Update third_party/nss to NSS 3.15.4.

nss/lib/freebl/rijndael.c

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifdef FREEBL_NO_DEPEND
 #include "stubs.h"
 #endif
 
 #include "prinit.h"
 #include "prerr.h"
 #include "secerr.h"
 
 #include "prtypes.h"
 #include "blapi.h"
 #include "rijndael.h"
 
 #include "cts.h"
 #include "ctr.h"
 #include "gcm.h"
 
 #if USE_HW_AES
 #include "intel-gcm.h"
 #include "intel-aes.h"
 #include "mpi.h"
 
 static int has_intel_aes = 0;
 static int has_intel_avx = 0;
 static int has_intel_clmul = 0;
 static PRBool use_hw_aes = PR_FALSE;
-static PRBool use_hw_avx = PR_FALSE;
 static PRBool use_hw_gcm = PR_FALSE;
 #endif
 
 /*
  * There are currently five ways to build this code, varying in performance
  * and code size.
  *
  * RIJNDAEL_INCLUDE_TABLES         Include all tables from rijndael32.tab
  * RIJNDAEL_GENERATE_TABLES        Generate tables on first 
  *                                 encryption/decryption, then store them;
@@ skipping 919 matching lines @@
  * BLAPI for the AES cipher, Rijndael.
  *
  ***********************************************************************/
 
 AESContext * AES_AllocateContext(void)
 {
     return PORT_ZNew(AESContext);
 }
 
 
+#if USE_HW_AES
+/*
+ * Adapted from the example code in "How to detect New Instruction support in
+ * the 4th generation Intel Core processor family" by Max Locktyukhin.
+ */
+static PRBool
+check_xcr0_ymm()
+{
+    PRUint32 xcr0;
+#if defined(_MSC_VER)
+    xcr0 = (PRUint32)_xgetbv(0);  /* Requires VS2010 SP1 or later. */
+#else
+    __asm__ ("xgetbv" : "=a" (xcr0) : "c" (0) : "%edx");
+#endif
+    /* Check if xmm and ymm state are enabled in XCR0. */
+    return (xcr0 & 6) == 6;
+}
+#endif
+
 /*
 ** Initialize a new AES context suitable for AES encryption/decryption in
 ** the ECB or CBC mode.
 **      "mode" the mode of operation, which must be NSS_AES or NSS_AES_CBC
 */
 static SECStatus   
 aes_InitContext(AESContext *cx, const unsigned char *key, unsigned int keysize, 
                 const unsigned char *iv, int mode, unsigned int encrypt,
                 unsigned int blocksize)
 {
@@ skipping 26 matching lines @@
     }
 #if USE_HW_AES
     if (has_intel_aes == 0) {
         unsigned long eax, ebx, ecx, edx;
         char *disable_hw_aes = getenv("NSS_DISABLE_HW_AES");
 
         if (disable_hw_aes == NULL) {
             freebl_cpuid(1, &eax, &ebx, &ecx, &edx);
             has_intel_aes = (ecx & (1 << 25)) != 0 ? 1 : -1;
             has_intel_clmul = (ecx & (1 << 1)) != 0 ? 1 : -1;
-            has_intel_avx = (ecx & (1 << 28)) != 0 ? 1 : -1;
+            if ((ecx & (1 << 27)) != 0 && (ecx & (1 << 28)) != 0 &&
+                check_xcr0_ymm()) {
+                has_intel_avx = 1;
+            } else {
+                has_intel_avx = -1;
+            }
         } else {
             has_intel_aes = -1;
             has_intel_avx = -1;
             has_intel_clmul = -1;
         }
     }
     use_hw_aes = (PRBool)
                 (has_intel_aes > 0 && (keysize % 8) == 0 && blocksize == 16);
     use_hw_gcm = (PRBool)
                 (use_hw_aes && has_intel_avx>0 && has_intel_clmul>0);
@@ skipping 234 matching lines @@
         return SECFailure;
     }
     if (maxOutputLen < inputLen) {
         PORT_SetError(SEC_ERROR_OUTPUT_LEN);
         return SECFailure;
     }
     *outputLen = inputLen;
     return (*cx->worker)(cx->worker_cx, output, outputLen, maxOutputLen,        
                              input, inputLen, blocksize);
 }