Blame SOURCES/libgcrypt-1.8.5-intel-cet.patch

4bbd51
diff -up libgcrypt-1.8.5/cipher/camellia-aesni-avx2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/camellia-aesni-avx2-amd64.S
4bbd51
--- libgcrypt-1.8.5/cipher/camellia-aesni-avx2-amd64.S.intel-cet	2017-11-23 19:16:58.000000000 +0100
4bbd51
+++ libgcrypt-1.8.5/cipher/camellia-aesni-avx2-amd64.S	2020-01-23 15:36:44.148972045 +0100
4bbd51
@@ -18,8 +18,9 @@
4bbd51
  * License along with this program; if not, see <http://www.gnu.org/licenses/>.
4bbd51
  */
4bbd51
 
4bbd51
-#ifdef __x86_64
4bbd51
 #include <config.h>
4bbd51
+
4bbd51
+#ifdef __x86_64
4bbd51
 #if (defined(HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS) || \
4bbd51
      defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS)) && \
4bbd51
     defined(ENABLE_AESNI_SUPPORT) && defined(ENABLE_AVX2_SUPPORT)
4bbd51
diff -up libgcrypt-1.8.5/cipher/camellia-aesni-avx-amd64.S.intel-cet libgcrypt-1.8.5/cipher/camellia-aesni-avx-amd64.S
4bbd51
--- libgcrypt-1.8.5/cipher/camellia-aesni-avx-amd64.S.intel-cet	2017-11-23 19:16:58.000000000 +0100
4bbd51
+++ libgcrypt-1.8.5/cipher/camellia-aesni-avx-amd64.S	2020-01-23 15:36:44.145972088 +0100
4bbd51
@@ -18,8 +18,9 @@
4bbd51
  * License along with this program; if not, see <http://www.gnu.org/licenses/>.
4bbd51
  */
4bbd51
 
4bbd51
-#ifdef __x86_64
4bbd51
 #include <config.h>
4bbd51
+
4bbd51
+#ifdef __x86_64
4bbd51
 #if (defined(HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS) || \
4bbd51
      defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS)) && \
4bbd51
     defined(ENABLE_AESNI_SUPPORT) && defined(ENABLE_AVX_SUPPORT)
4bbd51
diff -up libgcrypt-1.8.5/cipher/chacha20-avx2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/chacha20-avx2-amd64.S
4bbd51
--- libgcrypt-1.8.5/cipher/chacha20-avx2-amd64.S.intel-cet	2017-11-23 19:16:58.000000000 +0100
4bbd51
+++ libgcrypt-1.8.5/cipher/chacha20-avx2-amd64.S	2020-01-23 15:36:16.780250066 +0100
4bbd51
@@ -48,6 +48,9 @@
4bbd51
 .globl _gcry_chacha20_amd64_avx2_blocks
4bbd51
 ELF(.type  _gcry_chacha20_amd64_avx2_blocks,@function;)
4bbd51
 _gcry_chacha20_amd64_avx2_blocks:
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 .Lchacha_blocks_avx2_local:
4bbd51
 	vzeroupper
4bbd51
 	pushq %rbx
4bbd51
diff -up libgcrypt-1.8.5/cipher/chacha20-sse2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/chacha20-sse2-amd64.S
4bbd51
--- libgcrypt-1.8.5/cipher/chacha20-sse2-amd64.S.intel-cet	2017-11-23 19:16:58.000000000 +0100
4bbd51
+++ libgcrypt-1.8.5/cipher/chacha20-sse2-amd64.S	2020-01-23 15:36:16.783250095 +0100
4bbd51
@@ -41,6 +41,9 @@
4bbd51
 .globl _gcry_chacha20_amd64_sse2_blocks
4bbd51
 ELF(.type  _gcry_chacha20_amd64_sse2_blocks,@function;)
4bbd51
 _gcry_chacha20_amd64_sse2_blocks:
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 .Lchacha_blocks_sse2_local:
4bbd51
 	pushq %rbx
4bbd51
 	pushq %rbp
4bbd51
diff -up libgcrypt-1.8.5/cipher/poly1305-avx2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/poly1305-avx2-amd64.S
4bbd51
--- libgcrypt-1.8.5/cipher/poly1305-avx2-amd64.S.intel-cet	2017-11-23 19:16:58.000000000 +0100
4bbd51
+++ libgcrypt-1.8.5/cipher/poly1305-avx2-amd64.S	2020-01-23 15:36:16.784250105 +0100
4bbd51
@@ -43,6 +43,9 @@
4bbd51
 .globl _gcry_poly1305_amd64_avx2_init_ext
4bbd51
 ELF(.type  _gcry_poly1305_amd64_avx2_init_ext,@function;)
4bbd51
 _gcry_poly1305_amd64_avx2_init_ext:
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 .Lpoly1305_init_ext_avx2_local:
4bbd51
 	xor %edx, %edx
4bbd51
 	vzeroupper
4bbd51
@@ -406,6 +409,9 @@ ELF(.size _gcry_poly1305_amd64_avx2_init
4bbd51
 .globl _gcry_poly1305_amd64_avx2_blocks
4bbd51
 ELF(.type  _gcry_poly1305_amd64_avx2_blocks,@function;)
4bbd51
 _gcry_poly1305_amd64_avx2_blocks:
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 .Lpoly1305_blocks_avx2_local:
4bbd51
 	vzeroupper
4bbd51
 	pushq %rbp
4bbd51
@@ -732,6 +738,9 @@ ELF(.size _gcry_poly1305_amd64_avx2_bloc
4bbd51
 .globl _gcry_poly1305_amd64_avx2_finish_ext
4bbd51
 ELF(.type  _gcry_poly1305_amd64_avx2_finish_ext,@function;)
4bbd51
 _gcry_poly1305_amd64_avx2_finish_ext:
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 .Lpoly1305_finish_ext_avx2_local:
4bbd51
 	vzeroupper
4bbd51
 	pushq %rbp
4bbd51
diff -up libgcrypt-1.8.5/cipher/poly1305-sse2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/poly1305-sse2-amd64.S
4bbd51
--- libgcrypt-1.8.5/cipher/poly1305-sse2-amd64.S.intel-cet	2017-11-23 19:16:58.000000000 +0100
4bbd51
+++ libgcrypt-1.8.5/cipher/poly1305-sse2-amd64.S	2020-01-23 15:36:16.787250134 +0100
4bbd51
@@ -42,6 +42,9 @@
4bbd51
 .globl _gcry_poly1305_amd64_sse2_init_ext
4bbd51
 ELF(.type  _gcry_poly1305_amd64_sse2_init_ext,@function;)
4bbd51
 _gcry_poly1305_amd64_sse2_init_ext:
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 .Lpoly1305_init_ext_x86_local:
4bbd51
 	xor %edx, %edx
4bbd51
 	pushq %r12
4bbd51
@@ -288,6 +291,9 @@ ELF(.size _gcry_poly1305_amd64_sse2_init
4bbd51
 .globl _gcry_poly1305_amd64_sse2_finish_ext
4bbd51
 ELF(.type  _gcry_poly1305_amd64_sse2_finish_ext,@function;)
4bbd51
 _gcry_poly1305_amd64_sse2_finish_ext:
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 .Lpoly1305_finish_ext_x86_local:
4bbd51
 	pushq %rbp
4bbd51
 	movq %rsp, %rbp
4bbd51
@@ -439,6 +445,9 @@ ELF(.size _gcry_poly1305_amd64_sse2_fini
4bbd51
 .globl _gcry_poly1305_amd64_sse2_blocks
4bbd51
 ELF(.type  _gcry_poly1305_amd64_sse2_blocks,@function;)
4bbd51
 _gcry_poly1305_amd64_sse2_blocks:
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 .Lpoly1305_blocks_x86_local:
4bbd51
 	pushq %rbp
4bbd51
 	movq %rsp, %rbp
4bbd51
diff -up libgcrypt-1.8.5/cipher/serpent-avx2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/serpent-avx2-amd64.S
4bbd51
--- libgcrypt-1.8.5/cipher/serpent-avx2-amd64.S.intel-cet	2017-11-23 19:16:58.000000000 +0100
4bbd51
+++ libgcrypt-1.8.5/cipher/serpent-avx2-amd64.S	2020-01-23 15:36:44.151972003 +0100
4bbd51
@@ -18,8 +18,9 @@
4bbd51
  * License along with this program; if not, see <http://www.gnu.org/licenses/>.
4bbd51
  */
4bbd51
 
4bbd51
-#ifdef __x86_64
4bbd51
 #include <config.h>
4bbd51
+
4bbd51
+#ifdef __x86_64
4bbd51
 #if (defined(HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS) || \
4bbd51
     defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS)) && defined(USE_SERPENT) && \
4bbd51
     defined(ENABLE_AVX2_SUPPORT)
4bbd51
diff -up libgcrypt-1.8.5/configure.ac.intel-cet libgcrypt-1.8.5/configure.ac
4bbd51
--- libgcrypt-1.8.5/configure.ac.intel-cet	2019-08-29 15:00:08.000000000 +0200
4bbd51
+++ libgcrypt-1.8.5/configure.ac	2020-01-23 15:35:28.147774463 +0100
4bbd51
@@ -95,6 +95,12 @@ AH_TOP([
4bbd51
 AH_BOTTOM([
4bbd51
 #define _GCRYPT_IN_LIBGCRYPT 1
4bbd51
 
4bbd51
+/* Add .note.gnu.property section for Intel CET in assembler sources
4bbd51
+   when CET is enabled.  */
4bbd51
+#if defined(__ASSEMBLER__) && defined(__CET__)
4bbd51
+# include <cet.h>
4bbd51
+#endif
4bbd51
+
4bbd51
 /* If the configure check for endianness has been disabled, get it from
4bbd51
    OS macros.  This is intended for making fat binary builds on OS X.  */
4bbd51
 #ifdef DISABLED_ENDIAN_CHECK
4bbd51
diff -up libgcrypt-1.8.5/mpi/config.links.intel-cet libgcrypt-1.8.5/mpi/config.links
4bbd51
--- libgcrypt-1.8.5/mpi/config.links.intel-cet	2017-11-23 19:16:58.000000000 +0100
4bbd51
+++ libgcrypt-1.8.5/mpi/config.links	2020-01-23 15:35:46.398952954 +0100
4bbd51
@@ -382,6 +382,16 @@ if test x"$mpi_cpu_arch" = x ; then
4bbd51
     mpi_cpu_arch="unknown"
4bbd51
 fi
4bbd51
 
4bbd51
+# Add .note.gnu.property section for Intel CET in assembler sources
4bbd51
+# when CET is enabled.  */
4bbd51
+if test x"$mpi_cpu_arch" = xx86 ; then
4bbd51
+    cat <<EOF >> ./mpi/asm-syntax.h
4bbd51
+
4bbd51
+#if defined(__ASSEMBLER__) && defined(__CET__)
4bbd51
+# include <cet.h>
4bbd51
+#endif
4bbd51
+EOF
4bbd51
+fi
4bbd51
 
4bbd51
 # Make sysdep.h
4bbd51
 echo '/* created by config.links - do not edit */' >./mpi/sysdep.h
4bbd51
diff -up libgcrypt-1.8.5/mpi/i386/mpih-add1.S.intel-cet libgcrypt-1.8.5/mpi/i386/mpih-add1.S
4bbd51
--- libgcrypt-1.8.5/mpi/i386/mpih-add1.S.intel-cet	2017-11-23 19:16:58.000000000 +0100
4bbd51
+++ libgcrypt-1.8.5/mpi/i386/mpih-add1.S	2020-01-23 15:37:40.470175379 +0100
4bbd51
@@ -52,6 +52,10 @@ C_SYMBOL_NAME(_gcry_mpih_add_n:)
4bbd51
 	movl 20(%esp),%edx		/* s2_ptr */
4bbd51
 	movl 24(%esp),%ecx		/* size */
4bbd51
 
4bbd51
+#if defined __CET__ && (__CET__ & 1) != 0
4bbd51
+	pushl	%ebx
4bbd51
+#endif
4bbd51
+
4bbd51
 	movl	%ecx,%eax
4bbd51
 	shrl	$3,%ecx 		/* compute count for unrolled loop */
4bbd51
 	negl	%eax
4bbd51
@@ -63,6 +67,9 @@ C_SYMBOL_NAME(_gcry_mpih_add_n:)
4bbd51
 	subl	%eax,%esi		/* ... by a constant when we ... */
4bbd51
 	subl	%eax,%edx		/* ... enter the loop */
4bbd51
 	shrl	$2,%eax 		/* restore previous value */
4bbd51
+#if defined __CET__ && (__CET__ & 1) != 0
4bbd51
+	leal	-4(,%eax,4),%ebx	/* Count for 4-byte endbr32 */
4bbd51
+#endif
4bbd51
 #ifdef PIC
4bbd51
 /* Calculate start address in loop for PIC.  Due to limitations in some
4bbd51
    assemblers, Loop-L0-3 cannot be put into the leal */
4bbd51
@@ -75,29 +82,53 @@ L0:	leal	(%eax,%eax,8),%eax
4bbd51
 /* Calculate start address in loop for non-PIC.  */
4bbd51
 	leal	(Loop - 3)(%eax,%eax,8),%eax
4bbd51
 #endif
4bbd51
+#if defined __CET__ && (__CET__ & 1) != 0
4bbd51
+	addl	%ebx,%eax		/* Adjust for endbr32 */
4bbd51
+#endif
4bbd51
 	jmp	*%eax			/* jump into loop */
4bbd51
 	ALIGN (3)
4bbd51
 Loop:	movl	(%esi),%eax
4bbd51
 	adcl	(%edx),%eax
4bbd51
 	movl	%eax,(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	4(%esi),%eax
4bbd51
 	adcl	4(%edx),%eax
4bbd51
 	movl	%eax,4(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	8(%esi),%eax
4bbd51
 	adcl	8(%edx),%eax
4bbd51
 	movl	%eax,8(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	12(%esi),%eax
4bbd51
 	adcl	12(%edx),%eax
4bbd51
 	movl	%eax,12(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	16(%esi),%eax
4bbd51
 	adcl	16(%edx),%eax
4bbd51
 	movl	%eax,16(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	20(%esi),%eax
4bbd51
 	adcl	20(%edx),%eax
4bbd51
 	movl	%eax,20(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	24(%esi),%eax
4bbd51
 	adcl	24(%edx),%eax
4bbd51
 	movl	%eax,24(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	28(%esi),%eax
4bbd51
 	adcl	28(%edx),%eax
4bbd51
 	movl	%eax,28(%edi)
4bbd51
@@ -110,6 +141,10 @@ Loop:	movl	(%esi),%eax
4bbd51
 	sbbl	%eax,%eax
4bbd51
 	negl	%eax
4bbd51
 
4bbd51
+#if defined __CET__ && (__CET__ & 1) != 0
4bbd51
+	popl	%ebx
4bbd51
+#endif
4bbd51
+
4bbd51
 	popl %esi
4bbd51
 	popl %edi
4bbd51
 	ret
4bbd51
diff -up libgcrypt-1.8.5/mpi/i386/mpih-sub1.S.intel-cet libgcrypt-1.8.5/mpi/i386/mpih-sub1.S
4bbd51
--- libgcrypt-1.8.5/mpi/i386/mpih-sub1.S.intel-cet	2017-11-23 19:16:58.000000000 +0100
4bbd51
+++ libgcrypt-1.8.5/mpi/i386/mpih-sub1.S	2020-01-23 15:37:40.472175351 +0100
4bbd51
@@ -53,6 +53,10 @@ C_SYMBOL_NAME(_gcry_mpih_sub_n:)
4bbd51
 	movl 20(%esp),%edx		/* s2_ptr */
4bbd51
 	movl 24(%esp),%ecx		/* size */
4bbd51
 
4bbd51
+#if defined __CET__ && (__CET__ & 1) != 0
4bbd51
+	pushl	%ebx
4bbd51
+#endif
4bbd51
+
4bbd51
 	movl	%ecx,%eax
4bbd51
 	shrl	$3,%ecx 		/* compute count for unrolled loop */
4bbd51
 	negl	%eax
4bbd51
@@ -64,6 +68,9 @@ C_SYMBOL_NAME(_gcry_mpih_sub_n:)
4bbd51
 	subl	%eax,%esi		/* ... by a constant when we ... */
4bbd51
 	subl	%eax,%edx		/* ... enter the loop */
4bbd51
 	shrl	$2,%eax 		/* restore previous value */
4bbd51
+#if defined __CET__ && (__CET__ & 1) != 0
4bbd51
+	leal	-4(,%eax,4),%ebx	/* Count for 4-byte endbr32 */
4bbd51
+#endif
4bbd51
 #ifdef PIC
4bbd51
 /* Calculate start address in loop for PIC.  Due to limitations in some
4bbd51
    assemblers, Loop-L0-3 cannot be put into the leal */
4bbd51
@@ -76,29 +83,53 @@ L0:	leal	(%eax,%eax,8),%eax
4bbd51
 /* Calculate start address in loop for non-PIC.  */
4bbd51
 	leal	(Loop - 3)(%eax,%eax,8),%eax
4bbd51
 #endif
4bbd51
+#if defined __CET__ && (__CET__ & 1) != 0
4bbd51
+	addl	%ebx,%eax		/* Adjust for endbr32 */
4bbd51
+#endif
4bbd51
 	jmp	*%eax			/* jump into loop */
4bbd51
 	ALIGN (3)
4bbd51
 Loop:	movl	(%esi),%eax
4bbd51
 	sbbl	(%edx),%eax
4bbd51
 	movl	%eax,(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	4(%esi),%eax
4bbd51
 	sbbl	4(%edx),%eax
4bbd51
 	movl	%eax,4(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	8(%esi),%eax
4bbd51
 	sbbl	8(%edx),%eax
4bbd51
 	movl	%eax,8(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	12(%esi),%eax
4bbd51
 	sbbl	12(%edx),%eax
4bbd51
 	movl	%eax,12(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	16(%esi),%eax
4bbd51
 	sbbl	16(%edx),%eax
4bbd51
 	movl	%eax,16(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	20(%esi),%eax
4bbd51
 	sbbl	20(%edx),%eax
4bbd51
 	movl	%eax,20(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	24(%esi),%eax
4bbd51
 	sbbl	24(%edx),%eax
4bbd51
 	movl	%eax,24(%edi)
4bbd51
+#ifdef _CET_ENDBR
4bbd51
+	_CET_ENDBR
4bbd51
+#endif
4bbd51
 	movl	28(%esi),%eax
4bbd51
 	sbbl	28(%edx),%eax
4bbd51
 	movl	%eax,28(%edi)
4bbd51
@@ -111,6 +142,10 @@ Loop:	movl	(%esi),%eax
4bbd51
 	sbbl	%eax,%eax
4bbd51
 	negl	%eax
4bbd51
 
4bbd51
+#if defined __CET__ && (__CET__ & 1) != 0
4bbd51
+	popl	%ebx
4bbd51
+#endif
4bbd51
+
4bbd51
 	popl %esi
4bbd51
 	popl %edi
4bbd51
 	ret