The branch, master has been updated via acd081a70d2 build: Remove unused check for SHA1_Update and SHA1_RENAME_NEEDED via 11b3c6826d1 Remove redundant check and fallback for AES CMAC 128 as we now require GnuTLS 3.6.13 via 95c843de926 crypto: Remove aesni-intel accelerated AES crypto functions via a21ca8ac9ca Remove rudundent check and fallback for AES CFB8 as we now require GnuTLS 3.6.13 via a815eead841 Remove rudundent check/workaround for buggy GnuTLS 3.5.2 as we now require GnuTLS 3.6.13 via 055318d7e74 Remove rudundent check for gnutls_pkcs7_get_embedded_data_oid as we now require GnuTLS 3.6.13 via c630afa3c9c Remove check for gnutls_set_default_priority_append as it unused via eda1022b599 crypto: Rely on GnuTLS 3.6.13 and gnutls_pbkdf2() via 702bcbfc39a build: Set minimum required GnuTLS version to 3.6.13 from 358631ce331 smbd: Merge openat_pathref_fsp_nosymlink() into _internal()
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit acd081a70d215483548d57a56b30918ed08e999a Author: Andrew Bartlett <abart...@samba.org> Date: Fri Jun 30 22:41:51 2023 +1200 build: Remove unused check for SHA1_Update and SHA1_RENAME_NEEDED I can not find the code that required this, even in the history. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org> Autobuild-Date(master): Fri Jun 30 14:59:46 UTC 2023 on atb-devel-224 commit 11b3c6826d19d60937f75825075fc5eb67385e11 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Oct 27 11:09:19 2022 +1300 Remove redundant check and fallback for AES CMAC 128 as we now require GnuTLS 3.6.13 This allows us to remove a lot of conditionally compiled code and so know with more certainly that our tests are covering our code-paths. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 95c843de926ec46ab9d52ae8394250f93ee843c4 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Oct 27 11:05:17 2022 +1300 crypto: Remove aesni-intel accelerated AES crypto functions These will shortly be unused as we will rely on GnuTLS for all AES cryptography now that we require GnuTLS 3.6.13 Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit a21ca8ac9ca5305cae59d1733fffb38ce6bebb8f Author: Andrew Bartlett <abart...@samba.org> Date: Thu Oct 27 10:53:53 2022 +1300 Remove rudundent check and fallback for AES CFB8 as we now require GnuTLS 3.6.13 This allows us to remove a lot of conditionally compiled code and so know with more certaintly that our tests are covering our codepaths. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit a815eead8414fe6e8e999930ca4befa7c295497e Author: Andrew Bartlett <abart...@samba.org> Date: Thu Oct 27 10:48:42 2022 +1300 Remove rudundent check/workaround for buggy GnuTLS 3.5.2 as we now require GnuTLS 3.6.13 Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 055318d7e74f3b1aad305334fa4fe5fd4b593e75 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Oct 27 10:47:27 2022 +1300 Remove rudundent check for gnutls_pkcs7_get_embedded_data_oid as we now require GnuTLS 3.6.13 Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit c630afa3c9c7cdf927c2f55c63bdf418c5cf6900 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Oct 27 10:03:48 2022 +1300 Remove check for gnutls_set_default_priority_append as it unused This became unused with d30865014569f4b9a1261d9f0c40bc4fc98f883e Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit eda1022b599a98edcd8da3440bfa7675f987cec0 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Oct 27 09:57:06 2022 +1300 crypto: Rely on GnuTLS 3.6.13 and gnutls_pbkdf2() This removes a lot of inline #ifdef and means this feature is always tested. We can do this as we have chosen GnuTLS 3.6.13 as the new minimum version. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 702bcbfc39af77c1ab94a7f13fe7a50784646e5a Author: Andrew Bartlett <abart...@samba.org> Date: Thu Oct 27 09:51:09 2022 +1300 build: Set minimum required GnuTLS version to 3.6.13 Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> ----------------------------------------------------------------------- Summary of changes: auth/gensec/schannel.c | 40 - lib/crypto/aes.c | 329 --- lib/crypto/aes.h | 634 ----- lib/crypto/aes_cmac_128.c | 121 - lib/crypto/aes_cmac_128.h | 47 - lib/crypto/aes_cmac_128_test.c | 119 - lib/crypto/aes_test.h | 67 - lib/crypto/aesni.h | 66 - lib/crypto/crypto.h | 1 - lib/crypto/py_crypto.c | 7 - lib/crypto/rijndael-alg-fst.c | 1223 --------- .../test_gnutls_aead_aes_256_cbc_hmac_sha512.c | 4 - lib/crypto/wscript | 52 +- lib/mscat/wscript | 3 +- libcli/auth/credentials.c | 24 - libcli/auth/tests/test_gnutls.c | 4 - libcli/smb/smb2_signing.c | 45 - python/samba/tests/auth_log_pass_change.py | 11 +- python/samba/tests/krb5/lockout_tests.py | 10 - python/samba/tests/krb5/raw_testcase.py | 7 - source3/rpc_client/cli_samr.c | 4 - source3/rpc_server/samr/srv_samr_nt.c | 5 - source4/libnet/libnet_passwd.c | 4 - source4/rpc_server/samr/samr_password.c | 4 - source4/selftest/tests.py | 12 +- source4/torture/local/local.c | 7 - source4/torture/rpc/samr.c | 2 - third_party/aesni-intel/aesni-intel_asm.c | 2812 -------------------- third_party/aesni-intel/inst-intel.h | 306 --- third_party/aesni-intel/wscript | 32 - third_party/wscript | 4 - wscript | 2 - wscript_configure_system_gnutls | 23 +- 33 files changed, 7 insertions(+), 6024 deletions(-) delete mode 100644 lib/crypto/aes.c delete mode 100644 lib/crypto/aes_cmac_128.c delete mode 100644 lib/crypto/aes_cmac_128.h delete mode 100644 lib/crypto/aes_cmac_128_test.c delete mode 100644 lib/crypto/aes_test.h delete mode 100644 lib/crypto/aesni.h delete mode 100644 lib/crypto/rijndael-alg-fst.c delete mode 100644 third_party/aesni-intel/aesni-intel_asm.c delete mode 100644 third_party/aesni-intel/inst-intel.h delete mode 100644 third_party/aesni-intel/wscript Changeset truncated at 500 lines: diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c index 872e7d185e6..4f5db9fc32e 100644 --- a/auth/gensec/schannel.c +++ b/auth/gensec/schannel.c @@ -35,10 +35,6 @@ #include "auth/gensec/gensec_toplevel_proto.h" #include "libds/common/roles.h" -#ifndef HAVE_GNUTLS_AES_CFB8 -#include "lib/crypto/aes.h" -#endif - #include "lib/crypto/gnutls_helpers.h" #include <gnutls/gnutls.h> #include <gnutls/crypto.h> @@ -150,7 +146,6 @@ static NTSTATUS netsec_do_seq_num(struct schannel_state *state, uint8_t seq_num[8]) { if (state->creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { -#ifdef HAVE_GNUTLS_AES_CFB8 gnutls_cipher_hd_t cipher_hnd = NULL; gnutls_datum_t key = { .data = state->creds->session_key, @@ -186,17 +181,6 @@ static NTSTATUS netsec_do_seq_num(struct schannel_state *state, NT_STATUS_CRYPTO_SYSTEM_INVALID); } -#else /* NOT HAVE_GNUTLS_AES_CFB8 */ - AES_KEY key; - uint8_t iv[AES_BLOCK_SIZE]; - - AES_set_encrypt_key(state->creds->session_key, 128, &key); - ZERO_STRUCT(iv); - memcpy(iv+0, checksum, 8); - memcpy(iv+8, checksum, 8); - - aes_cfb8_encrypt(seq_num, seq_num, 8, &key, iv, AES_ENCRYPT); -#endif /* HAVE_GNUTLS_AES_CFB8 */ } else { static const uint8_t zeros[4]; uint8_t _sequence_key[16]; @@ -261,7 +245,6 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state, bool forward) { if (state->creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { -#ifdef HAVE_GNUTLS_AES_CFB8 gnutls_cipher_hd_t cipher_hnd = NULL; uint8_t sess_kf0[16] = {0}; gnutls_datum_t key = { @@ -354,29 +337,6 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state, } } gnutls_cipher_deinit(cipher_hnd); -#else /* NOT HAVE_GNUTLS_AES_CFB8 */ - AES_KEY key; - uint8_t iv[AES_BLOCK_SIZE]; - uint8_t sess_kf0[16]; - int i; - - for (i = 0; i < 16; i++) { - sess_kf0[i] = state->creds->session_key[i] ^ 0xf0; - } - - AES_set_encrypt_key(sess_kf0, 128, &key); - ZERO_STRUCT(iv); - memcpy(iv+0, seq_num, 8); - memcpy(iv+8, seq_num, 8); - - if (forward) { - aes_cfb8_encrypt(confounder, confounder, 8, &key, iv, AES_ENCRYPT); - aes_cfb8_encrypt(data, data, length, &key, iv, AES_ENCRYPT); - } else { - aes_cfb8_encrypt(confounder, confounder, 8, &key, iv, AES_DECRYPT); - aes_cfb8_encrypt(data, data, length, &key, iv, AES_DECRYPT); - } -#endif /* HAVE_GNUTLS_AES_CFB8 */ } else { gnutls_cipher_hd_t cipher_hnd; uint8_t _sealing_key[16]; diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c deleted file mode 100644 index 4ff019af91a..00000000000 --- a/lib/crypto/aes.c +++ /dev/null @@ -1,329 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "replace.h" -#include "aes.h" - -#ifdef SAMBA_RIJNDAEL -#include "rijndael-alg-fst.h" - -#if defined(HAVE_AESNI_INTEL) - -/* - * NB. HAVE_AESNI_INTEL is only defined if -lang-asm is - * available. - */ - -static inline void __cpuid(unsigned int where[4], unsigned int leaf) -{ - asm volatile("cpuid" : - "=a" (where[0]), - "=b" (where[1]), - "=c" (where[2]), - "=d" (where[3]): "a" (leaf)); -} - -/* - * has_intel_aes_instructions() - * return true if supports AES-NI and false if doesn't - */ -static bool has_intel_aes_instructions(void) -{ - static int has_aes_instructions = -1; - unsigned int cpuid_results[4]; - - if (has_aes_instructions != -1) { - return (bool)has_aes_instructions; - } - - __cpuid(cpuid_results, 1); - has_aes_instructions = !!(cpuid_results[2] & (1 << 25)); - return (bool)has_aes_instructions; -} - -/* - * Macro to ensure the AES key schedule starts on a 16 byte boundary. - */ - -#define SET_ACC_CTX(k) \ - do { \ - (k)->u.aes_ni.acc_ctx = \ - (struct crypto_aes_ctx *)(((unsigned long)(k)->u.aes_ni._acc_ctx + 15) & ~0xfUL); \ - } while (0) - -/* - * The next 4 functions call the Intel AES hardware implementations - * of: - * - * AES_set_encrypt_key() - * AES_set_decrypt_key() - * AES_encrypt() - * AES_decrypt() - */ - -static int AES_set_encrypt_key_aesni(const unsigned char *userkey, - const int bits, - AES_KEY *key) -{ - SET_ACC_CTX(key); - return aesni_set_key(key->u.aes_ni.acc_ctx, userkey, bits/8); -} - -static int AES_set_decrypt_key_aesni(const unsigned char *userkey, - const int bits, - AES_KEY *key) -{ - SET_ACC_CTX(key); - return aesni_set_key(key->u.aes_ni.acc_ctx, userkey, bits/8); -} - -static void AES_encrypt_aesni(const unsigned char *in, - unsigned char *out, - const AES_KEY *key) -{ - aesni_enc(key->u.aes_ni.acc_ctx, out, in); -} - -static void AES_decrypt_aesni(const unsigned char *in, - unsigned char *out, - const AES_KEY *key) -{ - aesni_dec(key->u.aes_ni.acc_ctx, out, in); -} -#else /* defined(HAVE_AESNI_INTEL) */ - -/* - * Dummy implementations if no Intel AES instructions present. - * Only has_intel_aes_instructions() will ever be called. -*/ - -static bool has_intel_aes_instructions(void) -{ - return false; -} - -static int AES_set_encrypt_key_aesni(const unsigned char *userkey, - const int bits, - AES_KEY *key) -{ - return -1; -} - -static int AES_set_decrypt_key_aesni(const unsigned char *userkey, - const int bits, - AES_KEY *key) -{ - return -1; -} - -static void AES_encrypt_aesni(const unsigned char *in, - unsigned char *out, - const AES_KEY *key) -{ - abort(); -} - -static void AES_decrypt_aesni(const unsigned char *in, - unsigned char *out, - const AES_KEY *key) -{ - abort(); -} -#endif /* defined(HAVE_AENI_INTEL) */ - -/* - * The next 4 functions are the pure software implementations - * of: - * - * AES_set_encrypt_key() - * AES_set_decrypt_key() - * AES_encrypt() - * AES_decrypt() - */ - -static int -AES_set_encrypt_key_rj(const unsigned char *userkey, const int bits, AES_KEY *key) -{ - key->u.aes_rj.rounds = rijndaelKeySetupEnc(key->u.aes_rj.key, userkey, bits); - if (key->u.aes_rj.rounds == 0) - return -1; - return 0; -} - -static int -AES_set_decrypt_key_rj(const unsigned char *userkey, const int bits, AES_KEY *key) -{ - key->u.aes_rj.rounds = rijndaelKeySetupDec(key->u.aes_rj.key, userkey, bits); - if (key->u.aes_rj.rounds == 0) - return -1; - return 0; -} - -static void -AES_encrypt_rj(const unsigned char *in, unsigned char *out, const AES_KEY *key) -{ - rijndaelEncrypt(key->u.aes_rj.key, key->u.aes_rj.rounds, in, out); -} - -static void -AES_decrypt_rj(const unsigned char *in, unsigned char *out, const AES_KEY *key) -{ - rijndaelDecrypt(key->u.aes_rj.key, key->u.aes_rj.rounds, in, out); -} - -/* - * The next 4 functions are the runtime switch for Intel AES hardware - * implementations of: - * - * AES_set_encrypt_key() - * AES_set_decrypt_key() - * AES_encrypt() - * AES_decrypt() - * - * If the hardware instructions don't exist, fall back to the software - * versions. - */ - -int -AES_set_encrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key) -{ - if (has_intel_aes_instructions()) { - return AES_set_encrypt_key_aesni(userkey, bits, key); - } - return AES_set_encrypt_key_rj(userkey, bits, key); -} - -int -AES_set_decrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key) -{ - if (has_intel_aes_instructions()) { - return AES_set_decrypt_key_aesni(userkey, bits, key); - } - return AES_set_decrypt_key_rj(userkey, bits, key); -} - -void -AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key) -{ - if (has_intel_aes_instructions()) { - AES_encrypt_aesni(in, out, key); - return; - } - AES_encrypt_rj(in, out, key); -} - -void -AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key) -{ - if (has_intel_aes_instructions()) { - AES_decrypt_aesni(in, out, key); - return; - } - AES_decrypt_rj(in, out, key); -} - -#endif /* SAMBA_RIJNDAEL */ - -#ifdef SAMBA_AES_CBC_ENCRYPT -void -AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - unsigned long size, const AES_KEY *key, - unsigned char *iv, int forward_encrypt) -{ - unsigned char tmp[AES_BLOCK_SIZE]; - int i; - - if (forward_encrypt) { - while (size >= AES_BLOCK_SIZE) { - for (i = 0; i < AES_BLOCK_SIZE; i++) - tmp[i] = in[i] ^ iv[i]; - AES_encrypt(tmp, out, key); - memcpy(iv, out, AES_BLOCK_SIZE); - size -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - if (size) { - for (i = 0; i < size; i++) - tmp[i] = in[i] ^ iv[i]; - for (i = size; i < AES_BLOCK_SIZE; i++) - tmp[i] = iv[i]; - AES_encrypt(tmp, out, key); - memcpy(iv, out, AES_BLOCK_SIZE); - } - } else { - while (size >= AES_BLOCK_SIZE) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(tmp, out, key); - for (i = 0; i < AES_BLOCK_SIZE; i++) - out[i] ^= iv[i]; - memcpy(iv, tmp, AES_BLOCK_SIZE); - size -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - if (size) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(tmp, out, key); - for (i = 0; i < size; i++) - out[i] ^= iv[i]; - memcpy(iv, tmp, AES_BLOCK_SIZE); - } - } -} -#endif /* SAMBA_AES_CBC_ENCRYPT */ - -#ifdef SAMBA_AES_CFB8_ENCRYPT -void -AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, - unsigned long size, const AES_KEY *key, - unsigned char *iv, int forward_encrypt) -{ - int i; - - for (i = 0; i < size; i++) { - unsigned char tmp[AES_BLOCK_SIZE + 1]; - - memcpy(tmp, iv, AES_BLOCK_SIZE); - AES_encrypt(iv, iv, key); - if (!forward_encrypt) { - tmp[AES_BLOCK_SIZE] = in[i]; - } - out[i] = in[i] ^ iv[0]; - if (forward_encrypt) { - tmp[AES_BLOCK_SIZE] = out[i]; - } - memcpy(iv, &tmp[1], AES_BLOCK_SIZE); - } -} -#endif /* SAMBA_AES_CFB8_ENCRYPT */ diff --git a/lib/crypto/aes.h b/lib/crypto/aes.h index 00bfa3e26ce..21c1edabe98 100644 --- a/lib/crypto/aes.h +++ b/lib/crypto/aes.h @@ -36,643 +36,9 @@ #ifndef LIB_CRYPTO_AES_H #define LIB_CRYPTO_AES_H 1 -#include "aesni.h" - -#define SAMBA_RIJNDAEL 1 -#define SAMBA_AES_CBC_ENCRYPT 1 -#define SAMBA_AES_CFB8_ENCRYPT 1 -#define SAMBA_AES_BLOCK_XOR 1 - -/* symbol renaming */ -#define AES_set_encrypt_key samba_AES_set_encrypt_key -#define AES_set_decrypt_key samba_AES_decrypt_key -#define AES_encrypt samba_AES_encrypt -#define AES_decrypt samba_AES_decrypt -#define AES_cbc_encrypt samba_AES_cbc_encrypt -#define AES_cfb8_encrypt samba_AES_cfb8_encrypt - /* * */ #define AES_BLOCK_SIZE 16 -#define AES_MAXNR 14 - -#define AES_ENCRYPT 1 -#define AES_DECRYPT 0 - -struct aes_key_rj { - uint32_t key[(AES_MAXNR+1)*4]; - int rounds; -}; - -typedef struct aes_key { - union { - struct aes_key_rj aes_rj; - struct crypto_aesni_ctx aes_ni; - } u; -} AES_KEY; - -#ifdef __cplusplus -extern "C" { -#endif - -int AES_set_encrypt_key(const unsigned char *, const int, AES_KEY *); -int AES_set_decrypt_key(const unsigned char *, const int, AES_KEY *); - -void AES_encrypt(const unsigned char *, unsigned char *, const AES_KEY *); -void AES_decrypt(const unsigned char *, unsigned char *, const AES_KEY *); - -void AES_cbc_encrypt(const unsigned char *, unsigned char *, - const unsigned long, const AES_KEY *, - unsigned char *, int); - -void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, - unsigned long size, const AES_KEY *key, - unsigned char *iv, int forward_encrypt); - -#define aes_cfb8_encrypt(in, out, size, key, iv, forward_encrypt) \ - AES_cfb8_encrypt(in, out, size, key, iv, forward_encrypt) - -#ifdef __cplusplus -} -#endif - -#ifdef SAMBA_AES_BLOCK_XOR -static inline void aes_block_xor(const uint8_t in1[AES_BLOCK_SIZE], - const uint8_t in2[AES_BLOCK_SIZE], - uint8_t out[AES_BLOCK_SIZE]) -{ -#define __IS_ALIGN8(p) ((((uintptr_t)(p)) & 0x7) == 0) -#define __IS_ALIGNED(a,b,c) __IS_ALIGN8(\ - ((uintptr_t)(a)) | \ - ((uintptr_t)(b)) | \ - ((uintptr_t)(c))) - /* If everything is aligned we can optimize */ - if (likely(__IS_ALIGNED(in1, in2, out))) { -#define __RO64(p) ((const uint64_t *)(p)) -#define __RW64(p) ((uint64_t *)(p)) - __RW64(out)[0] = __RO64(in1)[0] ^ __RO64(in2)[0]; - __RW64(out)[1] = __RO64(in1)[1] ^ __RO64(in2)[1]; -- Samba Shared Repository