From 3250c9d5272821e5b796144c63b1de982cd4e43b Mon Sep 17 00:00:00 2001 From: John Baldwin Date: Mon, 21 Aug 2023 21:02:42 -0700 Subject: [PATCH] libcrypto: Update assembly build glue for x86 for OpenSSL 3.0. Notably, define AES_ASM which is required for any AES acceleration (OpenSSL 1.0 gated all AES acceleration on OPENSSL_CPUID_OBJ instead). Enabling this exposed that new assembly files added in OpenSSL 3.0 needed to be included in the build (aes-x86-64.S and aes-586.S). Both of these files supplant both aes_core.c and aes_cbc.c. The last file had to be moved out of the MI SRCS line for aes and into each ASM_* for non-x86. As part of this I audited the generated configdata.pm for amd64, i386, and aarch64 and found the following additional discrepecancies that are fixed here as well: - Enabled BSAES_ASM on amd64 which requires bsase-x86_64.S - Enabled WHIRLPOOL_ASM on amd64 (asm sources already built) - Enabled CMLL_ASM on amd64 and i386 (asm sources already built) aarch64 had no discreprecancies in configdata.pm, and no *.pl asm generators were missing for aarch64 in Makefile.asm. I did not check powerpc or armv7, but for armv7 all of the asm generators seem to be present in Makefile.asm. Reported by: gallatin (AES-GCM using plain software on amd64) Reviewed by: gallatin, ngie, emaste Differential Revision: https://reviews.freebsd.org/D41539 --- secure/lib/libcrypto/Makefile | 20 ++++++++++---------- secure/lib/libcrypto/Makefile.common | 6 ++++++ 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/secure/lib/libcrypto/Makefile b/secure/lib/libcrypto/Makefile index d4102c6cd0c..f4bd4a3247f 100644 --- a/secure/lib/libcrypto/Makefile +++ b/secure/lib/libcrypto/Makefile @@ -41,25 +41,25 @@ SRCS+= mem_clr.c .endif # aes -SRCS+= aes_cbc.c aes_cfb.c aes_ecb.c aes_ige.c aes_misc.c aes_ofb.c aes_wrap.c +SRCS+= aes_cfb.c aes_ecb.c aes_ige.c aes_misc.c aes_ofb.c aes_wrap.c .if defined(ASM_aarch64) -SRCS+= aes_core.c aesv8-armx.S vpaes-armv8.S +SRCS+= aes_cbc.c aes_core.c aesv8-armx.S vpaes-armv8.S ACFLAGS.aesv8-armx.S= -march=armv8-a+crypto .elif defined(ASM_amd64) -SRCS+= aes_core.c aesni-mb-x86_64.S aesni-sha1-x86_64.S aesni-sha256-x86_64.S -SRCS+= aesni-x86_64.S vpaes-x86_64.S +SRCS+= aes-x86_64.S aesni-mb-x86_64.S aesni-sha1-x86_64.S +SRCS+= aesni-sha256-x86_64.S aesni-x86_64.S bsaes-x86_64.S vpaes-x86_64.S .elif defined(ASM_arm) -SRCS+= aes-armv4.S aesv8-armx.S bsaes-armv7.S +SRCS+= aes_cbc.c aes-armv4.S aesv8-armx.S bsaes-armv7.S .elif defined(ASM_i386) -SRCS+= aes_core.c aesni-x86.S vpaes-x86.S +SRCS+= aes-586.S aesni-x86.S vpaes-x86.S .elif defined(ASM_powerpc) -SRCS+= aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S +SRCS+= aes_cbc.c aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S .elif defined(ASM_powerpc64) -SRCS+= aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S +SRCS+= aes_cbc.c aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S .elif defined(ASM_powerpc64le) -SRCS+= aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S +SRCS+= aes_cbc.c aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S .else -SRCS+= aes_core.c +SRCS+= aes_cbc.c aes_core.c .endif # asn1 diff --git a/secure/lib/libcrypto/Makefile.common b/secure/lib/libcrypto/Makefile.common index 620bc9178f3..a52e2979060 100644 --- a/secure/lib/libcrypto/Makefile.common +++ b/secure/lib/libcrypto/Makefile.common @@ -32,8 +32,12 @@ CFLAGS+= -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM CFLAGS+= -DKECCAK1600_ASM CFLAGS+= -DRC4_ASM CFLAGS+= -DMD5_ASM +CFLAGS+= -DAES_ASM +CFLAGS+= -DBSAES_ASM CFLAGS+= -DVPAES_ASM +CFLAGS+= -DWHIRLPOOL_ASM CFLAGS+= -DGHASH_ASM +CFLAGS+= -DCMLL_ASM CFLAGS+= -DECP_NISTZ256_ASM -DX25519_ASM CFLAGS+= -DPADLOCK_ASM CFLAGS+= -DPOLY1305_ASM @@ -53,9 +57,11 @@ CFLAGS+= -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM CFLAGS+= -DRC4_ASM CFLAGS+= -DMD5_ASM CFLAGS+= -DRMD160_ASM +CFLAGS+= -DAES_ASM CFLAGS+= -DVPAES_ASM CFLAGS+= -DWHIRLPOOL_ASM CFLAGS+= -DGHASH_ASM +CFLAGS+= -DCMLL_ASM CFLAGS+= -DECP_NISTZ256_ASM CFLAGS+= -DPADLOCK_ASM CFLAGS+= -DPOLY1305_ASM