Ok attached find new patches,
they address all concerns except for adding the CET_SECTION macro
automagically to all asm files.
I also added a patch to deal with the missing epilogues.
Simo.
--
Simo Sorce
Sr. Principal Software Engineer
Red Hat, Inc
From 8c41a89ed3ef913bc8a12f8e6d21edf3627007ee Mon Sep 17 00:00:00 2001
From: Simo Sorce <s...@redhat.com>
Date: Tue, 23 Apr 2019 18:03:35 -0400
Subject: [PATCH 1/3] Add Intel CET protection support
In upcoming processors Intel will make available Control-Flow
Enforcement Technology, which is comprised of two hardware
countermeasures against Return-Oriented Programming attacks.
The first is called Shadow Stack and checks that return from function
calls are not tampered with by keeping a shadow stack that cannot be
modified by applications. This measure requires no code changes (except
for code that intentionally modifies the return pointer on the stack).
The second is called Indirect Branch Tracking and is used to insure only
targets of indirect jumps are actually jumped to. This requires
modification of code to insert a special instruction that identifies a
valid indirect jump target. When enforcement is turned on, if an indirect
jump does not end on this special instruction the cpu raises an exception.
These instructions are noops on older CPU models so it is safe to use
them in all x86(_64) code.
To enable these protections GCC also introduces a new GNU property note
section that marks a piece of code as CET ready.
If the note is in place the dynamic linker will be able to confirm that
all loaded libraries support CET and will turn on CET protection for the
binary.
The changes here consist mostly in adding the GNU property note section
to all x86(_64) assembly files and the proper ENDBRANCH instruction for
the function entrypoints which is where other code calls into via
indirect call.
Signed-off-by: Simo Sorce <s...@redhat.com>
---
asm.m4 | 36 ++++++++++++++++++++++++++-
config.m4.in | 2 ++
configure.ac | 17 +++++++++++++
x86/aes-decrypt-internal.asm | 1 +
x86/aes-encrypt-internal.asm | 1 +
x86/arcfour-crypt.asm | 1 +
x86/camellia-crypt-internal.asm | 1 +
x86/md5-compress.asm | 1 +
x86/sha1-compress.asm | 1 +
x86_64/aes-decrypt-internal.asm | 1 +
x86_64/aes-encrypt-internal.asm | 1 +
x86_64/aesni/aes-decrypt-internal.asm | 1 +
x86_64/aesni/aes-encrypt-internal.asm | 1 +
x86_64/camellia-crypt-internal.asm | 1 +
x86_64/chacha-core-internal.asm | 1 +
x86_64/fat/cpuid.asm | 2 +-
x86_64/gcm-hash8.asm | 1 +
x86_64/md5-compress.asm | 1 +
x86_64/memxor.asm | 1 +
x86_64/memxor3.asm | 1 +
x86_64/poly1305-internal.asm | 1 +
x86_64/salsa20-core-internal.asm | 1 +
x86_64/salsa20-crypt.asm | 1 +
x86_64/serpent-decrypt.asm | 2 ++
x86_64/serpent-encrypt.asm | 2 ++
x86_64/sha1-compress.asm | 1 +
x86_64/sha256-compress.asm | 1 +
x86_64/sha3-permute.asm | 1 +
x86_64/sha512-compress.asm | 1 +
x86_64/sha_ni/sha1-compress.asm | 1 +
x86_64/sha_ni/sha256-compress.asm | 1 +
x86_64/umac-nh-n.asm | 1 +
x86_64/umac-nh.asm | 1 +
33 files changed, 86 insertions(+), 2 deletions(-)
diff --git a/asm.m4 b/asm.m4
index 8da47201..9622906e 100644
--- a/asm.m4
+++ b/asm.m4
@@ -32,7 +32,8 @@ define(<GMP_NUMB_BITS>,<>)dnl
define(<PROLOGUE>,
<.globl C_NAME($1)
DECLARE_FUNC(C_NAME($1))
-C_NAME($1):>)
+C_NAME($1):
+CET_ENDBR>)
define(<EPILOGUE>,
<ifelse(ELF_STYLE,yes,
@@ -59,6 +60,39 @@ WORDS_BIGENDIAN,no,<$2>,
m4exit(1)>)>)
define(<IF_LE>, <IF_BE(<$2>, <$1>)>)
+dnl GNU properties section to enable CET protections macros
+
+dnl GNU Poperty type
+define(<NT_GNU_PROPERTY_TYPE_0>, <5>)
+dnl GNU Program Property Type range
+define(GNU_PROPERTY_X86_UINT32_AND_LO, <0xc0000002>)
+dnl Indirect Branch Tracking
+define(<GNU_PROPERTY_X86_FEATURE_1_IBT>, <0x01>)
+dnl Shadow Stack
+define(<GNU_PROPERTY_X86_FEATURE_1_SHSTK>, <0x02>)
+
+dnl NOTE: GNU Property sections MUST have alignment of 8
+define(<GNU_CET_SECTION>,
+<ifelse(CET_PROTECTION,yes,
+<.pushsection .note.gnu.property,"a"
+ALIGN(8)
+.long 1f - 0f
+.long 4f - 1f
+.long NT_GNU_PROPERTY_TYPE_0()
+0:
+.string "GNU"
+1:
+ALIGN(8)
+.long GNU_PROPERTY_X86_UINT32_AND_LO()
+.long 3f - 2f
+2:
+.long eval(GNU_PROPERTY_X86_FEATURE_1_IBT() | GNU_PROPERTY_X86_FEATURE_1_SHSTK())
+3:
+ALIGN(8)
+4:
+.popsection
+>,<>)>)
+
dnl Struct defining macros
dnl STRUCTURE(prefix)
diff --git a/config.m4.in b/config.m4.in
index 11f90a40..c3ebad60 100644
--- a/config.m4.in
+++ b/config.m4.in
@@ -8,6 +8,8 @@ define(<ALIGN_LOG>, <@ASM_ALIGN_LOG@>)dnl
define(<W64_ABI>, <@W64_ABI@>)dnl
define(<RODATA>, <@ASM_RODATA@>)dnl
define(<WORDS_BIGENDIAN>, <@ASM_WORDS_BIGENDIAN@>)dnl
+define(<CET_PROTECTION>, <@ASM_CET_PROTECTION@>)dnl
+define(<CET_ENDBR>, <@ASM_CET_ENDBR@>)dnl
divert(1)
@ASM_MARK_NOEXEC_STACK@
divert
diff --git a/configure.ac b/configure.ac
index 00d2bf5d..6e12bb1f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -93,6 +93,10 @@ AC_ARG_ENABLE(mini-gmp,
AC_HELP_STRING([--enable-mini-gmp], [Enable mini-gmp, used instead of libgmp.]),,
[enable_mini_gmp=no])
+AC_ARG_ENABLE(cet-protection,
+ AC_HELP_STRING([--enable-cet-protection], [Enable intel CET protection instructions. (default=no)]),,
+ [enable_cet_protection=no])
+
if test "x$enable_mini_gmp" = xyes ; then
NETTLE_USE_MINI_GMP=1
HOGWEED_EXTRA_SYMBOLS="mpz_*;gmp_*;mpn_*;mp_*;"
@@ -701,6 +705,8 @@ ASM_COFF_STYLE='no'
ASM_TYPE_FUNCTION='@function'
ASM_TYPE_PROGBITS='@progbits'
ASM_MARK_NOEXEC_STACK=''
+ASM_CET_PROTECTION='no'
+ASM_CET_ENDBR=''
ASM_ALIGN_LOG=''
if test x$enable_assembler = xyes ; then
@@ -812,6 +818,15 @@ EOF
[nettle_cv_asm_align_log=yes],
[nettle_cv_asm_align_log=no])])
ASM_ALIGN_LOG="$nettle_cv_asm_align_log"
+
+ if test "x$enable_cet_protection" = xyes ; then
+ ASM_CET_PROTECTION=yes
+ if test "$ABI" = 64 ; then
+ ASM_CET_ENDBR=endbr64
+ else
+ ASM_CET_ENDBR=endbr32
+ fi
+ fi
fi
AC_SUBST(ASM_SYMBOL_PREFIX)
@@ -823,6 +838,8 @@ AC_SUBST(ASM_MARK_NOEXEC_STACK)
AC_SUBST(ASM_ALIGN_LOG)
AC_SUBST(W64_ABI)
AC_SUBST(ASM_WORDS_BIGENDIAN)
+AC_SUBST(ASM_CET_PROTECTION)
+AC_SUBST(ASM_CET_ENDBR)
AC_SUBST(EMULATOR)
AC_SUBST(LIBNETTLE_MAJOR)
diff --git a/x86/aes-decrypt-internal.asm b/x86/aes-decrypt-internal.asm
index ff535b6a..1d16f6db 100644
--- a/x86/aes-decrypt-internal.asm
+++ b/x86/aes-decrypt-internal.asm
@@ -175,3 +175,4 @@ PROLOGUE(_nettle_aes_decrypt)
popl %ebx
ret
EPILOGUE(_nettle_aes_decrypt)
+GNU_CET_SECTION()
diff --git a/x86/aes-encrypt-internal.asm b/x86/aes-encrypt-internal.asm
index 934158f7..d9579e04 100644
--- a/x86/aes-encrypt-internal.asm
+++ b/x86/aes-encrypt-internal.asm
@@ -175,3 +175,4 @@ PROLOGUE(_nettle_aes_encrypt)
popl %ebx
ret
EPILOGUE(_nettle_aes_encrypt)
+GNU_CET_SECTION()
diff --git a/x86/arcfour-crypt.asm b/x86/arcfour-crypt.asm
index df3fe869..11f592e7 100644
--- a/x86/arcfour-crypt.asm
+++ b/x86/arcfour-crypt.asm
@@ -123,3 +123,4 @@ C .Lloop_done:
popl %ebx
ret
EPILOGUE(nettle_arcfour_crypt)
+GNU_CET_SECTION()
diff --git a/x86/camellia-crypt-internal.asm b/x86/camellia-crypt-internal.asm
index ce8c57f0..afac1fcc 100644
--- a/x86/camellia-crypt-internal.asm
+++ b/x86/camellia-crypt-internal.asm
@@ -223,3 +223,4 @@ PROLOGUE(_nettle_camellia_crypt)
popl %ebx
ret
EPILOGUE(_nettle_camellia_crypt)
+GNU_CET_SECTION()
diff --git a/x86/md5-compress.asm b/x86/md5-compress.asm
index c849c082..6293f052 100644
--- a/x86/md5-compress.asm
+++ b/x86/md5-compress.asm
@@ -185,3 +185,4 @@ PROLOGUE(nettle_md5_compress)
popl %ebx
ret
EPILOGUE(nettle_md5_compress)
+GNU_CET_SECTION()
diff --git a/x86/sha1-compress.asm b/x86/sha1-compress.asm
index 03bdcdc9..4e1f121c 100644
--- a/x86/sha1-compress.asm
+++ b/x86/sha1-compress.asm
@@ -1541,6 +1541,7 @@ C ROUND_F2(SB, SC, SD, SE, SA, 79, K4VALUE)
popl %ebx
ret
EPILOGUE(nettle_sha1_compress)
+GNU_CET_SECTION()
C TODO:
diff --git a/x86_64/aes-decrypt-internal.asm b/x86_64/aes-decrypt-internal.asm
index 43f2f394..eedfaaf0 100644
--- a/x86_64/aes-decrypt-internal.asm
+++ b/x86_64/aes-decrypt-internal.asm
@@ -150,3 +150,4 @@ PROLOGUE(_nettle_aes_decrypt)
W64_EXIT(6, 0)
ret
EPILOGUE(_nettle_aes_decrypt)
+GNU_CET_SECTION()
diff --git a/x86_64/aes-encrypt-internal.asm b/x86_64/aes-encrypt-internal.asm
index dfb498f5..3a5a1e86 100644
--- a/x86_64/aes-encrypt-internal.asm
+++ b/x86_64/aes-encrypt-internal.asm
@@ -151,3 +151,4 @@ PROLOGUE(_nettle_aes_encrypt)
W64_EXIT(6, 0)
ret
EPILOGUE(_nettle_aes_encrypt)
+GNU_CET_SECTION()
diff --git a/x86_64/aesni/aes-decrypt-internal.asm b/x86_64/aesni/aes-decrypt-internal.asm
index 3d6d6e30..1b1a1a4d 100644
--- a/x86_64/aesni/aes-decrypt-internal.asm
+++ b/x86_64/aesni/aes-decrypt-internal.asm
@@ -132,3 +132,4 @@ PROLOGUE(_nettle_aes_decrypt)
W64_EXIT(6, 16)
ret
EPILOGUE(_nettle_aes_decrypt)
+GNU_CET_SECTION()
diff --git a/x86_64/aesni/aes-encrypt-internal.asm b/x86_64/aesni/aes-encrypt-internal.asm
index 99caf1f8..f7338ef6 100644
--- a/x86_64/aesni/aes-encrypt-internal.asm
+++ b/x86_64/aesni/aes-encrypt-internal.asm
@@ -132,3 +132,4 @@ PROLOGUE(_nettle_aes_encrypt)
W64_EXIT(6, 16)
ret
EPILOGUE(_nettle_aes_encrypt)
+GNU_CET_SECTION()
diff --git a/x86_64/camellia-crypt-internal.asm b/x86_64/camellia-crypt-internal.asm
index 040e030f..71750172 100644
--- a/x86_64/camellia-crypt-internal.asm
+++ b/x86_64/camellia-crypt-internal.asm
@@ -200,3 +200,4 @@ PROLOGUE(_nettle_camellia_crypt)
W64_EXIT(6, 0)
ret
EPILOGUE(_nettle_camellia_crypt)
+GNU_CET_SECTION()
diff --git a/x86_64/chacha-core-internal.asm b/x86_64/chacha-core-internal.asm
index 9e5dc394..3125dee7 100644
--- a/x86_64/chacha-core-internal.asm
+++ b/x86_64/chacha-core-internal.asm
@@ -126,3 +126,4 @@ PROLOGUE(_nettle_chacha_core)
W64_EXIT(3, 6)
ret
EPILOGUE(_nettle_chacha_core)
+GNU_CET_SECTION()
diff --git a/x86_64/fat/cpuid.asm b/x86_64/fat/cpuid.asm
index f317d56e..c4a5b538 100644
--- a/x86_64/fat/cpuid.asm
+++ b/x86_64/fat/cpuid.asm
@@ -56,4 +56,4 @@ PROLOGUE(_nettle_cpuid)
W64_EXIT(2)
ret
EPILOGUE(_nettle_cpuid)
-
+GNU_CET_SECTION()
diff --git a/x86_64/gcm-hash8.asm b/x86_64/gcm-hash8.asm
index bfaa6ef8..54608ae8 100644
--- a/x86_64/gcm-hash8.asm
+++ b/x86_64/gcm-hash8.asm
@@ -199,6 +199,7 @@ ALIGN(16)
jnz .Lread_loop
ret
EPILOGUE(_nettle_gcm_hash8)
+GNU_CET_SECTION()
define(<W>, <0x$2$1>)
RODATA
diff --git a/x86_64/md5-compress.asm b/x86_64/md5-compress.asm
index 182b8f18..ef1fcb89 100644
--- a/x86_64/md5-compress.asm
+++ b/x86_64/md5-compress.asm
@@ -174,3 +174,4 @@ PROLOGUE(nettle_md5_compress)
ret
EPILOGUE(nettle_md5_compress)
+GNU_CET_SECTION()
diff --git a/x86_64/memxor.asm b/x86_64/memxor.asm
index f07f0017..a0ea94b4 100644
--- a/x86_64/memxor.asm
+++ b/x86_64/memxor.asm
@@ -171,3 +171,4 @@ ifdef(<USE_SSE2>, <
>)
EPILOGUE(nettle_memxor)
+GNU_CET_SECTION()
diff --git a/x86_64/memxor3.asm b/x86_64/memxor3.asm
index 8ff3e79c..b0c0e35c 100644
--- a/x86_64/memxor3.asm
+++ b/x86_64/memxor3.asm
@@ -261,3 +261,4 @@ ifelse(USE_SSE2, yes, <
EPILOGUE(nettle_memxor3)
+GNU_CET_SECTION()
diff --git a/x86_64/poly1305-internal.asm b/x86_64/poly1305-internal.asm
index c780d122..d7edc4f9 100644
--- a/x86_64/poly1305-internal.asm
+++ b/x86_64/poly1305-internal.asm
@@ -183,3 +183,4 @@ define(<T1>, <%rax>)
W64_EXIT(2, 0)
ret
+GNU_CET_SECTION()
diff --git a/x86_64/salsa20-core-internal.asm b/x86_64/salsa20-core-internal.asm
index 4ef07be0..c1690880 100644
--- a/x86_64/salsa20-core-internal.asm
+++ b/x86_64/salsa20-core-internal.asm
@@ -109,3 +109,4 @@ PROLOGUE(_nettle_salsa20_core)
W64_EXIT(3, 9)
ret
EPILOGUE(_nettle_salsa20_core)
+GNU_CET_SECTION()
diff --git a/x86_64/salsa20-crypt.asm b/x86_64/salsa20-crypt.asm
index cc1d58ca..e0348956 100644
--- a/x86_64/salsa20-crypt.asm
+++ b/x86_64/salsa20-crypt.asm
@@ -245,3 +245,4 @@ PROLOGUE(nettle_salsa20_crypt)
ret
EPILOGUE(nettle_salsa20_crypt)
+GNU_CET_SECTION()
diff --git a/x86_64/serpent-decrypt.asm b/x86_64/serpent-decrypt.asm
index ee4bf9ad..9a93dfc7 100644
--- a/x86_64/serpent-decrypt.asm
+++ b/x86_64/serpent-decrypt.asm
@@ -713,3 +713,5 @@ PROLOGUE(nettle_serpent_decrypt)
pop %rbx
W64_EXIT(4, 13)
ret
+
+GNU_CET_SECTION()
diff --git a/x86_64/serpent-encrypt.asm b/x86_64/serpent-encrypt.asm
index d6636537..a29358ca 100644
--- a/x86_64/serpent-encrypt.asm
+++ b/x86_64/serpent-encrypt.asm
@@ -748,3 +748,5 @@ C parallell.
pop %rbx
W64_EXIT(4, 13)
ret
+
+GNU_CET_SECTION()
diff --git a/x86_64/sha1-compress.asm b/x86_64/sha1-compress.asm
index dd48de0e..54dfa313 100644
--- a/x86_64/sha1-compress.asm
+++ b/x86_64/sha1-compress.asm
@@ -305,3 +305,4 @@ PROLOGUE(nettle_sha1_compress)
W64_EXIT(2, 0)
ret
EPILOGUE(nettle_sha1_compress)
+GNU_CET_SECTION()
diff --git a/x86_64/sha256-compress.asm b/x86_64/sha256-compress.asm
index 5b7d0dcd..8dbccc5b 100644
--- a/x86_64/sha256-compress.asm
+++ b/x86_64/sha256-compress.asm
@@ -208,3 +208,4 @@ PROLOGUE(_nettle_sha256_compress)
W64_EXIT(3, 0)
ret
EPILOGUE(_nettle_sha256_compress)
+GNU_CET_SECTION()
diff --git a/x86_64/sha3-permute.asm b/x86_64/sha3-permute.asm
index 805b59af..a4d0cf0b 100644
--- a/x86_64/sha3-permute.asm
+++ b/x86_64/sha3-permute.asm
@@ -107,6 +107,7 @@ define(<ROTL64>, <
C sha3_permute(struct sha3_state *ctx)
.text
+GNU_CET_SECTION()
ALIGN(16)
PROLOGUE(nettle_sha3_permute)
W64_ENTRY(1, 16)
diff --git a/x86_64/sha512-compress.asm b/x86_64/sha512-compress.asm
index 4ff1f32a..37563e93 100644
--- a/x86_64/sha512-compress.asm
+++ b/x86_64/sha512-compress.asm
@@ -208,3 +208,4 @@ PROLOGUE(_nettle_sha512_compress)
W64_EXIT(3, 0)
ret
EPILOGUE(_nettle_sha512_compress)
+GNU_CET_SECTION()
diff --git a/x86_64/sha_ni/sha1-compress.asm b/x86_64/sha_ni/sha1-compress.asm
index ab848fdd..3cbca5e2 100644
--- a/x86_64/sha_ni/sha1-compress.asm
+++ b/x86_64/sha_ni/sha1-compress.asm
@@ -146,3 +146,4 @@ PROLOGUE(nettle_sha1_compress)
W64_EXIT(2, 10)
ret
EPILOGUE(nettle_sha1_compress)
+GNU_CET_SECTION()
diff --git a/x86_64/sha_ni/sha256-compress.asm b/x86_64/sha_ni/sha256-compress.asm
index f2a4bd32..f9fe3757 100644
--- a/x86_64/sha_ni/sha256-compress.asm
+++ b/x86_64/sha_ni/sha256-compress.asm
@@ -173,3 +173,4 @@ PROLOGUE(_nettle_sha256_compress)
W64_EXIT(3, 10)
ret
EPILOGUE(_nettle_sha256_compress)
+GNU_CET_SECTION()
diff --git a/x86_64/umac-nh-n.asm b/x86_64/umac-nh-n.asm
index ecb6396a..195d5886 100644
--- a/x86_64/umac-nh-n.asm
+++ b/x86_64/umac-nh-n.asm
@@ -273,3 +273,4 @@ PROLOGUE(_nettle_umac_nh_n)
W64_EXIT(5, 14)
ret
EPILOGUE(_nettle_umac_nh_n)
+GNU_CET_SECTION()
diff --git a/x86_64/umac-nh.asm b/x86_64/umac-nh.asm
index a6938e02..7bfc87ba 100644
--- a/x86_64/umac-nh.asm
+++ b/x86_64/umac-nh.asm
@@ -79,3 +79,4 @@ PROLOGUE(_nettle_umac_nh)
W64_EXIT(3, 7)
ret
EPILOGUE(_nettle_umac_nh)
+GNU_CET_SECTION()
--
2.20.1
From f9c6191d393d4eb32c78bb2d2743bd72079a7635 Mon Sep 17 00:00:00 2001
From: Simo Sorce <s...@redhat.com>
Date: Wed, 24 Apr 2019 16:13:59 -0400
Subject: [PATCH 2/3] Fix generation of build notes if supported
This is needed to build correctly on platfroms that use
hardening flags and build notes on .c files.
Signed-off-by: Simo Sorce <s...@redhat.com>
---
Makefile.in | 4 +++-
configure.ac | 23 +++++++++++++++++++++++
2 files changed, 26 insertions(+), 1 deletion(-)
diff --git a/Makefile.in b/Makefile.in
index 440de9f7..4e603047 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -17,6 +17,8 @@ OPT_HOGWEED_OBJS = @OPT_HOGWEED_OBJS@
OPT_NETTLE_SOURCES = @OPT_NETTLE_SOURCES@
+ASM_GEN_BUILD_NOTES = @ASM_GEN_BUILD_NOTES@
+
SUBDIRS = tools testsuite examples
include config.make
@@ -396,7 +398,7 @@ ecc-25519.$(OBJEXT): ecc-25519.h
.asm.$(OBJEXT): $(srcdir)/asm.m4 machine.m4 config.m4
$(M4) $(srcdir)/asm.m4 machine.m4 config.m4 $< >$*.s
- $(COMPILE) -c $*.s
+ $(COMPILE) -c $*.s $(ASM_GEN_BUILD_NOTES)
@echo "$@ : $< $(srcdir)/asm.m4 machine.m4 config.m4" >$@.d
# Texinfo rules
diff --git a/configure.ac b/configure.ac
index 6e12bb1f..87a97468 100644
--- a/configure.ac
+++ b/configure.ac
@@ -708,6 +708,7 @@ ASM_MARK_NOEXEC_STACK=''
ASM_CET_PROTECTION='no'
ASM_CET_ENDBR=''
ASM_ALIGN_LOG=''
+ASM_GEN_BUILD_NOTES=''
if test x$enable_assembler = xyes ; then
AC_CACHE_CHECK([if globals are prefixed by underscore],
@@ -827,6 +828,27 @@ EOF
ASM_CET_ENDBR=endbr32
fi
fi
+
+ AC_CACHE_CHECK([if --generate-missing-build-notes is supported],
+ nettle_cv_asm_build_notes,
+ [ # Default
+ nettle_cv_asm_build_notes=no
+
+ cat >conftest.s << EOF
+.text
+EOF
+ FLAG="-Wa,--generate-missing-build-notes=yes"
+ nettle_assemble="$CC $CFLAGS $CPPFLAGS -c conftest.s $FLAG >conftest.out 2>&1"
+ if AC_TRY_EVAL(nettle_assemble); then
+ nettle_cv_asm_build_notes=yes
+ else
+ nettle_cv_asm_build_notes=no
+ fi
+ rm -f conftest.*])
+ if test x$nettle_cv_asm_build_notes = xyes ; then
+ ASM_GEN_BUILD_NOTES='-Wa,--generate-missing-build-notes=yes'
+ fi
+
fi
AC_SUBST(ASM_SYMBOL_PREFIX)
@@ -840,6 +862,7 @@ AC_SUBST(W64_ABI)
AC_SUBST(ASM_WORDS_BIGENDIAN)
AC_SUBST(ASM_CET_PROTECTION)
AC_SUBST(ASM_CET_ENDBR)
+AC_SUBST(ASM_GEN_BUILD_NOTES)
AC_SUBST(EMULATOR)
AC_SUBST(LIBNETTLE_MAJOR)
--
2.20.1
From f4fd8f8f418da3800bb92e31b21e114f502400e2 Mon Sep 17 00:00:00 2001
From: Simo Sorce <s...@redhat.com>
Date: Fri, 26 Apr 2019 13:12:53 -0400
Subject: [PATCH 3/3] Add missing EPILOGUEs in assembly files
Signed-off-by: Simo Sorce <s...@redhat.com>
---
x86_64/poly1305-internal.asm | 1 +
x86_64/serpent-decrypt.asm | 1 +
x86_64/serpent-encrypt.asm | 1 +
3 files changed, 3 insertions(+)
diff --git a/x86_64/poly1305-internal.asm b/x86_64/poly1305-internal.asm
index d7edc4f9..3737450f 100644
--- a/x86_64/poly1305-internal.asm
+++ b/x86_64/poly1305-internal.asm
@@ -182,5 +182,6 @@ define(<T1>, <%rax>)
mov XREG(%rax), P1305_H2 (CTX)
W64_EXIT(2, 0)
ret
+EPILOGUE(nettle_poly1305_digest)
GNU_CET_SECTION()
diff --git a/x86_64/serpent-decrypt.asm b/x86_64/serpent-decrypt.asm
index 9a93dfc7..d715d85f 100644
--- a/x86_64/serpent-decrypt.asm
+++ b/x86_64/serpent-decrypt.asm
@@ -713,5 +713,6 @@ PROLOGUE(nettle_serpent_decrypt)
pop %rbx
W64_EXIT(4, 13)
ret
+EPILOGUE(nettle_serpent_decrypt)
GNU_CET_SECTION()
diff --git a/x86_64/serpent-encrypt.asm b/x86_64/serpent-encrypt.asm
index a29358ca..ef1cc3cc 100644
--- a/x86_64/serpent-encrypt.asm
+++ b/x86_64/serpent-encrypt.asm
@@ -748,5 +748,6 @@ C parallell.
pop %rbx
W64_EXIT(4, 13)
ret
+EPILOGUE(nettle_serpent_encrypt)
GNU_CET_SECTION()
--
2.20.1
_______________________________________________
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
