1#! gmake 2# 3# This Source Code Form is subject to the terms of the Mozilla Public 4# License, v. 2.0. If a copy of the MPL was not distributed with this 5# file, You can obtain one at http://mozilla.org/MPL/2.0/. 6 7####################################################################### 8# (1) Include initial platform-independent assignments (MANDATORY). # 9####################################################################### 10 11include manifest.mn 12 13####################################################################### 14# (2) Include "global" configuration information. (OPTIONAL) # 15####################################################################### 16 17include $(CORE_DEPTH)/coreconf/config.mk 18 19####################################################################### 20# (3) Include "component" configuration information. (OPTIONAL) # 21####################################################################### 22 23 24 25####################################################################### 26# (4) Include "local" platform-dependent assignments (OPTIONAL). # 27####################################################################### 28 29include config.mk 30 31# default for all platforms 32# unset this on those that have multiple freebl libraries 33FREEBL_BUILD_SINGLE_SHLIB = 1 34 35ifdef USE_64 36 DEFINES += -DNSS_USE_64 37endif 38 39ifdef USE_ABI32_FPU 40 DEFINES += -DNSS_USE_ABI32_FPU 41endif 42 43ifeq ($(FREEBL_NO_DEPEND),1) 44 DEFINES += -DFREEBL_NO_DEPEND 45 STUBS_SRCS = stubs.c 46endif 47 48ifeq ($(FREEBL_LOWHASH),1) 49 DEFINES += -DFREEBL_LOWHASH 50 LOWHASH_SRCS = nsslowhash.c 51 LOWHASH_EXPORTS = nsslowhash.h 52 MAPFILE_SOURCE = freebl_hash_vector.def 53 NEED_STUB_BUILD = 1 54else 55 MAPFILE_SOURCE = freebl.def 56endif 57 58ifdef USE_STUB_BUILD 59 CSRCS = lowhash_vector.c 60 SIMPLE_OBJS = $(CSRCS:.c=$(OBJ_SUFFIX)) 61 OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(SIMPLE_OBJS)) 62 ALL_TRASH := $(TARGETS) $(OBJS) $(OBJDIR) LOGS TAGS $(GARBAGE) \ 63 $(NOSUCHFILE) so_locations 64 MAPFILE_SOURCE = freebl_hash.def 65endif 66 67# FREEBL_USE_PRELINK 68# 69# Most modern version of Linux support a speed optimization scheme where an 70# application called prelink modifies programs and shared libraries to quickly 71# load if they fit into an already designed address space. In short, prelink 72# scans the list of programs and libraries on your system, assigns them a 73# predefined space in the the address space, then provides the fixups to the 74# library. 75# 76# The modification of the shared library is correctly detected by the freebl 77# FIPS checksum scheme where we check a signed hash of the library against the 78# library itself. 79# 80# The prelink command itself can reverse the process of modification and output 81# the prestine shared library as it was before prelink made it's changes. 82# This option tells Freebl could use prelink to output the original copy of 83# the shared library before prelink modified it. 84# 85# FREEBL_PRELINK_COMMAND 86# 87# This is an optional environment variable which can override the default 88# prelink command. It could be used on systems that did something similiar to 89# prelink but used a different command and syntax. The only requirement is the 90# program must take the library as the last argument, the program must output 91# the original library to standard out, and the program does not need to take 92# any quoted or imbedded spaces in its arguments (except the path to the 93# library itself, which can have imbedded spaces or special characters). 94# 95ifdef FREEBL_USE_PRELINK 96 DEFINES += -DFREEBL_USE_PRELINK 97ifdef LINUX 98 DEFINES += -D__GNU_SOURCE=1 99endif 100endif 101ifdef NSS_NO_INIT_SUPPORT 102 DEFINES += -DNSS_NO_INIT_SUPPORT 103endif 104 105ifdef FREEBL_PRELINK_COMMAND 106 DEFINES +=-DFREEBL_PRELINK_COMMAND=\"$(FREEBL_PRELINK_COMMAND)\" 107endif 108# NSS_X86 means the target is a 32-bits x86 CPU architecture 109# NSS_X64 means the target is a 64-bits 64 CPU architecture 110# NSS_X86_OR_X64 means the target is either x86 or x64 111ifeq (,$(filter-out i386 x386 x86 x86_64,$(CPU_ARCH))) 112 DEFINES += -DNSS_X86_OR_X64 113 EXTRA_SRCS += gcm-x86.c aes-x86.c 114$(OBJDIR)/gcm-x86.o: CFLAGS += -mpclmul -maes 115$(OBJDIR)/aes-x86.o: CFLAGS += -mpclmul -maes 116ifneq (,$(USE_64)$(USE_X32)) 117 DEFINES += -DNSS_X64 118else 119 DEFINES += -DNSS_X86 120endif 121 ifdef CC_IS_CLANG 122 EXTRA_SRCS += sha256-x86.c 123 DEFINES += -DUSE_HW_SHA2 124 else ifeq (1,$(CC_IS_GCC)) 125 # Old compiler doesn't support Intel SHA extension 126 ifneq (,$(filter 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION)))) 127 EXTRA_SRCS += sha256-x86.c 128 DEFINES += -DUSE_HW_SHA2 129 endif 130 ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION)))) 131 EXTRA_SRCS += sha256-x86.c 132 DEFINES += -DUSE_HW_SHA2 133 endif 134 endif 135endif 136ifeq ($(CPU_ARCH),aarch64) 137 ifdef CC_IS_CLANG 138 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 139 EXTRA_SRCS += aes-armv8.c gcm-aarch64.c sha1-armv8.c sha256-armv8.c 140 else ifeq (1,$(CC_IS_GCC)) 141 # GCC versions older than 4.9 don't support ARM AES. The check 142 # is done in two parts, first allows "major.minor" == "4.9", 143 # and then rejects any major versions prior to 5. Note that 144 # there has been no GCC 4.10, as it was renamed to GCC 5. 145 ifneq (,$(filter 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION)))) 146 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 147 EXTRA_SRCS += aes-armv8.c gcm-aarch64.c sha1-armv8.c sha256-armv8.c 148 endif 149 ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION)))) 150 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 151 EXTRA_SRCS += aes-armv8.c gcm-aarch64.c sha1-armv8.c sha256-armv8.c 152 endif 153 endif 154endif 155ifeq ($(CPU_ARCH),arm) 156ifndef NSS_DISABLE_ARM32_NEON 157 EXTRA_SRCS += gcm-arm32-neon.c 158endif 159 ifdef CC_IS_CLANG 160 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 161 EXTRA_SRCS += aes-armv8.c sha1-armv8.c sha256-armv8.c 162 else ifeq (1,$(CC_IS_GCC)) 163 # GCC versions older than 4.9 don't support ARM AES. The check 164 # is done in two parts, first allows "major.minor" == "4.9", 165 # and then rejects any major versions prior to 5. Note that 166 # there has been no GCC 4.10, as it was renamed to GCC 5. 167 ifneq (,$(filter 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION)))) 168 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 169 EXTRA_SRCS += aes-armv8.c sha1-armv8.c sha256-armv8.c 170 endif 171 ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION)))) 172 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 173 EXTRA_SRCS += aes-armv8.c sha1-armv8.c sha256-armv8.c 174 endif 175 endif 176endif 177 178ifeq ($(OS_TARGET),OSF1) 179 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_NO_MP_WORD 180 MPI_SRCS += mpvalpha.c 181endif 182 183ifeq (OS2,$(OS_TARGET)) 184 ASFILES = mpi_x86_os2.s 185 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 186 DEFINES += -DMP_ASSEMBLY_DIV_2DX1D 187 DEFINES += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD 188 DEFINES += -DMP_IS_LITTLE_ENDIAN 189endif 190 191ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET))) 192ifndef USE_64 193# 32-bit Windows 194ifdef NS_USE_GCC 195# Ideally, we want to use assembler 196# ASFILES = mpi_x86.s 197# DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE \ 198# -DMP_ASSEMBLY_DIV_2DX1D 199# but we haven't figured out how to make it work, so we are not 200# using assembler right now. 201 ASFILES = 202 DEFINES += -DMP_NO_MP_WORD -DMP_USE_UINT_DIGIT 203else 204# MSVC 205 MPI_SRCS += mpi_x86_asm.c 206 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 207 DEFINES += -DMP_ASSEMBLY_DIV_2DX1D -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD 208 ifdef BUILD_OPT 209 OPTIMIZER += -Ox # maximum optimization for freebl 210 endif 211 # The Intel AES assembly code requires Visual C++ 2010. 212 # if $(_MSC_VER) >= 1600 (Visual C++ 2010) 213 ifeq ($(firstword $(sort $(_MSC_VER) 1600)),1600) 214 DEFINES += -DUSE_HW_AES -DINTEL_GCM 215 ASFILES += intel-aes-x86-masm.asm intel-gcm-x86-masm.asm 216 EXTRA_SRCS += intel-gcm-wrap.c 217 ifeq ($(CLANG_CL),1) 218 INTEL_GCM_CLANG_CL = 1 219 endif 220 endif 221 # The Intel SHA extenstion requires Visual C++ 2015. 222 ifeq ($(_MSC_VER_GE_14),1) 223 DEFINES += -DUSE_HW_SHA2 224 EXTRA_SRCS += sha256-x86.c 225 endif 226endif 227else 228 # -DMP_NO_MP_WORD 229 DEFINES += -DMP_IS_LITTLE_ENDIAN 230ifdef NS_USE_GCC 231# Ideally, we should use amd64 assembly code, but it's not yet mingw-w64 232# compatible. 233else 234# MSVC 235 ifdef BUILD_OPT 236 OPTIMIZER += -Ox # maximum optimization for freebl 237 endif 238ifeq ($(CPU_ARCH),x86_64) 239 ASFILES = arcfour-amd64-masm.asm mpi_amd64_masm.asm mp_comba_amd64_masm.asm 240 DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY 241 DEFINES += -DNSS_USE_COMBA 242 # The Intel AES assembly code requires Visual C++ 2010 (10.0). The _xgetbv 243 # compiler intrinsic function requires Visual C++ 2010 (10.0) SP1. 244 ifeq ($(_MSC_VER_GE_10SP1),1) 245 DEFINES += -DUSE_HW_AES -DINTEL_GCM 246 ASFILES += intel-aes-x64-masm.asm intel-gcm-x64-masm.asm 247 EXTRA_SRCS += intel-gcm-wrap.c 248 ifeq ($(CLANG_CL),1) 249 INTEL_GCM_CLANG_CL = 1 250 endif 251 endif 252 # The Intel SHA extenstion requires Visual C++ 2015. 253 ifeq ($(_MSC_VER_GE_14),1) 254 DEFINES += -DUSE_HW_SHA2 255 EXTRA_SRCS += sha256-x86.c 256 endif 257 MPI_SRCS += mpi_amd64.c 258endif 259endif 260endif 261endif 262 263ifeq ($(OS_TARGET),IRIX) 264ifeq ($(USE_N32),1) 265 ASFILES = mpi_mips.s 266 ifeq ($(NS_USE_GCC),1) 267 ASFLAGS = -Wp,-P -Wp,-traditional -O -mips3 268 else 269 ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3 270 endif 271 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 272 DEFINES += -DMP_USE_UINT_DIGIT 273endif 274endif 275 276ifeq ($(OS_TARGET),Darwin) 277ifeq ($(CPU_ARCH),x86_64) 278 ASFILES = mpi_amd64_common.s 279 DEFINES += -DMPI_AMD64 -DMP_IS_LITTLE_ENDIAN 280 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DNSS_USE_COMBA 281 MPI_SRCS += mpi_amd64.c mp_comba.c 282else ifeq ($(CPU_ARCH),x86) 283 ASFILES = mpi_sse2.s 284 DEFINES += -DMP_USE_UINT_DIGIT 285 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 286 DEFINES += -DMP_ASSEMBLY_DIV_2DX1D 287endif 288endif # Darwin 289 290ifeq (,$(filter-out Linux FreeBSD DragonFly, $(OS_TARGET))) 291ifeq ($(CPU_ARCH),x86_64) 292 # Lower case s on mpi_amd64_common due to make implicit rules. 293 ASFILES = arcfour-amd64-gas.s mpi_amd64_common.s 294 ASFLAGS += -fPIC -Wa,--noexecstack 295 DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY 296 DEFINES += -DNSS_USE_COMBA 297 DEFINES += -DMP_IS_LITTLE_ENDIAN 298# DEFINES += -DMPI_AMD64_ADD 299 # comment the next four lines to turn off Intel HW acceleration. 300 DEFINES += -DUSE_HW_AES -DINTEL_GCM 301 ASFILES += intel-aes.s intel-gcm.s 302 EXTRA_SRCS += intel-gcm-wrap.c 303 INTEL_GCM = 1 304 MPI_SRCS += mpi_amd64.c mp_comba.c 305endif 306# ASM optimizations crash on DragonFly 307ifneq ($(OS_TARGET),DragonFly) 308ifeq ($(CPU_ARCH),x86) 309 ASFILES = mpi_x86.s 310 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 311 DEFINES += -DMP_ASSEMBLY_DIV_2DX1D -DMP_USE_UINT_DIGIT 312 DEFINES += -DMP_IS_LITTLE_ENDIAN 313endif 314endif 315ifeq ($(CPU_ARCH),arm) 316 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 317 DEFINES += -DMP_USE_UINT_DIGIT 318 DEFINES += -DSHA_NO_LONG_LONG # avoid 64-bit arithmetic in SHA512 319 MPI_SRCS += mpi_arm.c 320endif 321ifeq ($(CPU_ARCH),ppc) 322 EXTRA_SRCS += gcm-ppc.c 323ifdef USE_64 324 DEFINES += -DNSS_NO_INIT_SUPPORT 325 PPC_ABI := $(shell $(CC) -dM -E - < /dev/null | awk '$$2 == "_CALL_ELF" {print $$3}') 326 ifeq ($(PPC_ABI),2) 327 ASFILES += sha512-p8.s 328 ifeq (,$(filter-out powerpc64le ppc64le, $(OS_TEST))) 329 DEFINES += -DPPC_GCM 330 EXTRA_SRCS += chacha20poly1305-ppc.c ppc-gcm-wrap.c 331 ASFILES += chacha20-ppc64le.s ppc-gcm.s 332 ASFLAGS += -fno-integrated-as 333 endif # powerpc64le 334 endif 335endif # USE_64 336endif # ppc 337endif # Linux 338 339ifeq ($(OS_TARGET),AIX) 340 DEFINES += -DMP_USE_UINT_DIGIT 341 ifndef USE_64 342 DEFINES += -DMP_NO_DIV_WORD -DMP_NO_ADD_WORD -DMP_NO_SUB_WORD 343 endif 344endif # AIX 345 346ifeq ($(OS_TARGET), HP-UX) 347ifneq ($(OS_TEST), ia64) 348# PA-RISC 349ASFILES += ret_cr16.s 350ifndef USE_64 351 FREEBL_BUILD_SINGLE_SHLIB = 352 HAVE_ABI32_INT32 = 1 353 HAVE_ABI32_FPU = 1 354endif 355ifdef FREEBL_CHILD_BUILD 356ifdef USE_ABI32_INT32 357# build for DA1.1 (HP PA 1.1) 32-bit ABI build with 32-bit arithmetic 358 DEFINES += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD 359 DEFINES += -DSHA_NO_LONG_LONG # avoid 64-bit arithmetic in SHA512 360else 361ifdef USE_64 362# this builds for DA2.0W (HP PA 2.0 Wide), the LP64 ABI, using 64-bit digits 363 MPI_SRCS += mpi_hp.c 364 ASFILES += hpma512.s hppa20.s 365 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 366else 367# this builds for DA2.0 (HP PA 2.0 Narrow) ABI32_FPU model 368# (the 32-bit ABI with 64-bit registers) using 64-bit digits 369 MPI_SRCS += mpi_hp.c 370 ASFILES += hpma512.s hppa20.s 371 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 372ifndef NS_USE_GCC 373 ARCHFLAG = -Aa +e +DA2.0 +DS2.0 374endif 375endif 376endif 377endif 378endif 379endif 380 381# The blapi functions are defined not only in the freebl shared 382# libraries but also in the shared libraries linked with loader.c 383# (libsoftokn3.so and libssl3.so). We need to use GNU ld's 384# -Bsymbolic option or the equivalent option for other linkers 385# to bind the blapi function references in FREEBLVector vector 386# (ldvector.c) to the blapi functions defined in the freebl 387# shared libraries. 388ifeq (,$(filter-out BSD_OS DragonFly FreeBSD Linux NetBSD OpenBSD, $(OS_TARGET))) 389 MKSHLIB += -Wl,-Bsymbolic 390endif 391 392ifeq ($(OS_TARGET),SunOS) 393 394ifdef NS_USE_GCC 395 ifdef GCC_USE_GNU_LD 396 MKSHLIB += -Wl,-Bsymbolic,-z,now,-z,text 397 else 398 MKSHLIB += -Wl,-B,symbolic,-z,now,-z,text 399 endif # GCC_USE_GNU_LD 400else 401 MKSHLIB += -B symbolic -z now -z text 402endif # NS_USE_GCC 403 404# Sun's WorkShop defines v8, v8plus and v9 architectures. 405# gcc on Solaris defines v8 and v9 "cpus". 406# gcc's v9 is equivalent to Workshop's v8plus. 407# gcc's -m64 is equivalent to Workshop's v9 408# We always use Sun's assembler, which uses Sun's naming convention. 409ifeq ($(CPU_ARCH),sparc) 410 FREEBL_BUILD_SINGLE_SHLIB= 411 ifdef USE_64 412 HAVE_ABI64_INT = 1 413 HAVE_ABI64_FPU = 1 414 else 415 HAVE_ABI32_FPU = 1 416 HAVE_ABI32_INT64 = 1 417 endif 418 SYSV_SPARC = 1 419 SOLARIS_AS = /usr/ccs/bin/as 420 #### set arch, asm, c flags 421 ifdef NS_USE_GCC 422 ifdef USE_ABI32_INT64 423 ARCHFLAG=-mcpu=v9 -Wa,-xarch=v8plus 424 SOLARIS_AS_FLAGS = -xarch=v8plus -K PIC 425 endif 426 ifdef USE_ABI32_FPU 427 ARCHFLAG=-mcpu=v9 -Wa,-xarch=v8plusa 428 SOLARIS_AS_FLAGS = -xarch=v8plusa -K PIC 429 endif # USE_ABI32_FPU 430 ifdef USE_ABI64_INT 431 # this builds for Sparc v9a pure 64-bit architecture 432 ARCHFLAG += -mcpu=v9 -Wa,-xarch=v9 433 SOLARIS_AS_FLAGS = -xarch=v9 -K PIC 434 endif 435 ifdef USE_ABI64_FPU 436 # this builds for Sparc v9a pure 64-bit architecture 437 # It uses floating point, and 32-bit word size 438 ARCHFLAG += -mcpu=v9 -Wa,-xarch=v9a 439 SOLARIS_AS_FLAGS = -xarch=v9a -K PIC 440 endif 441 else # NS_USE_GCC 442 # FPU_TARGET_OPTIMIZER specifies the target processor and cache 443 # properties of the ABI32_FPU and ABI64_FPU architectures for use 444 # by the optimizer. 445 ifeq (,$(findstring Sun WorkShop 6,$(shell $(CC) -V 2>&1))) 446 # if the compiler is not Forte 6 447 FPU_TARGET_OPTIMIZER = -xcache=64/32/4:1024/64/4 -xchip=ultra3 448 else 449 # Forte 6 C compiler generates incorrect code for rijndael.c 450 # if -xchip=ultra3 is used (Bugzilla bug 333925). So we revert 451 # to what we used in NSS 3.10. 452 FPU_TARGET_OPTIMIZER = -xchip=ultra2 453 endif 454 ifdef USE_ABI32_INT64 455 # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers, 456 # 32-bit ABI, it uses 64-bit words, integer arithmetic, 457 # no FPU (non-VIS cpus). 458 # These flags were suggested by the compiler group for building 459 # with SunStudio 10. 460 ifdef BUILD_OPT 461 SOL_CFLAGS += -xO4 462 endif 463 SOL_CFLAGS += -xtarget=generic 464 ARCHFLAG = -xarch=v8plus 465 SOLARIS_AS_FLAGS = -xarch=v8plus -K PIC 466 endif 467 ifdef USE_ABI32_FPU 468 # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers, 469 # 32-bit ABI, it uses FPU code, and 32-bit word size. 470 # these flags were determined by running cc -### -fast and copying 471 # the generated flag settings 472 SOL_CFLAGS += -fsingle -xmemalign=8s 473 ifdef BUILD_OPT 474 SOL_CFLAGS += -D__MATHERR_ERRNO_DONTCARE -fsimple=1 475 SOL_CFLAGS += -xalias_level=basic -xbuiltin=%all 476 SOL_CFLAGS += $(FPU_TARGET_OPTIMIZER) -xdepend 477 SOL_CFLAGS += -xlibmil -xO5 478 endif 479 ARCHFLAG = -xarch=v8plusa 480 SOLARIS_AS_FLAGS = -xarch=v8plusa -K PIC 481 endif 482 ifdef USE_ABI64_INT 483 # this builds for Sparc v9a pure 64-bit architecture, 484 # no FPU (non-VIS cpus). For building with SunStudio 10. 485 ifdef BUILD_OPT 486 SOL_CFLAGS += -xO4 487 endif 488 SOL_CFLAGS += -xtarget=generic 489 ARCHFLAG = -xarch=v9 490 SOLARIS_AS_FLAGS = -xarch=v9 -K PIC 491 endif 492 ifdef USE_ABI64_FPU 493 # this builds for Sparc v9a pure 64-bit architecture 494 # It uses floating point, and 32-bit word size. 495 # See comment for USE_ABI32_FPU. 496 SOL_CFLAGS += -fsingle -xmemalign=8s 497 ifdef BUILD_OPT 498 SOL_CFLAGS += -D__MATHERR_ERRNO_DONTCARE -fsimple=1 499 SOL_CFLAGS += -xalias_level=basic -xbuiltin=%all 500 SOL_CFLAGS += $(FPU_TARGET_OPTIMIZER) -xdepend 501 SOL_CFLAGS += -xlibmil -xO5 502 endif 503 ARCHFLAG = -xarch=v9a 504 SOLARIS_AS_FLAGS = -xarch=v9a -K PIC 505 endif 506 endif # NS_USE_GCC 507 508 ### set flags for both GCC and Sun cc 509 ifdef USE_ABI32_INT64 510 # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers, 511 # 32-bit ABI, it uses 64-bit words, integer arithmetic, no FPU 512 # best times are with no MP_ flags specified 513 endif 514 ifdef USE_ABI32_FPU 515 # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers, 516 # 32-bit ABI, it uses FPU code, and 32-bit word size 517 MPI_SRCS += mpi_sparc.c 518 ASFILES = mpv_sparcv8.s montmulfv8.s 519 DEFINES += -DMP_NO_MP_WORD -DMP_USE_UINT_DIGIT -DMP_ASSEMBLY_MULTIPLY 520 DEFINES += -DMP_USING_MONT_MULF -DMP_MONT_USE_MP_MUL 521 endif 522 ifdef USE_ABI64_INT 523 # this builds for Sparc v9a pure 64-bit architecture 524 # best times are with no MP_ flags specified 525 endif 526 ifdef USE_ABI64_FPU 527 # this builds for Sparc v9a pure 64-bit architecture 528 # It uses floating point, and 32-bit word size 529 MPI_SRCS += mpi_sparc.c 530 ASFILES = mpv_sparcv9.s montmulfv9.s 531 DEFINES += -DMP_NO_MP_WORD -DMP_USE_UINT_DIGIT -DMP_ASSEMBLY_MULTIPLY 532 DEFINES += -DMP_USING_MONT_MULF -DMP_MONT_USE_MP_MUL 533 endif 534 535else 536 # Solaris for non-sparc family CPUs 537 ifdef NS_USE_GCC 538 LD = gcc 539 AS = gcc 540 ASFLAGS = -x assembler-with-cpp 541 endif 542 ifeq ($(USE_64),1) 543 # Solaris for AMD64 544 ifdef NS_USE_GCC 545 ASFILES = arcfour-amd64-gas.s mpi_amd64_common.s 546 ASFLAGS += -march=opteron -m64 -fPIC 547 MPI_SRCS += mp_comba.c 548 # comment the next four lines to turn off Intel HW acceleration 549 ASFILES += intel-gcm.s 550 EXTRA_SRCS += intel-gcm-wrap.c 551 INTEL_GCM = 1 552 DEFINES += -DINTEL_GCM 553 else 554 ASFILES = arcfour-amd64-sun.s mpi_amd64_sun.s sha-fast-amd64-sun.s 555 ASFILES += mp_comba_amd64_sun.s mpcpucache_amd64.s 556 ASFLAGS += -xarch=generic64 -K PIC 557 SOL_CFLAGS += -xprefetch=no 558 SHA_SRCS = 559 MPCPU_SRCS = 560 # Intel acceleration for GCM does not build currently with Studio 561 endif 562 DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY 563 DEFINES += -DNSS_USE_COMBA -DMP_IS_LITTLE_ENDIAN 564 # comment the next two lines to turn off Intel HW acceleration 565 DEFINES += -DUSE_HW_AES 566 ASFILES += intel-aes.s 567 MPI_SRCS += mpi_amd64.c 568 else 569 # Solaris x86 570 DEFINES += -DMP_USE_UINT_DIGIT 571 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 572 DEFINES += -DMP_ASSEMBLY_DIV_2DX1D 573 ASFILES = mpi_i86pc.s 574 ifndef NS_USE_GCC 575 MPCPU_SRCS = 576 ASFILES += mpcpucache_x86.s 577 endif 578 endif 579endif # Solaris for non-sparc family CPUs 580endif # target == SunO 581 582ifdef USE_64 583# no __int128 at least up to lcc 1.23 (pretending to be gcc5) 584# NB: CC_NAME is not defined here 585ifneq ($(shell $(CC) -? 2>&1 >/dev/null </dev/null | sed -e 's/:.*//;1q'),lcc) 586 ifdef CC_IS_CLANG 587 HAVE_INT128_SUPPORT = 1 588 DEFINES += -DHAVE_INT128_SUPPORT 589 else ifeq (1,$(CC_IS_GCC)) 590 ifneq (,$(filter 4.6 4.7 4.8 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION)))) 591 HAVE_INT128_SUPPORT = 1 592 DEFINES += -DHAVE_INT128_SUPPORT 593 endif 594 ifneq (,$(filter 0 1 2 3,$(word 1,$(GCC_VERSION)))) 595 NSS_DISABLE_AVX2 = 1 596 endif 597 ifeq (4,$(word 1,$(GCC_VERSION))) 598 ifeq (,$(filter 8 9,$(word 2,$(GCC_VERSION)))) 599 NSS_DISABLE_AVX2 = 1 600 endif 601 endif 602 ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION)))) 603 HAVE_INT128_SUPPORT = 1 604 DEFINES += -DHAVE_INT128_SUPPORT 605 endif 606 endif 607endif # lcc 608endif # USE_64 609 610ifndef HAVE_INT128_SUPPORT 611 DEFINES += -DKRML_VERIFIED_UINT128 612endif 613 614ifndef NSS_DISABLE_CHACHAPOLY 615 ifeq ($(CPU_ARCH),x86_64) 616 ifndef NSS_DISABLE_AVX2 617 EXTRA_SRCS += Hacl_Poly1305_256.c Hacl_Chacha20_Vec256.c Hacl_Chacha20Poly1305_256.c 618 endif # NSS_DISABLE_AVX2 619 EXTRA_SRCS += Hacl_Poly1305_128.c Hacl_Chacha20_Vec128.c Hacl_Chacha20Poly1305_128.c 620 endif # x86_64 621 622 VERIFIED_SRCS += Hacl_Poly1305_32.c Hacl_Chacha20.c Hacl_Chacha20Poly1305_32.c 623endif # NSS_DISABLE_CHACHAPOLY 624 625ifeq (,$(filter-out x86_64 aarch64,$(CPU_ARCH))) 626 # All 64-bit architectures get the 64 bit version. 627 ECL_SRCS += curve25519_64.c 628 VERIFIED_SRCS += Hacl_Curve25519_51.c 629else 630 # All other architectures get the generic 32 bit implementation 631 ECL_SRCS += curve25519_32.c 632endif 633 634####################################################################### 635# (5) Execute "global" rules. (OPTIONAL) # 636####################################################################### 637 638include $(CORE_DEPTH)/coreconf/rules.mk 639 640####################################################################### 641# (6) Execute "component" rules. (OPTIONAL) # 642####################################################################### 643 644 645 646####################################################################### 647# (7) Execute "local" rules. (OPTIONAL). # 648####################################################################### 649 650 651rijndael_tables: 652 $(CC) -o $(OBJDIR)/make_rijndael_tab rijndael_tables.c \ 653 $(DEFINES) $(INCLUDES) $(OBJDIR)/libfreebl.a 654 $(OBJDIR)/make_rijndael_tab 655 656vpath %.h mpi ecl verified deprecated 657vpath %.c mpi ecl verified deprecated 658vpath %.S mpi ecl 659vpath %.s mpi ecl 660vpath %.asm mpi ecl 661INCLUDES += -Impi -Iecl -Iverified -Iverified/kremlin/include -Iverified/kremlin/kremlib/dist/minimal -Ideprecated 662 663 664DEFINES += -DMP_API_COMPATIBLE 665 666MPI_USERS = dh.c pqg.c dsa.c rsa.c ec.c 667 668MPI_OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_SRCS:.c=$(OBJ_SUFFIX))) 669MPI_OBJS += $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_USERS:.c=$(OBJ_SUFFIX))) 670 671$(MPI_OBJS): $(MPI_HDRS) 672 673ECL_USERS = ec.c 674 675ECL_OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(ECL_SRCS:.c=$(OBJ_SUFFIX)) $(ECL_ASM_SRCS:$(ASM_SUFFIX)=$(OBJ_SUFFIX))) 676ECL_OBJS += $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(ECL_USERS:.c=$(OBJ_SUFFIX))) 677 678$(ECL_OBJS): $(ECL_HDRS) 679 680$(OBJDIR)/sysrand$(OBJ_SUFFIX): sysrand.c unix_rand.c win_rand.c 681 682$(OBJDIR)/$(PROG_PREFIX)mpprime$(OBJ_SUFFIX): primes.c 683 684$(OBJDIR)/ldvector$(OBJ_SUFFIX) $(OBJDIR)/loader$(OBJ_SUFFIX) : loader.h 685 686ifeq ($(SYSV_SPARC),1) 687 688$(OBJDIR)/mpv_sparcv8.o $(OBJDIR)/mpv_sparcv8x.o $(OBJDIR)/montmulfv8.o : $(OBJDIR)/%.o : %.s | $$(@D)/d 689 $(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $< 690 691$(OBJDIR)/mpv_sparcv9.o $(OBJDIR)/montmulfv9.o : $(OBJDIR)/%.o : %.s | $$(@D)/d 692 $(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $< 693 694$(OBJDIR)/mpmontg.o: mpmontg.c montmulf.h 695 696endif 697 698ifndef FREEBL_CHILD_BUILD 699 700# Parent build. This is where we decide which shared libraries to build 701 702# too suppress the SINGLE_SHLIB override warning 703FREEBL_OBJDIRS := 704 705define target_freebl_SHLIB 706ifdef $(2) 707$(1)_DIR = $$(OBJDIR)/$$(OS_TARGET)_$(1) 708ALL_TRASH += $$($(1)_DIR) 709 710ifeq (,$$(filter $$($(1)_DIR)/d,$$(FREEBL_OBJDIRS))) 711FREEBL_OBJDIRS += $$($(1)_DIR)/d 712endif 713 714release_md:: freebl_$(2) 715libs: freebl_$(2) 716freebl_$(2): | $$($(1)_DIR)/d 717 $$(MAKE) FREEBL_CHILD_BUILD=1 $(3)=1 OBJDIR=$$($(1)_DIR) libs 718endif 719endef # target_freebl_SHLIB 720 721target_freebl_ABI = $(call target_freebl_SHLIB,$(1),HAVE_$(1),USE_$(1)) 722 723$(eval $(call target_freebl_SHLIB,SINGLE_SHLIB,FREEBL_BUILD_SINGLE_SHLIB,NEEDED_DUMMY)) 724$(eval $(call target_freebl_SHLIB,SINGLE_SHLIB,NEED_STUB_BUILD,USE_STUB_BUILD)) 725 726$(eval $(call target_freebl_ABI,ABI32_FPU)) 727$(eval $(call target_freebl_ABI,ABI32_INT32)) 728$(eval $(call target_freebl_ABI,ABI32_INT64)) 729$(eval $(call target_freebl_ABI,ABI64_FPU)) 730$(eval $(call target_freebl_ABI,ABI64_INT)) 731 732endif # FREEBL_CHILD_BUILD 733 734 735# Bugzilla Bug 333917: the non-x86 code in desblapi.c seems to violate 736# ANSI C's strict aliasing rules. 737ifeq ($(OS_TARGET),Linux) 738ifneq ($(CPU_ARCH),x86) 739$(OBJDIR)/$(PROG_PREFIX)desblapi$(OBJ_SUFFIX): desblapi.c | $$(@D)/d 740ifdef NEED_ABSOLUTE_PATH 741 $(CC) -o $@ -c $(CFLAGS) -fno-strict-aliasing $(call core_abspath,$<) 742else 743 $(CC) -o $@ -c $(CFLAGS) -fno-strict-aliasing $< 744endif 745endif 746endif 747 748ifdef INTEL_GCM 749# 750# GCM binary needs -mssse3 751# 752$(OBJDIR)/$(PROG_PREFIX)intel-gcm-wrap$(OBJ_SUFFIX): CFLAGS += -mssse3 753 754# The integrated assembler in Clang 3.2 does not support % in the 755# expression of a .set directive. intel-gcm.s uses .set to give 756# symbolic names to registers, for example, 757# .set Htbl, %rdi 758# So we can't use Clang's integrated assembler with intel-gcm.s. 759ifdef CC_IS_CLANG 760$(OBJDIR)/$(PROG_PREFIX)intel-gcm$(OBJ_SUFFIX): CFLAGS += -no-integrated-as 761endif 762endif 763 764ifdef INTEL_GCM_CLANG_CL 765# 766# clang-cl needs -mssse3 767# 768$(OBJDIR)/$(PROG_PREFIX)intel-gcm-wrap$(OBJ_SUFFIX): CFLAGS += -mssse3 769endif 770 771$(OBJDIR)/$(PROG_PREFIX)sha256-x86$(OBJ_SUFFIX): CFLAGS += -msha -mssse3 -msse4.1 772 773ifeq ($(CPU_ARCH),arm) 774# When the compiler uses the softfloat ABI, we want to use the compatible softfp ABI when 775# enabling NEON for these objects. 776# Confusingly, __SOFTFP__ is the name of the define for the softfloat ABI, not for the softfp ABI. 777USES_SOFTFLOAT_ABI := $(shell $(CC) -o - -E -dM - $(CFLAGS) < /dev/null | grep __SOFTFP__ > /dev/null && echo 1) 778$(OBJDIR)/$(PROG_PREFIX)aes-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a -mfpu=crypto-neon-fp-armv8$(if $(USES_SOFTFLOAT_ABI), -mfloat-abi=softfp) 779$(OBJDIR)/$(PROG_PREFIX)sha1-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a -mfpu=crypto-neon-fp-armv8$(if $(USES_SOFTFLOAT_ABI), -mfloat-abi=softfp) 780$(OBJDIR)/$(PROG_PREFIX)sha256-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a -mfpu=crypto-neon-fp-armv8$(if $(USES_SOFTFLOAT_ABI), -mfloat-abi=softfp) 781ifndef NSS_DISABLE_ARM32_NEON 782$(OBJDIR)/$(PROG_PREFIX)gcm-arm32-neon$(OBJ_SUFFIX): CFLAGS += -mfpu=neon$(if $(USES_SOFTFLOAT_ABI), -mfloat-abi=softfp) 783endif 784endif 785 786ifeq ($(CPU_ARCH),aarch64) 787$(OBJDIR)/$(PROG_PREFIX)aes-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a+crypto 788$(OBJDIR)/$(PROG_PREFIX)gcm-aarch64$(OBJ_SUFFIX): CFLAGS += -march=armv8-a+crypto 789$(OBJDIR)/$(PROG_PREFIX)sha1-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a+crypto 790$(OBJDIR)/$(PROG_PREFIX)sha256-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a+crypto 791endif 792 793ifeq ($(CPU_ARCH),ppc) 794$(OBJDIR)/$(PROG_PREFIX)sha512$(OBJ_SUFFIX): CFLAGS += -funroll-loops -fpeel-loops 795ifneq ($(NSS_DISABLE_ALTIVEC),1) 796$(OBJDIR)/$(PROG_PREFIX)gcm-ppc$(OBJ_SUFFIX): CFLAGS += -maltivec 797$(OBJDIR)/$(PROG_PREFIX)gcm$(OBJ_SUFFIX): CFLAGS += -maltivec 798$(OBJDIR)/$(PROG_PREFIX)rijndael$(OBJ_SUFFIX): CFLAGS += -maltivec 799$(OBJDIR)/$(PROG_PREFIX)sha512$(OBJ_SUFFIX): CFLAGS += -maltivec 800$(OBJDIR)/$(PROG_PREFIX)chacha20poly1305-ppc$(OBJ_SUFFIX): CFLAGS += -maltivec 801endif 802ifneq ($(NSS_DISABLE_CRYPTO_VSX),1) 803$(OBJDIR)/$(PROG_PREFIX)gcm-ppc$(OBJ_SUFFIX): CFLAGS += -mcrypto -mvsx 804$(OBJDIR)/$(PROG_PREFIX)gcm$(OBJ_SUFFIX): CFLAGS += -mcrypto -mvsx 805$(OBJDIR)/$(PROG_PREFIX)rijndael$(OBJ_SUFFIX): CFLAGS += -mcrypto -mvsx 806$(OBJDIR)/$(PROG_PREFIX)sha512$(OBJ_SUFFIX): CFLAGS += -mcrypto -mvsx 807$(OBJDIR)/$(PROG_PREFIX)chacha20poly1305-ppc$(OBJ_SUFFIX): CFLAGS += -mcrypto -mvsx 808endif 809endif 810 811$(OBJDIR)/$(PROG_PREFIX)Hacl_Chacha20_Vec128$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx -maes 812$(OBJDIR)/$(PROG_PREFIX)Hacl_Chacha20Poly1305_128$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx -maes 813$(OBJDIR)/$(PROG_PREFIX)Hacl_Poly1305_128$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx -maes -mpclmul 814 815ifndef NSS_DISABLE_AVX2 816$(OBJDIR)/$(PROG_PREFIX)Hacl_Chacha20Poly1305_256$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx2 -maes 817$(OBJDIR)/$(PROG_PREFIX)Hacl_Chacha20_Vec256$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx -mavx2 -maes 818$(OBJDIR)/$(PROG_PREFIX)Hacl_Poly1305_256$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx -mavx2 -maes -mpclmul 819endif 820