diff --git a/lib/Makefile b/lib/Makefile index 55b35a707af1a46e03ae32aadc680a1712874072..4c5d09fd99b97b54b2dc2ea37235167f7852f790 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -388,7 +388,8 @@ asm_generic_lib_objs := \ sha1_mb_neon_x4.o \ sha1_sb_aarch64_x1.o \ zuc_simd.o \ - zuc_simd_no_aesni.o + zuc_simd_no_aesni.o\ + memcpy_aarch64.o else c_lib_objs := \ mb_mgr_avx.o \ diff --git a/lib/aarch64/memcpy_aarch64.S b/lib/aarch64/memcpy_aarch64.S new file mode 100644 index 0000000000000000000000000000000000000000..3ac44b5944164c4f8de14c5b1ceedf7e6c022ee3 --- /dev/null +++ b/lib/aarch64/memcpy_aarch64.S @@ -0,0 +1,63 @@ +/********************************************************************** + SPDX-FileCopyrightText: Copyright 2025 Arm Limited and/or its + affiliates + SPDX-License-Identifier: BSD-3-Clause + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + + * Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +**********************************************************************/ + + .arch armv8-a + +/* void safe_memcpy(void *dst, const void *src, const size_t size); + * function is declare in lib/include/memcpy.h */ + + .global safe_memcpy + .type safe_memcpy, %function + + dst .req x0 + src .req x1 + size .req x2 + +safe_memcpy: + cbz size, .return + +.cpy_loop: + ldrb w3, [src], #1 // load byte from source, increment src + strb w3, [dst], #1 // store byte to destination, increment dst + subs size, size, #1 // decrement size val + b.ne .cpy_loop + +.return: + ret + + .size safe_memcpy, .-safe_memcpy + + .unreq dst + .unreq src + .unreq size diff --git a/lib/aarch64/sha1_mb_neon_x4.S b/lib/aarch64/sha1_mb_neon_x4.S index edf4748258cdd5117d385108c6253ca21814955f..eecc430cf3306c1deb6d4878e3bd182cf8903ec4 100644 --- a/lib/aarch64/sha1_mb_neon_x4.S +++ b/lib/aarch64/sha1_mb_neon_x4.S @@ -158,6 +158,44 @@ sha1_mb_neon_x4: stp data0, data1, [args, #320] stp data2, data3, [args, #336] +#ifdef SAFE_DATA + // Secure zeroing of temporary area: + mov x15, sp // Start zeroing from current sp (lower bound) + sub tmp, savedsp, x15 // Compute length to clear (in bytes) + + // Bulk zeroing in 8-byte chunks + cmp tmp, #8 // If less than 8, skip to tail loop + blt .zeroing_tail + + // Alignment check: sp must be 8-byte aligned + ands x16, x15, #7 // x16 = x15 % 8 + cbz x16, .zeroing_loop_8byte // Start zeroing 8byte chunks if aligned + + // Zeroing head byte by byte untill aligned + sub tmp, tmp, x16 // Reducing length by unaligned head size +.zeroing_head: + strb wzr, [x15], #1 + subs x16, x16, #1 + b.ne .zeroing_head + +.zeroing_loop_8byte: + str xzr, [x15], #8 + subs tmp, tmp, #8 + cmp tmp, #8 + bge .zeroing_loop_8byte + +.zeroing_tail: + // Zero remaining 0–7 bytes, if any + cbz tmp, .zeroing_done + +.zeroing_loop_byte: + strb wzr, [x15], #1 + subs tmp, tmp, #1 + b.ne .zeroing_loop_byte + +.zeroing_done: +#endif /* SAFE_DATA */ + mov tmp, digest0 st4 {VA.s,VB.s,VC.s,VD.s}[0],[tmp],#16 st1 {VE.s}[0],[tmp] diff --git a/lib/include/memcpy.h b/lib/include/memcpy.h index d4fc39db863181436a810f161309d86185ec1cf5..0aee72eef94181f4ec779970b9bce92ce681f901 100644 --- a/lib/include/memcpy.h +++ b/lib/include/memcpy.h @@ -28,6 +28,8 @@ #ifndef MEMCPY_H #define MEMCPY_H +#ifndef __aarch64__ + /* Memcpy up to 16 bytes with SSE instructions */ void memcpy_fn_sse_16(void *dst, const void *src, const size_t size); @@ -40,6 +42,8 @@ memcpy_fn_avx_16(void *dst, const void *src, const size_t size); void memcpy_fn_sse_128(void *dst, const void *src); +#endif /* __aarch64__ */ + /* Basic memcpy that doesn't use stack */ void safe_memcpy(void *dst, const void *src, const size_t size); diff --git a/lib/x86_64/hmac_ipad_opad.c b/lib/x86_64/hmac_ipad_opad.c index 4c4272f24bab1e453b7e298f494c5720f6c99841..86498355e3f9503137896138a4996de0eb5a5439 100644 --- a/lib/x86_64/hmac_ipad_opad.c +++ b/lib/x86_64/hmac_ipad_opad.c @@ -33,9 +33,7 @@ #include #include "include/error.h" -#ifndef __aarch64__ #include "include/memcpy.h" -#endif #include "include/arch_sse_type1.h" /* sm3_one_block_sse(), sm3_msg_sse() */ @@ -109,11 +107,7 @@ imb_hmac_ipad_opad(IMB_MGR *mb_mgr, const IMB_HASH_ALG sha_type, const void *pke /* prepare the key */ if (local_key_len == key_len) { -#ifndef __aarch64__ safe_memcpy(key, pkey, key_len); -#else /* __aarhc64 */ - memcpy(key, pkey, key_len); -#endif /* __aarch64__ */ } else switch (sha_type) { case IMB_AUTH_HMAC_SHA_1: