Add AARCH64 specific implementations of:
- OPENSSL_cpuid_setup(), probing hardware capabilitie
(presence of FEAT_AES, etc.)
- OPENSSL_rdtsc(), returning non-trusted entropy by accessing
system counter.
Signed-off-by: Pierre Gondois <pierre.gond...@arm.com>
---
.../Library/OpensslLib/OpensslLibAccel.inf | 5 +-
.../OpensslLib/OpensslLibFullAccel.inf | 5 +-
.../OpensslLib/OpensslStub/AArch64Cap.c | 107 ++++++++++++++++++
3 files changed, 113 insertions(+), 4 deletions(-)
create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/AArch64Cap.c
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
index 2cf985d9e5f9..a180820577aa 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
@@ -1329,6 +1329,7 @@ [Sources.X64]
# Autogenerated files list ends here
[Sources.AARCH64]
+ OpensslStub/AArch64Cap.c
# Autogenerated files list starts here
$(OPENSSL_PATH)/crypto/aes/aes_cbc.c
$(OPENSSL_PATH)/crypto/aes/aes_cfb.c
@@ -1598,7 +1599,7 @@ [Sources.AARCH64]
$(OPENSSL_PATH)/crypto/kdf/kdf_err.c
$(OPENSSL_PATH)/crypto/lhash/lh_stats.c
$(OPENSSL_PATH)/crypto/lhash/lhash.c
- $(OPENSSL_PATH)/crypto/armcap.c
+# $(OPENSSL_PATH)/crypto/armcap.c
$(OPENSSL_PATH)/crypto/asn1_dsa.c
$(OPENSSL_PATH)/crypto/bsearch.c
$(OPENSSL_PATH)/crypto/context.c
@@ -1606,7 +1607,7 @@ [Sources.AARCH64]
$(OPENSSL_PATH)/crypto/core_fetch.c
$(OPENSSL_PATH)/crypto/core_namemap.c
$(OPENSSL_PATH)/crypto/cpt_err.c
- $(OPENSSL_PATH)/crypto/cpuid.c
+# $(OPENSSL_PATH)/crypto/cpuid.c
$(OPENSSL_PATH)/crypto/cryptlib.c
$(OPENSSL_PATH)/crypto/ctype.c
$(OPENSSL_PATH)/crypto/cversion.c
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
index 111346b31814..23917029e873 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
@@ -1432,6 +1432,7 @@ [Sources.X64]
# Autogenerated files list ends here
[Sources.AARCH64]
+ OpensslStub/AArch64Cap.c
# Autogenerated files list starts here
$(OPENSSL_PATH)/crypto/aes/aes_cbc.c
$(OPENSSL_PATH)/crypto/aes/aes_cfb.c
@@ -1739,7 +1740,7 @@ [Sources.AARCH64]
$(OPENSSL_PATH)/crypto/kdf/kdf_err.c
$(OPENSSL_PATH)/crypto/lhash/lh_stats.c
$(OPENSSL_PATH)/crypto/lhash/lhash.c
- $(OPENSSL_PATH)/crypto/armcap.c
+# $(OPENSSL_PATH)/crypto/armcap.c
$(OPENSSL_PATH)/crypto/asn1_dsa.c
$(OPENSSL_PATH)/crypto/bsearch.c
$(OPENSSL_PATH)/crypto/context.c
@@ -1747,7 +1748,7 @@ [Sources.AARCH64]
$(OPENSSL_PATH)/crypto/core_fetch.c
$(OPENSSL_PATH)/crypto/core_namemap.c
$(OPENSSL_PATH)/crypto/cpt_err.c
- $(OPENSSL_PATH)/crypto/cpuid.c
+# $(OPENSSL_PATH)/crypto/cpuid.c
$(OPENSSL_PATH)/crypto/cryptlib.c
$(OPENSSL_PATH)/crypto/ctype.c
$(OPENSSL_PATH)/crypto/cversion.c
diff --git a/CryptoPkg/Library/OpensslLib/OpensslStub/AArch64Cap.c
b/CryptoPkg/Library/OpensslLib/OpensslStub/AArch64Cap.c
new file mode 100644
index 000000000000..3a21d54462e3
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/OpensslStub/AArch64Cap.c
@@ -0,0 +1,107 @@
+/** @file
+ Arm capabilities probing.
+
+ Copyright (c) 2023, Arm Limited. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <openssl/types.h>
+#include "crypto/arm_arch.h"
+
+#include <Library/BaseLib.h>
+
+/** Get bits from a value.
+
+ Shift the input value from 'shift' bits and apply 'mask'.
+
+ @param value The value to get the bits from.
+ @param shift Index of the bits to read.
+ @param mask Mask to apply to the value once shifted.
+
+ @return The desired bitfield from the value.
+**/
+#define GET_BITFIELD(value, shift, mask) \
+ ((value >> shift) & mask)
+
+UINT32 OPENSSL_armcap_P = 0;
+
+void
+OPENSSL_cpuid_setup (
+ void
+ )
+{
+ UINT64 Isar0;
+
+ OPENSSL_armcap_P = 0;
+ Isar0 = ArmReadIdAA64Isar0Reg ();
+
+ /* Access to EL0 registers is possible from higher ELx. */
+ OPENSSL_armcap_P |= ARMV8_CPUID;
+ /* Access to Physical timer is possible. */
+ OPENSSL_armcap_P |= ARMV7_TICK;
+
+ /* Neon support is not guaranteed, but it is assumed to be present.
+ Arm ARM for Armv8, sA1.5 Advanced SIMD and floating-point support
+ */
+ OPENSSL_armcap_P |= ARMV7_NEON;
+
+ if (GET_BITFIELD (
+ Isar0,
+ ARM_ID_AA64ISAR0_EL1_AES_SHIFT,
+ ARM_ID_AA64ISAR0_EL1_AES_MASK
+ ) != 0)
+ {
+ OPENSSL_armcap_P |= ARMV8_AES;
+ }
+
+ if (GET_BITFIELD (
+ Isar0,
+ ARM_ID_AA64ISAR0_EL1_SHA1_SHIFT,
+ ARM_ID_AA64ISAR0_EL1_SHA1_MASK
+ ) != 0)
+ {
+ OPENSSL_armcap_P |= ARMV8_SHA1;
+ }
+
+ if (GET_BITFIELD (
+ Isar0,
+ ARM_ID_AA64ISAR0_EL1_SHA2_SHIFT,
+ ARM_ID_AA64ISAR0_EL1_SHA2_MASK
+ ) != 0)
+ {
+ OPENSSL_armcap_P |= ARMV8_SHA256;
+ }
+
+ if (GET_BITFIELD (
+ Isar0,
+ ARM_ID_AA64ISAR0_EL1_AES_SHIFT,
+ ARM_ID_AA64ISAR0_EL1_AES_MASK
+ ) >= ARM_ID_AA64ISAR0_EL1_AES_FEAT_PMULL_MASK)
+ {
+ OPENSSL_armcap_P |= ARMV8_PMULL;
+ }
+
+ if (GET_BITFIELD (
+ Isar0,
+ ARM_ID_AA64ISAR0_EL1_SHA2_SHIFT,
+ ARM_ID_AA64ISAR0_EL1_SHA2_MASK
+ ) >= ARM_ID_AA64ISAR0_EL1_SHA2_FEAT_SHA512_MASK)
+ {
+ OPENSSL_armcap_P |= ARMV8_SHA512;
+ }
+}
+
+/** Read system counter value.
+
+ Used to get some non-trusted entropy.
+
+ @return Lower bits of the physical counter.
+**/
+uint32_t
+OPENSSL_rdtsc (
+ void
+ )
+{
+ return (UINT32)ArmReadCntPctReg ();
+}
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110553): https://edk2.groups.io/g/devel/message/110553
Mute This Topic: https://groups.io/mt/102342402/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
