From jussi.kivilinna at iki.fi Tue Mar 10 17:57:27 2015 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Tue, 10 Mar 2015 18:57:27 +0200 Subject: [PATCH 1/3] tests/bench-slope: fix memory-leak and use-after-free bugs Message-ID: <20150310165727.24124.15823.stgit@localhost6.localdomain6> * tests/bench-slope.c (do_slope_benchmark): Free 'measurements' at end. (bench_mac_init): Move 'key' free at end of function. -- Signed-off-by: Jussi Kivilinna --- tests/bench-slope.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/bench-slope.c b/tests/bench-slope.c index c309b7e..394d7fc 100644 --- a/tests/bench-slope.c +++ b/tests/bench-slope.c @@ -442,6 +442,7 @@ do_slope_benchmark (struct bench_obj *obj) &overhead); free (measurement_raw); + free (measurements); free (real_buffer); obj->ops->finalize (obj); @@ -1450,11 +1451,11 @@ bench_mac_init (struct bench_obj *obj) } err = gcry_mac_setkey (hd, key, keylen); - free (key); if (err) { fprintf (stderr, PGM ": error setting key for mac `%s'\n", gcry_mac_algo_name (mode->algo)); + free (key); exit (1); } @@ -1473,6 +1474,7 @@ bench_mac_init (struct bench_obj *obj) obj->priv = hd; + free (key); return 0; } From jussi.kivilinna at iki.fi Tue Mar 10 17:57:32 2015 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Tue, 10 Mar 2015 18:57:32 +0200 Subject: [PATCH 2/3] bufhelp: use one-byte aligned type for unaligned memory accesses In-Reply-To: <20150310165727.24124.15823.stgit@localhost6.localdomain6> References: <20150310165727.24124.15823.stgit@localhost6.localdomain6> Message-ID: <20150310165732.24124.33731.stgit@localhost6.localdomain6> * cipher/bufhelp.h (BUFHELP_FAST_UNALIGNED_ACCESS): Enable only when HAVE_GCC_ATTRIBUTE_PACKED. (bufhelp_int_t): New type. (buf_cpy, buf_xor, buf_xor_1, buf_xor_2dst, buf_xor_n_copy_2): Use 'bufhelp_int_t'. * configure.ac (gcry_cv_gcc_attribute_packed): New. -- Signed-off-by: Jussi Kivilinna --- cipher/bufhelp.h | 111 ++++++++++++++++++++++++++++++++---------------------- configure.ac | 19 +++++++++ 2 files changed, 85 insertions(+), 45 deletions(-) diff --git a/cipher/bufhelp.h b/cipher/bufhelp.h index a372acb..bd81937 100644 --- a/cipher/bufhelp.h +++ b/cipher/bufhelp.h @@ -33,10 +33,12 @@ #include "bithelp.h" -#if defined(__i386__) || defined(__x86_64__) || \ - defined(__powerpc__) || defined(__powerpc64__) || \ - (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ - defined(__aarch64__) +#undef BUFHELP_FAST_UNALIGNED_ACCESS +#if defined(HAVE_GCC_ATTRIBUTE_PACKED) && \ + (defined(__i386__) || defined(__x86_64__) || \ + defined(__powerpc__) || defined(__powerpc64__) || \ + (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ + defined(__aarch64__)) /* These architectures are able of unaligned memory accesses and can handle those fast. */ @@ -44,6 +46,25 @@ #endif +#ifdef BUFHELP_FAST_UNALIGNED_ACCESS +/* Define type with one-byte alignment on architectures with fast unaligned + memory accesses. + */ +typedef struct bufhelp_int_s +{ + uintptr_t a; +} __attribute__((packed)) bufhelp_int_t; +#else +/* Define type with default alignment for other architectures (unaligned + accessed handled in per byte loops). + */ +typedef struct bufhelp_int_s +{ + uintptr_t a; +} bufhelp_int_t; +#endif + + /* Optimized function for small buffer copying */ static inline void buf_cpy(void *_dst, const void *_src, size_t len) @@ -54,21 +75,21 @@ buf_cpy(void *_dst, const void *_src, size_t len) #else byte *dst = _dst; const byte *src = _src; - uintptr_t *ldst; - const uintptr_t *lsrc; + bufhelp_int_t *ldst; + const bufhelp_int_t *lsrc; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)dst | (uintptr_t)src) & longmask) goto do_bytes; #endif - ldst = (uintptr_t *)(void *)dst; - lsrc = (const uintptr_t *)(const void *)src; + ldst = (bufhelp_int_t *)(void *)dst; + lsrc = (const bufhelp_int_t *)(const void *)src; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst++ = *lsrc++; + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst++)->a = (lsrc++)->a; dst = (byte *)ldst; src = (const byte *)lsrc; @@ -90,22 +111,22 @@ buf_xor(void *_dst, const void *_src1, const void *_src2, size_t len) byte *dst = _dst; const byte *src1 = _src1; const byte *src2 = _src2; - uintptr_t *ldst; - const uintptr_t *lsrc1, *lsrc2; + bufhelp_int_t *ldst; + const bufhelp_int_t *lsrc1, *lsrc2; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)dst | (uintptr_t)src1 | (uintptr_t)src2) & longmask) goto do_bytes; #endif - ldst = (uintptr_t *)(void *)dst; - lsrc1 = (const uintptr_t *)(const void *)src1; - lsrc2 = (const uintptr_t *)(const void *)src2; + ldst = (bufhelp_int_t *)(void *)dst; + lsrc1 = (const bufhelp_int_t *)(const void *)src1; + lsrc2 = (const bufhelp_int_t *)(const void *)src2; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst++ = *lsrc1++ ^ *lsrc2++; + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst++)->a = (lsrc1++)->a ^ (lsrc2++)->a; dst = (byte *)ldst; src1 = (const byte *)lsrc1; @@ -126,21 +147,21 @@ buf_xor_1(void *_dst, const void *_src, size_t len) { byte *dst = _dst; const byte *src = _src; - uintptr_t *ldst; - const uintptr_t *lsrc; + bufhelp_int_t *ldst; + const bufhelp_int_t *lsrc; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)dst | (uintptr_t)src) & longmask) goto do_bytes; #endif - ldst = (uintptr_t *)(void *)dst; - lsrc = (const uintptr_t *)(const void *)src; + ldst = (bufhelp_int_t *)(void *)dst; + lsrc = (const bufhelp_int_t *)(const void *)src; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst++ ^= *lsrc++; + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst++)->a ^= (lsrc++)->a; dst = (byte *)ldst; src = (const byte *)lsrc; @@ -162,22 +183,22 @@ buf_xor_2dst(void *_dst1, void *_dst2, const void *_src, size_t len) byte *dst1 = _dst1; byte *dst2 = _dst2; const byte *src = _src; - uintptr_t *ldst1, *ldst2; - const uintptr_t *lsrc; + bufhelp_int_t *ldst1, *ldst2; + const bufhelp_int_t *lsrc; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)src | (uintptr_t)dst1 | (uintptr_t)dst2) & longmask) goto do_bytes; #endif - ldst1 = (uintptr_t *)(void *)dst1; - ldst2 = (uintptr_t *)(void *)dst2; - lsrc = (const uintptr_t *)(const void *)src; + ldst1 = (bufhelp_int_t *)(void *)dst1; + ldst2 = (bufhelp_int_t *)(void *)dst2; + lsrc = (const bufhelp_int_t *)(const void *)src; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst1++ = (*ldst2++ ^= *lsrc++); + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst1++)->a = ((ldst2++)->a ^= (lsrc++)->a); dst1 = (byte *)ldst1; dst2 = (byte *)ldst2; @@ -203,11 +224,11 @@ buf_xor_n_copy_2(void *_dst_xor, const void *_src_xor, void *_srcdst_cpy, const byte *src_xor = _src_xor; const byte *src_cpy = _src_cpy; byte temp; - uintptr_t *ldst_xor, *lsrcdst_cpy; - const uintptr_t *lsrc_cpy, *lsrc_xor; + bufhelp_int_t *ldst_xor, *lsrcdst_cpy; + const bufhelp_int_t *lsrc_cpy, *lsrc_xor; uintptr_t ltemp; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)src_cpy | (uintptr_t)src_xor | (uintptr_t)dst_xor | @@ -215,16 +236,16 @@ buf_xor_n_copy_2(void *_dst_xor, const void *_src_xor, void *_srcdst_cpy, goto do_bytes; #endif - ldst_xor = (uintptr_t *)(void *)dst_xor; - lsrc_xor = (const uintptr_t *)(void *)src_xor; - lsrcdst_cpy = (uintptr_t *)(void *)srcdst_cpy; - lsrc_cpy = (const uintptr_t *)(const void *)src_cpy; + ldst_xor = (bufhelp_int_t *)(void *)dst_xor; + lsrc_xor = (const bufhelp_int_t *)(void *)src_xor; + lsrcdst_cpy = (bufhelp_int_t *)(void *)srcdst_cpy; + lsrc_cpy = (const bufhelp_int_t *)(const void *)src_cpy; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) { - ltemp = *lsrc_cpy++; - *ldst_xor++ = *lsrcdst_cpy ^ *lsrc_xor++; - *lsrcdst_cpy++ = ltemp; + ltemp = (lsrc_cpy++)->a; + (ldst_xor++)->a = (lsrcdst_cpy)->a ^ (lsrc_xor++)->a; + (lsrcdst_cpy++)->a = ltemp; } dst_xor = (byte *)ldst_xor; diff --git a/configure.ac b/configure.ac index 4bbd686..865e116 100644 --- a/configure.ac +++ b/configure.ac @@ -958,6 +958,25 @@ fi # +# Check whether the compiler supports the GCC style packed attribute +# +AC_CACHE_CHECK([whether the GCC style packed attribute is supported], + [gcry_cv_gcc_attribute_packed], + [gcry_cv_gcc_attribute_packed=no + AC_COMPILE_IFELSE([AC_LANG_SOURCE( + [[struct foo_s { char a; long b; } __attribute__ ((packed)); + enum bar { + FOO = 1 / (sizeof(struct foo_s) == (sizeof(char) + sizeof(long))), + }; + ]])], + [gcry_cv_gcc_attribute_packed=yes])]) +if test "gcry_cv_gcc_attribute_packed" = "yes" ; then + AC_DEFINE(HAVE_GCC_ATTRIBUTE_PACKED,1, + [Defined if a GCC style "__attribute__ ((packed))" is supported]) +fi + + +# # Check whether the compiler supports 'asm' or '__asm__' keyword for # assembler blocks. # From jussi.kivilinna at iki.fi Tue Mar 10 17:57:37 2015 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Tue, 10 Mar 2015 18:57:37 +0200 Subject: [PATCH 3/3] wipememory: use one-byte aligned type for unaligned memory accesses In-Reply-To: <20150310165727.24124.15823.stgit@localhost6.localdomain6> References: <20150310165727.24124.15823.stgit@localhost6.localdomain6> Message-ID: <20150310165737.24124.61457.stgit@localhost6.localdomain6> * src/g10lib.h (fast_wipememory2_unaligned_head): Enable unaligned access only when HAVE_GCC_ATTRIBUTE_PACKED. (fast_wipememory_t): New. (fast_wipememory2): Use 'fast_wipememory_t'. -- Signed-off-by: Jussi Kivilinna --- src/g10lib.h | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/src/g10lib.h b/src/g10lib.h index 238871d..12eea73 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -323,16 +323,25 @@ void __gcry_burn_stack (unsigned int bytes); #endif /* Following architectures can handle unaligned accesses fast. */ -#if defined(__i386__) || defined(__x86_64__) || \ - defined(__powerpc__) || defined(__powerpc64__) || \ - (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ - defined(__aarch64__) +#if defined(HAVE_GCC_ATTRIBUTE_PACKED) && \ + (defined(__i386__) || defined(__x86_64__) || \ + defined(__powerpc__) || defined(__powerpc64__) || \ + (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ + defined(__aarch64__)) #define fast_wipememory2_unaligned_head(_ptr,_set,_len) /*do nothing*/ +typedef struct fast_wipememory_s +{ + FASTWIPE_T a; +} __attribute__((packed)) fast_wipememory_t; #else #define fast_wipememory2_unaligned_head(_vptr,_vset,_vlen) do { \ while((size_t)(_vptr)&(sizeof(FASTWIPE_T)-1) && _vlen) \ { *_vptr=(_vset); _vptr++; _vlen--; } \ } while(0) +typedef struct fast_wipememory_s +{ + FASTWIPE_T a; +} fast_wipememory_t; #endif /* fast_wipememory2 may leave tail bytes unhandled, in which case tail bytes @@ -344,8 +353,9 @@ void __gcry_burn_stack (unsigned int bytes); break; \ _vset_long *= FASTWIPE_MULT; \ do { \ - volatile FASTWIPE_T *_vptr_long = (volatile void *)_vptr; \ - *_vptr_long = _vset_long; \ + volatile fast_wipememory_t *_vptr_long = \ + (volatile void *)_vptr; \ + _vptr_long->a = _vset_long; \ _vlen -= sizeof(FASTWIPE_T); \ _vptr += sizeof(FASTWIPE_T); \ } while (_vlen >= sizeof(FASTWIPE_T)); \ From jussi.kivilinna at iki.fi Wed Mar 11 18:04:46 2015 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Wed, 11 Mar 2015 19:04:46 +0200 Subject: [PATCH v2 1/2] bufhelp: use one-byte aligned type for unaligned memory accesses Message-ID: <20150311170446.1568.17727.stgit@localhost6.localdomain6> * cipher/bufhelp.h (BUFHELP_FAST_UNALIGNED_ACCESS): Enable only when HAVE_GCC_ATTRIBUTE_PACKED and HAVE_GCC_ATTRIBUTE_ALIGNED are defined. (bufhelp_int_t): New type. (buf_cpy, buf_xor, buf_xor_1, buf_xor_2dst, buf_xor_n_copy_2): Use 'bufhelp_int_t'. * configure.ac (gcry_cv_gcc_attribute_packed): New. -- Signed-off-by: Jussi Kivilinna --- cipher/bufhelp.h | 147 +++++++++++++++++++++++++++++++++--------------------- configure.ac | 18 +++++++ 2 files changed, 108 insertions(+), 57 deletions(-) diff --git a/cipher/bufhelp.h b/cipher/bufhelp.h index a372acb..252d3bc 100644 --- a/cipher/bufhelp.h +++ b/cipher/bufhelp.h @@ -33,10 +33,13 @@ #include "bithelp.h" -#if defined(__i386__) || defined(__x86_64__) || \ - defined(__powerpc__) || defined(__powerpc64__) || \ - (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ - defined(__aarch64__) +#undef BUFHELP_FAST_UNALIGNED_ACCESS +#if defined(HAVE_GCC_ATTRIBUTE_PACKED) && \ + defined(HAVE_GCC_ATTRIBUTE_ALIGNED) && \ + (defined(__i386__) || defined(__x86_64__) || \ + defined(__powerpc__) || defined(__powerpc64__) || \ + (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ + defined(__aarch64__)) /* These architectures are able of unaligned memory accesses and can handle those fast. */ @@ -44,6 +47,25 @@ #endif +#ifdef BUFHELP_FAST_UNALIGNED_ACCESS +/* Define type with one-byte alignment on architectures with fast unaligned + memory accesses. + */ +typedef struct bufhelp_int_s +{ + uintptr_t a; +} __attribute__((packed, aligned(1))) bufhelp_int_t; +#else +/* Define type with default alignment for other architectures (unaligned + accessed handled in per byte loops). + */ +typedef struct bufhelp_int_s +{ + uintptr_t a; +} bufhelp_int_t; +#endif + + /* Optimized function for small buffer copying */ static inline void buf_cpy(void *_dst, const void *_src, size_t len) @@ -54,21 +76,21 @@ buf_cpy(void *_dst, const void *_src, size_t len) #else byte *dst = _dst; const byte *src = _src; - uintptr_t *ldst; - const uintptr_t *lsrc; + bufhelp_int_t *ldst; + const bufhelp_int_t *lsrc; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)dst | (uintptr_t)src) & longmask) goto do_bytes; #endif - ldst = (uintptr_t *)(void *)dst; - lsrc = (const uintptr_t *)(const void *)src; + ldst = (bufhelp_int_t *)(void *)dst; + lsrc = (const bufhelp_int_t *)(const void *)src; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst++ = *lsrc++; + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst++)->a = (lsrc++)->a; dst = (byte *)ldst; src = (const byte *)lsrc; @@ -90,22 +112,22 @@ buf_xor(void *_dst, const void *_src1, const void *_src2, size_t len) byte *dst = _dst; const byte *src1 = _src1; const byte *src2 = _src2; - uintptr_t *ldst; - const uintptr_t *lsrc1, *lsrc2; + bufhelp_int_t *ldst; + const bufhelp_int_t *lsrc1, *lsrc2; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)dst | (uintptr_t)src1 | (uintptr_t)src2) & longmask) goto do_bytes; #endif - ldst = (uintptr_t *)(void *)dst; - lsrc1 = (const uintptr_t *)(const void *)src1; - lsrc2 = (const uintptr_t *)(const void *)src2; + ldst = (bufhelp_int_t *)(void *)dst; + lsrc1 = (const bufhelp_int_t *)(const void *)src1; + lsrc2 = (const bufhelp_int_t *)(const void *)src2; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst++ = *lsrc1++ ^ *lsrc2++; + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst++)->a = (lsrc1++)->a ^ (lsrc2++)->a; dst = (byte *)ldst; src1 = (const byte *)lsrc1; @@ -126,21 +148,21 @@ buf_xor_1(void *_dst, const void *_src, size_t len) { byte *dst = _dst; const byte *src = _src; - uintptr_t *ldst; - const uintptr_t *lsrc; + bufhelp_int_t *ldst; + const bufhelp_int_t *lsrc; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)dst | (uintptr_t)src) & longmask) goto do_bytes; #endif - ldst = (uintptr_t *)(void *)dst; - lsrc = (const uintptr_t *)(const void *)src; + ldst = (bufhelp_int_t *)(void *)dst; + lsrc = (const bufhelp_int_t *)(const void *)src; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst++ ^= *lsrc++; + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst++)->a ^= (lsrc++)->a; dst = (byte *)ldst; src = (const byte *)lsrc; @@ -162,22 +184,22 @@ buf_xor_2dst(void *_dst1, void *_dst2, const void *_src, size_t len) byte *dst1 = _dst1; byte *dst2 = _dst2; const byte *src = _src; - uintptr_t *ldst1, *ldst2; - const uintptr_t *lsrc; + bufhelp_int_t *ldst1, *ldst2; + const bufhelp_int_t *lsrc; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)src | (uintptr_t)dst1 | (uintptr_t)dst2) & longmask) goto do_bytes; #endif - ldst1 = (uintptr_t *)(void *)dst1; - ldst2 = (uintptr_t *)(void *)dst2; - lsrc = (const uintptr_t *)(const void *)src; + ldst1 = (bufhelp_int_t *)(void *)dst1; + ldst2 = (bufhelp_int_t *)(void *)dst2; + lsrc = (const bufhelp_int_t *)(const void *)src; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst1++ = (*ldst2++ ^= *lsrc++); + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst1++)->a = ((ldst2++)->a ^= (lsrc++)->a); dst1 = (byte *)ldst1; dst2 = (byte *)ldst2; @@ -203,11 +225,11 @@ buf_xor_n_copy_2(void *_dst_xor, const void *_src_xor, void *_srcdst_cpy, const byte *src_xor = _src_xor; const byte *src_cpy = _src_cpy; byte temp; - uintptr_t *ldst_xor, *lsrcdst_cpy; - const uintptr_t *lsrc_cpy, *lsrc_xor; + bufhelp_int_t *ldst_xor, *lsrcdst_cpy; + const bufhelp_int_t *lsrc_cpy, *lsrc_xor; uintptr_t ltemp; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)src_cpy | (uintptr_t)src_xor | (uintptr_t)dst_xor | @@ -215,16 +237,16 @@ buf_xor_n_copy_2(void *_dst_xor, const void *_src_xor, void *_srcdst_cpy, goto do_bytes; #endif - ldst_xor = (uintptr_t *)(void *)dst_xor; - lsrc_xor = (const uintptr_t *)(void *)src_xor; - lsrcdst_cpy = (uintptr_t *)(void *)srcdst_cpy; - lsrc_cpy = (const uintptr_t *)(const void *)src_cpy; + ldst_xor = (bufhelp_int_t *)(void *)dst_xor; + lsrc_xor = (const bufhelp_int_t *)(void *)src_xor; + lsrcdst_cpy = (bufhelp_int_t *)(void *)srcdst_cpy; + lsrc_cpy = (const bufhelp_int_t *)(const void *)src_cpy; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) { - ltemp = *lsrc_cpy++; - *ldst_xor++ = *lsrcdst_cpy ^ *lsrc_xor++; - *lsrcdst_cpy++ = ltemp; + ltemp = (lsrc_cpy++)->a; + (ldst_xor++)->a = (lsrcdst_cpy)->a ^ (lsrc_xor++)->a; + (lsrcdst_cpy++)->a = ltemp; } dst_xor = (byte *)ldst_xor; @@ -357,53 +379,64 @@ static inline void buf_put_le64(void *_buf, u64 val) #else /*BUFHELP_FAST_UNALIGNED_ACCESS*/ +typedef struct bufhelp_u32_s +{ + u32 a; +} __attribute__((packed, aligned(1))) bufhelp_u32_t; + /* Functions for loading and storing unaligned u32 values of different endianness. */ static inline u32 buf_get_be32(const void *_buf) { - return be_bswap32(*(const u32 *)_buf); + return be_bswap32(((const bufhelp_u32_t *)_buf)->a); } static inline u32 buf_get_le32(const void *_buf) { - return le_bswap32(*(const u32 *)_buf); + return le_bswap32(((const bufhelp_u32_t *)_buf)->a); } static inline void buf_put_be32(void *_buf, u32 val) { - u32 *out = _buf; - *out = be_bswap32(val); + bufhelp_u32_t *out = _buf; + out->a = be_bswap32(val); } static inline void buf_put_le32(void *_buf, u32 val) { - u32 *out = _buf; - *out = le_bswap32(val); + bufhelp_u32_t *out = _buf; + out->a = le_bswap32(val); } #ifdef HAVE_U64_TYPEDEF + +typedef struct bufhelp_u64_s +{ + u64 a; +} __attribute__((packed, aligned(1))) bufhelp_u64_t; + /* Functions for loading and storing unaligned u64 values of different endianness. */ static inline u64 buf_get_be64(const void *_buf) { - return be_bswap64(*(const u64 *)_buf); + return be_bswap64(((const bufhelp_u64_t *)_buf)->a); } static inline u64 buf_get_le64(const void *_buf) { - return le_bswap64(*(const u64 *)_buf); + return le_bswap64(((const bufhelp_u64_t *)_buf)->a); } static inline void buf_put_be64(void *_buf, u64 val) { - u64 *out = _buf; - *out = be_bswap64(val); + bufhelp_u64_t *out = _buf; + out->a = be_bswap64(val); } static inline void buf_put_le64(void *_buf, u64 val) { - u64 *out = _buf; - *out = le_bswap64(val); + bufhelp_u64_t *out = _buf; + out->a = le_bswap64(val); } #endif /*HAVE_U64_TYPEDEF*/ diff --git a/configure.ac b/configure.ac index 4bbd686..16f6a21 100644 --- a/configure.ac +++ b/configure.ac @@ -958,6 +958,24 @@ fi # +# Check whether the compiler supports the GCC style packed attribute +# +AC_CACHE_CHECK([whether the GCC style packed attribute is supported], + [gcry_cv_gcc_attribute_packed], + [gcry_cv_gcc_attribute_packed=no + AC_COMPILE_IFELSE([AC_LANG_SOURCE( + [[struct foo_s { char a; long b; } __attribute__ ((packed)); + enum bar { + FOO = 1 / (sizeof(struct foo_s) == (sizeof(char) + sizeof(long))), + };]])], + [gcry_cv_gcc_attribute_packed=yes])]) +if test "$gcry_cv_gcc_attribute_packed" = "yes" ; then + AC_DEFINE(HAVE_GCC_ATTRIBUTE_PACKED,1, + [Defined if a GCC style "__attribute__ ((packed))" is supported]) +fi + + +# # Check whether the compiler supports 'asm' or '__asm__' keyword for # assembler blocks. # From jussi.kivilinna at iki.fi Wed Mar 11 18:04:52 2015 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Wed, 11 Mar 2015 19:04:52 +0200 Subject: [PATCH v2 2/2] wipememory: use one-byte aligned type for unaligned memory accesses In-Reply-To: <20150311170446.1568.17727.stgit@localhost6.localdomain6> References: <20150311170446.1568.17727.stgit@localhost6.localdomain6> Message-ID: <20150311170452.1568.30666.stgit@localhost6.localdomain6> * src/g10lib.h (fast_wipememory2_unaligned_head): Enable unaligned access only when HAVE_GCC_ATTRIBUTE_PACKED and HAVE_GCC_ATTRIBUTE_ALIGNED defined. (fast_wipememory_t): New. (fast_wipememory2): Use 'fast_wipememory_t'. -- Signed-off-by: Jussi Kivilinna --- src/g10lib.h | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/src/g10lib.h b/src/g10lib.h index 238871d..50a08ec 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -323,16 +323,26 @@ void __gcry_burn_stack (unsigned int bytes); #endif /* Following architectures can handle unaligned accesses fast. */ -#if defined(__i386__) || defined(__x86_64__) || \ - defined(__powerpc__) || defined(__powerpc64__) || \ - (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ - defined(__aarch64__) +#if defined(HAVE_GCC_ATTRIBUTE_PACKED) && \ + defined(HAVE_GCC_ATTRIBUTE_ALIGNED) && \ + (defined(__i386__) || defined(__x86_64__) || \ + defined(__powerpc__) || defined(__powerpc64__) || \ + (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ + defined(__aarch64__)) #define fast_wipememory2_unaligned_head(_ptr,_set,_len) /*do nothing*/ +typedef struct fast_wipememory_s +{ + FASTWIPE_T a; +} __attribute__((packed, aligned(1))) fast_wipememory_t; #else #define fast_wipememory2_unaligned_head(_vptr,_vset,_vlen) do { \ while((size_t)(_vptr)&(sizeof(FASTWIPE_T)-1) && _vlen) \ { *_vptr=(_vset); _vptr++; _vlen--; } \ } while(0) +typedef struct fast_wipememory_s +{ + FASTWIPE_T a; +} fast_wipememory_t; #endif /* fast_wipememory2 may leave tail bytes unhandled, in which case tail bytes @@ -344,8 +354,9 @@ void __gcry_burn_stack (unsigned int bytes); break; \ _vset_long *= FASTWIPE_MULT; \ do { \ - volatile FASTWIPE_T *_vptr_long = (volatile void *)_vptr; \ - *_vptr_long = _vset_long; \ + volatile fast_wipememory_t *_vptr_long = \ + (volatile void *)_vptr; \ + _vptr_long->a = _vset_long; \ _vlen -= sizeof(FASTWIPE_T); \ _vptr += sizeof(FASTWIPE_T); \ } while (_vlen >= sizeof(FASTWIPE_T)); \ From jussi.kivilinna at iki.fi Wed Mar 11 18:14:06 2015 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Wed, 11 Mar 2015 19:14:06 +0200 Subject: [PATCH v2 1/2] bufhelp: use one-byte aligned type for unaligned memory accesses In-Reply-To: <20150311170446.1568.17727.stgit@localhost6.localdomain6> References: <20150311170446.1568.17727.stgit@localhost6.localdomain6> Message-ID: <550077DE.2050309@iki.fi> On 11.03.2015 19:04, Jussi Kivilinna wrote: > * cipher/bufhelp.h (BUFHELP_FAST_UNALIGNED_ACCESS): Enable only when > HAVE_GCC_ATTRIBUTE_PACKED and HAVE_GCC_ATTRIBUTE_ALIGNED are defined. > (bufhelp_int_t): New type. > (buf_cpy, buf_xor, buf_xor_1, buf_xor_2dst, buf_xor_n_copy_2): Use > 'bufhelp_int_t'. Ah, missing changelog for buf_(get|put)_(le|be)(32|64). -Jussi > * configure.ac (gcry_cv_gcc_attribute_packed): New. > -- > > Signed-off-by: Jussi Kivilinna > --- > cipher/bufhelp.h | 147 +++++++++++++++++++++++++++++++++--------------------- > configure.ac | 18 +++++++ > 2 files changed, 108 insertions(+), 57 deletions(-) > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 648 bytes Desc: OpenPGP digital signature URL: From cvs at cvs.gnupg.org Mon Mar 16 09:51:10 2015 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 16 Mar 2015 09:51:10 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-175-g97db8e1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 97db8e1a6400d711da65eff93bb418cf55bba12e (commit) via 0a9cdb8ae092d050ca12a7a4f2f50e25b82154ec (commit) via fbb97dcf763e28e81e01092ad4c934b3eaf88cc8 (commit) from 5e66a4f8d5a63f58caeee367433dd8dd32346083 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 97db8e1a6400d711da65eff93bb418cf55bba12e Author: Werner Koch Date: Mon Mar 16 09:32:44 2015 +0100 Indentation fix. -- diff --git a/cipher/cipher-ocb.c b/cipher/cipher-ocb.c index 652683c..62e79bb 100644 --- a/cipher/cipher-ocb.c +++ b/cipher/cipher-ocb.c @@ -300,8 +300,9 @@ _gcry_cipher_ocb_authenticate (gcry_cipher_hd_t c, const unsigned char *abuf, /* Checksumming for encrypt and decrypt. */ -static void ocb_checksum(unsigned char *chksum, const unsigned char *plainbuf, - size_t nblks) +static void +ocb_checksum (unsigned char *chksum, const unsigned char *plainbuf, + size_t nblks) { while (nblks > 0) { commit 0a9cdb8ae092d050ca12a7a4f2f50e25b82154ec Author: Werner Koch Date: Mon Mar 16 09:29:27 2015 +0100 mpi: Remove useless condition. * mpi/mpi-pow.c: Remove condition rp==mp. -- MP has already been allocated and thus can't match RP. The followinf assert would have been triggred anyway due to the prior allocation. Detected by Stack 0.3. diff --git a/mpi/mpi-pow.c b/mpi/mpi-pow.c index 70bf9e8..0be153f 100644 --- a/mpi/mpi-pow.c +++ b/mpi/mpi-pow.c @@ -507,7 +507,8 @@ _gcry_mpi_powm (gcry_mpi_t res, } - /* Make BASE, EXPO and MOD not overlap with RES. */ + /* Make BASE, EXPO not overlap with RES. We don't need to check MOD + because that has already been copied to the MP var. */ if ( rp == bp ) { /* RES and BASE are identical. Allocate temp. space for BASE. */ @@ -523,14 +524,6 @@ _gcry_mpi_powm (gcry_mpi_t res, ep = ep_marker = mpi_alloc_limb_space( esize, esec ); MPN_COPY(ep, rp, esize); } - if ( rp == mp ) - { - /* RES and MOD are identical. Allocate temporary space for MOD.*/ - gcry_assert (!mp_marker); - mp_nlimbs = msec?msize:0; - mp = mp_marker = mpi_alloc_limb_space( msize, msec ); - MPN_COPY(mp, rp, msize); - } /* Copy base to the result. */ if (res->alloced < size) commit fbb97dcf763e28e81e01092ad4c934b3eaf88cc8 Author: Werner Koch Date: Mon Mar 16 09:01:24 2015 +0100 cipher: Remove useless NULL check. * cipher/hash-common.c (_gcry_md_block_write): Remove NUL check for hd->buf. -- HD->BUF is not allocated but part of the struct. HD has already be dereferenced twice thus the check does not make sense. Detected by Stack 0.3: bug: anti-simplify model: | %cmp4 = icmp eq i8* %arraydecay, null, !dbg !29 --> false stack: - /home/wk/s/libgcrypt/cipher/hash-common.c:114:0 ncore: 1 core: - /home/wk/s/libgcrypt/cipher/hash-common.c:108:0 - null pointer dereference Signed-off-by: Werner Koch diff --git a/cipher/hash-common.c b/cipher/hash-common.c index 9a007e1..6743f09 100644 --- a/cipher/hash-common.c +++ b/cipher/hash-common.c @@ -111,7 +111,7 @@ _gcry_md_block_write (void *context, const void *inbuf_arg, size_t inlen) if (sizeof(hd->buf) < blocksize) BUG(); - if (hd->buf == NULL || hd->bwrite == NULL) + if (!hd->bwrite) return; if (hd->count == blocksize) /* Flush the buffer. */ ----------------------------------------------------------------------- Summary of changes: cipher/cipher-ocb.c | 5 +++-- cipher/hash-common.c | 2 +- mpi/mpi-pow.c | 11 ++--------- 3 files changed, 6 insertions(+), 12 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From cvs at cvs.gnupg.org Mon Mar 16 11:53:26 2015 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 16 Mar 2015 11:53:26 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-177-gdb8ae36 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via db8ae3616987fa288173446398a107e31e2e28aa (commit) via f0f60c1a04d664936bcf52e8f46705bdc63e7ad9 (commit) from 97db8e1a6400d711da65eff93bb418cf55bba12e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit db8ae3616987fa288173446398a107e31e2e28aa Author: Werner Koch Date: Mon Mar 16 11:50:23 2015 +0100 Use well defined type instead of size_t in secmem.c * src/secmem.c (ptr_into_pool_p): Replace size_t by uintptr_t. -- This is more or less cosmetic. Signed-off-by: Werner Koch diff --git a/src/secmem.c b/src/secmem.c index df15df0..d75c14c 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -105,14 +105,13 @@ static int ptr_into_pool_p (const void *p) { /* We need to convert pointers to addresses. This is required by - C-99 6.5.8 to avoid undefined behaviour. Using size_t is at - least only implementation defined. See also + C-99 6.5.8 to avoid undefined behaviour. See also http://lists.gnupg.org/pipermail/gcrypt-devel/2007-February/001102.html */ - size_t p_addr = (size_t)p; - size_t pool_addr = (size_t)pool; + uintptr_t p_addr = (uintptr_t)p; + uintptr_t pool_addr = (uintptr_t)pool; - return p_addr >= pool_addr && p_addr < pool_addr+pool_size; + return p_addr >= pool_addr && p_addr < pool_addr + pool_size; } /* Update the stats. */ commit f0f60c1a04d664936bcf52e8f46705bdc63e7ad9 Author: Werner Koch Date: Mon Mar 16 11:32:07 2015 +0100 Make uintptr_t global available. * cipher/bufhelp.h: Move include for uintptr_t to ... * src/types.h: here. Check that config.h has been included. Signed-off-by: Werner Koch diff --git a/cipher/bithelp.h b/cipher/bithelp.h index 2220bc8..258ab2f 100644 --- a/cipher/bithelp.h +++ b/cipher/bithelp.h @@ -4,7 +4,7 @@ * This file is part of Libgcrypt. * * Libgcrypt is free software; you can redistribute it and/or modify - * it under the terms of the GNU Lesser general Public License as + * it under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * @@ -14,11 +14,10 @@ * GNU Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * License along with this program; if not, see . */ -#ifndef G10_BITHELP_H -#define G10_BITHELP_H +#ifndef GCRYPT_BITHELP_H +#define GCRYPT_BITHELP_H #include "types.h" @@ -122,4 +121,4 @@ _gcry_ctz64(u64 x) #endif /*HAVE_U64_TYPEDEF*/ -#endif /*G10_BITHELP_H*/ +#endif /*GCRYPT_BITHELP_H*/ diff --git a/cipher/bufhelp.h b/cipher/bufhelp.h index a372acb..c6bedc5 100644 --- a/cipher/bufhelp.h +++ b/cipher/bufhelp.h @@ -4,7 +4,7 @@ * This file is part of Libgcrypt. * * Libgcrypt is free software; you can redistribute it and/or modify - * it under the terms of the GNU Lesser general Public License as + * it under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * @@ -14,21 +14,11 @@ * GNU Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * License along with this program; if not, see . */ -#ifndef G10_BUFHELP_H -#define G10_BUFHELP_H +#ifndef GCRYPT_BUFHELP_H +#define GCRYPT_BUFHELP_H -#include - -#ifdef HAVE_STDINT_H -# include /* uintptr_t */ -#elif defined(HAVE_INTTYPES_H) -# include -#else -/* In this case, uintptr_t is provided by config.h. */ -#endif #include "bithelp.h" @@ -409,4 +399,4 @@ static inline void buf_put_le64(void *_buf, u64 val) #endif /*BUFHELP_FAST_UNALIGNED_ACCESS*/ -#endif /*G10_BITHELP_H*/ +#endif /*GCRYPT_BUFHELP_H*/ diff --git a/src/types.h b/src/types.h index 561b74d..dcdba4f 100644 --- a/src/types.h +++ b/src/types.h @@ -21,6 +21,9 @@ #ifndef GCRYPT_TYPES_H #define GCRYPT_TYPES_H +#ifndef _GCRYPT_CONFIG_H_INCLUDED +# error config.h must be included before types.h +#endif /* The AC_CHECK_SIZEOF() in configure fails for some machines. * we provide some fallback values here */ @@ -40,6 +43,16 @@ #include +/* Provide uintptr_t */ +#ifdef HAVE_STDINT_H +# include /* uintptr_t */ +#elif defined(HAVE_INTTYPES_H) +# include +#else +/* In this case, uintptr_t is provided by config.h. */ +#endif + + #ifndef HAVE_BYTE_TYPEDEF # undef byte /* In case there is a macro with that name. */ ----------------------------------------------------------------------- Summary of changes: cipher/bithelp.h | 11 +++++------ cipher/bufhelp.h | 20 +++++--------------- src/secmem.c | 9 ++++----- src/types.h | 13 +++++++++++++ 4 files changed, 27 insertions(+), 26 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From opalraava at hushmail.com Thu Mar 19 05:00:06 2015 From: opalraava at hushmail.com (Opal Raava) Date: Thu, 19 Mar 2015 05:00:06 +0100 Subject: Small diff to remove two commas from gcrypt.h.in which cause warnings with -pedantic Message-ID: <20150319040006.D1132E045D@smtp.hushmail.com> Hi all, This is my first post to the mailing list, so I hope I'm doing things right. I pulled the latest libgcrypt from the git and compiled an example program with it. I used gcc -Wpedantic to compile it, and I get two warnings. For a header so public as gcrypt.h it would sure be nice if people can compile it with -Wall -pedantic without complaints from the compiler. The warnings are about comma's at the end of enumerator lists. Here is the output: --- In file included from pubkey_example.c:27:0: /usr/include/gcrypt.h:514:32: warning: comma at end of enumerator list [-Wpedantic] GCRYMPI_FLAG_USER4 = 0x0800,/* User flag 4. */ ^ /usr/include/gcrypt.h:1375:29: warning: comma at end of enumerator list [-Wpedantic] GCRY_MAC_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */ ^ --- To remove the commas I made a small git diff that removes them. I hope this humble change in 'gcrypt.h.in' will make it through:) Thanks, --Opal diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 10099e1..cac2b49 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -511,7 +511,7 @@ enum gcry_mpi_flag GCRYMPI_FLAG_USER1 = 0x0100,/* User flag 1. */ GCRYMPI_FLAG_USER2 = 0x0200,/* User flag 2. */ GCRYMPI_FLAG_USER3 = 0x0400,/* User flag 3. */ - GCRYMPI_FLAG_USER4 = 0x0800,/* User flag 4. */ + GCRYMPI_FLAG_USER4 = 0x0800 /* User flag 4. */ }; @@ -1372,7 +1372,7 @@ enum gcry_mac_algos /* Flags used with the open function. */ enum gcry_mac_flags { - GCRY_MAC_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */ + GCRY_MAC_FLAG_SECURE = 1 /* Allocate all buffers in "secure" memory. */ }; /* Create a MAC handle for algorithm ALGO. FLAGS may be given as an bitwise OR From cvs at cvs.gnupg.org Thu Mar 19 10:45:59 2015 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 19 Mar 2015 10:45:59 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-178-gf583228 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via f5832285b0e420d77be1b8da10a1e1d86583b414 (commit) from db8ae3616987fa288173446398a107e31e2e28aa (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f5832285b0e420d77be1b8da10a1e1d86583b414 Author: Werner Koch Date: Thu Mar 19 10:43:55 2015 +0100 Fix two pedantic warnings. * src/gcrypt.h.in (gcry_mpi_flag, gcry_mac_algos): Remove trailing comma. -- Reported-by: Opal Raava Signed-off-by: Werner Koch diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 10099e1..cac2b49 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -511,7 +511,7 @@ enum gcry_mpi_flag GCRYMPI_FLAG_USER1 = 0x0100,/* User flag 1. */ GCRYMPI_FLAG_USER2 = 0x0200,/* User flag 2. */ GCRYMPI_FLAG_USER3 = 0x0400,/* User flag 3. */ - GCRYMPI_FLAG_USER4 = 0x0800,/* User flag 4. */ + GCRYMPI_FLAG_USER4 = 0x0800 /* User flag 4. */ }; @@ -1372,7 +1372,7 @@ enum gcry_mac_algos /* Flags used with the open function. */ enum gcry_mac_flags { - GCRY_MAC_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */ + GCRY_MAC_FLAG_SECURE = 1 /* Allocate all buffers in "secure" memory. */ }; /* Create a MAC handle for algorithm ALGO. FLAGS may be given as an bitwise OR ----------------------------------------------------------------------- Summary of changes: src/gcrypt.h.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From wk at gnupg.org Thu Mar 19 10:45:46 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 19 Mar 2015 10:45:46 +0100 Subject: Small diff to remove two commas from gcrypt.h.in which cause warnings with -pedantic In-Reply-To: <20150319040006.D1132E045D@smtp.hushmail.com> (Opal Raava's message of "Thu, 19 Mar 2015 05:00:06 +0100") References: <20150319040006.D1132E045D@smtp.hushmail.com> Message-ID: <87k2ydxqut.fsf@vigenere.g10code.de> On Thu, 19 Mar 2015 05:00, opalraava at hushmail.com said: > To remove the commas I made a small git diff that removes them. I hope > this humble change in 'gcrypt.h.in' will make it through:) Thanks. Fixed with commit f583228. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From andre at amorim.me Thu Mar 19 11:47:49 2015 From: andre at amorim.me (Andre Amorim) Date: Thu, 19 Mar 2015 10:47:49 +0000 Subject: Small diff to remove two commas from gcrypt.h.in which cause warnings with -pedantic In-Reply-To: <87k2ydxqut.fsf@vigenere.g10code.de> References: <20150319040006.D1132E045D@smtp.hushmail.com> <87k2ydxqut.fsf@vigenere.g10code.de> Message-ID: That's the time when I should be banned to mental institution rest ... What ' f583228' means in a von Newman paradigm ? On 19 Mar 2015 09:51, "Werner Koch" wrote: > On Thu, 19 Mar 2015 05:00, opalraava at hushmail.com said: > > > To remove the commas I made a small git diff that removes them. I hope > > this humble change in 'gcrypt.h.in' will make it through:) > > Thanks. Fixed with commit f583228. > > > Shalom-Salam, > > Werner > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. > > > _______________________________________________ > Gcrypt-devel mailing list > Gcrypt-devel at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gcrypt-devel > -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Thu Mar 19 15:18:34 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 19 Mar 2015 15:18:34 +0100 Subject: Small diff to remove two commas from gcrypt.h.in which cause warnings with -pedantic In-Reply-To: (Andre Amorim's message of "Thu, 19 Mar 2015 10:47:49 +0000") References: <20150319040006.D1132E045D@smtp.hushmail.com> <87k2ydxqut.fsf@vigenere.g10code.de> Message-ID: <87egolvznp.fsf@vigenere.g10code.de> On Thu, 19 Mar 2015 11:47, andre at amorim.me said: > That's the time when I should be banned to mental institution rest ... What > ' f583228' means in a von Newman paradigm ? That is a GIT commit id. Actually a shortened version of it. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From cvs at cvs.gnupg.org Sat Mar 21 12:06:57 2015 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Sat, 21 Mar 2015 12:06:57 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-181-ga06fbc0 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via a06fbc0d1e98eb1218eff55ad2f37d471e4f33b2 (commit) via 92fa5f16d69707e302c0f85b2e5e80af8dc037f1 (commit) via aa234561d00c3fb15fe501df4bf58f3db7c7c06b (commit) from f5832285b0e420d77be1b8da10a1e1d86583b414 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a06fbc0d1e98eb1218eff55ad2f37d471e4f33b2 Author: Jussi Kivilinna Date: Sat Mar 21 13:01:38 2015 +0200 wipememory: use one-byte aligned type for unaligned memory accesses * src/g10lib.h (fast_wipememory2_unaligned_head): Enable unaligned access only when HAVE_GCC_ATTRIBUTE_PACKED and HAVE_GCC_ATTRIBUTE_ALIGNED defined. (fast_wipememory_t): New. (fast_wipememory2): Use 'fast_wipememory_t'. -- Signed-off-by: Jussi Kivilinna diff --git a/src/g10lib.h b/src/g10lib.h index 238871d..50a08ec 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -323,16 +323,26 @@ void __gcry_burn_stack (unsigned int bytes); #endif /* Following architectures can handle unaligned accesses fast. */ -#if defined(__i386__) || defined(__x86_64__) || \ - defined(__powerpc__) || defined(__powerpc64__) || \ - (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ - defined(__aarch64__) +#if defined(HAVE_GCC_ATTRIBUTE_PACKED) && \ + defined(HAVE_GCC_ATTRIBUTE_ALIGNED) && \ + (defined(__i386__) || defined(__x86_64__) || \ + defined(__powerpc__) || defined(__powerpc64__) || \ + (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ + defined(__aarch64__)) #define fast_wipememory2_unaligned_head(_ptr,_set,_len) /*do nothing*/ +typedef struct fast_wipememory_s +{ + FASTWIPE_T a; +} __attribute__((packed, aligned(1))) fast_wipememory_t; #else #define fast_wipememory2_unaligned_head(_vptr,_vset,_vlen) do { \ while((size_t)(_vptr)&(sizeof(FASTWIPE_T)-1) && _vlen) \ { *_vptr=(_vset); _vptr++; _vlen--; } \ } while(0) +typedef struct fast_wipememory_s +{ + FASTWIPE_T a; +} fast_wipememory_t; #endif /* fast_wipememory2 may leave tail bytes unhandled, in which case tail bytes @@ -344,8 +354,9 @@ void __gcry_burn_stack (unsigned int bytes); break; \ _vset_long *= FASTWIPE_MULT; \ do { \ - volatile FASTWIPE_T *_vptr_long = (volatile void *)_vptr; \ - *_vptr_long = _vset_long; \ + volatile fast_wipememory_t *_vptr_long = \ + (volatile void *)_vptr; \ + _vptr_long->a = _vset_long; \ _vlen -= sizeof(FASTWIPE_T); \ _vptr += sizeof(FASTWIPE_T); \ } while (_vlen >= sizeof(FASTWIPE_T)); \ commit 92fa5f16d69707e302c0f85b2e5e80af8dc037f1 Author: Jussi Kivilinna Date: Sat Mar 21 13:01:38 2015 +0200 bufhelp: use one-byte aligned type for unaligned memory accesses * cipher/bufhelp.h (BUFHELP_FAST_UNALIGNED_ACCESS): Enable only when HAVE_GCC_ATTRIBUTE_PACKED and HAVE_GCC_ATTRIBUTE_ALIGNED are defined. (bufhelp_int_t): New type. (buf_cpy, buf_xor, buf_xor_1, buf_xor_2dst, buf_xor_n_copy_2): Use 'bufhelp_int_t'. [BUFHELP_FAST_UNALIGNED_ACCESS] (bufhelp_u32_t, bufhelp_u64_t): New. [BUFHELP_FAST_UNALIGNED_ACCESS] (buf_get_be32, buf_get_le32) (buf_put_be32, buf_put_le32, buf_get_be64, buf_get_le64) (buf_put_be64, buf_put_le64): Use 'bufhelp_uXX_t'. * configure.ac (gcry_cv_gcc_attribute_packed): New. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/bufhelp.h b/cipher/bufhelp.h index c6bedc5..fb87939 100644 --- a/cipher/bufhelp.h +++ b/cipher/bufhelp.h @@ -23,10 +23,13 @@ #include "bithelp.h" -#if defined(__i386__) || defined(__x86_64__) || \ - defined(__powerpc__) || defined(__powerpc64__) || \ - (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ - defined(__aarch64__) +#undef BUFHELP_FAST_UNALIGNED_ACCESS +#if defined(HAVE_GCC_ATTRIBUTE_PACKED) && \ + defined(HAVE_GCC_ATTRIBUTE_ALIGNED) && \ + (defined(__i386__) || defined(__x86_64__) || \ + defined(__powerpc__) || defined(__powerpc64__) || \ + (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ + defined(__aarch64__)) /* These architectures are able of unaligned memory accesses and can handle those fast. */ @@ -34,6 +37,25 @@ #endif +#ifdef BUFHELP_FAST_UNALIGNED_ACCESS +/* Define type with one-byte alignment on architectures with fast unaligned + memory accesses. + */ +typedef struct bufhelp_int_s +{ + uintptr_t a; +} __attribute__((packed, aligned(1))) bufhelp_int_t; +#else +/* Define type with default alignment for other architectures (unaligned + accessed handled in per byte loops). + */ +typedef struct bufhelp_int_s +{ + uintptr_t a; +} bufhelp_int_t; +#endif + + /* Optimized function for small buffer copying */ static inline void buf_cpy(void *_dst, const void *_src, size_t len) @@ -44,21 +66,21 @@ buf_cpy(void *_dst, const void *_src, size_t len) #else byte *dst = _dst; const byte *src = _src; - uintptr_t *ldst; - const uintptr_t *lsrc; + bufhelp_int_t *ldst; + const bufhelp_int_t *lsrc; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)dst | (uintptr_t)src) & longmask) goto do_bytes; #endif - ldst = (uintptr_t *)(void *)dst; - lsrc = (const uintptr_t *)(const void *)src; + ldst = (bufhelp_int_t *)(void *)dst; + lsrc = (const bufhelp_int_t *)(const void *)src; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst++ = *lsrc++; + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst++)->a = (lsrc++)->a; dst = (byte *)ldst; src = (const byte *)lsrc; @@ -80,22 +102,22 @@ buf_xor(void *_dst, const void *_src1, const void *_src2, size_t len) byte *dst = _dst; const byte *src1 = _src1; const byte *src2 = _src2; - uintptr_t *ldst; - const uintptr_t *lsrc1, *lsrc2; + bufhelp_int_t *ldst; + const bufhelp_int_t *lsrc1, *lsrc2; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)dst | (uintptr_t)src1 | (uintptr_t)src2) & longmask) goto do_bytes; #endif - ldst = (uintptr_t *)(void *)dst; - lsrc1 = (const uintptr_t *)(const void *)src1; - lsrc2 = (const uintptr_t *)(const void *)src2; + ldst = (bufhelp_int_t *)(void *)dst; + lsrc1 = (const bufhelp_int_t *)(const void *)src1; + lsrc2 = (const bufhelp_int_t *)(const void *)src2; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst++ = *lsrc1++ ^ *lsrc2++; + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst++)->a = (lsrc1++)->a ^ (lsrc2++)->a; dst = (byte *)ldst; src1 = (const byte *)lsrc1; @@ -116,21 +138,21 @@ buf_xor_1(void *_dst, const void *_src, size_t len) { byte *dst = _dst; const byte *src = _src; - uintptr_t *ldst; - const uintptr_t *lsrc; + bufhelp_int_t *ldst; + const bufhelp_int_t *lsrc; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)dst | (uintptr_t)src) & longmask) goto do_bytes; #endif - ldst = (uintptr_t *)(void *)dst; - lsrc = (const uintptr_t *)(const void *)src; + ldst = (bufhelp_int_t *)(void *)dst; + lsrc = (const bufhelp_int_t *)(const void *)src; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst++ ^= *lsrc++; + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst++)->a ^= (lsrc++)->a; dst = (byte *)ldst; src = (const byte *)lsrc; @@ -152,22 +174,22 @@ buf_xor_2dst(void *_dst1, void *_dst2, const void *_src, size_t len) byte *dst1 = _dst1; byte *dst2 = _dst2; const byte *src = _src; - uintptr_t *ldst1, *ldst2; - const uintptr_t *lsrc; + bufhelp_int_t *ldst1, *ldst2; + const bufhelp_int_t *lsrc; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)src | (uintptr_t)dst1 | (uintptr_t)dst2) & longmask) goto do_bytes; #endif - ldst1 = (uintptr_t *)(void *)dst1; - ldst2 = (uintptr_t *)(void *)dst2; - lsrc = (const uintptr_t *)(const void *)src; + ldst1 = (bufhelp_int_t *)(void *)dst1; + ldst2 = (bufhelp_int_t *)(void *)dst2; + lsrc = (const bufhelp_int_t *)(const void *)src; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) - *ldst1++ = (*ldst2++ ^= *lsrc++); + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) + (ldst1++)->a = ((ldst2++)->a ^= (lsrc++)->a); dst1 = (byte *)ldst1; dst2 = (byte *)ldst2; @@ -193,11 +215,11 @@ buf_xor_n_copy_2(void *_dst_xor, const void *_src_xor, void *_srcdst_cpy, const byte *src_xor = _src_xor; const byte *src_cpy = _src_cpy; byte temp; - uintptr_t *ldst_xor, *lsrcdst_cpy; - const uintptr_t *lsrc_cpy, *lsrc_xor; + bufhelp_int_t *ldst_xor, *lsrcdst_cpy; + const bufhelp_int_t *lsrc_cpy, *lsrc_xor; uintptr_t ltemp; #ifndef BUFHELP_FAST_UNALIGNED_ACCESS - const unsigned int longmask = sizeof(uintptr_t) - 1; + const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ if (((uintptr_t)src_cpy | (uintptr_t)src_xor | (uintptr_t)dst_xor | @@ -205,16 +227,16 @@ buf_xor_n_copy_2(void *_dst_xor, const void *_src_xor, void *_srcdst_cpy, goto do_bytes; #endif - ldst_xor = (uintptr_t *)(void *)dst_xor; - lsrc_xor = (const uintptr_t *)(void *)src_xor; - lsrcdst_cpy = (uintptr_t *)(void *)srcdst_cpy; - lsrc_cpy = (const uintptr_t *)(const void *)src_cpy; + ldst_xor = (bufhelp_int_t *)(void *)dst_xor; + lsrc_xor = (const bufhelp_int_t *)(void *)src_xor; + lsrcdst_cpy = (bufhelp_int_t *)(void *)srcdst_cpy; + lsrc_cpy = (const bufhelp_int_t *)(const void *)src_cpy; - for (; len >= sizeof(uintptr_t); len -= sizeof(uintptr_t)) + for (; len >= sizeof(bufhelp_int_t); len -= sizeof(bufhelp_int_t)) { - ltemp = *lsrc_cpy++; - *ldst_xor++ = *lsrcdst_cpy ^ *lsrc_xor++; - *lsrcdst_cpy++ = ltemp; + ltemp = (lsrc_cpy++)->a; + (ldst_xor++)->a = (lsrcdst_cpy)->a ^ (lsrc_xor++)->a; + (lsrcdst_cpy++)->a = ltemp; } dst_xor = (byte *)ldst_xor; @@ -347,53 +369,64 @@ static inline void buf_put_le64(void *_buf, u64 val) #else /*BUFHELP_FAST_UNALIGNED_ACCESS*/ +typedef struct bufhelp_u32_s +{ + u32 a; +} __attribute__((packed, aligned(1))) bufhelp_u32_t; + /* Functions for loading and storing unaligned u32 values of different endianness. */ static inline u32 buf_get_be32(const void *_buf) { - return be_bswap32(*(const u32 *)_buf); + return be_bswap32(((const bufhelp_u32_t *)_buf)->a); } static inline u32 buf_get_le32(const void *_buf) { - return le_bswap32(*(const u32 *)_buf); + return le_bswap32(((const bufhelp_u32_t *)_buf)->a); } static inline void buf_put_be32(void *_buf, u32 val) { - u32 *out = _buf; - *out = be_bswap32(val); + bufhelp_u32_t *out = _buf; + out->a = be_bswap32(val); } static inline void buf_put_le32(void *_buf, u32 val) { - u32 *out = _buf; - *out = le_bswap32(val); + bufhelp_u32_t *out = _buf; + out->a = le_bswap32(val); } #ifdef HAVE_U64_TYPEDEF + +typedef struct bufhelp_u64_s +{ + u64 a; +} __attribute__((packed, aligned(1))) bufhelp_u64_t; + /* Functions for loading and storing unaligned u64 values of different endianness. */ static inline u64 buf_get_be64(const void *_buf) { - return be_bswap64(*(const u64 *)_buf); + return be_bswap64(((const bufhelp_u64_t *)_buf)->a); } static inline u64 buf_get_le64(const void *_buf) { - return le_bswap64(*(const u64 *)_buf); + return le_bswap64(((const bufhelp_u64_t *)_buf)->a); } static inline void buf_put_be64(void *_buf, u64 val) { - u64 *out = _buf; - *out = be_bswap64(val); + bufhelp_u64_t *out = _buf; + out->a = be_bswap64(val); } static inline void buf_put_le64(void *_buf, u64 val) { - u64 *out = _buf; - *out = le_bswap64(val); + bufhelp_u64_t *out = _buf; + out->a = le_bswap64(val); } #endif /*HAVE_U64_TYPEDEF*/ diff --git a/configure.ac b/configure.ac index 4bbd686..16f6a21 100644 --- a/configure.ac +++ b/configure.ac @@ -958,6 +958,24 @@ fi # +# Check whether the compiler supports the GCC style packed attribute +# +AC_CACHE_CHECK([whether the GCC style packed attribute is supported], + [gcry_cv_gcc_attribute_packed], + [gcry_cv_gcc_attribute_packed=no + AC_COMPILE_IFELSE([AC_LANG_SOURCE( + [[struct foo_s { char a; long b; } __attribute__ ((packed)); + enum bar { + FOO = 1 / (sizeof(struct foo_s) == (sizeof(char) + sizeof(long))), + };]])], + [gcry_cv_gcc_attribute_packed=yes])]) +if test "$gcry_cv_gcc_attribute_packed" = "yes" ; then + AC_DEFINE(HAVE_GCC_ATTRIBUTE_PACKED,1, + [Defined if a GCC style "__attribute__ ((packed))" is supported]) +fi + + +# # Check whether the compiler supports 'asm' or '__asm__' keyword for # assembler blocks. # commit aa234561d00c3fb15fe501df4bf58f3db7c7c06b Author: Jussi Kivilinna Date: Sat Mar 21 13:01:38 2015 +0200 tests/bench-slope: fix memory-leak and use-after-free bugs * tests/bench-slope.c (do_slope_benchmark): Free 'measurements' at end. (bench_mac_init): Move 'key' free at end of function. -- Signed-off-by: Jussi Kivilinna diff --git a/tests/bench-slope.c b/tests/bench-slope.c index c309b7e..394d7fc 100644 --- a/tests/bench-slope.c +++ b/tests/bench-slope.c @@ -442,6 +442,7 @@ do_slope_benchmark (struct bench_obj *obj) &overhead); free (measurement_raw); + free (measurements); free (real_buffer); obj->ops->finalize (obj); @@ -1450,11 +1451,11 @@ bench_mac_init (struct bench_obj *obj) } err = gcry_mac_setkey (hd, key, keylen); - free (key); if (err) { fprintf (stderr, PGM ": error setting key for mac `%s'\n", gcry_mac_algo_name (mode->algo)); + free (key); exit (1); } @@ -1473,6 +1474,7 @@ bench_mac_init (struct bench_obj *obj) obj->priv = hd; + free (key); return 0; } ----------------------------------------------------------------------- Summary of changes: cipher/bufhelp.h | 147 ++++++++++++++++++++++++++++++++-------------------- configure.ac | 18 +++++++ src/g10lib.h | 23 +++++--- tests/bench-slope.c | 4 +- 4 files changed, 128 insertions(+), 64 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits