wolfssl: ASM/AES-NI/SP Math support; easier variant override #262594
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vifino
force-pushed
the
wolfssl-tweaks
branch
from
9015d4a
to
84a2f9c
Compare
vifino
requested review from
fabaff and
risicle
and removed request for
fabaff
vifino
force-pushed
the
wolfssl-tweaks
branch
from
84a2f9c
to
1cad0d3
Compare
risicle
reviewed
Oct 21, 2023
risicle
reviewed
Oct 21, 2023
vifino
force-pushed
the
wolfssl-tweaks
branch
from
1cad0d3
to
751b602
Compare
vifino
force-pushed
the
wolfssl-tweaks
branch
from
751b602
to
24c5009
Compare
ofborg
bot
added
11.by: package-maintainer
vifino
force-pushed
the
wolfssl-tweaks
branch
6 times, most recently
from
e75c919
to
beb5282
Compare
|
I did some better benchmarks, the best configuration is the one currently comitted. The WolfSSL, all, asm/aesni, sp-math-all, lto# CFLAGS="-flto" LDFLAGS="-flto" ./configure --enable-all --enable-bigcache --enable-intelasm --enable-aesni --enable-sp-math-all --enable-sp=yes,asm
# make -j9
# ./wolfcrypt/benchmark/benchmark
------------------------------------------------------------------------------
wolfSSL version 5.6.3
------------------------------------------------------------------------------
Math: Multi-Precision: Wolf(SP) word-size=64 bits=4096 sp_int.c
Single Precision: ecc 256 384 521 rsa/dh 2048 3072 4096 asm sp_x86_64.c
wolfCrypt Benchmark (block bytes 1048576, min 1.0 sec each)
RNG 200 MiB took 1.022 seconds, 195.706 MiB/s Cycles per byte = 13.66
AES-128-CBC-enc 2040 MiB took 1.001 seconds, 2037.054 MiB/s Cycles per byte = 1.31
AES-128-CBC-dec 12095 MiB took 1.000 seconds, 12094.262 MiB/s Cycles per byte = 0.22
AES-192-CBC-enc 1720 MiB took 1.000 seconds, 1719.998 MiB/s Cycles per byte = 1.55
AES-192-CBC-dec 10115 MiB took 1.000 seconds, 10113.888 MiB/s Cycles per byte = 0.26
AES-256-CBC-enc 1480 MiB took 1.001 seconds, 1478.123 MiB/s Cycles per byte = 1.81
AES-256-CBC-dec 8705 MiB took 1.000 seconds, 8703.608 MiB/s Cycles per byte = 0.31
AES-128-GCM-enc 6985 MiB took 1.000 seconds, 6983.400 MiB/s Cycles per byte = 0.38
AES-128-GCM-dec 6945 MiB took 1.001 seconds, 6940.448 MiB/s Cycles per byte = 0.39
AES-192-GCM-enc 6405 MiB took 1.001 seconds, 6401.018 MiB/s Cycles per byte = 0.42
AES-192-GCM-dec 6310 MiB took 1.000 seconds, 6307.710 MiB/s Cycles per byte = 0.42
AES-256-GCM-enc 5935 MiB took 1.001 seconds, 5931.708 MiB/s Cycles per byte = 0.45
AES-256-GCM-dec 6195 MiB took 1.000 seconds, 6192.164 MiB/s Cycles per byte = 0.43
AES-128-GCM-STREAM-enc 7250 MiB took 1.001 seconds, 7245.624 MiB/s Cycles per byte = 0.37
AES-128-GCM-STREAM-dec 7135 MiB took 1.000 seconds, 7132.519 MiB/s Cycles per byte = 0.37
AES-192-GCM-STREAM-enc 6690 MiB took 1.000 seconds, 6688.388 MiB/s Cycles per byte = 0.40
AES-192-GCM-STREAM-dec 6670 MiB took 1.000 seconds, 6669.833 MiB/s Cycles per byte = 0.40
AES-256-GCM-STREAM-enc 6040 MiB took 1.001 seconds, 6036.311 MiB/s Cycles per byte = 0.44
AES-256-GCM-STREAM-dec 6250 MiB took 1.001 seconds, 6245.548 MiB/s Cycles per byte = 0.43
GMAC Table 4-bit 2138 MiB took 1.000 seconds, 2137.697 MiB/s Cycles per byte = 1.25
AES-128-ECB-enc 12067 MiB took 1.000 seconds, 12065.035 MiB/s Cycles per byte = 0.22
AES-128-ECB-dec 11924 MiB took 1.000 seconds, 11919.197 MiB/s Cycles per byte = 0.22
AES-192-ECB-enc 9977 MiB took 1.001 seconds, 9969.952 MiB/s Cycles per byte = 0.27
AES-192-ECB-dec 9911 MiB took 1.001 seconds, 9904.709 MiB/s Cycles per byte = 0.27
AES-256-ECB-enc 8393 MiB took 1.001 seconds, 8382.673 MiB/s Cycles per byte = 0.32
AES-256-ECB-dec 8437 MiB took 1.001 seconds, 8429.474 MiB/s Cycles per byte = 0.32
AES-XTS-enc 8360 MiB took 1.000 seconds, 8356.858 MiB/s Cycles per byte = 0.32
AES-XTS-dec 8225 MiB took 1.000 seconds, 8223.488 MiB/s Cycles per byte = 0.33
AES-128-CFB 1040 MiB took 1.000 seconds, 1039.950 MiB/s Cycles per byte = 2.57
AES-192-CFB 955 MiB took 1.002 seconds, 952.795 MiB/s Cycles per byte = 2.81
AES-256-CFB 880 MiB took 1.001 seconds, 878.778 MiB/s Cycles per byte = 3.04
AES-128-OFB 1480 MiB took 1.001 seconds, 1478.020 MiB/s Cycles per byte = 1.81
AES-192-OFB 1320 MiB took 1.004 seconds, 1315.269 MiB/s Cycles per byte = 2.03
AES-256-OFB 1195 MiB took 1.004 seconds, 1190.350 MiB/s Cycles per byte = 2.25
AES-128-CTR 2375 MiB took 1.000 seconds, 2374.250 MiB/s Cycles per byte = 1.13
AES-192-CTR 2300 MiB took 1.002 seconds, 2296.002 MiB/s Cycles per byte = 1.16
AES-256-CTR 2205 MiB took 1.000 seconds, 2204.293 MiB/s Cycles per byte = 1.21
AES-CCM-enc 820 MiB took 1.001 seconds, 819.460 MiB/s Cycles per byte = 3.26
AES-CCM-dec 820 MiB took 1.003 seconds, 817.904 MiB/s Cycles per byte = 3.27
AES-256-SIV-enc 900 MiB took 1.001 seconds, 899.397 MiB/s Cycles per byte = 2.97
AES-256-SIV-dec 900 MiB took 1.003 seconds, 897.393 MiB/s Cycles per byte = 2.98
AES-384-SIV-enc 820 MiB took 1.005 seconds, 815.916 MiB/s Cycles per byte = 3.28
AES-384-SIV-dec 835 MiB took 1.003 seconds, 832.865 MiB/s Cycles per byte = 3.21
AES-512-SIV-enc 770 MiB took 1.000 seconds, 769.763 MiB/s Cycles per byte = 3.47
AES-512-SIV-dec 775 MiB took 1.001 seconds, 774.199 MiB/s Cycles per byte = 3.45
Camellia 175 MiB took 1.009 seconds, 173.457 MiB/s Cycles per byte = 15.41
ARC4 460 MiB took 1.010 seconds, 455.619 MiB/s Cycles per byte = 5.87
CHACHA 3375 MiB took 1.000 seconds, 3374.019 MiB/s Cycles per byte = 0.79
CHA-POLY 2295 MiB took 1.000 seconds, 2294.516 MiB/s Cycles per byte = 1.17
3DES 35 MiB took 1.006 seconds, 34.789 MiB/s Cycles per byte = 76.84
MD5 815 MiB took 1.003 seconds, 812.804 MiB/s Cycles per byte = 3.29
POLY1305 7255 MiB took 1.000 seconds, 7251.490 MiB/s Cycles per byte = 0.37
SHA 675 MiB took 1.001 seconds, 674.601 MiB/s Cycles per byte = 3.96
SHA-224 495 MiB took 1.007 seconds, 491.498 MiB/s Cycles per byte = 5.44
SHA-256 490 MiB took 1.002 seconds, 488.829 MiB/s Cycles per byte = 5.47
SHA-384 755 MiB took 1.004 seconds, 752.175 MiB/s Cycles per byte = 3.55
SHA-512 755 MiB took 1.006 seconds, 750.728 MiB/s Cycles per byte = 3.56
SHA-512/224 750 MiB took 1.001 seconds, 749.499 MiB/s Cycles per byte = 3.57
SHA-512/256 750 MiB took 1.004 seconds, 747.183 MiB/s Cycles per byte = 3.58
SHA3-224 515 MiB took 1.003 seconds, 513.359 MiB/s Cycles per byte = 5.21
SHA3-256 485 MiB took 1.001 seconds, 484.685 MiB/s Cycles per byte = 5.52
SHA3-384 375 MiB took 1.012 seconds, 370.512 MiB/s Cycles per byte = 7.22
SHA3-512 260 MiB took 1.002 seconds, 259.431 MiB/s Cycles per byte = 10.30
SHAKE128 595 MiB took 1.005 seconds, 592.221 MiB/s Cycles per byte = 4.51
SHAKE256 485 MiB took 1.008 seconds, 480.983 MiB/s Cycles per byte = 5.56
RIPEMD 350 MiB took 1.012 seconds, 345.709 MiB/s Cycles per byte = 7.73
BLAKE2b 675 MiB took 1.001 seconds, 674.057 MiB/s Cycles per byte = 3.97
BLAKE2s 460 MiB took 1.003 seconds, 458.768 MiB/s Cycles per byte = 5.83
AES-128-CMAC 1475 MiB took 1.001 seconds, 1473.706 MiB/s Cycles per byte = 1.81
AES-256-CMAC 1185 MiB took 1.004 seconds, 1180.110 MiB/s Cycles per byte = 2.27
HMAC-MD5 850 MiB took 1.000 seconds, 849.704 MiB/s Cycles per byte = 3.15
HMAC-SHA 695 MiB took 1.002 seconds, 693.638 MiB/s Cycles per byte = 3.85
HMAC-SHA224 495 MiB took 1.003 seconds, 493.554 MiB/s Cycles per byte = 5.42
HMAC-SHA256 490 MiB took 1.001 seconds, 489.729 MiB/s Cycles per byte = 5.46
HMAC-SHA384 750 MiB took 1.004 seconds, 747.104 MiB/s Cycles per byte = 3.58
HMAC-SHA512 755 MiB took 1.002 seconds, 753.250 MiB/s Cycles per byte = 3.55
PBKDF2 54 KiB took 1.000 seconds, 53.536 KiB/s Cycles per byte = 51133.12
SipHash-8 2710 MiB took 1.001 seconds, 2708.110 MiB/s Cycles per byte = 0.99
SipHash-16 2705 MiB took 1.001 seconds, 2701.847 MiB/s Cycles per byte = 0.99
scrypt 17 40 ops took 1.170 sec, avg 29.243 ms, 34.196 ops/sec
RSA 1024 key gen 91 ops took 1.007 sec, avg 11.066 ms, 90.369 ops/sec
RSA 2048 key gen 38 ops took 1.039 sec, avg 27.349 ms, 36.565 ops/sec
RSA 2048 public 73900 ops took 1.001 sec, avg 0.014 ms, 73858.196 ops/sec
RSA 2048 private 2200 ops took 1.023 sec, avg 0.465 ms, 2150.205 ops/sec
DH 2048 key gen 4476 ops took 1.000 sec, avg 0.223 ms, 4475.549 ops/sec
DH 2048 agree 4600 ops took 1.009 sec, avg 0.219 ms, 4560.602 ops/sec
ECC [ SECP256R1] 256 key gen 91500 ops took 1.000 sec, avg 0.011 ms, 91473.197 ops/sec
ECDHE [ SECP256R1] 256 agree 63300 ops took 1.001 sec, avg 0.016 ms, 63247.192 ops/sec
ECDSA [ SECP256R1] 256 sign 61200 ops took 1.000 sec, avg 0.016 ms, 61190.211 ops/sec
ECDSA [ SECP256R1] 256 verify 56000 ops took 1.001 sec, avg 0.018 ms, 55936.346 ops/sec
ECC [ SECP256R1] 256 encrypt 53800 ops took 1.002 sec, avg 0.019 ms, 53712.880 ops/sec
ECC [ SECP256R1] 256 decrypt 52900 ops took 1.001 sec, avg 0.019 ms, 52830.270 ops/sec
ECC [BRAINPOOLP256R1] 256 key gen 15200 ops took 1.006 sec, avg 0.066 ms, 15104.092 ops/sec
ECDHE [BRAINPOOLP256R1] 256 agree 16100 ops took 1.003 sec, avg 0.062 ms, 16057.001 ops/sec
ECDSA [BRAINPOOLP256R1] 256 sign 12900 ops took 1.006 sec, avg 0.078 ms, 12818.972 ops/sec
ECDSA [BRAINPOOLP256R1] 256 verify 11900 ops took 1.006 sec, avg 0.085 ms, 11827.814 ops/sec
ECC [BRAINPOOLP256R1] 256 encrypt 15400 ops took 1.003 sec, avg 0.065 ms, 15351.518 ops/sec
ECC [BRAINPOOLP256R1] 256 decrypt 15500 ops took 1.004 sec, avg 0.065 ms, 15439.062 ops/sec
CURVE 25519 key gen 43256 ops took 1.000 sec, avg 0.023 ms, 43255.907 ops/sec
CURVE 25519 agree 45000 ops took 1.002 sec, avg 0.022 ms, 44913.895 ops/sec
ED 25519 key gen 107885 ops took 1.000 sec, avg 0.009 ms, 107884.331 ops/sec
ED 25519 sign 97500 ops took 1.001 sec, avg 0.010 ms, 97448.538 ops/sec
ED 25519 verify 32800 ops took 1.002 sec, avg 0.031 ms, 32746.005 ops/sec
CURVE 448 key gen 7510 ops took 1.000 sec, avg 0.133 ms, 7509.513 ops/sec
CURVE 448 agree 7600 ops took 1.009 sec, avg 0.133 ms, 7533.628 ops/sec
ED 448 key gen 18896 ops took 1.000 sec, avg 0.053 ms, 18895.468 ops/sec
ED 448 sign 18000 ops took 1.003 sec, avg 0.056 ms, 17943.423 ops/sec
ED 448 verify 6300 ops took 1.014 sec, avg 0.161 ms, 6211.026 ops/sec
ECCSI 256 key gen 88813 ops took 1.000 sec, avg 0.011 ms, 88812.471 ops/sec
ECCSI 256 pair gen 82413 ops took 1.000 sec, avg 0.012 ms, 82412.253 ops/sec
ECCSI 256 valid 43635 ops took 1.000 sec, avg 0.023 ms, 43634.126 ops/sec
ECCSI 256 sign 44863 ops took 1.000 sec, avg 0.022 ms, 44862.412 ops/sec
ECCSI 256 verify 18939 ops took 1.000 sec, avg 0.053 ms, 18938.508 ops/sec
SAKKE 1024 key gen 1357 ops took 1.000 sec, avg 0.737 ms, 1356.335 ops/sec
SAKKE 1024 rsk gen 1261 ops took 1.001 sec, avg 0.794 ms, 1260.051 ops/sec
SAKKE 1024 valid 178 ops took 1.002 sec, avg 5.628 ms, 177.676 ops/sec
SAKKE 1024 encap-1 884 ops took 1.000 sec, avg 1.131 ms, 883.871 ops/sec
SAKKE 1024 derive-1 178 ops took 1.002 sec, avg 5.631 ms, 177.590 ops/sec
SAKKE 1024 encap-2 943 ops took 1.000 sec, avg 1.061 ms, 942.642 ops/sec
SAKKE 1024 derive-2 179 ops took 1.004 sec, avg 5.610 ms, 178.263 ops/sec
SAKKE 1024 derive-3 373 ops took 1.002 sec, avg 2.687 ms, 372.167 ops/sec
SAKKE 1024 derive-4 369 ops took 1.001 sec, avg 2.712 ms, 368.667 ops/sec
Benchmark completeReference OpenSSL 3.X# openssl speed -seconds 1 -bytes 1024
<snip>
version: 3.0.10
built on: Tue Aug 1 13:47:24 2023 UTC
options: bn(64,64)
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DNDEBUG
CPUINFO: OPENSSL_ia32cap=0x7ffaf3bfffebffff:0x18c05fdef3bfa7eb
The 'numbers' are in 1000s of bytes per second processed.
type 1024 bytes
md5 856797.18k
sha1 1803063.30k
rmd160 346043.39k
sha256 1538703.36k
sha512 663226.37k
hmac(md5) 789931.01k
des-ede3 34872.32k
aes-128-cbc 2246989.82k
aes-192-cbc 1883696.13k
aes-256-cbc 1630371.84k
camellia-128-cbc 258006.02k
camellia-192-cbc 191522.82k
camellia-256-cbc 194128.90k
ghash 15290267.65k
rand 1607536.43k
sign verify sign/s verify/s
rsa 512 bits 0.000030s 0.000002s 33486.0 561696.0
rsa 1024 bits 0.000077s 0.000005s 12977.0 218204.0
rsa 2048 bits 0.000250s 0.000015s 4004.0 68288.0
rsa 3072 bits 0.001511s 0.000031s 662.0 32585.0
rsa 4096 bits 0.003378s 0.000053s 296.0 18869.0
rsa 7680 bits 0.031212s 0.000179s 32.0 5600.0
sign verify sign/s verify/s
dsa 512 bits 0.000041s 0.000023s 24611.0 42713.0
dsa 1024 bits 0.000076s 0.000057s 13219.0 17615.0
dsa 2048 bits 0.000204s 0.000183s 4892.0 5478.0
sign verify sign/s verify/s
160 bits ecdsa (secp160r1) 0.0001s 0.0001s 6830.0 6942.0
192 bits ecdsa (nistp192) 0.0002s 0.0002s 5547.0 5787.0
224 bits ecdsa (nistp224) 0.0003s 0.0002s 3673.0 4064.0
256 bits ecdsa (nistp256) 0.0000s 0.0001s 55594.0 18560.0
384 bits ecdsa (nistp384) 0.0007s 0.0006s 1340.0 1614.0
521 bits ecdsa (nistp521) 0.0018s 0.0014s 565.0 726.0
163 bits ecdsa (nistk163) 0.0002s 0.0003s 6250.0 3197.0
233 bits ecdsa (nistk233) 0.0002s 0.0004s 4708.0 2373.0
283 bits ecdsa (nistk283) 0.0004s 0.0007s 2644.0 1334.7
409 bits ecdsa (nistk409) 0.0006s 0.0012s 1596.0 824.0
571 bits ecdsa (nistk571) 0.0014s 0.0027s 712.0 368.0
163 bits ecdsa (nistb163) 0.0002s 0.0003s 6018.0 3086.0
233 bits ecdsa (nistb233) 0.0002s 0.0004s 4545.5 2310.0
283 bits ecdsa (nistb283) 0.0004s 0.0008s 2543.0 1305.0
409 bits ecdsa (nistb409) 0.0007s 0.0013s 1530.0 789.0
571 bits ecdsa (nistb571) 0.0015s 0.0030s 660.0 332.7
256 bits ecdsa (brainpoolP256r1) 0.0003s 0.0003s 3240.0 3371.0
256 bits ecdsa (brainpoolP256t1) 0.0003s 0.0003s 3266.7 3544.0
384 bits ecdsa (brainpoolP384r1) 0.0008s 0.0007s 1308.0 1488.0
384 bits ecdsa (brainpoolP384t1) 0.0008s 0.0006s 1326.0 1599.0
512 bits ecdsa (brainpoolP512r1) 0.0011s 0.0010s 890.0 1019.0
512 bits ecdsa (brainpoolP512t1) 0.0011s 0.0009s 870.0 1098.0
op op/s
160 bits ecdh (secp160r1) 0.0002s 6470.7
192 bits ecdh (nistp192) 0.0002s 5346.0
224 bits ecdh (nistp224) 0.0003s 3532.0
256 bits ecdh (nistp256) 0.0000s 22816.0
384 bits ecdh (nistp384) 0.0008s 1284.0
521 bits ecdh (nistp521) 0.0018s 553.0
163 bits ecdh (nistk163) 0.0002s 6075.0
233 bits ecdh (nistk233) 0.0002s 4575.0
283 bits ecdh (nistk283) 0.0004s 2623.0
409 bits ecdh (nistk409) 0.0006s 1583.0
571 bits ecdh (nistk571) 0.0014s 714.0
163 bits ecdh (nistb163) 0.0002s 5885.0
233 bits ecdh (nistb233) 0.0002s 4456.0
283 bits ecdh (nistb283) 0.0004s 2476.2
409 bits ecdh (nistb409) 0.0007s 1523.0
571 bits ecdh (nistb571) 0.0015s 659.0
256 bits ecdh (brainpoolP256r1) 0.0003s 3186.0
256 bits ecdh (brainpoolP256t1) 0.0003s 3184.0
384 bits ecdh (brainpoolP384r1) 0.0008s 1293.0
384 bits ecdh (brainpoolP384t1) 0.0008s 1305.0
512 bits ecdh (brainpoolP512r1) 0.0011s 902.0
512 bits ecdh (brainpoolP512t1) 0.0011s 915.0
253 bits ecdh (X25519) 0.0000s 33846.0
448 bits ecdh (X448) 0.0001s 6828.0
sign verify sign/s verify/s
253 bits EdDSA (Ed25519) 0.0000s 0.0001s 34034.0 10661.0
456 bits EdDSA (Ed448) 0.0002s 0.0002s 5308.0 5302.0
sign verify sign/s verify/s
256 bits SM2 (CurveSM2) 0.0003s 0.0003s 2990.0 3389.0
op op/s
2048 bits ffdh 0.0003s 3897.0
3072 bits ffdh 0.0006s 1551.0
4096 bits ffdh 0.0013s 751.5
6144 bits ffdh 0.0030s 336.0
8192 bits ffdh 0.0059s 168.3 |
risicle
reviewed
Oct 22, 2023
vifino
force-pushed
the
wolfssl-tweaks
branch
from
beb5282
to
f25b4b5
Compare
vifino
changed the title
vifino
force-pushed
the
wolfssl-tweaks
branch
from
f25b4b5
to
dd43f1e
Compare
vifino
force-pushed
the
wolfssl-tweaks
branch
4 times, most recently
from
175227b
to
84f92cd
Compare
vifino
force-pushed
the
wolfssl-tweaks
branch
from
fc323bb
to
ec48f0f
Compare
13 tasks
|
Sorry for the noise - I work on the two PRs simultaneously, after all I want to ensure both still do what I want. |
vifino
force-pushed
the
wolfssl-tweaks
branch
from
ec48f0f
to
78a1ef9
Compare
vifino
force-pushed
the
wolfssl-tweaks
branch
from
78a1ef9
to
07ccd83
Compare
risicle
reviewed
Oct 23, 2023
| version = "5.6.3"; | ||
|
|
||
| src = fetchFromGitHub { | ||
| owner = "wolfSSL"; | ||
| repo = "wolfssl"; | ||
| rev = "refs/tags/v${version}-stable"; | ||
| rev = "refs/tags/v5.6.3-stable"; |
There was a problem hiding this comment.
Ahh, goofy mistake - Sandro mentioned that taking the finalAttrs.version was silly - my understanding is that changing it would change the ref, causing the hash to mismatch.
I, in my infinite wisdom, just embedded the version.
But I can just make the thing rec as well and use version like before if you prefer.
There was a problem hiding this comment.
Yeah, there's no harm in using finalAttrs it's just not a complete solution because nothing will ever be able to sort out the hash situation.
There was a problem hiding this comment.
OK, I reverted the change I made based on Sandro's review.
However, I am not sure if there is a way to satisfy you both when it comes to this.
There was a problem hiding this comment.
I'd just leave it as you found it - there's no perfect way to deal with this situation.
There was a problem hiding this comment.
Do you mean making the attr rec in addition to finalAttrs and leaving just version in it? Or finalAttrs.version like it is now (once again)?
risicle
reviewed
Oct 23, 2023
vifino
force-pushed
the
wolfssl-tweaks
branch
2 times, most recently
from
0e5d480
to
57b8c7a
Compare
|
@ofborg build pkgsStatic.wolfssl Looks like you'll also have to disable it for static builds. I don't know if it's just musl-based builds in general because I don't have the build capacity to build |
|
@ofborg build pkgsi686Linux.wolfssl Also looks like the "x86" asm can only be enabled for x86_64 |
Ughh. Looking in the source tree also shows that they don't have an assembly implementation for x86, only x86_64. Good catch.
I do not understand why this, it should work just fine. Alpine manages to build with LTO, why not NixOS? :/ Both are addressed now, thank you once again for your in-depth review and guidance! |
vifino
force-pushed
the
wolfssl-tweaks
branch
from
57b8c7a
to
dbd5970
Compare
vifino
force-pushed
the
wolfssl-tweaks
branch
from
dbd5970
to
3d808c4
Compare
|
@ofborg build pkgsi686Linux.wolfssl pkgsStatic.wolfssl |
risicle
approved these changes
Oct 26, 2023
|
Tests consistently fail for me after this change. |
|
|
Never mind, the same test also fails on the previous commit. I think we have an arch-specific bug. |
|
@K900 Which arch is that? Anything to reproduce? |
|
Yep, builds on Zen2 machine, fails on Zen4. I'll just take this upstream I guess. |
|
nvm, it's a WSL issue. |
13 tasks
|
The |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes
Before this PR, building a custom variant of WolfSSL (like upstream expects you to) was rather painful.
So I added some parameters to make it easier.
I also enabled the detection of AES-NI/AVX1/AVX2 instructions and the Single Precision Math implementation in WolfSSL, so that it is very competitive against other implementations.
For ARM such a runtime detection is not implemented, so I only enabled it for Darwin AArch64, where the configure script will enable the supported instructions.
I want this for #262401.
Things done
nix.conf? (See Nix manual)sandbox = relaxedsandbox = truenix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)