From 6365a681c8a13df145fb40d2f9c20a975420b11e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 22 May 2023 11:14:36 +0100 Subject: [PATCH 01/17] Prefer intrinsics over asm for AES-NI Signed-off-by: Dave Rodgman --- library/aesni.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/aesni.h b/library/aesni.h index 51b770f31..a054cfd5c 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -61,14 +61,14 @@ /* Choose the implementation of AESNI, if one is available. */ #undef MBEDTLS_AESNI_HAVE_CODE -/* To minimize disruption when releasing the intrinsics-based implementation, - * favor the assembly-based implementation if it's available. We intend to - * revise this in a later release of Mbed TLS 3.x. In the long run, we will - * likely remove the assembly implementation. */ -#if defined(MBEDTLS_HAVE_X86_64) -#define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly -#elif defined(MBEDTLS_AESNI_HAVE_INTRINSICS) +/* Favor the intrinsics-based implementation if it's available, for better + * maintainability. + * Performance is about the same (see #7380). + * In the long run, we will likely remove the assembly implementation. */ +#if defined(MBEDTLS_AESNI_HAVE_INTRINSICS) #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics +#elif defined(MBEDTLS_HAVE_X86_64) +#define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly #endif #if defined(MBEDTLS_AESNI_HAVE_CODE) From 838dc46a7b3b62a6a1044e0542f1e53a4d4c305c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 16 Jun 2023 13:18:19 +0100 Subject: [PATCH 02/17] Test asm and intrinsics from all.sh Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 78666b41f..61288511c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3448,6 +3448,35 @@ component_test_malloc_0_null () { tests/ssl-opt.sh -e 'proxy' } +support_test_aesni () { + # require an x64_64 target + gcc -v 2>&1 | grep Target | grep -q x86_64 +} + +component_test_aesni () { # ~ 20s + msg "build: default config with MBEDTLS_HAVE_ASM and MBEDTLS_AESNI_C enabled" + scripts/config.py set MBEDTLS_AESNI_C + scripts/config.py set MBEDTLS_HAVE_ASM + + msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=1 (asm)" + make lib tests CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -DMBEDTLS_AESNI_HAVE_CODE=1' + cd tests + for t in `find . -type f -executable -name '*aes*'`; do + # Run all the suites with aes in their name + ./$t + done + cd .. + + msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=2 (intrinsics)" + make clean + make lib tests CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -mpclmul -msse2 -maes -DMBEDTLS_AESNI_HAVE_CODE=2' + cd tests + for t in `find . -type f -executable -name '*aes*'`; do + ./$t + done + cd .. +} + component_test_aes_fewer_tables () { msg "build: default config with AES_FEWER_TABLES enabled" scripts/config.py set MBEDTLS_AES_FEWER_TABLES From e07c670e4719882bdd58d0e3c7ad5ed4efb31577 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 16 Jun 2023 13:21:28 +0100 Subject: [PATCH 03/17] Allow all.sh to override intrinsics vs asm selection Signed-off-by: Dave Rodgman --- library/aesni.h | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/library/aesni.h b/library/aesni.h index a054cfd5c..97b3abbef 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -59,9 +59,14 @@ #define MBEDTLS_AESNI_HAVE_INTRINSICS #endif -/* Choose the implementation of AESNI, if one is available. */ -#undef MBEDTLS_AESNI_HAVE_CODE -/* Favor the intrinsics-based implementation if it's available, for better +/* Normally MBEDTLS_AESNI_HAVE_CODE is automatically set below. It may be + * set from all.sh to ensure coverage of both asm and intrinsics, in which + * case we do not over-ride it. */ +#if !defined(MBEDTLS_AESNI_HAVE_CODE) + +/* Choose the implementation of AESNI, if one is available. + * + * Favor the intrinsics-based implementation if it's available, for better * maintainability. * Performance is about the same (see #7380). * In the long run, we will likely remove the assembly implementation. */ @@ -70,6 +75,7 @@ #elif defined(MBEDTLS_HAVE_X86_64) #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly #endif +#endif /* !defined(MBEDTLS_AESNI_HAVE_CODE) */ #if defined(MBEDTLS_AESNI_HAVE_CODE) From c2b7264b836d6f56ddc7ada6c0646a2750d43784 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 16 Jun 2023 16:24:42 +0100 Subject: [PATCH 04/17] Simplify aesni test Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 61288511c..a15995b77 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3453,28 +3453,17 @@ support_test_aesni () { gcc -v 2>&1 | grep Target | grep -q x86_64 } -component_test_aesni () { # ~ 20s +component_test_aesni () { # ~ 40s msg "build: default config with MBEDTLS_HAVE_ASM and MBEDTLS_AESNI_C enabled" scripts/config.py set MBEDTLS_AESNI_C scripts/config.py set MBEDTLS_HAVE_ASM msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=1 (asm)" - make lib tests CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -DMBEDTLS_AESNI_HAVE_CODE=1' - cd tests - for t in `find . -type f -executable -name '*aes*'`; do - # Run all the suites with aes in their name - ./$t - done - cd .. - + make test CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -DMBEDTLS_AESNI_HAVE_CODE=1' + msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=2 (intrinsics)" make clean - make lib tests CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -mpclmul -msse2 -maes -DMBEDTLS_AESNI_HAVE_CODE=2' - cd tests - for t in `find . -type f -executable -name '*aes*'`; do - ./$t - done - cd .. + make test CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -mpclmul -msse2 -maes -DMBEDTLS_AESNI_HAVE_CODE=2' } component_test_aes_fewer_tables () { From be60fcca784fe5cf502ffced2f86ca682f8059c2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 16 Jun 2023 17:04:52 +0100 Subject: [PATCH 05/17] Add test for plain C path Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a15995b77..39a787a86 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3454,16 +3454,24 @@ support_test_aesni () { } component_test_aesni () { # ~ 40s - msg "build: default config with MBEDTLS_HAVE_ASM and MBEDTLS_AESNI_C enabled" + msg "build: default config with different AES implementations" scripts/config.py set MBEDTLS_AESNI_C scripts/config.py set MBEDTLS_HAVE_ASM + # test asm msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=1 (asm)" make test CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -DMBEDTLS_AESNI_HAVE_CODE=1' - + + # test intrinsics msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=2 (intrinsics)" make clean make test CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -mpclmul -msse2 -maes -DMBEDTLS_AESNI_HAVE_CODE=2' + + # test plain C + scripts/config.py unset MBEDTLS_AESNI_C + msg "AES tests, plain C" + make clean + make test CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra' } component_test_aes_fewer_tables () { From fa1d05ccfd0d45e2964fefbd15c14a34c32e78be Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 16 Jun 2023 19:52:49 +0100 Subject: [PATCH 06/17] Remove not-needed compiler flags Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 19575998c..00f722590 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3515,18 +3515,18 @@ component_test_aesni () { # ~ 40s # test asm msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=1 (asm)" - make test CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -DMBEDTLS_AESNI_HAVE_CODE=1' + make test CC=gcc CFLAGS='-O2 -Werror -DMBEDTLS_AESNI_HAVE_CODE=1' # test intrinsics msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=2 (intrinsics)" make clean - make test CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -mpclmul -msse2 -maes -DMBEDTLS_AESNI_HAVE_CODE=2' + make test CC=gcc CFLAGS='-O2 -Werror -mpclmul -msse2 -maes -DMBEDTLS_AESNI_HAVE_CODE=2' # test plain C scripts/config.py unset MBEDTLS_AESNI_C msg "AES tests, plain C" make clean - make test CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra' + make test CC=gcc CFLAGS='-O2 -Werror' } component_test_aes_only_128_bit_keys () { From 96a9e6a9dd84cc549312e24ac9328751c37ee13b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 16 Jun 2023 20:18:36 +0100 Subject: [PATCH 07/17] Address test review comments Signed-off-by: Dave Rodgman --- library/aes.c | 7 +++++++ library/aesni.h | 6 ------ tests/scripts/all.sh | 35 +++++++++++++++++++++++++---------- 3 files changed, 32 insertions(+), 16 deletions(-) diff --git a/library/aes.c b/library/aes.c index 0a61d1b07..08e3caadd 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1824,6 +1824,13 @@ int mbedtls_aes_self_test(int verbose) } else #endif #if defined(MBEDTLS_AESNI_HAVE_CODE) +#if MBEDTLS_AESNI_HAVE_CODE == 1 + mbedtls_printf(" AES note: AESNI code present (assembly implementation).\n"); +#elif MBEDTLS_AESNI_HAVE_CODE == 2 + mbedtls_printf(" AES note: AESNI code present (intrinsics implementation).\n"); +#else +#error Unrecognised value for MBEDTLS_AESNI_HAVE_CODE +#endif if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { mbedtls_printf(" AES note: using AESNI.\n"); } else diff --git a/library/aesni.h b/library/aesni.h index 97b3abbef..82947e458 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -59,11 +59,6 @@ #define MBEDTLS_AESNI_HAVE_INTRINSICS #endif -/* Normally MBEDTLS_AESNI_HAVE_CODE is automatically set below. It may be - * set from all.sh to ensure coverage of both asm and intrinsics, in which - * case we do not over-ride it. */ -#if !defined(MBEDTLS_AESNI_HAVE_CODE) - /* Choose the implementation of AESNI, if one is available. * * Favor the intrinsics-based implementation if it's available, for better @@ -75,7 +70,6 @@ #elif defined(MBEDTLS_HAVE_X86_64) #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly #endif -#endif /* !defined(MBEDTLS_AESNI_HAVE_CODE) */ #if defined(MBEDTLS_AESNI_HAVE_CODE) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 00f722590..3ccab95e0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3508,25 +3508,40 @@ support_test_aesni () { gcc -v 2>&1 | grep Target | grep -q x86_64 } -component_test_aesni () { # ~ 40s +component_test_aesni () { # ~ 60s + # This tests the two AESNI implementations (intrinsics and assembly), and also the plain C + # fallback. It also tests the logic that is used to select which implementation(s) to build. + # + # This test does not require the host to have support for AESNI (if it doesn't, the run-time + # AESNI detection will fallback to the plain C implementation, so the tests will instead + # exercise the plain C impl). + msg "build: default config with different AES implementations" scripts/config.py set MBEDTLS_AESNI_C scripts/config.py set MBEDTLS_HAVE_ASM - # test asm - msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=1 (asm)" - make test CC=gcc CFLAGS='-O2 -Werror -DMBEDTLS_AESNI_HAVE_CODE=1' - - # test intrinsics - msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=2 (intrinsics)" + # test the intrinsics implementation + msg "AES tests, test intrinsics" make clean - make test CC=gcc CFLAGS='-O2 -Werror -mpclmul -msse2 -maes -DMBEDTLS_AESNI_HAVE_CODE=2' + make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes' + # check that we built intrinsics - this should be used by default when supported by the compiler + ./programs/test/selftest | grep "AESNI code" | grep -q "intrinsics" || false "intrinsics not built when supported" - # test plain C + # test the asm implementation + msg "AES tests, test assembly" + make clean + make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes' + # check that we built assembly - this should be built if the compiler does not support intrinsics + ./programs/test/selftest | grep "AESNI code" | grep -q "assembly" || false "assembly not built when intrinsics not supported" + + # test the plain C implementation scripts/config.py unset MBEDTLS_AESNI_C msg "AES tests, plain C" make clean - make test CC=gcc CFLAGS='-O2 -Werror' + make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror' + # check that there is no AESNI code present + ./programs/test/selftest | grep -q "AESNI code" && false "AESNI code built when MBEDTLS_AESNI_C unset" + } component_test_aes_only_128_bit_keys () { From 086e137dc4d9e5c00e9bb713b8858f18fdf934b9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 16 Jun 2023 20:21:39 +0100 Subject: [PATCH 08/17] code style Signed-off-by: Dave Rodgman --- library/aes.c | 4 ++-- tests/scripts/all.sh | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/library/aes.c b/library/aes.c index 08e3caadd..bd0317c87 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1825,9 +1825,9 @@ int mbedtls_aes_self_test(int verbose) #endif #if defined(MBEDTLS_AESNI_HAVE_CODE) #if MBEDTLS_AESNI_HAVE_CODE == 1 - mbedtls_printf(" AES note: AESNI code present (assembly implementation).\n"); + mbedtls_printf(" AES note: AESNI code present (assembly implementation).\n"); #elif MBEDTLS_AESNI_HAVE_CODE == 2 - mbedtls_printf(" AES note: AESNI code present (intrinsics implementation).\n"); + mbedtls_printf(" AES note: AESNI code present (intrinsics implementation).\n"); #else #error Unrecognised value for MBEDTLS_AESNI_HAVE_CODE #endif diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 3ccab95e0..730c804ff 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3541,7 +3541,6 @@ component_test_aesni () { # ~ 60s make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror' # check that there is no AESNI code present ./programs/test/selftest | grep -q "AESNI code" && false "AESNI code built when MBEDTLS_AESNI_C unset" - } component_test_aes_only_128_bit_keys () { From 336a4530c5e46036c5aeebc61cb5c1db6f1f6943 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 16 Jun 2023 20:22:04 +0100 Subject: [PATCH 09/17] Fix typo Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 730c804ff..23615f214 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3504,7 +3504,7 @@ component_test_malloc_0_null () { } support_test_aesni () { - # require an x64_64 target + # require an x86_64 target gcc -v 2>&1 | grep Target | grep -q x86_64 } From 48d8e83472df5da0372a44f2c056ba3469ccf687 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 16 Jun 2023 21:05:05 +0100 Subject: [PATCH 10/17] fix CI failure Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 23615f214..369eb243f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3540,7 +3540,7 @@ component_test_aesni () { # ~ 60s make clean make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror' # check that there is no AESNI code present - ./programs/test/selftest | grep -q "AESNI code" && false "AESNI code built when MBEDTLS_AESNI_C unset" + ./programs/test/selftest | grep -qv "AESNI code" || false "AESNI code built when MBEDTLS_AESNI_C unset" } component_test_aes_only_128_bit_keys () { From f87e5268ec3720cc8b902c80cc69f17b8ae90aa6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 16 Jun 2023 22:03:44 +0100 Subject: [PATCH 11/17] Fix test error Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 369eb243f..16926a5cb 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3538,9 +3538,9 @@ component_test_aesni () { # ~ 60s scripts/config.py unset MBEDTLS_AESNI_C msg "AES tests, plain C" make clean - make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror' + make test programs/test/selftest CC=x86_64-linux-gnu-gcc-10 CFLAGS='-O2 -Werror' # check that there is no AESNI code present - ./programs/test/selftest | grep -qv "AESNI code" || false "AESNI code built when MBEDTLS_AESNI_C unset" + ! ( ./programs/test/selftest | grep -q "AESNI code") || false "AESNI code built when MBEDTLS_AESNI_C unset" } component_test_aes_only_128_bit_keys () { From f18a7e1f86b085161138c047391acecb1dfc607d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 16 Jun 2023 22:41:18 +0100 Subject: [PATCH 12/17] Fix typo Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 16926a5cb..a140f7185 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3538,7 +3538,7 @@ component_test_aesni () { # ~ 60s scripts/config.py unset MBEDTLS_AESNI_C msg "AES tests, plain C" make clean - make test programs/test/selftest CC=x86_64-linux-gnu-gcc-10 CFLAGS='-O2 -Werror' + make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror' # check that there is no AESNI code present ! ( ./programs/test/selftest | grep -q "AESNI code") || false "AESNI code built when MBEDTLS_AESNI_C unset" } From 20cc563462e2ad2d704829cb7b58ce71bae351be Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 19 Jun 2023 10:27:31 +0100 Subject: [PATCH 13/17] Improve logic for checking for presence of AESNI code Co-authored-by: Gilles Peskine Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a140f7185..55128c2ca 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3525,7 +3525,7 @@ component_test_aesni () { # ~ 60s make clean make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes' # check that we built intrinsics - this should be used by default when supported by the compiler - ./programs/test/selftest | grep "AESNI code" | grep -q "intrinsics" || false "intrinsics not built when supported" + ./programs/test/selftest | grep "AESNI code" | grep -q "intrinsics" # test the asm implementation msg "AES tests, test assembly" @@ -3540,7 +3540,7 @@ component_test_aesni () { # ~ 60s make clean make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror' # check that there is no AESNI code present - ! ( ./programs/test/selftest | grep -q "AESNI code") || false "AESNI code built when MBEDTLS_AESNI_C unset" + ./programs/test/selftest | not grep -q "AESNI code" } component_test_aes_only_128_bit_keys () { From b9590270103b114baefc4eb57863468e5e54148a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 19 Jun 2023 10:28:45 +0100 Subject: [PATCH 14/17] Improve logic for checking for presence of AESNI code Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 55128c2ca..3e83ee106 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3532,7 +3532,7 @@ component_test_aesni () { # ~ 60s make clean make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes' # check that we built assembly - this should be built if the compiler does not support intrinsics - ./programs/test/selftest | grep "AESNI code" | grep -q "assembly" || false "assembly not built when intrinsics not supported" + ./programs/test/selftest | grep "AESNI code" | grep -q "assembly" # test the plain C implementation scripts/config.py unset MBEDTLS_AESNI_C From f8986e31475e97bb8b1c22f3181c816264a7b924 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 19 Jun 2023 10:55:59 +0100 Subject: [PATCH 15/17] Clarify support_test_aesni Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 3e83ee106..56ad2a4f9 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3503,11 +3503,24 @@ component_test_malloc_0_null () { tests/ssl-opt.sh -e 'proxy' } -support_test_aesni () { - # require an x86_64 target +support_build_aesni() { + # Check that gcc targets x86_64 gcc -v 2>&1 | grep Target | grep -q x86_64 } +support_run_aesni() { + # Check for AESNI support on the host. + # + # In principle 32-bit x86 can support AESNI, but our implementation does not + # support 32-bit x86, so we check for x86-64. + # We can only grep /proc/cpuinfo on Linux, so this also checks for Linux + [[ "$HOSTTYPE" == "x86_64" && "$OSTYPE" == "linux-gnu" ]] && Date: Mon, 19 Jun 2023 11:51:33 +0100 Subject: [PATCH 16/17] Simplify aesni support test Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 56ad2a4f9..3c6530fb7 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3503,22 +3503,19 @@ component_test_malloc_0_null () { tests/ssl-opt.sh -e 'proxy' } -support_build_aesni() { - # Check that gcc targets x86_64 - gcc -v 2>&1 | grep Target | grep -q x86_64 -} - -support_run_aesni() { - # Check for AESNI support on the host. +support_test_aesni() { + # Check that gcc targets x86_64 (we can build AESNI), and check for + # AESNI support on the host (we can run AESNI). + # + # The name of this function is possibly slightly misleading, but needs to align + # with the name of the corresponding test, component_test_aesni. # # In principle 32-bit x86 can support AESNI, but our implementation does not # support 32-bit x86, so we check for x86-64. # We can only grep /proc/cpuinfo on Linux, so this also checks for Linux - [[ "$HOSTTYPE" == "x86_64" && "$OSTYPE" == "linux-gnu" ]] && &1 | grep Target | grep -q x86_64) && + [[ "$HOSTTYPE" == "x86_64" && "$OSTYPE" == "linux-gnu" ]] && + (grep '^flags' /proc/cpuinfo | grep -w aes) } component_test_aesni () { # ~ 60s From 3d9af4734fcdb8a85094abbeb70ca7e93e33d494 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 19 Jun 2023 12:10:11 +0100 Subject: [PATCH 17/17] Fix tests? Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 3c6530fb7..d59a0c859 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3515,7 +3515,7 @@ support_test_aesni() { # We can only grep /proc/cpuinfo on Linux, so this also checks for Linux (gcc -v 2>&1 | grep Target | grep -q x86_64) && [[ "$HOSTTYPE" == "x86_64" && "$OSTYPE" == "linux-gnu" ]] && - (grep '^flags' /proc/cpuinfo | grep -w aes) + (grep '^flags' /proc/cpuinfo | grep -qw aes) } component_test_aesni () { # ~ 60s