From 926221a26ed28e07167309a49da8fae724073bb3 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 18 Aug 2023 15:09:02 +0800 Subject: [PATCH 1/5] Add target platform detection macros Now we have arm/x86 32/64 detection Signed-off-by: Jerry Yu --- include/mbedtls/build_info.h | 49 ++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index c0424da82..198481363 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -49,6 +49,55 @@ #define MBEDTLS_VERSION_STRING "3.4.1" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 3.4.1" +/* Macros for build-time platform detection */ + +#if !defined(MBEDTLS_ARCH_IS_ARM64) && \ + (defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)) +#define MBEDTLS_ARCH_IS_ARM64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_ARM32) && \ + (defined(__arm__) || defined(_M_ARM) || \ + defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__)) +#define MBEDTLS_ARCH_IS_ARM32 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X64) && \ + (defined(__amd64__) || defined(__x86_64__) || \ + ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))) +#define MBEDTLS_ARCH_IS_X64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X86) && \ + (defined(__i386__) || defined(_X86_) || \ + (defined(_M_IX86) && !defined(_M_I86))) +#define MBEDTLS_ARCH_IS_X86 +#endif +/* Macros for build-time platform detection */ + +#if !defined(MBEDTLS_ARCH_IS_ARM64) && \ + (defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)) +#define MBEDTLS_ARCH_IS_ARM64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_ARM32) && \ + (defined(__arm__) || defined(_M_ARM) || \ + defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__)) +#define MBEDTLS_ARCH_IS_ARM32 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X64) && \ + (defined(__amd64__) || defined(__x86_64__) || \ + ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))) +#define MBEDTLS_ARCH_IS_X64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X86) && \ + (defined(__i386__) || defined(_X86_) || \ + (defined(_M_IX86) && !defined(_M_I86))) +#define MBEDTLS_ARCH_IS_X86 +#endif + #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 #endif From 72fd0bdc713ca43e72b77e164240fa49b0942105 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 18 Aug 2023 16:31:01 +0800 Subject: [PATCH 2/5] replace arm64 macro and aesce enable flag Signed-off-by: Jerry Yu --- library/aes.c | 10 +++++----- library/aesce.c | 4 ++-- library/aesce.h | 12 +++++------- library/gcm.c | 6 +++--- 4 files changed, 15 insertions(+), 17 deletions(-) diff --git a/library/aes.c b/library/aes.c index 47a5e3e82..c9610f59d 100644 --- a/library/aes.c +++ b/library/aes.c @@ -34,7 +34,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -#if defined(__aarch64__) +#if defined(MBEDTLS_ARCH_IS_ARM64) #if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites" #endif @@ -652,7 +652,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, } #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { return mbedtls_aesce_setkey_enc((unsigned char *) RK, key, keybits); } @@ -764,7 +764,7 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, } #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { mbedtls_aesce_inverse_key( (unsigned char *) RK, @@ -1091,7 +1091,7 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, } #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { return mbedtls_aesce_crypt_ecb(ctx, mode, input, output); } @@ -1910,7 +1910,7 @@ int mbedtls_aes_self_test(int verbose) mbedtls_printf(" AES note: using VIA Padlock.\n"); } else #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { mbedtls_printf(" AES note: using AESCE.\n"); } else diff --git a/library/aesce.c b/library/aesce.c index 6f75a67d7..8b42b034f 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -46,7 +46,7 @@ #include "aesce.h" -#if defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_ARCH_IS_ARM64) /* Compiler version checks. */ #if defined(__clang__) @@ -510,6 +510,6 @@ void mbedtls_aesce_gcm_mult(unsigned char c[16], #undef MBEDTLS_POP_TARGET_PRAGMA #endif -#endif /* MBEDTLS_HAVE_ARM64 */ +#endif /* MBEDTLS_ARCH_IS_ARM64 */ #endif /* MBEDTLS_AESCE_C */ diff --git a/library/aesce.h b/library/aesce.h index 735c8cfad..91aa7d2bb 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -30,13 +30,11 @@ #include "mbedtls/aes.h" -#if !defined(MBEDTLS_HAVE_ARM64) -#if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC) -#define MBEDTLS_HAVE_ARM64 -#endif -#endif +#include "common.h" -#if defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARM64) + +#define MBEDTLS_AESCE_HAVE_CODE #ifdef __cplusplus extern "C" { @@ -131,6 +129,6 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk, } #endif -#endif /* MBEDTLS_HAVE_ARM64 */ +#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARM64 */ #endif /* MBEDTLS_AESCE_H */ diff --git a/library/gcm.c b/library/gcm.c index 786290f2f..b06ca4a31 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -97,7 +97,7 @@ static int gcm_gen_table(mbedtls_gcm_context *ctx) } #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { return 0; } @@ -208,7 +208,7 @@ static void gcm_mult(mbedtls_gcm_context *ctx, const unsigned char x[16], } #endif /* MBEDTLS_AESNI_HAVE_CODE */ -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { unsigned char h[16]; @@ -885,7 +885,7 @@ int mbedtls_gcm_self_test(int verbose) } else #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { mbedtls_printf(" GCM note: using AESCE.\n"); } else From d6e312dde4c636cc25478e729227b9a9677bd579 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 18 Aug 2023 17:19:51 +0800 Subject: [PATCH 3/5] replace aesni target detection macros Signed-off-by: Jerry Yu --- library/aes.c | 5 ++--- library/aesni.h | 15 ++------------- 2 files changed, 4 insertions(+), 16 deletions(-) diff --git a/library/aes.c b/library/aes.c index c9610f59d..0a7b26ce9 100644 --- a/library/aes.c +++ b/library/aes.c @@ -40,14 +40,13 @@ #endif #endif -#if defined(__amd64__) || defined(__x86_64__) || \ - ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC)) +#if defined(MBEDTLS_ARCH_IS_X64) #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites" #endif #endif -#if defined(__i386__) || defined(_M_IX86) +#if defined(MBEDTLS_ARCH_IS_X86) #if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && !defined(MBEDTLS_AESNI_C) #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites" #endif diff --git a/library/aesni.h b/library/aesni.h index 332a0f072..e9064eeb9 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -35,20 +35,9 @@ /* Can we do AESNI with inline assembly? * (Only implemented with gas syntax, only for 64-bit.) */ -#if !defined(MBEDTLS_HAVE_X86_64) && \ - (defined(__amd64__) || defined(__x86_64__) || \ - defined(_M_X64) || defined(_M_AMD64)) && \ - !defined(_M_ARM64EC) -#define MBEDTLS_HAVE_X86_64 -#endif - -#if !defined(MBEDTLS_HAVE_X86) && \ - (defined(__i386__) || defined(_M_IX86)) -#define MBEDTLS_HAVE_X86 -#endif #if defined(MBEDTLS_AESNI_C) && \ - (defined(MBEDTLS_HAVE_X86_64) || defined(MBEDTLS_HAVE_X86)) + (defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_X86)) /* Can we do AESNI with intrinsics? * (Only implemented with certain compilers, only for certain targets.) @@ -75,7 +64,7 @@ #if defined(MBEDTLS_AESNI_HAVE_INTRINSICS) #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics #elif defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && defined(MBEDTLS_HAVE_X86_64) + defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X64) #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly #elif defined(__GNUC__) # error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C" From 782b966666ba04c3076cd07d4f1cecf69af49e1a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 21 Aug 2023 11:25:01 +0800 Subject: [PATCH 4/5] replace target arch macros in padlock Signed-off-by: Jerry Yu --- library/padlock.c | 4 ++-- library/padlock.h | 8 ++------ 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/library/padlock.c b/library/padlock.c index f42c40ff9..563d40e7c 100644 --- a/library/padlock.c +++ b/library/padlock.c @@ -31,7 +31,7 @@ #include -#if defined(MBEDTLS_HAVE_X86) +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) /* * PadLock detection routine @@ -162,6 +162,6 @@ int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx, return 0; } -#endif /* MBEDTLS_HAVE_X86 */ +#endif /* MBEDTLS_VIA_PADLOCK_HAVE_CODE */ #endif /* MBEDTLS_PADLOCK_C */ diff --git a/library/padlock.h b/library/padlock.h index ae5c48654..d3ed2c39e 100644 --- a/library/padlock.h +++ b/library/padlock.h @@ -39,15 +39,11 @@ #endif /* Some versions of ASan result in errors about not enough registers */ -#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \ - !defined(MBEDTLS_HAVE_ASAN) +#if defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X86) && \ + defined(MBEDTLS_HAVE_ASM) && !defined(MBEDTLS_HAVE_ASAN) #define MBEDTLS_VIA_PADLOCK_HAVE_CODE -#ifndef MBEDTLS_HAVE_X86 -#define MBEDTLS_HAVE_X86 -#endif - #include #define MBEDTLS_PADLOCK_RNG 0x000C From f65f71eef35b663e790316de42aa37896b0561d6 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 28 Aug 2023 10:58:24 +0800 Subject: [PATCH 5/5] improve various issues - duplicate definition - wrong comments - redundant include statement Signed-off-by: Jerry Yu --- include/mbedtls/build_info.h | 24 ------------------------ library/aesce.h | 1 - library/aesni.h | 7 +++---- library/padlock.h | 11 ++++++++--- 4 files changed, 11 insertions(+), 32 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 198481363..92a4e64cb 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -68,30 +68,6 @@ #define MBEDTLS_ARCH_IS_X64 #endif -#if !defined(MBEDTLS_ARCH_IS_X86) && \ - (defined(__i386__) || defined(_X86_) || \ - (defined(_M_IX86) && !defined(_M_I86))) -#define MBEDTLS_ARCH_IS_X86 -#endif -/* Macros for build-time platform detection */ - -#if !defined(MBEDTLS_ARCH_IS_ARM64) && \ - (defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)) -#define MBEDTLS_ARCH_IS_ARM64 -#endif - -#if !defined(MBEDTLS_ARCH_IS_ARM32) && \ - (defined(__arm__) || defined(_M_ARM) || \ - defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__)) -#define MBEDTLS_ARCH_IS_ARM32 -#endif - -#if !defined(MBEDTLS_ARCH_IS_X64) && \ - (defined(__amd64__) || defined(__x86_64__) || \ - ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))) -#define MBEDTLS_ARCH_IS_X64 -#endif - #if !defined(MBEDTLS_ARCH_IS_X86) && \ (defined(__i386__) || defined(_X86_) || \ (defined(_M_IX86) && !defined(_M_I86))) diff --git a/library/aesce.h b/library/aesce.h index 91aa7d2bb..d24c423b8 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -30,7 +30,6 @@ #include "mbedtls/aes.h" -#include "common.h" #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARM64) diff --git a/library/aesni.h b/library/aesni.h index e9064eeb9..ba1429029 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -32,10 +32,6 @@ #define MBEDTLS_AESNI_AES 0x02000000u #define MBEDTLS_AESNI_CLMUL 0x00000002u -/* Can we do AESNI with inline assembly? - * (Only implemented with gas syntax, only for 64-bit.) - */ - #if defined(MBEDTLS_AESNI_C) && \ (defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_X86)) @@ -65,6 +61,9 @@ #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics #elif defined(MBEDTLS_HAVE_ASM) && \ defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X64) +/* Can we do AESNI with inline assembly? + * (Only implemented with gas syntax, only for 64-bit.) + */ #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly #elif defined(__GNUC__) # error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C" diff --git a/library/padlock.h b/library/padlock.h index d3ed2c39e..a00afe04f 100644 --- a/library/padlock.h +++ b/library/padlock.h @@ -38,9 +38,14 @@ #endif #endif -/* Some versions of ASan result in errors about not enough registers */ -#if defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X86) && \ - defined(MBEDTLS_HAVE_ASM) && !defined(MBEDTLS_HAVE_ASAN) +/* + * - `padlock` is implements with GNUC assembly for x86 target. + * - Some versions of ASan result in errors about not enough registers. + */ +#if defined(MBEDTLS_PADLOCK_C) && \ + defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X86) && \ + defined(MBEDTLS_HAVE_ASM) && \ + !defined(MBEDTLS_HAVE_ASAN) #define MBEDTLS_VIA_PADLOCK_HAVE_CODE