Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / boringssl / 0c61efe6da4dd29556e9d2bf7321d2f9283a4e13 / . / src / crypto / fipsmodule / delocate.h
blob: d6564e487ecc2c9c85132825b261ef0a65fa126e [file] [log] [blame]
Robert Sloan572a4e22017-04-17 10:52:19 -0700[diff] [blame]1/* Copyright (c) 2017, Google Inc.
2 *
3 * Permission to use, copy, modify, and/or distribute this software for any
4 * purpose with or without fee is hereby granted, provided that the above
5 * copyright notice and this permission notice appear in all copies.
6 *
7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
15#ifndef OPENSSL_HEADER_FIPSMODULE_DELOCATE_H
16#define OPENSSL_HEADER_FIPSMODULE_DELOCATE_H
17
18#include <openssl/base.h>
19
20#include "../internal.h"
21
22
Pete Bentley0c61efe2019-08-13 09:32:23 +0100[diff] [blame^]23#if !defined(BORINGSSL_SHARED_LIBRARY) && defined(BORINGSSL_FIPS) && \
24 !defined(OPENSSL_ASAN) && !defined(OPENSSL_MSAN)
Robert Sloan9254e682017-04-24 09:42:06 -0700[diff] [blame]25#define DEFINE_BSS_GET(type, name) \
Robert Sloan572a4e22017-04-17 10:52:19 -0700[diff] [blame]26 static type name __attribute__((used)); \
Adam Vartanianbfcf3a72018-08-10 14:55:24 +0100[diff] [blame]27 type *name##_bss_get(void) __attribute__((const));
Robert Sloan8f860b12017-08-28 07:37:06 -0700[diff] [blame]28// For FIPS builds we require that CRYPTO_ONCE_INIT be zero.
Robert Sloan9254e682017-04-24 09:42:06 -0700[diff] [blame]29#define DEFINE_STATIC_ONCE(name) DEFINE_BSS_GET(CRYPTO_once_t, name)
Robert Sloan8f860b12017-08-28 07:37:06 -0700[diff] [blame]30// For FIPS builds we require that CRYPTO_STATIC_MUTEX_INIT be zero.
Robert Sloan9254e682017-04-24 09:42:06 -0700[diff] [blame]31#define DEFINE_STATIC_MUTEX(name) \
32 DEFINE_BSS_GET(struct CRYPTO_STATIC_MUTEX, name)
Robert Sloan8f860b12017-08-28 07:37:06 -0700[diff] [blame]33// For FIPS builds we require that CRYPTO_EX_DATA_CLASS_INIT be zero.
Robert Sloan8ff03552017-06-14 12:40:58 -0700[diff] [blame]34#define DEFINE_STATIC_EX_DATA_CLASS(name) \
35 DEFINE_BSS_GET(CRYPTO_EX_DATA_CLASS, name)
Robert Sloan572a4e22017-04-17 10:52:19 -0700[diff] [blame]36#else
37#define DEFINE_BSS_GET(type, name) \
Robert Sloan9254e682017-04-24 09:42:06 -0700[diff] [blame]38 static type name; \
Robert Sloan572a4e22017-04-17 10:52:19 -0700[diff] [blame]39 static type *name##_bss_get(void) { return &name; }
Robert Sloan9254e682017-04-24 09:42:06 -0700[diff] [blame]40#define DEFINE_STATIC_ONCE(name) \
41 static CRYPTO_once_t name = CRYPTO_ONCE_INIT; \
42 static CRYPTO_once_t *name##_bss_get(void) { return &name; }
43#define DEFINE_STATIC_MUTEX(name) \
44 static struct CRYPTO_STATIC_MUTEX name = CRYPTO_STATIC_MUTEX_INIT; \
45 static struct CRYPTO_STATIC_MUTEX *name##_bss_get(void) { return &name; }
Robert Sloan8ff03552017-06-14 12:40:58 -0700[diff] [blame]46#define DEFINE_STATIC_EX_DATA_CLASS(name) \
47 static CRYPTO_EX_DATA_CLASS name = CRYPTO_EX_DATA_CLASS_INIT; \
48 static CRYPTO_EX_DATA_CLASS *name##_bss_get(void) { return &name; }
Robert Sloan572a4e22017-04-17 10:52:19 -0700[diff] [blame]49#endif
50
Robert Sloan8ff03552017-06-14 12:40:58 -0700[diff] [blame]51#define DEFINE_DATA(type, name, accessor_decorations) \
52 DEFINE_BSS_GET(type, name##_storage) \
53 DEFINE_STATIC_ONCE(name##_once) \
54 static void name##_do_init(type *out); \
55 static void name##_init(void) { name##_do_init(name##_storage_bss_get()); } \
56 accessor_decorations type *name(void) { \
57 CRYPTO_once(name##_once_bss_get(), name##_init); \
58 /* See http://c-faq.com/ansi/constmismatch.html for why the following \
59 * cast is needed. */ \
60 return (const type *)name##_storage_bss_get(); \
61 } \
62 static void name##_do_init(type *out)
63
Robert Sloan8f860b12017-08-28 07:37:06 -0700[diff] [blame]64// DEFINE_METHOD_FUNCTION defines a function named |name| which returns a
65// method table of type const |type|*. In FIPS mode, to avoid rel.ro data, it
66// is split into a CRYPTO_once_t-guarded initializer in the module and
67// unhashed, non-module accessor functions to space reserved in the BSS. The
68// method table is initialized by a caller-supplied function which takes a
69// parameter named |out| of type |type|*. The caller should follow the macro
70// invocation with the body of this function:
71//
72// DEFINE_METHOD_FUNCTION(EVP_MD, EVP_md4) {
73// out->type = NID_md4;
74// out->md_size = MD4_DIGEST_LENGTH;
75// out->flags = 0;
76// out->init = md4_init;
77// out->update = md4_update;
78// out->final = md4_final;
79// out->block_size = 64;
80// out->ctx_size = sizeof(MD4_CTX);
81// }
82//
83// This mechanism does not use a static initializer because their execution
84// order is undefined. See FIPS.md for more details.
Robert Sloan8ff03552017-06-14 12:40:58 -0700[diff] [blame]85#define DEFINE_METHOD_FUNCTION(type, name) DEFINE_DATA(type, name, const)
Robert Sloan572a4e22017-04-17 10:52:19 -0700[diff] [blame]86
Robert Sloan8ff03552017-06-14 12:40:58 -0700[diff] [blame]87#define DEFINE_LOCAL_DATA(type, name) DEFINE_DATA(type, name, static const)
Robert Sloan572a4e22017-04-17 10:52:19 -0700[diff] [blame]88
Robert Sloan8f860b12017-08-28 07:37:06 -0700[diff] [blame]89#endif // OPENSSL_HEADER_FIPSMODULE_DELOCATE_H