diff --git a/.travis.yml b/.travis.yml index cdb79d1aa..3d8668107 100644 --- a/.travis.yml +++ b/.travis.yml @@ -89,16 +89,14 @@ jobs: packages: - gcc script: - # Do a manual build+test sequence rather than using all.sh, because - # there's no all.sh component that does what we want. We should set - # CFLAGS for arm64 host CC. + # Do a manual build+test sequence rather than using all.sh. + # + # On Arm64 host of Travis CI, the time of `test_full_cmake_*` exceeds + # limitation of Travis CI. Base on `test_full_cmake_*`, we removed + # `ssl-opt.sh` and GnuTLS compat.sh here to meet the time limitation. - scripts/config.py full - - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT - - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY - - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - make generated_files - - make CFLAGS='-march=armv8-a+crypto -O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + - make CFLAGS='-O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all' - make test - programs/test/selftest - tests/scripts/test_psa_constant_names.py @@ -117,16 +115,14 @@ jobs: - clang - gnutls-bin script: - # Do a manual build+test sequence rather than using all.sh, because - # there's no all.sh component that does what we want. We should set - # CFLAGS for arm64 host CC. + # Do a manual build+test sequence rather than using all.sh. + # + # On Arm64 host of Travis CI, the time of `test_full_cmake_*` exceeds + # limitation of Travis CI. Base on `test_full_cmake_*`, we removed + # `ssl-opt.sh` and OpenSSl compat.sh here to meet the time limitation. - scripts/config.py full - - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT - - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY - - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - make generated_files - - make CC=clang CFLAGS='-march=armv8-a+crypto -O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + - make CC=clang CFLAGS='-O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all' # GnuTLS supports CAMELLIA but compat.sh doesn't properly enable it. - tests/compat.sh -p GnuTLS -e 'CAMELLIA' - tests/scripts/travis-log-failure.sh diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 67e286d20..1ea241caa 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2039,17 +2039,6 @@ * * Requires: MBEDTLS_HAVE_ASM, MBEDTLS_AES_C * - * \note The code uses Neon intrinsics, so \c CFLAGS must be set to a minimum - * of \c -march=armv8-a+crypto . - * - * \warning If the target architecture is set to something that includes the - * SHA3 feature (e.g. `-march=armv8.2-a+sha3`), for example because - * `MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT` is desired, compilers - * generate code for `MBEDTLS_AESCE_C` that includes instructions - * only present with the (optional) SHA3 feature. This will lead to an - * undefined instruction exception if the code is run on a CPU without - * that feature. - * * \warning Runtime detection only works on linux. For non-linux operation * system, crypto extension MUST be supported by CPU. * diff --git a/library/aesce.c b/library/aesce.c index 0f6c323b8..7ccfbba08 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -17,6 +17,28 @@ * limitations under the License. */ +#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ + defined(__clang__) && __clang_major__ >= 4 +/* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. + * + * The intrinsic declaration are guarded by predefined ACLE macros in clang: + * these are normally only enabled by the -march option on the command line. + * By defining the macros ourselves we gain access to those declarations without + * requiring -march on the command line. + * + * `arm_neon.h` could be included by any header file, so we put these defines + * at the top of this file, before any includes. + */ +#define __ARM_FEATURE_CRYPTO 1 +/* See: https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions + * + * `__ARM_FEATURE_CRYPTO` is deprecated, but we need to continue to specify it + * for older compilers. + */ +#define __ARM_FEATURE_AES 1 +#define MBEDTLS_NEED_TARGET_OPTIONS +#endif + #include #include "common.h" @@ -26,22 +48,24 @@ #if defined(MBEDTLS_HAVE_ARM64) -#if defined(__clang__) -# if __clang_major__ < 4 -# error "A more recent Clang is required for MBEDTLS_AESCE_C" +#if !defined(__ARM_FEATURE_AES) || defined(MBEDTLS_NEED_TARGET_OPTIONS) +# if defined(__clang__) +# if __clang_major__ < 4 +# error "A more recent Clang is required for MBEDTLS_AESCE_C" +# endif +# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# elif defined(__GNUC__) +# if __GNUC__ < 6 +# error "A more recent GCC is required for MBEDTLS_AESCE_C" +# endif +# pragma GCC push_options +# pragma GCC target ("arch=armv8-a+crypto") +# define MBEDTLS_POP_TARGET_PRAGMA +# else +# error "Only GCC and Clang supported for MBEDTLS_AESCE_C" # endif -#elif defined(__GNUC__) -# if __GNUC__ < 6 -# error "A more recent GCC is required for MBEDTLS_AESCE_C" -# endif -#else -# error "Only GCC and Clang supported for MBEDTLS_AESCE_C" -#endif - -#if !defined(__ARM_FEATURE_CRYPTO) -# error "`crypto` feature modifier MUST be enabled for MBEDTLS_AESCE_C." -# error "Typical option for GCC and Clang is `-march=armv8-a+crypto`." -#endif /* !__ARM_FEATURE_CRYPTO */ +#endif /* !__ARM_FEATURE_AES || MBEDTLS_NEED_TARGET_OPTIONS */ #include @@ -252,6 +276,16 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk, return 0; } + +#if defined(MBEDTLS_POP_TARGET_PRAGMA) +#if defined(__clang__) +#pragma clang attribute pop +#elif defined(__GNUC__) +#pragma GCC pop_options +#endif +#undef MBEDTLS_POP_TARGET_PRAGMA +#endif + #endif /* MBEDTLS_HAVE_ARM64 */ #endif /* MBEDTLS_AESCE_C */ diff --git a/library/sha256.c b/library/sha256.c index ca3fa5df9..29645b06e 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -23,7 +23,7 @@ */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ - defined(__clang__) && __clang_major__ < 18 && __clang_major__ > 3 + defined(__clang__) && __clang_major__ >= 4 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: @@ -35,9 +35,14 @@ * at the top of this file, before any includes. */ #define __ARM_FEATURE_CRYPTO 1 -#define NEED_TARGET_OPTIONS -#endif /* __aarch64__ && __clang__ && - !__ARM_FEATURE_CRYPTO && __clang_major__ < 18 && __clang_major__ > 3 */ +/* See: https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions + * + * `__ARM_FEATURE_CRYPTO` is deprecated, but we need to continue to specify it + * for older compilers. + */ +#define __ARM_FEATURE_SHA2 1 +#define MBEDTLS_NEED_TARGET_OPTIONS +#endif #include "common.h" @@ -55,7 +60,7 @@ # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ -# if !defined(__ARM_FEATURE_CRYPTO) || defined(NEED_TARGET_OPTIONS) +# if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_NEED_TARGET_OPTIONS) # if defined(__clang__) # if __clang_major__ < 4 # error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" diff --git a/library/sha512.c b/library/sha512.c index bc92a8de2..3e2be0808 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -23,8 +23,7 @@ */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_SHA512) && \ - defined(__clang__) && __clang_major__ < 18 && \ - __clang_major__ >= 13 && __clang_minor__ > 0 && __clang_patchlevel__ > 0 + defined(__clang__) && __clang_major__ >= 7 /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: @@ -36,11 +35,8 @@ * at the top of this file, before any includes. */ #define __ARM_FEATURE_SHA512 1 -#define NEED_TARGET_OPTIONS -#endif /* __aarch64__ && __clang__ && - !__ARM_FEATURE_SHA512 && __clang_major__ < 18 && - __clang_major__ >= 13 && __clang_minor__ > 0 && - __clang_patchlevel__ > 0 */ +#define MBEDTLS_NEED_TARGET_OPTIONS +#endif #include "common.h" @@ -78,15 +74,11 @@ * Clang == 13.0.0 same as clang 12 (only seen on macOS) * Clang >= 13.0.1 has __ARM_FEATURE_SHA512 and intrinsics */ -# if !defined(__ARM_FEATURE_SHA512) || defined(NEED_TARGET_OPTIONS) +# if !defined(__ARM_FEATURE_SHA512) || defined(MBEDTLS_NEED_TARGET_OPTIONS) /* Test Clang first, as it defines __GNUC__ */ # if defined(__clang__) # if __clang_major__ < 7 # error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# elif __clang_major__ < 13 || \ - (__clang_major__ == 13 && __clang_minor__ == 0 && \ - __clang_patchlevel__ == 0) - /* We implement the intrinsics with inline assembler, so don't error */ # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA