Fix beeu_mod_inverse_vartime CFI annotations and preamble.
This was also caught by the in-progress unwind tester. There are two
issues here. First, .cfi_endproc must come after ret to fully cover the
function. More importantly, this function is confused about whether it
has a frame pointer or not.
It looks like it does (movq %rsp, %rbp), and annotates accordingly, but
it does not actually use the frame pointer. It cannot. $y4 is rbp and
gets clobbered immediately after the preamble!
Remove this instruction and align the CFI annotations with a
frame-pointer-less function.
Bug: 181
Change-Id: I47b5f9798b3bcee1748e537b21c173d312a14b42
Reviewed-on: https://boringssl-review.googlesource.com/c/33947
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/crypto/fipsmodule/ec/asm/p256_beeu-x86_64-asm.pl b/crypto/fipsmodule/ec/asm/p256_beeu-x86_64-asm.pl
index 12b9f5a..0bb6547 100644
--- a/crypto/fipsmodule/ec/asm/p256_beeu-x86_64-asm.pl
+++ b/crypto/fipsmodule/ec/asm/p256_beeu-x86_64-asm.pl
@@ -156,9 +156,6 @@
.cfi_startproc
push %rbp
.cfi_push rbp
- movq %rsp, %rbp
-.cfi_def_cfa_register rbp
-
push %r12
.cfi_push r12
push %r13
@@ -173,6 +170,7 @@
.cfi_push rsi
sub \$$last_rsp_offset, %rsp
+.cfi_adjust_cfa_offset $last_rsp_offset
movq $out, $out_rsp(%rsp)
# X=1, Y=0
@@ -380,6 +378,7 @@
.Lbeeu_finish:
add \$$last_rsp_offset, %rsp
+.cfi_adjust_cfa_offset -$last_rsp_offset
pop %rsi
.cfi_pop rsi
pop %rbx
@@ -394,9 +393,8 @@
.cfi_pop r12
pop %rbp
.cfi_pop rbp
-.cfi_def_cfa rsp, 8
-.cfi_endproc
ret
+.cfi_endproc
.size beeu_mod_inverse_vartime, .-beeu_mod_inverse_vartime
___