Add CPU capability detection for the Intel SHA extensions (aka SHA-NI).

This also provides a crypto_cpu_caps_amd64 variable that can be checked for CRYPTO_CPU_CAPS_AMD64_SHA. ok tb@
author: jsing <> 2024-11-16 13:05:35 +0000
committer: jsing <> 2024-11-16 13:05:35 +0000
commit: fe7294a5c93bf90f080d28c3a7684b6e91757a35 (patch)
tree: e3abdc93f5a6fc1250a24940d0f3284fae1612aa /src/lib
parent: 39b7a3a9f20d985948b8d909c07ec87d5d1beb9e (diff)
download: openbsd-fe7294a5c93bf90f080d28c3a7684b6e91757a35.tar.gz
openbsd-fe7294a5c93bf90f080d28c3a7684b6e91757a35.tar.bz2
openbsd-fe7294a5c93bf90f080d28c3a7684b6e91757a35.zip
2 files changed, 27 insertions, 5 deletions
diff --git a/src/lib/libcrypto/arch/amd64/crypto_arch.h b/src/lib/libcrypto/arch/amd64/crypto_arch.h
index 64b2da587b..7546fb0dfd 100644
--- a/src/lib/libcrypto/arch/amd64/crypto_arch.h
+++ b/src/lib/libcrypto/arch/amd64/crypto_arch.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: crypto_arch.h,v 1.3 2024/10/19 13:06:11 jsing Exp $ */
+/*      $OpenBSD: crypto_arch.h,v 1.4 2024/11/16 13:05:35 jsing Exp $ */
 /*
 * Copyright (c) 2024 Joel Sing <jsing@openbsd.org>
 *
@@ -15,12 +15,20 @@
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */
+#include <stdint.h>
 #ifndef HEADER_CRYPTO_ARCH_H
 #define HEADER_CRYPTO_ARCH_H
 #define HAVE_CRYPTO_CPU_CAPS_INIT
 #define HAVE_CRYPTO_CPU_CAPS_IA32
+#ifndef __ASSEMBLER__
+extern uint64_t crypto_cpu_caps_amd64;
+#endif
+#define CRYPTO_CPU_CAPS_AMD64_SHA       (1ULL << 0)
 #ifndef OPENSSL_NO_ASM
 #define HAVE_AES_CBC_ENCRYPT_INTERNAL
diff --git a/src/lib/libcrypto/arch/amd64/crypto_cpu_caps.c b/src/lib/libcrypto/arch/amd64/crypto_cpu_caps.c
index 6bb77411af..63b7b64cda 100644
--- a/src/lib/libcrypto/arch/amd64/crypto_cpu_caps.c
+++ b/src/lib/libcrypto/arch/amd64/crypto_cpu_caps.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: crypto_cpu_caps.c,v 1.3 2024/11/12 13:14:57 jsing Exp $ */
+/*      $OpenBSD: crypto_cpu_caps.c,v 1.4 2024/11/16 13:05:35 jsing Exp $ */
 /*
 * Copyright (c) 2024 Joel Sing <jsing@openbsd.org>
 *
@@ -19,11 +19,15 @@
 #include <openssl/crypto.h>
+#include "crypto_arch.h"
 #include "x86_arch.h"
 /* Legacy architecture specific capabilities, used by perlasm. */
 uint64_t OPENSSL_ia32cap_P;
+/* Machine dependent CPU capabilities. */
+uint64_t crypto_cpu_caps_amd64;
 /* Machine independent CPU capabilities. */
 extern uint64_t crypto_cpu_caps;
@@ -67,19 +71,21 @@ xgetbv(uint32_t ecx, uint32_t *out_eax, uint32_t *out_edx)
 void
 crypto_cpu_caps_init(void)
 {
-        uint32_t eax, ebx, ecx, edx;
+        uint32_t eax, ebx, ecx, edx, max_cpuid;
        uint64_t caps = 0;
        cpuid(0, &eax, &ebx, &ecx, &edx);
+        max_cpuid = eax;
        /* "GenuineIntel" in little endian. */
        if (ebx == 0x756e6547 && edx == 0x49656e69 && ecx == 0x6c65746e)
                caps |= CPUCAP_MASK_INTEL;
-        if (eax < 1)
+        if (max_cpuid < 1)
                return;
-        cpuid(1, &eax, &ebx, &ecx, &edx);
+        cpuid(1, &eax, NULL, &ecx, &edx);
        if ((edx & IA32CAP_MASK0_FXSR) != 0)
                caps |= CPUCAP_MASK_FXSR;
@@ -106,6 +112,14 @@ crypto_cpu_caps_init(void)
                        caps |= CPUCAP_MASK_AVX;
        }
+        if (max_cpuid >= 7) {
+                cpuid(7, NULL, &ebx, NULL, NULL);
+                /* Intel SHA extensions feature bit - ebx[29]. */
+                if (((ebx >> 29) & 1) != 0)
+                        crypto_cpu_caps_amd64 |= CRYPTO_CPU_CAPS_AMD64_SHA;
+        }
        /* Set machine independent CPU capabilities. */
        if ((caps & CPUCAP_MASK_AESNI) != 0)
                crypto_cpu_caps |= CRYPTO_CPU_CAPS_ACCELERATED_AES;
author	jsing <>	2024-11-16 13:05:35 +0000
committer	jsing <>	2024-11-16 13:05:35 +0000
commit	fe7294a5c93bf90f080d28c3a7684b6e91757a35 (patch)
tree	e3abdc93f5a6fc1250a24940d0f3284fae1612aa /src/lib
parent	39b7a3a9f20d985948b8d909c07ec87d5d1beb9e (diff)
download	openbsd-fe7294a5c93bf90f080d28c3a7684b6e91757a35.tar.gz openbsd-fe7294a5c93bf90f080d28c3a7684b6e91757a35.tar.bz2 openbsd-fe7294a5c93bf90f080d28c3a7684b6e91757a35.zip