Commit Graph

28 Commits

Author SHA1 Message Date
Adam Langley
1d1345377a Support three-argument instructions on x86-64.
Change-Id: I81c855cd4805d4a5016999669a0cb5261838f23a
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/35224
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
2019-03-11 21:41:40 +00:00
David Benjamin
c0f4dbe4e2 Move aes_nohw, bsaes, and vpaes prototypes to aes/internal.h.
This is in preparation for adding ABI tests to them.

In doing so, update delocate.go so that OPENSSL_ia32cap_get is consistently
callable outside the module. Right now it's callable both inside and outside
normally, but not in FIPS mode because the function is generated. This is
needed for tests and the module to share headers that touch OPENSSL_ia32cap_P.

Change-Id: Idbc7d694acfb974e0b04adac907dab621e87de62
Reviewed-on: https://boringssl-review.googlesource.com/c/34188
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2019-01-09 03:35:55 +00:00
Adam Langley
b018908475 Better handle AVX-512 assembly syntax.
https://boringssl-review.googlesource.com/c/boringssl/+/24945 was mistaken in
that it thought that these AVX-512 assembly extensions were an
instruction-level thing, whereas they actually appear to be an argument-level
modifier.

This change parses them as such and unbreaks some AVX-512 instructions that can
be emitted by compilers with certain combinations of flags.

Change-Id: I9af5a4fec21f55d3198a248c9175252e229c355a
Reviewed-on: https://boringssl-review.googlesource.com/c/32484
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-10-15 23:31:23 +00:00
Matthew Braithwaite
7039f40368 Rename inject-hash: Bazel does not like hyphens.
(Only in package names.  Hyphens in file names are file.)

Change-Id: I80b705a780ffbad056abe7a7868d5682b30d2d44
Reviewed-on: https://boringssl-review.googlesource.com/32144
Commit-Queue: Matt Braithwaite <mab@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
2018-09-26 21:50:36 +00:00
Joshua Liebow-Feeser
066b108957 Add util/read_symbols.go
- Add util/read_symbols.go to read exported symbols from an AR
  file for use with the symbol prefixing feature
- Move util/fipstools/fipscommon/ar.go -> util/ar/ar.go
- util/ar/ar.go: Support BSD-style AR files

Change-Id: I171b3b952e69c4b87ac04751b7dba3ea9bc2504e
Reviewed-on: https://boringssl-review.googlesource.com/32024
Reviewed-by: David Benjamin <davidben@google.com>
2018-09-24 20:25:48 +00:00
David Benjamin
5baee45652 Use Go modules with delocate.
This makes running go test, etc., in util/fipstools/delocate work! This
adds a go_executable command to CMake like:

  go_executable(delocate boringssl.googlesource.com/boringssl/util/fipstools/delocate)

which internally gets dependencies and whatnot so it behaves like usual
Go.

Update-Note: delocate has been rearranged a bit.
Change-Id: I244a7317dd8d4f2ab77a0daa624ed3e0b385faef
Reviewed-on: https://boringssl-review.googlesource.com/31885
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2018-09-17 22:19:52 +00:00
Adam Langley
fadd8b4244 Add script for showing FIPS self-test failures.
Change-Id: I6e98a518ea9a29d9de7691a430fbbbd2a504c08d
Reviewed-on: https://boringssl-review.googlesource.com/30124
Reviewed-by: Adam Langley <agl@google.com>
2018-07-30 22:41:04 +00:00
Adam Langley
79f1a49c3a Update delocate to handle new compiler output.
Delocate failed with some versions of Clang that reference
OPENSSL_ia32cap_P with an orq instruction.

Change-Id: I448d291594f5f147424e6f7014a681c4201b0aee
Reviewed-on: https://boringssl-review.googlesource.com/29764
Reviewed-by: Adam Langley <alangley@gmail.com>
2018-07-13 19:37:15 +00:00
Adam Langley
6f6a237d46 delocate: put emitted labels in a specific file.
Otherwise Clang has to assign a file entry to the label which conflicts with
later, explicit, file entries.

Change-Id: Ifc782821517aa7b48ba3ef304d4468f2bc850ac2
Reviewed-on: https://boringssl-review.googlesource.com/27544
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-04-19 17:54:31 +00:00
David Benjamin
385e4e9d98 Handle directive arguments with * in them.
Some of the CFI directives from upstream include expressions such as:

   .cfi_adjust_cfa_offset 32*5+8

(Also the latest version of peg moves the go generate line to
delocate.peg.go.)

Change-Id: I21bdf9ae44f81e4eca7b3565c4581a670f621a80
Reviewed-on: https://boringssl-review.googlesource.com/25624
Reviewed-by: Adam Langley <agl@google.com>
2018-02-02 19:59:06 +00:00
Adam Langley
05a8434484 Support AVX-512 instructions with a writemask in delocate.
AVX-512 adds a new text instruction syntax to x86-64 assembly to specify
the writemask registers and the merge-masking vs zeroing-masking signal.

This change causes these tokens to be passed through.

Patch by Jeff McDonald.

Change-Id: Ib15b15ac684183cc5fba329a176b63b477bc24a3
Reviewed-on: https://boringssl-review.googlesource.com/24945
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-01-22 18:00:18 +00:00
Adam Langley
c7ef069ac9 Fix format-string error in delocate.go.
Errorf treats its argument as a format string and so “%rax” is a
problem.

Change-Id: I863ef361f07d0b8a348994efe45869202d0b31f1
Reviewed-on: https://boringssl-review.googlesource.com/24944
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-01-18 19:08:50 +00:00
Adam Langley
ef16f19ef2 Support delocating vpbroadcastq.
(This can be generated with -mavx2.)

Change-Id: I6d92d9e93eb448357342ef86d050321f0ef40f9e
Reviewed-on: https://boringssl-review.googlesource.com/24504
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-01-02 21:06:52 +00:00
David Benjamin
c5cc88d800 Test that movsd without arguments is left as-is.
This works fine, but probably worth a test.

Change-Id: If060b473958c1664e450102cafe0ca28951bff49
Reviewed-on: https://boringssl-review.googlesource.com/20444
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-09-18 19:09:31 +00:00
Adam Langley
e314e1c000 Support [v]movsd in delocate.
Newer versions of LLVM can emit this instruction. Note that there are
two different Intel instructions, both called “movsd”. The old one is an
auto-incrementing move that doesn't take any arguments. That's not the
one that is targetted in this change.

Change-Id: Id0c96e0c7fe0f6e4feb8a72b5bc0fa40878225b9
Reviewed-on: https://boringssl-review.googlesource.com/20425
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-09-18 18:49:26 +00:00
Adam Langley
32c5b8dee3 delocate vmovq correctly.
vmovq clears the upper 128 bits of a YMM register, while movq does not.
When translating vmovq to an XMM register, we need to use vmovq in the
final move in order to keep this behaviour.

Change-Id: I81b6eee3ee6db0ea90d7c5098fc7c4ccefaf3b12
Reviewed-on: https://boringssl-review.googlesource.com/20424
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-09-18 18:39:05 +00:00
David Benjamin
cd60bf0e0a Fix PPC redirectors.
Our old redirectors were emitting code to call their target functions normally.
However, the PPC ABI expects callers to set up parameter save areas for their
callees, notably if the target is a varargs function.

Instead, mimic the pattern used when calling an external function or function
pointer and avoid touching the stack.

Change-Id: Ia28c9d2b82fcd99c4a2f70f5f587d0e0463a6f0e
Reviewed-on: https://boringssl-review.googlesource.com/17284
Reviewed-by: Adam Langley <agl@google.com>
2017-06-22 02:37:19 +00:00
David Benjamin
773ae91d0e Fix PPC ELF ABI citation.
There was a typo there. Also the document's title capitalizes "64-Bit"
and "V2" funny.

Change-Id: I38a7f8d575ce2bb48dcc2ce5a4d683a7a170db87
Reviewed-on: https://boringssl-review.googlesource.com/17268
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2017-06-20 22:19:43 +00:00
Adam Langley
ff2394527f ppc64le delocate: avoid r0 as a base register.
On POWER, r0 is wired to zero in some argument positions of some
instructions. The base register for a load is one of them. Thus, if
rewriting a load to r0, we cannot use r0 to store the base address.

This could be more efficient, but loading to r0 appears to be very rare
so I'm not going to worry about it for now.

Change-Id: I14dac96ba4c0380b166a7667b0cba918f1ae25ec
Reviewed-on: https://boringssl-review.googlesource.com/17065
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-10 00:00:58 +00:00
Adam Langley
a09a65ffdb Be slightly more relaxed about how ppc64le global-entry TOC references look.
Clang 4.0 on ppc64le generated symbols called “.LCE0” and so on.

Change-Id: I6bacf24365aa547d0ca9e5f338e4bb966df31708
Reviewed-on: https://boringssl-review.googlesource.com/17005
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
2017-06-08 21:33:29 +00:00
David Benjamin
055375ef26 Support more complex offset / symbol section interleavings.
LLVM likes to emit offsets of the form foo@toc@ha+16, which we didn't
support. Generalize parseMemRef to handle this case and avoid some of
the repeated offset special-cases. Offsets are now always folded into
the SymbolRef.

This still does not quite implement a fully general GAS-compatible
parser as GAS's parser is insane. GAS in x86_64 will happily accept
things like:

  1@GOTPCREL+foo
  blah1@GOTPCREL-blah2+blah3-blah4+blah5 # GOTPCREL modifies blah5, rest
                                         # of expression is an offset.

GAS actually textually pulls @GOTPCREL out of the input partway through
parsing the expression and parses the modified input! Then its normal
parser goes and maintains a running expression of a specific type and,
at each term, attempts to merge it into what it currently has. So adding
and subtracting symbols is not commutative (signs must alternate or so)
and the last symbol wins.

However its PPC64 parser is not as general and just terminates each
expression after @toc@ha and friends, except that it special-cases
foo@toc@ha+16: if it can parse one more expression after @toc@ha AND it
is a constant expression, then it is added into the running offset.
Otherwise it leaves that data unconsumed.

This is all ridiculous, so just generalize our parser slightly to cover
foo@toc@ha+16 and see how far we get from there.

Change-Id: I65970791fc10fb2638fd7be8cc841900eb997c9c
Reviewed-on: https://boringssl-review.googlesource.com/16944
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-06 22:48:26 +00:00
Adam Langley
cd334a54ca Handle TOC offsets by giving them to the linker.
An offset > 2^15 would exceed the range of an addi immediate on ppc64le.
Thus, rather than add the offset after loading the TOC reference, have
different tocloader functions for each (symbol, offset) pair. In this
case, the linker can handle large offsets by changing the value of
foo+offset@toc@ha accordingly.

Change-Id: Iac1481bccaf55fb0c2b080eedebaf11befdae465
Reviewed-on: https://boringssl-review.googlesource.com/16784
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-01 21:29:23 +00:00
David Benjamin
592af53963 Clarify toc@ha and offsets.
At first I thought something was wrong, but some experiments with GCC
and digging into relocation definitions confirmed things were fine. In
doing so, tweak the comments so the offset is written more clearly. Both
offset+foo@toc@l and foo@toc@l+offset bind apply the @l after adding the
offset, but it's slightly less confusing with the former spelling.

Change-Id: I43b2c0b8855f64ac6ca4d95ae85bec680a19bc1c
Reviewed-on: https://boringssl-review.googlesource.com/16705
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-30 19:01:54 +00:00
Adam Langley
f64a6eeaf0 Switch to new delocate tool.
Most importantly, this version of delocate works for ppc64le. It should
also work for x86-64, but will need significant testing to make sure
that it covers all the cases that the previous delocate.go covered.

It's less stringtastic than the old code, however the parser isn't as
nice as I would have liked. I thought that the reason we put up with
AT&T syntax with Intel is so that assembly syntax could be somewhat
consistent across platforms. At least for ppc64le, that does not appear
to be the case.

Change-Id: Ic7e3c6acc3803d19f2c3ff5620c5e39703d74212
Reviewed-on: https://boringssl-review.googlesource.com/16464
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-30 18:00:16 +00:00
Adam Langley
21cb0744bb Add tool for corrupting the FIPS module in a binary.
This is for demonstrating an integrity check failure.

Change-Id: I4b52b1aa5450f5dec024f381863aeed92b5e9ce0
Reviewed-on: https://boringssl-review.googlesource.com/16465
Reviewed-by: Martin Kreichgauer <martinkr@google.com>
Reviewed-by: Adam Langley <alangley@gmail.com>
2017-05-23 22:41:14 +00:00
David Benjamin
4dcc290eb0 Fix GOTPCREL accesses to symbols defined outside the module.
5c38c05b26 caused foo@GOTPCREL for
external foo to resolve to bcm_redirector_foo. This is morally
equivalent to using foo@PLT when a pointer to foo is needed. But this
does not work if foo is data. Notably, this ended up mangling
OPENSSL_ia32cap_P because it failed to recognize it as an symbol in the
library (but external to the module). It also mangles some things that
ASan emits.

(It also breaks non-NULL function pointer comparisons, but those are
silly.)

Instead, apply a variation of the OPENSSL_ia32cap_addr_delta trick that
works for the GOT. "addr_delta" is really weird, so I'm calling this an
"external relocation". This causes fprintf(stderr) to work and also
seems to keep ASan compiling. I was unable to reproduce the case that
5c38c05b26 added the bcm_redirector_foo
transform for.

Also tighten up the pattern. No need to reference a bit of memory twice
since we just loaded it into a register.

Change-Id: If5520fc0887e83e23a08828e40fbbed9e47d912e
Reviewed-on: https://boringssl-review.googlesource.com/16345
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-15 23:33:15 +00:00
Adam Langley
2f238d981a Accept vmovq as an alias for movq.
Change-Id: I358b5da2463597e6b3d5841a4faa974c604e5df5
Reviewed-on: https://boringssl-review.googlesource.com/16284
Reviewed-by: Matt Braithwaite <mab@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-12 20:33:40 +00:00
David Benjamin
391cc8c7a1 Move FIPS build tools to util/fipstools.
This makes things a little easier for some of our tooling.

Change-Id: Ia7e73daf0a5150b106cf9b03b10cae194cb8fc5a
Reviewed-on: https://boringssl-review.googlesource.com/15104
Reviewed-by: Matt Braithwaite <mab@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2017-05-12 15:08:46 +00:00