summaryrefslogtreecommitdiffstats
path: root/crypto/x86_64cpuid.pl
AgeCommit message (Collapse)Author
2021-04-08Update copyright yearMatt Caswell
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14801)
2021-03-22Dual 1024-bit exponentiation optimization for Intel IceLake CPUAndrey Matyukov
with AVX512_IFMA + AVX512_VL instructions, primarily for RSA CRT private key operations. It uses 256-bit registers to avoid CPU frequency scaling issues. The performance speedup for RSA2k signature on ICL is ~2x. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13750)
2020-04-23Update copyright yearMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
2020-02-17Also check for errors in x86_64-xlate.pl.David Benjamin
In https://github.com/openssl/openssl/pull/10883, I'd meant to exclude the perlasm drivers since they aren't opening pipes and do not particularly need it, but I only noticed x86_64-xlate.pl, so arm-xlate.pl and ppc-xlate.pl got the change. That seems to have been fine, so be consistent and also apply the change to x86_64-xlate.pl. Checking for errors is generally a good idea. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David Benjamin <davidben@google.com> (Merged from https://github.com/openssl/openssl/pull/10930)
2020-02-15x86_64: Add endbranch at function entries for Intel CETH.J. Lu
To support Intel CET, all indirect branch targets must start with endbranch. Here is a patch to add endbranch to function entries in x86_64 assembly codes which are indirect branch targets as discovered by running openssl testsuite on Intel CET machine and visual inspection. Verified with $ CC="gcc -Wl,-z,cet-report=error" ./Configure shared linux-x86_64 -fcf-protection $ make $ make test and $ CC="gcc -mx32 -Wl,-z,cet-report=error" ./Configure shared linux-x32 -fcf-protection $ make $ make test # <<< passed with https://github.com/openssl/openssl/pull/10988 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10982)
2020-01-22Do not silently truncate files on perlasm errorsDavid Benjamin
If one of the perlasm xlate drivers crashes, OpenSSL's build will currently swallow the error and silently truncate the output to however far the driver got. This will hopefully fail to build, but better to check such things. Handle this by checking for errors when closing STDOUT (which is a pipe to the xlate driver). Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10883)
2019-12-18Fix unwind info for some trivial functionsBernd Edlinger
While stack unwinding works with gdb here, the function _Unwind_Backtrace gives up when something outside .cfi_startproc/.cfi_endproc is found in the call stack, like OPENSSL_cleanse, OPENSSL_atomic_add, OPENSSL_rdtsc, CRYPTO_memcmp and other trivial functions which don't save anything in the stack. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/10635)
2019-09-16Unify all assembler file generatorsRichard Levitte
They now generally conform to the following argument sequence: script.pl "$(PERLASM_SCHEME)" [ C preprocessor arguments ... ] \ $(PROCESSOR) <output file> However, in the spirit of being able to use these scripts manually, they also allow for no argument, or for only the flavour, or for only the output file. This is done by only using the last argument as output file if it's a file (it has an extension), and only using the first argument as flavour if it isn't a file (it doesn't have an extension). While we're at it, we make all $xlate calls the same, i.e. the $output argument is always quoted, and we always die on error when trying to start $xlate. There's a perl lesson in this, regarding operator priority... This will always succeed, even when it fails: open FOO, "something" || die "ERR: $!"; The reason is that '||' has higher priority than list operators (a function is essentially a list operator and gobbles up everything following it that isn't lower priority), and since a non-empty string is always true, so that ends up being exactly the same as: open FOO, "something"; This, however, will fail if "something" can't be opened: open FOO, "something" or die "ERR: $!"; The reason is that 'or' has lower priority that list operators, i.e. it's performed after the 'open' call. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9884)
2018-12-06Following the license change, modify the boilerplates in crypto/Richard Levitte
[skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7827)
2018-06-03{arm64|x86_64}cpuid.pl: add special 16-byte case to OPENSSL_memcmp.Andy Polyakov
OPENSSL_memcmp is a must in GCM decrypt and general-purpose loop takes quite a portion of execution time for short inputs, more than GHASH for few-byte inputs according to profiler. Special 16-byte case takes it off top five list in profiler output. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6312)
2018-03-08Fix issues in ia32 RDRAND asm leading to reduced entropyBryan Donlan
This patch fixes two issues in the ia32 RDRAND assembly code that result in a (possibly significant) loss of entropy. The first, less significant, issue is that, by returning success as 0 from OPENSSL_ia32_rdrand() and OPENSSL_ia32_rdseed(), a subtle bias was introduced. Specifically, because the assembly routine copied the remaining number of retries over the result when RDRAND/RDSEED returned 'successful but zero', a bias towards values 1-8 (primarily 8) was introduced. The second, more worrying issue was that, due to a mixup in registers, when a buffer that was not size 0 or 1 mod 8 was passed to OPENSSL_ia32_rdrand_bytes or OPENSSL_ia32_rdseed_bytes, the last (n mod 8) bytes were all the same value. This issue impacts only the 64-bit variant of the assembly. This change fixes both issues by first eliminating the only use of OPENSSL_ia32_rdrand, replacing it with OPENSSL_ia32_rdrand_bytes, and fixes the register mixup in OPENSSL_ia32_rdrand_bytes. It also adds a sanity test for OPENSSL_ia32_rdrand_bytes and OPENSSL_ia32_rdseed_bytes to help catch problems of this nature in the future. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5342)
2017-12-08crypto/x86_64cpuid.pl: suppress AVX512F flag on Skylake-X.Andy Polyakov
It was observed that AVX512 code paths can negatively affect overall Skylake-X system performance. But we are talking specifically about 512-bit code, while AVX512VL, 256-bit variant of AVX512F instructions, is supposed to fly as smooth as AVX2. Which is why it remains unmasked. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4838)
2017-11-23crypto/x86_64cpuid.pl: fix AVX512 capability masking.Andy Polyakov
Originally it was thought that it's possible to use AVX512VL+BW instructions with XMM and YMM registers without kernel enabling ZMM support, but it turned to be wrong assumption. Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-11-08OPENSSL_ia32cap: reserve for new extensions.Andy Polyakov
Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-07-26Fix comment typo.David Benjamin
Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4023)
2017-07-25crypto/x86_64cpuid.pl: fix typo in Knights Landing detection.Andy Polyakov
Thanks to David Benjamin for spotting this! Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4009)
2017-07-21x86_64 assembly pack: "optimize" for Knights Landing, add AVX-512 results.Andy Polyakov
"Optimize" is in quotes because it's rather a "salvage operation" for now. Idea is to identify processor capability flags that drive Knights Landing to suboptimial code paths and mask them. Two flags were identified, XSAVE and ADCX/ADOX. Former affects choice of AES-NI code path specific for Silvermont (Knights Landing is of Silvermont "ancestry"). And 64-bit ADCX/ADOX instructions are effectively mishandled at decode time. In both cases we are looking at ~2x improvement. AVX-512 results cover even Skylake-X :-) Hardware used for benchmarking courtesy of Atos, experiments run by Romain Dolbeau <romain.dolbeau@atos.net>. Kudos! Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-03-13crypto/x86*cpuid.pl: move extended feature detection.Andy Polyakov
Exteneded feature flags were not pulled on AMD processors, as result a number of extensions were effectively masked on Ryzen. Original fix for x86_64cpuid.pl addressed this problem, but messed up processor vendor detection. This fix moves extended feature detection past basic feature detection where it belongs. 32-bit counterpart is harmonized too. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-03-07crypto/x86_64cpuid.pl: move extended feature detection upwards.Andy Polyakov
Exteneded feature flags were not pulled on AMD processors, as result a number of extensions were effectively masked on Ryzen. It should have been reported for Excavator since it implements AVX2 extension, but apparently nobody noticed or cared... Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-02-26crypto/x86_64cpuid.pl: add CFI annotations.Andy Polyakov
Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-02-03crypto/x86_64cpuid.pl: detect if kernel preserves %zmm registers.Andy Polyakov
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-15crypto/x86[_64]cpuid.pl: add OPENSSL_ia32_rd[rand|seed]_bytes.Andy Polyakov
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-29x86_64 assembly pack: tolerate spaces in source directory name.Andy Polyakov
[as it is now quoting $output is not required, but done just in case] Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-19Add assembly CRYPTO_memcmp.Andy Polyakov
GH: #102 Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-20Copyright consolidation: perl filesRich Salz
Add copyright to most .pl files This does NOT cover any .pl file that has other copyright in it. Most of those are Andy's but some are public domain. Fix typo's in some existing files. Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-02-14x86[_64]cpuid.pl: add low-level RDSEED.Andy Polyakov
2013-01-22x86_64 assembly pack: make Windows build more robust.Andy Polyakov
PR: 2963 and a number of others
2012-11-17Extend OPENSSL_ia32cap_P with extra word to accomodate AVX2 capability.Andy Polyakov
2012-06-27x86_64 assembly pack: make it possible to compile with Perl located onAndy Polyakov
path with spaces. PR: 2835
2011-11-12cryptlib.c, etc.: fix linker warnings in 64-bit Darwin build.Andy Polyakov
2011-06-04x86_64cpuid.pl: fix typo.Andy Polyakov
2011-06-04x86[_64]cpuid.pl: add function accessing rdrand instruction.Andy Polyakov
2011-05-27x86[_64]cpuid.pl: harmonize usage of reserved bits #20 and #30.Andy Polyakov
2011-05-26x86_64cpuid.pl: get AVX masking right.Andy Polyakov
2011-05-18x86_64cpuid.pl: allow shared build to work without -Bsymbolic.Andy Polyakov
PR: 2466
2011-05-16x86[_64]cpuid.pl: handle new extensions.Andy Polyakov
2011-04-17Multiple assembler packs: add experimental memory bus instrumentation.Andy Polyakov
2010-05-05Revert previous Linux-specific/centric commit#19629. If it really has toAndy Polyakov
be done, it's definitely not the way to do it. So far answer to the question was to ./config -Wa,--noexecstack (adopted by RedHat).
2010-05-05Non-executable stack in asm.Ben Laurie
2010-04-14x86_64cpuid.pl: ml64 is allergic to db on label line.Andy Polyakov
2010-01-24OPENSSL_cleanse to accept zero length parameter [matching C implementation].Andy Polyakov
2009-05-14x86[_64]cpuid.pl: further refine shared cache detection.Andy Polyakov
2009-05-12x86_64cpuid.pl: refine shared cache detection logic.Andy Polyakov
2008-11-12x86_64 assembler pack to comply with updated styling x86_64-xlate.pl rules.Andy Polyakov
2008-07-15x86_64cpuid.pl cosmetics: harmonize $dir treatment with other modules.Andy Polyakov
2008-02-25Use default value for $dir if it is empty.Dr. Stephen Henson
2008-01-13Make all x86_64 modules independent on current working directory.Andy Polyakov
2007-08-23Make x86_64 modules work under Win64/x64.Andy Polyakov
2007-07-21x86*cpuid update.Andy Polyakov
2007-06-21Flush output in x86_64cpuid.pl.Andy Polyakov