From komh78 at gmail.com Mon Apr 2 14:47:20 2012 From: komh78 at gmail.com (KO Myung-Hun) Date: Mon, 02 Apr 2012 21:47:20 +0900 Subject: [PATCH] Add OS/2 entropy gatherer In-Reply-To: <878vimvcth.fsf@vigenere.g10code.de> References: <1331298485-37379-1-git-send-email-komh@chollian.net> <87vclwy7oq.fsf@vigenere.g10code.de> <4F6BFED7.4020400@gmail.com> <87r4wjyah3.fsf@vigenere.g10code.de> <4F6C4749.2050605@gmail.com> <878vimvcth.fsf@vigenere.g10code.de> Message-ID: <4F799FD8.8040904@chollian.net> Werner Koch wrote: > On Fri, 23 Mar 2012 10:50, komh78 at gmail.com said: > > >> And I'm using master. Am I wrong ? >> > Fine. I applied your patch to the OS2-BRANCH. I also added a note to > the README file telling that this is an unofficial port. If you have > further patches, please send them to the list (if they are small <40KB > or so) or larger ones directly to me. > > Despite that the unofficial state, I suggest to follow the suggestion on > how to write commit log messages from doc/HACKING. > I attach the patch whose commit log message is modified in according to doc/HACKING. -- KO Myung-Hun Using Mozilla SeaMonkey 2.0.14 Under OS/2 Warp 4 for Korean with FixPak #15 On AMD ThunderBird 1GHz with 512 MB RAM Korean OS/2 User Community : http://www.ecomstation.co.kr -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: 0001-Add-OS-2-entropy-gatherer.patch URL: From wk at gnupg.org Wed Apr 4 16:51:31 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 04 Apr 2012 16:51:31 +0200 Subject: There is *no* W64 support yet for Libgcrypt! Message-ID: <87obr7ft3g.fsf@vigenere.g10code.de> Hi! Some folks are trying to build Libgcrypt for Windows 64 bit. Let me state it clearly: W64 IS NOT YET SUPPORTED You may run in all kinds of problems, the worst of it being the lack of a serious entropy gathering module. The rndw32.c module some may use is not appropriate for w64! Annoying CERTs with that is not a good idea, either. Simply throwing a compiler on some software on a new platform may result in a runable binary - but there is no guarantee that it will work as expected. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Wed Apr 4 17:26:43 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 04 Apr 2012 17:26:43 +0200 Subject: [PATCH] Add OS/2 entropy gatherer In-Reply-To: <4F799FD8.8040904@chollian.net> (KO Myung-Hun's message of "Mon, 02 Apr 2012 21:47:20 +0900") References: <1331298485-37379-1-git-send-email-komh@chollian.net> <87vclwy7oq.fsf@vigenere.g10code.de> <4F6BFED7.4020400@gmail.com> <87r4wjyah3.fsf@vigenere.g10code.de> <4F6C4749.2050605@gmail.com> <878vimvcth.fsf@vigenere.g10code.de> <4F799FD8.8040904@chollian.net> Message-ID: <87fwcjfrgs.fsf@vigenere.g10code.de> On Mon, 2 Apr 2012 14:47, komh78 at gmail.com said: > I attach the patch whose commit log message is modified in according to > doc/HACKING. Well, too late: it has already been committed. FWIW, The correct format would have been: * configure.ac: Add OS/2 entropy gatherer support. * doc/Makefile.am: Append $(EXEEXT) to the executable. * random/rand-internal.h (_gcry_rndos2_gather_random): New. * random/random-csprng.c (getfnc_gather_random): Add OS/2 entropy gatherer function, _gcry_rndos2_gather_random. * random/rndos2.c: New file. Implementation of OS/2 entropy gatherer. * src/hmac256.c: Include io.h (main): Set stdout to binary mode if needed. * test/fipsdrv.c: Include io.h and fcntl.h. The asterisks are required by the ChnageLog format. If you use Emacs and Magit, a 'C' in the diff listing inserts a template with filename etc. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From vincent.torri at gmail.com Wed Apr 4 18:04:59 2012 From: vincent.torri at gmail.com (Vincent Torri) Date: Wed, 4 Apr 2012 18:04:59 +0200 Subject: There is *no* W64 support yet for Libgcrypt! In-Reply-To: <87obr7ft3g.fsf@vigenere.g10code.de> References: <87obr7ft3g.fsf@vigenere.g10code.de> Message-ID: On Wed, Apr 4, 2012 at 4:51 PM, Werner Koch wrote: > Hi! > > Some folks are trying to build Libgcrypt for Windows 64 bit. ?Let me > state it clearly: > > ? ? ? ? ? ? ? ? ? ? ? ?W64 IS NOT YET SUPPORTED > > You may run in all kinds of problems, the worst of it being the lack of > a serious entropy gathering module. ?The rndw32.c module some may use is > not appropriate for w64! ?Annoying CERTs with that is not a good idea, > either. > > Simply throwing a compiler on some software on a new platform may result > in a runable binary - but there is no guarantee that it will work as > expected. and is there some w64 work in progress currently ? Vincent Torri From wk at gnupg.org Fri Apr 6 17:21:14 2012 From: wk at gnupg.org (Werner Koch) Date: Fri, 06 Apr 2012 17:21:14 +0200 Subject: There is *no* W64 support yet for Libgcrypt! In-Reply-To: (Vincent Torri's message of "Wed, 4 Apr 2012 18:04:59 +0200") References: <87obr7ft3g.fsf@vigenere.g10code.de> Message-ID: <87bon4c2dx.fsf@vigenere.g10code.de> On Wed, 4 Apr 2012 18:04, vincent.torri at gmail.com said: > and is there some w64 work in progress currently ? No. There is no real advantage of having a 64 bit version of GnuPG as long as Windows runs 32 bit just fine. The only thing we have on our list is to port GpgEX (the file explorer extension) to 64 bit, because the 32 bit version does not work with the 64 bit file explorer. If a 64 bit version of Libgcrypt is required we need to get financial support first. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From vincent.torri at gmail.com Fri Apr 6 17:34:58 2012 From: vincent.torri at gmail.com (Vincent Torri) Date: Fri, 6 Apr 2012 17:34:58 +0200 Subject: There is *no* W64 support yet for Libgcrypt! In-Reply-To: <87bon4c2dx.fsf@vigenere.g10code.de> References: <87obr7ft3g.fsf@vigenere.g10code.de> <87bon4c2dx.fsf@vigenere.g10code.de> Message-ID: On Fri, Apr 6, 2012 at 5:21 PM, Werner Koch wrote: > On Wed, ?4 Apr 2012 18:04, vincent.torri at gmail.com said: > >> and is there some w64 work in progress ?currently ? > > No. ?There is no real advantage of having a 64 bit version of GnuPG as > long as Windows runs 32 bit just fine. ok. so compiling gpg-error and libgcrypt in 32bits runs correctly on Win64 thanks Vincent Torri From fnord.hammer at gmail.com Fri Apr 6 17:34:45 2012 From: fnord.hammer at gmail.com (Kant) Date: Fri, 6 Apr 2012 17:34:45 +0200 Subject: grcypt.h should use __alloc_size__ attribute. Message-ID: http://gcc.gnu.org/onlinedocs/gcc-4.7.0/gcc/Function-Attributes.html#Function-Attributes i.e #define _GCRY_GCC_ATTR_ALLOC_SIZE(params) __attribute__ ((__alloc_size__ params)) void *gcry_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC _GCRY_GCC_ATTR_ALLOC_SIZE ((1)); and so on. From wk at gnupg.org Sun Apr 8 21:16:36 2012 From: wk at gnupg.org (Werner Koch) Date: Sun, 08 Apr 2012 21:16:36 +0200 Subject: grcypt.h should use __alloc_size__ attribute. In-Reply-To: (Kant's message of "Fri, 6 Apr 2012 17:34:45 +0200") References: Message-ID: <87r4vy825n.fsf@vigenere.g10code.de> On Fri, 6 Apr 2012 17:34, fnord.hammer at gmail.com said: > void *gcry_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC > _GCRY_GCC_ATTR_ALLOC_SIZE ((1)); I am not sure whether this is a good idea. The actually allocated object may be larger than something allocated by malloc. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From funman at videolan.org Wed Apr 11 06:20:14 2012 From: funman at videolan.org (=?UTF-8?q?Rafa=C3=ABl=20Carr=C3=A9?=) Date: Wed, 11 Apr 2012 00:20:14 -0400 Subject: [PATCH] Enable VIA Padlock on x86_64 platforms Message-ID: <1334118014-28666-1-git-send-email-funman@videolan.org> Convert existing 32bits asm to 64bits: - *l -> *q (long->quad) - e** registers -> r** registers - don't mess with ebx GOT register Tested with make check on VIA Nano X2 L4350 --- Note: make check actually fails, but it's not a regression from 32 bits, where that test fails with the exact same output. % ./tests/basic aes-ctr, encrypt mismatch entry 0:0 expected: 87 4d 61 91 b6 20 e3 26 1b ef 68 64 99 0d b6 ce computed: 68 b1 c5 2b a6 00 3d e7 be 60 08 ad 1b f8 7c c0 aes-ctr, encrypt mismatch entry 0:1 expected: 98 06 f6 6b 79 70 fd ff 86 17 18 7b b9 ff fd ff computed: 2b 2d 2c db 8c 5b d3 ee d1 57 79 37 9d 09 10 ed aes-ctr, encrypt mismatch entry 0:2 expected: 5a e4 df 3e db d5 d3 5e 5b 4f 09 02 0d b0 3e ab computed: 39 1e cc a8 f9 d0 62 bf 4c 60 4b 82 1d 8e 32 90 aes-ctr, encrypt mismatch entry 0:3 expected: 1e 03 1d da 2f be 03 d1 79 21 70 a0 f3 00 9c ee computed: fb 7d c4 ce 68 9e 5d dc 74 32 1a 71 35 8a cf 49 aes-ctr, encrypt mismatch entry 3:0 expected: 87 4d 61 91 b6 20 e3 26 1b ef 68 64 99 0d b6 ce computed: 68 b1 c5 2b a6 00 3d e7 be 60 08 ad 1b f8 7c c0 aes-ctr, encrypt mismatch entry 4:0 expected: 87 4d 61 91 b6 20 e3 26 1b ef 68 64 99 0d b6 ce computed: 68 b1 c5 2b a6 00 3d e7 be 60 08 ad 1b f8 7c c0 aes-ctr, encrypt mismatch entry 7:0 expected: 87 4d 61 91 b6 20 e3 26 1b ef 68 64 99 0d b6 ce computed: 68 b1 c5 2b a6 00 3d e7 be 60 08 ad 1b f8 7c c0 aes-ctr, encrypt mismatch entry 7:2 expected: ff 5a e4 df 3e db d5 d3 5e 5b 4f 09 02 0d b0 3e ab computed: ff 39 1e cc a8 f9 d0 62 bf 4c 60 4b 82 1d 8e 32 90 aes-ctr, encrypt mismatch entry 7:3 expected: 1e 03 1d da 2f be 03 d1 79 21 70 a0 f3 00 9c ee computed: fb 7d c4 ce 68 9e 5d dc 74 32 1a 71 35 8a cf 49 encrypt mismatch (algo 7, mode 6) cipher/rijndael.c | 21 +++++++++--- random/rndhw.c | 13 ++++++- src/hwfeatures.c | 97 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 125 insertions(+), 6 deletions(-) diff --git a/cipher/rijndael.c b/cipher/rijndael.c index 2df8ea9..c2e0a77 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -63,7 +63,7 @@ code. */ #undef USE_PADLOCK #ifdef ENABLE_PADLOCK_SUPPORT -# if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) +# if ( ( defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 ) || defined(__x86_64__) ) && defined (__GNUC__) # define USE_PADLOCK 1 # endif #endif /*ENABLE_PADLOCK_SUPPORT*/ @@ -663,17 +663,28 @@ do_padlock (const RIJNDAEL_context *ctx, int decrypt_flag, memcpy (a, ax, 16); + int blocks = 1; /* Init counter for just one block. */ +#ifdef __x86_64__ + asm volatile + ("pushfq\n\t" /* Force key reload. */ + "popfq\n\t" + ".byte 0xf3, 0x0f, 0xa7, 0xc8\n\t" /* REP XCRYPT ECB. */ + : /* No output */ + : "S" (a), "D" (b), "d" (cword), "b" (ctx->padlockkey), "c" (blocks) + : "cc", "memory" + ); +#else asm volatile ("pushfl\n\t" /* Force key reload. */ "popfl\n\t" "xchg %3, %%ebx\n\t" /* Load key. */ - "movl $1, %%ecx\n\t" /* Init counter for just one block. */ - ".byte 0xf3, 0x0f, 0xa7, 0xc8\n\t" /* REP XSTORE ECB. */ + ".byte 0xf3, 0x0f, 0xa7, 0xc8\n\t" /* REP XCRYPT ECB. */ "xchg %3, %%ebx\n" /* Restore GOT register. */ : /* No output */ - : "S" (a), "D" (b), "d" (cword), "r" (ctx->padlockkey) - : "%ecx", "cc", "memory" + : "S" (a), "D" (b), "d" (cword), "r" (ctx->padlockkey), "c" (blocks) + : "cc", "memory" ); +#endif memcpy (bx, b, 16); diff --git a/random/rndhw.c b/random/rndhw.c index 82faab4..c933cf9 100644 --- a/random/rndhw.c +++ b/random/rndhw.c @@ -27,7 +27,7 @@ #undef USE_PADLOCK #ifdef ENABLE_PADLOCK_SUPPORT -# if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) +# if ( (defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4) || defined(__x86_64__) ) && defined (__GNUC__) # define USE_PADLOCK # endif #endif /*ENABLE_PADLOCK_SUPPORT*/ @@ -55,6 +55,16 @@ poll_padlock (void (*add)(const void*, size_t, enum random_origins), nbytes = 0; while (nbytes < 64) { +#ifdef __x86_64__ + asm volatile + ("movq %1, %%rdi\n\t" /* Set buffer. */ + "xorq %%rdx, %%rdx\n\t" /* Request up to 8 bytes. */ + ".byte 0x0f, 0xa7, 0xc0\n\t" /* XSTORE RNG. */ + : "=a" (status) + : "g" (p) + : "%rdx", "%rdi", "cc" + ); +#else asm volatile ("movl %1, %%edi\n\t" /* Set buffer. */ "xorl %%edx, %%edx\n\t" /* Request up to 8 bytes. */ @@ -63,6 +73,7 @@ poll_padlock (void (*add)(const void*, size_t, enum random_origins), : "g" (p) : "%edx", "%edi", "cc" ); +#endif if ((status & (1<<6)) /* RNG still enabled. */ && !(status & (1<<13)) /* von Neumann corrector is enabled. */ && !(status & (1<<14)) /* String filter is disabled. */ diff --git a/src/hwfeatures.c b/src/hwfeatures.c index c356798..73db917 100644 --- a/src/hwfeatures.c +++ b/src/hwfeatures.c @@ -40,6 +40,99 @@ _gcry_get_hw_features (void) } +#if defined (__x86_64__) && defined (__GNUC__) +static void +detect_x86_64_gnuc (void) +{ + /* The code here is only useful for the PadLock engine thus we don't + build it if that support has been disabled. */ + char vendor_id[12+1]; + + asm volatile + ("xorl %%eax, %%eax\n\t" /* 0 -> EAX. */ + "cpuid\n\t" /* Get vendor ID. */ + "movl %%ebx, (%0)\n\t" /* EBX,EDX,ECX -> VENDOR_ID. */ + "movl %%edx, 4(%0)\n\t" + "movl %%ecx, 8(%0)\n\t" + : + : "S" (&vendor_id[0]) + : "%eax", "%ecx", "%edx", "cc" + ); + vendor_id[12] = 0; + + if (0) + ; /* Just to make "else if" and ifdef macros look pretty. */ +#ifdef ENABLE_PADLOCK_SUPPORT + else if (!strcmp (vendor_id, "CentaurHauls")) + { + /* This is a VIA CPU. Check what PadLock features we have. */ + asm volatile + ("movl $0xC0000000, %%eax\n\t" /* Check for extended centaur */ + "cpuid\n\t" /* feature flags. */ + "cmpl $0xC0000001, %%eax\n\t" + "jb .Lready%=\n\t" /* EAX < 0xC0000000 => no padlock. */ + + "movl $0xC0000001, %%eax\n\t" /* Ask for the extended */ + "cpuid\n\t" /* feature flags. */ + + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0x0C, %%eax\n\t" /* Test bits 2 and 3 to see whether */ + "cmpl $0x0C, %%eax\n\t" /* the RNG exists and is enabled. */ + "jnz .Lno_rng%=\n\t" + "orl $1, %0\n" /* Set our HWF_PADLOCK_RNG bit. */ + + ".Lno_rng%=:\n\t" + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0xC0, %%eax\n\t" /* Test bits 6 and 7 to see whether */ + "cmpl $0xC0, %%eax\n\t" /* the ACE exists and is enabled. */ + "jnz .Lno_ace%=\n\t" + "orl $2, %0\n" /* Set our HWF_PADLOCK_AES bit. */ + + ".Lno_ace%=:\n\t" + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0xC00, %%eax\n\t" /* Test bits 10, 11 to see whether */ + "cmpl $0xC00, %%eax\n\t" /* the PHE exists and is enabled. */ + "jnz .Lno_phe%=\n\t" + "orl $4, %0\n" /* Set our HWF_PADLOCK_SHA bit. */ + + ".Lno_phe%=:\n\t" + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0x3000, %%eax\n\t" /* Test bits 12, 13 to see whether */ + "cmpl $0x3000, %%eax\n\t" /* MONTMUL exists and is enabled. */ + "jnz .Lready%=\n\t" + "orl $8, %0\n" /* Set our HWF_PADLOCK_MMUL bit. */ + + ".Lready%=:\n" + : "+r" (hw_features) + : + : "%eax", "%edx", "cc" + ); + } +#endif /*ENABLE_PADLOCK_SUPPORT*/ + else if (!strcmp (vendor_id, "GenuineIntel")) + { + /* This is an Intel CPU. */ + asm volatile + ("movl $1, %%eax\n\t" /* Get CPU info and feature flags. */ + "cpuid\n" + "testl $0x02000000, %%ecx\n\t" /* Test bit 25. */ + "jz .Lno_aes%=\n\t" /* No AES support. */ + "orl $256, %0\n" /* Set our HWF_INTEL_AES bit. */ + + ".Lno_aes%=:\n" + : "+r" (hw_features) + : + : "%eax", "%ecx", "%edx", "cc" + ); + } + else if (!strcmp (vendor_id, "AuthenticAMD")) + { + /* This is an AMD CPU. */ + + } +} +#endif /* __x86_64__ && __GNUC__ */ + #if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) static void detect_ia32_gnuc (void) @@ -186,6 +279,10 @@ _gcry_detect_hw_features (unsigned int disabled_features) #elif defined (__i386__) && SIZEOF_UNSIGNED_LONG == 8 #ifdef __GNUC__ #endif +#elif defined (__x86_64__) +#ifdef __GNUC__ + detect_x86_64_gnuc (); +#endif #endif hw_features &= ~disabled_features; -- 1.7.9.1 From funman at videolan.org Wed Apr 11 06:43:34 2012 From: funman at videolan.org (=?ISO-8859-1?Q?Rafa=EBl_Carr=E9?=) Date: Wed, 11 Apr 2012 00:43:34 -0400 Subject: There is *no* W64 support yet for Libgcrypt! In-Reply-To: <87obr7ft3g.fsf@vigenere.g10code.de> References: <87obr7ft3g.fsf@vigenere.g10code.de> Message-ID: <4F850BF6.8030002@videolan.org> Hello, Le 2012-04-04 10:51, Werner Koch a ?crit : > Hi! > > Some folks are trying to build Libgcrypt for Windows 64 bit. We are distributing (experimental) VLC binaries using libgcrypt: http://download.videolan.org/pub/videolan/vlc/2.0.1/win64/ > Let me > state it clearly: > > W64 IS NOT YET SUPPORTED > > You may run in all kinds of problems, For example lack of assembly code (win64 has different calling conventions from other x86_64 operating systems). > the worst of it being the lack of > a serious entropy gathering module. The rndw32.c module some may use is > not appropriate for w64! Can you clarify what is wrong with libgcrypt/random/rndw32.c ? Advapi32.dll is still present on Win64, are you aware of other changes which make the code written for Win32 not suitable for Win64? > Annoying CERTs with that is not a good idea, either. > > Simply throwing a compiler on some software on a new platform may result > in a runable binary - but there is no guarantee that it will work as > expected. > > > Shalom-Salam, > > Werner > From wk at gnupg.org Wed Apr 11 10:14:10 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 11 Apr 2012 10:14:10 +0200 Subject: There is *no* W64 support yet for Libgcrypt! In-Reply-To: <4F850BF6.8030002@videolan.org> (=?utf-8?Q?=22Rafa=C3=ABl_Car?= =?utf-8?Q?r=C3=A9=22's?= message of "Wed, 11 Apr 2012 00:43:34 -0400") References: <87obr7ft3g.fsf@vigenere.g10code.de> <4F850BF6.8030002@videolan.org> Message-ID: <871unu65yl.fsf@vigenere.g10code.de> On Wed, 11 Apr 2012 06:43, funman at videolan.org said: > We are distributing (experimental) VLC binaries using libgcrypt: > http://download.videolan.org/pub/videolan/vlc/2.0.1/win64/ Don't do this! In case this is used to create permanent keys or even used to sign using DLP type keys (DSA); I suggest that you send out a note that those keys should be revoked. > Can you clarify what is wrong with libgcrypt/random/rndw32.c ? The entropy gathering stuff is black magic and we need to see whether the collected data on W64 is up to our expectations. I have seen reports that the collected entropy is very bad. As a quick fix you may write your own rndw64 solely based on Windows Crypto RNG functions; See init_system_rng et al. If you want to do more, checkout how it has been done in cryptlib. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Wed Apr 11 10:18:21 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 11 Apr 2012 10:18:21 +0200 Subject: [PATCH] Enable VIA Padlock on x86_64 platforms In-Reply-To: <1334118014-28666-1-git-send-email-funman@videolan.org> (=?utf-8?Q?=22Rafa=C3=ABl=09Carr=C3=A9=22's?= message of "Wed, 11 Apr 2012 00:20:14 -0400") References: <1334118014-28666-1-git-send-email-funman@videolan.org> Message-ID: <87wr5m4r76.fsf@vigenere.g10code.de> On Wed, 11 Apr 2012 06:20, funman at videolan.org said: > Note: make check actually fails, but it's not a regression from 32 bits, > where that test fails with the exact same output. Does that mean, there is a regression in Libgcrypt if a newer 32 bit VIA CPU is used? On what OS platform? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From funman at videolan.org Wed Apr 11 13:03:27 2012 From: funman at videolan.org (=?ISO-8859-1?Q?Rafa=EBl_Carr=E9?=) Date: Wed, 11 Apr 2012 07:03:27 -0400 Subject: [PATCH] Enable VIA Padlock on x86_64 platforms In-Reply-To: <87wr5m4r76.fsf@vigenere.g10code.de> References: <1334118014-28666-1-git-send-email-funman@videolan.org> <87wr5m4r76.fsf@vigenere.g10code.de> Message-ID: <4F8564FF.2020203@videolan.org> Le 2012-04-11 04:18, Werner Koch a ?crit : > On Wed, 11 Apr 2012 06:20, funman at videolan.org said: > >> Note: make check actually fails, but it's not a regression from 32 bits, >> where that test fails with the exact same output. > > Does that mean, there is a regression in Libgcrypt if a newer 32 bit VIA > CPU is used? I would not know, I don't own another (older) VIA CPU. > On what OS platform? Linux x86_64 (Ubuntu 12.04) I noticed the test fails only with GCRY_CIPHER_MODE_CTR. After starting to understand what is this mode, I noticed it also failed on 32 bits and just gave up on it, hoping that someone (the padlock code author?) could explain it. Do you happen to have a VIA CPU on which libgcrypt was fully tested around? If it fails with a recent version of libgcrypt too I could bisect the bug. > Salam-Shalom, > > Werner From wk at gnupg.org Thu Apr 12 11:49:04 2012 From: wk at gnupg.org (Werner Koch) Date: Thu, 12 Apr 2012 11:49:04 +0200 Subject: Relaxing the need for copyright assignments Message-ID: <87sjg91drj.fsf@vigenere.g10code.de> Hi! Nowadays we have wealth of crypto libraries available. It is often easier to contribute to them than to Libgcrypt. The copyright assignments required for Libgcrypt turned out to be a major hassle and thus I plan to relax the rules. What do you think of this: Libgcrypt is currently licensed under the LGPLv2+ with tools and the manual being under the GPLv2+. We may eventually update to a newer version of the license or a combination of them. It is thus important, that all contributed code allows for an update of the license; thus we can't accept any code under the LGPLv2(only). We used to have a strict policy of requiring copyright assignments to the FSF. To avoid this major organizational overhead and to allow inclusion of code, not copyrighted by the FSF, this policy has been relaxed. It is now also possible to contribute code by asserting that the contribution is in accordance to the "Libgcrypt Developer's Certificate of Origin" as found in the file "doc/DCO". (Except for a slight wording change, this DCO is identical to the one used by the Linux kernel.) If your want to contribute code (or documentation) to Libgcrypt and you didn't signed a copyright assignment with the FSF in the past, you need to take these simple steps: - Decide which mail address you want to use. Please have your real name in the address and not a pseudonym. Anonymous contributions can only be done if you find a proxy who certifies for you. - If your employer or school might claim ownership of code written by you; you need to talk to them to make sure that you have the right to contribute under the DCO. - Send a mail to the gcrypt-devel at gnupg.org mailing list from that mail address. Include a copy of the DCO as found in the official master branch. Insert your name and email address into the DCO in the same way you want to use it later. For example: Signed-off-by: Joe R. Hacker If you really need it, you may perform simple transformations of the mail address: Replacing "@" by " at ", "." by " dot ". - That's it. From now on you only need to add a "Signed-off-by:" line with your name and mail address to the commit message. The DCO is Libgcrypt Developer's Certificate of Origin. Version 1.0 ========================================================= By making a contribution to the Libgcrypt project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the free software license indicated in the file; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate free software license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same free software license (unless I am permitted to submit under a different license), as indicated in the file; or (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the free software license(s) involved. Signed-off-by: [Your name and mail address] I pondered with the idea of requiring OpenPGP signed statements but rejected it. They don't gain much unless we want to establish another complicated procedure to check the trustworthiness of the key. Even if we would do so, we will have no way to check the provenience of the submitted code. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Thu Apr 12 12:23:29 2012 From: wk at gnupg.org (Werner Koch) Date: Thu, 12 Apr 2012 12:23:29 +0200 Subject: [PATCH] Enable VIA Padlock on x86_64 platforms In-Reply-To: <4F8564FF.2020203@videolan.org> (=?utf-8?Q?=22Rafa=C3=ABl_Car?= =?utf-8?Q?r=C3=A9=22's?= message of "Wed, 11 Apr 2012 07:03:27 -0400") References: <1334118014-28666-1-git-send-email-funman@videolan.org> <87wr5m4r76.fsf@vigenere.g10code.de> <4F8564FF.2020203@videolan.org> Message-ID: <87lim11c66.fsf@vigenere.g10code.de> On Wed, 11 Apr 2012 13:03, funman at videolan.org said: > After starting to understand what is this mode, I noticed it also failed > on 32 bits and just gave up on it, hoping that someone (the padlock code > author?) could explain it. That's me. It can't be specific to the padlock code because the _gcry_aes_ctr_enc diverts only for AESNI; the default code path is used by all other CPUs. > Do you happen to have a VIA CPU on which libgcrypt was fully tested around? I don't think so, back then I used Niko's settop box remotely. The GCC compile farm has no VIA cpu. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From simon at josefsson.org Thu Apr 12 12:12:01 2012 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 12 Apr 2012 12:12:01 +0200 Subject: Relaxing the need for copyright assignments In-Reply-To: <87sjg91drj.fsf@vigenere.g10code.de> (Werner Koch's message of "Thu, 12 Apr 2012 11:49:04 +0200") References: <87sjg91drj.fsf@vigenere.g10code.de> Message-ID: <878vi1p8cu.fsf@latte.josefsson.org> Werner Koch writes: > Hi! > > Nowadays we have wealth of crypto libraries available. It is often > easier to contribute to them than to Libgcrypt. The copyright > assignments required for Libgcrypt turned out to be a major hassle and > thus I plan to relax the rules. > > What do you think of this: +1 > Libgcrypt is currently licensed under the LGPLv2+ with tools and > the manual being under the GPLv2+. We may eventually update to a > newer version of the license or a combination of them. It is thus > important, that all contributed code allows for an update of the > license; thus we can't accept any code under the LGPLv2(only). I think GPLv3+ for tools and and either GPLv3+ or GFDLv1.2+ for the manual is fine too. > I pondered with the idea of requiring OpenPGP signed statements but > rejected it. They don't gain much unless we want to establish another > complicated procedure to check the trustworthiness of the key. Even if > we would do so, we will have no way to check the provenience of the > submitted code. Couldn't you recommend OpenPGP signed statements, at least? /Simon From phcoder at gmail.com Thu Apr 12 12:01:36 2012 From: phcoder at gmail.com (=?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?=) Date: Thu, 12 Apr 2012 12:01:36 +0200 Subject: Relaxing the need for copyright assignments In-Reply-To: <87sjg91drj.fsf@vigenere.g10code.de> References: <87sjg91drj.fsf@vigenere.g10code.de> Message-ID: <4F86A800.9000704@gmail.com> On 12.04.2012 11:49, Werner Koch wrote: > license; thus we can't accept any code under the LGPLv2(only). LGPLv2-only is compatible with GPLv2+ and GPLv3+: See: http://www.gnu.org/licenses/gpl-faq.html#AllCompatibility > I pondered with the idea of requiring OpenPGP signed statements but rejected it. They don't gain much unless we want to establish another complicated procedure to check the trustworthiness of the key. Even if we would do so, we will have no way to check the provenience of the submitted code. This could allow to check that noone attempts to impersonate an already known contributor. While legally having almost no effect it may have other advantages like enhancing code trustworthiness if it comes from well-known contributor but it doesn't replace the code review. -- Regards Vladimir '?-coder/phcoder' Serbinenko -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 294 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Thu Apr 12 15:12:06 2012 From: wk at gnupg.org (Werner Koch) Date: Thu, 12 Apr 2012 15:12:06 +0200 Subject: Relaxing the need for copyright assignments In-Reply-To: <878vi1p8cu.fsf@latte.josefsson.org> (Simon Josefsson's message of "Thu, 12 Apr 2012 12:12:01 +0200") References: <87sjg91drj.fsf@vigenere.g10code.de> <878vi1p8cu.fsf@latte.josefsson.org> Message-ID: <874nsp14d5.fsf@vigenere.g10code.de> On Thu, 12 Apr 2012 12:12, simon at josefsson.org said: > I think GPLv3+ for tools and and either GPLv3+ or GFDLv1.2+ for the > manual is fine too. Sure, I have simply not come around to change it. > Couldn't you recommend OpenPGP signed statements, at least? Okay. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Thu Apr 12 15:20:19 2012 From: wk at gnupg.org (Werner Koch) Date: Thu, 12 Apr 2012 15:20:19 +0200 Subject: Relaxing the need for copyright assignments In-Reply-To: <4F86A800.9000704@gmail.com> ("Vladimir =?utf-8?Q?'=CF=86-cod?= =?utf-8?Q?er=2Fphcoder'?= Serbinenko"'s message of "Thu, 12 Apr 2012 12:01:36 +0200") References: <87sjg91drj.fsf@vigenere.g10code.de> <4F86A800.9000704@gmail.com> Message-ID: <87zkahytm4.fsf@vigenere.g10code.de> On Thu, 12 Apr 2012 12:01, phcoder at gmail.com said: > On 12.04.2012 11:49, Werner Koch wrote: >> license; thus we can't accept any code under the LGPLv2(only). > LGPLv2-only is compatible with GPLv2+ and GPLv3+: Yes, it is compatible, but it would inhibit us to change to LGPLv3. > This could allow to check that noone attempts to impersonate an already > known contributor. While legally having almost no effect it may have Yes, sure. However if you start to implement something like this, you end up writing a policy, implement checks and do all other kind of security business. And that only to have a little bit of trust in the provenience of the code. For example I rarely check signatures; the context of a discussion is much more relevant to me. > other advantages like enhancing code trustworthiness if it comes from > well-known contributor but it doesn't replace the code review. What about a suggestion to send signed patches? This would be a diversion from the Linux rules but I don't have a problem do handle signed mails. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From tm at t8m.info Mon Apr 16 12:14:10 2012 From: tm at t8m.info (Tomas Mraz) Date: Mon, 16 Apr 2012 12:14:10 +0200 Subject: DCO signature Message-ID: <1334571250.5056.52.camel@vespa.frost.loc> Libgcrypt Developer's Certificate of Origin. Version 1.0 ========================================================= By making a contribution to the Libgcrypt project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the free software license indicated in the file; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate free software license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same free software license (unless I am permitted to submit under a different license), as indicated in the file; or (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the free software license(s) involved. Signed-off-by: Tom?? Mr?z -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From funman at videolan.org Thu Apr 19 18:22:11 2012 From: funman at videolan.org (=?ISO-8859-1?Q?Rafa=EBl_Carr=E9?=) Date: Thu, 19 Apr 2012 12:22:11 -0400 Subject: [PATCH] Enable VIA Padlock on x86_64 platforms In-Reply-To: <87lim11c66.fsf@vigenere.g10code.de> References: <1334118014-28666-1-git-send-email-funman@videolan.org> <87wr5m4r76.fsf@vigenere.g10code.de> <4F8564FF.2020203@videolan.org> <87lim11c66.fsf@vigenere.g10code.de> Message-ID: <4F903BB3.2040800@videolan.org> Le 2012-04-12 06:23, Werner Koch a ?crit : > On Wed, 11 Apr 2012 13:03, funman at videolan.org said: > >> After starting to understand what is this mode, I noticed it also failed >> on 32 bits and just gave up on it, hoping that someone (the padlock code >> author?) could explain it. > > That's me. It can't be specific to the padlock code because the > _gcry_aes_ctr_enc diverts only for AESNI; the default code path is used > by all other CPUs. I tried the test suite on your commit introducing PADLOCK code and it worked, so I spent some time bisecting: 2674140cdfdc59ce5ad0238177da1542f5df6e00 is the first bad commit commit 2674140cdfdc59ce5ad0238177da1542f5df6e00 Author: Werner Koch Date: Tue Feb 22 16:08:13 2011 +0100 Use AES-NI insns for CTR mode. That really boosts the performance of CTR. :100644 100644 ffbdc840c4f74f2866b3179aab232b93ef28dc8a 979ad403e920229d48417e0e41cf3ebf5e9dede0 M NEWS :040000 040000 c7ae1843e27728fcb5e7e54d771b68e665fbd822 af64d30472d52e93bad24ca16b2f45205e90340a M cipher :100644 100644 a28ea8383ce4b86b7f19aa649143361457d7a640 013ff3af4279e36ed3021e7f6d4b679eabc77bfe M configure.ac :040000 040000 23af7cde7dcf6806caa4a907dc6bdb0addaa910f e027fe7032c7752a94369e34d6736c6734410ceb M src I could fix the test suite with the following diff: diff --git a/cipher/rijndael.c b/cipher/rijndael.c index 2df8ea9..c7320a4 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -282,7 +282,7 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen) if (0) ; #ifdef USE_PADLOCK - else if (ctx->use_padlock) + else if (0 && ctx->use_padlock) { /* Nothing to do as we support only hardware key generation for now. */ I believe the correct fix would be to use the padlock for all cipher modes. Is there a reason why it's not used for CTR? With this one-liner, the test suite now passes in both 32bits and 64bits with the patch I previously sent, so I'm resending that one again with a Signed-off-by. Btw, thanks for relaxing the requirement on a copyright assignement, I was already preparing my defense that this code was not mine but instead a mere copy of 32bits asm code with non-copyrightable very small and obvious changes. From funman at videolan.org Thu Apr 19 18:22:31 2012 From: funman at videolan.org (=?UTF-8?q?Rafa=C3=ABl=20Carr=C3=A9?=) Date: Thu, 19 Apr 2012 12:22:31 -0400 Subject: [PATCH] Enable VIA Padlock on x86_64 platforms Message-ID: <1334852551-23160-1-git-send-email-funman@videolan.org> Convert existing 32bits asm to 64bits: - *l -> *q (long->quad) - e** registers -> r** registers - don't mess with ebx GOT register Tested with make check on VIA Nano X2 L4350 Signed-off-by: Rafa?l Carr? --- cipher/rijndael.c | 21 +++++++++--- random/rndhw.c | 13 ++++++- src/hwfeatures.c | 97 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 125 insertions(+), 6 deletions(-) diff --git a/cipher/rijndael.c b/cipher/rijndael.c index 2df8ea9..c2e0a77 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -63,7 +63,7 @@ code. */ #undef USE_PADLOCK #ifdef ENABLE_PADLOCK_SUPPORT -# if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) +# if ( ( defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 ) || defined(__x86_64__) ) && defined (__GNUC__) # define USE_PADLOCK 1 # endif #endif /*ENABLE_PADLOCK_SUPPORT*/ @@ -663,17 +663,28 @@ do_padlock (const RIJNDAEL_context *ctx, int decrypt_flag, memcpy (a, ax, 16); + int blocks = 1; /* Init counter for just one block. */ +#ifdef __x86_64__ + asm volatile + ("pushfq\n\t" /* Force key reload. */ + "popfq\n\t" + ".byte 0xf3, 0x0f, 0xa7, 0xc8\n\t" /* REP XCRYPT ECB. */ + : /* No output */ + : "S" (a), "D" (b), "d" (cword), "b" (ctx->padlockkey), "c" (blocks) + : "cc", "memory" + ); +#else asm volatile ("pushfl\n\t" /* Force key reload. */ "popfl\n\t" "xchg %3, %%ebx\n\t" /* Load key. */ - "movl $1, %%ecx\n\t" /* Init counter for just one block. */ - ".byte 0xf3, 0x0f, 0xa7, 0xc8\n\t" /* REP XSTORE ECB. */ + ".byte 0xf3, 0x0f, 0xa7, 0xc8\n\t" /* REP XCRYPT ECB. */ "xchg %3, %%ebx\n" /* Restore GOT register. */ : /* No output */ - : "S" (a), "D" (b), "d" (cword), "r" (ctx->padlockkey) - : "%ecx", "cc", "memory" + : "S" (a), "D" (b), "d" (cword), "r" (ctx->padlockkey), "c" (blocks) + : "cc", "memory" ); +#endif memcpy (bx, b, 16); diff --git a/random/rndhw.c b/random/rndhw.c index 82faab4..c933cf9 100644 --- a/random/rndhw.c +++ b/random/rndhw.c @@ -27,7 +27,7 @@ #undef USE_PADLOCK #ifdef ENABLE_PADLOCK_SUPPORT -# if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) +# if ( (defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4) || defined(__x86_64__) ) && defined (__GNUC__) # define USE_PADLOCK # endif #endif /*ENABLE_PADLOCK_SUPPORT*/ @@ -55,6 +55,16 @@ poll_padlock (void (*add)(const void*, size_t, enum random_origins), nbytes = 0; while (nbytes < 64) { +#ifdef __x86_64__ + asm volatile + ("movq %1, %%rdi\n\t" /* Set buffer. */ + "xorq %%rdx, %%rdx\n\t" /* Request up to 8 bytes. */ + ".byte 0x0f, 0xa7, 0xc0\n\t" /* XSTORE RNG. */ + : "=a" (status) + : "g" (p) + : "%rdx", "%rdi", "cc" + ); +#else asm volatile ("movl %1, %%edi\n\t" /* Set buffer. */ "xorl %%edx, %%edx\n\t" /* Request up to 8 bytes. */ @@ -63,6 +73,7 @@ poll_padlock (void (*add)(const void*, size_t, enum random_origins), : "g" (p) : "%edx", "%edi", "cc" ); +#endif if ((status & (1<<6)) /* RNG still enabled. */ && !(status & (1<<13)) /* von Neumann corrector is enabled. */ && !(status & (1<<14)) /* String filter is disabled. */ diff --git a/src/hwfeatures.c b/src/hwfeatures.c index c356798..73db917 100644 --- a/src/hwfeatures.c +++ b/src/hwfeatures.c @@ -40,6 +40,99 @@ _gcry_get_hw_features (void) } +#if defined (__x86_64__) && defined (__GNUC__) +static void +detect_x86_64_gnuc (void) +{ + /* The code here is only useful for the PadLock engine thus we don't + build it if that support has been disabled. */ + char vendor_id[12+1]; + + asm volatile + ("xorl %%eax, %%eax\n\t" /* 0 -> EAX. */ + "cpuid\n\t" /* Get vendor ID. */ + "movl %%ebx, (%0)\n\t" /* EBX,EDX,ECX -> VENDOR_ID. */ + "movl %%edx, 4(%0)\n\t" + "movl %%ecx, 8(%0)\n\t" + : + : "S" (&vendor_id[0]) + : "%eax", "%ecx", "%edx", "cc" + ); + vendor_id[12] = 0; + + if (0) + ; /* Just to make "else if" and ifdef macros look pretty. */ +#ifdef ENABLE_PADLOCK_SUPPORT + else if (!strcmp (vendor_id, "CentaurHauls")) + { + /* This is a VIA CPU. Check what PadLock features we have. */ + asm volatile + ("movl $0xC0000000, %%eax\n\t" /* Check for extended centaur */ + "cpuid\n\t" /* feature flags. */ + "cmpl $0xC0000001, %%eax\n\t" + "jb .Lready%=\n\t" /* EAX < 0xC0000000 => no padlock. */ + + "movl $0xC0000001, %%eax\n\t" /* Ask for the extended */ + "cpuid\n\t" /* feature flags. */ + + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0x0C, %%eax\n\t" /* Test bits 2 and 3 to see whether */ + "cmpl $0x0C, %%eax\n\t" /* the RNG exists and is enabled. */ + "jnz .Lno_rng%=\n\t" + "orl $1, %0\n" /* Set our HWF_PADLOCK_RNG bit. */ + + ".Lno_rng%=:\n\t" + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0xC0, %%eax\n\t" /* Test bits 6 and 7 to see whether */ + "cmpl $0xC0, %%eax\n\t" /* the ACE exists and is enabled. */ + "jnz .Lno_ace%=\n\t" + "orl $2, %0\n" /* Set our HWF_PADLOCK_AES bit. */ + + ".Lno_ace%=:\n\t" + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0xC00, %%eax\n\t" /* Test bits 10, 11 to see whether */ + "cmpl $0xC00, %%eax\n\t" /* the PHE exists and is enabled. */ + "jnz .Lno_phe%=\n\t" + "orl $4, %0\n" /* Set our HWF_PADLOCK_SHA bit. */ + + ".Lno_phe%=:\n\t" + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0x3000, %%eax\n\t" /* Test bits 12, 13 to see whether */ + "cmpl $0x3000, %%eax\n\t" /* MONTMUL exists and is enabled. */ + "jnz .Lready%=\n\t" + "orl $8, %0\n" /* Set our HWF_PADLOCK_MMUL bit. */ + + ".Lready%=:\n" + : "+r" (hw_features) + : + : "%eax", "%edx", "cc" + ); + } +#endif /*ENABLE_PADLOCK_SUPPORT*/ + else if (!strcmp (vendor_id, "GenuineIntel")) + { + /* This is an Intel CPU. */ + asm volatile + ("movl $1, %%eax\n\t" /* Get CPU info and feature flags. */ + "cpuid\n" + "testl $0x02000000, %%ecx\n\t" /* Test bit 25. */ + "jz .Lno_aes%=\n\t" /* No AES support. */ + "orl $256, %0\n" /* Set our HWF_INTEL_AES bit. */ + + ".Lno_aes%=:\n" + : "+r" (hw_features) + : + : "%eax", "%ecx", "%edx", "cc" + ); + } + else if (!strcmp (vendor_id, "AuthenticAMD")) + { + /* This is an AMD CPU. */ + + } +} +#endif /* __x86_64__ && __GNUC__ */ + #if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) static void detect_ia32_gnuc (void) @@ -186,6 +279,10 @@ _gcry_detect_hw_features (unsigned int disabled_features) #elif defined (__i386__) && SIZEOF_UNSIGNED_LONG == 8 #ifdef __GNUC__ #endif +#elif defined (__x86_64__) +#ifdef __GNUC__ + detect_x86_64_gnuc (); +#endif #endif hw_features &= ~disabled_features; -- 1.7.9.5 From funman at videolan.org Fri Apr 20 19:10:35 2012 From: funman at videolan.org (=?ISO-8859-1?Q?Rafa=EBl_Carr=E9?=) Date: Fri, 20 Apr 2012 13:10:35 -0400 Subject: DCO signature Message-ID: <4F91988B.1080502@videolan.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Libgcrypt Developer's Certificate of Origin. Version 1.0 ========================================================= By making a contribution to the Libgcrypt project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the free software license indicated in the file; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate free software license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same free software license (unless I am permitted to submit under a different license), as indicated in the file; or (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the free software license(s) involved. Signed-off-by: Rafa?l Carr? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+RmIoACgkQYWCeGMCv8Q9iWACeIvtZkAJYaP6X/mjUs117U0jI JiAAoJNFtyE+PoEUTtmg6fQ5IrFu9pD/ =cV4f -----END PGP SIGNATURE----- From funman at videolan.org Fri Apr 20 19:52:01 2012 From: funman at videolan.org (=?UTF-8?q?Rafa=C3=ABl=20Carr=C3=A9?=) Date: Fri, 20 Apr 2012 13:52:01 -0400 Subject: [PATCH] Enable VIA Padlock on x86_64 platforms Message-ID: <1334944321-2443-1-git-send-email-funman@videolan.org> * cipher/rijndael.c: Duplicate x86 assembly and convert to x86_64. * random/rndhw.c: Likewise. * src/hwfeatures.c: Likewise. -- Changes made to the x86 assembly: - *l -> *q (long -> quad) - e** registers -> r** registers (use widest registers available) - don't mess with ebx GOT register Tested with make check on VIA Nano X2 L4350 Signed-off-by: Rafa?l Carr? --- cipher/rijndael.c | 21 +++++++++--- random/rndhw.c | 13 ++++++- src/hwfeatures.c | 97 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 125 insertions(+), 6 deletions(-) diff --git a/cipher/rijndael.c b/cipher/rijndael.c index 2df8ea9..c2e0a77 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -63,7 +63,7 @@ code. */ #undef USE_PADLOCK #ifdef ENABLE_PADLOCK_SUPPORT -# if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) +# if ( ( defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 ) || defined(__x86_64__) ) && defined (__GNUC__) # define USE_PADLOCK 1 # endif #endif /*ENABLE_PADLOCK_SUPPORT*/ @@ -663,17 +663,28 @@ do_padlock (const RIJNDAEL_context *ctx, int decrypt_flag, memcpy (a, ax, 16); + int blocks = 1; /* Init counter for just one block. */ +#ifdef __x86_64__ + asm volatile + ("pushfq\n\t" /* Force key reload. */ + "popfq\n\t" + ".byte 0xf3, 0x0f, 0xa7, 0xc8\n\t" /* REP XCRYPT ECB. */ + : /* No output */ + : "S" (a), "D" (b), "d" (cword), "b" (ctx->padlockkey), "c" (blocks) + : "cc", "memory" + ); +#else asm volatile ("pushfl\n\t" /* Force key reload. */ "popfl\n\t" "xchg %3, %%ebx\n\t" /* Load key. */ - "movl $1, %%ecx\n\t" /* Init counter for just one block. */ - ".byte 0xf3, 0x0f, 0xa7, 0xc8\n\t" /* REP XSTORE ECB. */ + ".byte 0xf3, 0x0f, 0xa7, 0xc8\n\t" /* REP XCRYPT ECB. */ "xchg %3, %%ebx\n" /* Restore GOT register. */ : /* No output */ - : "S" (a), "D" (b), "d" (cword), "r" (ctx->padlockkey) - : "%ecx", "cc", "memory" + : "S" (a), "D" (b), "d" (cword), "r" (ctx->padlockkey), "c" (blocks) + : "cc", "memory" ); +#endif memcpy (bx, b, 16); diff --git a/random/rndhw.c b/random/rndhw.c index 82faab4..c933cf9 100644 --- a/random/rndhw.c +++ b/random/rndhw.c @@ -27,7 +27,7 @@ #undef USE_PADLOCK #ifdef ENABLE_PADLOCK_SUPPORT -# if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) +# if ( (defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4) || defined(__x86_64__) ) && defined (__GNUC__) # define USE_PADLOCK # endif #endif /*ENABLE_PADLOCK_SUPPORT*/ @@ -55,6 +55,16 @@ poll_padlock (void (*add)(const void*, size_t, enum random_origins), nbytes = 0; while (nbytes < 64) { +#ifdef __x86_64__ + asm volatile + ("movq %1, %%rdi\n\t" /* Set buffer. */ + "xorq %%rdx, %%rdx\n\t" /* Request up to 8 bytes. */ + ".byte 0x0f, 0xa7, 0xc0\n\t" /* XSTORE RNG. */ + : "=a" (status) + : "g" (p) + : "%rdx", "%rdi", "cc" + ); +#else asm volatile ("movl %1, %%edi\n\t" /* Set buffer. */ "xorl %%edx, %%edx\n\t" /* Request up to 8 bytes. */ @@ -63,6 +73,7 @@ poll_padlock (void (*add)(const void*, size_t, enum random_origins), : "g" (p) : "%edx", "%edi", "cc" ); +#endif if ((status & (1<<6)) /* RNG still enabled. */ && !(status & (1<<13)) /* von Neumann corrector is enabled. */ && !(status & (1<<14)) /* String filter is disabled. */ diff --git a/src/hwfeatures.c b/src/hwfeatures.c index c356798..73db917 100644 --- a/src/hwfeatures.c +++ b/src/hwfeatures.c @@ -40,6 +40,99 @@ _gcry_get_hw_features (void) } +#if defined (__x86_64__) && defined (__GNUC__) +static void +detect_x86_64_gnuc (void) +{ + /* The code here is only useful for the PadLock engine thus we don't + build it if that support has been disabled. */ + char vendor_id[12+1]; + + asm volatile + ("xorl %%eax, %%eax\n\t" /* 0 -> EAX. */ + "cpuid\n\t" /* Get vendor ID. */ + "movl %%ebx, (%0)\n\t" /* EBX,EDX,ECX -> VENDOR_ID. */ + "movl %%edx, 4(%0)\n\t" + "movl %%ecx, 8(%0)\n\t" + : + : "S" (&vendor_id[0]) + : "%eax", "%ecx", "%edx", "cc" + ); + vendor_id[12] = 0; + + if (0) + ; /* Just to make "else if" and ifdef macros look pretty. */ +#ifdef ENABLE_PADLOCK_SUPPORT + else if (!strcmp (vendor_id, "CentaurHauls")) + { + /* This is a VIA CPU. Check what PadLock features we have. */ + asm volatile + ("movl $0xC0000000, %%eax\n\t" /* Check for extended centaur */ + "cpuid\n\t" /* feature flags. */ + "cmpl $0xC0000001, %%eax\n\t" + "jb .Lready%=\n\t" /* EAX < 0xC0000000 => no padlock. */ + + "movl $0xC0000001, %%eax\n\t" /* Ask for the extended */ + "cpuid\n\t" /* feature flags. */ + + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0x0C, %%eax\n\t" /* Test bits 2 and 3 to see whether */ + "cmpl $0x0C, %%eax\n\t" /* the RNG exists and is enabled. */ + "jnz .Lno_rng%=\n\t" + "orl $1, %0\n" /* Set our HWF_PADLOCK_RNG bit. */ + + ".Lno_rng%=:\n\t" + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0xC0, %%eax\n\t" /* Test bits 6 and 7 to see whether */ + "cmpl $0xC0, %%eax\n\t" /* the ACE exists and is enabled. */ + "jnz .Lno_ace%=\n\t" + "orl $2, %0\n" /* Set our HWF_PADLOCK_AES bit. */ + + ".Lno_ace%=:\n\t" + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0xC00, %%eax\n\t" /* Test bits 10, 11 to see whether */ + "cmpl $0xC00, %%eax\n\t" /* the PHE exists and is enabled. */ + "jnz .Lno_phe%=\n\t" + "orl $4, %0\n" /* Set our HWF_PADLOCK_SHA bit. */ + + ".Lno_phe%=:\n\t" + "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ + "andl $0x3000, %%eax\n\t" /* Test bits 12, 13 to see whether */ + "cmpl $0x3000, %%eax\n\t" /* MONTMUL exists and is enabled. */ + "jnz .Lready%=\n\t" + "orl $8, %0\n" /* Set our HWF_PADLOCK_MMUL bit. */ + + ".Lready%=:\n" + : "+r" (hw_features) + : + : "%eax", "%edx", "cc" + ); + } +#endif /*ENABLE_PADLOCK_SUPPORT*/ + else if (!strcmp (vendor_id, "GenuineIntel")) + { + /* This is an Intel CPU. */ + asm volatile + ("movl $1, %%eax\n\t" /* Get CPU info and feature flags. */ + "cpuid\n" + "testl $0x02000000, %%ecx\n\t" /* Test bit 25. */ + "jz .Lno_aes%=\n\t" /* No AES support. */ + "orl $256, %0\n" /* Set our HWF_INTEL_AES bit. */ + + ".Lno_aes%=:\n" + : "+r" (hw_features) + : + : "%eax", "%ecx", "%edx", "cc" + ); + } + else if (!strcmp (vendor_id, "AuthenticAMD")) + { + /* This is an AMD CPU. */ + + } +} +#endif /* __x86_64__ && __GNUC__ */ + #if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) static void detect_ia32_gnuc (void) @@ -186,6 +279,10 @@ _gcry_detect_hw_features (unsigned int disabled_features) #elif defined (__i386__) && SIZEOF_UNSIGNED_LONG == 8 #ifdef __GNUC__ #endif +#elif defined (__x86_64__) +#ifdef __GNUC__ + detect_x86_64_gnuc (); +#endif #endif hw_features &= ~disabled_features; -- 1.7.9.5 From funman at videolan.org Fri Apr 20 19:58:54 2012 From: funman at videolan.org (=?ISO-8859-1?Q?Rafa=EBl_Carr=E9?=) Date: Fri, 20 Apr 2012 13:58:54 -0400 Subject: [PATCH] Enable VIA Padlock on x86_64 platforms In-Reply-To: <87aa26sc0q.fsf@vigenere.g10code.de> References: <1334118014-28666-1-git-send-email-funman@videolan.org> <87wr5m4r76.fsf@vigenere.g10code.de> <4F8564FF.2020203@videolan.org> <87lim11c66.fsf@vigenere.g10code.de> <4F903BB3.2040800@videolan.org> <87aa26sc0q.fsf@vigenere.g10code.de> Message-ID: <4F91A3DE.9060604@videolan.org> Le 20/04/2012 10:39, Werner Koch a ?crit : > Hi! > > If you want me to consider your patches, you should follow the new > instructions in doc/HACKING and send the DCO file to this list. My > apologies in advance, in case I you already did. Just did that :p > -- > Because the tear off line is the first line of the body, not even the > summary line will be copied to the ChangeLog. Using only the tear off > line without any text is often useful for commits like "Typo and > grammar fixes." > #+end_example This doesn't seem to work: make dist tar zfx libgcrypt-1.6.0-git9eb9fc3.tar.gz make gen-ChangeLog vim libgcrypt-1.6.0-gitc56149d/ChangeLog /^ -- The commit log is copied verbatim: 2011-12-16 Werner Koch Add alignment tests for the cipher tests. * tests/basic.c (check_one_cipher): Factor most code out to check_one_cipher_core. Call that core function several times using different alignment settings. (check_one_cipher_core): New. Add extra args to allow alignment testing. -- As reported in bug#1384 Serpent fails on a sparc64. One problem with the test code is that due to the bus error the error message won't be printed.