[openwrt/openwrt] openssl: avoid OPENSSL_SMALL_FOOTPRINT, no-asm

LEDE Commits lede-commits at lists.infradead.org
Wed Apr 5 04:28:50 PDT 2023 

ansuel pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/975036f6f9c8b12fbf82854ea006b4951c5be783

commit 975036f6f9c8b12fbf82854ea006b4951c5be783
Author: Eneas U de Queiroz <cotequeiroz at gmail.com>
AuthorDate: Fri Mar 10 17:21:11 2023 -0300

    openssl: avoid OPENSSL_SMALL_FOOTPRINT, no-asm
    
    Building openssl with OPENSSL_SMALL_FOOTPRINT yelds only from 1% to 3%
    decrease in size, dropping performance from 2% to 91%, depending on the
    target and algorithm.
    
    For example, using AES256-GCM with 1456-bytes operations, X86_64 appears
    to be the least affected with 2% performance penalty and 1% reduction in
    size; mips drops performance by 13%, size by 3%;  Arm drops 29% in
    performance, 2% in size.
    
    On aarch64, it slows down ghash so much that I consider it broken
    (-91%).  SMALL_FOOTPRINT will reduce AES256-GCM performance by 88%, and
    size by only 1%.  It makes an AES-capable CPU run AES128-GCM at 35% of
    the speed of Chacha20-Poly1305:
    
    Block-size=1456 bytes   AES256-GCM   AES128-GCM  ChaCha20-Poly1305
    SMALL_FOOTPRINT           62014.44     65063.23          177090.50
    regular                  504220.08    565630.28          182706.16
    
    OpenSSL 1.1.1 numbers are about the same, so this should have been
    noticed a long time ago.
    
    This creates an option to use OPENSSL_SMALL_FOOTPRINT, but it is turned
    off by default unless SMALL_FLASH or LOW_MEMORY_FOOTPRINT is used.
    
    Compiling with -O3 instead of -Os, for comparison, will increase size by
    about 14-15%, with no measureable effect on AES256-GCM performance, and
    about 2% increase in Chacha20-Poly1305 performance on Aarch64.
    
    There are no Arm devices with the small flash feature, so drop the
    conditional default.  The package is built on phase2, so even if we
    include an Arm device with small flash later, a no-asm library would
    have to be built from source anyway.
    
    Signed-off-by: Eneas U de Queiroz <cotequeiroz at gmail.com>
---
 package/libs/openssl/Config.in | 18 ++++++++++++++++--
 package/libs/openssl/Makefile  |  7 +++++--
 2 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/package/libs/openssl/Config.in b/package/libs/openssl/Config.in
index 6a668fe4cd..b948aab709 100644
--- a/package/libs/openssl/Config.in
+++ b/package/libs/openssl/Config.in
@@ -12,9 +12,23 @@ config OPENSSL_OPTIMIZE_SPEED
 		The increase in performance and size depends on the
 		target CPU. EC and AES seem to benefit the most.
 
+config OPENSSL_SMALL_FOOTPRINT
+	bool
+	depends on !OPENSSL_OPTIMIZE_SPEED
+	default y if SMALL_FLASH || LOW_MEMORY_FOOTPRINT
+	prompt "Build with OPENSSL_SMALL_FOOTPRINT (read help)"
+	help
+		This turns on -DOPENSSL_SMALL_FOOTPRINT.  This will save only
+		1-3% of of the ipk size.  The performance drop depends on
+		architecture and algorithm.  MIPS drops 13% of performance for
+		a 3% decrease in ipk size.  On Aarch64, for a 1% reduction in
+		size, ghash and GCM performance decreases 90%, while
+		Chacha20-Poly1305 is 15% slower.  X86_64 drops 1% of its size
+		for 3% of performance.  Other arches have not been tested.
+
 config OPENSSL_WITH_ASM
 	bool
-	default y if !SMALL_FLASH || !arm
+	default y
 	prompt "Compile with optimized assembly code"
 	depends on !arc
 	help
@@ -46,7 +60,7 @@ config OPENSSL_NO_DEPRECATED
 
 config OPENSSL_WITH_ERROR_MESSAGES
 	bool
-	default y if !SMALL_FLASH && !LOW_MEMORY_FOOTPRINT
+	default y if !OPENSSL_SMALL_FOOTPRINT || (!SMALL_FLASH && !LOW_MEMORY_FOOTPRINT)
 	prompt "Include error messages"
 	help
 		This option aids debugging, but increases package size and
diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile
index 9fe5da9dd3..b076a9c1fa 100644
--- a/package/libs/openssl/Makefile
+++ b/package/libs/openssl/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
 PKG_VERSION:=3.0.8
-PKG_RELEASE:=4
+PKG_RELEASE:=5
 PKG_BUILD_FLAGS:=no-mips16 gc-sections
 
 PKG_BUILD_PARALLEL:=1
@@ -39,6 +39,7 @@ PKG_CONFIG_DEPENDS:= \
 	CONFIG_OPENSSL_NO_DEPRECATED \
 	CONFIG_OPENSSL_OPTIMIZE_SPEED \
 	CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM \
+	CONFIG_OPENSSL_SMALL_FOOTPRINT \
 	CONFIG_OPENSSL_WITH_ARIA \
 	CONFIG_OPENSSL_WITH_ASM \
 	CONFIG_OPENSSL_WITH_ASYNC \
@@ -258,7 +259,9 @@ endif
 
 ifeq ($(CONFIG_OPENSSL_OPTIMIZE_SPEED),y)
   TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS)) -O3
-else
+endif
+
+ifeq ($(CONFIG_OPENSSL_SMALL_FOOTPRINT),y)
   OPENSSL_OPTIONS += -DOPENSSL_SMALL_FOOTPRINT
 endif

More information about the lede-commits mailing list