Google Git
Sign in
boringssl/boringssl/661266ea062f5139de5f1761b5fe637aab8f91a9^!/.
commit
661266ea062f5139de5f1761b5fe637aab8f91a9
[log]
author
David Benjamin <davidben@google.com>
Thu Dec 23 03:42:39 2021 -0500
committer
Adam Langley <agl@google.com>
Fri Jan 07 18:33:50 2022 +0000
tree
779e9f74ce55866d8d7e04a20325d2a22cec7a98
parent
37faa936b5598f5b19a32103d8b221923fc957c0 [diff]
Move CPU detection symbols to crypto/internal.h.

These symbols were not marked OPENSSL_EXPORT, so they weren't really
usable externally anyway. They're also very sensitive to various build
configuration toggles, which don't always get reflected into projects
that include our headers. Move them to crypto/internal.h.

Change-Id: I79a1fcf0b24e398d75a9cc6473bae28ec85cb835
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/50846
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/crypto/chacha/chacha.c b/crypto/chacha/chacha.c
index 64ca1c4..1092b7a 100644
--- a/crypto/chacha/chacha.c
+++ b/crypto/chacha/chacha.c

@@ -19,8 +19,6 @@
 #include <assert.h>
 #include <string.h>
 
-#include <openssl/cpu.h>
-
 #include "../internal.h"
 #include "internal.h"
 

diff --git a/crypto/cipher_extra/e_aesccm.c b/crypto/cipher_extra/e_aesccm.c
index e9e9e16..844b9b9 100644
--- a/crypto/cipher_extra/e_aesccm.c
+++ b/crypto/cipher_extra/e_aesccm.c

@@ -50,7 +50,6 @@
 
 #include <assert.h>
 
-#include <openssl/cpu.h>
 #include <openssl/cipher.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>

diff --git a/crypto/cipher_extra/e_aesgcmsiv.c b/crypto/cipher_extra/e_aesgcmsiv.c
index d717572..9e77375 100644
--- a/crypto/cipher_extra/e_aesgcmsiv.c
+++ b/crypto/cipher_extra/e_aesgcmsiv.c

@@ -17,11 +17,11 @@
 #include <assert.h>
 
 #include <openssl/cipher.h>
-#include <openssl/cpu.h>
 #include <openssl/crypto.h>
 #include <openssl/err.h>
 
 #include "../fipsmodule/cipher/internal.h"
+#include "../internal.h"
 
 
 #define EVP_AEAD_AES_GCM_SIV_NONCE_LEN 12

diff --git a/crypto/cipher_extra/internal.h b/crypto/cipher_extra/internal.h
index a2ec30b..0f5f566 100644
--- a/crypto/cipher_extra/internal.h
+++ b/crypto/cipher_extra/internal.h

@@ -60,7 +60,6 @@
 #include <stdlib.h>
 
 #include <openssl/base.h>
-#include <openssl/cpu.h>
 #include <openssl/type_check.h>
 
 #include "../internal.h"

diff --git a/crypto/cpu_aarch64_apple.c b/crypto/cpu_aarch64_apple.c
index 56012d6..23c8d18 100644
--- a/crypto/cpu_aarch64_apple.c
+++ b/crypto/cpu_aarch64_apple.c

@@ -12,7 +12,7 @@
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
 
-#include <openssl/cpu.h>
+#include "internal.h"
 
 #if defined(OPENSSL_AARCH64) && defined(OPENSSL_APPLE) && \
     !defined(OPENSSL_STATIC_ARMCAP)

diff --git a/crypto/cpu_aarch64_fuchsia.c b/crypto/cpu_aarch64_fuchsia.c
index 5c6d115..4d97f03 100644
--- a/crypto/cpu_aarch64_fuchsia.c
+++ b/crypto/cpu_aarch64_fuchsia.c

@@ -12,7 +12,7 @@
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
 
-#include <openssl/cpu.h>
+#include "internal.h"
 
 #if defined(OPENSSL_AARCH64) && defined(OPENSSL_FUCHSIA) && \
     !defined(OPENSSL_STATIC_ARMCAP)
@@ -23,8 +23,6 @@
 
 #include <openssl/arm_arch.h>
 
-#include "internal.h"
-
 extern uint32_t OPENSSL_armcap_P;
 
 void OPENSSL_cpuid_setup(void) {

diff --git a/crypto/cpu_aarch64_linux.c b/crypto/cpu_aarch64_linux.c
index 6ae870a..4222711 100644
--- a/crypto/cpu_aarch64_linux.c
+++ b/crypto/cpu_aarch64_linux.c

@@ -12,7 +12,7 @@
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
 
-#include <openssl/cpu.h>
+#include "internal.h"
 
 #if defined(OPENSSL_AARCH64) && defined(OPENSSL_LINUX) && \
     !defined(OPENSSL_STATIC_ARMCAP)
@@ -21,8 +21,6 @@
 
 #include <openssl/arm_arch.h>
 
-#include "internal.h"
-
 
 extern uint32_t OPENSSL_armcap_P;
 

diff --git a/crypto/cpu_aarch64_win.c b/crypto/cpu_aarch64_win.c
index 3d0014e..0630f96 100644
--- a/crypto/cpu_aarch64_win.c
+++ b/crypto/cpu_aarch64_win.c

@@ -13,7 +13,7 @@
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
 
-#include <openssl/cpu.h>
+#include "internal.h"
 
 #if defined(OPENSSL_AARCH64) && defined(OPENSSL_WINDOWS) && \
     !defined(OPENSSL_STATIC_ARMCAP)
@@ -22,8 +22,6 @@
 
 #include <openssl/arm_arch.h>
 
-#include "internal.h"
-
 extern uint32_t OPENSSL_armcap_P;
 void OPENSSL_cpuid_setup(void) {
   // We do not need to check for the presence of NEON, as Armv8-A always has it

diff --git a/crypto/cpu_arm.c b/crypto/cpu_arm.c
index e8596ac..3325908 100644
--- a/crypto/cpu_arm.c
+++ b/crypto/cpu_arm.c

@@ -12,7 +12,7 @@
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
 
-#include <openssl/cpu.h>
+#include "internal.h"
 
 #if (defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)) && \
     !defined(OPENSSL_STATIC_ARMCAP)

diff --git a/crypto/cpu_arm_linux.c b/crypto/cpu_arm_linux.c
index d8b878a..67e6a1b 100644
--- a/crypto/cpu_arm_linux.c
+++ b/crypto/cpu_arm_linux.c

@@ -12,7 +12,7 @@
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
 
-#include <openssl/cpu.h>
+#include "internal.h"
 
 #if defined(OPENSSL_ARM) && defined(OPENSSL_LINUX) && \
     !defined(OPENSSL_STATIC_ARMCAP)

diff --git a/crypto/cpu_intel.c b/crypto/cpu_intel.c
index 53ece95..fa96a7f 100644
--- a/crypto/cpu_intel.c
+++ b/crypto/cpu_intel.c

@@ -54,8 +54,7 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.] */
 
-#include <openssl/cpu.h>
-
+#include <openssl/base.h>
 
 #if !defined(OPENSSL_NO_ASM) && (defined(OPENSSL_X86) || defined(OPENSSL_X86_64))
 

diff --git a/crypto/cpu_ppc64le.c b/crypto/cpu_ppc64le.c
index 6cc8aee..a802e37 100644
--- a/crypto/cpu_ppc64le.c
+++ b/crypto/cpu_ppc64le.c

@@ -12,7 +12,7 @@
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
 
-#include <openssl/cpu.h>
+#include <openssl/base.h>
 
 #if defined(OPENSSL_PPC64LE)
 

diff --git a/crypto/crypto.c b/crypto/crypto.c
index b78b122..4be91dc 100644
--- a/crypto/crypto.c
+++ b/crypto/crypto.c

@@ -14,8 +14,6 @@
 
 #include <openssl/crypto.h>
 
-#include <openssl/cpu.h>
-
 #include "fipsmodule/rand/fork_detect.h"
 #include "fipsmodule/rand/internal.h"
 #include "internal.h"

diff --git a/crypto/curve25519/curve25519.c b/crypto/curve25519/curve25519.c
index ea48810..64aa1e6 100644
--- a/crypto/curve25519/curve25519.c
+++ b/crypto/curve25519/curve25519.c

@@ -24,7 +24,6 @@
 #include <assert.h>
 #include <string.h>
 
-#include <openssl/cpu.h>
 #include <openssl/mem.h>
 #include <openssl/rand.h>
 #include <openssl/sha.h>

diff --git a/crypto/fipsmodule/aes/aes.c b/crypto/fipsmodule/aes/aes.c
index f60281d..60f3545 100644
--- a/crypto/fipsmodule/aes/aes.c
+++ b/crypto/fipsmodule/aes/aes.c

@@ -50,8 +50,6 @@
 
 #include <assert.h>
 
-#include <openssl/cpu.h>
-
 #include "internal.h"
 #include "../modes/internal.h"
 

diff --git a/crypto/fipsmodule/aes/internal.h b/crypto/fipsmodule/aes/internal.h
index 5b80695..9f7dd47 100644
--- a/crypto/fipsmodule/aes/internal.h
+++ b/crypto/fipsmodule/aes/internal.h

@@ -17,7 +17,7 @@
 
 #include <stdlib.h>
 
-#include <openssl/cpu.h>
+#include "../../internal.h"
 
 #if defined(__cplusplus)
 extern "C" {

diff --git a/crypto/fipsmodule/bn/exponentiation.c b/crypto/fipsmodule/bn/exponentiation.c
index a0f2549..f5f9dc2 100644
--- a/crypto/fipsmodule/bn/exponentiation.c
+++ b/crypto/fipsmodule/bn/exponentiation.c

@@ -112,7 +112,6 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include <openssl/cpu.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>
 

diff --git a/crypto/fipsmodule/bn/rsaz_exp.h b/crypto/fipsmodule/bn/rsaz_exp.h
index 3b06192..2f0c2c0 100644
--- a/crypto/fipsmodule/bn/rsaz_exp.h
+++ b/crypto/fipsmodule/bn/rsaz_exp.h

@@ -16,9 +16,9 @@
 #define OPENSSL_HEADER_BN_RSAZ_EXP_H
 
 #include <openssl/bn.h>
-#include <openssl/cpu.h>
 
 #include "internal.h"
+#include "../../internal.h"
 
 #if defined(__cplusplus)
 extern "C" {

diff --git a/crypto/fipsmodule/cipher/e_aes.c b/crypto/fipsmodule/cipher/e_aes.c
index 76f4066..7e7c1a8 100644
--- a/crypto/fipsmodule/cipher/e_aes.c
+++ b/crypto/fipsmodule/cipher/e_aes.c

@@ -52,7 +52,6 @@
 #include <openssl/aead.h>
 #include <openssl/aes.h>
 #include <openssl/cipher.h>
-#include <openssl/cpu.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>
 #include <openssl/nid.h>

diff --git a/crypto/fipsmodule/ec/p256-x86_64.c b/crypto/fipsmodule/ec/p256-x86_64.c
index 29ae193..99deb36 100644
--- a/crypto/fipsmodule/ec/p256-x86_64.c
+++ b/crypto/fipsmodule/ec/p256-x86_64.c

@@ -23,7 +23,6 @@
 #include <string.h>
 
 #include <openssl/bn.h>
-#include <openssl/cpu.h>
 #include <openssl/crypto.h>
 #include <openssl/err.h>
 

diff --git a/crypto/fipsmodule/ec/p256-x86_64_test.cc b/crypto/fipsmodule/ec/p256-x86_64_test.cc
index f699fc8..a083f3d 100644
--- a/crypto/fipsmodule/ec/p256-x86_64_test.cc
+++ b/crypto/fipsmodule/ec/p256-x86_64_test.cc

@@ -20,7 +20,6 @@
 #include <gtest/gtest.h>
 
 #include <openssl/bn.h>
-#include <openssl/cpu.h>
 #include <openssl/ec.h>
 #include <openssl/mem.h>
 #include <openssl/nid.h>

diff --git a/crypto/fipsmodule/modes/gcm.c b/crypto/fipsmodule/modes/gcm.c
index b010cd5..28218b4 100644
--- a/crypto/fipsmodule/modes/gcm.c
+++ b/crypto/fipsmodule/modes/gcm.c

@@ -52,7 +52,6 @@
 #include <string.h>
 
 #include <openssl/mem.h>
-#include <openssl/cpu.h>
 
 #include "internal.h"
 #include "../../internal.h"

diff --git a/crypto/fipsmodule/modes/gcm_test.cc b/crypto/fipsmodule/modes/gcm_test.cc
index 02ba2d1..539b764 100644
--- a/crypto/fipsmodule/modes/gcm_test.cc
+++ b/crypto/fipsmodule/modes/gcm_test.cc

@@ -54,8 +54,8 @@
 #include <gtest/gtest.h>
 
 #include <openssl/aes.h>
-#include <openssl/cpu.h>
 
+#include "../../internal.h"
 #include "../../test/abi_test.h"
 #include "../../test/file_test.h"
 #include "../../test/test_util.h"

diff --git a/crypto/fipsmodule/modes/internal.h b/crypto/fipsmodule/modes/internal.h
index 2fea558..f022f9b 100644
--- a/crypto/fipsmodule/modes/internal.h
+++ b/crypto/fipsmodule/modes/internal.h

@@ -52,7 +52,6 @@
 #include <openssl/base.h>
 
 #include <openssl/aes.h>
-#include <openssl/cpu.h>
 
 #include <stdlib.h>
 #include <string.h>

diff --git a/crypto/fipsmodule/rand/internal.h b/crypto/fipsmodule/rand/internal.h
index 127e5d1..bbeef76 100644
--- a/crypto/fipsmodule/rand/internal.h
+++ b/crypto/fipsmodule/rand/internal.h

@@ -16,7 +16,6 @@
 #define OPENSSL_HEADER_CRYPTO_RAND_INTERNAL_H
 
 #include <openssl/aes.h>
-#include <openssl/cpu.h>
 
 #include "../../internal.h"
 #include "../modes/internal.h"

diff --git a/crypto/fipsmodule/rand/rand.c b/crypto/fipsmodule/rand/rand.c
index 0fc9fa1..9c54fc5 100644
--- a/crypto/fipsmodule/rand/rand.c
+++ b/crypto/fipsmodule/rand/rand.c

@@ -23,7 +23,6 @@
 #endif
 
 #include <openssl/chacha.h>
-#include <openssl/cpu.h>
 #include <openssl/mem.h>
 #include <openssl/type_check.h>
 

diff --git a/crypto/hrss/hrss.c b/crypto/hrss/hrss.c
index 0247001..558c456 100644
--- a/crypto/hrss/hrss.c
+++ b/crypto/hrss/hrss.c

@@ -19,7 +19,6 @@
 #include <stdlib.h>
 
 #include <openssl/bn.h>
-#include <openssl/cpu.h>
 #include <openssl/hmac.h>
 #include <openssl/mem.h>
 #include <openssl/rand.h>

diff --git a/crypto/hrss/hrss_test.cc b/crypto/hrss/hrss_test.cc
index 7adbe9e..0693c82 100644
--- a/crypto/hrss/hrss_test.cc
+++ b/crypto/hrss/hrss_test.cc

@@ -14,10 +14,10 @@
 
 #include <gtest/gtest.h>
 
-#include <openssl/cpu.h>
 #include <openssl/hrss.h>
 #include <openssl/rand.h>
 
+#include "../internal.h"
 #include "../test/abi_test.h"
 #include "../test/test_util.h"
 #include "internal.h"

diff --git a/crypto/impl_dispatch_test.cc b/crypto/impl_dispatch_test.cc
index 10a4d1b..dae9e96 100644
--- a/crypto/impl_dispatch_test.cc
+++ b/crypto/impl_dispatch_test.cc

@@ -22,7 +22,6 @@
 
 #include <openssl/aead.h>
 #include <openssl/aes.h>
-#include <openssl/cpu.h>
 #include <openssl/mem.h>
 
 #include <gtest/gtest.h>

diff --git a/crypto/internal.h b/crypto/internal.h
index 41c42dd..5937250 100644
--- a/crypto/internal.h
+++ b/crypto/internal.h

@@ -952,6 +952,124 @@
 OPENSSL_INLINE void boringssl_fips_inc_counter(enum fips_counter_t counter) {}
 #endif
 
+
+// Runtime CPU feature support
+
+#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
+// OPENSSL_ia32cap_P contains the Intel CPUID bits when running on an x86 or
+// x86-64 system.
+//
+//   Index 0:
+//     EDX for CPUID where EAX = 1
+//     Bit 20 is always zero
+//     Bit 28 is adjusted to reflect whether the data cache is shared between
+//       multiple logical cores
+//     Bit 30 is used to indicate an Intel CPU
+//   Index 1:
+//     ECX for CPUID where EAX = 1
+//     Bit 11 is used to indicate AMD XOP support, not SDBG
+//   Index 2:
+//     EBX for CPUID where EAX = 7
+//   Index 3:
+//     ECX for CPUID where EAX = 7
+//
+// Note: the CPUID bits are pre-adjusted for the OSXSAVE bit and the YMM and XMM
+// bits in XCR0, so it is not necessary to check those.
+extern uint32_t OPENSSL_ia32cap_P[4];
+
+#if defined(BORINGSSL_FIPS) && !defined(BORINGSSL_SHARED_LIBRARY)
+const uint32_t *OPENSSL_ia32cap_get(void);
+#else
+OPENSSL_INLINE const uint32_t *OPENSSL_ia32cap_get(void) {
+  return OPENSSL_ia32cap_P;
+}
+#endif
+
+#endif
+
+#if defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
+
+#if defined(OPENSSL_APPLE) && defined(OPENSSL_ARM)
+// We do not detect any features at runtime for Apple's 32-bit ARM platforms. On
+// 64-bit ARM, we detect some post-ARMv8.0 features.
+#define OPENSSL_STATIC_ARMCAP
+#endif
+
+#if !defined(OPENSSL_STATIC_ARMCAP)
+// CRYPTO_is_NEON_capable_at_runtime returns true if the current CPU has a NEON
+// unit. Note that |OPENSSL_armcap_P| also exists and contains the same
+// information in a form that's easier for assembly to use.
+OPENSSL_EXPORT int CRYPTO_is_NEON_capable_at_runtime(void);
+
+// CRYPTO_is_ARMv8_AES_capable_at_runtime returns true if the current CPU
+// supports the ARMv8 AES instruction.
+int CRYPTO_is_ARMv8_AES_capable_at_runtime(void);
+
+// CRYPTO_is_ARMv8_PMULL_capable_at_runtime returns true if the current CPU
+// supports the ARMv8 PMULL instruction.
+int CRYPTO_is_ARMv8_PMULL_capable_at_runtime(void);
+#endif  // !OPENSSL_STATIC_ARMCAP
+
+// CRYPTO_is_NEON_capable returns true if the current CPU has a NEON unit. If
+// this is known statically, it is a constant inline function.
+OPENSSL_INLINE int CRYPTO_is_NEON_capable(void) {
+#if defined(__ARM_NEON__) || defined(__ARM_NEON) || \
+    defined(OPENSSL_STATIC_ARMCAP_NEON)
+  return 1;
+#elif defined(OPENSSL_STATIC_ARMCAP)
+  return 0;
+#else
+  return CRYPTO_is_NEON_capable_at_runtime();
+#endif
+}
+
+OPENSSL_INLINE int CRYPTO_is_ARMv8_AES_capable(void) {
+#if defined(OPENSSL_STATIC_ARMCAP_AES) || defined(__ARM_FEATURE_CRYPTO)
+  return 1;
+#elif defined(OPENSSL_STATIC_ARMCAP)
+  return 0;
+#else
+  return CRYPTO_is_ARMv8_AES_capable_at_runtime();
+#endif
+}
+
+OPENSSL_INLINE int CRYPTO_is_ARMv8_PMULL_capable(void) {
+#if defined(OPENSSL_STATIC_ARMCAP_PMULL) || defined(__ARM_FEATURE_CRYPTO)
+  return 1;
+#elif defined(OPENSSL_STATIC_ARMCAP)
+  return 0;
+#else
+  return CRYPTO_is_ARMv8_PMULL_capable_at_runtime();
+#endif
+}
+
+#endif  // OPENSSL_ARM || OPENSSL_AARCH64
+
+#if defined(OPENSSL_PPC64LE)
+
+// CRYPTO_is_PPC64LE_vcrypto_capable returns true iff the current CPU supports
+// the Vector.AES category of instructions.
+int CRYPTO_is_PPC64LE_vcrypto_capable(void);
+
+extern unsigned long OPENSSL_ppc64le_hwcap2;
+
+#endif  // OPENSSL_PPC64LE
+
+#if defined(BORINGSSL_DISPATCH_TEST)
+// Runtime CPU dispatch testing support
+
+// BORINGSSL_function_hit is an array of flags. The following functions will
+// set these flags if BORINGSSL_DISPATCH_TEST is defined.
+//   0: aes_hw_ctr32_encrypt_blocks
+//   1: aes_hw_encrypt
+//   2: aesni_gcm_encrypt
+//   3: aes_hw_set_encrypt_key
+//   4: vpaes_encrypt
+//   5: vpaes_set_encrypt_key
+extern uint8_t BORINGSSL_function_hit[7];
+#endif  // BORINGSSL_DISPATCH_TEST
+
+
 #if defined(__cplusplus)
 }  // extern C
 #endif

diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c
index c07b1e9..2eb3974 100644
--- a/crypto/poly1305/poly1305.c
+++ b/crypto/poly1305/poly1305.c

@@ -20,8 +20,6 @@
 
 #include <string.h>
 
-#include <openssl/cpu.h>
-
 #include "internal.h"
 #include "../internal.h"
 

diff --git a/crypto/rand_extra/rand_test.cc b/crypto/rand_extra/rand_test.cc
index 7f7c19f..2ed1deb 100644
--- a/crypto/rand_extra/rand_test.cc
+++ b/crypto/rand_extra/rand_test.cc

@@ -18,7 +18,6 @@
 
 #include <gtest/gtest.h>
 
-#include <openssl/cpu.h>
 #include <openssl/span.h>
 
 #include "../fipsmodule/rand/fork_detect.h"

diff --git a/crypto/test/gtest_main.cc b/crypto/test/gtest_main.cc
index a79f263..591cef7 100644
--- a/crypto/test/gtest_main.cc
+++ b/crypto/test/gtest_main.cc

@@ -17,7 +17,6 @@
 
 #include <gtest/gtest.h>
 
-#include <openssl/cpu.h>
 #include <openssl/rand.h>
 
 #include "abi_test.h"

diff --git a/include/openssl/cpu.h b/include/openssl/cpu.h
index 9331e04..d865020 100644
--- a/include/openssl/cpu.h
+++ b/include/openssl/cpu.h

@@ -1,195 +1,18 @@
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/* Copyright (c) 2014, Google Inc.
  *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
  *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com). */
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
 
-#ifndef OPENSSL_HEADER_CPU_H
-#define OPENSSL_HEADER_CPU_H
+// This header is provided for compatibility with older revisions of BoringSSL.
+// TODO(davidben): Remove this header.
 
-#include <openssl/base.h>
-
-#include <openssl/crypto.h>
-
-#if defined(__cplusplus)
-extern "C" {
-#endif
-
-
-// Runtime CPU feature support
-
-
-#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
-// OPENSSL_ia32cap_P contains the Intel CPUID bits when running on an x86 or
-// x86-64 system.
-//
-//   Index 0:
-//     EDX for CPUID where EAX = 1
-//     Bit 20 is always zero
-//     Bit 28 is adjusted to reflect whether the data cache is shared between
-//       multiple logical cores
-//     Bit 30 is used to indicate an Intel CPU
-//   Index 1:
-//     ECX for CPUID where EAX = 1
-//     Bit 11 is used to indicate AMD XOP support, not SDBG
-//   Index 2:
-//     EBX for CPUID where EAX = 7
-//   Index 3:
-//     ECX for CPUID where EAX = 7
-//
-// Note: the CPUID bits are pre-adjusted for the OSXSAVE bit and the YMM and XMM
-// bits in XCR0, so it is not necessary to check those.
-extern uint32_t OPENSSL_ia32cap_P[4];
-
-#if defined(BORINGSSL_FIPS) && !defined(BORINGSSL_SHARED_LIBRARY)
-const uint32_t *OPENSSL_ia32cap_get(void);
-#else
-OPENSSL_INLINE const uint32_t *OPENSSL_ia32cap_get(void) {
-  return OPENSSL_ia32cap_P;
-}
-#endif
-
-#endif
-
-#if defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
-
-#if defined(OPENSSL_APPLE) && defined(OPENSSL_ARM)
-// We do not detect any features at runtime for Apple's 32-bit ARM platforms. On
-// 64-bit ARM, we detect some post-ARMv8.0 features.
-#define OPENSSL_STATIC_ARMCAP
-#endif
-
-#if !defined(OPENSSL_STATIC_ARMCAP)
-// CRYPTO_is_NEON_capable_at_runtime returns true if the current CPU has a NEON
-// unit. Note that |OPENSSL_armcap_P| also exists and contains the same
-// information in a form that's easier for assembly to use.
-OPENSSL_EXPORT int CRYPTO_is_NEON_capable_at_runtime(void);
-
-// CRYPTO_is_ARMv8_AES_capable_at_runtime returns true if the current CPU
-// supports the ARMv8 AES instruction.
-int CRYPTO_is_ARMv8_AES_capable_at_runtime(void);
-
-// CRYPTO_is_ARMv8_PMULL_capable_at_runtime returns true if the current CPU
-// supports the ARMv8 PMULL instruction.
-int CRYPTO_is_ARMv8_PMULL_capable_at_runtime(void);
-#endif  // !OPENSSL_STATIC_ARMCAP
-
-// CRYPTO_is_NEON_capable returns true if the current CPU has a NEON unit. If
-// this is known statically, it is a constant inline function.
-OPENSSL_INLINE int CRYPTO_is_NEON_capable(void) {
-#if defined(__ARM_NEON__) || defined(__ARM_NEON) || \
-    defined(OPENSSL_STATIC_ARMCAP_NEON)
-  return 1;
-#elif defined(OPENSSL_STATIC_ARMCAP)
-  return 0;
-#else
-  return CRYPTO_is_NEON_capable_at_runtime();
-#endif
-}
-
-OPENSSL_INLINE int CRYPTO_is_ARMv8_AES_capable(void) {
-#if defined(OPENSSL_STATIC_ARMCAP_AES) || defined(__ARM_FEATURE_CRYPTO)
-  return 1;
-#elif defined(OPENSSL_STATIC_ARMCAP)
-  return 0;
-#else
-  return CRYPTO_is_ARMv8_AES_capable_at_runtime();
-#endif
-}
-
-OPENSSL_INLINE int CRYPTO_is_ARMv8_PMULL_capable(void) {
-#if defined(OPENSSL_STATIC_ARMCAP_PMULL) || defined(__ARM_FEATURE_CRYPTO)
-  return 1;
-#elif defined(OPENSSL_STATIC_ARMCAP)
-  return 0;
-#else
-  return CRYPTO_is_ARMv8_PMULL_capable_at_runtime();
-#endif
-}
-
-#endif  // OPENSSL_ARM || OPENSSL_AARCH64
-
-#if defined(OPENSSL_PPC64LE)
-
-// CRYPTO_is_PPC64LE_vcrypto_capable returns true iff the current CPU supports
-// the Vector.AES category of instructions.
-int CRYPTO_is_PPC64LE_vcrypto_capable(void);
-
-extern unsigned long OPENSSL_ppc64le_hwcap2;
-
-#endif  // OPENSSL_PPC64LE
-
-#if defined(BORINGSSL_DISPATCH_TEST)
-// Runtime CPU dispatch testing support
-
-// BORINGSSL_function_hit is an array of flags. The following functions will
-// set these flags if BORINGSSL_DISPATCH_TEST is defined.
-//   0: aes_hw_ctr32_encrypt_blocks
-//   1: aes_hw_encrypt
-//   2: aesni_gcm_encrypt
-//   3: aes_hw_set_encrypt_key
-//   4: vpaes_encrypt
-//   5: vpaes_set_encrypt_key
-extern uint8_t BORINGSSL_function_hit[7];
-#endif  // BORINGSSL_DISPATCH_TEST
-
-
-#if defined(__cplusplus)
-}  // extern C
-#endif
-
-#endif  // OPENSSL_HEADER_CPU_H
+#include "crypto.h"

diff --git a/util/doc.config b/util/doc.config
index 12fdefc..81da8bd 100644
--- a/util/doc.config
+++ b/util/doc.config

@@ -8,7 +8,6 @@
       "include/openssl/buf.h",
       "include/openssl/bytestring.h",
       "include/openssl/err.h",
-      "include/openssl/cpu.h",
       "include/openssl/crypto.h",
       "include/openssl/ex_data.h",
       "include/openssl/lhash.h",