[openwrt/openwrt] wolfssl: enable CPU crypto instructions
LEDE Commits
lede-commits at lists.infradead.org
Tue Jun 7 06:02:30 PDT 2022
ansuel pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/0a2edc2714dcda10be902c32525723ce2cbcb138
commit 0a2edc2714dcda10be902c32525723ce2cbcb138
Author: Eneas U de Queiroz <cotequeiroz at gmail.com>
AuthorDate: Tue Apr 19 12:02:09 2022 -0300
wolfssl: enable CPU crypto instructions
This enables AES & SHA CPU instructions for compatible armv8, and x86_64
architectures. Add this to the hardware acceleration choice, since they
can't be enabled at the same time.
The package was marked non-shared, since the arm CPUs may or may not
have crypto extensions enabled based on licensing; bcm27xx does not
enable them. There is no run-time detection of this for arm.
NOTE:
Should this be backported to a release branch, it must be done shortly
before a new minor release, because the change to nonshared will remove
libwolfssl from the shared packages, but the nonshared are only built in
a subsequent release!
Signed-off-by: Eneas U de Queiroz <cotequeiroz at gmail.com>
---
package/libs/wolfssl/Config.in | 12 ++++++++++++
package/libs/wolfssl/Makefile | 11 +++++++++++
2 files changed, 23 insertions(+)
diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in
index b32d5ab6cb..f495a90ff6 100644
--- a/package/libs/wolfssl/Config.in
+++ b/package/libs/wolfssl/Config.in
@@ -62,13 +62,25 @@ config WOLFSSL_ALT_NAMES
config WOLFSSL_HAS_DEVCRYPTO
bool
+config WOLFSSL_ASM_CAPABLE
+ bool
+ default x86_64 || (aarch64 && !TARGET_bcm27xx)
+
choice
prompt "Hardware Acceleration"
+ default WOLFSSL_HAS_CPU_CRYPTO if WOLFSSL_ASM_CAPABLE
default WOLFSSL_HAS_NO_HW
config WOLFSSL_HAS_NO_HW
bool "None"
+ config WOLFSSL_HAS_CPU_CRYPTO
+ bool "Use CPU crypto instructions"
+ depends on WOLFSSL_ASM_CAPABLE
+ help
+ This will use Intel AESNI insturctions or armv8 Crypto Extensions.
+ Either of them should easily outperform hardware crypto in WolfSSL.
+
config WOLFSSL_HAS_AFALG
bool "AF_ALG"
diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
index 9283737542..3edd526364 100644
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -43,6 +43,7 @@ PKG_ABI_VERSION:=$(patsubst %-stable,%,$(PKG_VERSION)).$(call version_abbrev,$(c
PKG_CONFIG_DEPENDS+=\
CONFIG_WOLFSSL_HAS_AFALG \
+ CONFIG_WOLFSSL_HAS_CPU_CRYPTO \
CONFIG_WOLFSSL_HAS_DEVCRYPTO_AES \
CONFIG_WOLFSSL_HAS_DEVCRYPTO_CBC \
CONFIG_WOLFSSL_HAS_DEVCRYPTO_FULL
@@ -59,6 +60,7 @@ endef
define Package/libwolfssl
$(call Package/libwolfssl/Default)
TITLE:=wolfSSL library
+ PKGFLAGS:=nonshared
MENU:=1
PROVIDES:=libcyassl
DEPENDS:=+WOLFSSL_HAS_DEVCRYPTO:kmod-cryptodev +WOLFSSL_HAS_AFALG:kmod-crypto-user
@@ -133,6 +135,15 @@ CONFIGURE_ARGS += \
--enable-wpas --enable-fortress --enable-fastmath
endif
+ifdef CONFIG_WOLFSSL_HAS_CPU_CRYPTO
+ ifdef CONFIG_aarch64
+ CONFIGURE_ARGS += --enable-armasm
+ TARGET_CFLAGS:=$(TARGET_CFLAGS:-mcpu%=-mcpu%+crypto)
+ else ifdef CONFIG_TARGET_x86_64
+ CONFIGURE_ARGS += --enable-intelasm
+ endif
+endif
+
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib/pkgconfig
$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
More information about the lede-commits
mailing list