Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp1122958imm;
        Fri, 8 Jun 2018 10:21:45 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKLqHHn/IE1gTYmJdPqv1XTja2NkSWBclbOLAOCy5+OKx7mnPxzAuYZOHrPFPxCfbfhiv1Hh
X-Received: by 2002:a62:2044:: with SMTP id g65-v6mr6983389pfg.40.1528478505120;
        Fri, 08 Jun 2018 10:21:45 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1528478505; cv=none;
        d=google.com; s=arc-20160816;
        b=SfdnuTs9h7DUCBEpepUezxUFpoNQpbXpN3uhAIAXE4JanzrMCrXckShd3fYSGBqYsh
         lfn8xAFW5xxxY+vuKp+ixU3oLDRQELZ8vFnciMDOKAnvA1xjHrOOVsv3VVsqB0JxoJBA
         ysDEtJFmIqLQHLHGPwymbOqaGrSHb02OuoWwVH489C8iwaD89/ZBRAVv8+c92ppzzmvD
         m9lRoSQG5anLhaF9X5743Qiim6TmkJAEj0wkc6MKlkuIbT88WJ9wD8EG4Zsk0XVWUIR2
         fsrT66uVvFhLhASORIeMAIY9JjOHxWT0+q4Jsv4PZ7BqWBajQNRX0ZgPdFbbt6DQK7Y7
         6TDA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:arc-authentication-results;
        bh=otBKpQABlo4dy4ypP658uAEDcJpBKKZuw8foawfi8qo=;
        b=RHJin0wQhbBKa6blSORRywH1LkrSPR+oLjImE8HAaTMAM6dPDZeGkzwdjIB2xks4cN
         VZlm4VwG1Cl1I2m2Hb5URuUSPFf2hmTkZ+/N5H9p9n8fgN+ZPjJYJ3kgzdg2YK5rxjPe
         McOtdRB11tqaN2wqIDEs/5RHNcVorBBiEUhZ3ipr81AbsAuZ+XaRN1mPyM4QiuDp49Mj
         q1VeCLW0r7GH7hr3JzYIOhdwOsAleFYUeybIypEo/6bJ055UsdMPyvqNvo1V/Zd2jCaX
         5NKYx45YQT4AsDrMwKgKl8SR2RS9jl4P0SLLatuOSA92KUekcyrOXH3GPeqm2mmvLfpV
         w4EA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id n124-v6si10234607pga.311.2018.06.08.10.21.30;
        Fri, 08 Jun 2018 10:21:45 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752758AbeFHRUi (ORCPT <rfc822;austinkernel.kim@gmail.com>
        + 99 others); Fri, 8 Jun 2018 13:20:38 -0400
Received: from mga18.intel.com ([134.134.136.126]:17113 "EHLO mga18.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S932130AbeFHRUe (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 8 Jun 2018 13:20:34 -0400
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga005.jf.intel.com ([10.7.209.41])
  by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 Jun 2018 10:20:34 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.49,490,1520924400"; 
   d="scan'208";a="231035212"
Received: from nzou1-mobl1.ccr.corp.intel.com (HELO localhost) ([10.249.254.60])
  by orsmga005.jf.intel.com with ESMTP; 08 Jun 2018 10:20:27 -0700
From:   Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To:     x86@kernel.org, platform-driver-x86@vger.kernel.org
Cc:     dave.hansen@intel.com, sean.j.christopherson@intel.com,
        nhorman@redhat.com, npmccallum@redhat.com,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>,
        "H. Peter Anvin" <hpa@zytor.com>,
        linux-crypto@vger.kernel.org (open list:CRYPTO API),
        linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND
        64-BIT))
Subject: [PATCH v11 06/13] crypto: aesni: add minimal build option for SGX LE
Date:   Fri,  8 Jun 2018 19:09:41 +0200
Message-Id: <20180608171216.26521-7-jarkko.sakkinen@linux.intel.com>
X-Mailer: git-send-email 2.17.0
In-Reply-To: <20180608171216.26521-1-jarkko.sakkinen@linux.intel.com>
References: <20180608171216.26521-1-jarkko.sakkinen@linux.intel.com>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Sean Christopherson <sean.j.christopherson@intel.com>

Allow building a minimal subset of the low-level AESNI functions by
defining AESNI_INTEL_MINIMAL.  The SGX Launch Enclave will utilize
a small number of AESNI functions for creating CMACs when generating
tokens for userspace enclaves.

Reducing the size of the LE is high priority as EPC space is at a
premium and initializing/measuring EPC pages is extremely slow, and
defining only the minimal set of AESNI functions reduces the size of
the in-kernel LE by over 50%.  Because the LE is a (very) non-standard
build environment, using linker tricks e.g. --gc-sections to remove
the unused functions is not an option.

Eliminating the unused AESNI functions also eliminates all usage of
the retpoline macros, e.g. CALL_NOSPEC, which allows the LE linker
script to assert that the alternatives and retpoline sections don't
exist in the final binary.  Because the LE's code cannot be patched,
i.e. retpoline can't be enabled via alternatives, we want to assert
that we're not expecting a security feature that can't be enabled.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
 arch/x86/crypto/aesni-intel_asm.S | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/arch/x86/crypto/aesni-intel_asm.S b/arch/x86/crypto/aesni-intel_asm.S
index e762ef417562..5a0a487466d5 100644
--- a/arch/x86/crypto/aesni-intel_asm.S
+++ b/arch/x86/crypto/aesni-intel_asm.S
@@ -45,6 +45,8 @@
 #define MOVADQ	movaps
 #define MOVUDQ	movups
 
+#ifndef AESNI_INTEL_MINIMAL
+
 #ifdef __x86_64__
 
 # constants in mergeable sections, linker can reorder and merge
@@ -133,6 +135,8 @@ ALL_F:      .octa 0xffffffffffffffffffffffffffffffff
 #define keysize 2*15*16(%arg1)
 #endif
 
+#endif /* AESNI_INTEL_MINIMAL */
+
 
 #define STATE1	%xmm0
 #define STATE2	%xmm4
@@ -506,6 +510,8 @@ _T_16_\@:
 _return_T_done_\@:
 .endm
 
+#ifndef AESNI_INTEL_MINIMAL
+
 #ifdef __x86_64__
 /* GHASH_MUL MACRO to implement: Data*HashKey mod (128,127,126,121,0)
 *
@@ -1760,6 +1766,7 @@ ENDPROC(aesni_gcm_finalize)
 
 #endif
 
+#endif /* AESNI_INTEL_MINIMAL */
 
 .align 4
 _key_expansion_128:
@@ -2031,6 +2038,8 @@ _aesni_enc1:
 	ret
 ENDPROC(_aesni_enc1)
 
+#ifndef AESNI_INTEL_MINIMAL
+
 /*
  * _aesni_enc4:	internal ABI
  * input:
@@ -2840,3 +2849,5 @@ ENTRY(aesni_xts_crypt8)
 ENDPROC(aesni_xts_crypt8)
 
 #endif
+
+#endif /* AESNI_INTEL_MINIMAL */
-- 
2.17.0