From 37faa936b5598f5b19a32103d8b221923fc957c0 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Tue, 21 Dec 2021 18:43:32 -0500 Subject: [PATCH] Move public APIs from cpu.h to crypto.h. cpu.h contains almost entirely private symbols, which aren't reliably usable outside the library because they lack OPENSSL_EXPORT. (And can't have OPENSSL_EXPORT. The linker wants references to exported symbols to go through the GOT, and our assembly doesn't do that.) In preparation for unexporting them, move the few public APIs to crypto.h. They seem similar in spirit to functions like CRYPTO_has_asm. Update-Note: As part of this, I conditioned cpu-arm-linux.c on OPENSSL_LINUX, so that the header files can have accurate conditions. This means unrecognized ARM platforms that do not set OPENSSL_STATIC_ARMCAP will fail to build, where previously we defaulted to the Linux mechanisms. This matches cpu-aarch64-linux.c, which is already gated on OPENSSL_LINUX. (And the file is quite Linux-specific. Even if a non-Linux ELF target used getauxval for ARM capabilities, it's unlikely that our hardcoded constants and /proc behavior applies anyway.) Change-Id: I1ee9eb72097be619d3f28a51b1ea058b3c37d05a Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/50845 Reviewed-by: Adam Langley Commit-Queue: Adam Langley --- crypto/cpu_arm_linux.c | 5 +++-- include/openssl/cpu.h | 12 ++---------- include/openssl/crypto.h | 11 +++++++++++ 3 files changed, 16 insertions(+), 12 deletions(-) diff --git a/crypto/cpu_arm_linux.c b/crypto/cpu_arm_linux.c index 0ffd9a49a..d8b878a6f 100644 --- a/crypto/cpu_arm_linux.c +++ b/crypto/cpu_arm_linux.c @@ -14,7 +14,8 @@ #include -#if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP) +#if defined(OPENSSL_ARM) && defined(OPENSSL_LINUX) && \ + !defined(OPENSSL_STATIC_ARMCAP) #include #include #include @@ -226,4 +227,4 @@ int CRYPTO_has_broken_NEON(void) { return g_has_broken_neon; } int CRYPTO_needs_hwcap2_workaround(void) { return g_needs_hwcap2_workaround; } -#endif // OPENSSL_ARM && !OPENSSL_STATIC_ARMCAP +#endif // OPENSSL_ARM && OPENSSL_LINUX && !OPENSSL_STATIC_ARMCAP diff --git a/include/openssl/cpu.h b/include/openssl/cpu.h index e71fbecd0..9331e0475 100644 --- a/include/openssl/cpu.h +++ b/include/openssl/cpu.h @@ -63,6 +63,8 @@ #include +#include + #if defined(__cplusplus) extern "C" { #endif @@ -124,16 +126,6 @@ int CRYPTO_is_ARMv8_AES_capable_at_runtime(void); // CRYPTO_is_ARMv8_PMULL_capable_at_runtime returns true if the current CPU // supports the ARMv8 PMULL instruction. int CRYPTO_is_ARMv8_PMULL_capable_at_runtime(void); - -#if defined(OPENSSL_ARM) -// CRYPTO_has_broken_NEON returns one if the current CPU is known to have a -// broken NEON unit. See https://crbug.com/341598. -OPENSSL_EXPORT int CRYPTO_has_broken_NEON(void); - -// CRYPTO_needs_hwcap2_workaround returns one if the ARMv8 AArch32 AT_HWCAP2 -// workaround was needed. See https://crbug.com/boringssl/46. -OPENSSL_EXPORT int CRYPTO_needs_hwcap2_workaround(void); -#endif #endif // !OPENSSL_STATIC_ARMCAP // CRYPTO_is_NEON_capable returns true if the current CPU has a NEON unit. If diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index 93b1a9bb2..0824b934d 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -67,6 +67,17 @@ OPENSSL_EXPORT int BORINGSSL_self_test(void); // SANDBOXING.md in the source tree. OPENSSL_EXPORT void CRYPTO_pre_sandbox_init(void); +#if defined(OPENSSL_ARM) && defined(OPENSSL_LINUX) && \ + !defined(OPENSSL_STATIC_ARMCAP) +// CRYPTO_has_broken_NEON returns one if the current CPU is known to have a +// broken NEON unit. See https://crbug.com/341598. +OPENSSL_EXPORT int CRYPTO_has_broken_NEON(void); + +// CRYPTO_needs_hwcap2_workaround returns one if the ARMv8 AArch32 AT_HWCAP2 +// workaround was needed. See https://crbug.com/boringssl/46. +OPENSSL_EXPORT int CRYPTO_needs_hwcap2_workaround(void); +#endif // OPENSSL_ARM && OPENSSL_LINUX && !OPENSSL_STATIC_ARMCAP + // FIPS monitoring