1#! gmake 2# 3# This Source Code Form is subject to the terms of the Mozilla Public 4# License, v. 2.0. If a copy of the MPL was not distributed with this 5# file, You can obtain one at http://mozilla.org/MPL/2.0/. 6 7####################################################################### 8# (1) Include initial platform-independent assignments (MANDATORY). # 9####################################################################### 10 11include manifest.mn 12 13####################################################################### 14# (2) Include "global" configuration information. (OPTIONAL) # 15####################################################################### 16 17include $(CORE_DEPTH)/coreconf/config.mk 18 19####################################################################### 20# (3) Include "component" configuration information. (OPTIONAL) # 21####################################################################### 22 23 24 25####################################################################### 26# (4) Include "local" platform-dependent assignments (OPTIONAL). # 27####################################################################### 28 29include config.mk 30 31# default for all platforms 32# unset this on those that have multiple freebl libraries 33FREEBL_BUILD_SINGLE_SHLIB = 1 34 35ifdef USE_64 36 DEFINES += -DNSS_USE_64 37endif 38 39ifdef USE_ABI32_FPU 40 DEFINES += -DNSS_USE_ABI32_FPU 41endif 42 43ifeq ($(FREEBL_NO_DEPEND),1) 44 DEFINES += -DFREEBL_NO_DEPEND 45 STUBS_SRCS = stubs.c 46endif 47 48ifeq ($(FREEBL_LOWHASH),1) 49 DEFINES += -DFREEBL_LOWHASH 50 LOWHASH_SRCS = nsslowhash.c 51 LOWHASH_EXPORTS = nsslowhash.h 52 MAPFILE_SOURCE = freebl_hash_vector.def 53 NEED_STUB_BUILD = 1 54else 55 MAPFILE_SOURCE = freebl.def 56endif 57 58ifdef USE_STUB_BUILD 59 CSRCS = lowhash_vector.c 60 SIMPLE_OBJS = $(CSRCS:.c=$(OBJ_SUFFIX)) 61 OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(SIMPLE_OBJS)) 62 ALL_TRASH := $(TARGETS) $(OBJS) $(OBJDIR) LOGS TAGS $(GARBAGE) \ 63 $(NOSUCHFILE) so_locations 64 MAPFILE_SOURCE = freebl_hash.def 65endif 66 67# FREEBL_USE_PRELINK 68# 69# Most modern version of Linux support a speed optimization scheme where an 70# application called prelink modifies programs and shared libraries to quickly 71# load if they fit into an already designed address space. In short, prelink 72# scans the list of programs and libraries on your system, assigns them a 73# predefined space in the the address space, then provides the fixups to the 74# library. 75# 76# The modification of the shared library is correctly detected by the freebl 77# FIPS checksum scheme where we check a signed hash of the library against the 78# library itself. 79# 80# The prelink command itself can reverse the process of modification and output 81# the prestine shared library as it was before prelink made it's changes. 82# This option tells Freebl could use prelink to output the original copy of 83# the shared library before prelink modified it. 84# 85# FREEBL_PRELINK_COMMAND 86# 87# This is an optional environment variable which can override the default 88# prelink command. It could be used on systems that did something similiar to 89# prelink but used a different command and syntax. The only requirement is the 90# program must take the library as the last argument, the program must output 91# the original library to standard out, and the program does not need to take 92# any quoted or imbedded spaces in its arguments (except the path to the 93# library itself, which can have imbedded spaces or special characters). 94# 95ifdef FREEBL_USE_PRELINK 96 DEFINES += -DFREEBL_USE_PRELINK 97ifdef LINUX 98 DEFINES += -D__GNU_SOURCE=1 99endif 100endif 101ifdef NSS_NO_INIT_SUPPORT 102 DEFINES += -DNSS_NO_INIT_SUPPORT 103endif 104 105ifdef FREEBL_PRELINK_COMMAND 106 DEFINES +=-DFREEBL_PRELINK_COMMAND=\"$(FREEBL_PRELINK_COMMAND)\" 107endif 108# NSS_X86 means the target is a 32-bits x86 CPU architecture 109# NSS_X64 means the target is a 64-bits 64 CPU architecture 110# NSS_X86_OR_X64 means the target is either x86 or x64 111ifeq (,$(filter-out i386 x386 x86 x86_64,$(CPU_ARCH))) 112 DEFINES += -DNSS_X86_OR_X64 113 EXTRA_SRCS += gcm-x86.c aes-x86.c 114$(OBJDIR)/gcm-x86.o: CFLAGS += -mpclmul -maes 115$(OBJDIR)/aes-x86.o: CFLAGS += -mpclmul -maes 116ifneq (,$(USE_64)$(USE_X32)) 117 DEFINES += -DNSS_X64 118else 119 DEFINES += -DNSS_X86 120endif 121 ifdef CC_IS_CLANG 122 EXTRA_SRCS += sha256-x86.c 123 DEFINES += -DUSE_HW_SHA2 124 else ifeq (1,$(CC_IS_GCC)) 125 # Old compiler doesn't support Intel SHA extension 126 ifneq (,$(filter 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION)))) 127 EXTRA_SRCS += sha256-x86.c 128 DEFINES += -DUSE_HW_SHA2 129 endif 130 ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION)))) 131 EXTRA_SRCS += sha256-x86.c 132 DEFINES += -DUSE_HW_SHA2 133 endif 134 endif 135endif 136ifeq ($(CPU_ARCH),aarch64) 137 ifdef CC_IS_CLANG 138 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 139 EXTRA_SRCS += aes-armv8.c gcm-aarch64.c sha1-armv8.c sha256-armv8.c 140 else ifeq (1,$(CC_IS_GCC)) 141 # GCC versions older than 4.9 don't support ARM AES. The check 142 # is done in two parts, first allows "major.minor" == "4.9", 143 # and then rejects any major versions prior to 5. Note that 144 # there has been no GCC 4.10, as it was renamed to GCC 5. 145 ifneq (,$(filter 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION)))) 146 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 147 EXTRA_SRCS += aes-armv8.c gcm-aarch64.c sha1-armv8.c sha256-armv8.c 148 endif 149 ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION)))) 150 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 151 EXTRA_SRCS += aes-armv8.c gcm-aarch64.c sha1-armv8.c sha256-armv8.c 152 endif 153 endif 154endif 155ifeq ($(CPU_ARCH),arm) 156ifndef NSS_DISABLE_ARM32_NEON 157 EXTRA_SRCS += gcm-arm32-neon.c 158endif 159 ifdef CC_IS_CLANG 160 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 161 EXTRA_SRCS += aes-armv8.c sha1-armv8.c sha256-armv8.c 162 else ifeq (1,$(CC_IS_GCC)) 163 # GCC versions older than 4.9 don't support ARM AES. The check 164 # is done in two parts, first allows "major.minor" == "4.9", 165 # and then rejects any major versions prior to 5. Note that 166 # there has been no GCC 4.10, as it was renamed to GCC 5. 167 ifneq (,$(filter 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION)))) 168 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 169 EXTRA_SRCS += aes-armv8.c sha1-armv8.c sha256-armv8.c 170 endif 171 ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION)))) 172 DEFINES += -DUSE_HW_AES -DUSE_HW_SHA1 -DUSE_HW_SHA2 173 EXTRA_SRCS += aes-armv8.c sha1-armv8.c sha256-armv8.c 174 endif 175 endif 176endif 177 178ifeq ($(OS_TARGET),OSF1) 179 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_NO_MP_WORD 180 MPI_SRCS += mpvalpha.c 181endif 182 183ifeq (OS2,$(OS_TARGET)) 184 ASFILES = mpi_x86_os2.s 185 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 186 DEFINES += -DMP_ASSEMBLY_DIV_2DX1D 187 DEFINES += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD 188 DEFINES += -DMP_IS_LITTLE_ENDIAN 189endif 190 191ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET))) 192ifndef USE_64 193# 32-bit Windows 194ifdef NS_USE_GCC 195# Ideally, we want to use assembler 196# ASFILES = mpi_x86.s 197# DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE \ 198# -DMP_ASSEMBLY_DIV_2DX1D 199# but we haven't figured out how to make it work, so we are not 200# using assembler right now. 201 ASFILES = 202 DEFINES += -DMP_NO_MP_WORD -DMP_USE_UINT_DIGIT 203else 204# MSVC 205 MPI_SRCS += mpi_x86_asm.c 206 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 207 DEFINES += -DMP_ASSEMBLY_DIV_2DX1D -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD 208 ifdef BUILD_OPT 209 OPTIMIZER += -Ox # maximum optimization for freebl 210 endif 211 # The Intel AES assembly code requires Visual C++ 2010. 212 # if $(_MSC_VER) >= 1600 (Visual C++ 2010) 213 ifeq ($(firstword $(sort $(_MSC_VER) 1600)),1600) 214 DEFINES += -DUSE_HW_AES -DINTEL_GCM 215 ASFILES += intel-aes-x86-masm.asm intel-gcm-x86-masm.asm 216 EXTRA_SRCS += intel-gcm-wrap.c 217 ifeq ($(CLANG_CL),1) 218 INTEL_GCM_CLANG_CL = 1 219 endif 220 endif 221 # The Intel SHA extenstion requires Visual C++ 2015. 222 ifeq ($(_MSC_VER_GE_14),1) 223 DEFINES += -DUSE_HW_SHA2 224 EXTRA_SRCS += sha256-x86.c 225 endif 226endif 227else 228 # -DMP_NO_MP_WORD 229 DEFINES += -DMP_IS_LITTLE_ENDIAN 230ifdef NS_USE_GCC 231# Ideally, we should use amd64 assembly code, but it's not yet mingw-w64 232# compatible. 233else 234# MSVC 235 ifdef BUILD_OPT 236 OPTIMIZER += -Ox # maximum optimization for freebl 237 endif 238ifeq ($(CPU_ARCH),x86_64) 239 ASFILES = arcfour-amd64-masm.asm mpi_amd64_masm.asm mp_comba_amd64_masm.asm 240 DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY 241 DEFINES += -DNSS_USE_COMBA 242 # The Intel AES assembly code requires Visual C++ 2010 (10.0). The _xgetbv 243 # compiler intrinsic function requires Visual C++ 2010 (10.0) SP1. 244 ifeq ($(_MSC_VER_GE_10SP1),1) 245 DEFINES += -DUSE_HW_AES -DINTEL_GCM 246 ASFILES += intel-aes-x64-masm.asm intel-gcm-x64-masm.asm 247 EXTRA_SRCS += intel-gcm-wrap.c 248 ifeq ($(CLANG_CL),1) 249 INTEL_GCM_CLANG_CL = 1 250 endif 251 endif 252 # The Intel SHA extenstion requires Visual C++ 2015. 253 ifeq ($(_MSC_VER_GE_14),1) 254 DEFINES += -DUSE_HW_SHA2 255 EXTRA_SRCS += sha256-x86.c 256 endif 257 MPI_SRCS += mpi_amd64.c 258endif 259endif 260endif 261endif 262 263ifeq ($(OS_TARGET),IRIX) 264ifeq ($(USE_N32),1) 265 ASFILES = mpi_mips.s 266 ifeq ($(NS_USE_GCC),1) 267 ASFLAGS = -Wp,-P -Wp,-traditional -O -mips3 268 else 269 ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3 270 endif 271 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 272 DEFINES += -DMP_USE_UINT_DIGIT 273endif 274endif 275 276ifeq ($(OS_TARGET),Darwin) 277ifeq ($(CPU_ARCH),x86_64) 278 ASFILES = mpi_amd64_common.s 279 DEFINES += -DMPI_AMD64 -DMP_IS_LITTLE_ENDIAN 280 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DNSS_USE_COMBA 281 MPI_SRCS += mpi_amd64.c mp_comba.c 282else ifeq ($(CPU_ARCH),x86) 283 ASFILES = mpi_sse2.s 284 DEFINES += -DMP_USE_UINT_DIGIT 285 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 286 DEFINES += -DMP_ASSEMBLY_DIV_2DX1D 287endif 288endif # Darwin 289 290ifeq ($(OS_TARGET),Linux) 291ifeq ($(CPU_ARCH),x86_64) 292 # Lower case s on mpi_amd64_common due to make implicit rules. 293 ASFILES = arcfour-amd64-gas.s mpi_amd64_common.s 294 ASFLAGS += -fPIC -Wa,--noexecstack 295 DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY 296 DEFINES += -DNSS_USE_COMBA 297 DEFINES += -DMP_IS_LITTLE_ENDIAN 298# DEFINES += -DMPI_AMD64_ADD 299 # comment the next four lines to turn off Intel HW acceleration. 300 DEFINES += -DUSE_HW_AES -DINTEL_GCM 301 ASFILES += intel-aes.s intel-gcm.s 302 EXTRA_SRCS += intel-gcm-wrap.c 303 INTEL_GCM = 1 304 MPI_SRCS += mpi_amd64.c mp_comba.c 305endif 306ifeq ($(CPU_ARCH),x86) 307 ASFILES = mpi_x86.s 308 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 309 DEFINES += -DMP_ASSEMBLY_DIV_2DX1D -DMP_USE_UINT_DIGIT 310 DEFINES += -DMP_IS_LITTLE_ENDIAN 311endif 312ifeq ($(CPU_ARCH),arm) 313 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 314 DEFINES += -DMP_USE_UINT_DIGIT 315 DEFINES += -DSHA_NO_LONG_LONG # avoid 64-bit arithmetic in SHA512 316 MPI_SRCS += mpi_arm.c 317endif 318ifeq ($(CPU_ARCH),ppc) 319 EXTRA_SRCS += gcm-ppc.c 320ifdef USE_64 321 DEFINES += -DNSS_NO_INIT_SUPPORT 322 PPC_ABI := $(shell $(CC) -dM -E - < /dev/null | awk '$$2 == "_CALL_ELF" {print $$3}') 323 ifeq ($(PPC_ABI),2) 324 ASFILES += sha512-p8.s 325 ifeq ($(OS_TEST),ppc64le) 326 DEFINES += -DPPC_GCM 327 EXTRA_SRCS += chacha20poly1305-ppc.c ppc-gcm-wrap.c 328 ASFILES += chacha20-ppc64le.s ppc-gcm.s 329 endif # ppc64le 330 endif 331endif # USE_64 332endif # ppc 333endif # Linux 334 335ifeq ($(OS_TARGET),AIX) 336 DEFINES += -DMP_USE_UINT_DIGIT 337 ifndef USE_64 338 DEFINES += -DMP_NO_DIV_WORD -DMP_NO_ADD_WORD -DMP_NO_SUB_WORD 339 endif 340endif # AIX 341 342ifeq ($(OS_TARGET), HP-UX) 343ifneq ($(OS_TEST), ia64) 344# PA-RISC 345ASFILES += ret_cr16.s 346ifndef USE_64 347 FREEBL_BUILD_SINGLE_SHLIB = 348 HAVE_ABI32_INT32 = 1 349 HAVE_ABI32_FPU = 1 350endif 351ifdef FREEBL_CHILD_BUILD 352ifdef USE_ABI32_INT32 353# build for DA1.1 (HP PA 1.1) 32-bit ABI build with 32-bit arithmetic 354 DEFINES += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD 355 DEFINES += -DSHA_NO_LONG_LONG # avoid 64-bit arithmetic in SHA512 356else 357ifdef USE_64 358# this builds for DA2.0W (HP PA 2.0 Wide), the LP64 ABI, using 64-bit digits 359 MPI_SRCS += mpi_hp.c 360 ASFILES += hpma512.s hppa20.s 361 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 362else 363# this builds for DA2.0 (HP PA 2.0 Narrow) ABI32_FPU model 364# (the 32-bit ABI with 64-bit registers) using 64-bit digits 365 MPI_SRCS += mpi_hp.c 366 ASFILES += hpma512.s hppa20.s 367 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 368ifndef NS_USE_GCC 369 ARCHFLAG = -Aa +e +DA2.0 +DS2.0 370endif 371endif 372endif 373endif 374endif 375endif 376 377# The blapi functions are defined not only in the freebl shared 378# libraries but also in the shared libraries linked with loader.c 379# (libsoftokn3.so and libssl3.so). We need to use GNU ld's 380# -Bsymbolic option or the equivalent option for other linkers 381# to bind the blapi function references in FREEBLVector vector 382# (ldvector.c) to the blapi functions defined in the freebl 383# shared libraries. 384ifeq (,$(filter-out BSD_OS FreeBSD Linux NetBSD OpenBSD, $(OS_TARGET))) 385 MKSHLIB += -Wl,-Bsymbolic 386endif 387 388ifeq ($(OS_TARGET),SunOS) 389 390ifdef NS_USE_GCC 391 ifdef GCC_USE_GNU_LD 392 MKSHLIB += -Wl,-Bsymbolic,-z,now,-z,text 393 else 394 MKSHLIB += -Wl,-B,symbolic,-z,now,-z,text 395 endif # GCC_USE_GNU_LD 396else 397 MKSHLIB += -B symbolic -z now -z text 398endif # NS_USE_GCC 399 400# Sun's WorkShop defines v8, v8plus and v9 architectures. 401# gcc on Solaris defines v8 and v9 "cpus". 402# gcc's v9 is equivalent to Workshop's v8plus. 403# gcc's -m64 is equivalent to Workshop's v9 404# We always use Sun's assembler, which uses Sun's naming convention. 405ifeq ($(CPU_ARCH),sparc) 406 FREEBL_BUILD_SINGLE_SHLIB= 407 ifdef USE_64 408 HAVE_ABI64_INT = 1 409 HAVE_ABI64_FPU = 1 410 else 411 HAVE_ABI32_FPU = 1 412 HAVE_ABI32_INT64 = 1 413 endif 414 SYSV_SPARC = 1 415 SOLARIS_AS = /usr/ccs/bin/as 416 #### set arch, asm, c flags 417 ifdef NS_USE_GCC 418 ifdef USE_ABI32_INT64 419 ARCHFLAG=-mcpu=v9 -Wa,-xarch=v8plus 420 SOLARIS_AS_FLAGS = -xarch=v8plus -K PIC 421 endif 422 ifdef USE_ABI32_FPU 423 ARCHFLAG=-mcpu=v9 -Wa,-xarch=v8plusa 424 SOLARIS_AS_FLAGS = -xarch=v8plusa -K PIC 425 endif # USE_ABI32_FPU 426 ifdef USE_ABI64_INT 427 # this builds for Sparc v9a pure 64-bit architecture 428 ARCHFLAG += -mcpu=v9 -Wa,-xarch=v9 429 SOLARIS_AS_FLAGS = -xarch=v9 -K PIC 430 endif 431 ifdef USE_ABI64_FPU 432 # this builds for Sparc v9a pure 64-bit architecture 433 # It uses floating point, and 32-bit word size 434 ARCHFLAG += -mcpu=v9 -Wa,-xarch=v9a 435 SOLARIS_AS_FLAGS = -xarch=v9a -K PIC 436 endif 437 else # NS_USE_GCC 438 # FPU_TARGET_OPTIMIZER specifies the target processor and cache 439 # properties of the ABI32_FPU and ABI64_FPU architectures for use 440 # by the optimizer. 441 ifeq (,$(findstring Sun WorkShop 6,$(shell $(CC) -V 2>&1))) 442 # if the compiler is not Forte 6 443 FPU_TARGET_OPTIMIZER = -xcache=64/32/4:1024/64/4 -xchip=ultra3 444 else 445 # Forte 6 C compiler generates incorrect code for rijndael.c 446 # if -xchip=ultra3 is used (Bugzilla bug 333925). So we revert 447 # to what we used in NSS 3.10. 448 FPU_TARGET_OPTIMIZER = -xchip=ultra2 449 endif 450 ifdef USE_ABI32_INT64 451 # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers, 452 # 32-bit ABI, it uses 64-bit words, integer arithmetic, 453 # no FPU (non-VIS cpus). 454 # These flags were suggested by the compiler group for building 455 # with SunStudio 10. 456 ifdef BUILD_OPT 457 SOL_CFLAGS += -xO4 458 endif 459 SOL_CFLAGS += -xtarget=generic 460 ARCHFLAG = -xarch=v8plus 461 SOLARIS_AS_FLAGS = -xarch=v8plus -K PIC 462 endif 463 ifdef USE_ABI32_FPU 464 # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers, 465 # 32-bit ABI, it uses FPU code, and 32-bit word size. 466 # these flags were determined by running cc -### -fast and copying 467 # the generated flag settings 468 SOL_CFLAGS += -fsingle -xmemalign=8s 469 ifdef BUILD_OPT 470 SOL_CFLAGS += -D__MATHERR_ERRNO_DONTCARE -fsimple=1 471 SOL_CFLAGS += -xalias_level=basic -xbuiltin=%all 472 SOL_CFLAGS += $(FPU_TARGET_OPTIMIZER) -xdepend 473 SOL_CFLAGS += -xlibmil -xO5 474 endif 475 ARCHFLAG = -xarch=v8plusa 476 SOLARIS_AS_FLAGS = -xarch=v8plusa -K PIC 477 endif 478 ifdef USE_ABI64_INT 479 # this builds for Sparc v9a pure 64-bit architecture, 480 # no FPU (non-VIS cpus). For building with SunStudio 10. 481 ifdef BUILD_OPT 482 SOL_CFLAGS += -xO4 483 endif 484 SOL_CFLAGS += -xtarget=generic 485 ARCHFLAG = -xarch=v9 486 SOLARIS_AS_FLAGS = -xarch=v9 -K PIC 487 endif 488 ifdef USE_ABI64_FPU 489 # this builds for Sparc v9a pure 64-bit architecture 490 # It uses floating point, and 32-bit word size. 491 # See comment for USE_ABI32_FPU. 492 SOL_CFLAGS += -fsingle -xmemalign=8s 493 ifdef BUILD_OPT 494 SOL_CFLAGS += -D__MATHERR_ERRNO_DONTCARE -fsimple=1 495 SOL_CFLAGS += -xalias_level=basic -xbuiltin=%all 496 SOL_CFLAGS += $(FPU_TARGET_OPTIMIZER) -xdepend 497 SOL_CFLAGS += -xlibmil -xO5 498 endif 499 ARCHFLAG = -xarch=v9a 500 SOLARIS_AS_FLAGS = -xarch=v9a -K PIC 501 endif 502 endif # NS_USE_GCC 503 504 ### set flags for both GCC and Sun cc 505 ifdef USE_ABI32_INT64 506 # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers, 507 # 32-bit ABI, it uses 64-bit words, integer arithmetic, no FPU 508 # best times are with no MP_ flags specified 509 endif 510 ifdef USE_ABI32_FPU 511 # this builds for Sparc v8+a ABI32_FPU architecture, 64-bit registers, 512 # 32-bit ABI, it uses FPU code, and 32-bit word size 513 MPI_SRCS += mpi_sparc.c 514 ASFILES = mpv_sparcv8.s montmulfv8.s 515 DEFINES += -DMP_NO_MP_WORD -DMP_USE_UINT_DIGIT -DMP_ASSEMBLY_MULTIPLY 516 DEFINES += -DMP_USING_MONT_MULF -DMP_MONT_USE_MP_MUL 517 endif 518 ifdef USE_ABI64_INT 519 # this builds for Sparc v9a pure 64-bit architecture 520 # best times are with no MP_ flags specified 521 endif 522 ifdef USE_ABI64_FPU 523 # this builds for Sparc v9a pure 64-bit architecture 524 # It uses floating point, and 32-bit word size 525 MPI_SRCS += mpi_sparc.c 526 ASFILES = mpv_sparcv9.s montmulfv9.s 527 DEFINES += -DMP_NO_MP_WORD -DMP_USE_UINT_DIGIT -DMP_ASSEMBLY_MULTIPLY 528 DEFINES += -DMP_USING_MONT_MULF -DMP_MONT_USE_MP_MUL 529 endif 530 531else 532 # Solaris for non-sparc family CPUs 533 ifdef NS_USE_GCC 534 LD = gcc 535 AS = gcc 536 ASFLAGS = -x assembler-with-cpp 537 endif 538 ifeq ($(USE_64),1) 539 # Solaris for AMD64 540 ifdef NS_USE_GCC 541 ASFILES = arcfour-amd64-gas.s mpi_amd64_common.s 542 ASFLAGS += -march=opteron -m64 -fPIC 543 MPI_SRCS += mp_comba.c 544 # comment the next four lines to turn off Intel HW acceleration 545 ASFILES += intel-gcm.s 546 EXTRA_SRCS += intel-gcm-wrap.c 547 INTEL_GCM = 1 548 DEFINES += -DINTEL_GCM 549 else 550 ASFILES = arcfour-amd64-sun.s mpi_amd64_sun.s sha-fast-amd64-sun.s 551 ASFILES += mp_comba_amd64_sun.s mpcpucache_amd64.s 552 ASFLAGS += -xarch=generic64 -K PIC 553 SOL_CFLAGS += -xprefetch=no 554 SHA_SRCS = 555 MPCPU_SRCS = 556 # Intel acceleration for GCM does not build currently with Studio 557 endif 558 DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY 559 DEFINES += -DNSS_USE_COMBA -DMP_IS_LITTLE_ENDIAN 560 # comment the next two lines to turn off Intel HW acceleration 561 DEFINES += -DUSE_HW_AES 562 ASFILES += intel-aes.s 563 MPI_SRCS += mpi_amd64.c 564 else 565 # Solaris x86 566 DEFINES += -DMP_USE_UINT_DIGIT 567 DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE 568 DEFINES += -DMP_ASSEMBLY_DIV_2DX1D 569 ASFILES = mpi_i86pc.s 570 ifndef NS_USE_GCC 571 MPCPU_SRCS = 572 ASFILES += mpcpucache_x86.s 573 endif 574 endif 575endif # Solaris for non-sparc family CPUs 576endif # target == SunO 577 578ifdef USE_64 579# no __int128 at least up to lcc 1.23 (pretending to be gcc5) 580# NB: CC_NAME is not defined here 581ifneq ($(shell $(CC) -? 2>&1 >/dev/null </dev/null | sed -e 's/:.*//;1q'),lcc) 582 ifdef CC_IS_CLANG 583 HAVE_INT128_SUPPORT = 1 584 DEFINES += -DHAVE_INT128_SUPPORT 585 else ifeq (1,$(CC_IS_GCC)) 586 ifneq (,$(filter 4.6 4.7 4.8 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION)))) 587 HAVE_INT128_SUPPORT = 1 588 DEFINES += -DHAVE_INT128_SUPPORT 589 endif 590 ifneq (,$(filter 0 1 2 3,$(word 1,$(GCC_VERSION)))) 591 NSS_DISABLE_AVX2 = 1 592 endif 593 ifeq (4,$(word 1,$(GCC_VERSION))) 594 ifeq (,$(filter 8 9,$(word 2,$(GCC_VERSION)))) 595 NSS_DISABLE_AVX2 = 1 596 endif 597 endif 598 ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION)))) 599 HAVE_INT128_SUPPORT = 1 600 DEFINES += -DHAVE_INT128_SUPPORT 601 endif 602 endif 603endif # lcc 604endif # USE_64 605 606ifndef HAVE_INT128_SUPPORT 607 DEFINES += -DKRML_VERIFIED_UINT128 608endif 609 610ifndef NSS_DISABLE_CHACHAPOLY 611 ifeq ($(CPU_ARCH),x86_64) 612 ifndef NSS_DISABLE_AVX2 613 EXTRA_SRCS += Hacl_Poly1305_256.c Hacl_Chacha20_Vec256.c Hacl_Chacha20Poly1305_256.c 614 endif # NSS_DISABLE_AVX2 615 EXTRA_SRCS += Hacl_Poly1305_128.c Hacl_Chacha20_Vec128.c Hacl_Chacha20Poly1305_128.c 616 endif # x86_64 617 618 VERIFIED_SRCS += Hacl_Poly1305_32.c Hacl_Chacha20.c Hacl_Chacha20Poly1305_32.c 619endif # NSS_DISABLE_CHACHAPOLY 620 621ifeq (,$(filter-out x86_64 aarch64,$(CPU_ARCH))) 622 # All 64-bit architectures get the 64 bit version. 623 ECL_SRCS += curve25519_64.c 624 VERIFIED_SRCS += Hacl_Curve25519_51.c 625else 626 # All other architectures get the generic 32 bit implementation 627 ECL_SRCS += curve25519_32.c 628endif 629 630####################################################################### 631# (5) Execute "global" rules. (OPTIONAL) # 632####################################################################### 633 634include $(CORE_DEPTH)/coreconf/rules.mk 635 636####################################################################### 637# (6) Execute "component" rules. (OPTIONAL) # 638####################################################################### 639 640 641 642####################################################################### 643# (7) Execute "local" rules. (OPTIONAL). # 644####################################################################### 645 646 647rijndael_tables: 648 $(CC) -o $(OBJDIR)/make_rijndael_tab rijndael_tables.c \ 649 $(DEFINES) $(INCLUDES) $(OBJDIR)/libfreebl.a 650 $(OBJDIR)/make_rijndael_tab 651 652vpath %.h mpi ecl verified deprecated 653vpath %.c mpi ecl verified deprecated 654vpath %.S mpi ecl 655vpath %.s mpi ecl 656vpath %.asm mpi ecl 657INCLUDES += -Impi -Iecl -Iverified -Iverified/kremlin/include -Iverified/kremlin/kremlib/dist/minimal -Ideprecated 658 659 660DEFINES += -DMP_API_COMPATIBLE 661 662MPI_USERS = dh.c pqg.c dsa.c rsa.c ec.c 663 664MPI_OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_SRCS:.c=$(OBJ_SUFFIX))) 665MPI_OBJS += $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_USERS:.c=$(OBJ_SUFFIX))) 666 667$(MPI_OBJS): $(MPI_HDRS) 668 669ECL_USERS = ec.c 670 671ECL_OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(ECL_SRCS:.c=$(OBJ_SUFFIX)) $(ECL_ASM_SRCS:$(ASM_SUFFIX)=$(OBJ_SUFFIX))) 672ECL_OBJS += $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(ECL_USERS:.c=$(OBJ_SUFFIX))) 673 674$(ECL_OBJS): $(ECL_HDRS) 675 676$(OBJDIR)/sysrand$(OBJ_SUFFIX): sysrand.c unix_rand.c win_rand.c 677 678$(OBJDIR)/$(PROG_PREFIX)mpprime$(OBJ_SUFFIX): primes.c 679 680$(OBJDIR)/ldvector$(OBJ_SUFFIX) $(OBJDIR)/loader$(OBJ_SUFFIX) : loader.h 681 682ifeq ($(SYSV_SPARC),1) 683 684$(OBJDIR)/mpv_sparcv8.o $(OBJDIR)/mpv_sparcv8x.o $(OBJDIR)/montmulfv8.o : $(OBJDIR)/%.o : %.s | $$(@D)/d 685 $(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $< 686 687$(OBJDIR)/mpv_sparcv9.o $(OBJDIR)/montmulfv9.o : $(OBJDIR)/%.o : %.s | $$(@D)/d 688 $(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $< 689 690$(OBJDIR)/mpmontg.o: mpmontg.c montmulf.h 691 692endif 693 694ifndef FREEBL_CHILD_BUILD 695 696# Parent build. This is where we decide which shared libraries to build 697 698# too suppress the SINGLE_SHLIB override warning 699FREEBL_OBJDIRS := 700 701define target_freebl_SHLIB 702ifdef $(2) 703$(1)_DIR = $$(OBJDIR)/$$(OS_TARGET)_$(1) 704ALL_TRASH += $$($(1)_DIR) 705 706ifeq (,$$(filter $$($(1)_DIR)/d,$$(FREEBL_OBJDIRS))) 707FREEBL_OBJDIRS += $$($(1)_DIR)/d 708endif 709 710release_md:: freebl_$(2) 711libs: freebl_$(2) 712freebl_$(2): | $$($(1)_DIR)/d 713 $$(MAKE) FREEBL_CHILD_BUILD=1 $(3)=1 OBJDIR=$$($(1)_DIR) libs 714endif 715endef # target_freebl_SHLIB 716 717target_freebl_ABI = $(call target_freebl_SHLIB,$(1),HAVE_$(1),USE_$(1)) 718 719$(eval $(call target_freebl_SHLIB,SINGLE_SHLIB,FREEBL_BUILD_SINGLE_SHLIB,NEEDED_DUMMY)) 720$(eval $(call target_freebl_SHLIB,SINGLE_SHLIB,NEED_STUB_BUILD,USE_STUB_BUILD)) 721 722$(eval $(call target_freebl_ABI,ABI32_FPU)) 723$(eval $(call target_freebl_ABI,ABI32_INT32)) 724$(eval $(call target_freebl_ABI,ABI32_INT64)) 725$(eval $(call target_freebl_ABI,ABI64_FPU)) 726$(eval $(call target_freebl_ABI,ABI64_INT)) 727 728endif # FREEBL_CHILD_BUILD 729 730 731# Bugzilla Bug 333917: the non-x86 code in desblapi.c seems to violate 732# ANSI C's strict aliasing rules. 733ifeq ($(OS_TARGET),Linux) 734ifneq ($(CPU_ARCH),x86) 735$(OBJDIR)/$(PROG_PREFIX)desblapi$(OBJ_SUFFIX): desblapi.c | $$(@D)/d 736ifdef NEED_ABSOLUTE_PATH 737 $(CC) -o $@ -c $(CFLAGS) -fno-strict-aliasing $(call core_abspath,$<) 738else 739 $(CC) -o $@ -c $(CFLAGS) -fno-strict-aliasing $< 740endif 741endif 742endif 743 744ifdef INTEL_GCM 745# 746# GCM binary needs -mssse3 747# 748$(OBJDIR)/$(PROG_PREFIX)intel-gcm-wrap$(OBJ_SUFFIX): CFLAGS += -mssse3 749 750# The integrated assembler in Clang 3.2 does not support % in the 751# expression of a .set directive. intel-gcm.s uses .set to give 752# symbolic names to registers, for example, 753# .set Htbl, %rdi 754# So we can't use Clang's integrated assembler with intel-gcm.s. 755ifdef CC_IS_CLANG 756$(OBJDIR)/$(PROG_PREFIX)intel-gcm$(OBJ_SUFFIX): CFLAGS += -no-integrated-as 757endif 758endif 759 760ifdef INTEL_GCM_CLANG_CL 761# 762# clang-cl needs -mssse3 763# 764$(OBJDIR)/$(PROG_PREFIX)intel-gcm-wrap$(OBJ_SUFFIX): CFLAGS += -mssse3 765endif 766 767$(OBJDIR)/$(PROG_PREFIX)sha256-x86$(OBJ_SUFFIX): CFLAGS += -msha -mssse3 -msse4.1 768 769ifeq ($(CPU_ARCH),arm) 770# When the compiler uses the softfloat ABI, we want to use the compatible softfp ABI when 771# enabling NEON for these objects. 772# Confusingly, __SOFTFP__ is the name of the define for the softfloat ABI, not for the softfp ABI. 773USES_SOFTFLOAT_ABI := $(shell $(CC) -o - -E -dM - $(CFLAGS) < /dev/null | grep __SOFTFP__ > /dev/null && echo 1) 774$(OBJDIR)/$(PROG_PREFIX)aes-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a -mfpu=crypto-neon-fp-armv8$(if $(USES_SOFTFLOAT_ABI), -mfloat-abi=softfp) 775$(OBJDIR)/$(PROG_PREFIX)sha1-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a -mfpu=crypto-neon-fp-armv8$(if $(USES_SOFTFLOAT_ABI), -mfloat-abi=softfp) 776$(OBJDIR)/$(PROG_PREFIX)sha256-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a -mfpu=crypto-neon-fp-armv8$(if $(USES_SOFTFLOAT_ABI), -mfloat-abi=softfp) 777ifndef NSS_DISABLE_ARM32_NEON 778$(OBJDIR)/$(PROG_PREFIX)gcm-arm32-neon$(OBJ_SUFFIX): CFLAGS += -mfpu=neon$(if $(USES_SOFTFLOAT_ABI), -mfloat-abi=softfp) 779endif 780endif 781 782ifeq ($(CPU_ARCH),aarch64) 783$(OBJDIR)/$(PROG_PREFIX)aes-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a+crypto 784$(OBJDIR)/$(PROG_PREFIX)gcm-aarch64$(OBJ_SUFFIX): CFLAGS += -march=armv8-a+crypto 785$(OBJDIR)/$(PROG_PREFIX)sha1-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a+crypto 786$(OBJDIR)/$(PROG_PREFIX)sha256-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a+crypto 787endif 788 789ifeq ($(CPU_ARCH),ppc) 790$(OBJDIR)/$(PROG_PREFIX)sha512$(OBJ_SUFFIX): CFLAGS += -funroll-loops -fpeel-loops 791ifneq ($(NSS_DISABLE_ALTIVEC),1) 792$(OBJDIR)/$(PROG_PREFIX)gcm-ppc$(OBJ_SUFFIX): CFLAGS += -maltivec 793$(OBJDIR)/$(PROG_PREFIX)gcm$(OBJ_SUFFIX): CFLAGS += -maltivec 794$(OBJDIR)/$(PROG_PREFIX)rijndael$(OBJ_SUFFIX): CFLAGS += -maltivec 795$(OBJDIR)/$(PROG_PREFIX)sha512$(OBJ_SUFFIX): CFLAGS += -maltivec 796$(OBJDIR)/$(PROG_PREFIX)chacha20poly1305-ppc$(OBJ_SUFFIX): CFLAGS += -maltivec 797endif 798ifneq ($(NSS_DISABLE_CRYPTO_VSX),1) 799$(OBJDIR)/$(PROG_PREFIX)gcm-ppc$(OBJ_SUFFIX): CFLAGS += -mcrypto -mvsx 800$(OBJDIR)/$(PROG_PREFIX)gcm$(OBJ_SUFFIX): CFLAGS += -mcrypto -mvsx 801$(OBJDIR)/$(PROG_PREFIX)rijndael$(OBJ_SUFFIX): CFLAGS += -mcrypto -mvsx 802$(OBJDIR)/$(PROG_PREFIX)sha512$(OBJ_SUFFIX): CFLAGS += -mcrypto -mvsx 803$(OBJDIR)/$(PROG_PREFIX)chacha20poly1305-ppc$(OBJ_SUFFIX): CFLAGS += -mcrypto -mvsx 804endif 805endif 806 807$(OBJDIR)/$(PROG_PREFIX)Hacl_Chacha20_Vec128$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx -maes 808$(OBJDIR)/$(PROG_PREFIX)Hacl_Chacha20Poly1305_128$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx -maes 809$(OBJDIR)/$(PROG_PREFIX)Hacl_Poly1305_128$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx -maes -mpclmul 810 811ifndef NSS_DISABLE_AVX2 812$(OBJDIR)/$(PROG_PREFIX)Hacl_Chacha20Poly1305_256$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx2 -maes 813$(OBJDIR)/$(PROG_PREFIX)Hacl_Chacha20_Vec256$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx -mavx2 -maes 814$(OBJDIR)/$(PROG_PREFIX)Hacl_Poly1305_256$(OBJ_SUFFIX): CFLAGS += -mssse3 -msse4.1 -msse4.2 -mavx -mavx2 -maes -mpclmul 815endif 816