1*8fb009dcSAndroid Build Coastguard Worker /* Copyright (c) 2017, Google Inc. 2*8fb009dcSAndroid Build Coastguard Worker * 3*8fb009dcSAndroid Build Coastguard Worker * Permission to use, copy, modify, and/or distribute this software for any 4*8fb009dcSAndroid Build Coastguard Worker * purpose with or without fee is hereby granted, provided that the above 5*8fb009dcSAndroid Build Coastguard Worker * copyright notice and this permission notice appear in all copies. 6*8fb009dcSAndroid Build Coastguard Worker * 7*8fb009dcSAndroid Build Coastguard Worker * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 8*8fb009dcSAndroid Build Coastguard Worker * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9*8fb009dcSAndroid Build Coastguard Worker * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 10*8fb009dcSAndroid Build Coastguard Worker * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11*8fb009dcSAndroid Build Coastguard Worker * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 12*8fb009dcSAndroid Build Coastguard Worker * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 13*8fb009dcSAndroid Build Coastguard Worker * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ 14*8fb009dcSAndroid Build Coastguard Worker 15*8fb009dcSAndroid Build Coastguard Worker #ifndef OPENSSL_HEADER_FIPSMODULE_DELOCATE_H 16*8fb009dcSAndroid Build Coastguard Worker #define OPENSSL_HEADER_FIPSMODULE_DELOCATE_H 17*8fb009dcSAndroid Build Coastguard Worker 18*8fb009dcSAndroid Build Coastguard Worker #include <openssl/base.h> 19*8fb009dcSAndroid Build Coastguard Worker 20*8fb009dcSAndroid Build Coastguard Worker #include "../internal.h" 21*8fb009dcSAndroid Build Coastguard Worker 22*8fb009dcSAndroid Build Coastguard Worker 23*8fb009dcSAndroid Build Coastguard Worker #if !defined(BORINGSSL_SHARED_LIBRARY) && defined(BORINGSSL_FIPS) && \ 24*8fb009dcSAndroid Build Coastguard Worker !defined(OPENSSL_ASAN) && !defined(OPENSSL_MSAN) 25*8fb009dcSAndroid Build Coastguard Worker #define DEFINE_BSS_GET(type, name) \ 26*8fb009dcSAndroid Build Coastguard Worker static type name __attribute__((used)); \ 27*8fb009dcSAndroid Build Coastguard Worker type *name##_bss_get(void) __attribute__((const)); 28*8fb009dcSAndroid Build Coastguard Worker // For FIPS builds we require that CRYPTO_ONCE_INIT be zero. 29*8fb009dcSAndroid Build Coastguard Worker #define DEFINE_STATIC_ONCE(name) DEFINE_BSS_GET(CRYPTO_once_t, name) 30*8fb009dcSAndroid Build Coastguard Worker // For FIPS builds we require that CRYPTO_MUTEX_INIT be zero. 31*8fb009dcSAndroid Build Coastguard Worker #define DEFINE_STATIC_MUTEX(name) DEFINE_BSS_GET(CRYPTO_MUTEX, name) 32*8fb009dcSAndroid Build Coastguard Worker // For FIPS builds we require that CRYPTO_EX_DATA_CLASS_INIT be zero. 33*8fb009dcSAndroid Build Coastguard Worker #define DEFINE_STATIC_EX_DATA_CLASS(name) \ 34*8fb009dcSAndroid Build Coastguard Worker DEFINE_BSS_GET(CRYPTO_EX_DATA_CLASS, name) 35*8fb009dcSAndroid Build Coastguard Worker #else 36*8fb009dcSAndroid Build Coastguard Worker #define DEFINE_BSS_GET(type, name) \ 37*8fb009dcSAndroid Build Coastguard Worker static type name; \ 38*8fb009dcSAndroid Build Coastguard Worker static type *name##_bss_get(void) { return &name; } 39*8fb009dcSAndroid Build Coastguard Worker #define DEFINE_STATIC_ONCE(name) \ 40*8fb009dcSAndroid Build Coastguard Worker static CRYPTO_once_t name = CRYPTO_ONCE_INIT; \ 41*8fb009dcSAndroid Build Coastguard Worker static CRYPTO_once_t *name##_bss_get(void) { return &name; } 42*8fb009dcSAndroid Build Coastguard Worker #define DEFINE_STATIC_MUTEX(name) \ 43*8fb009dcSAndroid Build Coastguard Worker static CRYPTO_MUTEX name = CRYPTO_MUTEX_INIT; \ 44*8fb009dcSAndroid Build Coastguard Worker static CRYPTO_MUTEX *name##_bss_get(void) { return &name; } 45*8fb009dcSAndroid Build Coastguard Worker #define DEFINE_STATIC_EX_DATA_CLASS(name) \ 46*8fb009dcSAndroid Build Coastguard Worker static CRYPTO_EX_DATA_CLASS name = CRYPTO_EX_DATA_CLASS_INIT; \ 47*8fb009dcSAndroid Build Coastguard Worker static CRYPTO_EX_DATA_CLASS *name##_bss_get(void) { return &name; } 48*8fb009dcSAndroid Build Coastguard Worker #endif 49*8fb009dcSAndroid Build Coastguard Worker 50*8fb009dcSAndroid Build Coastguard Worker #define DEFINE_DATA(type, name, accessor_decorations) \ 51*8fb009dcSAndroid Build Coastguard Worker DEFINE_BSS_GET(type, name##_storage) \ 52*8fb009dcSAndroid Build Coastguard Worker DEFINE_STATIC_ONCE(name##_once) \ 53*8fb009dcSAndroid Build Coastguard Worker static void name##_do_init(type *out); \ 54*8fb009dcSAndroid Build Coastguard Worker static void name##_init(void) { name##_do_init(name##_storage_bss_get()); } \ 55*8fb009dcSAndroid Build Coastguard Worker accessor_decorations type *name(void) { \ 56*8fb009dcSAndroid Build Coastguard Worker CRYPTO_once(name##_once_bss_get(), name##_init); \ 57*8fb009dcSAndroid Build Coastguard Worker /* See http://c-faq.com/ansi/constmismatch.html for why the following \ 58*8fb009dcSAndroid Build Coastguard Worker * cast is needed. */ \ 59*8fb009dcSAndroid Build Coastguard Worker return (const type *)name##_storage_bss_get(); \ 60*8fb009dcSAndroid Build Coastguard Worker } \ 61*8fb009dcSAndroid Build Coastguard Worker static void name##_do_init(type *out) 62*8fb009dcSAndroid Build Coastguard Worker 63*8fb009dcSAndroid Build Coastguard Worker // DEFINE_METHOD_FUNCTION defines a function named |name| which returns a 64*8fb009dcSAndroid Build Coastguard Worker // method table of type const |type|*. In FIPS mode, to avoid rel.ro data, it 65*8fb009dcSAndroid Build Coastguard Worker // is split into a CRYPTO_once_t-guarded initializer in the module and 66*8fb009dcSAndroid Build Coastguard Worker // unhashed, non-module accessor functions to space reserved in the BSS. The 67*8fb009dcSAndroid Build Coastguard Worker // method table is initialized by a caller-supplied function which takes a 68*8fb009dcSAndroid Build Coastguard Worker // parameter named |out| of type |type|*. The caller should follow the macro 69*8fb009dcSAndroid Build Coastguard Worker // invocation with the body of this function: 70*8fb009dcSAndroid Build Coastguard Worker // 71*8fb009dcSAndroid Build Coastguard Worker // DEFINE_METHOD_FUNCTION(EVP_MD, EVP_md4) { 72*8fb009dcSAndroid Build Coastguard Worker // out->type = NID_md4; 73*8fb009dcSAndroid Build Coastguard Worker // out->md_size = MD4_DIGEST_LENGTH; 74*8fb009dcSAndroid Build Coastguard Worker // out->flags = 0; 75*8fb009dcSAndroid Build Coastguard Worker // out->init = md4_init; 76*8fb009dcSAndroid Build Coastguard Worker // out->update = md4_update; 77*8fb009dcSAndroid Build Coastguard Worker // out->final = md4_final; 78*8fb009dcSAndroid Build Coastguard Worker // out->block_size = 64; 79*8fb009dcSAndroid Build Coastguard Worker // out->ctx_size = sizeof(MD4_CTX); 80*8fb009dcSAndroid Build Coastguard Worker // } 81*8fb009dcSAndroid Build Coastguard Worker // 82*8fb009dcSAndroid Build Coastguard Worker // This mechanism does not use a static initializer because their execution 83*8fb009dcSAndroid Build Coastguard Worker // order is undefined. See FIPS.md for more details. 84*8fb009dcSAndroid Build Coastguard Worker #define DEFINE_METHOD_FUNCTION(type, name) DEFINE_DATA(type, name, const) 85*8fb009dcSAndroid Build Coastguard Worker 86*8fb009dcSAndroid Build Coastguard Worker #define DEFINE_LOCAL_DATA(type, name) DEFINE_DATA(type, name, static const) 87*8fb009dcSAndroid Build Coastguard Worker 88*8fb009dcSAndroid Build Coastguard Worker #endif // OPENSSL_HEADER_FIPSMODULE_DELOCATE_H 89