Minor VIA Padlock engine update: eliminate -Wunused warning when *not*
[openssl.git] / crypto / engine / eng_padlock.c
index ec249ea..95de35d 100644 (file)
 #if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
 # if defined(__i386__) || defined(__i386) || defined(_M_IX86)
 #  define COMPILE_HW_PADLOCK
+static ENGINE *ENGINE_padlock (void);
 # endif
 #endif
 
-static ENGINE *ENGINE_padlock (void);
-
 void ENGINE_load_padlock (void)
 {
 /* On non-x86 CPUs it just returns. */
@@ -251,13 +250,21 @@ struct padlock_cipher_data
        AES_KEY ks;             /* Encryption key */
 };
 
+/*
+ * Essentially this variable belongs in thread local storage.
+ * Having this variable global on the other hand can only cause
+ * few bogus key reloads [if any at all on single-CPU system],
+ * so we accept the penatly...
+ */
+static volatile struct padlock_cipher_data *padlock_saved_context;
+
 /*
  * =======================================================
  * Inline assembler section(s).
  * =======================================================
  * Order of arguments is chosen to facilitate Windows port
  * using __fastcall calling convention. If you wish to add
- * more routines, keep in mind that in __fastcall first
+ * more routines, keep in mind that first __fastcall
  * argument is passed in %ecx and second - in %edx.
  * =======================================================
  */
@@ -367,16 +374,14 @@ padlock_reload_key(void)
  * This is heuristic key context tracing. At first one
  * believes that one should use atomic swap instructions,
  * but it's not actually necessary. Point is that if
- * saved_cdata was changed by another thread after we've
- * read it and before we compare it with cdata, our key
- * *shall* be reloaded upon thread context switch and
- * we are therefore set in either case...
+ * padlock_saved_context was changed by another thread
+ * after we've read it and before we compare it with cdata,
+ * our key *shall* be reloaded upon thread context switch
+ * and we are therefore set in either case...
  */
 static inline void
 padlock_verify_context(struct padlock_cipher_data *cdata)
 {
-       static struct padlock_cipher_data *saved_cdata;
-
        asm volatile (
        "pushfl\n"
 "      bt      $30,(%%esp)\n"
@@ -387,7 +392,8 @@ padlock_verify_context(struct padlock_cipher_data *cdata)
 "      popfl\n"
 "      sub     $4,%%esp\n"
 "1:    add     $4,%%esp"
-        :"+m"(saved_cdata) : "r"(saved_cdata), "r"(cdata) : "cc");
+       :"+m"(padlock_saved_context)
+       : "r"(padlock_saved_context), "r"(cdata) : "cc");
 }
 
 /* Template for padlock_xcrypt_* modes */
@@ -432,6 +438,29 @@ padlock_xstore(void *addr, unsigned int edx_in)
        return eax_out;
 }
 
+/* Why not inline 'rep movsd'? I failed to find information on what
+ * value in Direction Flag one can expect and consequently have to
+ * apply "better-safe-than-sorry" approach and assume "undefined."
+ * I could explicitly clear it and restore the original value upon
+ * return from padlock_aes_cipher, but it's presumably too much
+ * trouble for too little gain...
+ *
+ * In case you wonder 'rep xcrypt*' instructions above are *not*
+ * affected by the Direction Flag and pointers advance toward
+ * larger addresses unconditionally.
+ */ 
+static inline unsigned char *
+padlock_memcpy(void *dst,const void *src,size_t n)
+{
+       long       *d=dst;
+       const long *s=src;
+
+       n /= sizeof(*d);
+       do { *d++ = *s++; } while (--n);
+
+       return dst;
+}
+
 #elif defined(_MSC_VER)
 /*
  * Unlike GCC these are real functions. In order to minimize impact
@@ -455,8 +484,8 @@ static void * __fastcall            \
        name (size_t cnt, void *cdata,  \
        void *outp, const void *inp)    \
 {      _asm    mov     eax,edx         \
-       _asm    lea     ebx,[eax+16]    \
-       _asm    lea     edx,[eax+32]    \
+       _asm    lea     edx,[eax+16]    \
+       _asm    lea     ebx,[eax+32]    \
        _asm    mov     edi,outp        \
        _asm    mov     esi,inp         \
        REP_XCRYPT(code)                \
@@ -479,15 +508,13 @@ padlock_reload_key(void)
 
 static void __fastcall
 padlock_verify_context(void *cdata)
-{      static void *saved_cdata;
-
-       _asm    {
+{      _asm    {
                pushfd
                bt      DWORD PTR[esp],30
                jnc     skip
-               cmp     ecx,saved_cdata
+               cmp     ecx,padlock_saved_context
                je      skip
-               mov     saved_cdata,ecx
+               mov     padlock_saved_context,ecx
                popfd
                sub     esp,4
        skip:   add     esp,4
@@ -551,14 +578,18 @@ padlock_bswapl(void *key)
                mov     esi,ecx
                mov     edi,ecx
                mov     ecx,60
-       up:
-               lodsd
+       up:     lodsd
                bswap   eax
                stosd
                loop    up
                popfd
                }
 }
+
+/* MS actually specifies status of Direction Flag and compiler even
+ * manages to compile following as 'rep movsd' all by itself...
+ */
+#define padlock_memcpy(o,i,n) ((unsigned char *)memcpy((o),(i),(n)&~3U))
 #endif
 
 /* ===== AES encryption/decryption ===== */
@@ -596,13 +627,17 @@ static int padlock_cipher_nids[] = {
 
        NID_aes_192_ecb,
        NID_aes_192_cbc,
-//     NID_aes_192_cfb,        /* FIXME: AES192/256 CFB/OFB don't work. */
-//     NID_aes_192_ofb,
+#if 0
+       NID_aes_192_cfb,        /* FIXME: AES192/256 CFB/OFB don't work. */
+       NID_aes_192_ofb,
+#endif
 
        NID_aes_256_ecb,
        NID_aes_256_cbc,
-//     NID_aes_256_cfb,
-//     NID_aes_256_ofb,
+#if 0
+       NID_aes_256_cfb,
+       NID_aes_256_ofb,
+#endif
 };
 static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids)/
                                      sizeof(padlock_cipher_nids[0]));
@@ -834,7 +869,8 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
 {
        struct padlock_cipher_data *cdata;
        const  void *inp;
-       char  *out, *iv;
+       char  *out;
+       void  *iv;
        int    inp_misaligned, out_misaligned, realign_in_loop;
        size_t chunk, allocated=0;
 
@@ -882,7 +918,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
        case EVP_CIPH_ECB_MODE:
                do      {
                        if (inp_misaligned)
-                               inp = memcpy(out, in_arg, chunk);
+                               inp = padlock_memcpy(out, in_arg, chunk);
                        else
                                inp = in_arg;
                        in_arg += chunk;
@@ -890,7 +926,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
                        padlock_xcrypt_ecb(chunk/AES_BLOCK_SIZE, cdata, out, inp);
 
                        if (out_misaligned)
-                               out_arg = (char *)memcpy(out_arg, out, chunk) + chunk;
+                               out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
                        else
                                out     = out_arg+=chunk;
 
@@ -908,7 +944,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
                        chunk = PADLOCK_CHUNK;
                cbc_shortcut: /* optimize for small input */
                        if (inp_misaligned)
-                               inp = memcpy(out, in_arg, chunk);
+                               inp = padlock_memcpy(out, in_arg, chunk);
                        else
                                inp = in_arg;
                        in_arg += chunk;
@@ -916,7 +952,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
                        iv = padlock_xcrypt_cbc(chunk/AES_BLOCK_SIZE, cdata, out, inp);
 
                        if (out_misaligned)
-                               out_arg = (char *)memcpy(out_arg, out, chunk) + chunk;
+                               out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
                        else
                                out     = out_arg+=chunk;
 
@@ -933,7 +969,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
                        chunk = PADLOCK_CHUNK;
                cfb_shortcut: /* optimize for small input */
                        if (inp_misaligned)
-                               inp = memcpy(out, in_arg, chunk);
+                               inp = padlock_memcpy(out, in_arg, chunk);
                        else
                                inp = in_arg;
                        in_arg += chunk;
@@ -941,7 +977,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
                        iv = padlock_xcrypt_cfb(chunk/AES_BLOCK_SIZE, cdata, out, inp);
 
                        if (out_misaligned)
-                               out_arg = (char *)memcpy(out_arg, out, chunk) + chunk;
+                               out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
                        else
                                out     = out_arg+=chunk;
 
@@ -953,7 +989,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
                memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
                do      {
                        if (inp_misaligned)
-                               inp = memcpy(out, in_arg, chunk);
+                               inp = padlock_memcpy(out, in_arg, chunk);
                        else
                                inp = in_arg;
                        in_arg += chunk;
@@ -961,7 +997,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
                        padlock_xcrypt_ofb(chunk/AES_BLOCK_SIZE, cdata, out, inp);
 
                        if (out_misaligned)
-                               out_arg = (char *)memcpy(out_arg, out, chunk) + chunk;
+                               out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
                        else
                                out     = out_arg+=chunk;