From bc8b648f744566031ce84d77333dbbcb9689e975 Mon Sep 17 00:00:00 2001 From: simplelins Date: Fri, 3 Jan 2020 22:56:18 +0800 Subject: [PATCH] Fix a bug for aarch64 BigEndian FIXES #10692 #10638 a bug for aarch64 bigendian with instructions 'st1' and 'ld1' on AES-GCM mode. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Tim Hudson Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/10751) --- crypto/aes/asm/aesv8-armx.pl | 10 +++++++++- include/crypto/modes.h | 7 +++++-- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/crypto/aes/asm/aesv8-armx.pl b/crypto/aes/asm/aesv8-armx.pl index f89bba5cfa..6d7cbf09e4 100755 --- a/crypto/aes/asm/aesv8-armx.pl +++ b/crypto/aes/asm/aesv8-armx.pl @@ -211,7 +211,12 @@ $code.=<<___; .Loop192: vtbl.8 $key,{$in1},$mask vext.8 $tmp,$zero,$in0,#12 +#ifdef __ARMEB__ + vst1.32 {$in1},[$out],#16 + sub $out,$out,#8 +#else vst1.32 {$in1},[$out],#8 +#endif aese $key,$zero subs $bits,$bits,#1 @@ -1772,8 +1777,11 @@ $code.=<<___; ldr $rounds,[$key,#240] ldr $ctr, [$ivp, #12] +#ifdef __ARMEB__ + vld1.8 {$dat0},[$ivp] +#else vld1.32 {$dat0},[$ivp] - +#endif vld1.32 {q8-q9},[$key] // load key schedule... sub $rounds,$rounds,#4 mov $step,#16 diff --git a/include/crypto/modes.h b/include/crypto/modes.h index 08e4ffae74..edcdab95fa 100644 --- a/include/crypto/modes.h +++ b/include/crypto/modes.h @@ -56,12 +56,15 @@ typedef unsigned char u8; asm ("bswapl %0" \ : "+r"(ret_)); ret_; }) # elif defined(__aarch64__) -# define BSWAP8(x) ({ u64 ret_; \ +# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \ + __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__ +# define BSWAP8(x) ({ u64 ret_; \ asm ("rev %0,%1" \ : "=r"(ret_) : "r"(x)); ret_; }) -# define BSWAP4(x) ({ u32 ret_; \ +# define BSWAP4(x) ({ u32 ret_; \ asm ("rev %w0,%w1" \ : "=r"(ret_) : "r"(x)); ret_; }) +# endif # elif (defined(__arm__) || defined(__arm)) && !defined(STRICT_ALIGNMENT) # define BSWAP8(x) ({ u32 lo_=(u64)(x)>>32,hi_=(x); \ asm ("rev %0,%0; rev %1,%1" \ -- 2.25.1