| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The OPENSSL_IA32_SSE2 flag controls whether a number of the perlasm
scripts generate additional implementations that use SSE2 functionality.
In all cases except ghash, the code checks OPENSSL_ia32cap_P for SSE2
support, before trying to run SSE2 code. For ghash it generates a CLMUL
based implementation in addition to different MMX version (one MMX
version hides behind OPENSSL_IA32_SSE2, the other does not), however this
does not appear to actually use SSE2. We also disable AES-NI on i386 if
OPENSSL_IA32_SSE2.
On OpenBSD, we've always defined OPENSSL_IA32_SSE2 so this is effectively
a no-op. The only change is that we now check MMX rather than SSE2 for the
ghash MMX implementation.
ok bcook@ beck@
|
| |
|
|
|
|
|
|
| |
gcm_{gmult,ghash}_4bit(), aesni_ccm64_decrypt_blocks(), aes_cbc_encrypt(),
and aesni_xts_{en,de}crypt() were overlooked in previous passes.
Found with a diff for ld.lld by kettenis
ok kettenis
|
| |
|
|
|
|
|
|
|
| |
cet.h is needed for other platforms to emit the relevant .gnu.properties
sections that are necessary for them to enable IBT. It also avoids issues
with older toolchains on macOS that explode on encountering endbr64.
based on a diff by kettenis
ok beck kettenis
|
| |
|
|
|
|
|
| |
This is a variant of the same logic error fixed in ghash-x86_64.pl r1.6.
The code path is only reachable on machines without FXSR or PCLMUL.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The assembly code for gcm_ghash_4bit() reads one too many times from Xi,
resulting in a four byte overread. Prevent this by not loading the next
value in the final iteration of the loop. If another full iteration is
required the next Xi value will be loaded at the top of the outer_loop.
Many thanks to Douglas Gliner <Douglas.Gliner at sony dot com> for finding
and reporting this issue, along with a detailed reproducer.
Same diff from deraadt@
ok tb@
|
| |
|
|
| |
ok jsing, and kind of tb an earlier version
|
| |
|
|
| |
ok miod
|
| |
|
|
|
|
|
|
| |
At least gcc 12 on Fedora is very unhappy about a plain .rodata and throws
Error: unknown pseudo-op: `.rodata'. So add a .section in front of it to
make it happy.
ok deraadt miod
|
| |
|
|
| |
responsible from getting the proper address of those blocks.
|
| |
|
|
|
|
| |
responsible from getting the proper address of those blocks.
ok tb@ jsing@
|
| |
|
|
|
| |
on amd64. no pic handling is neccessary since amd64 has full reach.
ok kettenis
|
| |
|
|
|
|
|
| |
fetch them correctly when building PIC. Also drop unused data, and remove
--no-execute-only from linker flags.
ok kettenis@
|
| |
|
|
|
|
|
| |
fetch them correctly when building PIC. Also drop unused data, and remove
--no-execute-only from linker flags.
ok jsing@ kettenis@
|
| |
|
|
|
|
|
| |
i removed the arithmetics -> arithmetic changes, as i felt they
were not clearly correct
ok tb
|
| |
|
|
|
|
| |
defined as they rely on unaligned access.
ok joel@
|
| |
|
|
|
|
| |
supports it as long as it's marked as unified syntax.
ok bcook@ kettenis@
|
| |
|
|
| |
ok deraadt@
|
| |
|
|
| |
ok deraadt@
|
| |
|
|
| |
the 64-bit code has to be disabled under OpenBSD/hppa.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
