commit e1dd6e9e8fae34666acb6958141ae01aa66e315b
author Dave Rodgman <dave.rodgman@arm.com> Fri Jun 16 17:46:16 2023 +0100
committer Dave Rodgman <dave.rodgman@arm.com> Fri Jun 16 17:46:16 2023 +0100
tree fe225549050a8147c90b6de7cb48dbc2173dc279
parent be60fcca784fe5cf502ffced2f86ca682f8059c2
parent 7c5e567813fb5426858acd1170cc73f68ab04fe7

Merge remote-tracking branch 'origin/development' into prefer-intrinsics

library/aesni.h

diff --git a/library/aesni.h b/library/aesni.h
index 51b770f..97b3abb 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -59,17 +59,23 @@
 #define MBEDTLS_AESNI_HAVE_INTRINSICS
 #endif
 
-/* Choose the implementation of AESNI, if one is available. */
-#undef MBEDTLS_AESNI_HAVE_CODE
-/* To minimize disruption when releasing the intrinsics-based implementation,
- * favor the assembly-based implementation if it's available. We intend to
- * revise this in a later release of Mbed TLS 3.x. In the long run, we will
- * likely remove the assembly implementation. */
-#if defined(MBEDTLS_HAVE_X86_64)
-#define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
-#elif defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
+/* Normally MBEDTLS_AESNI_HAVE_CODE is automatically set below. It may be
+ * set from all.sh to ensure coverage of both asm and intrinsics, in which
+ * case we do not over-ride it. */
+#if !defined(MBEDTLS_AESNI_HAVE_CODE)
+
+/* Choose the implementation of AESNI, if one is available.
+ *
+ * Favor the intrinsics-based implementation if it's available, for better
+ * maintainability.
+ * Performance is about the same (see #7380).
+ * In the long run, we will likely remove the assembly implementation. */
+#if defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
 #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics
+#elif defined(MBEDTLS_HAVE_X86_64)
+#define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
 #endif
+#endif /* !defined(MBEDTLS_AESNI_HAVE_CODE) */
 
 #if defined(MBEDTLS_AESNI_HAVE_CODE)
 

tests/scripts/all.sh

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 7cc31b4..1957599 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3503,6 +3503,32 @@
     tests/ssl-opt.sh -e 'proxy'
 }
 
+support_test_aesni () {
+    # require an x64_64 target
+    gcc -v 2>&1 | grep Target | grep -q x86_64
+}
+
+component_test_aesni () { # ~ 40s
+    msg "build: default config with different AES implementations"
+    scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py set MBEDTLS_HAVE_ASM
+
+    # test asm
+    msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=1 (asm)"
+    make test CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -DMBEDTLS_AESNI_HAVE_CODE=1'
+
+    # test intrinsics
+    msg "AES tests, MBEDTLS_AESNI_HAVE_CODE=2 (intrinsics)"
+    make clean
+    make test CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -mpclmul -msse2 -maes -DMBEDTLS_AESNI_HAVE_CODE=2'
+
+    # test plain C
+    scripts/config.py unset MBEDTLS_AESNI_C
+    msg "AES tests, plain C"
+    make clean
+    make test CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra'
+}
+
 component_test_aes_only_128_bit_keys () {
     msg "build: default config + AES_ONLY_128_BIT_KEY_LENGTH"
     scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH