Move public APIs from cpu.h to crypto.h.
cpu.h contains almost entirely private symbols, which aren't reliably
usable outside the library because they lack OPENSSL_EXPORT. (And can't
have OPENSSL_EXPORT. The linker wants references to exported symbols to
go through the GOT, and our assembly doesn't do that.) In preparation
for unexporting them, move the few public APIs to crypto.h. They seem
similar in spirit to functions like CRYPTO_has_asm.
Update-Note: As part of this, I conditioned cpu-arm-linux.c on
OPENSSL_LINUX, so that the header files can have accurate conditions.
This means unrecognized ARM platforms that do not set
OPENSSL_STATIC_ARMCAP will fail to build, where previously we defaulted
to the Linux mechanisms. This matches cpu-aarch64-linux.c, which is
already gated on OPENSSL_LINUX. (And the file is quite Linux-specific.
Even if a non-Linux ELF target used getauxval for ARM capabilities, it's
unlikely that our hardcoded constants and /proc behavior applies
anyway.)
Change-Id: I1ee9eb72097be619d3f28a51b1ea058b3c37d05a
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/50845
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
diff --git a/crypto/cpu_arm_linux.c b/crypto/cpu_arm_linux.c
index 0ffd9a4..d8b878a 100644
--- a/crypto/cpu_arm_linux.c
+++ b/crypto/cpu_arm_linux.c
@@ -14,7 +14,8 @@
#include <openssl/cpu.h>
-#if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP)
+#if defined(OPENSSL_ARM) && defined(OPENSSL_LINUX) && \
+ !defined(OPENSSL_STATIC_ARMCAP)
#include <errno.h>
#include <fcntl.h>
#include <sys/types.h>
@@ -226,4 +227,4 @@
int CRYPTO_needs_hwcap2_workaround(void) { return g_needs_hwcap2_workaround; }
-#endif // OPENSSL_ARM && !OPENSSL_STATIC_ARMCAP
+#endif // OPENSSL_ARM && OPENSSL_LINUX && !OPENSSL_STATIC_ARMCAP
diff --git a/include/openssl/cpu.h b/include/openssl/cpu.h
index e71fbec..9331e04 100644
--- a/include/openssl/cpu.h
+++ b/include/openssl/cpu.h
@@ -63,6 +63,8 @@
#include <openssl/base.h>
+#include <openssl/crypto.h>
+
#if defined(__cplusplus)
extern "C" {
#endif
@@ -124,16 +126,6 @@
// CRYPTO_is_ARMv8_PMULL_capable_at_runtime returns true if the current CPU
// supports the ARMv8 PMULL instruction.
int CRYPTO_is_ARMv8_PMULL_capable_at_runtime(void);
-
-#if defined(OPENSSL_ARM)
-// CRYPTO_has_broken_NEON returns one if the current CPU is known to have a
-// broken NEON unit. See https://crbug.com/341598.
-OPENSSL_EXPORT int CRYPTO_has_broken_NEON(void);
-
-// CRYPTO_needs_hwcap2_workaround returns one if the ARMv8 AArch32 AT_HWCAP2
-// workaround was needed. See https://crbug.com/boringssl/46.
-OPENSSL_EXPORT int CRYPTO_needs_hwcap2_workaround(void);
-#endif
#endif // !OPENSSL_STATIC_ARMCAP
// CRYPTO_is_NEON_capable returns true if the current CPU has a NEON unit. If
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index 93b1a9b..0824b93 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -67,6 +67,17 @@
// SANDBOXING.md in the source tree.
OPENSSL_EXPORT void CRYPTO_pre_sandbox_init(void);
+#if defined(OPENSSL_ARM) && defined(OPENSSL_LINUX) && \
+ !defined(OPENSSL_STATIC_ARMCAP)
+// CRYPTO_has_broken_NEON returns one if the current CPU is known to have a
+// broken NEON unit. See https://crbug.com/341598.
+OPENSSL_EXPORT int CRYPTO_has_broken_NEON(void);
+
+// CRYPTO_needs_hwcap2_workaround returns one if the ARMv8 AArch32 AT_HWCAP2
+// workaround was needed. See https://crbug.com/boringssl/46.
+OPENSSL_EXPORT int CRYPTO_needs_hwcap2_workaround(void);
+#endif // OPENSSL_ARM && OPENSSL_LINUX && !OPENSSL_STATIC_ARMCAP
+
// FIPS monitoring
