[PATCH] Disable instrumentation on mixed Intel SSE C/assembly implementions
Jussi Kivilinna
jussi.kivilinna at iki.fi
Tue May 14 22:49:27 CEST 2019
* cipher/Makefile.am: Make 'tiger.o' and 'tiger.lo' depend on Makefile;
Add instrumentation option munging.
* cipher/cipher-gcm-intel-pcmul.c (ALWAYS_INLINE)
(NO_INSTRUMENT_FUNCTION, ASM_FUNC_ATTR, ASM_FUNC_ATTR_INLINE): New.
(reduction, gfmul_pclmul, gfmul_pclmul_aggr4, gfmul_pclmul_aggr8)
(gcm_lsh): Define with 'ASM_FUNC_ATTR_INLINE' instead of 'inline'.
(_gcry_ghash_setup_intel_pclmul, _gcry_ghash_intel_pclmul): Define with
'ASM_FUNC_ATTR'.
* cipher/crc-intel-pcmul.c (ALWAYS_INLINE, NO_INSTRUMENT_FUNCTION)
(ASM_FUNC_ATTR, ASM_FUNC_ATTR_INLINE): New.
(crc32_reflected_bulk, crc32_reflected_less_than_16, crc32_bulk)
(crc32_less_than_16): Define with 'ASM_FUNC_ATTR_INLINE' instead of
'inline'.
(_gcry_crc32_intel_pclmul, _gcry_crc24rfc2440_intel_pclmul): Define
with 'ASM_FUNC_ATTR'.
* cipher/rijndael-aesni.c (NO_INSTRUMENT_FUNCTION, ASM_FUNC_ATTR)
(ASM_FUNC_ATTR_INLINE, ASM_FUNC_ATTR_NOINLINE): New.
(aes_ocb_get_l, do_aesni_prepare_decryption, do_aesni_enc)
(do_aesni_dec, do_aesni_enc_vec4, do_aesni_dec_vec4, do_aesni_enc_vec8)
(do_aesni_dec_vec8, aesni_ocb_checksum): Define with
'ASM_FUNC_ATTR_INLINE' instead of 'inline'.
(do_aesni_ctr, do_aesni_ctr_4, do_aesni_ctr_8): Define wtih
'ASM_FUNC_ATTR_INLINE'.
(aesni_ocb_enc, aesni_ocb_dec): Define with 'ASM_FUNC_ATTR_NOINLINE'
instead of 'NO_INLINE'.
(_gcry_aes_aesni_do_setkey, _gcry_aes_aesni_prepare_decryption)
(_gcry_aes_aesni_encrypt, _gcry_aes_aesni_cfg_enc)
(_gcry_aes_aesni_cbc_enc, _gcry_aes_aesni_ctr_enc)
(_gcry_aes_aesni_decrypt, _gcry_aes_aesni_cfb_dec)
(_gcry_aes_aesni_cbc_dec, _gcry_aes_aesni_ocb_crypt)
(_gcry_aes_aesni_ocb_auth, _gcry_aes_aesni_xts_enc)
(_gcry_aes_aesni_xts_dec, _gcry_aes_aesni_xts_crypt): Define with
'ASM_FUNC_ATTR'.
* cipher/rijndael-ssse3-amd64.c (ALWAYS_INLINE, NO_INSTRUMENT_FUNCTION)
(ASM_FUNC_ATTR, ASM_FUNC_ATTR_INLINE): New.
(aes_ocb_get_l, do_ssse3_prepare_decryption, do_vpaes_ssse3_enc)
(do_vpaes_ssse3_dec): Define with 'ASM_FUNC_ATTR_INLINE' instead of
'inline'.
(_gcry_aes_ssse3_do_setkey, _gcry_aes_ssse3_prepare_decryption)
(_gcry_aes_ssse3_encrypt, _gcry_aes_ssse3_cfb_enc)
(_gcry_aes_ssse3_cbc_enc, _gcry_aes_ssse3_ctr_enc)
(_gcry_aes_ssse3_decrypt, _gcry_aes_ssse3_cfb_dec)
(_gcry_aes_ssse3_cbc_dec, ssse3_ocb_enc, ssse3_ocb_dec)
(_gcry_aes_ssse3_ocb_crypt, _gcry_aes_ssse3_ocb_auth): Define with
'ASM_FUNC_ATTR'.
* cipher/sha1-intel-shaext.c (NO_INSTRUMENT_FUNCTION)
(ASM_FUNC_ATTR): New.
(_gcry_sha1_transform_intel_shaext): Define with 'ASM_FUNC_ATTR'.
* cipher/sha256-intel-shaext.c (NO_INSTRUMENT_FUNCTION)
(ASM_FUNC_ATTR): New.
(_gcry_sha256_transform_intel_shaext): Define with 'ASM_FUNC_ATTR'.
* configure.ac (ENABLE_INSTRUMENTATION_MUNGING): New.
--
This commit disables instrumentation for mixed C/assembly implementations
for i386 and amd64 that make use of XMM registers. These implementations
use cc as thin assembly front-end and do not tolerate instrumentation
function calls inserted by compiler as those functions may clobber the
XMM registers.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
cipher/Makefile.am | 56 ++++++++++++++++++++++++++++++++---
cipher/cipher-gcm-intel-pclmul.c | 26 +++++++++++-----
cipher/crc-intel-pclmul.c | 19 ++++++++----
cipher/rijndael-aesni.c | 61 +++++++++++++++++++++-----------------
cipher/rijndael-ssse3-amd64.c | 41 +++++++++++++++-----------
cipher/sha1-intel-shaext.c | 6 +++-
cipher/sha256-intel-shaext.c | 6 +++-
configure.ac | 11 +++++++
8 files changed, 160 insertions(+), 66 deletions(-)
diff --git a/cipher/Makefile.am b/cipher/Makefile.am
index 2acd7cb38..19420bf4e 100644
--- a/cipher/Makefile.am
+++ b/cipher/Makefile.am
@@ -142,8 +142,56 @@ endif
# We need to lower the optimization for this module.
-tiger.o: $(srcdir)/tiger.c
- `echo $(COMPILE) -c $(srcdir)/tiger.c | $(o_flag_munging) `
+tiger.o: $(srcdir)/tiger.c Makefile
+ `echo $(COMPILE) -c $< | $(o_flag_munging) `
-tiger.lo: $(srcdir)/tiger.c
- `echo $(LTCOMPILE) -c $(srcdir)/tiger.c | $(o_flag_munging) `
+tiger.lo: $(srcdir)/tiger.c Makefile
+ `echo $(LTCOMPILE) -c $< | $(o_flag_munging) `
+
+
+# We need to disable instrumentation for these modules as they use cc as
+# thin assembly front-end and do not tolerate in-between function calls
+# inserted by compiler as those functions may clobber the XMM registers.
+if ENABLE_INSTRUMENTATION_MUNGING
+instrumentation_munging = sed \
+ -e 's/-fsanitize[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' \
+ -e 's/-fprofile[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g'
+else
+instrumentation_munging = cat
+endif
+
+rijndael-aesni.o: $(srcdir)/rijndael-aesni.c Makefile
+ `echo $(COMPILE) -c $< | $(instrumentation_munging) `
+
+rijndael-aesni.lo: $(srcdir)/rijndael-aesni.c Makefile
+ `echo $(LTCOMPILE) -c $< | $(instrumentation_munging) `
+
+rijndael-ssse3-amd64.o: $(srcdir)/rijndael-ssse3-amd64.c Makefile
+ `echo $(COMPILE) -c $< | $(instrumentation_munging) `
+
+rijndael-ssse3-amd64.lo: $(srcdir)/rijndael-ssse3-amd64.c Makefile
+ `echo $(LTCOMPILE) -c $< | $(instrumentation_munging) `
+
+cipher-gcm-intel-pclmul.o: $(srcdir)/cipher-gcm-intel-pclmul.c Makefile
+ `echo $(COMPILE) -c $< | $(instrumentation_munging) `
+
+cipher-gcm-intel-pclmul.lo: $(srcdir)/cipher-gcm-intel-pclmul.c Makefile
+ `echo $(LTCOMPILE) -c $< | $(instrumentation_munging) `
+
+sha1-intel-shaext.o: $(srcdir)/sha1-intel-shaext.c Makefile
+ `echo $(COMPILE) -c $< | $(instrumentation_munging) `
+
+sha1-intel-shaext.lo: $(srcdir)/sha1-intel-shaext.c Makefile
+ `echo $(LTCOMPILE) -c $< | $(instrumentation_munging) `
+
+sha256-intel-shaext.o: $(srcdir)/sha256-intel-shaext.c Makefile
+ `echo $(COMPILE) -c $< | $(instrumentation_munging) `
+
+sha256-intel-shaext.lo: $(srcdir)/sha256-intel-shaext.c Makefile
+ `echo $(LTCOMPILE) -c $< | $(instrumentation_munging) `
+
+crc-intel-pclmul.o: $(srcdir)/crc-intel-pclmul.c Makefile
+ `echo $(COMPILE) -c $< | $(instrumentation_munging) `
+
+crc-intel-pclmul.lo: $(srcdir)/crc-intel-pclmul.c Makefile
+ `echo $(LTCOMPILE) -c $< | $(instrumentation_munging) `
diff --git a/cipher/cipher-gcm-intel-pclmul.c b/cipher/cipher-gcm-intel-pclmul.c
index 8e109ba3c..28165c653 100644
--- a/cipher/cipher-gcm-intel-pclmul.c
+++ b/cipher/cipher-gcm-intel-pclmul.c
@@ -42,12 +42,19 @@
#endif
+#define ALWAYS_INLINE inline __attribute__((always_inline))
+#define NO_INSTRUMENT_FUNCTION __attribute__((no_instrument_function))
+
+#define ASM_FUNC_ATTR NO_INSTRUMENT_FUNCTION
+#define ASM_FUNC_ATTR_INLINE ASM_FUNC_ATTR ALWAYS_INLINE
+
+
/*
Intel PCLMUL ghash based on white paper:
"Intel® Carry-Less Multiplication Instruction and its Usage for Computing the
GCM Mode - Rev 2.01"; Shay Gueron, Michael E. Kounavis.
*/
-static inline void reduction(void)
+static ASM_FUNC_ATTR_INLINE void reduction(void)
{
/* input: <xmm1:xmm3> */
@@ -76,7 +83,7 @@ static inline void reduction(void)
::: "memory" );
}
-static inline void gfmul_pclmul(void)
+static ASM_FUNC_ATTR_INLINE void gfmul_pclmul(void)
{
/* Input: XMM0 and XMM1, Output: XMM1. Input XMM0 stays unmodified.
Input must be converted to little-endian.
@@ -107,9 +114,9 @@ static inline void gfmul_pclmul(void)
reduction();
}
-static inline void gfmul_pclmul_aggr4(const void *buf, const void *h_1,
- const void *h_table,
- const unsigned char *be_mask)
+static ASM_FUNC_ATTR_INLINE void
+gfmul_pclmul_aggr4(const void *buf, const void *h_1, const void *h_table,
+ const unsigned char *be_mask)
{
/* Input:
Hash: XMM1
@@ -208,7 +215,8 @@ static inline void gfmul_pclmul_aggr4(const void *buf, const void *h_1,
}
#ifdef __x86_64__
-static inline void gfmul_pclmul_aggr8(const void *buf, const void *h_table)
+static ASM_FUNC_ATTR_INLINE void
+gfmul_pclmul_aggr8(const void *buf, const void *h_table)
{
/* Input:
H¹: XMM0
@@ -372,7 +380,7 @@ static inline void gfmul_pclmul_aggr8(const void *buf, const void *h_table)
}
#endif
-static inline void gcm_lsh(void *h, unsigned int hoffs)
+static ASM_FUNC_ATTR_INLINE void gcm_lsh(void *h, unsigned int hoffs)
{
static const u64 pconst[2] __attribute__ ((aligned (16))) =
{ U64_C(0x0000000000000001), U64_C(0xc200000000000000) };
@@ -394,7 +402,7 @@ static inline void gcm_lsh(void *h, unsigned int hoffs)
: "memory" );
}
-void
+void ASM_FUNC_ATTR
_gcry_ghash_setup_intel_pclmul (gcry_cipher_hd_t c)
{
static const unsigned char be_mask[16] __attribute__ ((aligned (16))) =
@@ -548,7 +556,7 @@ _gcry_ghash_setup_intel_pclmul (gcry_cipher_hd_t c)
}
-unsigned int
+unsigned int ASM_FUNC_ATTR
_gcry_ghash_intel_pclmul (gcry_cipher_hd_t c, byte *result, const byte *buf,
size_t nblocks)
{
diff --git a/cipher/crc-intel-pclmul.c b/cipher/crc-intel-pclmul.c
index 482b260bf..8c8b1915a 100644
--- a/cipher/crc-intel-pclmul.c
+++ b/cipher/crc-intel-pclmul.c
@@ -44,6 +44,13 @@
#endif
+#define ALWAYS_INLINE inline __attribute__((always_inline))
+#define NO_INSTRUMENT_FUNCTION __attribute__((no_instrument_function))
+
+#define ASM_FUNC_ATTR NO_INSTRUMENT_FUNCTION
+#define ASM_FUNC_ATTR_INLINE ASM_FUNC_ATTR ALWAYS_INLINE
+
+
#define ALIGNED_16 __attribute__ ((aligned (16)))
@@ -135,7 +142,7 @@ static const u64 crc32_merge5to7_shuf[7 - 5 + 1][2] ALIGNED_16 =
};
/* PCLMUL functions for reflected CRC32. */
-static inline void
+static ASM_FUNC_ATTR_INLINE void
crc32_reflected_bulk (u32 *pcrc, const byte *inbuf, size_t inlen,
const struct crc32_consts_s *consts)
{
@@ -331,7 +338,7 @@ crc32_reflected_bulk (u32 *pcrc, const byte *inbuf, size_t inlen,
);
}
-static inline void
+static ASM_FUNC_ATTR_INLINE void
crc32_reflected_less_than_16 (u32 *pcrc, const byte *inbuf, size_t inlen,
const struct crc32_consts_s *consts)
{
@@ -480,7 +487,7 @@ crc32_reflected_less_than_16 (u32 *pcrc, const byte *inbuf, size_t inlen,
}
/* PCLMUL functions for non-reflected CRC32. */
-static inline void
+static ASM_FUNC_ATTR_INLINE void
crc32_bulk (u32 *pcrc, const byte *inbuf, size_t inlen,
const struct crc32_consts_s *consts)
{
@@ -695,7 +702,7 @@ crc32_bulk (u32 *pcrc, const byte *inbuf, size_t inlen,
: "eax" );
}
-static inline void
+static ASM_FUNC_ATTR_INLINE void
crc32_less_than_16 (u32 *pcrc, const byte *inbuf, size_t inlen,
const struct crc32_consts_s *consts)
{
@@ -857,7 +864,7 @@ crc32_less_than_16 (u32 *pcrc, const byte *inbuf, size_t inlen,
}
}
-void
+void ASM_FUNC_ATTR
_gcry_crc32_intel_pclmul (u32 *pcrc, const byte *inbuf, size_t inlen)
{
const struct crc32_consts_s *consts = &crc32_consts;
@@ -890,7 +897,7 @@ _gcry_crc32_intel_pclmul (u32 *pcrc, const byte *inbuf, size_t inlen)
#endif
}
-void
+void ASM_FUNC_ATTR
_gcry_crc24rfc2440_intel_pclmul (u32 *pcrc, const byte *inbuf, size_t inlen)
{
const struct crc32_consts_s *consts = &crc24rfc2440_consts;
diff --git a/cipher/rijndael-aesni.c b/cipher/rijndael-aesni.c
index a2a62abd8..b26449a77 100644
--- a/cipher/rijndael-aesni.c
+++ b/cipher/rijndael-aesni.c
@@ -46,6 +46,11 @@
#define ALWAYS_INLINE inline __attribute__((always_inline))
#define NO_INLINE __attribute__((noinline))
+#define NO_INSTRUMENT_FUNCTION __attribute__((no_instrument_function))
+
+#define ASM_FUNC_ATTR NO_INSTRUMENT_FUNCTION
+#define ASM_FUNC_ATTR_INLINE ASM_FUNC_ATTR ALWAYS_INLINE
+#define ASM_FUNC_ATTR_NOINLINE ASM_FUNC_ATTR NO_INLINE
typedef struct u128_s
@@ -56,7 +61,7 @@ typedef struct u128_s
/* Copy of ocb_get_l needed here as GCC is unable to inline ocb_get_l
because of 'pragma target'. */
-static ALWAYS_INLINE const unsigned char *
+static ASM_FUNC_ATTR_INLINE const unsigned char *
aes_ocb_get_l (gcry_cipher_hd_t c, u64 n)
{
unsigned long ntz;
@@ -161,7 +166,7 @@ aes_ocb_get_l (gcry_cipher_hd_t c, u64 n)
# endif
#endif
-void
+void ASM_FUNC_ATTR
_gcry_aes_aesni_do_setkey (RIJNDAEL_context *ctx, const byte *key)
{
aesni_prepare_2_7_variable;
@@ -395,7 +400,7 @@ _gcry_aes_aesni_do_setkey (RIJNDAEL_context *ctx, const byte *key)
/* Make a decryption key from an encryption key. */
-static ALWAYS_INLINE void
+static ASM_FUNC_ATTR_INLINE void
do_aesni_prepare_decryption (RIJNDAEL_context *ctx)
{
/* The AES-NI decrypt instructions use the Equivalent Inverse
@@ -443,7 +448,7 @@ do_aesni_prepare_decryption (RIJNDAEL_context *ctx)
#undef DO_AESNI_AESIMC
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_aesni_prepare_decryption (RIJNDAEL_context *ctx)
{
aesni_prepare();
@@ -454,7 +459,7 @@ _gcry_aes_aesni_prepare_decryption (RIJNDAEL_context *ctx)
/* Encrypt one block using the Intel AES-NI instructions. Block is input
* and output through SSE register xmm0. */
-static ALWAYS_INLINE void
+static ASM_FUNC_ATTR_INLINE void
do_aesni_enc (const RIJNDAEL_context *ctx)
{
#define aesenc_xmm1_xmm0 ".byte 0x66, 0x0f, 0x38, 0xdc, 0xc1\n\t"
@@ -507,7 +512,7 @@ do_aesni_enc (const RIJNDAEL_context *ctx)
/* Decrypt one block using the Intel AES-NI instructions. Block is input
* and output through SSE register xmm0. */
-static ALWAYS_INLINE void
+static ASM_FUNC_ATTR_INLINE void
do_aesni_dec (const RIJNDAEL_context *ctx)
{
#define aesdec_xmm1_xmm0 ".byte 0x66, 0x0f, 0x38, 0xde, 0xc1\n\t"
@@ -560,7 +565,7 @@ do_aesni_dec (const RIJNDAEL_context *ctx)
/* Encrypt four blocks using the Intel AES-NI instructions. Blocks are input
* and output through SSE registers xmm1 to xmm4. */
-static ALWAYS_INLINE void
+static ASM_FUNC_ATTR_INLINE void
do_aesni_enc_vec4 (const RIJNDAEL_context *ctx)
{
#define aesenc_xmm0_xmm1 ".byte 0x66, 0x0f, 0x38, 0xdc, 0xc8\n\t"
@@ -669,7 +674,7 @@ do_aesni_enc_vec4 (const RIJNDAEL_context *ctx)
/* Decrypt four blocks using the Intel AES-NI instructions. Blocks are input
* and output through SSE registers xmm1 to xmm4. */
-static ALWAYS_INLINE void
+static ASM_FUNC_ATTR_INLINE void
do_aesni_dec_vec4 (const RIJNDAEL_context *ctx)
{
#define aesdec_xmm0_xmm1 ".byte 0x66, 0x0f, 0x38, 0xde, 0xc8\n\t"
@@ -780,7 +785,7 @@ do_aesni_dec_vec4 (const RIJNDAEL_context *ctx)
/* Encrypt eight blocks using the Intel AES-NI instructions. Blocks are input
* and output through SSE registers xmm1 to xmm4 and xmm8 to xmm11. */
-static ALWAYS_INLINE void
+static ASM_FUNC_ATTR_INLINE void
do_aesni_enc_vec8 (const RIJNDAEL_context *ctx)
{
asm volatile ("movdqa (%[key]), %%xmm0\n\t"
@@ -932,7 +937,7 @@ do_aesni_enc_vec8 (const RIJNDAEL_context *ctx)
/* Decrypt eight blocks using the Intel AES-NI instructions. Blocks are input
* and output through SSE registers xmm1 to xmm4 and xmm8 to xmm11. */
-static ALWAYS_INLINE void
+static ASM_FUNC_ATTR_INLINE void
do_aesni_dec_vec8 (const RIJNDAEL_context *ctx)
{
asm volatile ("movdqa (%[key]), %%xmm0\n\t"
@@ -1087,7 +1092,7 @@ do_aesni_dec_vec8 (const RIJNDAEL_context *ctx)
/* Perform a CTR encryption round using the counter CTR and the input
block A. Write the result to the output block B and update CTR.
CTR needs to be a 16 byte aligned little-endian value. */
-static void
+static ASM_FUNC_ATTR_INLINE void
do_aesni_ctr (const RIJNDAEL_context *ctx,
unsigned char *ctr, unsigned char *b, const unsigned char *a)
{
@@ -1166,7 +1171,7 @@ do_aesni_ctr (const RIJNDAEL_context *ctx,
/* Four blocks at a time variant of do_aesni_ctr. */
-static void
+static ASM_FUNC_ATTR_INLINE void
do_aesni_ctr_4 (const RIJNDAEL_context *ctx,
unsigned char *ctr, unsigned char *b, const unsigned char *a)
{
@@ -1386,7 +1391,7 @@ do_aesni_ctr_4 (const RIJNDAEL_context *ctx,
#ifdef __x86_64__
/* Eight blocks at a time variant of do_aesni_ctr. */
-static void
+static ASM_FUNC_ATTR_INLINE void
do_aesni_ctr_8 (const RIJNDAEL_context *ctx,
unsigned char *ctr, unsigned char *b, const unsigned char *a)
{
@@ -1704,7 +1709,7 @@ do_aesni_ctr_8 (const RIJNDAEL_context *ctx,
#endif /* __x86_64__ */
-unsigned int
+unsigned int ASM_FUNC_ATTR
_gcry_aes_aesni_encrypt (const RIJNDAEL_context *ctx, unsigned char *dst,
const unsigned char *src)
{
@@ -1723,7 +1728,7 @@ _gcry_aes_aesni_encrypt (const RIJNDAEL_context *ctx, unsigned char *dst,
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_aesni_cfb_enc (RIJNDAEL_context *ctx, unsigned char *iv,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks)
@@ -1759,7 +1764,7 @@ _gcry_aes_aesni_cfb_enc (RIJNDAEL_context *ctx, unsigned char *iv,
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_aesni_cbc_enc (RIJNDAEL_context *ctx, unsigned char *iv,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks, int cbc_mac)
@@ -1805,7 +1810,7 @@ _gcry_aes_aesni_cbc_enc (RIJNDAEL_context *ctx, unsigned char *iv,
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_aesni_ctr_enc (RIJNDAEL_context *ctx, unsigned char *ctr,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks)
@@ -1859,7 +1864,7 @@ _gcry_aes_aesni_ctr_enc (RIJNDAEL_context *ctx, unsigned char *ctr,
}
-unsigned int
+unsigned int ASM_FUNC_ATTR
_gcry_aes_aesni_decrypt (const RIJNDAEL_context *ctx, unsigned char *dst,
const unsigned char *src)
{
@@ -1878,7 +1883,7 @@ _gcry_aes_aesni_decrypt (const RIJNDAEL_context *ctx, unsigned char *dst,
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_aesni_cfb_dec (RIJNDAEL_context *ctx, unsigned char *iv,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks)
@@ -2033,7 +2038,7 @@ _gcry_aes_aesni_cfb_dec (RIJNDAEL_context *ctx, unsigned char *iv,
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_aesni_cbc_dec (RIJNDAEL_context *ctx, unsigned char *iv,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks)
@@ -2198,7 +2203,7 @@ _gcry_aes_aesni_cbc_dec (RIJNDAEL_context *ctx, unsigned char *iv,
}
-static ALWAYS_INLINE void
+static ASM_FUNC_ATTR_INLINE void
aesni_ocb_checksum (gcry_cipher_hd_t c, const unsigned char *plaintext,
size_t nblocks)
{
@@ -2362,7 +2367,7 @@ aesni_ocb_checksum (gcry_cipher_hd_t c, const unsigned char *plaintext,
}
-static unsigned int NO_INLINE
+static unsigned int ASM_FUNC_ATTR_NOINLINE
aesni_ocb_enc (gcry_cipher_hd_t c, void *outbuf_arg,
const void *inbuf_arg, size_t nblocks)
{
@@ -2849,7 +2854,7 @@ aesni_ocb_enc (gcry_cipher_hd_t c, void *outbuf_arg,
}
-static unsigned int NO_INLINE
+static unsigned int ASM_FUNC_ATTR_NOINLINE
aesni_ocb_dec (gcry_cipher_hd_t c, void *outbuf_arg,
const void *inbuf_arg, size_t nblocks_arg)
{
@@ -3324,7 +3329,7 @@ aesni_ocb_dec (gcry_cipher_hd_t c, void *outbuf_arg,
}
-size_t
+size_t ASM_FUNC_ATTR
_gcry_aes_aesni_ocb_crypt(gcry_cipher_hd_t c, void *outbuf_arg,
const void *inbuf_arg, size_t nblocks, int encrypt)
{
@@ -3335,7 +3340,7 @@ _gcry_aes_aesni_ocb_crypt(gcry_cipher_hd_t c, void *outbuf_arg,
}
-size_t
+size_t ASM_FUNC_ATTR
_gcry_aes_aesni_ocb_auth (gcry_cipher_hd_t c, const void *abuf_arg,
size_t nblocks)
{
@@ -3586,7 +3591,7 @@ static const u64 xts_gfmul_const[16] __attribute__ ((aligned (16))) =
{ 0x87, 0x01 };
-static void
+static void ASM_FUNC_ATTR
_gcry_aes_aesni_xts_enc (RIJNDAEL_context *ctx, unsigned char *tweak,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks)
@@ -3724,7 +3729,7 @@ _gcry_aes_aesni_xts_enc (RIJNDAEL_context *ctx, unsigned char *tweak,
}
-static void
+static void ASM_FUNC_ATTR
_gcry_aes_aesni_xts_dec (RIJNDAEL_context *ctx, unsigned char *tweak,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks)
@@ -3868,7 +3873,7 @@ _gcry_aes_aesni_xts_dec (RIJNDAEL_context *ctx, unsigned char *tweak,
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_aesni_xts_crypt (RIJNDAEL_context *ctx, unsigned char *tweak,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks, int encrypt)
diff --git a/cipher/rijndael-ssse3-amd64.c b/cipher/rijndael-ssse3-amd64.c
index 0c1ae6e6e..b07238531 100644
--- a/cipher/rijndael-ssse3-amd64.c
+++ b/cipher/rijndael-ssse3-amd64.c
@@ -60,9 +60,16 @@
#endif
+#define ALWAYS_INLINE inline __attribute__((always_inline))
+#define NO_INSTRUMENT_FUNCTION __attribute__((no_instrument_function))
+
+#define ASM_FUNC_ATTR NO_INSTRUMENT_FUNCTION
+#define ASM_FUNC_ATTR_INLINE ASM_FUNC_ATTR ALWAYS_INLINE
+
+
/* Copy of ocb_get_l needed here as GCC is unable to inline ocb_get_l
because of 'pragma target'. */
-static inline const unsigned char *
+static ASM_FUNC_ATTR_INLINE const unsigned char *
aes_ocb_get_l (gcry_cipher_hd_t c, u64 n)
{
unsigned long ntz;
@@ -156,7 +163,7 @@ extern void _gcry_aes_ssse3_decrypt_core(const void *key, u64 nrounds);
_gcry_aes_ssse3_dec_preload();
-void
+void ASM_FUNC_ATTR
_gcry_aes_ssse3_do_setkey (RIJNDAEL_context *ctx, const byte *key)
{
unsigned int keybits = (ctx->rounds - 10) * 32 + 128;
@@ -195,7 +202,7 @@ _gcry_aes_ssse3_do_setkey (RIJNDAEL_context *ctx, const byte *key)
/* Make a decryption key from an encryption key. */
-static inline void
+static ASM_FUNC_ATTR_INLINE void
do_ssse3_prepare_decryption (RIJNDAEL_context *ctx,
byte ssse3_state[SSSE3_STATE_SIZE])
{
@@ -210,7 +217,7 @@ do_ssse3_prepare_decryption (RIJNDAEL_context *ctx,
vpaes_ssse3_cleanup();
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_ssse3_prepare_decryption (RIJNDAEL_context *ctx)
{
byte ssse3_state[SSSE3_STATE_SIZE];
@@ -221,7 +228,7 @@ _gcry_aes_ssse3_prepare_decryption (RIJNDAEL_context *ctx)
/* Encrypt one block using the Intel SSSE3 instructions. Block is input
* and output through SSE register xmm0. */
-static inline void
+static ASM_FUNC_ATTR_INLINE void
do_vpaes_ssse3_enc (const RIJNDAEL_context *ctx, unsigned int nrounds)
{
_gcry_aes_ssse3_encrypt_core(ctx->keyschenc32, nrounds);
@@ -230,14 +237,14 @@ do_vpaes_ssse3_enc (const RIJNDAEL_context *ctx, unsigned int nrounds)
/* Decrypt one block using the Intel SSSE3 instructions. Block is input
* and output through SSE register xmm0. */
-static inline void
+static ASM_FUNC_ATTR_INLINE void
do_vpaes_ssse3_dec (const RIJNDAEL_context *ctx, unsigned int nrounds)
{
_gcry_aes_ssse3_decrypt_core(ctx->keyschdec32, nrounds);
}
-unsigned int
+unsigned int ASM_FUNC_ATTR
_gcry_aes_ssse3_encrypt (const RIJNDAEL_context *ctx, unsigned char *dst,
const unsigned char *src)
{
@@ -259,7 +266,7 @@ _gcry_aes_ssse3_encrypt (const RIJNDAEL_context *ctx, unsigned char *dst,
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_ssse3_cfb_enc (RIJNDAEL_context *ctx, unsigned char *iv,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks)
@@ -298,7 +305,7 @@ _gcry_aes_ssse3_cfb_enc (RIJNDAEL_context *ctx, unsigned char *iv,
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_ssse3_cbc_enc (RIJNDAEL_context *ctx, unsigned char *iv,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks, int cbc_mac)
@@ -343,7 +350,7 @@ _gcry_aes_ssse3_cbc_enc (RIJNDAEL_context *ctx, unsigned char *iv,
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_ssse3_ctr_enc (RIJNDAEL_context *ctx, unsigned char *ctr,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks)
@@ -410,7 +417,7 @@ _gcry_aes_ssse3_ctr_enc (RIJNDAEL_context *ctx, unsigned char *ctr,
}
-unsigned int
+unsigned int ASM_FUNC_ATTR
_gcry_aes_ssse3_decrypt (const RIJNDAEL_context *ctx, unsigned char *dst,
const unsigned char *src)
{
@@ -432,7 +439,7 @@ _gcry_aes_ssse3_decrypt (const RIJNDAEL_context *ctx, unsigned char *dst,
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_ssse3_cfb_dec (RIJNDAEL_context *ctx, unsigned char *iv,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks)
@@ -472,7 +479,7 @@ _gcry_aes_ssse3_cfb_dec (RIJNDAEL_context *ctx, unsigned char *iv,
}
-void
+void ASM_FUNC_ATTR
_gcry_aes_ssse3_cbc_dec (RIJNDAEL_context *ctx, unsigned char *iv,
unsigned char *outbuf, const unsigned char *inbuf,
size_t nblocks)
@@ -523,7 +530,7 @@ _gcry_aes_ssse3_cbc_dec (RIJNDAEL_context *ctx, unsigned char *iv,
}
-static void
+static void ASM_FUNC_ATTR
ssse3_ocb_enc (gcry_cipher_hd_t c, void *outbuf_arg,
const void *inbuf_arg, size_t nblocks)
{
@@ -586,7 +593,7 @@ ssse3_ocb_enc (gcry_cipher_hd_t c, void *outbuf_arg,
vpaes_ssse3_cleanup ();
}
-static void
+static void ASM_FUNC_ATTR
ssse3_ocb_dec (gcry_cipher_hd_t c, void *outbuf_arg,
const void *inbuf_arg, size_t nblocks)
{
@@ -656,7 +663,7 @@ ssse3_ocb_dec (gcry_cipher_hd_t c, void *outbuf_arg,
}
-size_t
+size_t ASM_FUNC_ATTR
_gcry_aes_ssse3_ocb_crypt(gcry_cipher_hd_t c, void *outbuf_arg,
const void *inbuf_arg, size_t nblocks, int encrypt)
{
@@ -669,7 +676,7 @@ _gcry_aes_ssse3_ocb_crypt(gcry_cipher_hd_t c, void *outbuf_arg,
}
-size_t
+size_t ASM_FUNC_ATTR
_gcry_aes_ssse3_ocb_auth (gcry_cipher_hd_t c, const void *abuf_arg,
size_t nblocks)
{
diff --git a/cipher/sha1-intel-shaext.c b/cipher/sha1-intel-shaext.c
index d7e3d4f8e..ddf2be2aa 100644
--- a/cipher/sha1-intel-shaext.c
+++ b/cipher/sha1-intel-shaext.c
@@ -33,6 +33,10 @@
# pragma clang attribute push (__attribute__((target("no-sse"))), apply_to = function)
#endif
+#define NO_INSTRUMENT_FUNCTION __attribute__((no_instrument_function))
+
+#define ASM_FUNC_ATTR NO_INSTRUMENT_FUNCTION
+
/* Two macros to be called prior and after the use of SHA-EXT
instructions. There should be no external function calls between
the use of these macros. There purpose is to make sure that the
@@ -89,7 +93,7 @@
/*
* Transform nblks*64 bytes (nblks*16 32-bit words) at DATA.
*/
-unsigned int
+unsigned int ASM_FUNC_ATTR
_gcry_sha1_transform_intel_shaext(void *state, const unsigned char *data,
size_t nblks)
{
diff --git a/cipher/sha256-intel-shaext.c b/cipher/sha256-intel-shaext.c
index 2eda42d8d..48c09eefe 100644
--- a/cipher/sha256-intel-shaext.c
+++ b/cipher/sha256-intel-shaext.c
@@ -33,6 +33,10 @@
# pragma clang attribute push (__attribute__((target("no-sse"))), apply_to = function)
#endif
+#define NO_INSTRUMENT_FUNCTION __attribute__((no_instrument_function))
+
+#define ASM_FUNC_ATTR NO_INSTRUMENT_FUNCTION
+
/* Two macros to be called prior and after the use of SHA-EXT
instructions. There should be no external function calls between
the use of these macros. There purpose is to make sure that the
@@ -94,7 +98,7 @@ typedef struct u128_s
/*
* Transform nblks*64 bytes (nblks*16 32-bit words) at DATA.
*/
-unsigned int
+unsigned int ASM_FUNC_ATTR
_gcry_sha256_transform_intel_shaext(u32 state[8], const unsigned char *data,
size_t nblks)
{
diff --git a/configure.ac b/configure.ac
index c9cbdefc3..af68e61bb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -691,6 +691,17 @@ AC_ARG_ENABLE([O-flag-munging],
AC_MSG_RESULT($enable_o_flag_munging)
AM_CONDITIONAL(ENABLE_O_FLAG_MUNGING, test "$enable_o_flag_munging" = "yes")
+# Implementation of the --disable-instrumentation-munging switch.
+AC_MSG_CHECKING([whether a instrumentation (-fprofile, -fsanitize) munging is requested])
+AC_ARG_ENABLE([instrumentation-munging],
+ AC_HELP_STRING([--disable-instrumentation-munging],
+ [Disable modification of the cc instrumentation options]),
+ [enable_instrumentation_munging=$enableval],
+ [enable_instrumentation_munging=yes])
+AC_MSG_RESULT($enable_instrumentation_munging)
+AM_CONDITIONAL(ENABLE_INSTRUMENTATION_MUNGING,
+ test "$enable_instrumentation_munging" = "yes")
+
# Implementation of the --disable-amd64-as-feature-detection switch.
AC_MSG_CHECKING([whether to enable AMD64 as(1) feature detection])
AC_ARG_ENABLE(amd64-as-feature-detection,
More information about the Gcrypt-devel
mailing list