Reenable AES-NI in libcrypto

The OPENSSL_cpu_caps() change after the last bump missed a crucial bit:
there is more MD mess in the MI code than anticipated, with the result
that AES is now used without AES-NI on amd64 and i386, hurting machines
that previously greatly benefitted from it.

Temporarily add an internal crypto_cpu_caps_ia32() API that returns the
OPENSSL_ia32cap_P or 0 like OPENSSL_cpu_caps() previously did. This can
be improved after the release.

Regression reported and fix tested by Mark Patruck.
No impact on public ABI or API.

with/ok jsing

PS: Next time my pkg_add feels very slow, I should perhaps not mechanically
blame IEEE 802.11...

1 files changed, 5 insertions, 3 deletions

diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
index 6135c7d84a..7753c18c15 100644
--- a/src/lib/libcrypto/evp/e_aes.c
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_aes.c,v 1.58 2024/04/09 13:52:41 beck Exp $ */
+/* $OpenBSD: e_aes.c,v 1.59 2024/09/06 09:57:32 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -55,6 +55,8 @@
 
 #include <openssl/opensslconf.h>
 
+#include "crypto_internal.h"
+
 #ifndef OPENSSL_NO_AES
 #include <openssl/aes.h>
 #include <openssl/err.h>
@@ -154,7 +156,7 @@ void AES_xts_decrypt(const char *inp, char *out, size_t len,
 #include "x86_arch.h"
 
 #ifdef VPAES_ASM
-#define VPAES_CAPABLE   (OPENSSL_cpu_caps() & CPUCAP_MASK_SSSE3)
+#define VPAES_CAPABLE   (crypto_cpu_caps_ia32() & CPUCAP_MASK_SSSE3)
 #endif
 #ifdef BSAES_ASM
 #define BSAES_CAPABLE   VPAES_CAPABLE
@@ -162,7 +164,7 @@ void AES_xts_decrypt(const char *inp, char *out, size_t len,
 /*
  * AES-NI section
  */
-#define AESNI_CAPABLE   (OPENSSL_cpu_caps() & CPUCAP_MASK_AESNI)
+#define AESNI_CAPABLE   (crypto_cpu_caps_ia32() & CPUCAP_MASK_AESNI)
 
 int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
     AES_KEY *key);