diff options
| author | Eneas U de Queiroz <cotequeiroz@gmail.com> | 2022-07-06 17:55:58 -0300 |
|---|---|---|
| committer | Christian Marangi <ansuelsmth@gmail.com> | 2022-07-15 07:03:31 +0200 |
| commit | 4fb05e45df7931ebe05dc0b42d781ad3d0a59404 (patch) | |
| tree | 2895f82431386da04a0c6d845d96ad5e8a23796d | |
| parent | ec9f82fa18c7c8deb4875152d7907855d186f4c6 (diff) | |
| download | upstream-4fb05e45df7931ebe05dc0b42d781ad3d0a59404.tar.gz upstream-4fb05e45df7931ebe05dc0b42d781ad3d0a59404.tar.bz2 upstream-4fb05e45df7931ebe05dc0b42d781ad3d0a59404.zip | |
wolfssl: re-enable AES-NI by default for x86_64
Apply an upstream patch that removes unnecessary CFLAGs, avoiding
generation of incompatible code.
Commit 0bd536723303ccd178e289690d073740c928bb34 is reverted so the
accelerated version builds by default on x86_64.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 639419ec4fd1501a9b9857cea96474271ef737b1)
| -rw-r--r-- | package/libs/wolfssl/Config.in | 7 | ||||
| -rw-r--r-- | package/libs/wolfssl/patches/300-AESNI-fix-configure-to-use-minimal-compiler-flags.patch | 44 |
2 files changed, 45 insertions, 6 deletions
diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in index eca9572c49..3d264e7743 100644 --- a/package/libs/wolfssl/Config.in +++ b/package/libs/wolfssl/Config.in @@ -68,7 +68,7 @@ config WOLFSSL_ASM_CAPABLE choice prompt "Hardware Acceleration" - default WOLFSSL_HAS_CPU_CRYPTO if WOLFSSL_ASM_CAPABLE && !x86_64 + default WOLFSSL_HAS_CPU_CRYPTO if WOLFSSL_ASM_CAPABLE default WOLFSSL_HAS_NO_HW config WOLFSSL_HAS_NO_HW @@ -80,7 +80,6 @@ choice help This will use Intel AESNI insturctions or armv8 Crypto Extensions. Either of them should easily outperform hardware crypto in WolfSSL. - Beware that for Intel, the CPU has to support SSE4 instructions. config WOLFSSL_HAS_AFALG bool "AF_ALG" @@ -97,9 +96,5 @@ choice bool "/dev/crypto - full" select WOLFSSL_HAS_DEVCRYPTO endchoice -if x86_64 && WOLFSSL_HAS_CPU_CRYPTO - comment "WARNING: make sure your CPU supports SSE4 instructions" - comment "WolfSSL may crash with an invalid opcode exception" -endif endif diff --git a/package/libs/wolfssl/patches/300-AESNI-fix-configure-to-use-minimal-compiler-flags.patch b/package/libs/wolfssl/patches/300-AESNI-fix-configure-to-use-minimal-compiler-flags.patch new file mode 100644 index 0000000000..d65a117d1e --- /dev/null +++ b/package/libs/wolfssl/patches/300-AESNI-fix-configure-to-use-minimal-compiler-flags.patch @@ -0,0 +1,44 @@ +From 9ba77300f9f5dea9f53aed00bf6c33d10b7b2fce Mon Sep 17 00:00:00 2001 +From: Sean Parkinson <sean@wolfssl.com> +Date: Thu, 7 Jul 2022 09:30:48 +1000 +Subject: [PATCH] AESNI: fix configure to use minimal compiler flags + + +diff --git a/configure.ac b/configure.ac +index df97ac75c..6abb0c744 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -2142,21 +2142,19 @@ then + if test "$ENABLED_AESNI" = "yes" || test "$ENABLED_INTELASM" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AESNI" +- if test "$GCC" = "yes" ++ if test "$CC" != "icc" + then +- # clang needs these flags +- if test "$CC" = "clang" +- then +- AM_CFLAGS="$AM_CFLAGS -maes -mpclmul" +- else +- # GCC needs these flags, icc doesn't +- # opt levels greater than 2 may cause problems on systems w/o +- # aesni +- if test "$CC" != "icc" +- then +- AM_CFLAGS="$AM_CFLAGS -maes -msse4 -mpclmul" +- fi +- fi ++ case $host_os in ++ mingw*) ++ # Windows uses intrinsics for GCM which uses SSE4 instructions. ++ # MSVC has own build files. ++ AM_CFLAGS="$AM_CFLAGS -maes -msse4 -mpclmul" ++ ;; ++ *) ++ # Intrinsics used in AES_set_decrypt_key (TODO: rework) ++ AM_CFLAGS="$AM_CFLAGS -maes" ++ ;; ++ esac + fi + AS_IF([test "x$ENABLED_AESGCM" != "xno"],[AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_AESGCM"]) + fi |