Use |alignas| for alignment.

MSVC doesn't have stdalign.h and so doesn't support |alignas| in C code. Define |alignas(x)| as a synonym for |__decltype(align(x))| instead for it. This also fixes -Wcast-qual warnings in rsaz_exp.c. Change-Id: Ifce9031724cb93f5a4aa1f567e7af61b272df9d5 Reviewed-on: https://boringssl-review.googlesource.com/6924 Reviewed-by: Adam Langley <agl@google.com> Reviewed-by: David Benjamin <davidben@google.com>
author: Brian Smith <brian@briansmith.org> 2016-01-18 09:12:57 +0300
committer: David Benjamin <davidben@google.com> 2016-01-26 02:05:04 +0300
commit: 7cae9f5b6cf48c00997865226241a902a17f861a (patch)
tree: fad0f444cb3c2d6b73567e324e0c4dbd3d93277c /crypto
parent: 34749f47da6106fce8ac80d6a85e780a7cf22834 (diff)
9 files changed, 55 insertions, 72 deletions
diff --git a/crypto/bn/rsaz_exp.c b/crypto/bn/rsaz_exp.c
index c8027520..30f08e5f 100644
--- a/crypto/bn/rsaz_exp.c
+++ b/crypto/bn/rsaz_exp.c
@@ -48,6 +48,9 @@
 
 #include <openssl/mem.h>
 
+#include "../internal.h"
+
+
 /*
  * See crypto/bn/asm/rsaz-avx2.pl for further details.
  */
@@ -58,42 +61,30 @@ void rsaz_1024_scatter5_avx2(void *tbl,const void *val,int i);
 void rsaz_1024_gather5_avx2(void *val,const void *tbl,int i);
 void rsaz_1024_red2norm_avx2(void *norm,const void *red);
 
-#if defined(__GNUC__)
-# define ALIGN64	__attribute__((aligned(64)))
-#elif defined(_MSC_VER)
-# define ALIGN64	__declspec(align(64))
-#elif defined(__SUNPRO_C)
-# define ALIGN64
-# pragma align 64(one,two80)
-#else
-# define ALIGN64	/* not fatal, might hurt performance a little */
-#endif
-
-ALIGN64 static const BN_ULONG one[40] =
+alignas(64) static const BN_ULONG one[40] =
 	{1,0,0,    0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
-ALIGN64 static const BN_ULONG two80[40] =
+alignas(64) static const BN_ULONG two80[40] =
 	{0,0,1<<22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
 
 void RSAZ_1024_mod_exp_avx2(BN_ULONG result_norm[16],
 	const BN_ULONG base_norm[16], const BN_ULONG exponent[16],
 	const BN_ULONG m_norm[16], const BN_ULONG RR[16], BN_ULONG k0)
 {
-	unsigned char	 storage[320*3+32*9*16+64];	/* 5.5KB */
-	unsigned char	*p_str = storage + (64-((size_t)storage%64));
+	alignas(64) uint8_t storage[(320 * 3) + (32 * 9 * 16)]; /* 5.5KB */
 	unsigned char	*a_inv, *m, *result,
-			*table_s = p_str+320*3,
+			*table_s = storage + (320 * 3),
 			*R2      = table_s;	/* borrow */
 	int index;
 	int wvalue;
 
-	if ((((size_t)p_str&4095)+320)>>12) {
-		result = p_str;
-		a_inv = p_str + 320;
-		m = p_str + 320*2;	/* should not cross page */
+	if (((((uintptr_t)storage & 4095) + 320) >> 12) != 0) {
+		result = storage;
+		a_inv = storage + 320;
+		m = storage + (320 * 2); /* should not cross page */
 	} else {
-		m = p_str;		/* should not cross page */
-		result = p_str + 320;
-		a_inv = p_str + 320*2;
+		m = storage;		/* should not cross page */
+		result = storage + 320;
+		a_inv = storage + (320 * 2);
 	}
 
 	rsaz_1024_norm2red_avx2(m, m_norm);
@@ -224,8 +215,9 @@ void RSAZ_1024_mod_exp_avx2(BN_ULONG result_norm[16],
 	rsaz_1024_scatter5_avx2(table_s,result,31);
 #endif
 
+	const uint8_t *p_str = (const uint8_t *)exponent;
+
 	/* load first window */
-	p_str = (unsigned char*)exponent;
 	wvalue = p_str[127] >> 3;
 	rsaz_1024_gather5_avx2(result,table_s,wvalue);
 
@@ -235,7 +227,7 @@ void RSAZ_1024_mod_exp_avx2(BN_ULONG result_norm[16],
 
 		rsaz_1024_sqr_avx2(result, result, m, k0, 5);
 
-		wvalue = *((unsigned short*)&p_str[index/8]);
+		wvalue = *((const unsigned short*)&p_str[index / 8]);
 		wvalue = (wvalue>> (index%8)) & 31;
 		index-=5;
 
@@ -274,11 +266,10 @@ void RSAZ_512_mod_exp(BN_ULONG result[8],
 	const BN_ULONG base[8], const BN_ULONG exponent[8],
 	const BN_ULONG m[8], BN_ULONG k0, const BN_ULONG RR[8])
 {
-	unsigned char	 storage[16*8*8+64*2+64];	/* 1.2KB */
-	unsigned char	*table = storage + (64-((size_t)storage%64));
+	alignas(64) uint8_t storage[(16*8*8) + (64 * 2)]; /* 1.2KB */
+	unsigned char	*table = storage;
 	BN_ULONG	*a_inv = (BN_ULONG *)(table+16*8*8),
 			*temp  = (BN_ULONG *)(table+16*8*8+8*8);
-	unsigned char	*p_str = (unsigned char*)exponent;
 	int index;
 	unsigned int wvalue;
 
@@ -300,6 +291,8 @@ void RSAZ_512_mod_exp(BN_ULONG result[8],
 	for (index=3; index<16; index++)
 		rsaz_512_mul_scatter4(temp, a_inv, m, k0, table, index);
 
+	const uint8_t *p_str = (const uint8_t *)exponent;
+
 	/* load first window */
 	wvalue = p_str[63];
 
diff --git a/crypto/chacha/chacha_vec.c b/crypto/chacha/chacha_vec.c
index 79ec9412..1de59ff6 100644
--- a/crypto/chacha/chacha_vec.c
+++ b/crypto/chacha/chacha_vec.c
@@ -25,6 +25,9 @@
 
 #include <openssl/chacha.h>
 
+#include "../internal.h"
+
+
 #if defined(ASM_GEN) ||          \
     !defined(OPENSSL_WINDOWS) && \
         (defined(OPENSSL_X86_64) || defined(OPENSSL_X86)) && defined(__SSE2__)
@@ -163,10 +166,10 @@ void CRYPTO_chacha_20(
 	const unsigned *kp = (const unsigned *)key;
 #if defined(__ARM_NEON__)
 	uint32_t np[3];
-	uint8_t alignment_buffer[16] __attribute__((aligned(16)));
+	alignas(16) uint8_t alignment_buffer[16];
 #endif
 	vec s0, s1, s2, s3;
-	__attribute__ ((aligned (16))) unsigned chacha_const[] =
+	alignas(16) unsigned chacha_const[] =
 		{0x61707865,0x3320646E,0x79622D32,0x6B206574};
 #if defined(__ARM_NEON__)
 	memcpy(np, nonce, 12);
diff --git a/crypto/cipher/e_chacha20poly1305.c b/crypto/cipher/e_chacha20poly1305.c
index f3849500..de8c9b4b 100644
--- a/crypto/cipher/e_chacha20poly1305.c
+++ b/crypto/cipher/e_chacha20poly1305.c
@@ -23,6 +23,7 @@
 #include <openssl/poly1305.h>
 
 #include "internal.h"
+#include "../internal.h"
 
 
 #define POLY1305_TAG_LEN 16
@@ -79,12 +80,6 @@ static void poly1305_update_length(poly1305_state *poly1305, size_t data_len) {
   CRYPTO_poly1305_update(poly1305, length_bytes, sizeof(length_bytes));
 }
 
-#if defined(__arm__)
-#define ALIGNED __attribute__((aligned(16)))
-#else
-#define ALIGNED
-#endif
-
 typedef void (*aead_poly1305_update)(poly1305_state *ctx, const uint8_t *ad,
                                      size_t ad_len, const uint8_t *ciphertext,
                                      size_t ciphertext_len);
@@ -98,7 +93,7 @@ static void aead_poly1305(aead_poly1305_update update,
                           const uint8_t nonce[12], const uint8_t *ad,
                           size_t ad_len, const uint8_t *ciphertext,
                           size_t ciphertext_len) {
-  uint8_t poly1305_key[32] ALIGNED;
+  alignas(16) uint8_t poly1305_key[32];
   memset(poly1305_key, 0, sizeof(poly1305_key));
   CRYPTO_chacha_20(poly1305_key, poly1305_key, sizeof(poly1305_key),
                    c20_ctx->key, nonce, 0);
@@ -139,7 +134,7 @@ static int seal_impl(aead_poly1305_update poly1305_update,
 
   CRYPTO_chacha_20(out, in, in_len, c20_ctx->key, nonce, 1);
 
-  uint8_t tag[POLY1305_TAG_LEN] ALIGNED;
+  alignas(16) uint8_t tag[POLY1305_TAG_LEN];
   aead_poly1305(poly1305_update, tag, c20_ctx, nonce, ad, ad_len, out, in_len);
 
   memcpy(out + in_len, tag, c20_ctx->tag_len);
@@ -173,7 +168,7 @@ static int open_impl(aead_poly1305_update poly1305_update,
   }
 
   plaintext_len = in_len - c20_ctx->tag_len;
-  uint8_t tag[POLY1305_TAG_LEN] ALIGNED;
+  alignas(16) uint8_t tag[POLY1305_TAG_LEN];
   aead_poly1305(poly1305_update, tag, c20_ctx, nonce, ad, ad_len, in,
                 plaintext_len);
   if (CRYPTO_memcmp(tag, in + plaintext_len, c20_ctx->tag_len) != 0) {
diff --git a/crypto/ec/p256-x86_64-table.h b/crypto/ec/p256-x86_64-table.h
index 5b3254cc..e4705f8e 100644
--- a/crypto/ec/p256-x86_64-table.h
+++ b/crypto/ec/p256-x86_64-table.h
@@ -24,12 +24,7 @@
  * in order to increase the chances of using a large page but that appears to
  * lead to invalid ELF files being produced. */
 
-#if defined(__GNUC__)
-__attribute((aligned(4096)))
-#elif defined(_MSC_VER)
-__declspec(align(4096))
-#endif
-static const BN_ULONG
+static const alignas(4096) BN_ULONG
     ecp_nistz256_precomputed[37][64 * sizeof(P256_POINT_AFFINE) /
                                  sizeof(BN_ULONG)] = {
         {TOBN(0x79e730d4, 0x18a9143c), TOBN(0x75ba95fc, 0x5fedb601),
diff --git a/crypto/ec/p256-x86_64.c b/crypto/ec/p256-x86_64.c
index 2f7023d6..2972483e 100644
--- a/crypto/ec/p256-x86_64.c
+++ b/crypto/ec/p256-x86_64.c
@@ -39,15 +39,6 @@
     !defined(OPENSSL_SMALL)
 
 
-#if defined(__GNUC__)
-#define ALIGN(x) __attribute((aligned(x)))
-#elif defined(_MSC_VER)
-#define ALIGN(x) __declspec(align(x))
-#else
-#define ALIGN(x)
-#endif
-
-#define ALIGNPTR(p, N) ((uint8_t *)p + N - (size_t)p % N)
 #define P256_LIMBS (256 / BN_BITS2)
 
 typedef struct {
@@ -245,7 +236,7 @@ static int ecp_nistz256_windowed_mul(const EC_GROUP *group, P256_POINT *r,
   /* A |P256_POINT| is (3 * 32) = 96 bytes, and the 64-byte alignment should
    * add no more than 63 bytes of overhead. Thus, |table| should require
    * ~1599 ((96 * 16) + 63) bytes of stack space. */
-  ALIGN(64) P256_POINT table[16];
+  alignas(64) P256_POINT table[16];
   uint8_t p_str[33];
 
 
@@ -326,7 +317,7 @@ static int ecp_nistz256_windowed_mul(const EC_GROUP *group, P256_POINT *r,
   ecp_nistz256_point_add(&row[16 - 1], &row[15 - 1], &row[1 - 1]);
 
   BN_ULONG tmp[P256_LIMBS];
-  ALIGN(32) P256_POINT h;
+  alignas(32) P256_POINT h;
   unsigned index = 255;
   unsigned wvalue = p_str[(index - 1) / 8];
   wvalue = (wvalue >> ((index - 1) % 8)) & kMask;
@@ -390,7 +381,7 @@ static int ecp_nistz256_points_mul(
   static const unsigned kWindowSize = 7;
   static const unsigned kMask = (1 << (7 /* kWindowSize */ + 1)) - 1;
 
-  ALIGN(32) union {
+  alignas(32) union {
     P256_POINT p;
     P256_POINT_AFFINE a;
   } t, p;
diff --git a/crypto/internal.h b/crypto/internal.h
index bf45349e..fe4ed731 100644
--- a/crypto/internal.h
+++ b/crypto/internal.h
@@ -112,6 +112,15 @@
 #include <openssl/ex_data.h>
 #include <openssl/thread.h>
 
+#if defined(_MSC_VER)
+#if !defined(__cplusplus) || _MSC_VER < 1900
+#define alignas(x) __declspec(align(x))
+#define alignof __alignof
+#endif
+#else
+#include <stdalign.h>
+#endif
+
 #if defined(OPENSSL_NO_THREADS)
 #elif defined(OPENSSL_WINDOWS)
 #pragma warning(push, 3)
diff --git a/crypto/poly1305/poly1305_arm.c b/crypto/poly1305/poly1305_arm.c
index 5e78dc06..82876e18 100644
--- a/crypto/poly1305/poly1305_arm.c
+++ b/crypto/poly1305/poly1305_arm.c
@@ -21,6 +21,8 @@
 
 #include <string.h>
 
+#include "../internal.h"
+
 
 typedef struct {
   uint32_t v[12]; /* for alignment; only using 10 */
@@ -170,7 +172,7 @@ static void fe1305x2_frombytearray(fe1305x2 *r, const uint8_t *x,
   }
 }
 
-static const fe1305x2 zero __attribute__((aligned(16)));
+static const alignas(16) fe1305x2 zero;
 
 struct poly1305_state_st {
   uint8_t data[sizeof(fe1305x2[5]) + 128];
diff --git a/crypto/poly1305/poly1305_test.cc b/crypto/poly1305/poly1305_test.cc
index 3a726683..cae30a42 100644
--- a/crypto/poly1305/poly1305_test.cc
+++ b/crypto/poly1305/poly1305_test.cc
@@ -20,17 +20,10 @@
 #include <openssl/crypto.h>
 #include <openssl/poly1305.h>
 
+#include "../internal.h"
 #include "../test/file_test.h"
 
 
-// |CRYPTO_poly1305_finish| requires a 16-byte-aligned output.
-#if defined(OPENSSL_WINDOWS)
-// MSVC doesn't support C++11 |alignas|.
-#define ALIGNED __declspec(align(16))
-#else
-#define ALIGNED alignas(16)
-#endif
-
 static bool TestPoly1305(FileTest *t, void *arg) {
   std::vector<uint8_t> key, in, mac;
   if (!t->GetBytes(&key, "Key") ||
@@ -47,7 +40,8 @@ static bool TestPoly1305(FileTest *t, void *arg) {
   poly1305_state state;
   CRYPTO_poly1305_init(&state, key.data());
   CRYPTO_poly1305_update(&state, in.data(), in.size());
-  ALIGNED uint8_t out[16];
+  // |CRYPTO_poly1305_finish| requires a 16-byte-aligned output.
+  alignas(16) uint8_t out[16];
   CRYPTO_poly1305_finish(&state, out);
   if (!t->ExpectBytesEqual(out, 16, mac.data(), mac.size())) {
     t->PrintLine("Single-shot Poly1305 failed.");
diff --git a/crypto/poly1305/poly1305_vec.c b/crypto/poly1305/poly1305_vec.c
index 3235b58b..4a826cc2 100644
--- a/crypto/poly1305/poly1305_vec.c
+++ b/crypto/poly1305/poly1305_vec.c
@@ -20,12 +20,13 @@
 
 #include <openssl/poly1305.h>
 
+#include "../internal.h"
+
 
 #if !defined(OPENSSL_WINDOWS) && defined(OPENSSL_X86_64)
 
 #include <emmintrin.h>
 
-#define ALIGN(x) __attribute__((aligned(x)))
 /* inline is not a keyword in C89. */
 #define INLINE 
 #define U8TO64_LE(m) (*(const uint64_t *)(m))
@@ -35,11 +36,11 @@
 typedef __m128i xmmi;
 typedef unsigned __int128 uint128_t;
 
-static const uint32_t ALIGN(16) poly1305_x64_sse2_message_mask[4] = {
+static const alignas(16) uint32_t poly1305_x64_sse2_message_mask[4] = {
     (1 << 26) - 1, 0, (1 << 26) - 1, 0};
-static const uint32_t ALIGN(16) poly1305_x64_sse2_5[4] = {5, 0, 5, 0};
-static const uint32_t ALIGN(16) poly1305_x64_sse2_1shl128[4] = {(1 << 24), 0,
-                                                                (1 << 24), 0};
+static const alignas(16) uint32_t poly1305_x64_sse2_5[4] = {5, 0, 5, 0};
+static const alignas(16) uint32_t poly1305_x64_sse2_1shl128[4] = {
+    (1 << 24), 0, (1 << 24), 0};
 
 static uint128_t INLINE add128(uint128_t a, uint128_t b) { return a + b; }
author	Brian Smith <brian@briansmith.org>	2016-01-18 09:12:57 +0300
committer	David Benjamin <davidben@google.com>	2016-01-26 02:05:04 +0300
commit	7cae9f5b6cf48c00997865226241a902a17f861a (patch)
tree	fad0f444cb3c2d6b73567e324e0c4dbd3d93277c /crypto
parent	34749f47da6106fce8ac80d6a85e780a7cf22834 (diff)