1 /* Copyright (c) 2016, Google Inc.
2 *
3 * Permission to use, copy, modify, and/or distribute this software for any
4 * purpose with or without fee is hereby granted, provided that the above
5 * copyright notice and this permission notice appear in all copies.
6 *
7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
15 #include <openssl/cpu.h>
16
17 #if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP)
18 #include <errno.h>
19 #include <fcntl.h>
20 #include <sys/types.h>
21 #include <unistd.h>
22
23 #include <openssl/arm_arch.h>
24 #include <openssl/mem.h>
25
26 #include "cpu-arm-linux.h"
27
28 #define AT_HWCAP 16
29 #define AT_HWCAP2 26
30
31 // |getauxval| is not available on Android until API level 20. Link it as a weak
32 // symbol and use other methods as fallback.
33 unsigned long getauxval(unsigned long type) __attribute__((weak));
34
open_eintr(const char * path,int flags)35 static int open_eintr(const char *path, int flags) {
36 int ret;
37 do {
38 ret = open(path, flags);
39 } while (ret < 0 && errno == EINTR);
40 return ret;
41 }
42
read_eintr(int fd,void * out,size_t len)43 static ssize_t read_eintr(int fd, void *out, size_t len) {
44 ssize_t ret;
45 do {
46 ret = read(fd, out, len);
47 } while (ret < 0 && errno == EINTR);
48 return ret;
49 }
50
51 // read_full reads exactly |len| bytes from |fd| to |out|. On error or end of
52 // file, it returns zero.
read_full(int fd,void * out,size_t len)53 static int read_full(int fd, void *out, size_t len) {
54 char *outp = out;
55 while (len > 0) {
56 ssize_t ret = read_eintr(fd, outp, len);
57 if (ret <= 0) {
58 return 0;
59 }
60 outp += ret;
61 len -= ret;
62 }
63 return 1;
64 }
65
66 // read_file opens |path| and reads until end-of-file. On success, it returns
67 // one and sets |*out_ptr| and |*out_len| to a newly-allocated buffer with the
68 // contents. Otherwise, it returns zero.
read_file(char ** out_ptr,size_t * out_len,const char * path)69 static int read_file(char **out_ptr, size_t *out_len, const char *path) {
70 int fd = open_eintr(path, O_RDONLY);
71 if (fd < 0) {
72 return 0;
73 }
74
75 static const size_t kReadSize = 1024;
76 int ret = 0;
77 size_t cap = kReadSize, len = 0;
78 char *buf = OPENSSL_malloc(cap);
79 if (buf == NULL) {
80 goto err;
81 }
82
83 for (;;) {
84 if (cap - len < kReadSize) {
85 size_t new_cap = cap * 2;
86 if (new_cap < cap) {
87 goto err;
88 }
89 char *new_buf = OPENSSL_realloc(buf, new_cap);
90 if (new_buf == NULL) {
91 goto err;
92 }
93 buf = new_buf;
94 cap = new_cap;
95 }
96
97 ssize_t bytes_read = read_eintr(fd, buf + len, kReadSize);
98 if (bytes_read < 0) {
99 goto err;
100 }
101 if (bytes_read == 0) {
102 break;
103 }
104 len += bytes_read;
105 }
106
107 *out_ptr = buf;
108 *out_len = len;
109 ret = 1;
110 buf = NULL;
111
112 err:
113 OPENSSL_free(buf);
114 close(fd);
115 return ret;
116 }
117
118 // getauxval_proc behaves like |getauxval| but reads from /proc/self/auxv.
getauxval_proc(unsigned long type)119 static unsigned long getauxval_proc(unsigned long type) {
120 int fd = open_eintr("/proc/self/auxv", O_RDONLY);
121 if (fd < 0) {
122 return 0;
123 }
124
125 struct {
126 unsigned long tag;
127 unsigned long value;
128 } entry;
129
130 for (;;) {
131 if (!read_full(fd, &entry, sizeof(entry)) ||
132 (entry.tag == 0 && entry.value == 0)) {
133 break;
134 }
135 if (entry.tag == type) {
136 close(fd);
137 return entry.value;
138 }
139 }
140 close(fd);
141 return 0;
142 }
143
144 extern uint32_t OPENSSL_armcap_P;
145
146 static int g_has_broken_neon, g_needs_hwcap2_workaround;
147
OPENSSL_cpuid_setup(void)148 void OPENSSL_cpuid_setup(void) {
149 // We ignore the return value of |read_file| and proceed with an empty
150 // /proc/cpuinfo on error. If |getauxval| works, we will still detect
151 // capabilities. There may be a false positive due to
152 // |crypto_cpuinfo_has_broken_neon|, but this is now rare.
153 char *cpuinfo_data = NULL;
154 size_t cpuinfo_len = 0;
155 read_file(&cpuinfo_data, &cpuinfo_len, "/proc/cpuinfo");
156 STRING_PIECE cpuinfo;
157 cpuinfo.data = cpuinfo_data;
158 cpuinfo.len = cpuinfo_len;
159
160 // |getauxval| is not available on Android until API level 20. If it is
161 // unavailable, read from /proc/self/auxv as a fallback. This is unreadable
162 // on some versions of Android, so further fall back to /proc/cpuinfo.
163 //
164 // See
165 // https://android.googlesource.com/platform/ndk/+/882ac8f3392858991a0e1af33b4b7387ec856bd2
166 // and b/13679666 (Google-internal) for details.
167 unsigned long hwcap = 0;
168 if (getauxval != NULL) {
169 hwcap = getauxval(AT_HWCAP);
170 }
171 if (hwcap == 0) {
172 hwcap = getauxval_proc(AT_HWCAP);
173 }
174 if (hwcap == 0) {
175 hwcap = crypto_get_arm_hwcap_from_cpuinfo(&cpuinfo);
176 }
177
178 // Clear NEON support if known broken. Note, if NEON is available statically,
179 // the non-NEON code is dropped and this workaround is a no-op.
180 //
181 // TODO(davidben): The Android NDK now builds with NEON statically available
182 // by default. Cronet still has some consumers that support NEON-less devices
183 // (b/150371744). Get metrics on whether they still see this CPU and, if not,
184 // remove this check entirely.
185 g_has_broken_neon = crypto_cpuinfo_has_broken_neon(&cpuinfo);
186 if (g_has_broken_neon) {
187 hwcap &= ~HWCAP_NEON;
188 }
189
190 // Matching OpenSSL, only report other features if NEON is present.
191 if (hwcap & HWCAP_NEON) {
192 OPENSSL_armcap_P |= ARMV7_NEON;
193
194 // Some ARMv8 Android devices don't expose AT_HWCAP2. Fall back to
195 // /proc/cpuinfo. See https://crbug.com/boringssl/46. As of February 2021,
196 // this is now rare (see Chrome's Net.NeedsHWCAP2Workaround metric), but AES
197 // and PMULL extensions are very useful, so we still carry the workaround
198 // for now.
199 unsigned long hwcap2 = 0;
200 if (getauxval != NULL) {
201 hwcap2 = getauxval(AT_HWCAP2);
202 }
203 if (hwcap2 == 0) {
204 hwcap2 = crypto_get_arm_hwcap2_from_cpuinfo(&cpuinfo);
205 g_needs_hwcap2_workaround = hwcap2 != 0;
206 }
207
208 if (hwcap2 & HWCAP2_AES) {
209 OPENSSL_armcap_P |= ARMV8_AES;
210 }
211 if (hwcap2 & HWCAP2_PMULL) {
212 OPENSSL_armcap_P |= ARMV8_PMULL;
213 }
214 if (hwcap2 & HWCAP2_SHA1) {
215 OPENSSL_armcap_P |= ARMV8_SHA1;
216 }
217 if (hwcap2 & HWCAP2_SHA2) {
218 OPENSSL_armcap_P |= ARMV8_SHA256;
219 }
220 }
221
222 OPENSSL_free(cpuinfo_data);
223 }
224
CRYPTO_has_broken_NEON(void)225 int CRYPTO_has_broken_NEON(void) { return g_has_broken_neon; }
226
CRYPTO_needs_hwcap2_workaround(void)227 int CRYPTO_needs_hwcap2_workaround(void) { return g_needs_hwcap2_workaround; }
228
229 #endif // OPENSSL_ARM && !OPENSSL_STATIC_ARMCAP
230