1 /* Copyright (c) 2014, Google Inc.
2 *
3 * Permission to use, copy, modify, and/or distribute this software for any
4 * purpose with or without fee is hereby granted, provided that the above
5 * copyright notice and this permission notice appear in all copies.
6 *
7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
15 #include <openssl/crypto.h>
16
17 #include <openssl/cpu.h>
18
19 #include "fipsmodule/rand/fork_detect.h"
20 #include "fipsmodule/rand/internal.h"
21 #include "internal.h"
22
23
24 #if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_STATIC_ARMCAP) && \
25 (defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
26 defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) || \
27 defined(OPENSSL_PPC64LE))
28 // x86, x86_64, the ARMs and ppc64le need to record the result of a
29 // cpuid/getauxval call for the asm to work correctly, unless compiled without
30 // asm code.
31 #define NEED_CPUID
32
33 #else
34
35 // Otherwise, don't emit a static initialiser.
36
37 #if !defined(BORINGSSL_NO_STATIC_INITIALIZER)
38 #define BORINGSSL_NO_STATIC_INITIALIZER
39 #endif
40
41 #endif // !NO_ASM && !STATIC_ARMCAP &&
42 // (X86 || X86_64 || ARM || AARCH64 || PPC64LE)
43
44
45 // Our assembly does not use the GOT to reference symbols, which means
46 // references to visible symbols will often require a TEXTREL. This is
47 // undesirable, so all assembly-referenced symbols should be hidden. CPU
48 // capabilities are the only such symbols defined in C. Explicitly hide them,
49 // rather than rely on being built with -fvisibility=hidden.
50 #if defined(OPENSSL_WINDOWS)
51 #define HIDDEN
52 #else
53 #define HIDDEN __attribute__((visibility("hidden")))
54 #endif
55
56
57 // The capability variables are defined in this file in order to work around a
58 // linker bug. When linking with a .a, if no symbols in a .o are referenced
59 // then the .o is discarded, even if it has constructor functions.
60 //
61 // This still means that any binaries that don't include some functionality
62 // that tests the capability values will still skip the constructor but, so
63 // far, the init constructor function only sets the capability variables.
64
65 #if defined(BORINGSSL_DISPATCH_TEST)
66 // This value must be explicitly initialised to zero in order to work around a
67 // bug in libtool or the linker on OS X.
68 //
69 // If not initialised then it becomes a "common symbol". When put into an
70 // archive, linking on OS X will fail to resolve common symbols. By
71 // initialising it to zero, it becomes a "data symbol", which isn't so
72 // affected.
73 HIDDEN uint8_t BORINGSSL_function_hit[7] = {0};
74 #endif
75
76 #if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
77
78 // This value must be explicitly initialized to zero. See similar comment above.
79 HIDDEN uint32_t OPENSSL_ia32cap_P[4] = {0};
80
81 #elif defined(OPENSSL_PPC64LE)
82
83 HIDDEN unsigned long OPENSSL_ppc64le_hwcap2 = 0;
84
85 #elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
86
87 #include <openssl/arm_arch.h>
88
89 #if defined(OPENSSL_STATIC_ARMCAP)
90
91 HIDDEN uint32_t OPENSSL_armcap_P =
92 #if defined(OPENSSL_STATIC_ARMCAP_NEON) || \
93 (defined(__ARM_NEON__) || defined(__ARM_NEON))
94 ARMV7_NEON |
95 #endif
96 #if defined(OPENSSL_STATIC_ARMCAP_AES) || defined(__ARM_FEATURE_CRYPTO)
97 ARMV8_AES |
98 #endif
99 #if defined(OPENSSL_STATIC_ARMCAP_SHA1) || defined(__ARM_FEATURE_CRYPTO)
100 ARMV8_SHA1 |
101 #endif
102 #if defined(OPENSSL_STATIC_ARMCAP_SHA256) || defined(__ARM_FEATURE_CRYPTO)
103 ARMV8_SHA256 |
104 #endif
105 #if defined(OPENSSL_STATIC_ARMCAP_PMULL) || defined(__ARM_FEATURE_CRYPTO)
106 ARMV8_PMULL |
107 #endif
108 0;
109
110 #else
111 HIDDEN uint32_t OPENSSL_armcap_P = 0;
112
OPENSSL_get_armcap_pointer_for_test(void)113 uint32_t *OPENSSL_get_armcap_pointer_for_test(void) {
114 return &OPENSSL_armcap_P;
115 }
116 #endif
117
118 #endif
119
120 #if defined(BORINGSSL_FIPS)
121 // In FIPS mode, the power-on self-test function calls |CRYPTO_library_init|
122 // because we have to ensure that CPUID detection occurs first.
123 #define BORINGSSL_NO_STATIC_INITIALIZER
124 #endif
125
126 #if defined(OPENSSL_WINDOWS) && !defined(BORINGSSL_NO_STATIC_INITIALIZER)
127 #define OPENSSL_CDECL __cdecl
128 #else
129 #define OPENSSL_CDECL
130 #endif
131
132 #if defined(BORINGSSL_NO_STATIC_INITIALIZER)
133 static CRYPTO_once_t once = CRYPTO_ONCE_INIT;
134 #elif defined(_MSC_VER)
135 #pragma section(".CRT$XCU", read)
136 static void __cdecl do_library_init(void);
137 __declspec(allocate(".CRT$XCU")) void(*library_init_constructor)(void) =
138 do_library_init;
139 #else
140 static void do_library_init(void) __attribute__ ((constructor));
141 #endif
142
143 // do_library_init is the actual initialization function. If
144 // BORINGSSL_NO_STATIC_INITIALIZER isn't defined, this is set as a static
145 // initializer. Otherwise, it is called by CRYPTO_library_init.
do_library_init(void)146 static void OPENSSL_CDECL do_library_init(void) {
147 // WARNING: this function may only configure the capability variables. See the
148 // note above about the linker bug.
149 #if defined(NEED_CPUID)
150 OPENSSL_cpuid_setup();
151 #endif
152 }
153
CRYPTO_library_init(void)154 void CRYPTO_library_init(void) {
155 // TODO(davidben): It would be tidier if this build knob could be replaced
156 // with an internal lazy-init mechanism that would handle things correctly
157 // in-library. https://crbug.com/542879
158 #if defined(BORINGSSL_NO_STATIC_INITIALIZER)
159 CRYPTO_once(&once, do_library_init);
160 #endif
161 }
162
CRYPTO_is_confidential_build(void)163 int CRYPTO_is_confidential_build(void) {
164 #if defined(BORINGSSL_CONFIDENTIAL)
165 return 1;
166 #else
167 return 0;
168 #endif
169 }
170
CRYPTO_has_asm(void)171 int CRYPTO_has_asm(void) {
172 #if defined(OPENSSL_NO_ASM)
173 return 0;
174 #else
175 return 1;
176 #endif
177 }
178
CRYPTO_pre_sandbox_init(void)179 void CRYPTO_pre_sandbox_init(void) {
180 // Read from /proc/cpuinfo if needed.
181 CRYPTO_library_init();
182 // Open /dev/urandom if needed.
183 CRYPTO_init_sysrand();
184 // Set up MADV_WIPEONFORK state if needed.
185 CRYPTO_get_fork_generation();
186 }
187
SSLeay_version(int which)188 const char *SSLeay_version(int which) { return OpenSSL_version(which); }
189
OpenSSL_version(int which)190 const char *OpenSSL_version(int which) {
191 switch (which) {
192 case OPENSSL_VERSION:
193 return "BoringSSL";
194 case OPENSSL_CFLAGS:
195 return "compiler: n/a";
196 case OPENSSL_BUILT_ON:
197 return "built on: n/a";
198 case OPENSSL_PLATFORM:
199 return "platform: n/a";
200 case OPENSSL_DIR:
201 return "OPENSSLDIR: n/a";
202 default:
203 return "not available";
204 }
205 }
206
SSLeay(void)207 unsigned long SSLeay(void) { return OPENSSL_VERSION_NUMBER; }
208
OpenSSL_version_num(void)209 unsigned long OpenSSL_version_num(void) { return OPENSSL_VERSION_NUMBER; }
210
CRYPTO_malloc_init(void)211 int CRYPTO_malloc_init(void) { return 1; }
212
OPENSSL_malloc_init(void)213 int OPENSSL_malloc_init(void) { return 1; }
214
ENGINE_load_builtin_engines(void)215 void ENGINE_load_builtin_engines(void) {}
216
ENGINE_register_all_complete(void)217 int ENGINE_register_all_complete(void) { return 1; }
218
OPENSSL_load_builtin_modules(void)219 void OPENSSL_load_builtin_modules(void) {}
220
OPENSSL_init_crypto(uint64_t opts,const OPENSSL_INIT_SETTINGS * settings)221 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) {
222 CRYPTO_library_init();
223 return 1;
224 }
225
OPENSSL_cleanup(void)226 void OPENSSL_cleanup(void) {}
227