|  | /* Copyright (c) 2017, Google Inc. | 
|  | * | 
|  | * Permission to use, copy, modify, and/or distribute this software for any | 
|  | * purpose with or without fee is hereby granted, provided that the above | 
|  | * copyright notice and this permission notice appear in all copies. | 
|  | * | 
|  | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | 
|  | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | 
|  | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY | 
|  | * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | 
|  | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION | 
|  | * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN | 
|  | * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ | 
|  |  | 
|  | #ifndef OPENSSL_HEADER_FIPSMODULE_DELOCATE_H | 
|  | #define OPENSSL_HEADER_FIPSMODULE_DELOCATE_H | 
|  |  | 
|  | #include <openssl/base.h> | 
|  |  | 
|  | #include "../internal.h" | 
|  |  | 
|  |  | 
|  | #if !defined(BORINGSSL_SHARED_LIBRARY) && defined(BORINGSSL_FIPS) && \ | 
|  | !defined(OPENSSL_ASAN) && !defined(OPENSSL_MSAN) | 
|  | #define DEFINE_BSS_GET(type, name)        \ | 
|  | static type name __attribute__((used)); \ | 
|  | type *name##_bss_get(void) __attribute__((const)); | 
|  | // For FIPS builds we require that CRYPTO_ONCE_INIT be zero. | 
|  | #define DEFINE_STATIC_ONCE(name) DEFINE_BSS_GET(CRYPTO_once_t, name) | 
|  | // For FIPS builds we require that CRYPTO_STATIC_MUTEX_INIT be zero. | 
|  | #define DEFINE_STATIC_MUTEX(name) \ | 
|  | DEFINE_BSS_GET(struct CRYPTO_STATIC_MUTEX, name) | 
|  | // For FIPS builds we require that CRYPTO_EX_DATA_CLASS_INIT be zero. | 
|  | #define DEFINE_STATIC_EX_DATA_CLASS(name) \ | 
|  | DEFINE_BSS_GET(CRYPTO_EX_DATA_CLASS, name) | 
|  | #else | 
|  | #define DEFINE_BSS_GET(type, name) \ | 
|  | static type name;                \ | 
|  | static type *name##_bss_get(void) { return &name; } | 
|  | #define DEFINE_STATIC_ONCE(name)                \ | 
|  | static CRYPTO_once_t name = CRYPTO_ONCE_INIT; \ | 
|  | static CRYPTO_once_t *name##_bss_get(void) { return &name; } | 
|  | #define DEFINE_STATIC_MUTEX(name)                                    \ | 
|  | static struct CRYPTO_STATIC_MUTEX name = CRYPTO_STATIC_MUTEX_INIT; \ | 
|  | static struct CRYPTO_STATIC_MUTEX *name##_bss_get(void) { return &name; } | 
|  | #define DEFINE_STATIC_EX_DATA_CLASS(name)                       \ | 
|  | static CRYPTO_EX_DATA_CLASS name = CRYPTO_EX_DATA_CLASS_INIT; \ | 
|  | static CRYPTO_EX_DATA_CLASS *name##_bss_get(void) { return &name; } | 
|  | #endif | 
|  |  | 
|  | #define DEFINE_DATA(type, name, accessor_decorations)                         \ | 
|  | DEFINE_BSS_GET(type, name##_storage)                                        \ | 
|  | DEFINE_STATIC_ONCE(name##_once)                                             \ | 
|  | static void name##_do_init(type *out);                                      \ | 
|  | static void name##_init(void) { name##_do_init(name##_storage_bss_get()); } \ | 
|  | accessor_decorations type *name(void) {                                     \ | 
|  | CRYPTO_once(name##_once_bss_get(), name##_init);                          \ | 
|  | /* See http://c-faq.com/ansi/constmismatch.html for why the following     \ | 
|  | * cast is needed. */                                                     \ | 
|  | return (const type *)name##_storage_bss_get();                            \ | 
|  | }                                                                           \ | 
|  | static void name##_do_init(type *out) | 
|  |  | 
|  | // DEFINE_METHOD_FUNCTION defines a function named |name| which returns a | 
|  | // method table of type const |type|*. In FIPS mode, to avoid rel.ro data, it | 
|  | // is split into a CRYPTO_once_t-guarded initializer in the module and | 
|  | // unhashed, non-module accessor functions to space reserved in the BSS. The | 
|  | // method table is initialized by a caller-supplied function which takes a | 
|  | // parameter named |out| of type |type|*. The caller should follow the macro | 
|  | // invocation with the body of this function: | 
|  | // | 
|  | //     DEFINE_METHOD_FUNCTION(EVP_MD, EVP_md4) { | 
|  | //       out->type = NID_md4; | 
|  | //       out->md_size = MD4_DIGEST_LENGTH; | 
|  | //       out->flags = 0; | 
|  | //       out->init = md4_init; | 
|  | //       out->update = md4_update; | 
|  | //       out->final = md4_final; | 
|  | //       out->block_size = 64; | 
|  | //       out->ctx_size = sizeof(MD4_CTX); | 
|  | //     } | 
|  | // | 
|  | // This mechanism does not use a static initializer because their execution | 
|  | // order is undefined. See FIPS.md for more details. | 
|  | #define DEFINE_METHOD_FUNCTION(type, name) DEFINE_DATA(type, name, const) | 
|  |  | 
|  | #define DEFINE_LOCAL_DATA(type, name) DEFINE_DATA(type, name, static const) | 
|  |  | 
|  | #endif  // OPENSSL_HEADER_FIPSMODULE_DELOCATE_H |