Bug 979703: Update NSS to NSS_3_16_2_BETA1.

Fix bugs in intel-gcm-x86-masm.asm and re-enable the Intel AES assembly code. (The fix is by Shay Gueron of Intel.) Remove an unnecessary loop in intel-gcm-x64-masm.asm r=agl.
2014-05-08 14:28:47 -07:00 · 2014-05-08 14:28:47 -07:00 · fe569bf1f2
--- a/security/nss/TAG-INFO
+++ b/security/nss/TAG-INFO
@ -1 +1 @@
-NSS_3_16_1_RTM
+NSS_3_16_2_BETA1
--- a/security/nss/coreconf/WIN32.mk
+++ b/security/nss/coreconf/WIN32.mk
@ -41,6 +41,9 @@ else
 	_CC_BUILD   := $(word 4,$(_CC_VERSION_WORDS))
 	_MSC_VER     = $(_CC_VMAJOR)$(_CC_VMINOR)
 	_MSC_VER_6   = 1200
+	# VC10 (2010) is 16.00.30319.01, VC10SP1 is 16.00.40219.01.
+	_MSC_VER_GE_10SP1 := $(shell expr $(_MSC_VER) \> 1600 \| \
+		$(_MSC_VER) = 1600 \& $(_CC_RELEASE) \>= 40219)
 	# VC12 (2013).
 	_MSC_VER_GE_12 := $(shell expr $(_MSC_VER) \>= 1800)
 	ifeq ($(_CC_VMAJOR),14)
--- a/security/nss/coreconf/coreconf.dep
+++ b/security/nss/coreconf/coreconf.dep
@ -10,4 +10,3 @@
 */

 #error "Do not include this header file."
-
--- a/security/nss/lib/freebl/Makefile
+++ b/security/nss/lib/freebl/Makefile
@ -135,6 +135,13 @@ else
    ifdef BUILD_OPT
 	OPTIMIZER += -Ox  # maximum optimization for freebl
    endif
+    # The Intel AES assembly code requires Visual C++ 2010.
+    # if $(_MSC_VER) >= 1600 (Visual C++ 2010)
+    ifeq ($(firstword $(sort $(_MSC_VER) 1600)),1600)
+	DEFINES += -DUSE_HW_AES -DINTEL_GCM
+	ASFILES += intel-aes-x86-masm.asm intel-gcm-x86-masm.asm
+	EXTRA_SRCS += intel-gcm-wrap.c
+    endif
 endif
 else
    # -DMP_NO_MP_WORD
@ -150,6 +157,13 @@ else
    ASFILES  = arcfour-amd64-masm.asm mpi_amd64_masm.asm mp_comba_amd64_masm.asm
    DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY
    DEFINES += -DNSS_USE_COMBA
+    # The Intel AES assembly code requires Visual C++ 2010 (10.0). The _xgetbv
+    # compiler intrinsic function requires Visual C++ 2010 (10.0) SP1.
+    ifeq ($(_MSC_VER_GE_10SP1),1)
+	DEFINES += -DUSE_HW_AES -DINTEL_GCM
+	ASFILES += intel-aes-x64-masm.asm intel-gcm-x64-masm.asm
+	EXTRA_SRCS += intel-gcm-wrap.c
+    endif
    MPI_SRCS += mpi_amd64.c
 endif
 endif
--- a/security/nss/lib/freebl/intel-gcm-x64-masm.asm
+++ b/security/nss/lib/freebl/intel-gcm-x64-masm.asm
@ -1259,12 +1259,6 @@ LDecDataTail:
        inc KS
        jmp @b
@@:
-        cmp KS, 16
-        je  @f
-        mov BYTE PTR[rsp + KS], 0
-        inc KS
-        jmp @b
-@@:

 LDecDataEnd:

--- a/security/nss/lib/freebl/intel-gcm-x86-masm.asm
+++ b/security/nss/lib/freebl/intel-gcm-x86-masm.asm
@ -840,11 +840,12 @@ LEncDataTail:
    vmovdqa XMMWORD PTR[esp], TMP2
 ; copy as many bytes as needed
    xor KS, KS
+    mov aluTMP, edx
@@:
        cmp len, KS
        je  @f
-        mov di, [PT + KS]
-        mov [esp + KS], di
+        mov dl, BYTE PTR[PT + KS]
+        mov BYTE PTR[esp + KS], dl
        inc KS
        jmp @b
@@:
@ -854,8 +855,8 @@ LEncDataTail:
@@:
        cmp len, KS
        je  @f
-        mov di, [esp + KS]
-        mov [CT + KS], di
+        mov dl, BYTE PTR[esp + KS]
+        mov BYTE PTR[CT + KS], dl
        inc KS
        jmp @b
@@:
@ -865,8 +866,8 @@ LEncDataTail:
        inc KS
        jmp @b
@@:
+    mov edx, aluTMP
    vmovdqa TMP1, XMMWORD PTR[esp]
-
    vpshufb TMP1, TMP1, XMMWORD PTR[Lbswap_mask]
    vpxor   TMP1, TMP1, T

@ -1150,11 +1151,12 @@ LDecDataTail:

 ; copy as many bytes as needed
    xor KS, KS
+    mov aluTMP, edx
@@:
        cmp len, KS
        je  @f
-        mov di, [CT + KS]
-        mov [esp + KS], di
+        mov dl, BYTE PTR[CT + KS]
+        mov BYTE PTR[esp + KS], dl
        inc KS
        jmp @b
@@:
@ -1164,7 +1166,7 @@ LDecDataTail:
        inc KS
        jmp @b
@@:
-
+    mov edx, aluTMP
    vmovdqa TMP1, XMMWORD PTR[esp]
    vpshufb TMP1, TMP1, XMMWORD PTR[Lbswap_mask]
    vpxor   TMP1, TMP1, T
@ -1173,24 +1175,19 @@ LDecDataTail:
    GFMUL   TMP1, TMP1, TMP0, TMP5, TMP2, TMP3, TMP4
    vmovdqu T, TMP1

-
    vpxor   xmm7, xmm7, XMMWORD PTR[esp]
    vmovdqa XMMWORD PTR[esp], xmm7
    xor     KS, KS
+    mov aluTMP, edx
@@:
        cmp len, KS
        je  @f
-        mov di, [esp + KS]
-        mov [PT + KS], di
-        inc KS
-        jmp @b
-@@:
-        cmp KS, 16
-        je  @f
-        mov BYTE PTR[PT + KS], 0
+        mov dl, BYTE PTR[esp + KS]
+        mov BYTE PTR[PT + KS], dl
        inc KS
        jmp @b
@@:
+    mov edx, aluTMP

 LDecDataEnd:

--- a/security/nss/lib/nss/nss.h
+++ b/security/nss/lib/nss/nss.h
@ -33,12 +33,12 @@
 * The format of the version string should be
 *     "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
 */
-#define NSS_VERSION  "3.16.1" _NSS_ECC_STRING _NSS_CUSTOMIZED
+#define NSS_VERSION  "3.16.2" _NSS_ECC_STRING _NSS_CUSTOMIZED " Beta"
 #define NSS_VMAJOR   3
 #define NSS_VMINOR   16
-#define NSS_VPATCH   1
+#define NSS_VPATCH   2
 #define NSS_VBUILD   0
-#define NSS_BETA     PR_FALSE
+#define NSS_BETA     PR_TRUE

 #ifndef RC_INVOKED

--- a/security/nss/lib/softoken/softkver.h
+++ b/security/nss/lib/softoken/softkver.h
@ -25,11 +25,11 @@
 * The format of the version string should be
 *     "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
 */
-#define SOFTOKEN_VERSION  "3.16.1" SOFTOKEN_ECC_STRING
+#define SOFTOKEN_VERSION  "3.16.2" SOFTOKEN_ECC_STRING " Beta"
 #define SOFTOKEN_VMAJOR   3
 #define SOFTOKEN_VMINOR   16
-#define SOFTOKEN_VPATCH   1
+#define SOFTOKEN_VPATCH   2
 #define SOFTOKEN_VBUILD   0
-#define SOFTOKEN_BETA     PR_FALSE
+#define SOFTOKEN_BETA     PR_TRUE

 #endif /* _SOFTKVER_H_ */
--- a/security/nss/lib/util/nssutil.h
+++ b/security/nss/lib/util/nssutil.h
@ -19,12 +19,12 @@
 * The format of the version string should be
 *     "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
 */
-#define NSSUTIL_VERSION  "3.16.1"
+#define NSSUTIL_VERSION  "3.16.2 Beta"
 #define NSSUTIL_VMAJOR   3
 #define NSSUTIL_VMINOR   16
-#define NSSUTIL_VPATCH   1
+#define NSSUTIL_VPATCH   2
 #define NSSUTIL_VBUILD   0
-#define NSSUTIL_BETA     PR_FALSE
+#define NSSUTIL_BETA     PR_TRUE

 SEC_BEGIN_PROTOS