Blame SOURCES/openssl-1.0.1-beta2-padlock64.patch

a5ef24
diff -up openssl-1.0.1-beta2/engines/e_padlock.c.padlock64 openssl-1.0.1-beta2/engines/e_padlock.c
a5ef24
--- openssl-1.0.1-beta2/engines/e_padlock.c.padlock64	2011-06-21 18:42:15.000000000 +0200
a5ef24
+++ openssl-1.0.1-beta2/engines/e_padlock.c	2012-02-06 20:18:52.039537799 +0100
a5ef24
@@ -101,7 +101,10 @@
a5ef24
    compiler choice is limited to GCC and Microsoft C. */
a5ef24
 #undef COMPILE_HW_PADLOCK
a5ef24
 #if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
a5ef24
-# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
a5ef24
+# if (defined(__GNUC__) && __GNUC__>=2 && \
a5ef24
+	(defined(__i386__) || defined(__i386) || \
a5ef24
+	 defined(__x86_64__) || defined(__x86_64)) \
a5ef24
+     ) || \
a5ef24
      (defined(_MSC_VER) && defined(_M_IX86))
a5ef24
 #  define COMPILE_HW_PADLOCK
a5ef24
 # endif
a5ef24
@@ -137,7 +140,7 @@ void ENGINE_load_padlock (void)
a5ef24
 # endif
a5ef24
 #elif defined(__GNUC__)
a5ef24
 # ifndef alloca
a5ef24
-#  define alloca(s) __builtin_alloca(s)
a5ef24
+#  define alloca(s) __builtin_alloca((s))
a5ef24
 # endif
a5ef24
 #endif
a5ef24
 
a5ef24
@@ -304,6 +307,7 @@ static volatile struct padlock_cipher_da
a5ef24
  * =======================================================
a5ef24
  */
a5ef24
 #if defined(__GNUC__) && __GNUC__>=2
a5ef24
+#if defined(__i386__) || defined(__i386)
a5ef24
 /*
a5ef24
  * As for excessive "push %ebx"/"pop %ebx" found all over.
a5ef24
  * When generating position-independent code GCC won't let
a5ef24
@@ -383,21 +387,6 @@ padlock_available(void)
a5ef24
 	return padlock_use_ace + padlock_use_rng;
a5ef24
 }
a5ef24
 
a5ef24
-#ifndef OPENSSL_NO_AES
a5ef24
-/* Our own htonl()/ntohl() */
a5ef24
-static inline void
a5ef24
-padlock_bswapl(AES_KEY *ks)
a5ef24
-{
a5ef24
-	size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
a5ef24
-	unsigned int *key = ks->rd_key;
a5ef24
-
a5ef24
-	while (i--) {
a5ef24
-		asm volatile ("bswapl %0" : "+r"(*key));
a5ef24
-		key++;
a5ef24
-	}
a5ef24
-}
a5ef24
-#endif
a5ef24
-
a5ef24
 /* Force key reload from memory to the CPU microcode.
a5ef24
    Loading EFLAGS from the stack clears EFLAGS[30] 
a5ef24
    which does the trick. */
a5ef24
@@ -455,12 +444,127 @@ static inline void *name(size_t cnt,		\
a5ef24
 		: "edx", "cc", "memory");	\
a5ef24
 	return iv;				\
a5ef24
 }
a5ef24
+#endif
a5ef24
+
a5ef24
+#elif defined(__x86_64__) || defined(__x86_64)
a5ef24
+
a5ef24
+/* Load supported features of the CPU to see if
a5ef24
+   the PadLock is available. */
a5ef24
+static int
a5ef24
+padlock_available(void)
a5ef24
+{
a5ef24
+	char vendor_string[16];
a5ef24
+	unsigned int eax, edx;
a5ef24
 
a5ef24
+	/* Are we running on the Centaur (VIA) CPU? */
a5ef24
+	eax = 0x00000000;
a5ef24
+	vendor_string[12] = 0;
a5ef24
+	asm volatile (
a5ef24
+		"cpuid\n"
a5ef24
+		"movl	%%ebx,(%1)\n"
a5ef24
+		"movl	%%edx,4(%1)\n"
a5ef24
+		"movl	%%ecx,8(%1)\n"
a5ef24
+		: "+a"(eax) : "r"(vendor_string) : "rbx", "rcx", "rdx");
a5ef24
+	if (strcmp(vendor_string, "CentaurHauls") != 0)
a5ef24
+		return 0;
a5ef24
+
a5ef24
+	/* Check for Centaur Extended Feature Flags presence */
a5ef24
+	eax = 0xC0000000;
a5ef24
+	asm volatile ("cpuid"
a5ef24
+		: "+a"(eax) : : "rbx", "rcx", "rdx");
a5ef24
+	if (eax < 0xC0000001)
a5ef24
+		return 0;
a5ef24
+
a5ef24
+	/* Read the Centaur Extended Feature Flags */
a5ef24
+	eax = 0xC0000001;
a5ef24
+	asm volatile ("cpuid"
a5ef24
+		: "+a"(eax), "=d"(edx) : : "rbx", "rcx");
a5ef24
+
a5ef24
+	/* Fill up some flags */
a5ef24
+	padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
a5ef24
+	padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
a5ef24
+
a5ef24
+	return padlock_use_ace + padlock_use_rng;
a5ef24
+}
a5ef24
+
a5ef24
+/* Force key reload from memory to the CPU microcode.
a5ef24
+   Loading EFLAGS from the stack clears EFLAGS[30] 
a5ef24
+   which does the trick. */
a5ef24
+static inline void
a5ef24
+padlock_reload_key(void)
a5ef24
+{
a5ef24
+	asm volatile ("pushfq; popfq");
a5ef24
+}
a5ef24
+
a5ef24
+#ifndef OPENSSL_NO_AES
a5ef24
+/*
a5ef24
+ * This is heuristic key context tracing. At first one
a5ef24
+ * believes that one should use atomic swap instructions,
a5ef24
+ * but it's not actually necessary. Point is that if
a5ef24
+ * padlock_saved_context was changed by another thread
a5ef24
+ * after we've read it and before we compare it with cdata,
a5ef24
+ * our key *shall* be reloaded upon thread context switch
a5ef24
+ * and we are therefore set in either case...
a5ef24
+ */
a5ef24
+static inline void
a5ef24
+padlock_verify_context(struct padlock_cipher_data *cdata)
a5ef24
+{
a5ef24
+	asm volatile (
a5ef24
+	"pushfq\n"
a5ef24
+"	btl	$30,(%%rsp)\n"
a5ef24
+"	jnc	1f\n"
a5ef24
+"	cmpq	%2,%1\n"
a5ef24
+"	je	1f\n"
a5ef24
+"	popfq\n"
a5ef24
+"	subq	$8,%%rsp\n"
a5ef24
+"1:	addq	$8,%%rsp\n"
a5ef24
+"	movq	%2,%0"
a5ef24
+	:"+m"(padlock_saved_context)
a5ef24
+	: "r"(padlock_saved_context), "r"(cdata) : "cc");
a5ef24
+}
a5ef24
+
a5ef24
+/* Template for padlock_xcrypt_* modes */
a5ef24
+/* BIG FAT WARNING: 
a5ef24
+ * 	The offsets used with 'leal' instructions
a5ef24
+ * 	describe items of the 'padlock_cipher_data'
a5ef24
+ * 	structure.
a5ef24
+ */
a5ef24
+#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt)	\
a5ef24
+static inline void *name(size_t cnt,		\
a5ef24
+	struct padlock_cipher_data *cdata,	\
a5ef24
+	void *out, const void *inp) 		\
a5ef24
+{	void *iv; 				\
a5ef24
+	asm volatile ( "leaq	16(%0),%%rdx\n"	\
a5ef24
+		"	leaq	32(%0),%%rbx\n"	\
a5ef24
+			rep_xcrypt "\n"		\
a5ef24
+		: "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
a5ef24
+		: "0"(cdata), "1"(cnt), "2"(out), "3"(inp)  \
a5ef24
+		: "rbx", "rdx", "cc", "memory");	\
a5ef24
+	return iv;				\
a5ef24
+}
a5ef24
+#endif
a5ef24
+
a5ef24
+#endif	/* cpu */
a5ef24
+
a5ef24
+#ifndef OPENSSL_NO_AES
a5ef24
 /* Generate all functions with appropriate opcodes */
a5ef24
 PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8")	/* rep xcryptecb */
a5ef24
 PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0")	/* rep xcryptcbc */
a5ef24
 PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0")	/* rep xcryptcfb */
a5ef24
 PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8")	/* rep xcryptofb */
a5ef24
+
a5ef24
+/* Our own htonl()/ntohl() */
a5ef24
+static inline void
a5ef24
+padlock_bswapl(AES_KEY *ks)
a5ef24
+{
a5ef24
+	size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
a5ef24
+	unsigned int *key = ks->rd_key;
a5ef24
+
a5ef24
+	while (i--) {
a5ef24
+		asm volatile ("bswapl %0" : "+r"(*key));
a5ef24
+		key++;
a5ef24
+	}
a5ef24
+}
a5ef24
 #endif
a5ef24
 
a5ef24
 /* The RNG call itself */
a5ef24
@@ -491,8 +595,8 @@ padlock_xstore(void *addr, unsigned int
a5ef24
 static inline unsigned char *
a5ef24
 padlock_memcpy(void *dst,const void *src,size_t n)
a5ef24
 {
a5ef24
-	long       *d=dst;
a5ef24
-	const long *s=src;
a5ef24
+	size_t       *d=dst;
a5ef24
+	const size_t *s=src;
a5ef24
 
a5ef24
 	n /= sizeof(*d);
a5ef24
 	do { *d++ = *s++; } while (--n);