signalapp/ring
signalapp/ring
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: signalapp:master
Branches Tags
signalapp:master
signalapp:0.16.9-7-ge0a2c2d01748
signalapp:0.16.9
signalapp:rebased
signalapp:0.14.6
signalapp:next-rustls
signalapp:next
signalapp:fips-20180730
signalapp:version_for_cocoapods_10.0
signalapp:0.12.1
signalapp:0.12.0
signalapp:version_for_cocoapods_9.0
signalapp:fips-20170615
signalapp:0.11.0
signalapp:0.10.0
signalapp:0.9.6
signalapp:0.9.7
signalapp:0.9.5
signalapp:0.9.4
signalapp:0.9.3
signalapp:0.9.2
signalapp:0.9.1
signalapp:0.9.0
signalapp:0.7.6
signalapp:0.8.1
signalapp:0.8.0-alpha1
signalapp:0.7.5
signalapp:0.7.5-alpha3
signalapp:0.7.5-alpha2
signalapp:0.7.5-alpha1
signalapp:0.7.4
signalapp:0.7.3
signalapp:0.7.2
signalapp:0.7.2-alpha2
signalapp:0.7.2-alpha1
signalapp:0.7.1
signalapp:0.7.0
signalapp:version_for_cocoapods_8.0
signalapp:v0.5
signalapp:version_for_cocoapods_7.0
signalapp:version_for_cocoapods_6.0
signalapp:version_for_cocoapods_5.0
signalapp:version_for_cocoapods_4.0
signalapp:version_for_cocoapods_3.0
signalapp:version_for_cocoapods_2.0
signalapp:version_for_cocoapods_1.0
...
pull from: signalapp:0.14.6
Branches Tags
signalapp:0.16.9-7-ge0a2c2d01748
signalapp:0.16.9
signalapp:rebased
signalapp:0.14.6
signalapp:master
signalapp:next-rustls
signalapp:next
signalapp:fips-20180730
signalapp:version_for_cocoapods_10.0
signalapp:0.12.1
signalapp:0.12.0
signalapp:version_for_cocoapods_9.0
signalapp:fips-20170615
signalapp:0.11.0
signalapp:0.10.0
signalapp:0.9.6
signalapp:0.9.7
signalapp:0.9.5
signalapp:0.9.4
signalapp:0.9.3
signalapp:0.9.2
signalapp:0.9.1
signalapp:0.9.0
signalapp:0.7.6
signalapp:0.8.1
signalapp:0.8.0-alpha1
signalapp:0.7.5
signalapp:0.7.5-alpha3
signalapp:0.7.5-alpha2
signalapp:0.7.5-alpha1
signalapp:0.7.4
signalapp:0.7.3
signalapp:0.7.2
signalapp:0.7.2-alpha2
signalapp:0.7.2-alpha1
signalapp:0.7.1
signalapp:0.7.0
signalapp:version_for_cocoapods_8.0
signalapp:v0.5
signalapp:version_for_cocoapods_7.0
signalapp:version_for_cocoapods_6.0
signalapp:version_for_cocoapods_5.0
signalapp:version_for_cocoapods_4.0
signalapp:version_for_cocoapods_3.0
signalapp:version_for_cocoapods_2.0
signalapp:version_for_cocoapods_1.0

3 Commits
master ... 0.14.6

Author SHA1 Message Date
Nolan Leake
9937305b27 Add symbols/cfi for assembly functions. 
This is needed for some binary analysis programs (BOLT, in this case) to
find all the code.  A little ugly since we're putting labels that are
named as if they are local only in the global symbol table, but whatever,
there is plenty ugly and weird stuff in these assembly functions...
 2019-03-20 11:21:07 -07:00
Nolan Leake
5669ee2557 On x86_64, put constants in .rodata 
Previously, they were in .text, which while not ideal, works just fine.  The
wrinkle is that since they were all in the same segment, no relocations were
generated for references to them.  Which again works just fine, until you
try to rewrite binaries.  In our case, using BOLT to add Spectre V1/V2
mitigations.  Moving them to .rodata is cleaner and forces the assembler
to generate the relocations that BOLT needs.
 2019-03-20 11:21:07 -07:00
Jeffrey Griffin
4faa94a90e SGX compatibility 2019-03-20 11:21:07 -07:00
12 changed files with 50 additions and 33 deletions
Show Stats Expand all files Collapse all files

3
crypto/chacha/asm/chacha-x86_64.pl
View File

@ -75,7 +75,7 @@ open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
$code.=<<___;
.text
.section .rodata
.extern GFp_ia32cap_P
.align 64
@ -107,6 +107,7 @@ $code.=<<___;
.Lsixteen:
.long 16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16
.asciz "ChaCha20 for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.text
___
sub AUTOLOAD() # thunk [simplified] 32-bit style perlasm

2
crypto/fipsmodule/aes/asm/aes-x86_64.pl
View File

@ -886,6 +886,7 @@ $code.=<<___;
___
$code.=<<___;
.section .rodata
.align 64
.LAES_Te:
___
@ -1097,6 +1098,7 @@ ___
$code.=<<___;
.asciz "AES for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.align 64
.text
___
# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,

49
crypto/fipsmodule/aes/asm/aesni-x86_64.pl
View File

@ -1407,10 +1407,16 @@ __aesni_set_encrypt_key:
.cfi_adjust_cfa_offset -8
ret
.cfi_endproc
.size GFp_${PREFIX}_set_encrypt_key,.-GFp_${PREFIX}_set_encrypt_key
.size __aesni_set_encrypt_key,.-__aesni_set_encrypt_key
.LSEH_end_GFp_set_encrypt_key:
.align 16
.globl .Lkey_expansion_128
.type .Lkey_expansion_128,\@abi-omnipotent
.Lkey_expansion_128:
.cfi_startproc
$movkey %xmm0,(%rax)
lea 16(%rax),%rax
.Lkey_expansion_128_cold:
@ -1421,39 +1427,13 @@ __aesni_set_encrypt_key:
shufps \$0b11111111,%xmm1,%xmm1 # critical path
xorps %xmm1,%xmm0
ret
.align 16
.Lkey_expansion_192a:
$movkey %xmm0,(%rax)
lea 16(%rax),%rax
.Lkey_expansion_192a_cold:
movaps %xmm2, %xmm5
.Lkey_expansion_192b_warm:
shufps \$0b00010000,%xmm0,%xmm4
movdqa %xmm2,%xmm3
xorps %xmm4,%xmm0
shufps \$0b10001100,%xmm0,%xmm4
pslldq \$4,%xmm3
xorps %xmm4,%xmm0
pshufd \$0b01010101,%xmm1,%xmm1 # critical path
pxor %xmm3,%xmm2
pxor %xmm1,%xmm0
pshufd \$0b11111111,%xmm0,%xmm3
pxor %xmm3,%xmm2
ret
.align 16
.Lkey_expansion_192b:
movaps %xmm0,%xmm3
shufps \$0b01000100,%xmm0,%xmm5
$movkey %xmm5,(%rax)
shufps \$0b01001110,%xmm2,%xmm3
$movkey %xmm3,16(%rax)
lea 32(%rax),%rax
jmp .Lkey_expansion_192b_warm
.cfi_endproc
.align 16
.globl .Lkey_expansion_256a
.type .Lkey_expansion_256a,\@abi-omnipotent
.Lkey_expansion_256a:
.cfi_startproc
$movkey %xmm2,(%rax)
lea 16(%rax),%rax
.Lkey_expansion_256a_cold:
@ -1464,9 +1444,13 @@ __aesni_set_encrypt_key:
shufps \$0b11111111,%xmm1,%xmm1 # critical path
xorps %xmm1,%xmm0
ret
.cfi_endproc
.align 16
.globl .Lkey_expansion_256b
.type .Lkey_expansion_256b,\@abi-omnipotent
.Lkey_expansion_256b:
.cfi_startproc
$movkey %xmm0,(%rax)
lea 16(%rax),%rax
@ -1477,12 +1461,12 @@ __aesni_set_encrypt_key:
shufps \$0b10101010,%xmm1,%xmm1 # critical path
xorps %xmm1,%xmm2
ret
.size GFp_${PREFIX}_set_encrypt_key,.-GFp_${PREFIX}_set_encrypt_key
.size __aesni_set_encrypt_key,.-__aesni_set_encrypt_key
.cfi_endproc
___
}
$code.=<<___;
.section .rodata
.align 64
.Lbswap_mask:
.byte 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
@ -1503,6 +1487,7 @@ $code.=<<___;
.asciz "AES for Intel AES-NI, CRYPTOGAMS by <appro\@openssl.org>"
.align 64
.text
___
# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,

2
crypto/fipsmodule/aes/asm/vpaes-x86_64.pl
View File

@ -567,6 +567,7 @@ _vpaes_preheat:
## Constants ##
## ##
########################################################
.section .rodata
.type _vpaes_consts,\@object
.align 64
_vpaes_consts:
@ -622,6 +623,7 @@ _vpaes_consts:
.Lk_deskew: # deskew tables: inverts the sbox's "skew"
.quad 0x07E4A34047A4E300, 0x1DFEB95A5DBEF91A
.quad 0x5F36B5DC83EA6900, 0x2841C2ABF49D1E77
.text
___
if ($win64) {

2
crypto/fipsmodule/bn/asm/x86_64-mont5.pl
View File

@ -3712,11 +3712,13 @@ $code.=<<___;
___
}
$code.=<<___;
.section .rodata
.align 64
.Linc:
.long 0,0, 1,1
.long 2,2, 2,2
.asciz "Montgomery Multiplication with scatter/gather for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.text
___
# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,

2
crypto/fipsmodule/ec/asm/p256-x86_64-asm.pl
View File

@ -59,6 +59,7 @@ $addx = 1;
$code.=<<___;
.text
.section .rodata
.extern GFp_ia32cap_P
# The polynomial
@ -80,6 +81,7 @@ $code.=<<___;
.quad 0xf3b9cac2fc632551, 0xbce6faada7179e84, 0xffffffffffffffff, 0xffffffff00000000
.LordK:
.quad 0xccd1c8aaee00bc4f
.text
___
{

2
crypto/fipsmodule/modes/asm/aesni-gcm-x86_64.pl
View File

@ -978,6 +978,7 @@ $code.=<<___;
___
$code.=<<___;
.section .rodata
.align 64
.Lbswap_mask:
.byte 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
@ -991,6 +992,7 @@ $code.=<<___;
.byte 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
.asciz "AES-NI GCM module for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.align 64
.text
___
if ($win64) {
$rec="%rcx";

2
crypto/fipsmodule/modes/asm/ghash-x86_64.pl
View File

@ -1353,6 +1353,7 @@ ___
}
$code.=<<___;
.section .rodata
.align 64
.Lbswap_mask:
.byte 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
@ -1406,6 +1407,7 @@ $code.=<<___;
.asciz "GHASH for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.align 64
.text
___
# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,

4
crypto/fipsmodule/sha/asm/sha512-x86_64.pl
View File

@ -402,6 +402,7 @@ ___
if ($SZ==4) {
$code.=<<___;
.section .rodata
.align 64
.type $TABLE,\@object
$TABLE:
@ -445,9 +446,11 @@ $TABLE:
.long 0xffffffff,0xffffffff,0x03020100,0x0b0a0908
.long 0xffffffff,0xffffffff,0x03020100,0x0b0a0908
.asciz "SHA256 block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.text
___
} else {
$code.=<<___;
.section .rodata
.align 64
.type $TABLE,\@object
$TABLE:
@ -535,6 +538,7 @@ $TABLE:
.quad 0x0001020304050607,0x08090a0b0c0d0e0f
.quad 0x0001020304050607,0x08090a0b0c0d0e0f
.asciz "SHA512 block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.text
___
}

2
crypto/poly1305/asm/poly1305-x86_64.pl
View File

@ -1973,6 +1973,7 @@ $code.=<<___;
___
}
$code.=<<___;
.section .rodata
.align 64
.Lconst:
.Lmask24:
@ -1989,6 +1990,7 @@ ___
$code.=<<___;
.asciz "Poly1305 for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.align 16
.text
___
# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,

1
src/cpu.rs
View File

@ -26,6 +26,7 @@ pub(crate) struct Features(());
pub(crate) fn features() -> Features {
// We don't do runtime feature detection on iOS. instead some features are
// assumed to be present; see `arm::Feature`.
#[cfg(not(target_env = "sgx"))]
#[cfg(not(target_os = "ios"))]
{
static INIT: spin::Once<()> = spin::Once::new();

12
src/rand.rs
View File

@ -86,6 +86,7 @@ impl SystemRandom {
pub fn new() -> SystemRandom { SystemRandom }
}
#[cfg(not(target_env = "sgx"))]
impl SecureRandom for SystemRandom {
#[inline(always)]
fn fill(&self, dest: &mut [u8]) -> Result<(), error::Unspecified> { fill_impl(dest) }
@ -95,6 +96,7 @@ impl sealed::Sealed for SystemRandom {}
#[cfg(all(
feature = "use_heap",
not(target_env = "sgx"),
not(any(
target_os = "linux",
target_os = "macos",
@ -105,15 +107,18 @@ impl sealed::Sealed for SystemRandom {}
))]
use self::urandom::fill as fill_impl;
#[cfg(not(target_env = "sgx"))]
#[cfg(any(
all(target_os = "linux", not(feature = "dev_urandom_fallback")),
windows
))]
use self::sysrand::fill as fill_impl;
#[cfg(not(target_env = "sgx"))]
#[cfg(all(target_os = "linux", feature = "dev_urandom_fallback"))]
use self::sysrand_or_urandom::fill as fill_impl;
#[cfg(not(target_env = "sgx"))]
#[cfg(any(target_os = "macos", target_os = "ios"))]
use self::darwin::fill as fill_impl;
@ -122,6 +127,7 @@ use self::fuchsia::fill as fill_impl;
use crate::sealed;
#[cfg(not(target_env = "sgx"))]
#[cfg(target_os = "linux")]
mod sysrand_chunk {
use crate::error;
@ -158,6 +164,7 @@ mod sysrand_chunk {
}
}
#[cfg(not(target_env = "sgx"))]
#[cfg(windows)]
mod sysrand_chunk {
use crate::{error, polyfill};
@ -183,6 +190,7 @@ mod sysrand_chunk {
}
}
#[cfg(not(target_env = "sgx"))]
#[cfg(any(target_os = "linux", windows))]
mod sysrand {
use super::sysrand_chunk::chunk;
@ -199,6 +207,7 @@ mod sysrand {
}
// Keep the `cfg` conditions in sync with the conditions in lib.rs.
#[cfg(not(target_env = "sgx"))]
#[cfg(all(
feature = "use_heap",
any(target_os = "redox", unix),
@ -234,6 +243,7 @@ mod urandom {
}
// Keep the `cfg` conditions in sync with the conditions in lib.rs.
#[cfg(not(target_env = "sgx"))]
#[cfg(all(target_os = "linux", feature = "dev_urandom_fallback"))]
mod sysrand_or_urandom {
use crate::error;
@ -264,6 +274,7 @@ mod sysrand_or_urandom {
}
}
#[cfg(not(target_env = "sgx"))]
#[cfg(any(target_os = "macos", target_os = "ios"))]
mod darwin {
use crate::error;
@ -316,6 +327,7 @@ mod fuchsia {
mod tests {
use crate::rand::{self, SecureRandom};
#[cfg(not(target_env = "sgx"))]
#[test]
fn test_system_random_lengths() {
// Test that `fill` succeeds for various interesting lengths. `256` and