grpc 1.65.0 → 1.65.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +1 -1
  3. data/src/core/client_channel/subchannel.cc +10 -7
  4. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +3 -1
  5. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +6 -6
  6. data/src/core/ext/transport/inproc/inproc_transport.cc +2 -2
  7. data/src/core/handshaker/http_connect/http_connect_handshaker.cc +2 -2
  8. data/src/core/handshaker/http_connect/http_proxy_mapper.cc +7 -10
  9. data/src/core/lib/compression/message_compress.cc +3 -3
  10. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +2 -1
  11. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +3 -3
  12. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +1 -1
  13. data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +6 -6
  14. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +12 -6
  15. data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +3 -2
  16. data/src/core/lib/event_engine/windows/win_socket.cc +4 -2
  17. data/src/core/lib/event_engine/windows/windows_endpoint.cc +5 -4
  18. data/src/core/lib/experiments/config.cc +11 -9
  19. data/src/core/lib/experiments/experiments.cc +1 -1
  20. data/src/core/lib/experiments/experiments.h +1 -2
  21. data/src/core/lib/gprpp/dual_ref_counted.h +30 -30
  22. data/src/core/lib/iomgr/endpoint_pair_windows.cc +4 -4
  23. data/src/core/lib/iomgr/ev_epoll1_linux.cc +1 -1
  24. data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -17
  25. data/src/core/lib/iomgr/socket_windows.cc +3 -3
  26. data/src/core/lib/iomgr/tcp_posix.cc +2 -2
  27. data/src/core/lib/iomgr/tcp_server_posix.cc +9 -12
  28. data/src/core/lib/iomgr/tcp_server_windows.cc +2 -2
  29. data/src/core/lib/promise/party.cc +4 -4
  30. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +2 -2
  31. data/src/core/load_balancing/grpclb/grpclb.cc +14 -15
  32. data/src/core/server/server.cc +1 -1
  33. data/src/core/util/log.cc +10 -8
  34. data/src/ruby/lib/grpc/version.rb +1 -1
  35. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +3 -5
  36. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +7 -0
  37. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.c +4 -1
  38. data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.c +0 -15
  39. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +7 -61
  40. data/third_party/boringssl-with-bazel/src/crypto/dilithium/dilithium.c +43 -1
  41. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +21 -0
  42. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +31 -7
  43. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +0 -2
  44. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.c +5 -0
  45. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +6 -4
  46. data/third_party/boringssl-with-bazel/src/crypto/internal.h +22 -10
  47. data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +1 -0
  48. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +6 -11
  49. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/dilithium.h +6 -0
  50. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +10 -0
  51. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +26 -12
  52. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +83 -33
  53. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -8
  54. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +4 -4
  55. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +14 -13
  56. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +22 -16
  57. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +2 -1
  58. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +2 -1
  59. data/third_party/boringssl-with-bazel/src/ssl/internal.h +15 -15
  60. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +1 -0
  61. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +38 -27
  62. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +59 -20
  63. data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +1 -1
  64. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +2 -1
  65. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +1 -1
  66. metadata +3 -3
@@ -374,22 +374,21 @@ grpc_error_handle grpc_set_socket_tcp_user_timeout(
374
374
  // if it is available.
375
375
  if (g_socket_supports_tcp_user_timeout.load() == 0) {
376
376
  if (0 != getsockopt(fd, IPPROTO_TCP, TCP_USER_TIMEOUT, &newval, &len)) {
377
- gpr_log(GPR_INFO,
378
- "TCP_USER_TIMEOUT is not available. TCP_USER_TIMEOUT won't "
379
- "be used thereafter");
377
+ GRPC_TRACE_LOG(tcp, INFO)
378
+ << "TCP_USER_TIMEOUT is not available. TCP_USER_TIMEOUT won't be "
379
+ "used thereafter";
380
380
  g_socket_supports_tcp_user_timeout.store(-1);
381
381
  } else {
382
- gpr_log(GPR_INFO,
383
- "TCP_USER_TIMEOUT is available. TCP_USER_TIMEOUT will be "
384
- "used thereafter");
382
+ GRPC_TRACE_LOG(tcp, INFO)
383
+ << "TCP_USER_TIMEOUT is available. TCP_USER_TIMEOUT will be used "
384
+ "thereafter";
385
385
  g_socket_supports_tcp_user_timeout.store(1);
386
386
  }
387
387
  }
388
388
  if (g_socket_supports_tcp_user_timeout.load() > 0) {
389
- if (GRPC_TRACE_FLAG_ENABLED(tcp)) {
390
- gpr_log(GPR_INFO, "Enabling TCP_USER_TIMEOUT with a timeout of %d ms",
391
- timeout);
392
- }
389
+ GRPC_TRACE_LOG(tcp, INFO)
390
+ << "Enabling TCP_USER_TIMEOUT with a timeout of " << timeout
391
+ << " ms";
393
392
  if (0 != setsockopt(fd, IPPROTO_TCP, TCP_USER_TIMEOUT, &timeout,
394
393
  sizeof(timeout))) {
395
394
  gpr_log(GPR_ERROR, "setsockopt(TCP_USER_TIMEOUT) %s",
@@ -402,10 +401,9 @@ grpc_error_handle grpc_set_socket_tcp_user_timeout(
402
401
  return absl::OkStatus();
403
402
  }
404
403
  if (newval != timeout) {
405
- gpr_log(GPR_INFO,
406
- "Setting TCP_USER_TIMEOUT to value %d ms. Actual "
407
- "TCP_USER_TIMEOUT value is %d ms",
408
- timeout, newval);
404
+ GRPC_TRACE_LOG(tcp, INFO)
405
+ << "Setting TCP_USER_TIMEOUT to value " << timeout
406
+ << " ms. Actual TCP_USER_TIMEOUT value is " << newval << " ms";
409
407
  return absl::OkStatus();
410
408
  }
411
409
  }
@@ -442,7 +440,8 @@ static void probe_ipv6_once(void) {
442
440
  int fd = socket(AF_INET6, SOCK_STREAM, 0);
443
441
  g_ipv6_loopback_available = 0;
444
442
  if (fd < 0) {
445
- LOG(INFO) << "Disabling AF_INET6 sockets because socket() failed.";
443
+ GRPC_TRACE_LOG(tcp, INFO)
444
+ << "Disabling AF_INET6 sockets because socket() failed.";
446
445
  } else {
447
446
  grpc_sockaddr_in6 addr;
448
447
  memset(&addr, 0, sizeof(addr));
@@ -451,8 +450,8 @@ static void probe_ipv6_once(void) {
451
450
  if (bind(fd, reinterpret_cast<grpc_sockaddr*>(&addr), sizeof(addr)) == 0) {
452
451
  g_ipv6_loopback_available = 1;
453
452
  } else {
454
- gpr_log(GPR_INFO,
455
- "Disabling AF_INET6 sockets because ::1 is not available.");
453
+ GRPC_TRACE_LOG(tcp, INFO)
454
+ << "Disabling AF_INET6 sockets because ::1 is not available.";
456
455
  }
457
456
  close(fd);
458
457
  }
@@ -132,7 +132,7 @@ void grpc_winsocket_shutdown(grpc_winsocket* winsocket) {
132
132
  DisconnectEx(winsocket->socket, NULL, 0, 0);
133
133
  } else {
134
134
  char* utf8_message = gpr_format_message(WSAGetLastError());
135
- LOG(INFO) << "Unable to retrieve DisconnectEx pointer : " << utf8_message;
135
+ VLOG(2) << "Unable to retrieve DisconnectEx pointer : " << utf8_message;
136
136
  gpr_free(utf8_message);
137
137
  }
138
138
  // Calling closesocket triggers invocation of any pending I/O operations with
@@ -216,7 +216,7 @@ static void probe_ipv6_once(void) {
216
216
  SOCKET s = socket(AF_INET6, SOCK_STREAM, 0);
217
217
  g_ipv6_loopback_available = 0;
218
218
  if (s == INVALID_SOCKET) {
219
- LOG(INFO) << "Disabling AF_INET6 sockets because socket() failed.";
219
+ VLOG(2) << "Disabling AF_INET6 sockets because socket() failed.";
220
220
  } else {
221
221
  grpc_sockaddr_in6 addr;
222
222
  memset(&addr, 0, sizeof(addr));
@@ -225,7 +225,7 @@ static void probe_ipv6_once(void) {
225
225
  if (bind(s, reinterpret_cast<grpc_sockaddr*>(&addr), sizeof(addr)) == 0) {
226
226
  g_ipv6_loopback_available = 1;
227
227
  } else {
228
- LOG(INFO) << "Disabling AF_INET6 sockets because ::1 is not available.";
228
+ VLOG(2) << "Disabling AF_INET6 sockets because ::1 is not available.";
229
229
  }
230
230
  closesocket(s);
231
231
  }
@@ -210,7 +210,8 @@ class TcpZerocopySendCtx {
210
210
  if (send_records_ == nullptr || free_send_records_ == nullptr) {
211
211
  gpr_free(send_records_);
212
212
  gpr_free(free_send_records_);
213
- LOG(INFO) << "Disabling TCP TX zerocopy due to memory pressure.\n";
213
+ GRPC_TRACE_LOG(tcp, INFO)
214
+ << "Disabling TCP TX zerocopy due to memory pressure.\n";
214
215
  memory_limited_ = true;
215
216
  } else {
216
217
  for (int idx = 0; idx < max_sends_; ++idx) {
@@ -806,7 +807,6 @@ static void tcp_ref(grpc_tcp* tcp) { tcp->refcount.Ref(); }
806
807
  #endif
807
808
 
808
809
  static void tcp_destroy(grpc_endpoint* ep) {
809
- gpr_log(GPR_INFO, "IOMGR endpoint shutdown");
810
810
  grpc_tcp* tcp = reinterpret_cast<grpc_tcp*>(ep);
811
811
  ZerocopyDisableAndWaitForRemaining(tcp);
812
812
  grpc_fd_shutdown(tcp->em_fd, absl::UnavailableError("endpoint shutdown"));
@@ -424,10 +424,9 @@ static void on_read(void* arg, grpc_error_handle err) {
424
424
  int64_t dropped_connections_count =
425
425
  num_dropped_connections.fetch_add(1, std::memory_order_relaxed) + 1;
426
426
  if (dropped_connections_count % 1000 == 1) {
427
- gpr_log(GPR_INFO,
428
- "Dropped >= %" PRId64
429
- " new connection attempts due to high memory pressure",
430
- dropped_connections_count);
427
+ GRPC_TRACE_LOG(tcp, INFO)
428
+ << "Dropped >= " << dropped_connections_count
429
+ << " new connection attempts due to high memory pressure";
431
430
  }
432
431
  close(fd);
433
432
  continue;
@@ -549,16 +548,14 @@ static grpc_error_handle add_wildcard_addrs_to_server(grpc_tcp_server* s,
549
548
  }
550
549
  if (*out_port > 0) {
551
550
  if (!v6_err.ok()) {
552
- gpr_log(GPR_INFO,
553
- "Failed to add :: listener, "
554
- "the environment may not support IPv6: %s",
555
- grpc_core::StatusToString(v6_err).c_str());
551
+ GRPC_TRACE_LOG(tcp, INFO) << "Failed to add :: listener, "
552
+ << "the environment may not support IPv6: "
553
+ << grpc_core::StatusToString(v6_err);
556
554
  }
557
555
  if (!v4_err.ok()) {
558
- gpr_log(GPR_INFO,
559
- "Failed to add 0.0.0.0 listener, "
560
- "the environment may not support IPv4: %s",
561
- grpc_core::StatusToString(v4_err).c_str());
556
+ GRPC_TRACE_LOG(tcp, INFO) << "Failed to add 0.0.0.0 listener, "
557
+ << "the environment may not support IPv4: "
558
+ << grpc_core::StatusToString(v4_err);
562
559
  }
563
560
  return absl::OkStatus();
564
561
  } else {
@@ -386,8 +386,8 @@ static void on_accept(void* arg, grpc_error_handle error) {
386
386
  // this is necessary in the read/write case, it's useless for the accept
387
387
  // case. We only need to adjust the pending callback count
388
388
  if (!error.ok()) {
389
- LOG(INFO) << "Skipping on_accept due to error: "
390
- << grpc_core::StatusToString(error);
389
+ VLOG(2) << "Skipping on_accept due to error: "
390
+ << grpc_core::StatusToString(error);
391
391
 
392
392
  gpr_mu_unlock(&sp->server->mu);
393
393
  return;
@@ -288,13 +288,13 @@ bool Party::RunOneParticipant(int i) {
288
288
  currently_polling_ = kNotPolling;
289
289
  if (done) {
290
290
  if (!name.empty()) {
291
- gpr_log(GPR_INFO, "%s[%s] end poll and finish job %d", DebugTag().c_str(),
292
- std::string(name).c_str(), i);
291
+ GRPC_TRACE_LOG(promise_primitives, INFO)
292
+ << DebugTag() << "[" << name << "] end poll and finish job " << i;
293
293
  }
294
294
  participants_[i].store(nullptr, std::memory_order_relaxed);
295
295
  } else if (!name.empty()) {
296
- gpr_log(GPR_INFO, "%s[%s] end poll", DebugTag().c_str(),
297
- std::string(name).c_str());
296
+ GRPC_TRACE_LOG(promise_primitives, INFO)
297
+ << DebugTag() << "[" << name << "] end poll";
298
298
  }
299
299
  return done;
300
300
  }
@@ -397,8 +397,8 @@ void TlsChannelSecurityConnector::cancel_check_peer(
397
397
  if (it != pending_verifier_requests_.end()) {
398
398
  pending_verifier_request = it->second->request();
399
399
  } else {
400
- LOG(INFO) << "TlsChannelSecurityConnector::cancel_check_peer: no "
401
- "corresponding pending request found";
400
+ VLOG(2) << "TlsChannelSecurityConnector::cancel_check_peer: no "
401
+ "corresponding pending request found";
402
402
  }
403
403
  }
404
404
  if (pending_verifier_request != nullptr) {
@@ -489,10 +489,10 @@ class GrpcLb final : public LoadBalancingPolicy {
489
489
  new_state == GRPC_CHANNEL_TRANSIENT_FAILURE) {
490
490
  // In TRANSIENT_FAILURE. Cancel the fallback timer and go into
491
491
  // fallback mode immediately.
492
- gpr_log(GPR_INFO,
493
- "[grpclb %p] balancer channel in state:TRANSIENT_FAILURE (%s); "
494
- "entering fallback mode",
495
- parent_.get(), status.ToString().c_str());
492
+ GRPC_TRACE_LOG(glb, INFO)
493
+ << "[grpclb " << parent_.get()
494
+ << "] balancer channel in state:TRANSIENT_FAILURE ("
495
+ << status.ToString() << "); entering fallback mode";
496
496
  parent_->fallback_at_startup_checks_pending_ = false;
497
497
  parent_->channel_control_helper()->GetEventEngine()->Cancel(
498
498
  *parent_->lb_fallback_timer_handle_);
@@ -670,11 +670,10 @@ class GrpcLb::Serverlist::AddressIterator final
670
670
  std::string lb_token(server.load_balance_token, lb_token_length);
671
671
  if (lb_token.empty()) {
672
672
  auto addr_uri = grpc_sockaddr_to_uri(&addr);
673
- gpr_log(GPR_INFO,
674
- "Missing LB token for backend address '%s'. The empty token "
675
- "will be used instead",
676
- addr_uri.ok() ? addr_uri->c_str()
677
- : addr_uri.status().ToString().c_str());
673
+ GRPC_TRACE_LOG(glb, INFO)
674
+ << "Missing LB token for backend address '"
675
+ << (addr_uri.ok() ? *addr_uri : addr_uri.status().ToString())
676
+ << "'. The empty token will be used instead";
678
677
  }
679
678
  // Return address with a channel arg containing LB token and stats object.
680
679
  callback(EndpointAddresses(
@@ -852,12 +851,12 @@ void GrpcLb::Helper::UpdateState(grpc_connectivity_state state,
852
851
  client_stats = parent()->lb_calld_->client_stats()->Ref();
853
852
  }
854
853
  if (GRPC_TRACE_FLAG_ENABLED(glb)) {
855
- gpr_log(GPR_INFO,
856
- "[grpclb %p helper %p] state=%s (%s) wrapping child "
857
- "picker %p (serverlist=%p, client_stats=%p)",
858
- parent(), this, ConnectivityStateName(state),
859
- status.ToString().c_str(), picker.get(), serverlist.get(),
860
- client_stats.get());
854
+ GRPC_TRACE_LOG(glb, INFO)
855
+ << "[grpclb " << parent() << " helper " << this
856
+ << "] state=" << ConnectivityStateName(state) << " ("
857
+ << status.ToString() << ") wrapping child picker " << picker.get()
858
+ << " (serverlist=" << serverlist.get()
859
+ << ", client_stats=" << client_stats.get() << ")";
861
860
  }
862
861
  parent()->channel_control_helper()->UpdateState(
863
862
  state, status,
@@ -976,7 +976,7 @@ grpc_error_handle Server::SetupTransport(
976
976
  }
977
977
  t->StartConnectivityWatch(MakeOrphanable<TransportConnectivityWatcher>(
978
978
  t->RefAsSubclass<ServerTransport>(), Ref()));
979
- LOG(INFO) << "Adding connection";
979
+ GRPC_TRACE_LOG(server_channel, INFO) << "Adding connection";
980
980
  connections_.emplace(std::move(t));
981
981
  ++connections_open_;
982
982
  } else {
data/src/core/util/log.cc CHANGED
@@ -70,10 +70,10 @@ int gpr_should_log(gpr_log_severity severity) {
70
70
  // MinLogLevel is. We could have saved this in a static const variable.
71
71
  // But decided against it just in case anyone programatically sets absl
72
72
  // min log level settings after this has been initialized.
73
- // Same holds for VLOG_IS_ON(2).
73
+ // Same holds for ABSL_VLOG_IS_ON(2).
74
74
  return absl::MinLogLevel() <= absl::LogSeverityAtLeast::kInfo;
75
75
  case GPR_LOG_SEVERITY_DEBUG:
76
- return VLOG_IS_ON(2);
76
+ return ABSL_VLOG_IS_ON(2);
77
77
  default:
78
78
  DLOG(ERROR) << "Invalid gpr_log_severity.";
79
79
  return true;
@@ -132,15 +132,17 @@ void gpr_log_verbosity_init(void) {
132
132
  absl::string_view verbosity = grpc_core::ConfigVars::Get().Verbosity();
133
133
  DVLOG(2) << "Log verbosity: " << verbosity;
134
134
  if (absl::EqualsIgnoreCase(verbosity, "INFO")) {
135
- LOG(WARNING) << "Not suitable for production. Prefer WARNING or ERROR. "
136
- "However if you see this message in a debug environmenmt "
137
- "or test environmenmt it is safe to ignore this message.";
135
+ LOG_FIRST_N(WARNING, 1)
136
+ << "Log level INFO is not suitable for production. Prefer WARNING or "
137
+ "ERROR. However if you see this message in a debug environmenmt or "
138
+ "test environmenmt it is safe to ignore this message.";
138
139
  absl::SetVLogLevel("*grpc*/*", -1);
139
140
  absl::SetMinLogLevel(absl::LogSeverityAtLeast::kInfo);
140
141
  } else if (absl::EqualsIgnoreCase(verbosity, "DEBUG")) {
141
- LOG(WARNING) << "Not suitable for production. Prefer WARNING or ERROR. "
142
- "However if you see this message in a debug environmenmt "
143
- "or test environmenmt it is safe to ignore this message.";
142
+ LOG_FIRST_N(WARNING, 1)
143
+ << "Log level DEBUG is not suitable for production. Prefer WARNING or "
144
+ "ERROR. However if you see this message in a debug environmenmt or "
145
+ "test environmenmt it is safe to ignore this message.";
144
146
  absl::SetVLogLevel("*grpc*/*", 2);
145
147
  absl::SetMinLogLevel(absl::LogSeverityAtLeast::kInfo);
146
148
  } else if (absl::EqualsIgnoreCase(verbosity, "ERROR")) {
@@ -14,5 +14,5 @@
14
14
 
15
15
  # GRPC contains the General RPC module.
16
16
  module GRPC
17
- VERSION = '1.65.0'
17
+ VERSION = '1.65.2'
18
18
  end
@@ -507,11 +507,9 @@ int CBS_get_asn1_int64(CBS *cbs, int64_t *out) {
507
507
  return 0;
508
508
  }
509
509
  uint8_t sign_extend[sizeof(int64_t)];
510
- memset(sign_extend, is_negative ? 0xff : 0, sizeof(sign_extend));
511
- for (size_t i = 0; i < len; i++) {
512
- sign_extend[i] = data[len - i - 1];
513
- }
514
- memcpy(out, sign_extend, sizeof(sign_extend));
510
+ OPENSSL_memset(sign_extend, is_negative ? 0xff : 0, sizeof(sign_extend));
511
+ OPENSSL_memcpy(sign_extend + sizeof(int64_t) - len, data, len);
512
+ *out = CRYPTO_load_u64_be(sign_extend);
515
513
  return 1;
516
514
  }
517
515
 
@@ -41,6 +41,13 @@ static_assert(alignof(union evp_aead_ctx_st_state) >=
41
41
 
42
42
  static int aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
43
43
  size_t key_len, size_t tag_len) {
44
+ // TODO(crbug.com/42290548): The x86_64 assembly depends on initializing
45
+ // |OPENSSL_ia32cap_P|. Move the dispatch to C. While we're here, it may be
46
+ // worth adjusting the assembly calling convention. The assembly functions do
47
+ // too much work right now. For now, explicitly initialize |OPENSSL_ia32cap_P|
48
+ // first.
49
+ OPENSSL_init_cpuid();
50
+
44
51
  struct aead_chacha20_poly1305_ctx *c20_ctx =
45
52
  (struct aead_chacha20_poly1305_ctx *)&ctx->state;
46
53
 
@@ -143,6 +143,9 @@ void OPENSSL_cpuid_setup(void) {
143
143
 
144
144
  int CRYPTO_has_broken_NEON(void) { return 0; }
145
145
 
146
- int CRYPTO_needs_hwcap2_workaround(void) { return g_needs_hwcap2_workaround; }
146
+ int CRYPTO_needs_hwcap2_workaround(void) {
147
+ OPENSSL_init_cpuid();
148
+ return g_needs_hwcap2_workaround;
149
+ }
147
150
 
148
151
  #endif // OPENSSL_ARM && OPENSSL_LINUX && !OPENSSL_STATIC_ARMCAP
@@ -208,15 +208,6 @@ void OPENSSL_cpuid_setup(void) {
208
208
  // Reserved bit #30 is repurposed to signal an Intel CPU.
209
209
  if (is_intel) {
210
210
  edx |= (1u << 30);
211
-
212
- // Clear the XSAVE bit on Knights Landing to mimic Silvermont. This enables
213
- // some Silvermont-specific codepaths which perform better. See OpenSSL
214
- // commit 64d92d74985ebb3d0be58a9718f9e080a14a8e7f and
215
- // |CRYPTO_cpu_perf_is_like_silvermont|.
216
- if ((eax & 0x0fff0ff0) == 0x00050670 /* Knights Landing */ ||
217
- (eax & 0x0fff0ff0) == 0x00080650 /* Knights Mill (per SDE) */) {
218
- ecx &= ~(1u << 26);
219
- }
220
211
  } else {
221
212
  edx &= ~(1u << 30);
222
213
  }
@@ -251,12 +242,6 @@ void OPENSSL_cpuid_setup(void) {
251
242
  extended_features[0] &= ~(1u << 16);
252
243
  }
253
244
 
254
- // Disable ADX instructions on Knights Landing. See OpenSSL commit
255
- // 64d92d74985ebb3d0be58a9718f9e080a14a8e7f.
256
- if ((ecx & (1u << 26)) == 0) {
257
- extended_features[0] &= ~(1u << 19);
258
- }
259
-
260
245
  OPENSSL_ia32cap_P[0] = edx;
261
246
  OPENSSL_ia32cap_P[1] = ecx;
262
247
  OPENSSL_ia32cap_P[2] = extended_features[0];
@@ -24,23 +24,6 @@
24
24
  static_assert(sizeof(ossl_ssize_t) == sizeof(size_t),
25
25
  "ossl_ssize_t should be the same size as size_t");
26
26
 
27
- #if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_STATIC_ARMCAP) && \
28
- (defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
29
- defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64))
30
- // x86, x86_64, and the ARMs need to record the result of a cpuid/getauxval call
31
- // for the asm to work correctly, unless compiled without asm code.
32
- #define NEED_CPUID
33
-
34
- #else
35
-
36
- // Otherwise, don't emit a static initialiser.
37
-
38
- #if !defined(BORINGSSL_NO_STATIC_INITIALIZER)
39
- #define BORINGSSL_NO_STATIC_INITIALIZER
40
- #endif
41
-
42
- #endif // !NO_ASM && !STATIC_ARMCAP && (X86 || X86_64 || ARM || AARCH64)
43
-
44
27
 
45
28
  // Our assembly does not use the GOT to reference symbols, which means
46
29
  // references to visible symbols will often require a TEXTREL. This is
@@ -79,7 +62,7 @@ HIDDEN uint8_t BORINGSSL_function_hit[7] = {0};
79
62
  HIDDEN uint32_t OPENSSL_ia32cap_P[4] = {0};
80
63
 
81
64
  uint32_t OPENSSL_get_ia32cap(int idx) {
82
- CRYPTO_library_init();
65
+ OPENSSL_init_cpuid();
83
66
  return OPENSSL_ia32cap_P[idx];
84
67
  }
85
68
 
@@ -121,60 +104,24 @@ HIDDEN uint32_t OPENSSL_armcap_P =
121
104
  HIDDEN uint32_t OPENSSL_armcap_P = 0;
122
105
 
123
106
  uint32_t *OPENSSL_get_armcap_pointer_for_test(void) {
124
- CRYPTO_library_init();
107
+ OPENSSL_init_cpuid();
125
108
  return &OPENSSL_armcap_P;
126
109
  }
127
110
  #endif
128
111
 
129
112
  uint32_t OPENSSL_get_armcap(void) {
130
- CRYPTO_library_init();
113
+ OPENSSL_init_cpuid();
131
114
  return OPENSSL_armcap_P;
132
115
  }
133
116
 
134
117
  #endif
135
118
 
136
- #if defined(BORINGSSL_FIPS)
137
- // In FIPS mode, the power-on self-test function calls |CRYPTO_library_init|
138
- // because we have to ensure that CPUID detection occurs first.
139
- #define BORINGSSL_NO_STATIC_INITIALIZER
140
- #endif
141
-
142
- #if defined(OPENSSL_WINDOWS) && !defined(BORINGSSL_NO_STATIC_INITIALIZER)
143
- #define OPENSSL_CDECL __cdecl
144
- #else
145
- #define OPENSSL_CDECL
146
- #endif
147
-
148
- #if defined(BORINGSSL_NO_STATIC_INITIALIZER)
149
- static CRYPTO_once_t once = CRYPTO_ONCE_INIT;
150
- #elif defined(_MSC_VER)
151
- #pragma section(".CRT$XCU", read)
152
- static void __cdecl do_library_init(void);
153
- __declspec(allocate(".CRT$XCU")) void(*library_init_constructor)(void) =
154
- do_library_init;
155
- #else
156
- static void do_library_init(void) __attribute__ ((constructor));
157
- #endif
158
-
159
- // do_library_init is the actual initialization function. If
160
- // BORINGSSL_NO_STATIC_INITIALIZER isn't defined, this is set as a static
161
- // initializer. Otherwise, it is called by CRYPTO_library_init.
162
- static void OPENSSL_CDECL do_library_init(void) {
163
- // WARNING: this function may only configure the capability variables. See the
164
- // note above about the linker bug.
165
119
  #if defined(NEED_CPUID)
166
- OPENSSL_cpuid_setup();
120
+ static CRYPTO_once_t once = CRYPTO_ONCE_INIT;
121
+ void OPENSSL_init_cpuid(void) { CRYPTO_once(&once, OPENSSL_cpuid_setup); }
167
122
  #endif
168
- }
169
123
 
170
- void CRYPTO_library_init(void) {
171
- // TODO(davidben): It would be tidier if this build knob could be replaced
172
- // with an internal lazy-init mechanism that would handle things correctly
173
- // in-library. https://crbug.com/542879
174
- #if defined(BORINGSSL_NO_STATIC_INITIALIZER)
175
- CRYPTO_once(&once, do_library_init);
176
- #endif
177
- }
124
+ void CRYPTO_library_init(void) {}
178
125
 
179
126
  int CRYPTO_is_confidential_build(void) {
180
127
  #if defined(BORINGSSL_CONFIDENTIAL)
@@ -194,7 +141,7 @@ int CRYPTO_has_asm(void) {
194
141
 
195
142
  void CRYPTO_pre_sandbox_init(void) {
196
143
  // Read from /proc/cpuinfo if needed.
197
- CRYPTO_library_init();
144
+ OPENSSL_init_cpuid();
198
145
  // Open /dev/urandom if needed.
199
146
  CRYPTO_init_sysrand();
200
147
  // Set up MADV_WIPEONFORK state if needed.
@@ -235,7 +182,6 @@ int ENGINE_register_all_complete(void) { return 1; }
235
182
  void OPENSSL_load_builtin_modules(void) {}
236
183
 
237
184
  int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) {
238
- CRYPTO_library_init();
239
185
  return 1;
240
186
  }
241
187
 
@@ -1196,7 +1196,7 @@ int DILITHIUM_generate_key_external_entropy(
1196
1196
 
1197
1197
  vectork_power2_round(&values->pub.t1, &priv->t0, &values->t);
1198
1198
  // t1 is public.
1199
- CONSTTIME_DECLASSIFY(&pub.t1, sizeof(pub.t1));
1199
+ CONSTTIME_DECLASSIFY(&values->pub.t1, sizeof(values->pub.t1));
1200
1200
 
1201
1201
  CBB cbb;
1202
1202
  CBB_init_fixed(&cbb, out_encoded_public_key, DILITHIUM_PUBLIC_KEY_BYTES);
@@ -1214,6 +1214,48 @@ err:
1214
1214
  return ret;
1215
1215
  }
1216
1216
 
1217
+ int DILITHIUM_public_from_private(
1218
+ struct DILITHIUM_public_key *out_public_key,
1219
+ const struct DILITHIUM_private_key *private_key) {
1220
+ int ret = 0;
1221
+
1222
+ // Intermediate values, allocated on the heap to allow use when there is a
1223
+ // limited amount of stack.
1224
+ struct values_st {
1225
+ matrix a_ntt;
1226
+ vectorl s1_ntt;
1227
+ vectork t;
1228
+ vectork t0;
1229
+ };
1230
+ struct values_st *values = OPENSSL_malloc(sizeof(*values));
1231
+ if (values == NULL) {
1232
+ goto err;
1233
+ }
1234
+
1235
+ const struct private_key *priv = private_key_from_external(private_key);
1236
+ struct public_key *pub = public_key_from_external(out_public_key);
1237
+
1238
+ OPENSSL_memcpy(pub->rho, priv->rho, sizeof(pub->rho));
1239
+ OPENSSL_memcpy(pub->public_key_hash, priv->public_key_hash,
1240
+ sizeof(pub->public_key_hash));
1241
+
1242
+ matrix_expand(&values->a_ntt, priv->rho);
1243
+
1244
+ OPENSSL_memcpy(&values->s1_ntt, &priv->s1, sizeof(values->s1_ntt));
1245
+ vectorl_ntt(&values->s1_ntt);
1246
+
1247
+ matrix_mult(&values->t, &values->a_ntt, &values->s1_ntt);
1248
+ vectork_inverse_ntt(&values->t);
1249
+ vectork_add(&values->t, &values->t, &priv->s2);
1250
+
1251
+ vectork_power2_round(&pub->t1, &values->t0, &values->t);
1252
+
1253
+ ret = 1;
1254
+ err:
1255
+ OPENSSL_free(values);
1256
+ return ret;
1257
+ }
1258
+
1217
1259
  // FIPS 204, Algorithm 2 (`ML-DSA.Sign`). Returns 1 on success and 0 on failure.
1218
1260
  static int dilithium_sign_with_randomizer(
1219
1261
  uint8_t out_encoded_signature[DILITHIUM_SIGNATURE_BYTES],
@@ -104,3 +104,24 @@ int AES_set_decrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
104
104
  return aes_nohw_set_decrypt_key(key, bits, aeskey);
105
105
  }
106
106
  }
107
+
108
+ #if defined(HWAES) && (defined(OPENSSL_X86) || defined(OPENSSL_X86_64))
109
+ // On x86 and x86_64, |aes_hw_set_decrypt_key|, we implement
110
+ // |aes_hw_encrypt_key_to_decrypt_key| in assembly and rely on C code to combine
111
+ // the operations.
112
+ int aes_hw_set_decrypt_key(const uint8_t *user_key, int bits, AES_KEY *key) {
113
+ int ret = aes_hw_set_encrypt_key(user_key, bits, key);
114
+ if (ret == 0) {
115
+ aes_hw_encrypt_key_to_decrypt_key(key);
116
+ }
117
+ return ret;
118
+ }
119
+
120
+ int aes_hw_set_encrypt_key(const uint8_t *user_key, int bits, AES_KEY *key) {
121
+ if (aes_hw_set_encrypt_key_alt_preferred()) {
122
+ return aes_hw_set_encrypt_key_alt(user_key, bits, key);
123
+ } else {
124
+ return aes_hw_set_encrypt_key_base(user_key, bits, key);
125
+ }
126
+ }
127
+ #endif
@@ -66,17 +66,41 @@ OPENSSL_INLINE int vpaes_capable(void) { return CRYPTO_is_NEON_capable(); }
66
66
 
67
67
  #if defined(HWAES)
68
68
 
69
- int aes_hw_set_encrypt_key(const uint8_t *user_key, const int bits,
70
- AES_KEY *key);
71
- int aes_hw_set_decrypt_key(const uint8_t *user_key, const int bits,
72
- AES_KEY *key);
69
+ int aes_hw_set_encrypt_key(const uint8_t *user_key, int bits, AES_KEY *key);
70
+ int aes_hw_set_decrypt_key(const uint8_t *user_key, int bits, AES_KEY *key);
73
71
  void aes_hw_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key);
74
72
  void aes_hw_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key);
75
73
  void aes_hw_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t length,
76
- const AES_KEY *key, uint8_t *ivec, const int enc);
74
+ const AES_KEY *key, uint8_t *ivec, int enc);
77
75
  void aes_hw_ctr32_encrypt_blocks(const uint8_t *in, uint8_t *out, size_t len,
78
76
  const AES_KEY *key, const uint8_t ivec[16]);
79
77
 
78
+ #if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
79
+ // On x86 and x86_64, |aes_hw_set_decrypt_key| is implemented in terms of
80
+ // |aes_hw_set_encrypt_key| and a conversion function.
81
+ void aes_hw_encrypt_key_to_decrypt_key(AES_KEY *key);
82
+
83
+ // There are two variants of this function, one which uses aeskeygenassist
84
+ // ("base") and one which uses aesenclast + pshufb ("alt"). aesenclast is
85
+ // overall faster but is slower on some older processors. It doesn't use AVX,
86
+ // but AVX is used as a proxy to detecting this. See
87
+ // https://groups.google.com/g/mailing.openssl.dev/c/OuFXwW4NfO8/m/7d2ZXVjkxVkJ
88
+ //
89
+ // TODO(davidben): It is unclear if the aeskeygenassist version is still
90
+ // worthwhile. However, the aesenclast version requires SSSE3. SSSE3 long
91
+ // predates AES-NI, but it's not clear if AES-NI implies SSSE3. In OpenSSL, the
92
+ // CCM AES-NI assembly seems to assume it does.
93
+ OPENSSL_INLINE int aes_hw_set_encrypt_key_alt_capable(void) {
94
+ return hwaes_capable() && CRYPTO_is_SSSE3_capable();
95
+ }
96
+ OPENSSL_INLINE int aes_hw_set_encrypt_key_alt_preferred(void) {
97
+ return hwaes_capable() && CRYPTO_is_AVX_capable();
98
+ }
99
+ int aes_hw_set_encrypt_key_base(const uint8_t *user_key, int bits,
100
+ AES_KEY *key);
101
+ int aes_hw_set_encrypt_key_alt(const uint8_t *user_key, int bits, AES_KEY *key);
102
+ #endif // OPENSSL_X86 || OPENSSL_X86_64
103
+
80
104
  #else
81
105
 
82
106
  // If HWAES isn't defined then we provide dummy functions for each of the hwaes
@@ -120,7 +144,7 @@ OPENSSL_INLINE void aes_hw_ctr32_encrypt_blocks(const uint8_t *in, uint8_t *out,
120
144
 
121
145
  #if defined(HWAES_ECB)
122
146
  void aes_hw_ecb_encrypt(const uint8_t *in, uint8_t *out, size_t length,
123
- const AES_KEY *key, const int enc);
147
+ const AES_KEY *key, int enc);
124
148
  #endif // HWAES_ECB
125
149
 
126
150
 
@@ -218,7 +242,7 @@ void aes_nohw_ctr32_encrypt_blocks(const uint8_t *in, uint8_t *out,
218
242
  size_t blocks, const AES_KEY *key,
219
243
  const uint8_t ivec[16]);
220
244
  void aes_nohw_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len,
221
- const AES_KEY *key, uint8_t *ivec, const int enc);
245
+ const AES_KEY *key, uint8_t *ivec, int enc);
222
246
 
223
247
 
224
248
  #if defined(__cplusplus)
@@ -168,8 +168,6 @@ static void BORINGSSL_maybe_set_module_text_permissions(int permission) {}
168
168
 
169
169
  static void __attribute__((constructor))
170
170
  BORINGSSL_bcm_power_on_self_test(void) {
171
- CRYPTO_library_init();
172
-
173
171
  #if !defined(OPENSSL_ASAN)
174
172
  // Integrity tests cannot run under ASAN because it involves reading the full
175
173
  // .text section, which triggers the global-buffer overflow detection.