[edk2-devel] [RFC] [staging/CryptoLibrary] Openssl1.1 replacement proposal
Gerd Hoffmann
kraxel at redhat.com
Fri Mar 10 15:50:08 UTC 2023
On Fri, Mar 10, 2023 at 12:28:54PM +0000, Yao, Jiewen wrote:
> Hello
> We have created initial POC version CryptoPkg upgrade.
>
> OpenSSL 3.0 POC: https://github.com/tianocore/edk2-staging/blob/OpenSSL11_EOL/CryptoPkg/Readme-OpenSSL3.0.md
> The size is reduced a lots. But it still exceeds some platforms.
I've already mentioned the branch in the cover letter of the openssl
hash series (https://edk2.groups.io/g/devel/message/100123), but
apparently it went unnoticed, there are lots of commits from my old
branch in there ...
Anyway, my latest branch (just rebased to master) is here:
https://github.com/kraxel/edk2/commits/openssl3
Doesn't (yet) pass CI, most failures are on IA32 due to missing
compiler intrinsics.
I've put the configuration system upside-down, replaced the
process_files.pl script with python. All generated files are
placed in a new 'openssl-gen' subdirectory, no matter whenever
they are header files, C files or asm files.
Some code changes are needed for openssl 3.0, those are mostly
unchanged when comparing to my ~1y old branch. Exceptions are
some EC-related changes.
Acceleration support has been expanded to also cover AARCH64
with GCC5.
The old openssl-1.1 apparently tries to avoid adding support
for avx for asm acceleration, by taking care that nasm is not
in the path. That trick will surely will not work with
openssl-3.0 as openssl has learned to generate avx instructions
for other assemblers meanwhile.
Is there some specific reason for that?
Compatibility with toolchains without avx support?
Or is firmware not allowed to use avx instructions?
In case of the latter we probably have to add a 'no-avx' config option
to upstream openssl, similiar to the 'no-sse2' option which already
exists.
take care,
Gerd
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101002): https://edk2.groups.io/g/devel/message/101002
Mute This Topic: https://groups.io/mt/96741156/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list