From 011a1f76b32897df27867f465cf66a9db9a7ddf0 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Mon, 9 Jun 2025 14:28:34 +0000 Subject: Make OPENSSL_IA32_SSE2 the default for i386 and remove the flag. The OPENSSL_IA32_SSE2 flag controls whether a number of the perlasm scripts generate additional implementations that use SSE2 functionality. In all cases except ghash, the code checks OPENSSL_ia32cap_P for SSE2 support, before trying to run SSE2 code. For ghash it generates a CLMUL based implementation in addition to different MMX version (one MMX version hides behind OPENSSL_IA32_SSE2, the other does not), however this does not appear to actually use SSE2. We also disable AES-NI on i386 if OPENSSL_IA32_SSE2. On OpenBSD, we've always defined OPENSSL_IA32_SSE2 so this is effectively a no-op. The only change is that we now check MMX rather than SSE2 for the ghash MMX implementation. ok bcook@ beck@ --- src/lib/libcrypto/arch/i386/Makefile.inc | 3 +-- src/lib/libcrypto/bn/asm/bn-586.pl | 3 +-- src/lib/libcrypto/bn/asm/x86-mont.pl | 3 +-- src/lib/libcrypto/evp/e_aes.c | 4 ++-- src/lib/libcrypto/modes/asm/ghash-x86.pl | 3 +-- src/lib/libcrypto/modes/gcm128.c | 8 +------- src/lib/libcrypto/sha/asm/sha1-586.pl | 5 +---- src/lib/libcrypto/sha/asm/sha512-586.pl | 3 +-- 8 files changed, 9 insertions(+), 23 deletions(-) (limited to 'src') diff --git a/src/lib/libcrypto/arch/i386/Makefile.inc b/src/lib/libcrypto/arch/i386/Makefile.inc index 4bcf8e2bbc..e593c31467 100644 --- a/src/lib/libcrypto/arch/i386/Makefile.inc +++ b/src/lib/libcrypto/arch/i386/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.28 2025/04/18 13:19:39 jsing Exp $ +# $OpenBSD: Makefile.inc,v 1.29 2025/06/09 14:28:33 jsing Exp $ # i386-specific libcrypto build rules @@ -12,7 +12,6 @@ CFLAGS+= -DAES_ASM SSLASM+= aes aes-586 SSLASM+= aes aesni-x86 # bn -CFLAGS+= -DOPENSSL_IA32_SSE2 SSLASM+= bn bn-586 SSLASM+= bn co-586 CFLAGS+= -DOPENSSL_BN_ASM_MONT diff --git a/src/lib/libcrypto/bn/asm/bn-586.pl b/src/lib/libcrypto/bn/asm/bn-586.pl index 71b775af8d..19a1afdbbe 100644 --- a/src/lib/libcrypto/bn/asm/bn-586.pl +++ b/src/lib/libcrypto/bn/asm/bn-586.pl @@ -6,8 +6,7 @@ require "x86asm.pl"; &asm_init($ARGV[0],$0); -$sse2=0; -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } +$sse2=1; &external_label("OPENSSL_ia32cap_P") if ($sse2); diff --git a/src/lib/libcrypto/bn/asm/x86-mont.pl b/src/lib/libcrypto/bn/asm/x86-mont.pl index 6524651748..3be440f11f 100755 --- a/src/lib/libcrypto/bn/asm/x86-mont.pl +++ b/src/lib/libcrypto/bn/asm/x86-mont.pl @@ -32,8 +32,7 @@ require "x86asm.pl"; &asm_init($ARGV[0],$0); -$sse2=0; -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } +$sse2=1; &external_label("OPENSSL_ia32cap_P") if ($sse2); diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c index 74d86c98d8..42c0fb45ed 100644 --- a/src/lib/libcrypto/evp/e_aes.c +++ b/src/lib/libcrypto/evp/e_aes.c @@ -1,4 +1,4 @@ -/* $OpenBSD: e_aes.c,v 1.70 2025/06/06 07:41:01 tb Exp $ */ +/* $OpenBSD: e_aes.c,v 1.71 2025/06/09 14:28:34 jsing Exp $ */ /* ==================================================================== * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. * @@ -115,7 +115,7 @@ void AES_xts_decrypt(const char *inp, char *out, size_t len, #if defined(AES_ASM) && ( \ ((defined(__i386) || defined(__i386__) || \ - defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \ + defined(_M_IX86)))|| \ defined(__x86_64) || defined(__x86_64__) || \ defined(_M_AMD64) || defined(_M_X64) || \ defined(__INTEL__) ) diff --git a/src/lib/libcrypto/modes/asm/ghash-x86.pl b/src/lib/libcrypto/modes/asm/ghash-x86.pl index 47833582b6..395c680cc5 100644 --- a/src/lib/libcrypto/modes/asm/ghash-x86.pl +++ b/src/lib/libcrypto/modes/asm/ghash-x86.pl @@ -119,8 +119,7 @@ require "x86asm.pl"; &asm_init($ARGV[0],"ghash-x86.pl",$x86only = $ARGV[$#ARGV] eq "386"); -$sse2=0; -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } +$sse2=1; ($Zhh,$Zhl,$Zlh,$Zll) = ("ebp","edx","ecx","ebx"); $inp = "edi"; diff --git a/src/lib/libcrypto/modes/gcm128.c b/src/lib/libcrypto/modes/gcm128.c index 2540b7cf3d..8136c2cde2 100644 --- a/src/lib/libcrypto/modes/gcm128.c +++ b/src/lib/libcrypto/modes/gcm128.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gcm128.c,v 1.50 2025/06/08 07:49:45 jsing Exp $ */ +/* $OpenBSD: gcm128.c,v 1.51 2025/06/09 14:28:34 jsing Exp $ */ /* ==================================================================== * Copyright (c) 2010 The OpenSSL Project. All rights reserved. * @@ -259,7 +259,6 @@ CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block) ctx->H.u[1] = be64toh(ctx->H.u[1]); # if defined(GHASH_ASM_X86_OR_64) -# if !defined(GHASH_ASM_X86) || defined(OPENSSL_IA32_SSE2) /* check FXSR and PCLMULQDQ bits */ if ((crypto_cpu_caps_ia32() & (CPUCAP_MASK_FXSR | CPUCAP_MASK_PCLMUL)) == (CPUCAP_MASK_FXSR | CPUCAP_MASK_PCLMUL)) { @@ -268,14 +267,9 @@ CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block) ctx->ghash = gcm_ghash_clmul; return; } -# endif gcm_init_4bit(ctx->Htable, ctx->H.u); # if defined(GHASH_ASM_X86) /* x86 only */ -# if defined(OPENSSL_IA32_SSE2) - if (crypto_cpu_caps_ia32() & CPUCAP_MASK_SSE) { /* check SSE bit */ -# else if (crypto_cpu_caps_ia32() & CPUCAP_MASK_MMX) { /* check MMX bit */ -# endif ctx->gmult = gcm_gmult_4bit_mmx; ctx->ghash = gcm_ghash_4bit_mmx; } else { diff --git a/src/lib/libcrypto/sha/asm/sha1-586.pl b/src/lib/libcrypto/sha/asm/sha1-586.pl index 72dd3badb1..d2491766f3 100644 --- a/src/lib/libcrypto/sha/asm/sha1-586.pl +++ b/src/lib/libcrypto/sha/asm/sha1-586.pl @@ -104,10 +104,7 @@ require "x86asm.pl"; &asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386"); -$xmm=$ymm=0; -for (@ARGV) { $xmm=1 if (/-DOPENSSL_IA32_SSE2/); } - -$ymm=1 if $xmm; +$xmm=$ymm=1; &external_label("OPENSSL_ia32cap_P") if ($xmm); diff --git a/src/lib/libcrypto/sha/asm/sha512-586.pl b/src/lib/libcrypto/sha/asm/sha512-586.pl index c1d0684e92..fe1ff487bc 100644 --- a/src/lib/libcrypto/sha/asm/sha512-586.pl +++ b/src/lib/libcrypto/sha/asm/sha512-586.pl @@ -38,8 +38,7 @@ require "x86asm.pl"; &asm_init($ARGV[0],"sha512-586.pl",$ARGV[$#ARGV] eq "386"); -$sse2=0; -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } +$sse2=1; &external_label("OPENSSL_ia32cap_P") if ($sse2); -- cgit v1.2.3-55-g6feb