ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2024-12-20 14:13:16 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

wolfssl: re-enable AES-NI by default for x86_64

Browse Source 
Apply an upstream patch that removes unnecessary CFLAGs, avoiding
generation of incompatible code.

Commit 0bd5367233 is reverted so the
accelerated version builds by default on x86_64.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 639419ec4f)
This commit is contained in:
Eneas U de Queiroz 2022-07-06 17:55:58 -03:00 committed by Christian Marangi
parent ec9f82fa18
commit 4fb05e45df
No known key found for this signature in database
GPG Key ID: AC001D09ADBFEAD7
2 changed files with 45 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
package/libs/wolfssl/Config.in
View File

@ -68,7 +68,7 @@ config WOLFSSL_ASM_CAPABLE
choice choice
prompt "Hardware Acceleration" prompt "Hardware Acceleration"
default WOLFSSL_HAS_CPU_CRYPTO if WOLFSSL_ASM_CAPABLE && !x86_64 default WOLFSSL_HAS_CPU_CRYPTO if WOLFSSL_ASM_CAPABLE
default WOLFSSL_HAS_NO_HW default WOLFSSL_HAS_NO_HW
config WOLFSSL_HAS_NO_HW config WOLFSSL_HAS_NO_HW
@ -80,7 +80,6 @@ choice
help help
This will use Intel AESNI insturctions or armv8 Crypto Extensions. This will use Intel AESNI insturctions or armv8 Crypto Extensions.
Either of them should easily outperform hardware crypto in WolfSSL. Either of them should easily outperform hardware crypto in WolfSSL.
Beware that for Intel, the CPU has to support SSE4 instructions.
config WOLFSSL_HAS_AFALG config WOLFSSL_HAS_AFALG
bool "AF_ALG" bool "AF_ALG"
@ -97,9 +96,5 @@ choice
bool "/dev/crypto - full" bool "/dev/crypto - full"
select WOLFSSL_HAS_DEVCRYPTO select WOLFSSL_HAS_DEVCRYPTO
endchoice endchoice
if x86_64 && WOLFSSL_HAS_CPU_CRYPTO
comment "WARNING: make sure your CPU supports SSE4 instructions"
comment "WolfSSL may crash with an invalid opcode exception"
endif
endif endif

44
package/libs/wolfssl/patches/300-AESNI-fix-configure-to-use-minimal-compiler-flags.patch Normal file
View File

@ -0,0 +1,44 @@
From 9ba77300f9f5dea9f53aed00bf6c33d10b7b2fce Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Thu, 7 Jul 2022 09:30:48 +1000
Subject: [PATCH] AESNI: fix configure to use minimal compiler flags
diff --git a/configure.ac b/configure.ac
index df97ac75c..6abb0c744 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2142,21 +2142,19 @@ then
if test "$ENABLED_AESNI" = "yes" || test "$ENABLED_INTELASM" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AESNI"
- if test "$GCC" = "yes"
+ if test "$CC" != "icc"
then
- # clang needs these flags
- if test "$CC" = "clang"
- then
- AM_CFLAGS="$AM_CFLAGS -maes -mpclmul"
- else
- # GCC needs these flags, icc doesn't
- # opt levels greater than 2 may cause problems on systems w/o
- # aesni
- if test "$CC" != "icc"
- then
- AM_CFLAGS="$AM_CFLAGS -maes -msse4 -mpclmul"
- fi
- fi
+ case $host_os in
+ mingw*)
+ # Windows uses intrinsics for GCM which uses SSE4 instructions.
+ # MSVC has own build files.
+ AM_CFLAGS="$AM_CFLAGS -maes -msse4 -mpclmul"
+ ;;
+ *)
+ # Intrinsics used in AES_set_decrypt_key (TODO: rework)
+ AM_CFLAGS="$AM_CFLAGS -maes"
+ ;;
+ esac
fi
AS_IF([test "x$ENABLED_AESGCM" != "xno"],[AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_AESGCM"])
fi