diff --git a/libc/calls/sigenter-xnu.c b/libc/calls/sigenter-xnu.c index 070d87836..825c1427b 100644 --- a/libc/calls/sigenter-xnu.c +++ b/libc/calls/sigenter-xnu.c @@ -20,6 +20,7 @@ #include "libc/calls/internal.h" #include "libc/calls/struct/siginfo.h" #include "libc/calls/ucontext.h" +#include "libc/intrin/repstosb.h" #include "libc/str/str.h" /** @@ -401,7 +402,14 @@ noasan static void xnuthreadstate2linux( mc->fs = xnuss->__fs; mc->eflags = xnuss->__rflags; uc->uc_flags = xnuss->__rflags; - memcpy(&mc->r8, &xnuss->__r8, 8 * sizeof(int64_t)); + mc->r8 = xnuss->__r8; + mc->r9 = xnuss->__r9; + mc->r10 = xnuss->__r10; + mc->r11 = xnuss->__r11; + mc->r12 = xnuss->__r12; + mc->r13 = xnuss->__r13; + mc->r14 = xnuss->__r14; + mc->r15 = xnuss->__r15; } noasan static void linuxthreadstate2xnu( @@ -420,7 +428,21 @@ noasan static void linuxthreadstate2xnu( xnuss->__fs = mc->fs; xnuss->__rflags = mc->eflags; xnuss->__rflags = uc->uc_flags; - memcpy(&xnuss->__r8, &mc->r8, 8 * sizeof(int64_t)); + xnuss->__r8 = mc->r8; + xnuss->__r9 = mc->r9; + xnuss->__r10 = mc->r10; + xnuss->__r11 = mc->r11; + xnuss->__r12 = mc->r12; + xnuss->__r13 = mc->r13; + xnuss->__r14 = mc->r14; + xnuss->__r15 = mc->r15; +} + +noasan static void CopyFpXmmRegs(void *d, const void *s) { + size_t i; + for (i = 0; i < (8 + 16) * 16; i += 16) { + __builtin_memcpy((char *)d + i, (const char *)s + i, 16); + } } noasan static void xnussefpustate2linux( @@ -433,8 +455,7 @@ noasan static void xnussefpustate2linux( fs->rdp = xnufs->__fpu_dp; fs->mxcsr = xnufs->__fpu_mxcsr; fs->mxcr_mask = xnufs->__fpu_mxcsrmask; - /* copy st0-st7 as well as xmm0-xmm15 */ - memcpy(fs->st, &xnufs->__fpu_stmm0, (8 + 16) * sizeof(uint128_t)); + CopyFpXmmRegs(fs->st, &xnufs->__fpu_stmm0); } noasan static void linuxssefpustate2xnu( @@ -447,8 +468,7 @@ noasan static void linuxssefpustate2xnu( xnufs->__fpu_dp = fs->rdp; xnufs->__fpu_mxcsr = fs->mxcsr; xnufs->__fpu_mxcsrmask = fs->mxcr_mask; - /* copy st0-st7 as well as xmm0-xmm15 */ - memcpy(&xnufs->__fpu_stmm0, fs->st, (8 + 16) * sizeof(uint128_t)); + CopyFpXmmRegs(&xnufs->__fpu_stmm0, fs->st); } noasan void __sigenter_xnu(void *fn, int infostyle, int sig, @@ -462,10 +482,9 @@ noasan void __sigenter_xnu(void *fn, int infostyle, int sig, } g; rva = __sighandrvas[sig & (NSIG - 1)]; if (rva >= kSigactionMinRva) { - memset(&g, 0, sizeof(g)); + repstosb(&g, 0, sizeof(g)); if (xnuctx) { - memcpy(&g.uc.uc_sigmask, &xnuctx->uc_sigmask, - MIN(sizeof(g.uc.uc_sigmask), sizeof(xnuctx->uc_sigmask))); + g.uc.uc_sigmask.__bits[0] = xnuctx->uc_sigmask; g.uc.uc_stack.ss_sp = xnuctx->uc_stack.ss_sp; g.uc.uc_stack.ss_flags = xnuctx->uc_stack.ss_flags; g.uc.uc_stack.ss_size = xnuctx->uc_stack.ss_size; diff --git a/libc/intrin/mpsadbw.c b/libc/intrin/mpsadbw.c index 8b7d7a8b9..ab0687508 100644 --- a/libc/intrin/mpsadbw.c +++ b/libc/intrin/mpsadbw.c @@ -40,5 +40,5 @@ void(mpsadbw)(uint16_t c[8], const uint8_t b[16], const uint8_t a[16], r[i] += ABS(b[(control & 4) + i + j] - a[(control & 3) * 4 + j]); } } - memcpy(c, r, 16); + __builtin_memcpy(c, r, 16); } diff --git a/libc/intrin/pabsb.c b/libc/intrin/pabsb.c index 8eb89a384..695c4bcdc 100644 --- a/libc/intrin/pabsb.c +++ b/libc/intrin/pabsb.c @@ -30,5 +30,5 @@ void(pabsb)(uint8_t a[16], const int8_t b[16]) { for (i = 0; i < 16; ++i) { r[i] = ABS(b[i]); } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pabsd.c b/libc/intrin/pabsd.c index b01f3b12b..77f9f6f77 100644 --- a/libc/intrin/pabsd.c +++ b/libc/intrin/pabsd.c @@ -30,5 +30,5 @@ void(pabsd)(uint32_t a[4], const int32_t b[4]) { for (i = 0; i < 4; ++i) { r[i] = b[i] >= 0 ? b[i] : -(uint32_t)b[i]; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pabsw.c b/libc/intrin/pabsw.c index 746fe000e..b028bf0a9 100644 --- a/libc/intrin/pabsw.c +++ b/libc/intrin/pabsw.c @@ -30,5 +30,5 @@ void(pabsw)(uint16_t a[8], const int16_t b[8]) { for (i = 0; i < 8; ++i) { r[i] = ABS(b[i]); } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/packsswb.c b/libc/intrin/packsswb.c index 303164ce1..b80e869c4 100644 --- a/libc/intrin/packsswb.c +++ b/libc/intrin/packsswb.c @@ -34,5 +34,5 @@ void(packsswb)(int8_t a[16], const int16_t b[8], const int16_t c[8]) { int8_t r[16]; for (i = 0; i < 8; ++i) r[i + 0] = MIN(INT8_MAX, MAX(INT8_MIN, b[i])); for (i = 0; i < 8; ++i) r[i + 8] = MIN(INT8_MAX, MAX(INT8_MIN, c[i])); - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/packusdw.c b/libc/intrin/packusdw.c index 000ba0e27..116b09b67 100644 --- a/libc/intrin/packusdw.c +++ b/libc/intrin/packusdw.c @@ -30,5 +30,5 @@ void(packusdw)(uint16_t a[8], const int32_t b[4], const int32_t c[4]) { uint16_t r[8]; for (i = 0; i < 4; ++i) r[i + 0] = MIN(UINT16_MAX, MAX(UINT16_MIN, b[i])); for (i = 0; i < 4; ++i) r[i + 4] = MIN(UINT16_MAX, MAX(UINT16_MIN, c[i])); - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/packuswb.c b/libc/intrin/packuswb.c index 7ac7d14c4..01bb45803 100644 --- a/libc/intrin/packuswb.c +++ b/libc/intrin/packuswb.c @@ -34,5 +34,5 @@ void(packuswb)(uint8_t a[16], const int16_t b[8], const int16_t c[8]) { uint8_t r[16]; for (i = 0; i < 8; ++i) r[i + 0] = MIN(UINT8_MAX, MAX(UINT8_MIN, b[i])); for (i = 0; i < 8; ++i) r[i + 8] = MIN(UINT8_MAX, MAX(UINT8_MIN, c[i])); - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/paddb.c b/libc/intrin/paddb.c index 345c5a3b8..445f329fc 100644 --- a/libc/intrin/paddb.c +++ b/libc/intrin/paddb.c @@ -31,5 +31,5 @@ void(paddb)(int8_t a[16], const int8_t b[16], const int8_t c[16]) { unsigned i; int8_t r[16]; for (i = 0; i < 16; ++i) r[i] = b[i] + c[i]; - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/paddd.c b/libc/intrin/paddd.c index e894c8adf..3bffd0c8f 100644 --- a/libc/intrin/paddd.c +++ b/libc/intrin/paddd.c @@ -33,5 +33,5 @@ void(paddd)(uint32_t a[4], const uint32_t b[4], const uint32_t c[4]) { for (i = 0; i < 4; ++i) { r[i] = b[i] + c[i]; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/paddq.c b/libc/intrin/paddq.c index 56168c91d..a9efb5d57 100644 --- a/libc/intrin/paddq.c +++ b/libc/intrin/paddq.c @@ -31,5 +31,5 @@ void(paddq)(uint64_t a[2], const uint64_t b[2], const uint64_t c[2]) { unsigned i; uint64_t r[2]; for (i = 0; i < 2; ++i) r[i] = b[i] + c[i]; - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/paddsb.c b/libc/intrin/paddsb.c index 7662d6d52..cdec707a6 100644 --- a/libc/intrin/paddsb.c +++ b/libc/intrin/paddsb.c @@ -35,5 +35,5 @@ void(paddsb)(int8_t a[16], const int8_t b[16], const int8_t c[16]) { for (i = 0; i < 16; ++i) { r[i] = MIN(INT8_MAX, MAX(INT8_MIN, b[i] + c[i])); } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/paddsw.c b/libc/intrin/paddsw.c index 25af32986..0e597be4e 100644 --- a/libc/intrin/paddsw.c +++ b/libc/intrin/paddsw.c @@ -35,5 +35,5 @@ void(paddsw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { for (i = 0; i < 8; ++i) { r[i] = MIN(SHRT_MAX, MAX(SHRT_MIN, b[i] + c[i])); } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/paddusb.c b/libc/intrin/paddusb.c index 72c846273..790d678ae 100644 --- a/libc/intrin/paddusb.c +++ b/libc/intrin/paddusb.c @@ -35,5 +35,5 @@ void(paddusb)(uint8_t a[16], const uint8_t b[16], const uint8_t c[16]) { for (i = 0; i < 16; ++i) { r[i] = MIN(UINT8_MAX, b[i] + c[i]); } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/paddusw.c b/libc/intrin/paddusw.c index 7cbcdbddd..46bc976f5 100644 --- a/libc/intrin/paddusw.c +++ b/libc/intrin/paddusw.c @@ -35,5 +35,5 @@ void(paddusw)(uint16_t a[8], const uint16_t b[8], const uint16_t c[8]) { for (i = 0; i < 8; ++i) { r[i] = MIN(UINT16_MAX, b[i] + c[i]); } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/paddw.c b/libc/intrin/paddw.c index ae3176549..136b5b335 100644 --- a/libc/intrin/paddw.c +++ b/libc/intrin/paddw.c @@ -35,5 +35,5 @@ void(paddw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { for (i = 0; i < 8; ++i) { r[i] = b[i] + c[i]; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/palignr.c b/libc/intrin/palignr.c index 79d73321b..5ddde2c34 100644 --- a/libc/intrin/palignr.c +++ b/libc/intrin/palignr.c @@ -36,8 +36,8 @@ */ void(palignr)(void *c, const void *b, const void *a, unsigned long i) { char t[48]; - memcpy(t, a, 16); - memcpy(t + 16, b, 16); - memset(t + 32, 0, 16); - memcpy(c, t + MIN(i, 32), 16); + __builtin_memcpy(t, a, 16); + __builtin_memcpy(t + 16, b, 16); + __builtin_memset(t + 32, 0, 16); + __builtin_memcpy(c, t + MIN(i, 32), 16); } diff --git a/libc/intrin/pavgb.c b/libc/intrin/pavgb.c index 1d3ecada1..90a3643db 100644 --- a/libc/intrin/pavgb.c +++ b/libc/intrin/pavgb.c @@ -33,5 +33,5 @@ void(pavgb)(uint8_t a[16], const uint8_t b[16], const uint8_t c[16]) { for (i = 0; i < 16; ++i) { r[i] = (b[i] + c[i] + 1) >> 1; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pavgw.c b/libc/intrin/pavgw.c index 1e446b0cb..5cb2536cc 100644 --- a/libc/intrin/pavgw.c +++ b/libc/intrin/pavgw.c @@ -33,5 +33,5 @@ void(pavgw)(uint16_t a[8], const uint16_t b[8], const uint16_t c[8]) { for (i = 0; i < 8; ++i) { r[i] = (b[i] + c[i] + 1) >> 1; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pcmpeqb.c b/libc/intrin/pcmpeqb.c index 7480fe36f..a8ddf894c 100644 --- a/libc/intrin/pcmpeqb.c +++ b/libc/intrin/pcmpeqb.c @@ -31,5 +31,5 @@ void(pcmpeqb)(uint8_t a[16], const uint8_t b[16], const uint8_t c[16]) { unsigned i; uint8_t r[16]; for (i = 0; i < 16; ++i) r[i] = -(b[i] == c[i]); - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pcmpeqd.c b/libc/intrin/pcmpeqd.c index 2674c4c14..ed4dcaf5e 100644 --- a/libc/intrin/pcmpeqd.c +++ b/libc/intrin/pcmpeqd.c @@ -31,5 +31,5 @@ void(pcmpeqd)(int32_t a[4], const int32_t b[4], const int32_t c[4]) { unsigned i; int32_t r[4]; for (i = 0; i < 4; ++i) r[i] = -(b[i] == c[i]); - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pcmpeqw.c b/libc/intrin/pcmpeqw.c index 56ca7811d..e3a2340cc 100644 --- a/libc/intrin/pcmpeqw.c +++ b/libc/intrin/pcmpeqw.c @@ -31,5 +31,5 @@ void(pcmpeqw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { unsigned i; int16_t r[8]; for (i = 0; i < 8; ++i) r[i] = -(b[i] == c[i]); - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pcmpgtb.c b/libc/intrin/pcmpgtb.c index 7e7d71ac9..bcb6f1820 100644 --- a/libc/intrin/pcmpgtb.c +++ b/libc/intrin/pcmpgtb.c @@ -33,5 +33,5 @@ void(pcmpgtb)(int8_t a[16], const int8_t b[16], const int8_t c[16]) { unsigned i; int8_t r[16]; for (i = 0; i < 16; ++i) r[i] = -(b[i] > c[i]); - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pcmpgtd.c b/libc/intrin/pcmpgtd.c index 2e3274887..5e34bb93b 100644 --- a/libc/intrin/pcmpgtd.c +++ b/libc/intrin/pcmpgtd.c @@ -31,5 +31,5 @@ void(pcmpgtd)(int32_t a[4], const int32_t b[4], const int32_t c[4]) { unsigned i; int32_t r[4]; for (i = 0; i < 4; ++i) r[i] = -(b[i] > c[i]); - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pcmpgtw.c b/libc/intrin/pcmpgtw.c index e4672db55..6ce418f98 100644 --- a/libc/intrin/pcmpgtw.c +++ b/libc/intrin/pcmpgtw.c @@ -31,5 +31,5 @@ void(pcmpgtw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { unsigned i; int16_t r[8]; for (i = 0; i < 8; ++i) r[i] = -(b[i] > c[i]); - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/phaddd.c b/libc/intrin/phaddd.c index 8ead1b4bb..08bbba240 100644 --- a/libc/intrin/phaddd.c +++ b/libc/intrin/phaddd.c @@ -34,5 +34,5 @@ void(phaddd)(uint32_t a[4], const uint32_t b[4], const uint32_t c[4]) { t[1] = b[2] + b[3]; t[2] = c[0] + c[1]; t[3] = c[2] + c[3]; - memcpy(a, t, sizeof(t)); + __builtin_memcpy(a, t, sizeof(t)); } diff --git a/libc/intrin/phaddw.c b/libc/intrin/phaddw.c index 37e7a93ab..ee2d7e7a1 100644 --- a/libc/intrin/phaddw.c +++ b/libc/intrin/phaddw.c @@ -38,5 +38,5 @@ void(phaddw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { t[5] = c[2] + c[3]; t[6] = c[4] + c[5]; t[7] = c[6] + c[7]; - memcpy(a, t, sizeof(t)); + __builtin_memcpy(a, t, sizeof(t)); } diff --git a/libc/intrin/phsubd.c b/libc/intrin/phsubd.c index c8efc0430..ae86483b2 100644 --- a/libc/intrin/phsubd.c +++ b/libc/intrin/phsubd.c @@ -34,5 +34,5 @@ void(phsubd)(uint32_t a[4], const uint32_t b[4], const uint32_t c[4]) { t[1] = b[2] - b[3]; t[2] = c[0] - c[1]; t[3] = c[2] - c[3]; - memcpy(a, t, sizeof(t)); + __builtin_memcpy(a, t, sizeof(t)); } diff --git a/libc/intrin/phsubw.c b/libc/intrin/phsubw.c index e3da89b0e..9a03e20e6 100644 --- a/libc/intrin/phsubw.c +++ b/libc/intrin/phsubw.c @@ -38,5 +38,5 @@ void(phsubw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { t[5] = c[2] - c[3]; t[6] = c[4] - c[5]; t[7] = c[6] - c[7]; - memcpy(a, t, sizeof(t)); + __builtin_memcpy(a, t, sizeof(t)); } diff --git a/libc/intrin/pmaxsw.c b/libc/intrin/pmaxsw.c index 75471b360..179fe5adb 100644 --- a/libc/intrin/pmaxsw.c +++ b/libc/intrin/pmaxsw.c @@ -34,5 +34,5 @@ void(pmaxsw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { for (i = 0; i < 8; ++i) { r[i] = MAX(b[i], c[i]); } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pminsw.c b/libc/intrin/pminsw.c index 6c5e7eb6a..e72cf0424 100644 --- a/libc/intrin/pminsw.c +++ b/libc/intrin/pminsw.c @@ -34,5 +34,5 @@ void(pminsw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { for (i = 0; i < 8; ++i) { r[i] = MIN(b[i], c[i]); } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pmulhrsw.c b/libc/intrin/pmulhrsw.c index 2a49acbd3..adb7cc891 100644 --- a/libc/intrin/pmulhrsw.c +++ b/libc/intrin/pmulhrsw.c @@ -31,5 +31,5 @@ void(pmulhrsw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { unsigned i; int16_t r[8]; for (i = 0; i < 8; ++i) r[i] = (((b[i] * c[i]) >> 14) + 1) >> 1; - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pmulhuw.c b/libc/intrin/pmulhuw.c index 0614cdedd..ffb529dca 100644 --- a/libc/intrin/pmulhuw.c +++ b/libc/intrin/pmulhuw.c @@ -37,5 +37,5 @@ void(pmulhuw)(uint16_t a[8], const uint16_t b[8], const uint16_t c[8]) { x >>= 16; r[i] = x; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pmulhw.c b/libc/intrin/pmulhw.c index e0dcc085b..86f7c2abf 100644 --- a/libc/intrin/pmulhw.c +++ b/libc/intrin/pmulhw.c @@ -33,5 +33,5 @@ void(pmulhw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { for (i = 0; i < 8; ++i) { r[i] = ((b[i] * c[i]) & 0xffff0000) >> 16; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pmulld.c b/libc/intrin/pmulld.c index b8c29dee9..57fff8780 100644 --- a/libc/intrin/pmulld.c +++ b/libc/intrin/pmulld.c @@ -34,5 +34,5 @@ void(pmulld)(uint32_t a[4], const uint32_t b[4], const uint32_t c[4]) { for (i = 0; i < 4; ++i) { r[i] = b[i] * c[i]; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pmullw.c b/libc/intrin/pmullw.c index 657cfb7d1..91762a474 100644 --- a/libc/intrin/pmullw.c +++ b/libc/intrin/pmullw.c @@ -33,5 +33,5 @@ void(pmullw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { for (i = 0; i < 8; ++i) { r[i] = b[i] * c[i]; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pshufb.c b/libc/intrin/pshufb.c index 7a27ce4a0..1028419d2 100644 --- a/libc/intrin/pshufb.c +++ b/libc/intrin/pshufb.c @@ -33,5 +33,5 @@ void(pshufb)(uint8_t a[16], const uint8_t b[16], const uint8_t c[16]) { unsigned i; uint8_t r[16]; for (i = 0; i < 16; ++i) r[i] = (c[i] & 0x80) ? 0 : b[c[i] & 0x0F]; - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/pshufd.c b/libc/intrin/pshufd.c index 3f15dbe40..993b05e70 100644 --- a/libc/intrin/pshufd.c +++ b/libc/intrin/pshufd.c @@ -30,5 +30,5 @@ void(pshufd)(int32_t b[4], const int32_t a[4], uint8_t m) { t[1] = a[(m & 0b00001100) >> 2]; t[2] = a[(m & 0b00110000) >> 4]; t[3] = a[(m & 0b11000000) >> 6]; - memcpy(b, t, 16); + __builtin_memcpy(b, t, 16); } diff --git a/libc/intrin/pslld.c b/libc/intrin/pslld.c index 18f342dc2..8d9107d27 100644 --- a/libc/intrin/pslld.c +++ b/libc/intrin/pslld.c @@ -32,6 +32,6 @@ void(pslld)(uint32_t a[4], const uint32_t b[4], unsigned char c) { a[i] = b[i] << c; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/pslldq.c b/libc/intrin/pslldq.c index 74115e46d..6285204ba 100644 --- a/libc/intrin/pslldq.c +++ b/libc/intrin/pslldq.c @@ -32,5 +32,5 @@ void(pslldq)(uint8_t b[16], const uint8_t a[16], unsigned long n) { if (n > 16) n = 16; for (i = 0; i < n; ++i) t[i] = 0; for (i = 0; i < 16 - n; ++i) t[n + i] = a[i]; - memcpy(b, t, 16); + __builtin_memcpy(b, t, 16); } diff --git a/libc/intrin/pslldv.c b/libc/intrin/pslldv.c index 6fc60111e..ff746386a 100644 --- a/libc/intrin/pslldv.c +++ b/libc/intrin/pslldv.c @@ -30,6 +30,6 @@ void(pslldv)(uint32_t a[4], const uint32_t b[4], const uint64_t c[2]) { a[i] = b[i] << c[0]; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/psllq.c b/libc/intrin/psllq.c index 79372a776..63340cf01 100644 --- a/libc/intrin/psllq.c +++ b/libc/intrin/psllq.c @@ -32,6 +32,6 @@ void(psllq)(uint64_t a[2], const uint64_t b[2], unsigned char c) { a[i] = b[i] << c; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/psllqv.c b/libc/intrin/psllqv.c index 4e4527126..40b8165ce 100644 --- a/libc/intrin/psllqv.c +++ b/libc/intrin/psllqv.c @@ -30,6 +30,6 @@ void(psllqv)(uint64_t a[2], const uint64_t b[2], const uint64_t c[2]) { a[i] = b[i] << c[0]; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/psllw.c b/libc/intrin/psllw.c index a9c4f166d..380215513 100644 --- a/libc/intrin/psllw.c +++ b/libc/intrin/psllw.c @@ -32,6 +32,6 @@ void(psllw)(uint16_t a[8], const uint16_t b[8], unsigned char c) { a[i] = b[i] << c; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/psllwv.c b/libc/intrin/psllwv.c index 08da0d7ad..5d0b23442 100644 --- a/libc/intrin/psllwv.c +++ b/libc/intrin/psllwv.c @@ -31,6 +31,6 @@ void(psllwv)(uint16_t a[8], const uint16_t b[8], const uint64_t c[2]) { a[i] = b[i] << c[0]; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/psrld.c b/libc/intrin/psrld.c index 09971f0aa..ec9ac8346 100644 --- a/libc/intrin/psrld.c +++ b/libc/intrin/psrld.c @@ -33,6 +33,6 @@ void(psrld)(uint32_t a[4], const uint32_t b[4], unsigned char c) { a[i] = b[i] >> c; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/psrldv.c b/libc/intrin/psrldv.c index 182960778..7b3dbe0cc 100644 --- a/libc/intrin/psrldv.c +++ b/libc/intrin/psrldv.c @@ -32,6 +32,6 @@ void(psrldv)(uint32_t a[4], const uint32_t b[4], const uint64_t c[2]) { a[i] = b[i] >> c[0]; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/psrlq.c b/libc/intrin/psrlq.c index a5b3a8938..37613a768 100644 --- a/libc/intrin/psrlq.c +++ b/libc/intrin/psrlq.c @@ -33,6 +33,6 @@ void(psrlq)(uint64_t a[2], const uint64_t b[2], unsigned char c) { a[i] = b[i] >> c; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/psrlqv.c b/libc/intrin/psrlqv.c index 973988788..8ba6f4765 100644 --- a/libc/intrin/psrlqv.c +++ b/libc/intrin/psrlqv.c @@ -32,6 +32,6 @@ void(psrlqv)(uint64_t a[2], const uint64_t b[2], const uint64_t c[2]) { a[i] = b[i] >> c[0]; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/psrlw.c b/libc/intrin/psrlw.c index da41104a3..cfc5bc0d1 100644 --- a/libc/intrin/psrlw.c +++ b/libc/intrin/psrlw.c @@ -33,6 +33,6 @@ void(psrlw)(uint16_t a[8], const uint16_t b[8], unsigned char c) { a[i] = b[i] >> c; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/psrlwv.c b/libc/intrin/psrlwv.c index 7ff13b3ca..cf11f2d87 100644 --- a/libc/intrin/psrlwv.c +++ b/libc/intrin/psrlwv.c @@ -32,6 +32,6 @@ void(psrlwv)(uint16_t a[8], const uint16_t b[8], const uint64_t c[2]) { a[i] = b[i] >> c[0]; } } else { - memset(a, 0, 16); + __builtin_memset(a, 0, 16); } } diff --git a/libc/intrin/psubb.c b/libc/intrin/psubb.c index d23ad0942..0f17872d9 100644 --- a/libc/intrin/psubb.c +++ b/libc/intrin/psubb.c @@ -33,5 +33,5 @@ void(psubb)(uint8_t a[16], const uint8_t b[16], const uint8_t c[16]) { for (i = 0; i < 16; ++i) { r[i] = b[i] - c[i]; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/psubd.c b/libc/intrin/psubd.c index f93d9dac5..b21bd6f4b 100644 --- a/libc/intrin/psubd.c +++ b/libc/intrin/psubd.c @@ -33,5 +33,5 @@ void(psubd)(uint32_t a[4], const uint32_t b[4], const uint32_t c[4]) { for (i = 0; i < 4; ++i) { r[i] = b[i] - c[i]; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/psubq.c b/libc/intrin/psubq.c index 495f6d5ca..44efe9853 100644 --- a/libc/intrin/psubq.c +++ b/libc/intrin/psubq.c @@ -33,5 +33,5 @@ void(psubq)(uint64_t a[2], const uint64_t b[2], const uint64_t c[2]) { for (i = 0; i < 2; ++i) { r[i] = b[i] - c[i]; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/psubsb.c b/libc/intrin/psubsb.c index 934f0e9e9..e7e7d3049 100644 --- a/libc/intrin/psubsb.c +++ b/libc/intrin/psubsb.c @@ -33,5 +33,5 @@ void(psubsb)(int8_t a[16], const int8_t b[16], const int8_t c[16]) { unsigned i; int8_t r[16]; for (i = 0; i < 16; ++i) r[i] = MIN(INT8_MAX, MAX(INT8_MIN, b[i] - c[i])); - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/psubsw.c b/libc/intrin/psubsw.c index 0ca566ec1..119c07026 100644 --- a/libc/intrin/psubsw.c +++ b/libc/intrin/psubsw.c @@ -33,5 +33,5 @@ void(psubsw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { unsigned i; int16_t r[8]; for (i = 0; i < 8; ++i) r[i] = MIN(INT16_MAX, MAX(INT16_MIN, b[i] - c[i])); - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/psubusb.c b/libc/intrin/psubusb.c index 93d3abbd2..817f75c5b 100644 --- a/libc/intrin/psubusb.c +++ b/libc/intrin/psubusb.c @@ -35,5 +35,5 @@ void(psubusb)(uint8_t a[16], const uint8_t b[16], const uint8_t c[16]) { for (i = 0; i < 16; ++i) { r[i] = MIN(UINT8_MAX, MAX(UINT8_MIN, b[i] - c[i])); } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/psubusw.c b/libc/intrin/psubusw.c index 560960d3c..ebe25a3df 100644 --- a/libc/intrin/psubusw.c +++ b/libc/intrin/psubusw.c @@ -35,5 +35,5 @@ void(psubusw)(uint16_t a[8], const uint16_t b[8], const uint16_t c[8]) { for (i = 0; i < 8; ++i) { r[i] = MIN(UINT16_MAX, MAX(UINT16_MIN, b[i] - c[i])); } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/psubw.c b/libc/intrin/psubw.c index 494c146b0..bdb0edb0c 100644 --- a/libc/intrin/psubw.c +++ b/libc/intrin/psubw.c @@ -33,5 +33,5 @@ void(psubw)(int16_t a[8], const int16_t b[8], const int16_t c[8]) { for (i = 0; i < 8; ++i) { r[i] = b[i] - c[i]; } - memcpy(a, r, 16); + __builtin_memcpy(a, r, 16); } diff --git a/libc/intrin/shufpd.c b/libc/intrin/shufpd.c index f51550201..51580a019 100644 --- a/libc/intrin/shufpd.c +++ b/libc/intrin/shufpd.c @@ -28,5 +28,5 @@ void(shufpd)(double c[2], const double b[2], const double a[2], uint8_t m) { double t[2]; t[0] = a[(m & 0b0000001) >> 0]; t[1] = b[(m & 0b0000010) >> 1]; - memcpy(c, t, 16); + __builtin_memcpy(c, t, 16); } diff --git a/libc/intrin/shufps.c b/libc/intrin/shufps.c index 514b31cd8..a4a9ee3d2 100644 --- a/libc/intrin/shufps.c +++ b/libc/intrin/shufps.c @@ -30,5 +30,5 @@ void(shufps)(float c[4], const float b[4], const float a[4], uint8_t m) { t[1] = b[(m & 0b00001100) >> 2]; t[2] = a[(m & 0b00110000) >> 4]; t[3] = a[(m & 0b11000000) >> 6]; - memcpy(c, t, 16); + __builtin_memcpy(c, t, 16); } diff --git a/libc/log/backtrace2.c b/libc/log/backtrace2.c index bbfac5f9b..72322ad3d 100644 --- a/libc/log/backtrace2.c +++ b/libc/log/backtrace2.c @@ -135,10 +135,12 @@ static int PrintBacktrace(int fd, const struct StackFrame *bp) { void ShowBacktrace(int fd, const struct StackFrame *bp) { static bool noreentry; + ++ftrace; if (!bp) bp = __builtin_frame_address(0); if (!noreentry) { noreentry = true; PrintBacktrace(fd, bp); - noreentry = 0; + noreentry = false; } + --ftrace; } diff --git a/libc/log/backtrace3.c b/libc/log/backtrace3.c index 7b02908e2..85a1c4982 100644 --- a/libc/log/backtrace3.c +++ b/libc/log/backtrace3.c @@ -42,6 +42,7 @@ */ int PrintBacktraceUsingSymbols(int fd, const struct StackFrame *bp, struct SymbolTable *st) { + int rc; char *p; size_t gi; intptr_t addr; @@ -50,10 +51,11 @@ int PrintBacktraceUsingSymbols(int fd, const struct StackFrame *bp, char buf[256], ibuf[21]; const struct Symbol *symbol; const struct StackFrame *frame; + ++ftrace; if (!bp) bp = __builtin_frame_address(0); garbage = weaken(__garbage); gi = garbage ? garbage->i : 0; - for (frame = bp; frame; frame = frame->next) { + for (rc = 0, frame = bp; frame; frame = frame->next) { addr = frame->addr; if (addr == weakaddr("__gc")) { do { @@ -80,8 +82,10 @@ int PrintBacktraceUsingSymbols(int fd, const struct StackFrame *bp, } *p++ = '\n'; if (write(fd, buf, p - buf) == -1) { - return -1; + rc = -1; + break; } } - return 0; + --ftrace; + return rc; } diff --git a/libc/log/getsymboltable.c b/libc/log/getsymboltable.c index 9217955c0..77b3a3ed2 100644 --- a/libc/log/getsymboltable.c +++ b/libc/log/getsymboltable.c @@ -30,10 +30,12 @@ struct SymbolTable *GetSymbolTable(void) { const char *debugbin; if (!once) { once = true; + ++ftrace; if ((debugbin = FindDebugBinary()) && (singleton = OpenSymbolTable(debugbin))) { __cxa_atexit(CloseSymbolTable, &singleton, NULL); } + --ftrace; } return singleton; } diff --git a/libc/log/log.h b/libc/log/log.h index ba54a42eb..7f0b76d0a 100644 --- a/libc/log/log.h +++ b/libc/log/log.h @@ -14,6 +14,7 @@ #define kLogInfo 3 #define kLogVerbose 4 #define kLogDebug 5 +#define kLogNoise 6 /** * Log level for compile-time DCE. @@ -60,6 +61,19 @@ extern unsigned __log_level; /* log level for runtime check */ ((!__builtin_constant_p(LEVEL) || (LEVEL) <= LOGGABLELEVEL) && \ (LEVEL) <= __log_level) +#define FATALF(FMT, ...) \ + do { \ + ffatalf(kLogFatal, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \ + unreachable; \ + } while (0) + +#define WARNF(FMT, ...) \ + do { \ + if (LOGGABLE(kLogWarn)) { \ + flogf(kLogWarn, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \ + } \ + } while (0) + #define LOGF(FMT, ...) \ do { \ if (LOGGABLE(kLogInfo)) { \ @@ -67,6 +81,27 @@ extern unsigned __log_level; /* log level for runtime check */ } \ } while (0) +#define VERBOSEF(FMT, ...) \ + do { \ + if (LOGGABLE(kLogVerbose)) { \ + fverbosef(kLogVerbose, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \ + } \ + } while (0) + +#define DEBUGF(FMT, ...) \ + do { \ + if (LOGGABLE(kLogDebug)) { \ + fdebugf(kLogDebug, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \ + } \ + } while (0) + +#define NOISEF(FMT, ...) \ + do { \ + if (LOGGABLE(kLogNoise)) { \ + fnoisef(kLogNoise, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \ + } \ + } while (0) + #define VFLOG(FMT, VA) \ do { \ if (LOGGABLE(kLogInfo)) { \ @@ -88,13 +123,6 @@ extern unsigned __log_level; /* log level for runtime check */ } \ } while (0) -#define WARNF(FMT, ...) \ - do { \ - if (LOGGABLE(kLogWarn)) { \ - flogf(kLogWarn, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \ - } \ - } while (0) - #define VWARNF(FMT, VA) \ do { \ if (LOGGABLE(kLogWarn)) { \ @@ -116,12 +144,6 @@ extern unsigned __log_level; /* log level for runtime check */ } \ } while (0) -#define FATALF(FMT, ...) \ - do { \ - ffatalf(kLogFatal, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \ - unreachable; \ - } while (0) - #define VFATALF(FMT, VA) \ do { \ vffatalf(kLogFatal, __FILE__, __LINE__, NULL, FMT, VA); \ @@ -140,20 +162,6 @@ extern unsigned __log_level; /* log level for runtime check */ unreachable; \ } while (0) -#define DEBUGF(FMT, ...) \ - do { \ - if (LOGGABLE(kLogDebug)) { \ - fdebugf(kLogDebug, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \ - } \ - } while (0) - -#define VERBOSEF(FMT, ...) \ - do { \ - if (LOGGABLE(kLogVerbose)) { \ - fverbosef(kLogVerbose, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \ - } \ - } while (0) - #define VDEBUGF(FMT, VA) \ do { \ if (LOGGABLE(kLogDebug)) { \ @@ -182,6 +190,20 @@ extern unsigned __log_level; /* log level for runtime check */ } \ } while (0) +#define VNOISEF(FMT, VA) \ + do { \ + if (LOGGABLE(kLogNoise)) { \ + vfnoisef(kLogNoise, __FILE__, __LINE__, NULL, FMT, VA); \ + } \ + } while (0) + +#define FNOISEF(F, FMT, ...) \ + do { \ + if (LOGGABLE(kLogNoise)) { \ + fnoisef(kLogNoise, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \ + } \ + } while (0) + /*───────────────────────────────────────────────────────────────────────────│─╗ │ cosmopolitan § liblog » on error resume next ─╬─│┼ ╚────────────────────────────────────────────────────────────────────────────│*/ @@ -219,6 +241,8 @@ void fverbosef(ARGS, ...) asm("flogf") ATTR relegated libcesque; void vfverbosef(ARGS, va_list) asm("vflogf") ATTRV relegated libcesque; void fdebugf(ARGS, ...) asm("flogf") ATTR relegated libcesque; void vfdebugf(ARGS, va_list) asm("vflogf") ATTRV relegated libcesque; +void fnoisef(ARGS, ...) asm("flogf") ATTR relegated libcesque; +void vfnoisef(ARGS, va_list) asm("vflogf") ATTRV relegated libcesque; void ffatalf(ARGS, ...) asm("flogf") ATTR relegated wontreturn libcesque; void vffatalf(ARGS, va_list) asm("vflogf") ATTRV relegated wontreturn libcesque; #undef ARGS diff --git a/libc/log/vflogf.c b/libc/log/vflogf.c index 6df133511..a775e2462 100644 --- a/libc/log/vflogf.c +++ b/libc/log/vflogf.c @@ -39,10 +39,6 @@ static struct timespec vflogf_ts; -static int vflogf_loglevel2char(unsigned level) { - return "FEWIVDYZ"[level & 7]; -} - /** * Takes corrective action if logging is on the fritz. */ @@ -87,6 +83,7 @@ void(vflogf)(unsigned level, const char *file, int line, FILE *f, int64_t secs, nsec, dots; if (!f) f = __log_file; if (!f) return; + ++ftrace; t2 = nowl(); secs = t2; nsec = (t2 - secs) * 1e9L; @@ -104,8 +101,8 @@ void(vflogf)(unsigned level, const char *file, int line, FILE *f, prog = basename(program_invocation_name); bufmode = f->bufmode; if (bufmode == _IOLBF) f->bufmode = _IOFBF; - if ((fprintf)(f, "%c%s%06ld:%s:%d:%.*s:%d] ", vflogf_loglevel2char(level), - buf32p, rem1000000int64(div1000int64(dots)), file, line, + if ((fprintf)(f, "%c%s%06ld:%s:%d:%.*s:%d] ", "FEWIVDNT"[level & 7], buf32p, + rem1000000int64(div1000int64(dots)), file, line, strchrnul(prog, '.') - prog, prog, getpid()) <= 0) { vflogf_onfail(f); } @@ -124,4 +121,5 @@ void(vflogf)(unsigned level, const char *file, int line, FILE *f, __die(); unreachable; } + --ftrace; } diff --git a/libc/nexgen32e/adc.S b/libc/nexgen32e/adc.S new file mode 100644 index 000000000..d58f7089b --- /dev/null +++ b/libc/nexgen32e/adc.S @@ -0,0 +1,39 @@ +/*-*- mode:unix-assembly; indent-tabs-mode:t; tab-width:8; coding:utf-8 -*-│ +│vi: set et ft=asm ts=8 tw=8 fenc=utf-8 :vi│ +╞══════════════════════════════════════════════════════════════════════════════╡ +│ Copyright 2021 Justine Alexandra Roberts Tunney │ +│ │ +│ Permission to use, copy, modify, and/or distribute this software for │ +│ any purpose with or without fee is hereby granted, provided that the │ +│ above copyright notice and this permission notice appear in all copies. │ +│ │ +│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL │ +│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED │ +│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE │ +│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL │ +│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR │ +│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER │ +│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │ +│ PERFORMANCE OF THIS SOFTWARE. │ +╚─────────────────────────────────────────────────────────────────────────────*/ +#include "libc/macros.internal.h" + +// Computes C = A + B +// +// @param rdi is C +// @param rsi is A +// @param rdx is B +// @param rcx is number of additions +// @return al has carry +adc: .leafprologue + test %ecx,%ecx + jz 1f + xor %r9d,%r9d +0: mov (%rsi,%r9,8),%rax + adc (%rdx,%r9,8),%rax + mov %rax,(%rdi,%r9,8) + inc %r9d + loop 0b +1: setb %al + .leafepilogue + .endfn adc,globl diff --git a/libc/nexgen32e/nexgen32e.h b/libc/nexgen32e/nexgen32e.h index 90aa608a6..56557bba0 100644 --- a/libc/nexgen32e/nexgen32e.h +++ b/libc/nexgen32e/nexgen32e.h @@ -22,6 +22,9 @@ int64_t rem10000int64(int64_t) libcesque pureconst; int64_t rem1000000int64(int64_t) libcesque pureconst; int64_t rem1000000000int64(int64_t) libcesque pureconst; +char sbb(uint64_t *, const uint64_t *, const uint64_t *, size_t); +char adc(uint64_t *, const uint64_t *, const uint64_t *, size_t); + COSMOPOLITAN_C_END_ #endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */ #endif /* COSMOPOLITAN_LIBC_NEXGEN32E_NEXGEN32E_H_ */ diff --git a/libc/nexgen32e/sub.S b/libc/nexgen32e/sub.S new file mode 100644 index 000000000..b065b90ff --- /dev/null +++ b/libc/nexgen32e/sub.S @@ -0,0 +1,41 @@ +/*-*- mode:unix-assembly; indent-tabs-mode:t; tab-width:8; coding:utf-8 -*-│ +│vi: set et ft=asm ts=8 tw=8 fenc=utf-8 :vi│ +╞══════════════════════════════════════════════════════════════════════════════╡ +│ Copyright 2021 Justine Alexandra Roberts Tunney │ +│ │ +│ Permission to use, copy, modify, and/or distribute this software for │ +│ any purpose with or without fee is hereby granted, provided that the │ +│ above copyright notice and this permission notice appear in all copies. │ +│ │ +│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL │ +│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED │ +│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE │ +│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL │ +│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR │ +│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER │ +│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │ +│ PERFORMANCE OF THIS SOFTWARE. │ +╚─────────────────────────────────────────────────────────────────────────────*/ +#include "libc/macros.internal.h" + +// Computes C = A - B +// +// Aliasing such as sbb(A,A,B) or sbb(B,A,B) is OK. +// +// @param rdi is C +// @param rsi is A +// @param rdx is B +// @param rcx is number of subtracts +// @return al is carry +sbb: .leafprologue + test %ecx,%ecx + jz 1f + xor %r9d,%r9d +0: mov (%rsi,%r9,8),%rax + sbb (%rdx,%r9,8),%rax + mov %rax,(%rdi,%r9,8) + inc %r9d + loop 0b +1: setb %al + .leafepilogue + .endfn sbb,globl diff --git a/libc/runtime/ftrace-hook.S b/libc/runtime/ftrace-hook.S index 24c114ef9..75e8f083d 100644 --- a/libc/runtime/ftrace-hook.S +++ b/libc/runtime/ftrace-hook.S @@ -20,7 +20,10 @@ .privileged ftrace_hook: - push %rbp + cmp $0,ftrace(%rip) + je 1f + ret +1: push %rbp mov %rsp,%rbp and $-16,%rsp sub $0x80,%rsp @@ -42,7 +45,7 @@ ftrace_hook: push %r9 push %r10 push %r11 - call ftrace + call ftracer pop %r11 pop %r10 pop %r9 diff --git a/libc/runtime/ftrace.c b/libc/runtime/ftrace.c index 3c5d5c68f..c93ce1f89 100644 --- a/libc/runtime/ftrace.c +++ b/libc/runtime/ftrace.c @@ -1,7 +1,7 @@ /*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│ │vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│ ╞══════════════════════════════════════════════════════════════════════════════╡ -│ Copyright 2020 Justine Alexandra Roberts Tunney │ +│ Copyright 2021 Justine Alexandra Roberts Tunney │ │ │ │ Permission to use, copy, modify, and/or distribute this software for │ │ any purpose with or without fee is hereby granted, provided that the │ @@ -16,109 +16,6 @@ │ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │ │ PERFORMANCE OF THIS SOFTWARE. │ ╚─────────────────────────────────────────────────────────────────────────────*/ -#include "libc/alg/bisectcarleft.internal.h" -#include "libc/bits/bits.h" -#include "libc/bits/safemacros.internal.h" -#include "libc/calls/calls.h" -#include "libc/calls/internal.h" -#include "libc/calls/struct/sigset.h" -#include "libc/dce.h" -#include "libc/fmt/itoa.h" -#include "libc/intrin/repmovsb.h" -#include "libc/macros.internal.h" -#include "libc/nexgen32e/rdtsc.h" -#include "libc/nexgen32e/rdtscp.h" -#include "libc/nexgen32e/stackframe.h" -#include "libc/nexgen32e/x86feature.h" -#include "libc/nt/files.h" -#include "libc/nt/runtime.h" -#include "libc/nt/thunk/msabi.h" -#include "libc/runtime/internal.h" #include "libc/runtime/runtime.h" -#include "libc/runtime/symbols.internal.h" -#include "libc/str/str.h" -#include "libc/sysv/consts/fileno.h" -#include "libc/sysv/consts/nr.h" -#include "libc/sysv/consts/prot.h" -#include "libc/sysv/consts/sig.h" -/** - * @fileoverview Plain-text function call logging. - * - * Able to log ~2 million function calls per second, which is mostly - * bottlenecked by system call overhead. Log size is reasonable if piped - * into gzip. - */ - -void ftrace_hook(void); - -static int noreentry; -static uint64_t laststamp; -static char g_buf[512]; -static const char *g_lastsymbol; -static struct SymbolTable *g_symbols; - -static noasan int GetNestingLevel(struct StackFrame *frame) { - int nesting = -2; - while (frame) { - ++nesting; - frame = frame->next; - } - return max(0, nesting); -} - -/** - * Prints name of function being called. - * - * We insert CALL instructions that point to this function, in the - * prologues of other functions. We assume those functions behave - * according to the System Five NexGen32e ABI. - */ -privileged noasan void ftrace(void) { - char *p; - uint64_t stamp; - const char *symbol; - struct StackFrame *frame; - size_t nesting, symbolsize; - if (!cmpxchg(&noreentry, 0, 1)) return; - if (g_symbols) { - stamp = rdtsc(); - frame = __builtin_frame_address(0); - frame = frame->next; - symbol = - &g_symbols->name_base[g_symbols - ->symbols[bisectcarleft( - (const int32_t(*)[2])g_symbols->symbols, - g_symbols->count, - frame->addr - g_symbols->addr_base)] - .name_rva]; - if (symbol != g_lastsymbol) { - symbolsize = strlen(symbol); - nesting = GetNestingLevel(frame); - if (2 + nesting * 2 + symbolsize + 1 + 21 + 2 <= ARRAYLEN(g_buf)) { - p = g_buf; - *p++ = '+'; - *p++ = ' '; - memset(p, ' ', nesting * 2); - p += nesting * 2; - p = mempcpy(p, symbol, symbolsize); - *p++ = ' '; - p += uint64toarray_radix10((stamp - laststamp) / 3.3, p); - *p++ = '\r'; - *p++ = '\n'; - write(2, g_buf, p - g_buf); - } - } - g_lastsymbol = symbol; - laststamp = X86_HAVE(RDTSCP) ? rdtscp(0) : rdtsc(); - } - noreentry = 0; -} - -textstartup void ftrace_install(void) { - if ((g_symbols = OpenSymbolTable(FindDebugBinary()))) { - __hook(ftrace_hook, g_symbols); - } else { - write(2, "error: --ftrace needs the concomitant .com.dbg binary\n", 54); - } -} +int ftrace; diff --git a/libc/runtime/ftracer.c b/libc/runtime/ftracer.c new file mode 100644 index 000000000..e1e0b255d --- /dev/null +++ b/libc/runtime/ftracer.c @@ -0,0 +1,124 @@ +/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│ +│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│ +╞══════════════════════════════════════════════════════════════════════════════╡ +│ Copyright 2020 Justine Alexandra Roberts Tunney │ +│ │ +│ Permission to use, copy, modify, and/or distribute this software for │ +│ any purpose with or without fee is hereby granted, provided that the │ +│ above copyright notice and this permission notice appear in all copies. │ +│ │ +│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL │ +│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED │ +│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE │ +│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL │ +│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR │ +│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER │ +│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │ +│ PERFORMANCE OF THIS SOFTWARE. │ +╚─────────────────────────────────────────────────────────────────────────────*/ +#include "libc/alg/bisectcarleft.internal.h" +#include "libc/bits/bits.h" +#include "libc/bits/safemacros.internal.h" +#include "libc/calls/calls.h" +#include "libc/calls/internal.h" +#include "libc/calls/struct/sigset.h" +#include "libc/dce.h" +#include "libc/fmt/itoa.h" +#include "libc/intrin/repmovsb.h" +#include "libc/macros.internal.h" +#include "libc/nexgen32e/rdtsc.h" +#include "libc/nexgen32e/rdtscp.h" +#include "libc/nexgen32e/stackframe.h" +#include "libc/nexgen32e/x86feature.h" +#include "libc/nt/files.h" +#include "libc/nt/runtime.h" +#include "libc/nt/thunk/msabi.h" +#include "libc/runtime/internal.h" +#include "libc/runtime/runtime.h" +#include "libc/runtime/symbols.internal.h" +#include "libc/str/str.h" +#include "libc/sysv/consts/fileno.h" +#include "libc/sysv/consts/nr.h" +#include "libc/sysv/consts/prot.h" +#include "libc/sysv/consts/sig.h" + +/** + * @fileoverview Plain-text function call logging. + * + * Able to log ~2 million function calls per second, which is mostly + * bottlenecked by system call overhead. Log size is reasonable if piped + * into gzip. + */ + +void ftrace_hook(void); + +static int noreentry; +static uint64_t laststamp; +static char g_buf[512]; +static const char *g_lastsymbol; +static struct SymbolTable *g_symbols; + +static noasan int GetNestingLevel(struct StackFrame *frame) { + int nesting = -2; + while (frame) { + ++nesting; + frame = frame->next; + } + return max(0, nesting); +} + +/** + * Prints name of function being called. + * + * We insert CALL instructions that point to this function, in the + * prologues of other functions. We assume those functions behave + * according to the System Five NexGen32e ABI. + */ +privileged noasan void ftracer(void) { + char *p; + uint64_t stamp; + const char *symbol; + struct StackFrame *frame; + size_t nesting, symbolsize; + if (!cmpxchg(&noreentry, 0, 1)) return; + if (g_symbols) { + stamp = rdtsc(); + frame = __builtin_frame_address(0); + frame = frame->next; + symbol = + &g_symbols->name_base[g_symbols + ->symbols[bisectcarleft( + (const int32_t(*)[2])g_symbols->symbols, + g_symbols->count, + frame->addr - g_symbols->addr_base)] + .name_rva]; + if (symbol != g_lastsymbol) { + symbolsize = strlen(symbol); + nesting = GetNestingLevel(frame); + if (2 + nesting * 2 + symbolsize + 1 + 21 + 2 <= ARRAYLEN(g_buf)) { + p = g_buf; + *p++ = '+'; + *p++ = ' '; + memset(p, ' ', nesting * 2); + p += nesting * 2; + p = mempcpy(p, symbol, symbolsize); + *p++ = ' '; + p += uint64toarray_radix10((stamp - laststamp) / 3.3, p); + *p++ = '\r'; + *p++ = '\n'; + write(2, g_buf, p - g_buf); + } + g_lastsymbol = symbol; + laststamp = X86_HAVE(RDTSCP) ? rdtscp(0) : rdtsc(); + } + } + noreentry = 0; +} + +textstartup void ftrace_install(void) { + if ((g_symbols = OpenSymbolTable(FindDebugBinary()))) { + __hook(ftrace_hook, g_symbols); + } else { + write(2, "error: --ftrace needs the concomitant .com.dbg binary\n", 54); + } +} diff --git a/libc/runtime/memtrack.c b/libc/runtime/memtrack.c index 78e8ba301..9ad09c30b 100644 --- a/libc/runtime/memtrack.c +++ b/libc/runtime/memtrack.c @@ -24,12 +24,146 @@ #include "libc/str/str.h" #include "libc/sysv/errfuns.h" +typedef long long xmm_t __attribute__((__vector_size__(16), __aligned__(1))); + +static noasan void *MoveMemoryNoAsan(void *dst, const void *src, size_t n) { + size_t i; + xmm_t v, w; + char *d, *r; + const char *s; + uint64_t a, b; + d = dst; + s = src; + switch (n) { + case 9 ... 15: + __builtin_memcpy(&a, s, 8); + __builtin_memcpy(&b, s + n - 8, 8); + __builtin_memcpy(d, &a, 8); + __builtin_memcpy(d + n - 8, &b, 8); + return d; + case 5 ... 7: + __builtin_memcpy(&a, s, 4); + __builtin_memcpy(&b, s + n - 4, 4); + __builtin_memcpy(d, &a, 4); + __builtin_memcpy(d + n - 4, &b, 4); + return d; + case 17 ... 32: + __builtin_memcpy(&v, s, 16); + __builtin_memcpy(&w, s + n - 16, 16); + __builtin_memcpy(d, &v, 16); + __builtin_memcpy(d + n - 16, &w, 16); + return d; + case 16: + __builtin_memcpy(&v, s, 16); + __builtin_memcpy(d, &v, 16); + return d; + case 0: + return d; + case 1: + *d = *s; + return d; + case 8: + __builtin_memcpy(&a, s, 8); + __builtin_memcpy(d, &a, 8); + return d; + case 4: + __builtin_memcpy(&a, s, 4); + __builtin_memcpy(d, &a, 4); + return d; + case 2: + __builtin_memcpy(&a, s, 2); + __builtin_memcpy(d, &a, 2); + return d; + case 3: + __builtin_memcpy(&a, s, 2); + __builtin_memcpy(&b, s + 1, 2); + __builtin_memcpy(d, &a, 2); + __builtin_memcpy(d + 1, &b, 2); + return d; + default: + r = d; + if (d > s) { + do { + n -= 32; + __builtin_memcpy(&v, s + n, 16); + __builtin_memcpy(&w, s + n + 16, 16); + __builtin_memcpy(d + n, &v, 16); + __builtin_memcpy(d + n + 16, &w, 16); + } while (n >= 32); + } else { + i = 0; + do { + __builtin_memcpy(&v, s + i, 16); + __builtin_memcpy(&w, s + i + 16, 16); + __builtin_memcpy(d + i, &v, 16); + __builtin_memcpy(d + i + 16, &w, 16); + } while ((i += 32) + 32 <= n); + d += i; + s += i; + n -= i; + } + switch (n) { + case 0: + return r; + case 17 ... 31: + __builtin_memcpy(&v, s, 16); + __builtin_memcpy(&w, s + n - 16, 16); + __builtin_memcpy(d, &v, 16); + __builtin_memcpy(d + n - 16, &w, 16); + return r; + case 9 ... 15: + __builtin_memcpy(&a, s, 8); + __builtin_memcpy(&b, s + n - 8, 8); + __builtin_memcpy(d, &a, 8); + __builtin_memcpy(d + n - 8, &b, 8); + return r; + case 5 ... 7: + __builtin_memcpy(&a, s, 4); + __builtin_memcpy(&b, s + n - 4, 4); + __builtin_memcpy(d, &a, 4); + __builtin_memcpy(d + n - 4, &b, 4); + return r; + case 16: + __builtin_memcpy(&v, s, 16); + __builtin_memcpy(d, &v, 16); + return r; + case 8: + __builtin_memcpy(&a, s, 8); + __builtin_memcpy(d, &a, 8); + return r; + case 4: + __builtin_memcpy(&a, s, 4); + __builtin_memcpy(d, &a, 4); + return r; + case 1: + *d = *s; + return r; + case 2: + __builtin_memcpy(&a, s, 2); + __builtin_memcpy(d, &a, 2); + return r; + case 3: + __builtin_memcpy(&a, s, 2); + __builtin_memcpy(&b, s + 1, 2); + __builtin_memcpy(d, &a, 2); + __builtin_memcpy(d + 1, &b, 2); + return r; + default: + unreachable; + } + } +} + +#ifndef __FSANITIZE_ADDRESS__ +#define MoveMemoryNoAsan memmove +#endif + static noasan void RemoveMemoryIntervals(struct MemoryIntervals *mm, int i, int n) { assert(i >= 0); assert(i + n <= mm->i); - memcpy(mm->p + i, mm->p + i + n, - (intptr_t)(mm->p + mm->i) - (intptr_t)(mm->p + i + n)); + MoveMemoryNoAsan(mm->p + i, mm->p + i + n, + (intptr_t)(mm->p + mm->i) - (intptr_t)(mm->p + i + n)); mm->i -= n; } @@ -37,8 +171,8 @@ static noasan void CreateMemoryInterval(struct MemoryIntervals *mm, int i) { assert(i >= 0); assert(i <= mm->i); assert(mm->i < ARRAYLEN(mm->p)); - memmove(mm->p + i + 1, mm->p + i, - (intptr_t)(mm->p + mm->i) - (intptr_t)(mm->p + i)); + MoveMemoryNoAsan(mm->p + i + 1, mm->p + i, + (intptr_t)(mm->p + mm->i) - (intptr_t)(mm->p + i)); ++mm->i; } diff --git a/libc/runtime/runtime.h b/libc/runtime/runtime.h index 1f230596b..6d5f51b3e 100644 --- a/libc/runtime/runtime.h +++ b/libc/runtime/runtime.h @@ -14,6 +14,7 @@ extern char **environ; /* CRT */ extern unsigned long *__auxv; /* CRT */ extern char *program_invocation_name; /* RII */ extern char *program_invocation_short_name; /* RII */ +extern int ftrace; /* CRT */ extern uint64_t g_syscount; /* RII */ extern const uint64_t kStartTsc; /* RII */ extern const char kTmpPath[]; /* RII */ diff --git a/libc/str/mempcpy-pure.c b/libc/str/mempcpy-pure.c new file mode 100644 index 000000000..2c8895e19 --- /dev/null +++ b/libc/str/mempcpy-pure.c @@ -0,0 +1,24 @@ +/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│ +│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│ +╞══════════════════════════════════════════════════════════════════════════════╡ +│ Copyright 2021 Justine Alexandra Roberts Tunney │ +│ │ +│ Permission to use, copy, modify, and/or distribute this software for │ +│ any purpose with or without fee is hereby granted, provided that the │ +│ above copyright notice and this permission notice appear in all copies. │ +│ │ +│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL │ +│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED │ +│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE │ +│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL │ +│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR │ +│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER │ +│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │ +│ PERFORMANCE OF THIS SOFTWARE. │ +╚─────────────────────────────────────────────────────────────────────────────*/ +#include "libc/str/str.h" + +void *mempcpy_pure(void *dst, const void *src, size_t n) { + memmove_pure(dst, src, n); + return (char *)dst + n; +} diff --git a/libc/str/stpcpy.c b/libc/str/stpcpy.c index 1cf3915d4..26808b692 100644 --- a/libc/str/stpcpy.c +++ b/libc/str/stpcpy.c @@ -23,11 +23,11 @@ static inline noasan size_t stpcpy_sse2(char *d, const char *s, size_t i) { uint8_t v1[16], v2[16], vz[16]; for (;;) { - memset(vz, 0, 16); - memcpy(v1, s + i, 16); + __builtin_memset(vz, 0, 16); + __builtin_memcpy(v1, s + i, 16); pcmpeqb(v2, v1, vz); if (!pmovmskb(v2)) { - memcpy(d + i, v1, 16); + __builtin_memcpy(d + i, v1, 16); i += 16; } else { break; diff --git a/libc/str/str.h b/libc/str/str.h index a245c330e..76e1d2786 100644 --- a/libc/str/str.h +++ b/libc/str/str.h @@ -199,6 +199,12 @@ wchar_t *wchomp(wchar_t *); bool escapedos(char16_t *, unsigned, const char16_t *, unsigned); +void *memset_pure(void *, int, size_t) memcpyesque; +void *memmove_pure(void *, const void *, size_t) memcpyesque; +void *mempcpy_pure(void *, const void *, size_t) memcpyesque; +size_t strlen_pure(const char *) strlenesque; +size_t strcspn_pure(const char *, const char *) strlenesque; + /*───────────────────────────────────────────────────────────────────────────│─╗ │ cosmopolitan § strings » multibyte ─╬─│┼ ╚────────────────────────────────────────────────────────────────────────────│*/ @@ -374,41 +380,20 @@ char *strsignal(int) returnsnonnull libcesque; /*───────────────────────────────────────────────────────────────────────────│─╗ │ cosmopolitan § strings » address sanitizer ─╬─│┼ ╚────────────────────────────────────────────────────────────────────────────│*/ -void *memset_pure(void *, int, size_t) memcpyesque; -void *memmove_pure(void *, const void *, size_t) memcpyesque; -size_t strlen_pure(const char *) strlenesque; -size_t strcspn_pure(const char *, const char *) strlenesque; #if defined(__FSANITIZE_ADDRESS__) -#define strcspn(STR, REJECT) strcspn_pure(STR, REJECT) - -#undef strlen -#define strlen(STR) \ - (__builtin_constant_p(STR) ? __builtin_strlen(STR) : strlen_pure(STR)) - -#undef memset -#define memset(DST, CHAR, SIZE) \ - (__memcpy_isgoodsize(SIZE) ? __builtin_memset(DST, CHAR, SIZE) \ - : memset_pure(DST, CHAR, SIZE)) - -#undef memmove -#define memmove(DST, SRC, SIZE) \ - (__memcpy_isgoodsize(SIZE) ? __builtin_memmove(DST, SRC, SIZE) \ - : memmove_pure(DST, SRC, SIZE)) - #undef memcpy -#define memcpy(DST, SRC, SIZE) \ - (__memcpy_isgoodsize(SIZE) ? __builtin_memcpy(DST, SRC, SIZE) \ - : memmove_pure(DST, SRC, SIZE)) - +#undef memmove #undef mempcpy -#define mempcpy(DST, SRC, SIZE) \ - (__memcpy_isgoodsize(SIZE) ? __builtin_mempcpy(DST, SRC, SIZE) : ({ \ - void *DsT = (DST); \ - size_t SiZe = (SIZE); \ - memmove_pure(DsT, SRC, SiZe); \ - (void *)((char *)DsT + SiZe); \ - })) +#undef memset +#undef strlen + +#define memcpy memmove_pure +#define memmove memmove_pure +#define mempcpy mempcpy_pure +#define memset memset_pure +#define strcspn strcspn_pure +#define strlen strlen_pure #endif /* __FSANITIZE_ADDRESS__ */ #endif /* __GNUC__ && !__STRICT_ANSI__ */ diff --git a/libc/str/strcpy.c b/libc/str/strcpy.c index 9ceb238ca..73347dce8 100644 --- a/libc/str/strcpy.c +++ b/libc/str/strcpy.c @@ -23,11 +23,11 @@ static noasan size_t strcpy_sse2(char *d, const char *s, size_t i) { uint8_t v1[16], v2[16], vz[16]; for (;;) { - memset(vz, 0, 16); - memcpy(v1, s + i, 16); + __builtin_memset(vz, 0, 16); + __builtin_memcpy(v1, s + i, 16); pcmpeqb(v2, v1, vz); if (!pmovmskb(v2)) { - memcpy(d + i, v1, 16); + __builtin_memcpy(d + i, v1, 16); i += 16; } else { break; diff --git a/libc/str/strlen-pure.c b/libc/str/strlen-pure.c index 8463fce55..f015e6af4 100644 --- a/libc/str/strlen-pure.c +++ b/libc/str/strlen-pure.c @@ -20,7 +20,7 @@ #include "libc/bits/bits.h" #include "libc/str/str.h" -static noasan size_t strlen_pure_x64(const char *s, size_t i) { +static inline noasan size_t strlen_pure_x64(const char *s, size_t i) { uint64_t w; for (;; i += 8) { w = READ64LE(s + i); diff --git a/libc/str/tprecode16to8.c b/libc/str/tprecode16to8.c index 844127384..5d679ae15 100644 --- a/libc/str/tprecode16to8.c +++ b/libc/str/tprecode16to8.c @@ -31,15 +31,15 @@ static const int16_t kDel16[8] = {127, 127, 127, 127, 127, 127, 127, 127}; static noasan axdx_t tprecode16to8_sse2(char *dst, size_t dstsize, const char16_t *src, axdx_t r) { int16_t v1[8], v2[8], v3[8], vz[8]; - memset(vz, 0, 16); + __builtin_memset(vz, 0, 16); while (r.ax + 8 < dstsize) { - memcpy(v1, src + r.dx, 16); + __builtin_memcpy(v1, src + r.dx, 16); pcmpgtw(v2, v1, vz); pcmpgtw(v3, v1, kDel16); pandn((void *)v2, (void *)v3, (void *)v2); if (pmovmskb((void *)v2) != 0xFFFF) break; packsswb((void *)v1, v1, v1); - memcpy(dst + r.ax, v1, 8); + __builtin_memcpy(dst + r.ax, v1, 8); r.ax += 8; r.dx += 8; } diff --git a/libc/str/tprecode8to16.c b/libc/str/tprecode8to16.c index e93be6dfd..8f92b318d 100644 --- a/libc/str/tprecode8to16.c +++ b/libc/str/tprecode8to16.c @@ -28,15 +28,15 @@ static inline noasan axdx_t tprecode8to16_sse2(char16_t *dst, size_t dstsize, const char *src, axdx_t r) { uint8_t v1[16], v2[16], vz[16]; - memset(vz, 0, 16); + __builtin_memset(vz, 0, 16); while (r.ax + 16 < dstsize) { - memcpy(v1, src + r.dx, 16); + __builtin_memcpy(v1, src + r.dx, 16); pcmpgtb((int8_t *)v2, (int8_t *)v1, (int8_t *)vz); if (pmovmskb(v2) != 0xFFFF) break; punpcklbw(v2, v1, vz); punpckhbw(v1, v1, vz); - memcpy(dst + r.ax + 0, v2, 16); - memcpy(dst + r.ax + 8, v1, 16); + __builtin_memcpy(dst + r.ax + 0, v2, 16); + __builtin_memcpy(dst + r.ax + 8, v1, 16); r.ax += 16; r.dx += 16; } diff --git a/net/https/getsslroots.c b/net/https/getsslroots.c index 68e811621..00d08127a 100644 --- a/net/https/getsslroots.c +++ b/net/https/getsslroots.c @@ -20,6 +20,8 @@ #include "libc/calls/struct/dirent.h" #include "libc/errno.h" #include "libc/log/check.h" +#include "libc/log/log.h" +#include "libc/mem/mem.h" #include "libc/runtime/runtime.h" #include "libc/str/str.h" #include "libc/sysv/consts/dt.h" diff --git a/net/https/https.mk b/net/https/https.mk index bb681b437..1b7e01ce2 100644 --- a/net/https/https.mk +++ b/net/https/https.mk @@ -20,6 +20,8 @@ NET_HTTPS_A_CHECKS = \ $(NET_HTTPS_A_HDRS:%=o/$(MODE)/%.ok) NET_HTTPS_A_DIRECTDEPS = \ + LIBC_BITS \ + LIBC_CALLS \ LIBC_FMT \ LIBC_INTRIN \ LIBC_LOG \ diff --git a/net/https/sslcache.c b/net/https/sslcache.c new file mode 100644 index 000000000..4344c72ff --- /dev/null +++ b/net/https/sslcache.c @@ -0,0 +1,172 @@ +/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│ +│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│ +╞══════════════════════════════════════════════════════════════════════════════╡ +│ Copyright 2021 Justine Alexandra Roberts Tunney │ +│ │ +│ Permission to use, copy, modify, and/or distribute this software for │ +│ any purpose with or without fee is hereby granted, provided that the │ +│ above copyright notice and this permission notice appear in all copies. │ +│ │ +│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL │ +│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED │ +│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE │ +│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL │ +│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR │ +│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER │ +│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │ +│ PERFORMANCE OF THIS SOFTWARE. │ +╚─────────────────────────────────────────────────────────────────────────────*/ +#include "libc/bits/bits.h" +#include "libc/bits/safemacros.internal.h" +#include "libc/calls/calls.h" +#include "libc/log/check.h" +#include "libc/log/log.h" +#include "libc/macros.internal.h" +#include "libc/nexgen32e/rdtsc.h" +#include "libc/runtime/runtime.h" +#include "libc/sysv/consts/map.h" +#include "libc/sysv/consts/prot.h" +#include "net/https/sslcache.h" +#include "third_party/mbedtls/ssl.h" +#include "third_party/mbedtls/x509_crt.h" + +static uint32_t HashSslSession(mbedtls_ssl_session *session) { + int i; + uint32_t h; + h = session->ciphersuite; + h *= 0x9e3779b1; + h = session->compression; + h *= 0x9e3779b1; + for (i = 0; i < session->id_len; i++) { + h += session->id[i]; + h *= 0x9e3779b1; + } + return h; +} + +struct SslCache *CreateSslCache(size_t bytes, int lifetime) { + struct SslCache *c; + size_t ents, size; + ents = rounddown2pow(MAX(2, bytes / sizeof(struct SslCacheEntry))); + size = sizeof(struct SslCache) + sizeof(struct SslCacheEntry) * ents; + size = ROUNDUP(size, FRAMESIZE); + CHECK_NE(MAP_FAILED, (c = mmap(NULL, size, PROT_READ | PROT_WRITE, + MAP_SHARED | MAP_ANONYMOUS, -1, 0))); + VERBOSEF("ssl cache %,zu bytes with %,u slots", size, ents); + c->lifetime = lifetime > 0 ? lifetime : 24 * 60 * 60; + c->size = size; + c->mask = ents - 1; + return c; +} + +void FreeSslCache(struct SslCache *cache) { + if (!cache) return; + CHECK_NE(-1, munmap(cache, cache->size)); +} + +int UncacheSslSession(void *data, mbedtls_ssl_session *session) { + int64_t ts; + uint64_t tick; + unsigned char *ticket; + struct SslCache *cache; + mbedtls_x509_crt *cert; + struct SslCacheEntry *e; + uint32_t i, hash, ticketlen; + cache = data; + hash = HashSslSession(session); + i = hash & cache->mask; + e = cache->p + i; + if (!(tick = e->tick) || hash != e->hash) { + NOISEF("%u empty", i); + return 1; + } + asm volatile("" ::: "memory"); + if (session->ciphersuite != e->session.ciphersuite || + session->compression != e->session.compression || + session->id_len != e->session.id_len || + memcmp(session->id, e->session.id, e->session.id_len)) { + VERBOSEF("%u ssl cache collision", i); + return 1; + } + ts = time(0); + if (!(e->time <= ts && ts <= e->time + cache->lifetime)) { + DEBUGF("%u ssl cache expired", i); + lockcmpxchg(&e->tick, tick, 0); + return 1; + } + cert = 0; + ticket = 0; + if ((e->certlen && (!(cert = calloc(1, sizeof(*cert))) || + mbedtls_x509_crt_parse_der(cert, e->cert, e->certlen)))) { + goto Contention; + } + if ((ticketlen = e->ticketlen)) { + if (!(ticket = malloc(ticketlen))) goto Contention; + memcpy(ticket, e->ticket, ticketlen); + } + mbedtls_ssl_session_free(session); + memcpy(session, &e->session, sizeof(*session)); + asm volatile("" ::: "memory"); + if (tick != e->tick) goto Contention; + session->peer_cert = cert; + session->ticket = ticket; + session->ticket_len = ticketlen; + DEBUGF("%u restored ssl from cache", i); + return 0; +Contention: + WARNF("%u ssl cache contention 0x%08x", i, hash); + mbedtls_x509_crt_free(cert); + free(ticket); + free(cert); + return 1; +} + +int CacheSslSession(void *data, const mbedtls_ssl_session *session) { + int pid; + uint64_t tick; + uint32_t i, hash; + struct SslCache *cache; + struct SslCacheEntry *e; + cache = data; + if (session->peer_cert && + session->peer_cert->raw.len > sizeof(cache->p[0].cert)) { + WARNF("%s too big %zu", "cert", session->peer_cert->raw.len); + return 1; + } + if (session->ticket && session->ticket_len > sizeof(cache->p[0].ticket)) { + WARNF("%s too big %zu", "ticket", session->ticket_len); + return 1; + } + pid = getpid(); + hash = HashSslSession(session); + i = hash & cache->mask; + e = cache->p + i; + e->tick = 0; + e->pid = pid; + asm volatile("" ::: "memory"); + memcpy(&e->session, session, sizeof(*session)); + if (session->peer_cert) { + e->certlen = session->peer_cert->raw.len; + memcpy(e->cert, session->peer_cert->raw.p, session->peer_cert->raw.len); + } else { + e->certlen = 0; + } + if (session->ticket) { + e->ticketlen = session->ticket_len; + memcpy(e->ticket, session->ticket, session->ticket_len); + } else { + e->ticketlen = 0; + } + e->hash = hash; + e->time = time(0); + tick = unsignedsubtract(rdtsc(), kStartTsc); + asm volatile("" ::: "memory"); + if (lockcmpxchg(&e->pid, pid, 0)) { + DEBUGF("%u saved", i); + e->tick = tick; + return 0; + } else { + WARNF("%u congestion", i); + return 1; + } +} diff --git a/net/https/sslcache.h b/net/https/sslcache.h new file mode 100644 index 000000000..83e70a15a --- /dev/null +++ b/net/https/sslcache.h @@ -0,0 +1,31 @@ +#ifndef COSMOPOLITAN_NET_HTTPS_SSLCACHE_H_ +#define COSMOPOLITAN_NET_HTTPS_SSLCACHE_H_ +#include "third_party/mbedtls/ssl.h" +#if !(__ASSEMBLER__ + __LINKER__ + 0) +COSMOPOLITAN_C_START_ + +struct SslCache { + size_t size; + int lifetime; + uint32_t mask; + struct SslCacheEntry { + int64_t time; + volatile uint64_t tick; + volatile int pid; + uint32_t hash; + unsigned certlen; + unsigned ticketlen; + mbedtls_ssl_session session; + uint8_t cert[1500]; + uint8_t ticket[500]; + } p[]; +}; + +struct SslCache *CreateSslCache(size_t, int); +void FreeSslCache(struct SslCache *); +int UncacheSslSession(void *, mbedtls_ssl_session *); +int CacheSslSession(void *, const mbedtls_ssl_session *); + +COSMOPOLITAN_C_END_ +#endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */ +#endif /* COSMOPOLITAN_NET_HTTPS_SSLCACHE_H_ */ diff --git a/test/libc/nexgen32e/memmove_test.c b/test/libc/nexgen32e/memmove_test.c index 8f564e68f..353bc1738 100644 --- a/test/libc/nexgen32e/memmove_test.c +++ b/test/libc/nexgen32e/memmove_test.c @@ -38,7 +38,7 @@ noinline char *PosixMemmove(char *dst, const char *src, size_t n) { return dst; } -TEST(memmove, overlapping) { +TEST(MemMove, overlapping) { for (i = 0; i < N; i += S) { for (j = 0; j < N; j += S) { for (n = MIN(N - i, N - j) + 1; n--;) { @@ -84,7 +84,7 @@ TEST(memmove$pure, overlapping) { } } -TEST(memcpy, overlapping) { +TEST(MemCpy, overlapping) { for (i = 0; i < N; i += S) { for (j = 0; j < N; j += S) { for (n = MIN(N - i, N - j) + 1; n--;) { @@ -109,7 +109,7 @@ TEST(memcpy, overlapping) { } } -TEST(memmove, overlappingDirect) { +TEST(MemMove, overlappingDirect) { for (i = 0; i < N; i += S) { for (j = 0; j < N; j += S) { for (n = MIN(N - i, N - j) + 1; n--;) { diff --git a/test/tool/net/test.mk b/test/tool/net/test.mk index 319817cd8..3445d799b 100644 --- a/test/tool/net/test.mk +++ b/test/tool/net/test.mk @@ -42,6 +42,7 @@ TEST_TOOL_NET_DIRECTDEPS = \ LIBC_STUBS \ LIBC_SYSV \ LIBC_TESTLIB \ + LIBC_UNICODE \ LIBC_X \ LIBC_ZIPOS \ THIRD_PARTY_REGEX \ diff --git a/test/tool/viz/lib/test.mk b/test/tool/viz/lib/test.mk index 7cc0b840e..8aa21f4fd 100644 --- a/test/tool/viz/lib/test.mk +++ b/test/tool/viz/lib/test.mk @@ -35,6 +35,7 @@ TEST_TOOL_VIZ_LIB_DIRECTDEPS = \ LIBC_STDIO \ LIBC_STUBS \ LIBC_TESTLIB \ + LIBC_STR \ LIBC_TIME \ LIBC_TINYMATH \ LIBC_UNICODE \ diff --git a/third_party/gdtoa/gdtoa.mk b/third_party/gdtoa/gdtoa.mk index c253ef9a6..a1bf9095d 100644 --- a/third_party/gdtoa/gdtoa.mk +++ b/third_party/gdtoa/gdtoa.mk @@ -46,6 +46,11 @@ $(THIRD_PARTY_GDTOA_A).pkg: \ $(THIRD_PARTY_GDTOA_A_OBJS) \ $(foreach x,$(THIRD_PARTY_GDTOA_A_DIRECTDEPS),$($(x)_A).pkg) +$(THIRD_PARTY_GDTOA_A_OBJS): \ + OVERRIDE_CFLAGS += \ + -ffunction-sections \ + -fdata-sections + THIRD_PARTY_GDTOA_LIBS = $(foreach x,$(THIRD_PARTY_GDTOA_ARTIFACTS),$($(x))) THIRD_PARTY_GDTOA_SRCS = $(foreach x,$(THIRD_PARTY_GDTOA_ARTIFACTS),$($(x)_SRCS)) THIRD_PARTY_GDTOA_HDRS = $(foreach x,$(THIRD_PARTY_GDTOA_ARTIFACTS),$($(x)_HDRS)) diff --git a/third_party/mbedtls/README.cosmo b/third_party/mbedtls/README.cosmo index 72aaf4536..066fd23e3 100644 --- a/third_party/mbedtls/README.cosmo +++ b/third_party/mbedtls/README.cosmo @@ -46,6 +46,9 @@ LOCAL CHANGES run hermetically if the binary is scp'd to some machine, and (d) doesn't have large amounts of duplicated generated code. + - Fix mbedtls_mpi_sub_abs() to not call malloc/free/memcpy since + it's called 11,124 times during as SSL handshake. + - Make chacha20 26% faster. - Make base64 100x faster. diff --git a/third_party/mbedtls/bignum.c b/third_party/mbedtls/bignum.c index 8d003d3cf..a3613a8e6 100644 --- a/third_party/mbedtls/bignum.c +++ b/third_party/mbedtls/bignum.c @@ -1,4 +1,6 @@ +#include "libc/log/check.h" #include "libc/log/log.h" +#include "libc/nexgen32e/nexgen32e.h" #include "third_party/mbedtls/bignum.h" #include "third_party/mbedtls/bn_mul.h" #include "third_party/mbedtls/common.h" @@ -1354,7 +1356,8 @@ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ) return( 0 ); } -/** Decide if an integer is less than the other, without branches. +/** + * Decide if an integer is less than the other, without branches. * * \param x First integer. * \param y Second integer. @@ -1558,37 +1561,6 @@ cleanup: return( ret ); } -/** - * Helper for mbedtls_mpi subtraction. - * - * Calculate d - s where d and s have the same size. - * This function operates modulo (2^ciL)^n and returns the carry - * (1 if there was a wraparound, i.e. if `d < s`, and 0 otherwise). - * - * \param n Number of limbs of \p d and \p s. - * \param[in,out] d On input, the left operand. - * On output, the result of the subtraction: - * \param[in] s The right operand. - * - * \return 1 if `d < s`. - * 0 if `d >= s`. - */ -static mbedtls_mpi_uint mpi_sub_hlp( size_t n, - mbedtls_mpi_uint *d, - const mbedtls_mpi_uint *s ) -{ - size_t i; - mbedtls_mpi_uint c, z; - - for( i = c = 0; i < n; i++, s++, d++ ) - { - z = ( *d < c ); *d -= c; - c = ( *d < *s ) + z; *d -= *s; - } - - return( c ); -} - /** * \brief Perform an unsigned subtraction of MPIs: X = |A| - |B| * @@ -1599,67 +1571,43 @@ static mbedtls_mpi_uint mpi_sub_hlp( size_t n, * \return \c 0 if successful. * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p B is greater than \p A. * \return Another negative error code on different kinds of failure. - * */ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - mbedtls_mpi TB; - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n; - mbedtls_mpi_uint carry; + size_t n, m; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( A != NULL ); MPI_VALIDATE_RET( B != NULL ); - - mbedtls_mpi_init( &TB ); - - if( X == B ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) ); - B = &TB; - } - - if( X != A ) - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) ); - - /* - * X should always be positive as a result of unsigned subtractions. - */ - X->s = 1; - - ret = 0; - + if( X != A && !B->n ) + return mbedtls_mpi_copy( X, A ); /* wut */ for( n = B->n; n > 0; n-- ) if( B->p[n - 1] != 0 ) break; if( n > A->n ) - { - /* B >= (2^ciL)^n > A */ - ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE; - goto cleanup; + return MBEDTLS_ERR_MPI_NEGATIVE_VALUE; /* B >= (2^ciL)^n > A */ + if (X != A) { + if (X->n < A->n) + X->p = realloc(X->p, A->n * 8); + X->n = A->n; + if ( ( m = A->n - n ) ) + memcpy(X->p+n, A->p+n, m * 8); } - - carry = mpi_sub_hlp( n, X->p, B->p ); - if( carry != 0 ) - { + /* + * X should always be positive as a result of unsigned subtractions. + */ + X->s = 1; + if( sbb( X->p, A->p, B->p, n ) ){ /* Propagate the carry to the first nonzero limb of X. */ - for( ; n < X->n && X->p[n] == 0; n++ ) - --X->p[n]; + for( ; n < A->n && A->p[n] == 0; n++ ) + /* --X->p[n]; */ + X->p[n] = A->p[n] - 1; /* If we ran out of space for the carry, it means that the result * is negative. */ if( n == X->n ) - { - ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE; - goto cleanup; - } + return MBEDTLS_ERR_MPI_NEGATIVE_VALUE; --X->p[n]; } - -cleanup: - - mbedtls_mpi_free( &TB ); - - return( ret ); + return( 0 ); } /** @@ -1946,8 +1894,8 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint * mbedtls_mpi_uint divisor, d */ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, - mbedtls_mpi_uint u0, - mbedtls_mpi_uint d, + mbedtls_mpi_uint u0, + mbedtls_mpi_uint d, mbedtls_mpi_uint *r ) { #if defined(MBEDTLS_HAVE_UDBL) @@ -2345,7 +2293,7 @@ static void mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N ) *mm = ~x + 1; } -/** +/** * Montgomery multiplication: A = A * B * R^-1 mod N (HAC 14.36) * * \param[in,out] A One of the numbers to multiply. @@ -2405,7 +2353,7 @@ static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi * do the calculation without using conditional tests. */ /* Set d to d0 + (2^biL)^n - N where d0 is the current value of d. */ d[n] += 1; - d[n] -= mpi_sub_hlp( n, d, N->p ); + d[n] -= sbb( d, d, N->p, n ); /* If d0 < N then d < (2^biL)^n * so d[n] == 0 and we want to keep A as it is. * If d0 >= N then d >= (2^biL)^n, and d <= (2^biL)^n + N < 2 * (2^biL)^n diff --git a/third_party/mbedtls/bignum.h b/third_party/mbedtls/bignum.h index 995c6cd53..8b3dc8a6c 100644 --- a/third_party/mbedtls/bignum.h +++ b/third_party/mbedtls/bignum.h @@ -13,7 +13,6 @@ COSMOPOLITAN_C_START_ #define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */ #define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */ #define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010 /**< Memory allocation failed. */ - #define MBEDTLS_MPI_CHK(f) \ do \ { \ diff --git a/third_party/mbedtls/config.h b/third_party/mbedtls/config.h index c90e0e68d..df220a1f1 100644 --- a/third_party/mbedtls/config.h +++ b/third_party/mbedtls/config.h @@ -600,7 +600,7 @@ * Comment this macro to disable storing the peer's certificate * after the handshake. */ -/*#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE*/ +#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE /** * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING @@ -772,7 +772,7 @@ * * Comment this macro to disable support for SSL session tickets */ -/*#define MBEDTLS_SSL_SESSION_TICKETS*/ +#define MBEDTLS_SSL_SESSION_TICKETS /** * \def MBEDTLS_SSL_EXPORT_KEYS @@ -1048,9 +1048,9 @@ #define MBEDTLS_SSL_TLS_C #define MBEDTLS_SSL_CLI_C #define MBEDTLS_SSL_SRV_C -/*#define MBEDTLS_SSL_CACHE_C*/ +#define MBEDTLS_SSL_TICKET_C +#define MBEDTLS_SSL_CACHE_C /*#define MBEDTLS_SSL_COOKIE_C*/ -/*#define MBEDTLS_SSL_TICKET_C*/ /** * \def MBEDTLS_SSL_MAX_CONTENT_LEN diff --git a/third_party/mbedtls/mbedtls.mk b/third_party/mbedtls/mbedtls.mk index b008646b8..a373902e6 100644 --- a/third_party/mbedtls/mbedtls.mk +++ b/third_party/mbedtls/mbedtls.mk @@ -52,11 +52,14 @@ $(THIRD_PARTY_MBEDTLS_A_OBJS): \ o/$(MODE)/third_party/mbedtls/bignum.o \ o/$(MODE)/third_party/mbedtls/ecp.o \ -o/$(MODE)/third_party/mbedtls/ecp_curves.o \ -o/$(MODE)/third_party/mbedtls/everest.o: \ +o/$(MODE)/third_party/mbedtls/ecp_curves.o: \ OVERRIDE_CFLAGS += \ -O3 +o/$(MODE)/third_party/mbedtls/everest.o: \ + OVERRIDE_CFLAGS += \ + -Os + # tail recursion is so important because everest was written in f* o/$(MODE)/third_party/mbedtls/everest.o: \ OVERRIDE_CFLAGS += \ diff --git a/third_party/mbedtls/ssl.h b/third_party/mbedtls/ssl.h index 4abdc8d20..b789ece08 100644 --- a/third_party/mbedtls/ssl.h +++ b/third_party/mbedtls/ssl.h @@ -862,6 +862,7 @@ struct mbedtls_ssl_session int encrypt_then_mac; /*!< flag for EtM activation */ #endif }; + /** * SSL/TLS configuration to be shared between mbedtls_ssl_context structures. */ @@ -1443,6 +1444,7 @@ int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *, mbedtls_x509_crt *, mbed int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *, const unsigned char *, size_t ); int mbedtls_ssl_set_session( mbedtls_ssl_context *, const mbedtls_ssl_session * ); int mbedtls_ssl_setup( mbedtls_ssl_context *, const mbedtls_ssl_config * ); +int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types , const unsigned char *, size_t, const char *, const unsigned char *, size_t, unsigned char *, size_t ); int mbedtls_ssl_write( mbedtls_ssl_context *, const void *, size_t ); size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context * ); size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context * ); @@ -1494,6 +1496,8 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config * ); void mbedtls_ssl_free( mbedtls_ssl_context * ); void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *, mbedtls_dtls_srtp_info * ); void mbedtls_ssl_init( mbedtls_ssl_context * ); +void mbedtls_ssl_key_cert_free( mbedtls_ssl_key_cert * ); +void mbedtls_ssl_session_free( mbedtls_ssl_session * ); void mbedtls_ssl_session_init( mbedtls_ssl_session * ); void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *, void * ); void mbedtls_ssl_set_bio( mbedtls_ssl_context *, void *, mbedtls_ssl_send_t *, mbedtls_ssl_recv_t *, mbedtls_ssl_recv_timeout_t * ); @@ -1503,8 +1507,6 @@ void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *, mbedtls_x509_crt *, mbe void mbedtls_ssl_set_mtu( mbedtls_ssl_context *, uint16_t ); void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *, void *, mbedtls_ssl_set_timer_t *, mbedtls_ssl_get_timer_t * ); void mbedtls_ssl_set_verify( mbedtls_ssl_context *, int (*)(void *, mbedtls_x509_crt *, int, uint32_t *), void * ); -void mbedtls_ssl_session_free( mbedtls_ssl_session * ); -int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types , const unsigned char *, size_t, const char *, const unsigned char *, size_t, unsigned char *, size_t ); /** * \brief Load reasonnable default SSL configuration values. diff --git a/third_party/mbedtls/ssl_cache.c b/third_party/mbedtls/ssl_cache.c index cf099985b..ea8eee5c7 100644 --- a/third_party/mbedtls/ssl_cache.c +++ b/third_party/mbedtls/ssl_cache.c @@ -1,3 +1,4 @@ +#include "libc/log/log.h" #include "third_party/mbedtls/common.h" #include "third_party/mbedtls/platform.h" #include "third_party/mbedtls/ssl_cache.h" diff --git a/third_party/mbedtls/ssl_ciphersuites.c b/third_party/mbedtls/ssl_ciphersuites.c index a9ac8b974..0caa57625 100644 --- a/third_party/mbedtls/ssl_ciphersuites.c +++ b/third_party/mbedtls/ssl_ciphersuites.c @@ -168,6 +168,39 @@ static const uint16_t ciphersuite_preference[] = static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = { + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + #if defined(MBEDTLS_CHACHAPOLY_C) && \ defined(MBEDTLS_SHA256_C) && \ defined(MBEDTLS_SSL_PROTO_TLS1_2) @@ -237,6 +270,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_SHA256_C && MBEDTLS_SSL_PROTO_TLS1_2 */ + #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_SHA1_C) @@ -261,13 +295,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -277,13 +304,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_CCM_C) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", @@ -308,43 +328,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_SHORT_TAG }, #endif /* MBEDTLS_CCM_C */ #endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA1_C) @@ -356,7 +339,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_DES_C */ - #if defined(MBEDTLS_ARC4_C) #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA", @@ -366,7 +348,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_NODTLS }, #endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_ARC4_C */ - #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", @@ -402,13 +383,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -418,52 +392,9 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA1_C) @@ -570,55 +501,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_CCM_C */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA1_C) @@ -705,56 +587,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_CCM_C */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA1_C) @@ -836,42 +668,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA1_C) @@ -955,42 +751,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA1_C) @@ -1099,44 +859,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_CCM_C */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA1_C) @@ -1235,44 +957,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_CCM_C */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA1_C) @@ -1332,26 +1016,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_CAMELLIA_C */ - #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA1_C) @@ -1428,44 +1092,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA1_C) diff --git a/third_party/mbedtls/ssl_internal.h b/third_party/mbedtls/ssl_internal.h index 99f398349..008fa9d39 100644 --- a/third_party/mbedtls/ssl_internal.h +++ b/third_party/mbedtls/ssl_internal.h @@ -788,10 +788,6 @@ struct mbedtls_ssl_flight_item /* Find an entry in a signature-hash set matching a given hash algorithm. */ mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set, mbedtls_pk_type_t sig_alg ); -/* Add a signature-hash-pair to a signature-hash set */ -void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg, - mbedtls_md_type_t md_alg ); /* Allow exactly one hash algorithm for each signature. */ void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, mbedtls_md_type_t md_alg ); @@ -958,10 +954,8 @@ static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl, #if defined(MBEDTLS_PK_C) unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context * ); unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t ); -mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char ); #endif -mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ); unsigned char mbedtls_ssl_hash_from_md_alg( int md ); int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ); @@ -1174,4 +1168,52 @@ void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl ); void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ +/* + * Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX + */ +forceinline mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ) +{ + switch( hash ) + { +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_SSL_HASH_MD5: + return( MBEDTLS_MD_MD5 ); +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_SSL_HASH_SHA1: + return( MBEDTLS_MD_SHA1 ); +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_SSL_HASH_SHA224: + return( MBEDTLS_MD_SHA224 ); + case MBEDTLS_SSL_HASH_SHA256: + return( MBEDTLS_MD_SHA256 ); +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_SSL_HASH_SHA384: + return( MBEDTLS_MD_SHA384 ); + case MBEDTLS_SSL_HASH_SHA512: + return( MBEDTLS_MD_SHA512 ); +#endif + default: + return( MBEDTLS_MD_NONE ); + } +} + +forceinline mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ) +{ + switch( sig ) { +#if defined(MBEDTLS_RSA_C) + case MBEDTLS_SSL_SIG_RSA: + return( MBEDTLS_PK_RSA ); +#endif +#if defined(MBEDTLS_ECDSA_C) + case MBEDTLS_SSL_SIG_ECDSA: + return( MBEDTLS_PK_ECDSA ); +#endif + default: + return( MBEDTLS_PK_NONE ); + } +} + #endif /* ssl_internal.h */ diff --git a/third_party/mbedtls/ssl_srv.c b/third_party/mbedtls/ssl_srv.c index 29c234b2e..1f4d8db6a 100644 --- a/third_party/mbedtls/ssl_srv.c +++ b/third_party/mbedtls/ssl_srv.c @@ -221,6 +221,26 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) +/* Add a signature-hash-pair to a signature-hash set */ +static inline void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg, + mbedtls_md_type_t md_alg ) +{ + switch( sig_alg ) + { + case MBEDTLS_PK_RSA: + if( set->rsa == MBEDTLS_MD_NONE ) + set->rsa = md_alg; + break; + case MBEDTLS_PK_ECDSA: + if( set->ecdsa == MBEDTLS_MD_NONE ) + set->ecdsa = md_alg; + break; + default: + break; + } +} + /* * Status of the implementation of signature-algorithms extension: * diff --git a/third_party/mbedtls/ssl_tls.c b/third_party/mbedtls/ssl_tls.c index 608d8cab9..128ad052b 100644 --- a/third_party/mbedtls/ssl_tls.c +++ b/third_party/mbedtls/ssl_tls.c @@ -1,3 +1,4 @@ +#include "libc/log/log.h" #include "third_party/mbedtls/common.h" #include "third_party/mbedtls/config.h" #include "third_party/mbedtls/debug.h" @@ -6640,10 +6641,9 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -static void ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert ) +void mbedtls_ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert ) { mbedtls_ssl_key_cert *cur = key_cert, *next; - while( cur != NULL ) { next = cur->next; @@ -7849,7 +7849,7 @@ void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ) } #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) - ssl_key_cert_free( conf->key_cert ); + mbedtls_ssl_key_cert_free( conf->key_cert ); #endif mbedtls_platform_zeroize( conf, sizeof( mbedtls_ssl_config ) ); } @@ -7937,22 +7937,6 @@ unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type ) } } -mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ) -{ - switch( sig ) { -#if defined(MBEDTLS_RSA_C) - case MBEDTLS_SSL_SIG_RSA: - return( MBEDTLS_PK_RSA ); -#endif -#if defined(MBEDTLS_ECDSA_C) - case MBEDTLS_SSL_SIG_ECDSA: - return( MBEDTLS_PK_ECDSA ); -#endif - default: - return( MBEDTLS_PK_NONE ); - } -} - #endif /* MBEDTLS_PK_C && ( MBEDTLS_RSA_C || MBEDTLS_ECDSA_C ) */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ @@ -7973,26 +7957,6 @@ mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set } } -/* Add a signature-hash-pair to a signature-hash set */ -void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg, - mbedtls_md_type_t md_alg ) -{ - switch( sig_alg ) - { - case MBEDTLS_PK_RSA: - if( set->rsa == MBEDTLS_MD_NONE ) - set->rsa = md_alg; - break; - case MBEDTLS_PK_ECDSA: - if( set->ecdsa == MBEDTLS_MD_NONE ) - set->ecdsa = md_alg; - break; - default: - break; - } -} - /* Allow exactly one hash algorithm for each signature. */ void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, mbedtls_md_type_t md_alg ) @@ -8004,37 +7968,6 @@ void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, #endif /* MBEDTLS_SSL_PROTO_TLS1_2) && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -/* - * Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX - */ -mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ) -{ - switch( hash ) - { -#if defined(MBEDTLS_MD5_C) - case MBEDTLS_SSL_HASH_MD5: - return( MBEDTLS_MD_MD5 ); -#endif -#if defined(MBEDTLS_SHA1_C) - case MBEDTLS_SSL_HASH_SHA1: - return( MBEDTLS_MD_SHA1 ); -#endif -#if defined(MBEDTLS_SHA256_C) - case MBEDTLS_SSL_HASH_SHA224: - return( MBEDTLS_MD_SHA224 ); - case MBEDTLS_SSL_HASH_SHA256: - return( MBEDTLS_MD_SHA256 ); -#endif -#if defined(MBEDTLS_SHA512_C) - case MBEDTLS_SSL_HASH_SHA384: - return( MBEDTLS_MD_SHA384 ); - case MBEDTLS_SSL_HASH_SHA512: - return( MBEDTLS_MD_SHA512 ); -#endif - default: - return( MBEDTLS_MD_NONE ); - } -} /* * Convert from MBEDTLS_MD_XXX to MBEDTLS_SSL_HASH_XXX */ diff --git a/third_party/mbedtls/zeroize.c b/third_party/mbedtls/zeroize.c index 27956d865..87fffacae 100644 --- a/third_party/mbedtls/zeroize.c +++ b/third_party/mbedtls/zeroize.c @@ -19,9 +19,75 @@ #include "libc/str/str.h" #include "third_party/mbedtls/platform.h" -static void *(*const volatile memset_func)(void *, int, size_t) = memset; - -void mbedtls_platform_zeroize(void *buf, size_t len) { - MBEDTLS_INTERNAL_VALIDATE(!len || buf); - if (len > 0) memset_func(buf, 0, len); +void mbedtls_platform_zeroize(void *p, size_t n) { + MBEDTLS_INTERNAL_VALIDATE(!n || p); + char *b; + uint64_t x; + x = 0; + b = p; + switch (n) { + case 0: + return; + case 1: + __builtin_memcpy(b, &x, 1); + return; + case 2: + __builtin_memcpy(b, &x, 2); + return; + case 3: + __builtin_memcpy(b, &x, 2); + __builtin_memcpy(b + 1, &x, 2); + return; + case 4: + __builtin_memcpy(b, &x, 4); + return; + case 5 ... 7: + __builtin_memcpy(b, &x, 4); + __builtin_memcpy(b + n - 4, &x, 4); + return; + case 8: + __builtin_memcpy(b, &x, 8); + return; + case 9 ... 16: + __builtin_memcpy(b, &x, 8); + __builtin_memcpy(b + n - 8, &x, 8); + return; + default: + do { + n -= 16; + __builtin_memcpy(b + n, &x, 8); + asm volatile("" ::: "memory"); + __builtin_memcpy(b + n + 8, &x, 8); + } while (n >= 16); + switch (n) { + case 0: + return; + case 1: + __builtin_memcpy(b, &x, 1); + return; + case 2: + __builtin_memcpy(b, &x, 2); + return; + case 3: + __builtin_memcpy(b, &x, 2); + __builtin_memcpy(b + 1, &x, 2); + return; + case 4: + __builtin_memcpy(b, &x, 4); + return; + case 5 ... 7: + __builtin_memcpy(b, &x, 4); + __builtin_memcpy(b + n - 4, &x, 4); + return; + case 8: + __builtin_memcpy(b, &x, 8); + return; + case 9 ... 15: + __builtin_memcpy(b, &x, 8); + __builtin_memcpy(b + n - 8, &x, 8); + return; + default: + unreachable; + } + } } diff --git a/tool/net/demo/fetch.lua b/tool/net/demo/fetch.lua index aef64c474..6ab0f6fae 100644 --- a/tool/net/demo/fetch.lua +++ b/tool/net/demo/fetch.lua @@ -13,6 +13,7 @@ local function WriteForm(url) text-decoration: none; } h1 img { + border: none; vertical-align: middle; } input { diff --git a/tool/net/redbean.c b/tool/net/redbean.c index ccefe055b..88a03098b 100644 --- a/tool/net/redbean.c +++ b/tool/net/redbean.c @@ -33,6 +33,7 @@ #include "libc/errno.h" #include "libc/fmt/conv.h" #include "libc/fmt/itoa.h" +#include "libc/log/backtrace.internal.h" #include "libc/log/check.h" #include "libc/log/log.h" #include "libc/macros.internal.h" @@ -92,6 +93,7 @@ #include "third_party/lua/lualib.h" #include "third_party/mbedtls/asn1.h" #include "third_party/mbedtls/asn1write.h" +#include "third_party/mbedtls/cipher.h" #include "third_party/mbedtls/config.h" #include "third_party/mbedtls/ctr_drbg.h" #include "third_party/mbedtls/debug.h" @@ -107,10 +109,12 @@ #include "third_party/mbedtls/san.h" #include "third_party/mbedtls/sha1.h" #include "third_party/mbedtls/ssl.h" +#include "third_party/mbedtls/ssl_ticket.h" #include "third_party/mbedtls/x509.h" #include "third_party/mbedtls/x509_crt.h" #include "third_party/regex/regex.h" #include "third_party/zlib/zlib.h" +#include "tool/build/lib/case.h" /** * @fileoverview redbean - single-file distributable web server @@ -184,9 +188,10 @@ struct Buffer { }; struct TlsBio { - int fd; + int fd, c; unsigned a, b; unsigned char t[4000]; + unsigned char u[1430]; }; struct Strings { @@ -203,6 +208,7 @@ struct DeflateGenerator { size_t i; uint32_t c; z_stream s; + struct Asset *a; }; static struct Ips { @@ -392,6 +398,7 @@ static struct sockaddr_in *serveraddr; static mbedtls_ssl_config conf; static mbedtls_ssl_context ssl; static mbedtls_ctr_drbg_context rng; +static mbedtls_ssl_ticket_context ssltick; static mbedtls_ssl_config confcli; static mbedtls_ssl_context sslcli; @@ -441,6 +448,10 @@ static void OnHup(void) { } } +static long ParseInt(const char *s) { + return strtol(s, 0, 0); +} + forceinline bool SlicesEqual(const char *a, size_t n, const char *b, size_t m) { return n == m && !memcmp(a, b, n); } @@ -782,6 +793,10 @@ static void ProgramPort(long port) { ports.p[ports.n - 1] = port; } +static void ProgramMaxPayloadSize(long x) { + maxpayloadsize = MAX(1450, x); +} + static uint32_t ResolveIp(const char *addr) { ssize_t rc; uint32_t ip; @@ -1293,40 +1308,82 @@ static void ReapZombies(void) { } static ssize_t WritevAll(int fd, struct iovec *iov, int iovlen) { + int i; ssize_t rc; - size_t wrote, total = 0; + size_t wrote, total; + i = 0; + total = 0; do { - if ((rc = writev(fd, iov, iovlen)) != -1) { + if (i) { + while (i < iovlen && !iov[i].iov_len) ++i; + if (i == iovlen) break; + } + if ((rc = writev(fd, iov + i, iovlen - i)) != -1) { wrote = rc; total += wrote; do { - if (wrote >= iov->iov_len) { - wrote -= iov->iov_len; - ++iov; - --iovlen; + if (wrote >= iov[i].iov_len) { + wrote -= iov[i++].iov_len; } else { - iov->iov_base = (char *)iov->iov_base + wrote; - iov->iov_len -= wrote; + iov[i].iov_base = (char *)iov[i].iov_base + wrote; + iov[i].iov_len -= wrote; wrote = 0; } } while (wrote); } else if (errno == EINTR) { LockInc(&shared->c.writeinterruputs); if (killed || (meltdown && nowl() - startread > 2)) { - return -1; + return total ? total : -1; } } else { - return -1; + return total ? total : -1; } - } while (iovlen); + } while (i < iovlen); return total; } +static int TlsFlush(struct TlsBio *bio, const unsigned char *buf, size_t len) { + struct iovec v[2]; + if (len || bio->c > 0) { + v[0].iov_base = bio->u; + v[0].iov_len = MAX(0, bio->c); + v[1].iov_base = buf; + v[1].iov_len = len; + if (WritevAll(bio->fd, v, 2) != -1) { + if (bio->c > 0) bio->c = 0; + } else if (errno == EINTR) { + return MBEDTLS_ERR_NET_CONN_RESET; + } else if (errno == EAGAIN) { + return MBEDTLS_ERR_SSL_TIMEOUT; + } else if (errno == EPIPE || errno == ECONNRESET || errno == ENETRESET) { + return MBEDTLS_ERR_NET_CONN_RESET; + } else { + WARNF("TlsSend error %s", strerror(errno)); + return MBEDTLS_ERR_NET_SEND_FAILED; + } + } + return 0; +} + +static int TlsSend(void *ctx, const unsigned char *buf, size_t len) { + int rc; + struct iovec v[2]; + struct TlsBio *bio = ctx; + if (bio->c >= 0 && bio->c + len <= sizeof(bio->u)) { + memcpy(bio->u + bio->c, buf, len); + bio->c += len; + return len; + } + if ((rc = TlsFlush(bio, buf, len)) < 0) return rc; + return len; +} + static int TlsRecvImpl(void *ctx, unsigned char *p, size_t n, uint32_t o) { int r; ssize_t s; struct iovec v[2]; struct TlsBio *bio = ctx; + if ((r = TlsFlush(bio, 0, 0)) < 0) return r; if (bio->a < bio->b) { r = MIN(n, bio->b - bio->a); memcpy(p, bio->t + bio->a, r); @@ -1355,6 +1412,7 @@ static int TlsRecvImpl(void *ctx, unsigned char *p, size_t n, uint32_t o) { static int TlsRecv(void *ctx, unsigned char *buf, size_t len, uint32_t tmo) { int rc; + struct TlsBio *bio = ctx; if (oldin.n) { rc = MIN(oldin.n, len); memcpy(buf, oldin.p, rc); @@ -1370,24 +1428,6 @@ static void TlsDebug(void *ctx, int level, const char *file, int line, flogf(level, file, line, 0, "TLS %s", message); } -static int TlsSend(void *ctx, const unsigned char *buf, size_t len) { - int rc; - struct TlsBio *bio = ctx; - if ((rc = WritevAll(bio->fd, &(struct iovec){buf, len}, 1)) == -1) { - if (errno == EINTR) { - return MBEDTLS_ERR_NET_CONN_RESET; - } else if (errno == EAGAIN) { - return MBEDTLS_ERR_SSL_TIMEOUT; - } else if (errno == EPIPE || errno == ECONNRESET || errno == ENETRESET) { - return MBEDTLS_ERR_NET_CONN_RESET; - } else { - WARNF("TlsSend error %s", strerror(errno)); - return MBEDTLS_ERR_NET_SEND_FAILED; - } - } - return rc; -} - static ssize_t SslRead(int fd, void *buf, size_t size) { int rc; rc = mbedtls_ssl_read(&ssl, buf, size); @@ -1444,6 +1484,22 @@ static void NotifyClose(void) { #endif } +static void WipeKeySigningKeys(void) { + size_t i; + for (i = 0; i < certs.n; ++i) { + if (!certs.p[i].key) continue; + if (!certs.p[i].cert) continue; + if (!certs.p[i].cert->ca_istrue) continue; + mbedtls_pk_free(certs.p[i].key); + certs.p[i].key = 0; + } +} + +static void WipeServingKeys(void) { + mbedtls_ssl_ticket_free(&ssltick); + mbedtls_ssl_key_cert_free(conf.key_cert); +} + static bool TlsSetup(void) { int r; oldin.p = inbuf.p; @@ -1455,12 +1511,15 @@ static bool TlsSetup(void) { g_bio.fd = client; g_bio.a = 0; g_bio.b = 0; + g_bio.c = 0; for (;;) { - if (!(r = mbedtls_ssl_handshake(&ssl))) { + if (!(r = mbedtls_ssl_handshake(&ssl)) && TlsFlush(&g_bio, 0, 0) != -1) { LockInc(&shared->c.sslhandshakes); + g_bio.c = -1; usessl = true; reader = SslRead; writer = SslWrite; + WipeServingKeys(); VERBOSEF("SHAKEN %s %s %s", DescribeClient(), mbedtls_ssl_get_ciphersuite(&ssl), mbedtls_ssl_get_version(&ssl)); @@ -1627,8 +1686,7 @@ static void ConfigureCertificate(mbedtls_x509write_cert *cw, struct Cert *ca, (r = mbedtls_x509write_crt_set_ext_key_usage(cw, type)) || (r = mbedtls_x509write_crt_set_subject_name(cw, subject)) || (r = mbedtls_x509write_crt_set_issuer_name(cw, issuer))) { - fprintf(stderr, "error: configure certificate (grep -0x%04x)\n", -r); - exit(1); + FATALF("configure certificate (grep -0x%04x)", -r); } free(subject); free(issuer); @@ -1650,17 +1708,6 @@ static struct Cert *GetKeySigningKey(void) { return NULL; } -static void WipeKeySigningKeys(void) { - size_t i; - for (i = 0; i < certs.n; ++i) { - if (!certs.p[i].key) continue; - if (!certs.p[i].cert) continue; - if (!certs.p[i].cert->ca_istrue) continue; - mbedtls_pk_free(certs.p[i].key); - certs.p[i].key = 0; - } -} - static mbedtls_pk_context *InitializeKey(struct Cert *ca, mbedtls_x509write_cert *wcert, int type) { @@ -1686,10 +1733,7 @@ static struct Cert FinishCertificate(struct Cert *ca, mbedtls_x509_crt *cert; p = malloc((n = FRAMESIZE)); i = mbedtls_x509write_crt_der(wcert, p, n, mbedtls_ctr_drbg_random, kr); - if (i < 0) { - fprintf(stderr, "error: write key (grep -0x%04x)\n", -i); - exit(1); - } + if (i < 0) FATALF("write key (grep -0x%04x)", -i); cert = calloc(1, sizeof(mbedtls_x509_crt)); mbedtls_x509_crt_parse(cert, p + n - i, i); if (ca) cert->next = ca->cert; @@ -1697,8 +1741,7 @@ static struct Cert FinishCertificate(struct Cert *ca, mbedtls_ctr_drbg_free(kr); free(p); if ((rc = mbedtls_pk_check_pair(&cert->pk, key))) { - fprintf(stderr, "error: generate key (grep -0x%04x)\n", -rc); - exit(1); + FATALF("generate key (grep -0x%04x)", -rc); } LogCertificate( gc(xasprintf("generated %s certificate", mbedtls_pk_get_name(&cert->pk))), @@ -2236,101 +2279,41 @@ static wontreturn void PrintUsage(FILE *f, int rc) { static void GetOpts(int argc, char *argv[]) { int opt; while ((opt = getopt(argc, argv, - "jkazhdugvVsmbfl:p:r:R:H:c:L:P:U:G:BD:t:M:C:K:F:")) != - -1) { + "jkazhdugvVsmbfB" + "l:p:r:R:H:c:L:P:U:G:D:t:M:C:K:F:")) != -1) { switch (opt) { - case 'v': - __log_level++; - break; - case 'V': - mbedtls_debug_threshold++; - break; - case 's': - __log_level--; - break; - case 'd': - daemonize = true; - break; - case 'a': - logrusage = true; - break; - case 'u': - uniprocess = true; - break; - case 'g': - loglatency = true; - break; - case 'm': - logmessages = true; - break; - case 'b': - logbodies = true; - break; - case 'z': - printport = true; - break; - case 'f': - funtrace = true; - break; - case 'j': - sslclientverify = true; - break; - case 'k': - sslfetchverify = false; - break; - case 'B': - suiteb = true; - break; - case 't': - ProgramTimeout(strtol(optarg, NULL, 0)); - break; - case 'r': - ProgramRedirectArg(307, optarg); - break; - case 'R': - ProgramRedirectArg(0, optarg); - break; - case 'D': - ProgramDirectory(optarg); - break; - case 'c': - ProgramCache(strtol(optarg, NULL, 0)); - break; - case 'p': - ProgramPort(strtol(optarg, NULL, 0)); - break; - case 'M': - maxpayloadsize = atoi(optarg); - maxpayloadsize = MAX(1450, maxpayloadsize); - break; - case 'l': - ProgramAddr(optarg); - break; - case 'H': - ProgramHeader(optarg); - break; - case 'L': - ProgramLogPath(optarg); - break; - case 'P': - ProgramPidPath(optarg); - break; - case 'U': - ProgramUid(atoi(optarg)); - break; - case 'G': - ProgramGid(atoi(optarg)); - break; + CASE('v', ++__log_level); + CASE('s', --__log_level); + CASE('V', ++mbedtls_debug_threshold); + CASE('B', suiteb = true); + CASE('f', funtrace = true); + CASE('b', logbodies = true); + CASE('z', printport = true); + CASE('d', daemonize = true); + CASE('a', logrusage = true); + CASE('u', uniprocess = true); + CASE('g', loglatency = true); + CASE('m', logmessages = true); + CASE('k', sslfetchverify = false); + CASE('j', sslclientverify = true); + CASE('l', ProgramAddr(optarg)); + CASE('H', ProgramHeader(optarg)); + CASE('L', ProgramLogPath(optarg)); + CASE('P', ProgramPidPath(optarg)); + CASE('D', ProgramDirectory(optarg)); + CASE('U', ProgramUid(atoi(optarg))); + CASE('G', ProgramGid(atoi(optarg))); + CASE('p', ProgramPort(ParseInt(optarg))); + CASE('R', ProgramRedirectArg(0, optarg)); + CASE('c', ProgramCache(ParseInt(optarg))); + CASE('r', ProgramRedirectArg(307, optarg)); + CASE('t', ProgramTimeout(ParseInt(optarg))); + CASE('h', PrintUsage(stdout, EXIT_SUCCESS)); + CASE('M', ProgramMaxPayloadSize(ParseInt(optarg))); #ifndef UNSECURE - case 'C': - ProgramFile(optarg, ProgramCertificate); - break; - case 'K': - ProgramFile(optarg, ProgramPrivateKey); - break; + CASE('C', ProgramFile(optarg, ProgramCertificate)); + CASE('K', ProgramFile(optarg, ProgramPrivateKey)); #endif - case 'h': - PrintUsage(stdout, EXIT_SUCCESS); default: PrintUsage(stderr, EX_USAGE); } @@ -2529,9 +2512,49 @@ static char *ServeAssetCompressed(struct Asset *a) { return p; } +static ssize_t InflateGenerator(struct iovec v[3]) { + int i, rc; + size_t no; + void *res; + i = 0; + if (!dg.t) { + ++dg.t; + } else if (dg.t == 3) { + return 0; + } + if (dg.t != 2) { + CHECK_EQ(0, dg.s.avail_in); + dg.s.next_in = (void *)(content + dg.i); + dg.s.avail_in = MIN(CHUNK, contentlength - dg.i); + dg.i += dg.s.avail_in; + } + dg.s.next_out = dg.b; + dg.s.avail_out = CHUNK; + rc = inflate(&dg.s, Z_NO_FLUSH); + if (rc != Z_OK && rc != Z_STREAM_END) FATALF("inflate()→%d", rc); + no = CHUNK - dg.s.avail_out; + if (no) { + v[i].iov_base = dg.b; + v[i].iov_len = no; + dg.c = crc32_z(dg.c, dg.b, no); + ++i; + } + if (rc == Z_OK) { + CHECK_GT(no, 0); + dg.t = dg.s.avail_out ? 1 : 2; + } else if (rc == Z_STREAM_END) { + CHECK_EQ(Z_OK, inflateEnd(&dg.s)); + CHECK_EQ(ZIP_CFILE_CRC32(zbase + dg.a->cf), dg.c); + dg.t = 3; + } + return v[0].iov_len + v[1].iov_len + v[2].iov_len; +} + static char *ServeAssetDecompressed(struct Asset *a) { - char *buf; + char *p; size_t size; + uint32_t crc; + LockInc(&shared->c.inflates); LockInc(&shared->c.decompressedresponses); size = GetZipCfileUncompressedSize(zbase + a->cf); DEBUGF("ServeAssetDecompressed(%ld) -> %ld", contentlength, size); @@ -2539,16 +2562,23 @@ static char *ServeAssetDecompressed(struct Asset *a) { content = 0; contentlength = size; return SetStatus(200, "OK"); + } else if (!IsTiny()) { + dg.t = 0; + dg.i = 0; + dg.c = 0; + dg.a = a; + generator = InflateGenerator; + CHECK_EQ(Z_OK, inflateInit2(memset(&dg.s, 0, sizeof(dg.s)), -MAX_WBITS)); + dg.b = FreeLater(malloc(CHUNK)); + return SetStatus(200, "OK"); + } else if ((p = FreeLater(malloc(size))) && + Inflate(p, size, content, contentlength) && + Verify(p, size, ZIP_CFILE_CRC32(zbase + a->cf))) { + content = p; + contentlength = size; + return SetStatus(200, "OK"); } else { - if ((buf = FreeLater(malloc(size))) && - Inflate(buf, size, content, contentlength) && - Verify(buf, size, ZIP_CFILE_CRC32(zbase + a->cf))) { - content = buf; - contentlength = size; - return SetStatus(200, "OK"); - } else { - return ServeError(500, "Internal Server Error"); - } + return ServeError(500, "Internal Server Error"); } } @@ -3680,6 +3710,7 @@ static int LuaFetch(lua_State *L) { bio->fd = sock; bio->a = 0; bio->b = 0; + bio->c = -1; mbedtls_ssl_set_bio(&sslcli, bio, TlsSend, 0, TlsRecvImpl); while ((ret = mbedtls_ssl_handshake(&ssl))) { switch (ret) { @@ -5743,7 +5774,7 @@ static char *ServeAsset(struct Asset *a, const char *path, size_t pathlen) { } else { return ServeError(500, "Internal Server Error"); } - } else if (!IsTiny() && msg.version >= 11 && ClientAcceptsGzip() && + } else if (!IsTiny() && msg.method != kHttpHead && ClientAcceptsGzip() && ((contentlength >= 100 && StartsWithIgnoreCase(ct, "text/")) || (contentlength >= 1000 && MeasureEntropy(content, 1000) < 6))) { p = ServeAssetCompressed(a); @@ -5782,12 +5813,109 @@ static inline bool MustNotIncludeMessageBody(void) { /* RFC2616 § 4.4 */ statuscode == 204 || statuscode == 304; } +static bool TransmitResponse(char *p) { + int iovlen; + struct iovec iov[4]; + long actualcontentlength; + if (msg.version >= 10) { + actualcontentlength = contentlength; + if (gzipped) { + actualcontentlength += sizeof(kGzipHeader) + sizeof(gzip_footer); + p = stpcpy(p, "Content-Encoding: gzip\r\n"); + } + p = AppendContentLength(p, actualcontentlength); + p = AppendCrlf(p); + CHECK_LE(p - hdrbuf.p, hdrbuf.n); + if (logmessages) { + LogMessage("sending", hdrbuf.p, p - hdrbuf.p); + } + iov[0].iov_base = hdrbuf.p; + iov[0].iov_len = p - hdrbuf.p; + iovlen = 1; + if (!MustNotIncludeMessageBody()) { + if (gzipped) { + iov[iovlen].iov_base = kGzipHeader; + iov[iovlen].iov_len = sizeof(kGzipHeader); + ++iovlen; + } + iov[iovlen].iov_base = content; + iov[iovlen].iov_len = contentlength; + ++iovlen; + if (gzipped) { + iov[iovlen].iov_base = gzip_footer; + iov[iovlen].iov_len = sizeof(gzip_footer); + ++iovlen; + } + } + } else { + iov[0].iov_base = content; + iov[0].iov_len = contentlength; + iovlen = 1; + } + Send(iov, iovlen); + LockInc(&shared->c.messageshandled); + ++messageshandled; + return true; +} + +static bool StreamResponse(char *p) { + int rc; + struct iovec iov[6]; + char *s, chunkbuf[23]; + assert(!MustNotIncludeMessageBody()); + if (msg.version >= 11) { + p = stpcpy(p, "Transfer-Encoding: chunked\r\n"); + } else { + assert(connectionclose); + } + p = AppendCrlf(p); + CHECK_LE(p - hdrbuf.p, hdrbuf.n); + if (logmessages) { + LogMessage("sending", hdrbuf.p, p - hdrbuf.p); + } + memset(iov, 0, sizeof(iov)); + if (msg.version >= 10) { + iov[0].iov_base = hdrbuf.p; + iov[0].iov_len = p - hdrbuf.p; + } + if (msg.version >= 11) { + iov[5].iov_base = "\r\n"; + iov[5].iov_len = 2; + } + for (;;) { + iov[2].iov_base = 0; + iov[2].iov_len = 0; + iov[3].iov_base = 0; + iov[3].iov_len = 0; + iov[4].iov_base = 0; + iov[4].iov_len = 0; + if ((rc = generator(iov + 2)) <= 0) break; + if (msg.version >= 11) { + s = chunkbuf; + s += uint64toarray_radix16(rc, s); + s = AppendCrlf(s); + iov[1].iov_base = chunkbuf; + iov[1].iov_len = s - chunkbuf; + } + if (Send(iov, 6) == -1) break; + iov[0].iov_base = 0; + iov[0].iov_len = 0; + } + if (rc != -1) { + if (msg.version >= 11) { + iov[0].iov_base = "0\r\n\r\n"; + iov[0].iov_len = 5; + Send(iov, 1); + } + } else { + connectionclose = true; + } + return true; +} + static bool HandleMessage(void) { int rc; - int iovlen; - struct iovec iov[6]; - long actualcontentlength; - char *p, *s, chunkbuf[23]; + char *p; g_syscount = 0; if ((rc = ParseHttpMessage(&msg, inbuf.p, amtread)) != -1) { if (!rc) return false; @@ -5798,7 +5926,7 @@ static bool HandleMessage(void) { connectionclose = true; LOGF("%s sent garbage %`'s", DescribeClient(), VisualizeControlCodes(inbuf.p, MIN(128, amtread), 0)); - p = ServeError(400, "Bad Message"); + return true; } if (!msgsize) { amtread = 0; @@ -5821,78 +5949,13 @@ static bool HandleMessage(void) { msg.uri.b - msg.uri.a, inbuf.p + msg.uri.a, (long)((nowl() - startrequest) * 1e6L)); } - if (!generator) { - if (msg.version >= 10) { - actualcontentlength = contentlength; - if (gzipped) { - actualcontentlength += sizeof(kGzipHeader) + sizeof(gzip_footer); - p = stpcpy(p, "Content-Encoding: gzip\r\n"); - } - p = AppendContentLength(p, actualcontentlength); - p = AppendCrlf(p); - CHECK_LE(p - hdrbuf.p, hdrbuf.n); - if (logmessages) LogMessage("sending", hdrbuf.p, p - hdrbuf.p); - iov[0].iov_base = hdrbuf.p; - iov[0].iov_len = p - hdrbuf.p; - iovlen = 1; - if (!MustNotIncludeMessageBody()) { - if (gzipped) { - iov[iovlen].iov_base = kGzipHeader; - iov[iovlen].iov_len = sizeof(kGzipHeader); - ++iovlen; - } - iov[iovlen].iov_base = content; - iov[iovlen].iov_len = contentlength; - ++iovlen; - if (gzipped) { - iov[iovlen].iov_base = gzip_footer; - iov[iovlen].iov_len = sizeof(gzip_footer); - ++iovlen; - } - } - } else { - iov[0].iov_base = content; - iov[0].iov_len = contentlength; - iovlen = 1; - } - Send(iov, iovlen); - } else { - p = stpcpy(p, "Transfer-Encoding: chunked\r\n"); - p = AppendCrlf(p); - CHECK_LE(p - hdrbuf.p, hdrbuf.n); - if (logmessages) LogMessage("sending", hdrbuf.p, p - hdrbuf.p); - iov[0].iov_base = hdrbuf.p; - iov[0].iov_len = p - hdrbuf.p; - iov[5].iov_base = "\r\n"; - iov[5].iov_len = 2; - for (;;) { - iov[2].iov_base = 0; - iov[2].iov_len = 0; - iov[3].iov_base = 0; - iov[3].iov_len = 0; - iov[4].iov_base = 0; - iov[4].iov_len = 0; - if ((rc = generator(iov + 2)) <= 0) break; - s = chunkbuf; - s += uint64toarray_radix16(rc, s); - s = AppendCrlf(s); - iov[1].iov_base = chunkbuf; - iov[1].iov_len = s - chunkbuf; - if (Send(iov, 6) == -1) break; - iov[0].iov_base = 0; - iov[0].iov_len = 0; - } - if (rc != -1) { - iov[0].iov_base = "0\r\n\r\n"; - iov[0].iov_len = 5; - Send(iov, 1); - } else { - connectionclose = true; - } - } LockInc(&shared->c.messageshandled); ++messageshandled; - return true; + if (!generator) { + return TransmitResponse(p); + } else { + return StreamResponse(p); + } } static void InitRequest(void) { @@ -5926,22 +5989,20 @@ static void HandleMessages(void) { got = rc; amtread += got; if (amtread) { +#ifndef UNSECURE if (!once) { once = true; if (inbuf.p[0] == 22) { -#ifdef UNSECURE - WARNF("%s wants SSL but redbean was compiled with -DUNSECURE", - DescribeClient()); - return; -#else if (TlsSetup()) { continue; } else { return; } -#endif + } else { + WipeServingKeys(); } } +#endif DEBUGF("%s read %,zd bytes", DescribeClient(), got); if (HandleMessage()) { break; @@ -6294,13 +6355,16 @@ static void TlsInit(void) { mbedtls_ssl_config_defaults( &confcli, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_STREAM, suiteb ? MBEDTLS_SSL_PRESET_SUITEB : MBEDTLS_SSL_PRESET_DEFAULT); + DCHECK_EQ(0, + mbedtls_ssl_ticket_setup(&ssltick, mbedtls_ctr_drbg_random, &rng, + MBEDTLS_CIPHER_AES_256_GCM, 24 * 60 * 60)); + mbedtls_ssl_conf_session_tickets_cb(&conf, mbedtls_ssl_ticket_write, + mbedtls_ssl_ticket_parse, &ssltick); + LoadCertificates(); mbedtls_ssl_conf_dbg(&conf, TlsDebug, 0); mbedtls_ssl_conf_dbg(&confcli, TlsDebug, 0); - LoadCertificates(); mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &rng); mbedtls_ssl_conf_rng(&confcli, mbedtls_ctr_drbg_random, &rngcli); - mbedtls_ssl_conf_alpn_protocols(&conf, kAlpn); - mbedtls_ssl_conf_alpn_protocols(&confcli, kAlpn); mbedtls_ssl_conf_authmode(&conf, sslclientverify ? MBEDTLS_SSL_VERIFY_REQUIRED : MBEDTLS_SSL_VERIFY_NONE); mbedtls_ssl_conf_authmode(&confcli, sslfetchverify @@ -6308,8 +6372,10 @@ static void TlsInit(void) { : MBEDTLS_SSL_VERIFY_NONE); mbedtls_ssl_conf_ca_chain(&confcli, (cachain = GetSslRoots()), 0); mbedtls_ssl_set_bio(&ssl, &g_bio, TlsSend, 0, TlsRecv); - mbedtls_ssl_setup(&ssl, &conf); - mbedtls_ssl_setup(&sslcli, &confcli); + DCHECK_EQ(0, mbedtls_ssl_conf_alpn_protocols(&conf, kAlpn)); + DCHECK_EQ(0, mbedtls_ssl_conf_alpn_protocols(&confcli, kAlpn)); + DCHECK_EQ(0, mbedtls_ssl_setup(&ssl, &conf)); + DCHECK_EQ(0, mbedtls_ssl_setup(&sslcli, &confcli)); #endif } @@ -6323,6 +6389,7 @@ static void TlsDestroy(void) { mbedtls_ctr_drbg_free(&rngcli); mbedtls_ssl_config_free(&conf); mbedtls_ssl_config_free(&confcli); + mbedtls_ssl_ticket_free(&ssltick); for (i = 0; i < certs.n; ++i) { mbedtls_x509_crt_free(certs.p[i].cert); mbedtls_pk_free(certs.p[i].key);