diff options
author | Elliott Hughes <enh@google.com> | 2021-04-06 21:11:55 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2021-04-06 21:11:55 +0000 |
commit | 8beec73fbbcaaab6785c3f9cc5a9661afcbc7fa7 (patch) | |
tree | 4f552c06b6d628ad0c33313ac0c59356d2fee81e /third_party/boringssl/linux-aarch64/crypto/fipsmodule/aesv8-armx64.S | |
parent | 5b891fa7870a81b28a80703881801bb1788690df (diff) | |
parent | da27832bbb98d4539bbde146c7be39dc6ed68552 (diff) | |
download | openscreen-8beec73fbbcaaab6785c3f9cc5a9661afcbc7fa7.tar.gz |
Upgrade openscreen to 207f3b2b5814bbbe2530b3d0f8fb4da1665a02ce am: f367710da5 am: 58adcd624e am: da27832bbbandroid-12.1.0_r9android-12.1.0_r8android-12.1.0_r7android-12.1.0_r26android-12.1.0_r25android-12.1.0_r24android-12.1.0_r23android-12.1.0_r22android-12.1.0_r21android-12.1.0_r20android-12.1.0_r19android-12.1.0_r18android-12.1.0_r17android-12.1.0_r16android-12.1.0_r15android-12.1.0_r14android-12.1.0_r13android-12.1.0_r12android-12.1.0_r11android-12.1.0_r10android-12.0.0_r32android-12.0.0_r29android-12.0.0_r28android-12.0.0_r27android-12.0.0_r26android-12.0.0_r21android-12.0.0_r20android-12.0.0_r19android-12.0.0_r18android-12.0.0_r16android12L-devandroid12L-d2-s8-releaseandroid12L-d2-s7-releaseandroid12L-d2-s6-releaseandroid12L-d2-s5-releaseandroid12L-d2-s4-releaseandroid12L-d2-s3-releaseandroid12L-d2-s2-releaseandroid12L-d2-s1-releaseandroid12L-d2-releaseandroid12-qpr3-s7-releaseandroid12-qpr3-s6-releaseandroid12-qpr3-s5-releaseandroid12-qpr3-s4-releaseandroid12-qpr3-s3-releaseandroid12-qpr3-s2-releaseandroid12-qpr3-s1-releaseandroid12-qpr3-releaseandroid12-qpr1-releaseandroid12-qpr1-d-s3-releaseandroid12-qpr1-d-s2-releaseandroid12-qpr1-d-s1-releaseandroid12-qpr1-d-releaseandroid12-dev
Original change: https://android-review.googlesource.com/c/platform/external/openscreen/+/1662593
Change-Id: Ib86d4381161ec9a8e12fcd6d9f650d47cc836a22
Diffstat (limited to 'third_party/boringssl/linux-aarch64/crypto/fipsmodule/aesv8-armx64.S')
-rw-r--r-- | third_party/boringssl/linux-aarch64/crypto/fipsmodule/aesv8-armx64.S | 55 |
1 files changed, 41 insertions, 14 deletions
diff --git a/third_party/boringssl/linux-aarch64/crypto/fipsmodule/aesv8-armx64.S b/third_party/boringssl/linux-aarch64/crypto/fipsmodule/aesv8-armx64.S index 60c70a24..f8cd03df 100644 --- a/third_party/boringssl/linux-aarch64/crypto/fipsmodule/aesv8-armx64.S +++ b/third_party/boringssl/linux-aarch64/crypto/fipsmodule/aesv8-armx64.S @@ -33,6 +33,8 @@ .align 5 aes_hw_set_encrypt_key: .Lenc_key: + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. + AARCH64_VALID_CALL_TARGET stp x29,x30,[sp,#-16]! add x29,sp,#0 mov x3,#-1 @@ -201,6 +203,7 @@ aes_hw_set_encrypt_key: .type aes_hw_set_decrypt_key,%function .align 5 aes_hw_set_decrypt_key: + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 bl .Lenc_key @@ -234,6 +237,7 @@ aes_hw_set_decrypt_key: eor x0,x0,x0 // return value .Ldec_key_abort: ldp x29,x30,[sp],#16 + AARCH64_VALIDATE_LINK_REGISTER ret .size aes_hw_set_decrypt_key,.-aes_hw_set_decrypt_key .globl aes_hw_encrypt @@ -241,6 +245,7 @@ aes_hw_set_decrypt_key: .type aes_hw_encrypt,%function .align 5 aes_hw_encrypt: + AARCH64_VALID_CALL_TARGET ldr w3,[x2,#240] ld1 {v0.4s},[x2],#16 ld1 {v2.16b},[x0] @@ -271,6 +276,7 @@ aes_hw_encrypt: .type aes_hw_decrypt,%function .align 5 aes_hw_decrypt: + AARCH64_VALID_CALL_TARGET ldr w3,[x2,#240] ld1 {v0.4s},[x2],#16 ld1 {v2.16b},[x0] @@ -301,6 +307,8 @@ aes_hw_decrypt: .type aes_hw_cbc_encrypt,%function .align 5 aes_hw_cbc_encrypt: + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. + AARCH64_VALID_CALL_TARGET stp x29,x30,[sp,#-16]! add x29,sp,#0 subs x2,x2,#16 @@ -592,6 +600,8 @@ aes_hw_cbc_encrypt: .type aes_hw_ctr32_encrypt_blocks,%function .align 5 aes_hw_ctr32_encrypt_blocks: + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. + AARCH64_VALID_CALL_TARGET stp x29,x30,[sp,#-16]! add x29,sp,#0 ldr w5,[x3,#240] @@ -611,20 +621,34 @@ aes_hw_ctr32_encrypt_blocks: add x7,x3,#32 mov w6,w5 csel x12,xzr,x12,lo + + // ARM Cortex-A57 and Cortex-A72 cores running in 32-bit mode are + // affected by silicon errata #1742098 [0] and #1655431 [1], + // respectively, where the second instruction of an aese/aesmc + // instruction pair may execute twice if an interrupt is taken right + // after the first instruction consumes an input register of which a + // single 32-bit lane has been updated the last time it was modified. + // + // This function uses a counter in one 32-bit lane. The vmov lines + // could write to v1.16b and v18.16b directly, but that trips this bugs. + // We write to v6.16b and copy to the final register as a workaround. + // + // [0] ARM-EPM-049219 v23 Cortex-A57 MPCore Software Developers Errata Notice + // [1] ARM-EPM-012079 v11.0 Cortex-A72 MPCore Software Developers Errata Notice #ifndef __ARMEB__ rev w8, w8 #endif - orr v1.16b,v0.16b,v0.16b add w10, w8, #1 - orr v18.16b,v0.16b,v0.16b - add w8, w8, #2 orr v6.16b,v0.16b,v0.16b rev w10, w10 - mov v1.s[3],w10 + mov v6.s[3],w10 + add w8, w8, #2 + orr v1.16b,v6.16b,v6.16b b.ls .Lctr32_tail rev w12, w8 + mov v6.s[3],w12 sub x2,x2,#3 // bias - mov v18.s[3],w12 + orr v18.16b,v6.16b,v6.16b b .Loop3x_ctr32 .align 4 @@ -651,11 +675,11 @@ aes_hw_ctr32_encrypt_blocks: aese v1.16b,v16.16b aesmc v5.16b,v1.16b ld1 {v2.16b},[x0],#16 - orr v0.16b,v6.16b,v6.16b + add w9,w8,#1 aese v18.16b,v16.16b aesmc v18.16b,v18.16b ld1 {v3.16b},[x0],#16 - orr v1.16b,v6.16b,v6.16b + rev w9,w9 aese v4.16b,v17.16b aesmc v4.16b,v4.16b aese v5.16b,v17.16b @@ -664,8 +688,6 @@ aes_hw_ctr32_encrypt_blocks: mov x7,x3 aese v18.16b,v17.16b aesmc v17.16b,v18.16b - orr v18.16b,v6.16b,v6.16b - add w9,w8,#1 aese v4.16b,v20.16b aesmc v4.16b,v4.16b aese v5.16b,v20.16b @@ -680,21 +702,26 @@ aes_hw_ctr32_encrypt_blocks: aesmc v4.16b,v4.16b aese v5.16b,v21.16b aesmc v5.16b,v5.16b + // Note the logic to update v0.16b, v1.16b, and v1.16b is written to work + // around a bug in ARM Cortex-A57 and Cortex-A72 cores running in + // 32-bit mode. See the comment above. eor v19.16b,v19.16b,v7.16b - rev w9,w9 + mov v6.s[3], w9 aese v17.16b,v21.16b aesmc v17.16b,v17.16b - mov v0.s[3], w9 + orr v0.16b,v6.16b,v6.16b rev w10,w10 aese v4.16b,v22.16b aesmc v4.16b,v4.16b + mov v6.s[3], w10 + rev w12,w8 aese v5.16b,v22.16b aesmc v5.16b,v5.16b - mov v1.s[3], w10 - rev w12,w8 + orr v1.16b,v6.16b,v6.16b + mov v6.s[3], w12 aese v17.16b,v22.16b aesmc v17.16b,v17.16b - mov v18.s[3], w12 + orr v18.16b,v6.16b,v6.16b subs x2,x2,#3 aese v4.16b,v23.16b aese v5.16b,v23.16b |