Merge BoringSSL 293d9ee.

2019-01-03 17:31:46 -10:00 · 2019-01-03 17:31:46 -10:00 · 47dc3cbcb5
commit 47dc3cbcb5
parent 39f2e2b21e 293d9ee4e8
4 changed files with 58 additions and 32 deletions
--- a/crypto/chacha/asm/chacha-armv8.pl
+++ b/crypto/chacha/asm/chacha-armv8.pl
@ -122,10 +122,10 @@ my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2));
 $code.=<<___;
 #include <GFp/arm_arch.h>

-.text
-
 .extern	GFp_armcap_P

+.section .rodata
+
 .align	5
 .Lsigma:
 .quad	0x3320646e61707865,0x6b20657479622d32		// endian-neutral
@ -139,20 +139,18 @@ $code.=<<___;
 #endif
 .asciz	"ChaCha20 for ARMv8, CRYPTOGAMS by <appro\@openssl.org>"

-.globl	GFp_ChaCha20_ctr32
-.type	GFp_ChaCha20_ctr32,%function
+.text
+
+.globl	ChaCha20_ctr32
+.type	ChaCha20_ctr32,%function
 .align	5
 GFp_ChaCha20_ctr32:
 	cbz	$len,.Labort
-	adr	@x[0],.LGFp_armcap_P
+	adrp	@x[0],:pg_hi21:GFp_armcap_P
 	cmp	$len,#192
 	b.lo	.Lshort
-#ifdef	__ILP32__
-	ldrsw	@x[1],[@x[0]]
-#else
-	ldr	@x[1],[@x[0]]
-#endif
-	ldr	w17,[@x[1],@x[0]]
+	add	@x[0],@x[0],:lo12:GFp_armcap_P
+	ldr	w17,[@x[0]]
 	tst	w17,#ARMV7_NEON
 	b.ne	ChaCha20_neon

@ -160,7 +158,8 @@ GFp_ChaCha20_ctr32:
 	stp	x29,x30,[sp,#-96]!
 	add	x29,sp,#0

-	adr	@x[0],.Lsigma
+	adrp	@x[0],:pg_hi21:.Lsigma
+	add	@x[0],@x[0],:lo12:.Lsigma
 	stp	x19,x20,[sp,#16]
 	stp	x21,x22,[sp,#32]
 	stp	x23,x24,[sp,#48]
@ -380,7 +379,8 @@ ChaCha20_neon:
 	stp	x29,x30,[sp,#-96]!
 	add	x29,sp,#0

-	adr	@x[0],.Lsigma
+	adrp	@x[0],:pg_hi21:.Lsigma
+	add	@x[0],@x[0],:lo12:.Lsigma
 	stp	x19,x20,[sp,#16]
 	stp	x21,x22,[sp,#32]
 	stp	x23,x24,[sp,#48]
@ -699,7 +699,8 @@ ChaCha20_512_neon:
 	stp	x29,x30,[sp,#-96]!
 	add	x29,sp,#0

-	adr	@x[0],.Lsigma
+	adrp	@x[0],:pg_hi21:.Lsigma
+	add	@x[0],@x[0],:lo12:.Lsigma
 	stp	x19,x20,[sp,#16]
 	stp	x21,x22,[sp,#32]
 	stp	x23,x24,[sp,#48]
--- a/crypto/fipsmodule/aes/asm/aesv8-armx.pl
+++ b/crypto/fipsmodule/aes/asm/aesv8-armx.pl
@ -77,6 +77,9 @@ my ($zero,$rcon,$mask,$in0,$in1,$tmp,$key)=
 	$flavour=~/64/? map("q$_",(0..6)) : map("q$_",(0..3,8..10));


+# On AArch64, put the data .rodata and use adrp + add for compatibility with
+# execute-only memory. On AArch32, put it in .text and use adr.
+$code.= ".section .rodata\n" if ($flavour =~ /64/);
 $code.=<<___;
 .align	5
 .Lrcon:
@ -84,6 +87,8 @@ $code.=<<___;
 .long	0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d	// rotate-n-splat
 .long	0x1b,0x1b,0x1b,0x1b

+.text
+
 .globl	GFp_${prefix}_set_encrypt_key
 .type	GFp_${prefix}_set_encrypt_key,%function
 .align	5
@ -108,7 +113,15 @@ $code.=<<___;
 	tst	$bits,#0x3f
 	b.ne	.Lenc_key_abort

+___
+$code.=<<___	if ($flavour =~ /64/);
+	adrp	$ptr,:pg_hi21:.Lrcon
+	add	$ptr,$ptr,:lo12:.Lrcon
+___
+$code.=<<___	if ($flavour !~ /64/);
 	adr	$ptr,.Lrcon
+___
+$code.=<<___;
 	cmp	$bits,#192

 	veor	$zero,$zero,$zero
--- a/crypto/fipsmodule/sha/asm/sha512-armv8.pl
+++ b/crypto/fipsmodule/sha/asm/sha512-armv8.pl
@ -185,13 +185,8 @@ $func:
 ___
 $code.=<<___	if ($SZ==4);
 #ifndef	__KERNEL__
-# ifdef	__ILP32__
-	ldrsw	x16,.LGFp_armcap_P
-# else
-	ldr	x16,.LGFp_armcap_P
-# endif
-	adr	x17,.LGFp_armcap_P
-	add	x16,x16,x17
+	adrp	x16,:pg_hi21:GFp_armcap_P
+	add	x16,x16,:lo12:GFp_armcap_P
 	ldr	w16,[x16]
 	tst	w16,#ARMV8_SHA256
 	b.ne	.Lv8_entry
@ -213,7 +208,8 @@ $code.=<<___;
 	ldp	$E,$F,[$ctx,#4*$SZ]
 	add	$num,$inp,$num,lsl#`log(16*$SZ)/log(2)`	// end of input
 	ldp	$G,$H,[$ctx,#6*$SZ]
-	adr	$Ktbl,.LK$BITS
+	adrp	$Ktbl,:pg_hi21:.LK$BITS
+	add	$Ktbl,$Ktbl,:lo12:.LK$BITS
 	stp	$ctx,$num,[x29,#96]

 .Loop:
@ -262,6 +258,7 @@ $code.=<<___;
 	ret
 .size	$func,.-$func

+.section .rodata
 .align	6
 .type	.LK$BITS,%object
 .LK$BITS:
@ -330,15 +327,6 @@ $code.=<<___ if ($SZ==4);
 ___
 $code.=<<___;
 .size	.LK$BITS,.-.LK$BITS
-#ifndef	__KERNEL__
-.align	3
-.LGFp_armcap_P:
-# ifdef	__ILP32__
-	.long	GFp_armcap_P-.
-# else
-	.quad	GFp_armcap_P-.
-# endif
-#endif
 .asciz	"SHA$BITS block transform for ARMv8, CRYPTOGAMS by <appro\@openssl.org>"
 .align	2
 ___
@ -352,6 +340,7 @@ my ($W0,$W1)=("v16.4s","v17.4s");
 my ($ABCD_SAVE,$EFGH_SAVE)=("v18.16b","v19.16b");

 $code.=<<___;
+.text
 #ifndef	__KERNEL__
 .type	sha256_block_armv8,%function
 .align	6
@ -361,7 +350,8 @@ sha256_block_armv8:
 	add		x29,sp,#0

 	ld1.32		{$ABCD,$EFGH},[$ctx]
-	adr		$Ktbl,.LK256
+	adrp		$Ktbl,:pg_hi21:.LK256
+	add		$Ktbl,$Ktbl,:lo12:.LK256

 .Loop_hw:
 	ld1		{@MSG[0]-@MSG[3]},[$inp],#64
--- a/crypto/perlasm/arm-xlate.pl
+++ b/crypto/perlasm/arm-xlate.pl
@ -97,6 +97,16 @@ my $asciz = sub {
    else
    {	"";	}
 };
+my $section = sub {
+    if ($flavour =~ /ios/) {
+        if ($_[0] eq ".rodata") {
+            return ".section\t__TEXT,__const";
+        }
+        die "Unknown section name $_[0]";
+    } else {
+        return ".section\t" . join(",", @_);
+    }
+};

 sub range {
  my ($r,$sfx,$start,$end) = @_;
@ -175,6 +185,18 @@ while(my $line=<>) {
 	    $opcode = eval("\$$mnemonic");
 	}

+	if ($flavour =~ /ios/) {
+	    # Mach-O and ELF use different syntax for these relocations. Note
+	    # that we require :pg_hi21: to be explicitly listed. It is normally
+	    # optional with adrp instructions.
+	    $line =~ s|:pg_hi21:(\w+)|\1\@PAGE|;
+	    $line =~ s|:lo12:(\w+)|\1\@PAGEOFF|;
+	} else {
+	    # Clang's integrated assembly does not support the optional
+	    # :pg_hi21: markers, so erase them.
+	    $line =~ s|:pg_hi21:||;
+	}
+
 	my $arg=expand_line($line);

 	if (ref($opcode) eq 'CODE') {