sync with OpenBSD -current

lib/libcrypto/aes/asm/aes-x86_64.pl

@@ -318,7 +318,7 @@ $code.=<<___;
 .type	_x86_64_AES_encrypt,\@abi-omnipotent
 .align	16
 _x86_64_AES_encrypt:
-	endbr64
+	_CET_ENDBR
 	xor	0($key),$s0			# xor with key
 	xor	4($key),$s1
 	xor	8($key),$s2
@@ -549,7 +549,7 @@ $code.=<<___;
 .type	_x86_64_AES_encrypt_compact,\@abi-omnipotent
 .align	16
 _x86_64_AES_encrypt_compact:
-	endbr64
+	_CET_ENDBR
 	lea	128($sbox),$inp			# size optimization
 	mov	0-128($inp),$acc1		# prefetch Te4
 	mov	32-128($inp),$acc2
@@ -595,7 +595,7 @@ $code.=<<___;
 .hidden	asm_AES_encrypt
 asm_AES_encrypt:
 AES_encrypt:
-	endbr64
+	_CET_ENDBR
 	push	%rbx
 	push	%rbp
 	push	%r12
@@ -887,7 +887,7 @@ $code.=<<___;
 .type	_x86_64_AES_decrypt,\@abi-omnipotent
 .align	16
 _x86_64_AES_decrypt:
-	endbr64
+	_CET_ENDBR
 	xor	0($key),$s0			# xor with key
 	xor	4($key),$s1
 	xor	8($key),$s2
@@ -1142,7 +1142,7 @@ $code.=<<___;
 .type	_x86_64_AES_decrypt_compact,\@abi-omnipotent
 .align	16
 _x86_64_AES_decrypt_compact:
-	endbr64
+	_CET_ENDBR
 	lea	128($sbox),$inp			# size optimization
 	mov	0-128($inp),$acc1		# prefetch Td4
 	mov	32-128($inp),$acc2
@@ -1197,7 +1197,7 @@ $code.=<<___;
 .hidden	asm_AES_decrypt
 asm_AES_decrypt:
 AES_decrypt:
-	endbr64
+	_CET_ENDBR
 	push	%rbx
 	push	%rbp
 	push	%r12
@@ -1297,7 +1297,7 @@ $code.=<<___;
 .type	AES_set_encrypt_key,\@function,3
 .align	16
 AES_set_encrypt_key:
-	endbr64
+	_CET_ENDBR
 	push	%rbx
 	push	%rbp
 	push	%r12			# redundant, but allows to share
@@ -1323,7 +1323,7 @@ AES_set_encrypt_key:
 .type	_x86_64_AES_set_encrypt_key,\@abi-omnipotent
 .align	16
 _x86_64_AES_set_encrypt_key:
-	endbr64
+	_CET_ENDBR
 	mov	%esi,%ecx			# %ecx=bits
 	mov	%rdi,%rsi			# %rsi=userKey
 	mov	%rdx,%rdi			# %rdi=key
@@ -1569,7 +1569,7 @@ $code.=<<___;
 .type	AES_set_decrypt_key,\@function,3
 .align	16
 AES_set_decrypt_key:
-	endbr64
+	_CET_ENDBR
 	push	%rbx
 	push	%rbp
 	push	%r12
@@ -1669,7 +1669,7 @@ $code.=<<___;
 .hidden	asm_AES_cbc_encrypt
 asm_AES_cbc_encrypt:
 AES_cbc_encrypt:
-	endbr64
+	_CET_ENDBR
 	cmp	\$0,%rdx	# check length
 	je	.Lcbc_epilogue
 	pushfq
@@ -2561,7 +2561,7 @@ $code.=<<___;
 .type	block_se_handler,\@abi-omnipotent
 .align	16
 block_se_handler:
-	endbr64
+	_CET_ENDBR
 	push	%rsi
 	push	%rdi
 	push	%rbx
@@ -2620,7 +2620,7 @@ block_se_handler:
 .type	key_se_handler,\@abi-omnipotent
 .align	16
 key_se_handler:
-	endbr64
+	_CET_ENDBR
 	push	%rsi
 	push	%rdi
 	push	%rbx
@@ -2678,7 +2678,7 @@ key_se_handler:
 .type	cbc_se_handler,\@abi-omnipotent
 .align	16
 cbc_se_handler:
-	endbr64
+	_CET_ENDBR
 	push	%rsi
 	push	%rdi
 	push	%rbx

lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl

@@ -89,7 +89,7 @@ $code.=<<___;
 .type	aesni_cbc_sha1_enc,\@abi-omnipotent
 .align	16
 aesni_cbc_sha1_enc:
-	endbr64
+	_CET_ENDBR
 	# caller should check for SSSE3 and AES-NI bits
 	mov	OPENSSL_ia32cap_P+0(%rip),%r10d
 	mov	OPENSSL_ia32cap_P+4(%rip),%r11d
@@ -133,7 +133,7 @@ $code.=<<___;
 .type	aesni_cbc_sha1_enc_ssse3,\@function,6
 .align	16
 aesni_cbc_sha1_enc_ssse3:
-	endbr64
+	_CET_ENDBR
 	mov	`($win64?56:8)`(%rsp),$inp	# load 7th argument
 	#shr	\$6,$len			# debugging artefact
 	#jz	.Lepilogue_ssse3		# debugging artefact
@@ -652,7 +652,7 @@ $code.=<<___;
 .type	aesni_cbc_sha1_enc_avx,\@function,6
 .align	16
 aesni_cbc_sha1_enc_avx:
-	endbr64
+	_CET_ENDBR
 	mov	`($win64?56:8)`(%rsp),$inp	# load 7th argument
 	#shr	\$6,$len			# debugging artefact
 	#jz	.Lepilogue_avx			# debugging artefact
@@ -1103,7 +1103,7 @@ $code.=<<___;
 .type	ssse3_handler,\@abi-omnipotent
 .align	16
 ssse3_handler:
-	endbr64
+	_CET_ENDBR
 	push	%rsi
 	push	%rdi
 	push	%rbx

lib/libcrypto/aes/asm/aesni-x86_64.pl

@@ -242,7 +242,7 @@ $code.=<<___;
 .type	${PREFIX}_encrypt,\@abi-omnipotent
 .align	16
 ${PREFIX}_encrypt:
-	endbr64
+	_CET_ENDBR
 	movups	($inp),$inout0		# load input
 	mov	240($key),$rounds	# key->rounds
 ___
@@ -256,7 +256,7 @@ $code.=<<___;
 .type	${PREFIX}_decrypt,\@abi-omnipotent
 .align	16
 ${PREFIX}_decrypt:
-	endbr64
+	_CET_ENDBR
 	movups	($inp),$inout0		# load input
 	mov	240($key),$rounds	# key->rounds
 ___
@@ -286,7 +286,7 @@ $code.=<<___;
 .type	_aesni_${dir}rypt3,\@abi-omnipotent
 .align	16
 _aesni_${dir}rypt3:
-	endbr64
+	_CET_ENDBR
 	$movkey	($key),$rndkey0
 	shr	\$1,$rounds
 	$movkey	16($key),$rndkey1
@@ -331,7 +331,7 @@ $code.=<<___;
 .type	_aesni_${dir}rypt4,\@abi-omnipotent
 .align	16
 _aesni_${dir}rypt4:
-	endbr64
+	_CET_ENDBR
 	$movkey	($key),$rndkey0
 	shr	\$1,$rounds
 	$movkey	16($key),$rndkey1
@@ -377,7 +377,7 @@ $code.=<<___;
 .type	_aesni_${dir}rypt6,\@abi-omnipotent
 .align	16
 _aesni_${dir}rypt6:
-	endbr64
+	_CET_ENDBR
 	$movkey		($key),$rndkey0
 	shr		\$1,$rounds
 	$movkey		16($key),$rndkey1
@@ -442,7 +442,7 @@ $code.=<<___;
 .type	_aesni_${dir}rypt8,\@abi-omnipotent
 .align	16
 _aesni_${dir}rypt8:
-	endbr64
+	_CET_ENDBR
 	$movkey		($key),$rndkey0
 	shr		\$1,$rounds
 	$movkey		16($key),$rndkey1
@@ -531,7 +531,7 @@ $code.=<<___;
 .type	aesni_ecb_encrypt,\@function,5
 .align	16
 aesni_ecb_encrypt:
-	endbr64
+	_CET_ENDBR
 	and	\$-16,$len
 	jz	.Lecb_ret
 
@@ -838,7 +838,7 @@ $code.=<<___;
 .type	aesni_ccm64_encrypt_blocks,\@function,6
 .align	16
 aesni_ccm64_encrypt_blocks:
-	endbr64
+	_CET_ENDBR
 ___
 $code.=<<___ if ($win64);
 	lea	-0x58(%rsp),%rsp
@@ -919,6 +919,7 @@ $code.=<<___;
 .type	aesni_ccm64_decrypt_blocks,\@function,6
 .align	16
 aesni_ccm64_decrypt_blocks:
+	_CET_ENDBR
 ___
 $code.=<<___ if ($win64);
 	lea	-0x58(%rsp),%rsp
@@ -1027,7 +1028,7 @@ $code.=<<___;
 .type	aesni_ctr32_encrypt_blocks,\@function,5
 .align	16
 aesni_ctr32_encrypt_blocks:
-	endbr64
+	_CET_ENDBR
 	lea	(%rsp),%rax
 	push	%rbp
 	sub	\$$frame_size,%rsp
@@ -1319,6 +1320,7 @@ $code.=<<___;
 .type	aesni_xts_encrypt,\@function,6
 .align	16
 aesni_xts_encrypt:
+	_CET_ENDBR
 	lea	(%rsp),%rax
 	push	%rbp
 	sub	\$$frame_size,%rsp
@@ -1713,6 +1715,7 @@ $code.=<<___;
 .type	aesni_xts_decrypt,\@function,6
 .align	16
 aesni_xts_decrypt:
+	_CET_ENDBR
 	lea	(%rsp),%rax
 	push	%rbp
 	sub	\$$frame_size,%rsp
@@ -2150,6 +2153,7 @@ $code.=<<___;
 .type	${PREFIX}_cbc_encrypt,\@function,6
 .align	16
 ${PREFIX}_cbc_encrypt:
+	_CET_ENDBR
 	test	$len,$len		# check length
 	jz	.Lcbc_ret
 
@@ -2491,7 +2495,7 @@ $code.=<<___;
 .type	${PREFIX}_set_decrypt_key,\@abi-omnipotent
 .align	16
 ${PREFIX}_set_decrypt_key:
-	endbr64
+	_CET_ENDBR
 	sub	\$8,%rsp
 	call	__aesni_set_encrypt_key
 	shl	\$4,$bits		# rounds-1 after _aesni_set_encrypt_key
@@ -2542,7 +2546,7 @@ $code.=<<___;
 .type	${PREFIX}_set_encrypt_key,\@abi-omnipotent
 .align	16
 ${PREFIX}_set_encrypt_key:
-	endbr64
+	_CET_ENDBR
 __aesni_set_encrypt_key:
 	sub	\$8,%rsp
 	mov	\$-1,%rax
@@ -2764,7 +2768,7 @@ $code.=<<___ if ($PREFIX eq "aesni");
 .type	ecb_se_handler,\@abi-omnipotent
 .align	16
 ecb_se_handler:
-	endbr64
+	_CET_ENDBR
 	push	%rsi
 	push	%rdi
 	push	%rbx
@@ -2784,7 +2788,7 @@ ecb_se_handler:
 .type	ccm64_se_handler,\@abi-omnipotent
 .align	16
 ccm64_se_handler:
-	endbr64
+	_CET_ENDBR
 	push	%rsi
 	push	%rdi
 	push	%rbx
@@ -2826,7 +2830,7 @@ ccm64_se_handler:
 .type	ctr32_se_handler,\@abi-omnipotent
 .align	16
 ctr32_se_handler:
-	endbr64
+	_CET_ENDBR
 	push	%rsi
 	push	%rdi
 	push	%rbx
@@ -2862,7 +2866,7 @@ ctr32_se_handler:
 .type	xts_se_handler,\@abi-omnipotent
 .align	16
 xts_se_handler:
-	endbr64
+	_CET_ENDBR
 	push	%rsi
 	push	%rdi
 	push	%rbx
@@ -2904,7 +2908,7 @@ $code.=<<___;
 .type	cbc_se_handler,\@abi-omnipotent
 .align	16
 cbc_se_handler:
-	endbr64
+	_CET_ENDBR
 	push	%rsi
 	push	%rdi
 	push	%rbx

lib/libcrypto/aes/asm/bsaes-x86_64.pl

@@ -813,7 +813,7 @@ $code.=<<___;
 .type	_bsaes_encrypt8,\@abi-omnipotent
 .align	64
 _bsaes_encrypt8:
-	endbr64
+	_CET_ENDBR
 	lea	.LBS0(%rip), $const	# constants table
 
 	movdqa	($key), @XMM[9]		# round 0 key
@@ -878,7 +878,7 @@ $code.=<<___;
 .type	_bsaes_decrypt8,\@abi-omnipotent
 .align	64
 _bsaes_decrypt8:
-	endbr64
+	_CET_ENDBR
 	lea	.LBS0(%rip), $const	# constants table
 
 	movdqa	($key), @XMM[9]		# round 0 key
@@ -970,7 +970,7 @@ $code.=<<___;
 .type	_bsaes_key_convert,\@abi-omnipotent
 .align	16
 _bsaes_key_convert:
-	endbr64
+	_CET_ENDBR
 	lea	.Lmasks(%rip), $const
 	movdqu	($inp), %xmm7		# load round 0 key
 	lea	0x10($inp), $inp
@@ -1060,7 +1060,7 @@ $code.=<<___;
 .type	bsaes_enc_key_convert,\@function,2
 .align	16
 bsaes_enc_key_convert:
-	endbr64
+	_CET_ENDBR
 	mov	240($inp),%r10d		# pass rounds
 	mov	$inp,%rcx		# pass key
 	mov	$out,%rax		# pass key schedule
@@ -1075,7 +1075,7 @@ bsaes_enc_key_convert:
 .align	16
 bsaes_encrypt_128:
 .Lenc128_loop:
-	endbr64
+	_CET_ENDBR
 	movdqu	0x00($inp), @XMM[0]	# load input
 	movdqu	0x10($inp), @XMM[1]
 	movdqu	0x20($inp), @XMM[2]
@@ -1108,7 +1108,7 @@ bsaes_encrypt_128:
 .type	bsaes_dec_key_convert,\@function,2
 .align	16
 bsaes_dec_key_convert:
-	endbr64
+	_CET_ENDBR
 	mov	240($inp),%r10d		# pass rounds
 	mov	$inp,%rcx		# pass key
 	mov	$out,%rax		# pass key schedule
@@ -1123,7 +1123,7 @@ bsaes_dec_key_convert:
 .type	bsaes_decrypt_128,\@function,4
 .align	16
 bsaes_decrypt_128:
-	endbr64
+	_CET_ENDBR
 .Ldec128_loop:
 	movdqu	0x00($inp), @XMM[0]	# load input
 	movdqu	0x10($inp), @XMM[1]
@@ -1169,7 +1169,7 @@ $code.=<<___;
 .type	bsaes_ecb_encrypt_blocks,\@abi-omnipotent
 .align	16
 bsaes_ecb_encrypt_blocks:
-	endbr64
+	_CET_ENDBR
 	mov	%rsp, %rax
 .Lecb_enc_prologue:
 	push	%rbp
@@ -1371,7 +1371,7 @@ $code.=<<___;
 .type	bsaes_ecb_decrypt_blocks,\@abi-omnipotent
 .align	16
 bsaes_ecb_decrypt_blocks:
-	endbr64
+	_CET_ENDBR
 	mov	%rsp, %rax
 .Lecb_dec_prologue:
 	push	%rbp
@@ -1577,7 +1577,7 @@ $code.=<<___;
 .type	bsaes_cbc_encrypt,\@abi-omnipotent
 .align	16
 bsaes_cbc_encrypt:
-	endbr64
+	_CET_ENDBR
 ___
 $code.=<<___ if ($win64);
 	mov	48(%rsp),$arg6		# pull direction flag
@@ -1865,7 +1865,7 @@ $code.=<<___;
 .type	bsaes_ctr32_encrypt_blocks,\@abi-omnipotent
 .align	16
 bsaes_ctr32_encrypt_blocks:
-	endbr64
+	_CET_ENDBR
 	mov	%rsp, %rax
 .Lctr_enc_prologue:
 	push	%rbp
@@ -2107,7 +2107,7 @@ $code.=<<___;
 .type	bsaes_xts_encrypt,\@abi-omnipotent
 .align	16
 bsaes_xts_encrypt:
-	endbr64
+	_CET_ENDBR
 	mov	%rsp, %rax
 .Lxts_enc_prologue:
 	push	%rbp
@@ -2489,7 +2489,7 @@ $code.=<<___;
 .type	bsaes_xts_decrypt,\@abi-omnipotent
 .align	16
 bsaes_xts_decrypt:
-	endbr64
+	_CET_ENDBR
 	mov	%rsp, %rax
 .Lxts_dec_prologue:
 	push	%rbp
@@ -2966,7 +2966,7 @@ $code.=<<___;
 .type	se_handler,\@abi-omnipotent
 .align	16
 se_handler:
-	endbr64
+	_CET_ENDBR
 	push	%rsi
 	push	%rdi
 	push	%rbx

lib/libcrypto/aes/asm/vpaes-x86_64.pl

@@ -82,7 +82,7 @@ $code.=<<___;
 .type	_vpaes_encrypt_core,\@abi-omnipotent
 .align 16
 _vpaes_encrypt_core:
-	endbr64
+	_CET_ENDBR
 	mov	%rdx,	%r9
 	mov	\$16,	%r11
 	mov	240(%rdx),%eax
@@ -173,7 +173,7 @@ _vpaes_encrypt_core:
 .type	_vpaes_decrypt_core,\@abi-omnipotent
 .align	16
 _vpaes_decrypt_core:
-	endbr64
+	_CET_ENDBR
 	mov	%rdx,	%r9		# load key
 	mov	240(%rdx),%eax
 	movdqa	%xmm9,	%xmm1
@@ -281,7 +281,7 @@ _vpaes_decrypt_core:
 .type	_vpaes_schedule_core,\@abi-omnipotent
 .align	16
 _vpaes_schedule_core:
-	endbr64
+	_CET_ENDBR
 	# rdi = key
 	# rsi = size in bits
 	# rdx = buffer
@@ -467,7 +467,7 @@ _vpaes_schedule_core:
 .type	_vpaes_schedule_192_smear,\@abi-omnipotent
 .align	16
 _vpaes_schedule_192_smear:
-	endbr64
+	_CET_ENDBR
 	pshufd	\$0x80,	%xmm6,	%xmm0	# d c 0 0 -> c 0 0 0
 	pxor	%xmm0,	%xmm6		# -> c+d c 0 0
 	pshufd	\$0xFE,	%xmm7,	%xmm0	# b a _ _ -> b b b a
@@ -499,7 +499,7 @@ _vpaes_schedule_192_smear:
 .type	_vpaes_schedule_round,\@abi-omnipotent
 .align	16
 _vpaes_schedule_round:
-	endbr64
+	_CET_ENDBR
 	# extract rcon from xmm8
 	pxor	%xmm1,	%xmm1
 	palignr	\$15,	%xmm8,	%xmm1
@@ -567,7 +567,7 @@ _vpaes_schedule_low_round:
 .type	_vpaes_schedule_transform,\@abi-omnipotent
 .align	16
 _vpaes_schedule_transform:
-	endbr64
+	_CET_ENDBR
 	movdqa	%xmm9,	%xmm1
 	pandn	%xmm0,	%xmm1
 	psrld	\$4,	%xmm1
@@ -606,7 +606,7 @@ _vpaes_schedule_transform:
 .type	_vpaes_schedule_mangle,\@abi-omnipotent
 .align	16
 _vpaes_schedule_mangle:
-	endbr64
+	_CET_ENDBR
 	movdqa	%xmm0,	%xmm4	# save xmm0 for later
 	movdqa	.Lk_mc_forward(%rip),%xmm5
 	test	%rcx, 	%rcx
@@ -680,7 +680,7 @@ _vpaes_schedule_mangle:
 .type	${PREFIX}_set_encrypt_key,\@function,3
 .align	16
 ${PREFIX}_set_encrypt_key:
-	endbr64
+	_CET_ENDBR
 ___
 $code.=<<___ if ($win64);
 	lea	-0xb8(%rsp),%rsp
@@ -729,7 +729,7 @@ $code.=<<___;
 .type	${PREFIX}_set_decrypt_key,\@function,3
 .align	16
 ${PREFIX}_set_decrypt_key:
-	endbr64
+	_CET_ENDBR
 ___
 $code.=<<___ if ($win64);
 	lea	-0xb8(%rsp),%rsp
@@ -783,7 +783,7 @@ $code.=<<___;
 .type	${PREFIX}_encrypt,\@function,3
 .align	16
 ${PREFIX}_encrypt:
-	endbr64
+	_CET_ENDBR
 ___
 $code.=<<___ if ($win64);
 	lea	-0xb8(%rsp),%rsp
@@ -827,7 +827,7 @@ $code.=<<___;
 .type	${PREFIX}_decrypt,\@function,3
 .align	16
 ${PREFIX}_decrypt:
-	endbr64
+	_CET_ENDBR
 ___
 $code.=<<___ if ($win64);
 	lea	-0xb8(%rsp),%rsp
@@ -877,7 +877,7 @@ $code.=<<___;
 .type	${PREFIX}_cbc_encrypt,\@function,6
 .align	16
 ${PREFIX}_cbc_encrypt:
-	endbr64
+	_CET_ENDBR
 	xchg	$key,$len
 ___
 ($len,$key)=($key,$len);
@@ -961,7 +961,7 @@ $code.=<<___;
 .type	_vpaes_preheat,\@abi-omnipotent
 .align	16
 _vpaes_preheat:
-	endbr64
+	_CET_ENDBR
 	lea	.Lk_s0F(%rip), %r10
 	movdqa	-0x20(%r10), %xmm10	# .Lk_inv
 	movdqa	-0x10(%r10), %xmm11	# .Lk_inv+16
@@ -1092,7 +1092,7 @@ $code.=<<___;
 .type	se_handler,\@abi-omnipotent
 .align	16
 se_handler:
-	endbr64
+	_CET_ENDBR
 	push	%rsi
 	push	%rdi
 	push	%rbx