Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp1122958imm; Fri, 8 Jun 2018 10:21:45 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLqHHn/IE1gTYmJdPqv1XTja2NkSWBclbOLAOCy5+OKx7mnPxzAuYZOHrPFPxCfbfhiv1Hh X-Received: by 2002:a62:2044:: with SMTP id g65-v6mr6983389pfg.40.1528478505120; Fri, 08 Jun 2018 10:21:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528478505; cv=none; d=google.com; s=arc-20160816; b=SfdnuTs9h7DUCBEpepUezxUFpoNQpbXpN3uhAIAXE4JanzrMCrXckShd3fYSGBqYsh lfn8xAFW5xxxY+vuKp+ixU3oLDRQELZ8vFnciMDOKAnvA1xjHrOOVsv3VVsqB0JxoJBA ysDEtJFmIqLQHLHGPwymbOqaGrSHb02OuoWwVH489C8iwaD89/ZBRAVv8+c92ppzzmvD m9lRoSQG5anLhaF9X5743Qiim6TmkJAEj0wkc6MKlkuIbT88WJ9wD8EG4Zsk0XVWUIR2 fsrT66uVvFhLhASORIeMAIY9JjOHxWT0+q4Jsv4PZ7BqWBajQNRX0ZgPdFbbt6DQK7Y7 6TDA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=otBKpQABlo4dy4ypP658uAEDcJpBKKZuw8foawfi8qo=; b=RHJin0wQhbBKa6blSORRywH1LkrSPR+oLjImE8HAaTMAM6dPDZeGkzwdjIB2xks4cN VZlm4VwG1Cl1I2m2Hb5URuUSPFf2hmTkZ+/N5H9p9n8fgN+ZPjJYJ3kgzdg2YK5rxjPe McOtdRB11tqaN2wqIDEs/5RHNcVorBBiEUhZ3ipr81AbsAuZ+XaRN1mPyM4QiuDp49Mj q1VeCLW0r7GH7hr3JzYIOhdwOsAleFYUeybIypEo/6bJ055UsdMPyvqNvo1V/Zd2jCaX 5NKYx45YQT4AsDrMwKgKl8SR2RS9jl4P0SLLatuOSA92KUekcyrOXH3GPeqm2mmvLfpV w4EA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n124-v6si10234607pga.311.2018.06.08.10.21.30; Fri, 08 Jun 2018 10:21:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752758AbeFHRUi (ORCPT + 99 others); Fri, 8 Jun 2018 13:20:38 -0400 Received: from mga18.intel.com ([134.134.136.126]:17113 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932130AbeFHRUe (ORCPT ); Fri, 8 Jun 2018 13:20:34 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 Jun 2018 10:20:34 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.49,490,1520924400"; d="scan'208";a="231035212" Received: from nzou1-mobl1.ccr.corp.intel.com (HELO localhost) ([10.249.254.60]) by orsmga005.jf.intel.com with ESMTP; 08 Jun 2018 10:20:27 -0700 From: Jarkko Sakkinen To: x86@kernel.org, platform-driver-x86@vger.kernel.org Cc: dave.hansen@intel.com, sean.j.christopherson@intel.com, nhorman@redhat.com, npmccallum@redhat.com, Herbert Xu , "David S. Miller" , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , linux-crypto@vger.kernel.org (open list:CRYPTO API), linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v11 06/13] crypto: aesni: add minimal build option for SGX LE Date: Fri, 8 Jun 2018 19:09:41 +0200 Message-Id: <20180608171216.26521-7-jarkko.sakkinen@linux.intel.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20180608171216.26521-1-jarkko.sakkinen@linux.intel.com> References: <20180608171216.26521-1-jarkko.sakkinen@linux.intel.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Sean Christopherson Allow building a minimal subset of the low-level AESNI functions by defining AESNI_INTEL_MINIMAL. The SGX Launch Enclave will utilize a small number of AESNI functions for creating CMACs when generating tokens for userspace enclaves. Reducing the size of the LE is high priority as EPC space is at a premium and initializing/measuring EPC pages is extremely slow, and defining only the minimal set of AESNI functions reduces the size of the in-kernel LE by over 50%. Because the LE is a (very) non-standard build environment, using linker tricks e.g. --gc-sections to remove the unused functions is not an option. Eliminating the unused AESNI functions also eliminates all usage of the retpoline macros, e.g. CALL_NOSPEC, which allows the LE linker script to assert that the alternatives and retpoline sections don't exist in the final binary. Because the LE's code cannot be patched, i.e. retpoline can't be enabled via alternatives, we want to assert that we're not expecting a security feature that can't be enabled. Signed-off-by: Sean Christopherson --- arch/x86/crypto/aesni-intel_asm.S | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/arch/x86/crypto/aesni-intel_asm.S b/arch/x86/crypto/aesni-intel_asm.S index e762ef417562..5a0a487466d5 100644 --- a/arch/x86/crypto/aesni-intel_asm.S +++ b/arch/x86/crypto/aesni-intel_asm.S @@ -45,6 +45,8 @@ #define MOVADQ movaps #define MOVUDQ movups +#ifndef AESNI_INTEL_MINIMAL + #ifdef __x86_64__ # constants in mergeable sections, linker can reorder and merge @@ -133,6 +135,8 @@ ALL_F: .octa 0xffffffffffffffffffffffffffffffff #define keysize 2*15*16(%arg1) #endif +#endif /* AESNI_INTEL_MINIMAL */ + #define STATE1 %xmm0 #define STATE2 %xmm4 @@ -506,6 +510,8 @@ _T_16_\@: _return_T_done_\@: .endm +#ifndef AESNI_INTEL_MINIMAL + #ifdef __x86_64__ /* GHASH_MUL MACRO to implement: Data*HashKey mod (128,127,126,121,0) * @@ -1760,6 +1766,7 @@ ENDPROC(aesni_gcm_finalize) #endif +#endif /* AESNI_INTEL_MINIMAL */ .align 4 _key_expansion_128: @@ -2031,6 +2038,8 @@ _aesni_enc1: ret ENDPROC(_aesni_enc1) +#ifndef AESNI_INTEL_MINIMAL + /* * _aesni_enc4: internal ABI * input: @@ -2840,3 +2849,5 @@ ENTRY(aesni_xts_crypt8) ENDPROC(aesni_xts_crypt8) #endif + +#endif /* AESNI_INTEL_MINIMAL */ -- 2.17.0