xref: /aosp_15_r20/external/boringssl/include/openssl/asm_base.h (revision 8fb009dc861624b67b6cdb62ea21f0f22d0c584b) 
1*8fb009dcSAndroid Build Coastguard Worker /* Copyright (c) 2023, Google Inc.
2*8fb009dcSAndroid Build Coastguard Worker  *
3*8fb009dcSAndroid Build Coastguard Worker  * Permission to use, copy, modify, and/or distribute this software for any
4*8fb009dcSAndroid Build Coastguard Worker  * purpose with or without fee is hereby granted, provided that the above
5*8fb009dcSAndroid Build Coastguard Worker  * copyright notice and this permission notice appear in all copies.
6*8fb009dcSAndroid Build Coastguard Worker  *
7*8fb009dcSAndroid Build Coastguard Worker  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8*8fb009dcSAndroid Build Coastguard Worker  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9*8fb009dcSAndroid Build Coastguard Worker  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10*8fb009dcSAndroid Build Coastguard Worker  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11*8fb009dcSAndroid Build Coastguard Worker  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12*8fb009dcSAndroid Build Coastguard Worker  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13*8fb009dcSAndroid Build Coastguard Worker  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14*8fb009dcSAndroid Build Coastguard Worker 
15*8fb009dcSAndroid Build Coastguard Worker #ifndef OPENSSL_HEADER_ASM_BASE_H
16*8fb009dcSAndroid Build Coastguard Worker #define OPENSSL_HEADER_ASM_BASE_H
17*8fb009dcSAndroid Build Coastguard Worker 
18*8fb009dcSAndroid Build Coastguard Worker #include <openssl/target.h>
19*8fb009dcSAndroid Build Coastguard Worker 
20*8fb009dcSAndroid Build Coastguard Worker 
21*8fb009dcSAndroid Build Coastguard Worker // This header contains symbols and common sections used by assembly files. It
22*8fb009dcSAndroid Build Coastguard Worker // is included as a public header to simplify the build, but is not intended for
23*8fb009dcSAndroid Build Coastguard Worker // external use.
24*8fb009dcSAndroid Build Coastguard Worker //
25*8fb009dcSAndroid Build Coastguard Worker // Every assembly file must include this header. Some linker features require
26*8fb009dcSAndroid Build Coastguard Worker // all object files to be tagged with some section metadata. This header file,
27*8fb009dcSAndroid Build Coastguard Worker // when included in assembly, adds that metadata. It also makes defines like
28*8fb009dcSAndroid Build Coastguard Worker // |OPENSSL_X86_64| available and includes the prefixing macros.
29*8fb009dcSAndroid Build Coastguard Worker //
30*8fb009dcSAndroid Build Coastguard Worker // Including this header in an assembly file imples:
31*8fb009dcSAndroid Build Coastguard Worker //
32*8fb009dcSAndroid Build Coastguard Worker // - The file does not require an executable stack.
33*8fb009dcSAndroid Build Coastguard Worker //
34*8fb009dcSAndroid Build Coastguard Worker // - The file, on aarch64, uses the macros defined below to be compatible with
35*8fb009dcSAndroid Build Coastguard Worker //   BTI and PAC.
36*8fb009dcSAndroid Build Coastguard Worker //
37*8fb009dcSAndroid Build Coastguard Worker // - The file, on x86_64, requires the program to be compatible with Intel IBT
38*8fb009dcSAndroid Build Coastguard Worker //   and SHSTK
39*8fb009dcSAndroid Build Coastguard Worker 
40*8fb009dcSAndroid Build Coastguard Worker #if defined(__ASSEMBLER__)
41*8fb009dcSAndroid Build Coastguard Worker 
42*8fb009dcSAndroid Build Coastguard Worker #if defined(BORINGSSL_PREFIX)
43*8fb009dcSAndroid Build Coastguard Worker #include <boringssl_prefix_symbols_asm.h>
44*8fb009dcSAndroid Build Coastguard Worker #endif
45*8fb009dcSAndroid Build Coastguard Worker 
46*8fb009dcSAndroid Build Coastguard Worker #if defined(__ELF__)
47*8fb009dcSAndroid Build Coastguard Worker // Every ELF object file, even empty ones, should disable executable stacks. See
48*8fb009dcSAndroid Build Coastguard Worker // https://www.airs.com/blog/archives/518.
49*8fb009dcSAndroid Build Coastguard Worker .pushsection .note.GNU-stack, "", %progbits
50*8fb009dcSAndroid Build Coastguard Worker .popsection
51*8fb009dcSAndroid Build Coastguard Worker #endif
52*8fb009dcSAndroid Build Coastguard Worker 
53*8fb009dcSAndroid Build Coastguard Worker #if defined(__CET__) && defined(OPENSSL_X86_64)
54*8fb009dcSAndroid Build Coastguard Worker // Clang and GCC define __CET__ and provide <cet.h> when they support Intel's
55*8fb009dcSAndroid Build Coastguard Worker // Indirect Branch Tracking.
56*8fb009dcSAndroid Build Coastguard Worker // https://lpc.events/event/7/contributions/729/attachments/496/903/CET-LPC-2020.pdf
57*8fb009dcSAndroid Build Coastguard Worker //
58*8fb009dcSAndroid Build Coastguard Worker // cet.h defines _CET_ENDBR which is used to mark function entry points for IBT.
59*8fb009dcSAndroid Build Coastguard Worker // and adds the assembly marker. The value of _CET_ENDBR is made dependant on if
60*8fb009dcSAndroid Build Coastguard Worker // '-fcf-protection' is passed to the compiler. _CET_ENDBR is only required when
61*8fb009dcSAndroid Build Coastguard Worker // the function is the target of an indirect jump, but BoringSSL chooses to mark
62*8fb009dcSAndroid Build Coastguard Worker // all assembly entry points because it is easier, and allows BoringSSL's ABI
63*8fb009dcSAndroid Build Coastguard Worker // tester to call the assembly entry points via an indirect jump.
64*8fb009dcSAndroid Build Coastguard Worker #include <cet.h>
65*8fb009dcSAndroid Build Coastguard Worker #else
66*8fb009dcSAndroid Build Coastguard Worker #define _CET_ENDBR
67*8fb009dcSAndroid Build Coastguard Worker #endif
68*8fb009dcSAndroid Build Coastguard Worker 
69*8fb009dcSAndroid Build Coastguard Worker #if defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
70*8fb009dcSAndroid Build Coastguard Worker 
71*8fb009dcSAndroid Build Coastguard Worker // We require the ARM assembler provide |__ARM_ARCH| from Arm C Language
72*8fb009dcSAndroid Build Coastguard Worker // Extensions (ACLE). This is supported in GCC 4.8+ and Clang 3.2+. MSVC does
73*8fb009dcSAndroid Build Coastguard Worker // not implement ACLE, but we require Clang's assembler on Windows.
74*8fb009dcSAndroid Build Coastguard Worker #if !defined(__ARM_ARCH)
75*8fb009dcSAndroid Build Coastguard Worker #error "ARM assembler must define __ARM_ARCH"
76*8fb009dcSAndroid Build Coastguard Worker #endif
77*8fb009dcSAndroid Build Coastguard Worker 
78*8fb009dcSAndroid Build Coastguard Worker // Even when building for 32-bit ARM, support for aarch64 crypto instructions
79*8fb009dcSAndroid Build Coastguard Worker // will be included.
80*8fb009dcSAndroid Build Coastguard Worker //
81*8fb009dcSAndroid Build Coastguard Worker // TODO(davidben): Remove this and the corresponding ifdefs? This is only
82*8fb009dcSAndroid Build Coastguard Worker // defined because some OpenSSL assembly files would allow disabling the NEON
83*8fb009dcSAndroid Build Coastguard Worker // code entirely. I think we'd prefer to do that by lifting the dispatch to C
84*8fb009dcSAndroid Build Coastguard Worker // anyway.
85*8fb009dcSAndroid Build Coastguard Worker #define __ARM_MAX_ARCH__ 8
86*8fb009dcSAndroid Build Coastguard Worker 
87*8fb009dcSAndroid Build Coastguard Worker // Support macros for
88*8fb009dcSAndroid Build Coastguard Worker //   - Armv8.3-A Pointer Authentication and
89*8fb009dcSAndroid Build Coastguard Worker //   - Armv8.5-A Branch Target Identification
90*8fb009dcSAndroid Build Coastguard Worker // features which require emitting a .note.gnu.property section with the
91*8fb009dcSAndroid Build Coastguard Worker // appropriate architecture-dependent feature bits set.
92*8fb009dcSAndroid Build Coastguard Worker //
93*8fb009dcSAndroid Build Coastguard Worker // |AARCH64_SIGN_LINK_REGISTER| and |AARCH64_VALIDATE_LINK_REGISTER| expand to
94*8fb009dcSAndroid Build Coastguard Worker // PACIxSP and AUTIxSP, respectively. |AARCH64_SIGN_LINK_REGISTER| should be
95*8fb009dcSAndroid Build Coastguard Worker // used immediately before saving the LR register (x30) to the stack.
96*8fb009dcSAndroid Build Coastguard Worker // |AARCH64_VALIDATE_LINK_REGISTER| should be used immediately after restoring
97*8fb009dcSAndroid Build Coastguard Worker // it. Note |AARCH64_SIGN_LINK_REGISTER|'s modifications to LR must be undone
98*8fb009dcSAndroid Build Coastguard Worker // with |AARCH64_VALIDATE_LINK_REGISTER| before RET. The SP register must also
99*8fb009dcSAndroid Build Coastguard Worker // have the same value at the two points. For example:
100*8fb009dcSAndroid Build Coastguard Worker //
101*8fb009dcSAndroid Build Coastguard Worker //   .global f
102*8fb009dcSAndroid Build Coastguard Worker //   f:
103*8fb009dcSAndroid Build Coastguard Worker //     AARCH64_SIGN_LINK_REGISTER
104*8fb009dcSAndroid Build Coastguard Worker //     stp x29, x30, [sp, #-96]!
105*8fb009dcSAndroid Build Coastguard Worker //     mov x29, sp
106*8fb009dcSAndroid Build Coastguard Worker //     ...
107*8fb009dcSAndroid Build Coastguard Worker //     ldp x29, x30, [sp], #96
108*8fb009dcSAndroid Build Coastguard Worker //     AARCH64_VALIDATE_LINK_REGISTER
109*8fb009dcSAndroid Build Coastguard Worker //     ret
110*8fb009dcSAndroid Build Coastguard Worker //
111*8fb009dcSAndroid Build Coastguard Worker // |AARCH64_VALID_CALL_TARGET| expands to BTI 'c'. Either it, or
112*8fb009dcSAndroid Build Coastguard Worker // |AARCH64_SIGN_LINK_REGISTER|, must be used at every point that may be an
113*8fb009dcSAndroid Build Coastguard Worker // indirect call target. In particular, all symbols exported from a file must
114*8fb009dcSAndroid Build Coastguard Worker // begin with one of these macros. For example, a leaf function that does not
115*8fb009dcSAndroid Build Coastguard Worker // save LR can instead use |AARCH64_VALID_CALL_TARGET|:
116*8fb009dcSAndroid Build Coastguard Worker //
117*8fb009dcSAndroid Build Coastguard Worker //   .globl return_zero
118*8fb009dcSAndroid Build Coastguard Worker //   return_zero:
119*8fb009dcSAndroid Build Coastguard Worker //     AARCH64_VALID_CALL_TARGET
120*8fb009dcSAndroid Build Coastguard Worker //     mov x0, #0
121*8fb009dcSAndroid Build Coastguard Worker //     ret
122*8fb009dcSAndroid Build Coastguard Worker //
123*8fb009dcSAndroid Build Coastguard Worker // A non-leaf function which does not immediately save LR may need both macros
124*8fb009dcSAndroid Build Coastguard Worker // because |AARCH64_SIGN_LINK_REGISTER| appears late. For example, the function
125*8fb009dcSAndroid Build Coastguard Worker // may jump to an alternate implementation before setting up the stack:
126*8fb009dcSAndroid Build Coastguard Worker //
127*8fb009dcSAndroid Build Coastguard Worker //   .globl with_early_jump
128*8fb009dcSAndroid Build Coastguard Worker //   with_early_jump:
129*8fb009dcSAndroid Build Coastguard Worker //     AARCH64_VALID_CALL_TARGET
130*8fb009dcSAndroid Build Coastguard Worker //     cmp x0, #128
131*8fb009dcSAndroid Build Coastguard Worker //     b.lt .Lwith_early_jump_128
132*8fb009dcSAndroid Build Coastguard Worker //     AARCH64_SIGN_LINK_REGISTER
133*8fb009dcSAndroid Build Coastguard Worker //     stp x29, x30, [sp, #-96]!
134*8fb009dcSAndroid Build Coastguard Worker //     mov x29, sp
135*8fb009dcSAndroid Build Coastguard Worker //     ...
136*8fb009dcSAndroid Build Coastguard Worker //     ldp x29, x30, [sp], #96
137*8fb009dcSAndroid Build Coastguard Worker //     AARCH64_VALIDATE_LINK_REGISTER
138*8fb009dcSAndroid Build Coastguard Worker //     ret
139*8fb009dcSAndroid Build Coastguard Worker //
140*8fb009dcSAndroid Build Coastguard Worker //  .Lwith_early_jump_128:
141*8fb009dcSAndroid Build Coastguard Worker //     ...
142*8fb009dcSAndroid Build Coastguard Worker //     ret
143*8fb009dcSAndroid Build Coastguard Worker //
144*8fb009dcSAndroid Build Coastguard Worker // These annotations are only required with indirect calls. Private symbols that
145*8fb009dcSAndroid Build Coastguard Worker // are only the target of direct calls do not require annotations. Also note
146*8fb009dcSAndroid Build Coastguard Worker // that |AARCH64_VALID_CALL_TARGET| is only valid for indirect calls (BLR), not
147*8fb009dcSAndroid Build Coastguard Worker // indirect jumps (BR). Indirect jumps in assembly are currently not supported
148*8fb009dcSAndroid Build Coastguard Worker // and would require a macro for BTI 'j'.
149*8fb009dcSAndroid Build Coastguard Worker //
150*8fb009dcSAndroid Build Coastguard Worker // Although not necessary, it is safe to use these macros in 32-bit ARM
151*8fb009dcSAndroid Build Coastguard Worker // assembly. This may be used to simplify dual 32-bit and 64-bit files.
152*8fb009dcSAndroid Build Coastguard Worker //
153*8fb009dcSAndroid Build Coastguard Worker // References:
154*8fb009dcSAndroid Build Coastguard Worker // - "ELF for the Arm® 64-bit Architecture"
155*8fb009dcSAndroid Build Coastguard Worker //   https://github.com/ARM-software/abi-aa/blob/master/aaelf64/aaelf64.rst
156*8fb009dcSAndroid Build Coastguard Worker // - "Providing protection for complex software"
157*8fb009dcSAndroid Build Coastguard Worker //   https://developer.arm.com/architectures/learn-the-architecture/providing-protection-for-complex-software
158*8fb009dcSAndroid Build Coastguard Worker 
159*8fb009dcSAndroid Build Coastguard Worker #if defined(__ARM_FEATURE_BTI_DEFAULT) && __ARM_FEATURE_BTI_DEFAULT == 1
160*8fb009dcSAndroid Build Coastguard Worker #define GNU_PROPERTY_AARCH64_BTI (1 << 0)   // Has Branch Target Identification
161*8fb009dcSAndroid Build Coastguard Worker #define AARCH64_VALID_CALL_TARGET hint #34  // BTI 'c'
162*8fb009dcSAndroid Build Coastguard Worker #else
163*8fb009dcSAndroid Build Coastguard Worker #define GNU_PROPERTY_AARCH64_BTI 0  // No Branch Target Identification
164*8fb009dcSAndroid Build Coastguard Worker #define AARCH64_VALID_CALL_TARGET
165*8fb009dcSAndroid Build Coastguard Worker #endif
166*8fb009dcSAndroid Build Coastguard Worker 
167*8fb009dcSAndroid Build Coastguard Worker #if defined(__ARM_FEATURE_PAC_DEFAULT) && \
168*8fb009dcSAndroid Build Coastguard Worker     (__ARM_FEATURE_PAC_DEFAULT & 1) == 1  // Signed with A-key
169*8fb009dcSAndroid Build Coastguard Worker #define GNU_PROPERTY_AARCH64_POINTER_AUTH \
170*8fb009dcSAndroid Build Coastguard Worker   (1 << 1)                                       // Has Pointer Authentication
171*8fb009dcSAndroid Build Coastguard Worker #define AARCH64_SIGN_LINK_REGISTER hint #25      // PACIASP
172*8fb009dcSAndroid Build Coastguard Worker #define AARCH64_VALIDATE_LINK_REGISTER hint #29  // AUTIASP
173*8fb009dcSAndroid Build Coastguard Worker #elif defined(__ARM_FEATURE_PAC_DEFAULT) && \
174*8fb009dcSAndroid Build Coastguard Worker     (__ARM_FEATURE_PAC_DEFAULT & 2) == 2  // Signed with B-key
175*8fb009dcSAndroid Build Coastguard Worker #define GNU_PROPERTY_AARCH64_POINTER_AUTH \
176*8fb009dcSAndroid Build Coastguard Worker   (1 << 1)                                       // Has Pointer Authentication
177*8fb009dcSAndroid Build Coastguard Worker #define AARCH64_SIGN_LINK_REGISTER hint #27      // PACIBSP
178*8fb009dcSAndroid Build Coastguard Worker #define AARCH64_VALIDATE_LINK_REGISTER hint #31  // AUTIBSP
179*8fb009dcSAndroid Build Coastguard Worker #else
180*8fb009dcSAndroid Build Coastguard Worker #define GNU_PROPERTY_AARCH64_POINTER_AUTH 0  // No Pointer Authentication
181*8fb009dcSAndroid Build Coastguard Worker #if GNU_PROPERTY_AARCH64_BTI != 0
182*8fb009dcSAndroid Build Coastguard Worker #define AARCH64_SIGN_LINK_REGISTER AARCH64_VALID_CALL_TARGET
183*8fb009dcSAndroid Build Coastguard Worker #else
184*8fb009dcSAndroid Build Coastguard Worker #define AARCH64_SIGN_LINK_REGISTER
185*8fb009dcSAndroid Build Coastguard Worker #endif
186*8fb009dcSAndroid Build Coastguard Worker #define AARCH64_VALIDATE_LINK_REGISTER
187*8fb009dcSAndroid Build Coastguard Worker #endif
188*8fb009dcSAndroid Build Coastguard Worker 
189*8fb009dcSAndroid Build Coastguard Worker #if GNU_PROPERTY_AARCH64_POINTER_AUTH != 0 || GNU_PROPERTY_AARCH64_BTI != 0
190*8fb009dcSAndroid Build Coastguard Worker .pushsection .note.gnu.property, "a";
191*8fb009dcSAndroid Build Coastguard Worker .balign 8;
192*8fb009dcSAndroid Build Coastguard Worker .long 4;
193*8fb009dcSAndroid Build Coastguard Worker .long 0x10;
194*8fb009dcSAndroid Build Coastguard Worker .long 0x5;
195*8fb009dcSAndroid Build Coastguard Worker .asciz "GNU";
196*8fb009dcSAndroid Build Coastguard Worker .long 0xc0000000; /* GNU_PROPERTY_AARCH64_FEATURE_1_AND */
197*8fb009dcSAndroid Build Coastguard Worker .long 4;
198*8fb009dcSAndroid Build Coastguard Worker .long (GNU_PROPERTY_AARCH64_POINTER_AUTH | GNU_PROPERTY_AARCH64_BTI);
199*8fb009dcSAndroid Build Coastguard Worker .long 0;
200*8fb009dcSAndroid Build Coastguard Worker .popsection;
201*8fb009dcSAndroid Build Coastguard Worker #endif
202*8fb009dcSAndroid Build Coastguard Worker #endif  // ARM || AARCH64
203*8fb009dcSAndroid Build Coastguard Worker 
204*8fb009dcSAndroid Build Coastguard Worker #endif  // __ASSEMBLER__
205*8fb009dcSAndroid Build Coastguard Worker 
206*8fb009dcSAndroid Build Coastguard Worker #endif  // OPENSSL_HEADER_ASM_BASE_H
207