1 // Copyright 2017 The BoringSSL Authors
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 #ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_DELOCATE_H
16 #define OPENSSL_HEADER_CRYPTO_FIPSMODULE_DELOCATE_H
17 
18 #include <openssl/base.h>
19 
20 #include "../internal.h"
21 
22 
23 #if !defined(BORINGSSL_SHARED_LIBRARY) && defined(BORINGSSL_FIPS) && \
24     !defined(OPENSSL_ASAN) && !defined(OPENSSL_MSAN)
25 #define DEFINE_BSS_GET(type, name, init_value)                                 \
26   /* delocate needs C linkage and for |name| to be unique across BCM. */       \
27   extern "C" {                                                                 \
28   extern type bcm_##name;                                                      \
29   type bcm_##name = init_value;                                                \
30   type *bcm_##name##_bss_get(void) __attribute__((const));                     \
31   } /* extern "C" */                                                           \
32                                                                                \
33   /* The getter functions are exported, but static variables are usually named \
34    * with short names. Define a static wrapper function so the caller can use  \
35    * a short name, while the symbol itself is prefixed. */                     \
36   static type *name##_bss_get(void) { return bcm_##name##_bss_get(); }
37 // For FIPS builds we require that CRYPTO_ONCE_INIT be zero.
38 #define DEFINE_STATIC_ONCE(name) \
39   DEFINE_BSS_GET(CRYPTO_once_t, name, CRYPTO_ONCE_INIT)
40 // For FIPS builds we require that CRYPTO_MUTEX_INIT be zero.
41 #define DEFINE_STATIC_MUTEX(name) \
42   DEFINE_BSS_GET(CRYPTO_MUTEX, name, CRYPTO_MUTEX_INIT)
43 // For FIPS builds we require that CRYPTO_EX_DATA_CLASS_INIT be zero.
44 #define DEFINE_STATIC_EX_DATA_CLASS(name) \
45   DEFINE_BSS_GET(CRYPTO_EX_DATA_CLASS, name, CRYPTO_EX_DATA_CLASS_INIT)
46 #else
47 #define DEFINE_BSS_GET(type, name, init_value) \
48   static type name = init_value;               \
49   static type *name##_bss_get(void) { return &name; }
50 #define DEFINE_STATIC_ONCE(name)                \
51   static CRYPTO_once_t name = CRYPTO_ONCE_INIT; \
52   static CRYPTO_once_t *name##_bss_get(void) { return &name; }
53 #define DEFINE_STATIC_MUTEX(name)               \
54   static CRYPTO_MUTEX name = CRYPTO_MUTEX_INIT; \
55   static CRYPTO_MUTEX *name##_bss_get(void) { return &name; }
56 #define DEFINE_STATIC_EX_DATA_CLASS(name)                       \
57   static CRYPTO_EX_DATA_CLASS name = CRYPTO_EX_DATA_CLASS_INIT; \
58   static CRYPTO_EX_DATA_CLASS *name##_bss_get(void) { return &name; }
59 #endif
60 
61 #define DEFINE_DATA(type, name, accessor_decorations)                         \
62   DEFINE_BSS_GET(type, name##_storage, {})                                    \
63   DEFINE_STATIC_ONCE(name##_once)                                             \
64   static void name##_do_init(type *out);                                      \
65   static void name##_init(void) { name##_do_init(name##_storage_bss_get()); } \
66   accessor_decorations type *name(void) {                                     \
67     CRYPTO_once(name##_once_bss_get(), name##_init);                          \
68     /* See http://c-faq.com/ansi/constmismatch.html for why the following     \
69      * cast is needed. */                                                     \
70     return (const type *)name##_storage_bss_get();                            \
71   }                                                                           \
72   static void name##_do_init(type *out)
73 
74 // DEFINE_METHOD_FUNCTION defines a function named |name| which returns a
75 // method table of type const |type|*. In FIPS mode, to avoid rel.ro data, it
76 // is split into a CRYPTO_once_t-guarded initializer in the module and
77 // unhashed, non-module accessor functions to space reserved in the BSS. The
78 // method table is initialized by a caller-supplied function which takes a
79 // parameter named |out| of type |type|*. The caller should follow the macro
80 // invocation with the body of this function:
81 //
82 //     DEFINE_METHOD_FUNCTION(EVP_MD, EVP_md4) {
83 //       out->type = NID_md4;
84 //       out->md_size = MD4_DIGEST_LENGTH;
85 //       out->flags = 0;
86 //       out->init = md4_init;
87 //       out->update = md4_update;
88 //       out->final = md4_final;
89 //       out->block_size = 64;
90 //       out->ctx_size = sizeof(MD4_CTX);
91 //     }
92 //
93 // This mechanism does not use a static initializer because their execution
94 // order is undefined. See FIPS.md for more details.
95 #define DEFINE_METHOD_FUNCTION(type, name) DEFINE_DATA(type, name, const)
96 
97 #define DEFINE_LOCAL_DATA(type, name) DEFINE_DATA(type, name, static const)
98 
99 #endif  // OPENSSL_HEADER_CRYPTO_FIPSMODULE_DELOCATE_H
100