From: Mark Wooding Date: Sat, 9 May 2020 19:55:40 +0000 (+0100) Subject: Merge branch '2.5.x' X-Git-Tag: 2.6.0~49 X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/commitdiff_plain/551a5729aff083d8cc56c092dacc9936e96a1435?hp=-c Merge branch '2.5.x' * 2.5.x: Release 2.5.2. base/regdump.c: Be helpful about VFP/NEON registers before `regdump_init'. base/regdump.h (ARM32, ARM64): Properly parenthesize `_regfmt' arguments. base/regdump.c: Dump ARM VFP/NEON registers with the correct source tag. debian/catacomb2.symbols: Bump versions for fixed functions. Release 2.4.5. math/group-parse.c (group-parse): Parse binary-group descriptions. math/group-parse.c: Fix copyright notice. *.c: Check for ARM64 SIMD before using the accelerated code. base/dispatch.c: Recognize `CPUFEAT_ARM_NEON' as requesting ARM64 SIMD. symm/t/chacha: Missing test from RFC8439. math/t/{mpx,mpmont}: Add some extra tests for flushing out `mul4' bugs. math/mpx-mul4-*: Test the `...zc' variants too. math/Makefile.am, symm/Makefile.am: Use `--no-install' on oddball tests. progs/pixie.c: Don't crash when trying to set an empty passphrase. configure.ac, vars.am: Use host-specific link options for test programs. --- 551a5729aff083d8cc56c092dacc9936e96a1435 diff --combined base/dispatch.c index 65ea2d25,131e3fdb..db9c3199 --- a/base/dispatch.c +++ b/base/dispatch.c @@@ -43,6 -43,7 +43,6 @@@ #if CPUFAM_X86 || CPUFAM_AMD64 -# define EFLAGS_ID (1u << 21) # define CPUID1D_SSE2 (1u << 26) # define CPUID1D_FXSR (1u << 24) # define CPUID1C_PCLMUL (1u << 1) @@@ -52,18 -53,83 +52,18 @@@ # define CPUID1C_RDRAND (1u << 30) struct cpuid { unsigned a, b, c, d; }; - -/* --- @cpuid@ --- * - * - * Arguments: @struct cpuid *cc@ = where to write the result - * @unsigned a, c@ = EAX and ECX registers to set - * - * Returns: --- - * - * Use: Minimal C wrapper around the x86 `CPUID' instruction. Checks - * that the instruction is actually available before invoking - * it; fills the output structure with zero if it's not going to - * work. - */ - -#ifdef __GNUC__ -# if CPUFAM_X86 -static __inline__ unsigned getflags(void) - { unsigned f; __asm__ ("pushf; popl %0" : "=g" (f)); return (f); } -static __inline__ unsigned setflags(unsigned f) -{ - unsigned ff; - __asm__ ("pushf; pushl %1; popf; pushf; popl %0; popf" - : "=r" (ff) - : "r" (f)); - return (ff); -} -# else -static __inline__ unsigned long getflags(void) - { unsigned long f; __asm__ ("pushf; popq %0" : "=g" (f)); return (f); } -static __inline__ unsigned long long setflags(unsigned long f) -{ - unsigned long ff; - __asm__ ("pushf; pushq %1; popf; pushf; popq %0; popf" - : "=r" (ff) - : "r" (f)); - return (ff); -} -# endif -#endif +extern int dispatch_x86ish_cpuid(struct cpuid *, unsigned a, unsigned c); +extern int dispatch_x86ish_xmmregisters_p(void); +extern int dispatch_x86ish_rdrand(unsigned *); static void cpuid(struct cpuid *cc, unsigned a, unsigned c) { -#ifdef __GNUC__ - unsigned f; -#endif - - cc->a = cc->b = cc->c = cc->d = 0; - -#ifdef __GNUC__ - /* Stupid dance to detect whether the CPUID instruction is available. */ - f = getflags(); - if (!(setflags(f | EFLAGS_ID) & EFLAGS_ID) || - setflags(f & ~EFLAGS_ID) & EFLAGS_ID) { + int rc = dispatch_x86ish_cpuid(cc, a, c); + if (rc) dispatch_debug("CPUID instruction not available"); - return; - } - setflags(f); - - /* Alas, EBX is magical in PIC code, so abuse ESI instead. This isn't - * pretty, but it works. - */ -# if CPUFAM_X86 - __asm__ ("pushl %%ebx; cpuid; movl %%ebx, %%esi; popl %%ebx" - : "=a" (cc->a), "=S" (cc->b), "=c" (cc->c), "=d" (cc->d) - : "a" (a) , "c" (c)); -# elif CPUFAM_AMD64 - __asm__ ("pushq %%rbx; cpuid; movl %%ebx, %%esi; popq %%rbx" - : "=a" (cc->a), "=S" (cc->b), "=c" (cc->c), "=d" (cc->d) - : "a" (a) , "c" (c)); -# else -# error "I'm confused." -# endif - dispatch_debug("CPUID(%08x, %08x) -> %08x, %08x, %08x, %08x", - a, c, cc->a, cc->b, cc->c, cc->d); -#else - dispatch_debug("GNU inline assembler not available; can't CPUID"); -#endif + else + dispatch_debug("CPUID(%08x, %08x) -> %08x, %08x, %08x, %08x", + a, c, cc->a, cc->b, cc->c, cc->d); } static unsigned cpuid_maxleaf(void) @@@ -96,10 -162,43 +96,10 @@@ static int cpuid_features_p(unsigned db static int xmm_registers_available_p(void) { -#ifdef __GNUC__ - unsigned f; - /* This hack is by Agner Fog. Use FXSAVE/FXRSTOR to figure out whether the - * XMM registers are actually alive. - */ - if (!cpuid_features_p(CPUID1D_FXSR, 0)) return (0); -# if CPUFAM_X86 - __asm__ ("movl %%esp, %%edx; subl $512, %%esp; andl $~15, %%esp\n" - "fxsave (%%esp)\n" - "movl 160(%%esp), %%eax; xorl $0xaaaa5555, 160(%%esp)\n" - "fxrstor (%%esp); fxsave (%%esp)\n" - "movl 160(%%esp), %%ecx; movl %%eax, 160(%%esp)\n" - "fxrstor (%%esp); movl %%edx, %%esp\n" - "xorl %%ecx, %%eax" - : "=a" (f) - : /* no inputs */ - : "%ecx", "%edx"); -# elif CPUFAM_AMD64 - __asm__ ("movq %%rsp, %%rdx; subq $512, %%rsp; andq $~15, %%rsp\n" - "fxsave (%%rsp)\n" - "movl 160(%%rsp), %%eax; xorl $0xaaaa5555, 160(%%rsp)\n" - "fxrstor (%%rsp); fxsave (%%rsp)\n" - "movl 160(%%rsp), %%ecx; movl %%eax, 160(%%rsp)\n" - "fxrstor (%%rsp); movq %%rdx, %%rsp\n" - "xorl %%ecx, %%eax" - : "=a" (f) - : /* no inputs */ - : "%ecx", "%rdx"); -# else -# error "I'm confused." -# endif + int f = dispatch_x86ish_xmmregisters_p(); + dispatch_debug("XMM registers %savailable", f ? "" : "not "); return (f); -#else - dispatch_debug("GNU inline assembler not available; can't check for XMM"); - return (0); -#endif } /* --- @rdrand_works_p@ --- * @@@ -111,6 -210,25 +111,6 @@@ * that it's already been verified to be safe to issue. */ -#ifdef __GNUC__ -static int rdrand(unsigned *x) -{ - int i, rc; - unsigned _t; - - i = 16; - __asm__ ("" : "=g" (_t)); - __asm__ ("0: rdrand %2; jc 1f; decl %1; jnz 0b\n" - "mov $-1, %0; jmp 9f\n" - "1: movl %2, (%3); xorl %0, %0\n" - "9:" - : "=r" (rc), "+r" (i), "+r" (_t) - : "r" (x) - : "cc"); - return (rc); -} -#endif - static int rdrand_works_p(void) { unsigned ref, x, i; @@@ -119,9 -237,9 +119,9 @@@ * will fail with probability %$2^{-128}$% with a truly random generator, * which seems fair enough. */ - if (rdrand(&ref)) goto fail; + if (dispatch_x86ish_rdrand(&ref)) goto fail; for (i = 0; i < 4; i++) { - if (rdrand(&x)) goto fail; + if (dispatch_x86ish_rdrand(&x)) goto fail; if (x != ref) goto not_stuck; } dispatch_debug("RDRAND always returns 0x%08x!", ref); @@@ -226,6 -344,7 +226,7 @@@ static unsigned hwcaps = 0 # define WANTAUX(_) \ WANT_AT_HWCAP(_) # define CAPMAP(_) \ + _(ARM_NEON, "arm:neon") \ _(ARM_AES, "arm:aes") \ _(ARM_PMULL, "arm:pmull") #endif @@@ -346,6 -465,7 +347,7 @@@ static void probe_hwcaps(void # endif #endif #if CPUFAM_ARM64 + if (probed.hwcap & HWCAP_ASIMD) hw |= HF_ARM_NEON; if (probed.hwcap & HWCAP_AES) hw |= HF_ARM_AES; if (probed.hwcap & HWCAP_PMULL) hw |= HF_ARM_PMULL; #endif diff --combined configure.ac index b4f73896,5335a2e9..e5bf8d88 --- a/configure.ac +++ b/configure.ac @@@ -39,6 -39,13 +39,13 @@@ AC_PROG_C AX_CFLAGS_WARN_ALL AM_PROG_LIBTOOL mdw_LIBTOOL_VERSION_INFO + case $host_os in + cygwin* | mingw* | pw32* | os2* | darwin* | cegcc*) + TEST_LDFLAGS=-no-fast-install ;; + *) + TEST_LDFLAGS=-no-install ;; + esac + AC_SUBST([TEST_LDFLAGS]) AM_PROG_AS @@@ -423,7 -430,7 +430,7 @@@ dnl Set the master libraries we need AC_SUBST([CATACOMB_LIBS]) dnl Necessary support libraries. -PKG_CHECK_MODULES([mLib], [mLib >= 2.3.0]) +PKG_CHECK_MODULES([mLib], [mLib >= 2.4.1]) AM_CFLAGS="$AM_CFLAGS $mLib_CFLAGS" dnl-------------------------------------------------------------------------- diff --combined debian/catacomb2.symbols index 33d5915a,66f19beb..b6ffba11 --- a/debian/catacomb2.symbols +++ b/debian/catacomb2.symbols @@@ -24,7 -24,6 +24,7 @@@ libcatacomb.so.2 catacomb2 #MINVER cpu_feature_p@Base 2.2.3 dispatch_debug@Base 2.2.3 (optional|arch=i386 amd64)dispatch_x86ish_cpuid@Base 2.5.0 + (optional|arch=i386 amd64)dispatch_x86ish_rdrand@Base 2.5.99~ (optional|arch=i386 amd64)dispatch_x86ish_xmmregisters_p@Base 2.5.0 ## regdump (available with `--enable-asm-debug') @@@ -32,7 -31,7 +32,7 @@@ (optional)regdump@Base 2.5.0 (optional)regdump_freshline@Base 2.5.0 (optional)regdump_gp@Base 2.5.0 - (optional)regdump_fp@Base 2.5.0 + (optional)regdump_fp@Base 2.5.2 (optional)regdump_simd@Base 2.5.0 (optional)regdump_gprstr@Base 2.5.0 (optional)regdump_gpsave@Base 2.5.0 @@@ -422,8 -421,8 +422,8 @@@ strongprime@Base 2.3.1 ## limlee - limlee_step@Base 2.5.1+ - limlee@Base 2.5.1+ + limlee_step@Base 2.5.2 + limlee@Base 2.5.2 ## gfx gfx_acc@Base 2.0.0 @@@ -466,7 -465,7 +466,7 @@@ ## group group_fromstring@Base 2.1.1 - group_parse@Base 2.1.1 + group_parse@Base 2.5.2 group_check@Base 2.1.1 group_samep@Base 2.1.1 group_stdcheck@Base 2.1.1 @@@ -513,10 -512,10 +513,10 @@@ ec_dbl@Base 2.2.0 ec_neg@Base 2.2.0 ec_sub@Base 2.2.0 - ec_imul@Base 2.5.1+ - ec_mul@Base 2.5.1+ - ec_immul@Base 2.5.1+ - ec_mmul@Base 2.5.1+ + ec_imul@Base 2.5.2 + ec_mul@Base 2.5.2 + ec_immul@Base 2.5.2 + ec_mmul@Base 2.5.2 ec_check@Base 2.2.0 ec_destroycurve@Base 2.2.0 ec_idfix@Base 2.2.0 @@@ -638,22 -637,22 +638,22 @@@ ## lcrand lcrand@Base 2.0.0 - lcrand_create@Base 2.5.1+ + lcrand_create@Base 2.5.2 lcrand_range@Base 2.0.0 ## rand rand_init@Base 2.2.3 rand_noisesrc@Base 2.2.3 rand_seed@Base 2.2.3 - rand_quick@Base 2.2.3 + rand_quick@Base 2.5.2 (optional|arch=i386 amd64)rand_quick_x86ish_rdrand@Base 2.5.0 - rand_key@Base 2.5.1+ + rand_key@Base 2.5.2 rand_add@Base 2.2.3 rand_goodbits@Base 2.2.3 rand_get@Base 2.2.3 rand_getgood@Base 2.2.3 - rand_gate@Base 2.2.3 - rand_stretch@Base 2.2.3 + rand_gate@Base 2.5.2 + rand_stretch@Base 2.5.2 rand_generation@Base 2.2.3 rand_create@Base 2.2.3 rand_global@Base 2.2.3 @@@ -4222,8 -4221,8 +4222,8 @@@ ## dh dh_gen@Base 2.1.1 - dh_kcdsagen@Base 2.5.1+ - dh_limlee@Base 2.5.1+ + dh_kcdsagen@Base 2.5.2 + dh_limlee@Base 2.5.2 dh_checkparam@Base 2.1.1 dh_parse@Base 2.1.1 dhbin_parse@Base 2.1.1 @@@ -4354,9 -4353,9 +4354,9 @@@ key_structsteal@Base 2.1.1 key_mksubkeyiter@Base 2.1.1 key_nextsubkey@Base 2.1.1 - key_copydata@Base 2.5.1+ + key_copydata@Base 2.5.2 key_incref@Base 2.1.1 - key_split@Base 2.5.1+ + key_split@Base 2.5.2 key_drop@Base 2.1.1 key_destroy@Base 2.1.1 key_do@Base 2.1.1 @@@ -4405,7 -4404,7 +4405,7 @@@ key_strerror@Base 2.1.1 ## key-io - key_new@Base 2.1.1 + key_new@Base 2.5.2 key_open@Base 2.3.1 key_close@Base 2.1.1 key_discard@Base 2.1.1 @@@ -4414,7 -4413,7 +4414,7 @@@ ## key-misc key_byid@Base 2.1.1 - key_bytag@Base 2.5.1+ + key_bytag@Base 2.5.2 key_bytype@Base 2.1.1 key_qtag@Base 2.1.1 key_expired@Base 2.1.1 diff --combined debian/changelog index db77dc17,3e08f899..3d5f0058 --- a/debian/changelog +++ b/debian/changelog @@@ -1,9 -1,10 +1,16 @@@ +catacomb (2.5.99~) experimental; urgency=medium + + * (placeholder for next minor release) + + -- Mark Wooding Mon, 30 Sep 2019 02:15:20 +0100 + + catacomb (2.5.2) experimental; urgency=medium + + * Merge changes from 2.4.5. + * catacomb-dev: Fix ARM32 FP/SIMD register dumping. + + -- Mark Wooding Sat, 09 May 2020 20:50:57 +0100 + catacomb (2.5.1) experimental; urgency=medium * Merge changes from 2.4.4. @@@ -29,6 -30,45 +36,45 @@@ catacomb (2.5.0) experimental; urgency= -- Mark Wooding Sat, 21 Sep 2019 21:26:44 +0100 + catacomb (2.4.5) experimental; urgency=medium + + * catacomb: Fix memory leak in key-file error handling. + * catacomb: Don't leak internal `exptime' symbol into the global + namespace. + * catacomb: Check that the X86 `rdrand' instruction actually works + before leaning on it. This is in response to the well-publicized AMD + bug which always returns all-bits-set with the carry /set/ (indicating + success). + * catacomb: Mix in the random pool key during `rand_gate' and + `rand_stretch' operations. + * catacomb: Fix by-tag key lookups: if the query string looks like a hex + number, it's treated as a search by id; but if no such id is found, + the search wouldn't continue to look for a key by type or tag. + * catacomb: Fix reference leak in `key_split'. + * catacomb: Fix bug which completely broke `key_copydata'. + * catacomb: Fix segfault from `pgen', if it fails before setting up the + prime tester. + * catacomb: Propagate failure from `pgen' during Lim--Lee prime + generation, rather than immediately retrying. + * catacomb: Fix memory leak of factor vector from failed Lim--Lee prime + generation. + * catacomb: Fix segfault when multiplying the identity elliptic-curve + point. + * catacomb: Fix the `lcrand' descriptor, so that it's not advertised as + being cryptographically strong, and to fix a bias in its output. + * catacomb: Fix a memory leak in the error case of KCDSA prime + generation. + * catacomb-bin: Fix segfault from `pixie', if given an empty passphrase + to remember. + * catacomb: Check SIMD feature bit on ARM64 before using the optimized + code. I don't know of any ARM64 implementations which lack SIMD + instructions, but the bit must be there for a reason, so I might as + well use it. + * catacomb: Support parsing binary-group descriptions. This is a long- + standing lacuna that I've only recently noticed. + + -- Mark Wooding Sat, 09 May 2020 17:46:24 +0100 + catacomb (2.4.4) experimental; urgency=medium * debian: Bump to Debhelper 10.