
437RC4_set_key: 437RC4_set_key:
438 endbr64 438 _CET_ENDBR
439 lea 8($dat),$dat 439 lea 8($dat),$dat
440 lea ($inp,$len),$inp 440 lea ($inp,$len),$inp
441 neg $len 441 neg $len
diff --git a/src/lib/libcrypto/sha/asm/sha1-x86_64.pl b/src/lib/libcrypto/sha/asm/sha1-x86_64.pl
index e15ff47f88..e080251df4 100755
--- a/src/lib/libcrypto/sha/asm/sha1-x86_64.pl
+++ b/src/lib/libcrypto/sha/asm/sha1-x86_64.pl
@@ -222,7 +222,7 @@ $code.=<<___;
222.type sha1_block_data_order,\@function,3 222.type sha1_block_data_order,\@function,3
223.align 16 223.align 16
224sha1_block_data_order: 224sha1_block_data_order:
225 endbr64 225 _CET_ENDBR
226 mov OPENSSL_ia32cap_P+0(%rip),%r9d 226 mov OPENSSL_ia32cap_P+0(%rip),%r9d
227 mov OPENSSL_ia32cap_P+4(%rip),%r8d 227 mov OPENSSL_ia32cap_P+4(%rip),%r8d
228 test \$IA32CAP_MASK1_SSSE3,%r8d # check SSSE3 bit 228 test \$IA32CAP_MASK1_SSSE3,%r8d # check SSSE3 bit
@@ -310,7 +310,7 @@ $code.=<<___;
310.align 16 310.align 16
311sha1_block_data_order_ssse3: 311sha1_block_data_order_ssse3:
312_ssse3_shortcut: 312_ssse3_shortcut:
313 endbr64 313 _CET_ENDBR
314 push %rbx 314 push %rbx
315 push %rbp 315 push %rbp
316 push %r12 316 push %r12
@@ -731,7 +731,7 @@ $code.=<<___;
731.align 16 731.align 16
732sha1_block_data_order_avx: 732sha1_block_data_order_avx:
733_avx_shortcut: 733_avx_shortcut:
734 endbr64 734 _CET_ENDBR
735 push %rbx 735 push %rbx
736 push %rbp 736 push %rbp
737 push %r12 737 push %r12
@@ -1102,7 +1102,7 @@ $code.=<<___;
1102.type se_handler,\@abi-omnipotent 1102.type se_handler,\@abi-omnipotent
1103.align 16 1103.align 16
1104se_handler: 1104se_handler:
1105 endbr64 1105 _CET_ENDBR
1106 push %rsi 1106 push %rsi
1107 push %rdi 1107 push %rdi
1108 push %rbx 1108 push %rbx
diff --git a/src/lib/libcrypto/sha/asm/sha512-x86_64.pl b/src/lib/libcrypto/sha/asm/sha512-x86_64.pl
index 120693feeb..f7a4dad2c9 100755
--- a/src/lib/libcrypto/sha/asm/sha512-x86_64.pl
+++ b/src/lib/libcrypto/sha/asm/sha512-x86_64.pl
@@ -175,7 +175,7 @@ $code=<<___;
175.type $func,\@function,4 175.type $func,\@function,4
176.align 16 176.align 16
177$func: 177$func:
178 endbr64 178 _CET_ENDBR
179 push %rbx 179 push %rbx
180 push %rbp 180 push %rbp
181 push %r12 181 push %r12
diff --git a/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl b/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl
index 7958f6d289..2a3902430b 100644
--- a/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl
+++ b/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl
@@ -57,7 +57,7 @@ $code=<<___;
57.type $func,\@function,3 57.type $func,\@function,3
58.align 16 58.align 16
59$func: 59$func:
60 endbr64 60 _CET_ENDBR
61 push %rbx 61 push %rbx
62 push %rbp 62 push %rbp
63 push %r12 63 push %r12
diff --git a/src/lib/libcrypto/x86_64cpuid.pl b/src/lib/libcrypto/x86_64cpuid.pl
index dc56732a28..5e85c40c97 100644
--- a/src/lib/libcrypto/x86_64cpuid.pl
+++ b/src/lib/libcrypto/x86_64cpuid.pl
@@ -18,7 +18,7 @@ print<<___;
18.extern OPENSSL_cpuid_setup 18.extern OPENSSL_cpuid_setup
19.hidden OPENSSL_cpuid_setup 19.hidden OPENSSL_cpuid_setup
20.section .init 20.section .init
21 endbr64 21 _CET_ENDBR
22 call OPENSSL_cpuid_setup 22 call OPENSSL_cpuid_setup
23 23
24.extern OPENSSL_ia32cap_P 24.extern OPENSSL_ia32cap_P
@@ -30,7 +30,7 @@ print<<___;
30.type OPENSSL_ia32_cpuid,\@abi-omnipotent 30.type OPENSSL_ia32_cpuid,\@abi-omnipotent
31.align 16 31.align 16
32OPENSSL_ia32_cpuid: 32OPENSSL_ia32_cpuid:
33 endbr64 33 _CET_ENDBR
34 mov %rbx,%r8 # save %rbx 34 mov %rbx,%r8 # save %rbx
35 35
36 xor %eax,%eax 36 xor %eax,%eax
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-29 17:32:42 +0000