Skip to content

Commit 1fbf584

Browse files
justsmthBob Beck
justsmth
and
Bob Beck
authored
Upstream: Add Intel Indirect Branch Tracking support (#1659)
### Issues: * Addresses: CryptoAlg-2220 ### Previous Work: This change re-introduces changes from the following PRs: * #1628 Due to build failures with certain environments using gcc-4.8, the above was reverted: * #1656 The build failures were addressed in the following PR: * #1665 ### Description of changes: Upstream commits: * google/boringssl@9fc1c33 * google/boringssl@51ed32f By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license. --------- Co-authored-by: Bob Beck <[email protected]>
1 parent fa8b98e commit 1fbf584

File tree

82 files changed

+469
-0
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

82 files changed

+469
-0
lines changed

crypto/chacha/asm/chacha-x86_64.pl

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -235,6 +235,7 @@ sub ROUND { # critical path is 24 cycles per round
235235
.align 64
236236
ChaCha20_ctr32:
237237
.cfi_startproc
238+
_CET_ENDBR
238239
cmp \$0,$len
239240
je .Lno_data
240241
mov OPENSSL_ia32cap_P+4(%rip),%r10

crypto/cipher_extra/asm/aes128gcmsiv-x86_64.pl

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,7 @@ sub aesgcmsiv_htable_init {
140140
.align 16
141141
aesgcmsiv_htable_init:
142142
.cfi_startproc
143+
_CET_ENDBR
143144
vmovdqa ($H), $T
144145
vmovdqa $T, $TMP0
145146
vmovdqa $T, ($Htbl) # H
@@ -180,6 +181,7 @@ sub aesgcmsiv_htable6_init {
180181
.align 16
181182
aesgcmsiv_htable6_init:
182183
.cfi_startproc
184+
_CET_ENDBR
183185
vmovdqa ($H), $T
184186
vmovdqa $T, $TMP0
185187
vmovdqa $T, ($Htbl) # H
@@ -241,6 +243,7 @@ sub aesgcmsiv_htable_polyval {
241243
.align 16
242244
aesgcmsiv_htable_polyval:
243245
.cfi_startproc
246+
_CET_ENDBR
244247
test $len, $len
245248
jnz .Lhtable_polyval_start
246249
ret
@@ -426,6 +429,7 @@ sub aesgcmsiv_polyval_horner {
426429
.align 16
427430
aesgcmsiv_polyval_horner:
428431
.cfi_startproc
432+
_CET_ENDBR
429433
test $L, $L
430434
jnz .Lpolyval_horner_start
431435
ret
@@ -466,6 +470,7 @@ sub aesgcmsiv_polyval_horner {
466470
.align 16
467471
aes128gcmsiv_aes_ks:
468472
.cfi_startproc
473+
_CET_ENDBR
469474
vmovdqu (%rdi), %xmm1 # xmm1 = user key
470475
vmovdqa %xmm1, (%rsi) # rsi points to output
471476
@@ -527,6 +532,7 @@ sub aesgcmsiv_polyval_horner {
527532
.align 16
528533
aes256gcmsiv_aes_ks:
529534
.cfi_startproc
535+
_CET_ENDBR
530536
vmovdqu (%rdi), %xmm1
531537
vmovdqu 16(%rdi), %xmm3
532538
vmovdqa %xmm1, (%rsi)
@@ -620,6 +626,7 @@ sub aes128gcmsiv_aes_ks_enc_x1 {
620626
.align 16
621627
aes128gcmsiv_aes_ks_enc_x1:
622628
.cfi_startproc
629+
_CET_ENDBR
623630
vmovdqa (%rcx), %xmm1 # xmm1 = first 16 bytes of random key
624631
vmovdqa 0*16(%rdi), $BLOCK1
625632
@@ -693,6 +700,7 @@ sub aes128gcmsiv_kdf {
693700
.align 16
694701
aes128gcmsiv_kdf:
695702
.cfi_startproc
703+
_CET_ENDBR
696704
# parameter 1: %rdi Pointer to NONCE
697705
# parameter 2: %rsi Pointer to CT
698706
# parameter 4: %rdx Pointer to keys
@@ -793,6 +801,7 @@ sub aes128gcmsiv_enc_msg_x4 {
793801
.align 16
794802
aes128gcmsiv_enc_msg_x4:
795803
.cfi_startproc
804+
_CET_ENDBR
796805
test $LEN, $LEN
797806
jnz .L128_enc_msg_x4_start
798807
ret
@@ -990,6 +999,7 @@ sub aes128gcmsiv_enc_msg_x8 {
990999
.align 16
9911000
aes128gcmsiv_enc_msg_x8:
9921001
.cfi_startproc
1002+
_CET_ENDBR
9931003
test $LEN, $LEN
9941004
jnz .L128_enc_msg_x8_start
9951005
ret
@@ -1245,6 +1255,7 @@ sub aesgcmsiv_dec {
12451255

12461256
$code.=<<___;
12471257
.cfi_startproc
1258+
_CET_ENDBR
12481259
test \$~15, $LEN
12491260
jnz .L${labelPrefix}_dec_start
12501261
ret
@@ -1584,6 +1595,7 @@ sub aes128gcmsiv_ecb_enc_block {
15841595
.align 16
15851596
aes128gcmsiv_ecb_enc_block:
15861597
.cfi_startproc
1598+
_CET_ENDBR
15871599
vmovdqa (%rdi), $STATE_1
15881600
15891601
vpxor ($KSp), $STATE_1, $STATE_1
@@ -1676,6 +1688,7 @@ sub aes256gcmsiv_aes_ks_enc_x1 {
16761688
.align 16
16771689
aes256gcmsiv_aes_ks_enc_x1:
16781690
.cfi_startproc
1691+
_CET_ENDBR
16791692
vmovdqa con1(%rip), $CON_MASK # CON_MASK = 1,1,1,1
16801693
vmovdqa mask(%rip), $MASK_256 # MASK_256
16811694
vmovdqa ($PT), $BLOCK1
@@ -1717,6 +1730,7 @@ sub aes256gcmsiv_ecb_enc_block {
17171730
.align 16
17181731
aes256gcmsiv_ecb_enc_block:
17191732
.cfi_startproc
1733+
_CET_ENDBR
17201734
vmovdqa (%rdi), $STATE_1
17211735
vpxor ($KSp), $STATE_1, $STATE_1
17221736
vaesenc 1*16($KSp), $STATE_1, $STATE_1
@@ -1800,6 +1814,7 @@ sub aes256gcmsiv_enc_msg_x4 {
18001814
.align 16
18011815
aes256gcmsiv_enc_msg_x4:
18021816
.cfi_startproc
1817+
_CET_ENDBR
18031818
test $LEN, $LEN
18041819
jnz .L256_enc_msg_x4_start
18051820
ret
@@ -2000,6 +2015,7 @@ ()
20002015
.align 16
20012016
aes256gcmsiv_enc_msg_x8:
20022017
.cfi_startproc
2018+
_CET_ENDBR
20032019
test $LEN, $LEN
20042020
jnz .L256_enc_msg_x8_start
20052021
ret
@@ -2206,6 +2222,7 @@ sub aes256gcmsiv_kdf {
22062222
.align 16
22072223
aes256gcmsiv_kdf:
22082224
.cfi_startproc
2225+
_CET_ENDBR
22092226
# parameter 1: %rdi Pointer to NONCE
22102227
# parameter 2: %rsi Pointer to CT
22112228
# parameter 4: %rdx Pointer to keys

crypto/cipher_extra/asm/chacha20_poly1305_x86_64.pl

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -453,6 +453,7 @@ sub emit_body {
453453
.align 64
454454
chacha20_poly1305_open:
455455
.cfi_startproc
456+
_CET_ENDBR
456457
push %rbp
457458
.cfi_push %rbp
458459
push %rbx
@@ -875,6 +876,7 @@ sub emit_body {
875876
.align 64
876877
chacha20_poly1305_seal:
877878
.cfi_startproc
879+
_CET_ENDBR
878880
push %rbp
879881
.cfi_push %rbp
880882
push %rbx

crypto/fipsmodule/aes/asm/aesni-x86_64.pl

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -278,6 +278,7 @@ sub aesni_generate1 {
278278
.align 16
279279
${PREFIX}_encrypt:
280280
.cfi_startproc
281+
_CET_ENDBR
281282
#ifdef BORINGSSL_DISPATCH_TEST
282283
.extern BORINGSSL_function_hit
283284
movb \$1,BORINGSSL_function_hit+1(%rip)
@@ -300,6 +301,7 @@ sub aesni_generate1 {
300301
.align 16
301302
${PREFIX}_decrypt:
302303
.cfi_startproc
304+
_CET_ENDBR
303305
movups ($inp),$inout0 # load input
304306
mov 240($key),$rounds # key->rounds
305307
___
@@ -620,6 +622,7 @@ sub aesni_generate8 {
620622
.align 16
621623
${PREFIX}_ecb_encrypt:
622624
.cfi_startproc
625+
_CET_ENDBR
623626
___
624627
$code.=<<___ if ($win64);
625628
lea -0x58(%rsp),%rsp
@@ -1206,6 +1209,7 @@ sub aesni_generate8 {
12061209
.align 16
12071210
${PREFIX}_ctr32_encrypt_blocks:
12081211
.cfi_startproc
1212+
_CET_ENDBR
12091213
#ifdef BORINGSSL_DISPATCH_TEST
12101214
movb \$1,BORINGSSL_function_hit(%rip)
12111215
#endif
@@ -1784,6 +1788,7 @@ sub aesni_generate8 {
17841788
.align 16
17851789
${PREFIX}_xts_encrypt:
17861790
.cfi_startproc
1791+
_CET_ENDBR
17871792
lea (%rsp),%r11 # frame pointer
17881793
.cfi_def_cfa_register %r11
17891794
push %rbp
@@ -2267,6 +2272,7 @@ sub aesni_generate8 {
22672272
.align 16
22682273
${PREFIX}_xts_decrypt:
22692274
.cfi_startproc
2275+
_CET_ENDBR
22702276
lea (%rsp),%r11 # frame pointer
22712277
.cfi_def_cfa_register %r11
22722278
push %rbp
@@ -2785,6 +2791,7 @@ sub aesni_generate8 {
27852791
.align 16
27862792
${PREFIX}_cbc_encrypt:
27872793
.cfi_startproc
2794+
_CET_ENDBR
27882795
test $len,$len # check length
27892796
jz .Lcbc_ret
27902797
@@ -3334,6 +3341,7 @@ sub aesni_generate8 {
33343341
.align 16
33353342
${PREFIX}_set_decrypt_key:
33363343
.cfi_startproc
3344+
_CET_ENDBR
33373345
.byte 0x48,0x83,0xEC,0x08 # sub rsp,8
33383346
.cfi_adjust_cfa_offset 8
33393347
call __aesni_set_encrypt_key
@@ -3406,6 +3414,7 @@ sub aesni_generate8 {
34063414
${PREFIX}_set_encrypt_key:
34073415
__aesni_set_encrypt_key:
34083416
.cfi_startproc
3417+
_CET_ENDBR
34093418
#ifdef BORINGSSL_DISPATCH_TEST
34103419
movb \$1,BORINGSSL_function_hit+3(%rip)
34113420
#endif

crypto/fipsmodule/aes/asm/vpaes-x86_64.pl

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -874,6 +874,7 @@
874874
.align 16
875875
${PREFIX}_set_encrypt_key:
876876
.cfi_startproc
877+
_CET_ENDBR
877878
#ifdef BORINGSSL_DISPATCH_TEST
878879
.extern BORINGSSL_function_hit
879880
movb \$1, BORINGSSL_function_hit+5(%rip)
@@ -929,6 +930,7 @@
929930
.align 16
930931
${PREFIX}_set_decrypt_key:
931932
.cfi_startproc
933+
_CET_ENDBR
932934
___
933935
$code.=<<___ if ($win64);
934936
lea -0xb8(%rsp),%rsp
@@ -984,6 +986,7 @@
984986
.align 16
985987
${PREFIX}_encrypt:
986988
.cfi_startproc
989+
_CET_ENDBR
987990
#ifdef BORINGSSL_DISPATCH_TEST
988991
.extern BORINGSSL_function_hit
989992
movb \$1, BORINGSSL_function_hit+4(%rip)
@@ -1033,6 +1036,7 @@
10331036
.align 16
10341037
${PREFIX}_decrypt:
10351038
.cfi_startproc
1039+
_CET_ENDBR
10361040
___
10371041
$code.=<<___ if ($win64);
10381042
lea -0xb8(%rsp),%rsp
@@ -1084,6 +1088,7 @@
10841088
.align 16
10851089
${PREFIX}_cbc_encrypt:
10861090
.cfi_startproc
1091+
_CET_ENDBR
10871092
xchg $key,$len
10881093
___
10891094
($len,$key)=($key,$len);
@@ -1169,6 +1174,7 @@
11691174
.align 16
11701175
${PREFIX}_ctr32_encrypt_blocks:
11711176
.cfi_startproc
1177+
_CET_ENDBR
11721178
# _vpaes_encrypt_core and _vpaes_encrypt_core_2x expect the key in %rdx.
11731179
xchg $key, $blocks
11741180
___

crypto/fipsmodule/bn/asm/rsaz-avx2.pl

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -116,6 +116,7 @@
116116
.align 64
117117
rsaz_1024_sqr_avx2: # 702 cycles, 14% faster than rsaz_1024_mul_avx2
118118
.cfi_startproc
119+
_CET_ENDBR
119120
lea (%rsp), %rax
120121
.cfi_def_cfa_register %rax
121122
push %rbx
@@ -867,6 +868,7 @@
867868
.align 64
868869
rsaz_1024_mul_avx2:
869870
.cfi_startproc
871+
_CET_ENDBR
870872
lea (%rsp), %rax
871873
.cfi_def_cfa_register %rax
872874
push %rbx
@@ -1478,6 +1480,7 @@
14781480
.align 32
14791481
rsaz_1024_red2norm_avx2:
14801482
.cfi_startproc
1483+
_CET_ENDBR
14811484
sub \$-128,$inp # size optimization
14821485
xor %rax,%rax
14831486
___
@@ -1519,6 +1522,7 @@
15191522
.align 32
15201523
rsaz_1024_norm2red_avx2:
15211524
.cfi_startproc
1525+
_CET_ENDBR
15221526
sub \$-128,$out # size optimization
15231527
mov ($inp),@T[0]
15241528
mov \$0x1fffffff,%eax
@@ -1563,6 +1567,7 @@
15631567
.align 32
15641568
rsaz_1024_scatter5_avx2:
15651569
.cfi_startproc
1570+
_CET_ENDBR
15661571
vzeroupper
15671572
vmovdqu .Lscatter_permd(%rip),%ymm5
15681573
shl \$4,$power
@@ -1590,6 +1595,7 @@
15901595
.align 32
15911596
rsaz_1024_gather5_avx2:
15921597
.cfi_startproc
1598+
_CET_ENDBR
15931599
vzeroupper
15941600
mov %rsp,%r11
15951601
.cfi_def_cfa_register %r11

crypto/fipsmodule/bn/asm/x86_64-mont.pl

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -96,6 +96,7 @@
9696
.align 16
9797
bn_mul_mont:
9898
.cfi_startproc
99+
_CET_ENDBR
99100
mov ${num}d,${num}d
100101
mov %rsp,%rax
101102
.cfi_def_cfa_register %rax

crypto/fipsmodule/bn/asm/x86_64-mont5.pl

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -83,6 +83,7 @@
8383
.align 64
8484
bn_mul_mont_gather5:
8585
.cfi_startproc
86+
_CET_ENDBR
8687
mov ${num}d,${num}d
8788
mov %rsp,%rax
8889
.cfi_def_cfa_register %rax
@@ -1106,6 +1107,7 @@
11061107
.align 32
11071108
bn_power5:
11081109
.cfi_startproc
1110+
_CET_ENDBR
11091111
mov %rsp,%rax
11101112
.cfi_def_cfa_register %rax
11111113
___
@@ -1250,6 +1252,7 @@
12501252
bn_sqr8x_internal:
12511253
__bn_sqr8x_internal:
12521254
.cfi_startproc
1255+
_CET_ENDBR
12531256
##############################################################
12541257
# Squaring part:
12551258
#
@@ -2748,6 +2751,7 @@
27482751
bn_sqrx8x_internal:
27492752
__bn_sqrx8x_internal:
27502753
.cfi_startproc
2754+
_CET_ENDBR
27512755
##################################################################
27522756
# Squaring part:
27532757
#
@@ -3460,6 +3464,7 @@
34603464
.align 16
34613465
bn_scatter5:
34623466
.cfi_startproc
3467+
_CET_ENDBR
34633468
cmp \$0, $num
34643469
jz .Lscatter_epilogue
34653470
@@ -3490,6 +3495,7 @@
34903495
bn_gather5:
34913496
.cfi_startproc
34923497
.LSEH_begin_bn_gather5: # Win64 thing, but harmless in other cases
3498+
_CET_ENDBR
34933499
# I can't trust assembler to use specific encoding:-(
34943500
.byte 0x4c,0x8d,0x14,0x24 #lea (%rsp),%r10
34953501
.cfi_def_cfa_register %r10

0 commit comments

Comments
 (0)