Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove AESNI assembly #8231

Open
gilles-peskine-arm opened this issue Sep 20, 2023 · 0 comments
Open

Remove AESNI assembly #8231

gilles-peskine-arm opened this issue Sep 20, 2023 · 0 comments
Labels
api-break This issue/PR breaks the API and must wait for a new major version component-crypto Crypto primitives and low-level interfaces

Comments

@gilles-peskine-arm
Copy link
Contributor

gilles-peskine-arm commented Sep 20, 2023
edited
Loading

Since Mbed TLS 3.4.0, we have two implementations of AES that use AESNI: with inline assembly or with intrinsics. We added intrinsics primarily to extend support to MSVC. I'm not aware of any modern compiler that supports our inline assembly but not the intrinsics. So we may want to drop the assembly in the next major release.

Note that while this doesn't visibly change the API, it changes the behavior: it means that builds done with a compiler that supports the assembly but not the intrinsics will no longer get AESNI. Dropping support for ancient versions of GCC is ok, but we need more work for modern compilers.

The intrinsics do require extra flags on the compiler command line or pragma directives to tell the compiler that it's ok to use CPU-variant-specific instructions there, even if the build as a whole is done for a more generic variant. We can't just tell people to (e.g.) always pass -maes to their compiler: that prevents them from generating a binary that works on all CPU of the right family, but uses AESNI where available and software AES otherwise.

Mailing list thread: https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/thread/WTFFP2KHCC2QVZ24JMH7PK7TZL3TSTUF/
@gilles-peskine-arm gilles-peskine-arm added component-crypto Crypto primitives and low-level interfaces api-break This issue/PR breaks the API and must wait for a new major version labels Sep 20, 2023
@sergio-nsk sergio-nsk mentioned this issue Oct 16, 2023
Closed
@gilles-peskine-arm gilles-peskine-arm moved this to Decision needed in Mbed TLS 4.0 planning Jul 4, 2024
@mpg mpg mentioned this issue Aug 6, 2024
Closed
@gilles-peskine-arm gilles-peskine-arm changed the title Consider removing AESNI assembly Remove AESNI assembly Aug 14, 2024
@yanesca yanesca moved this to 4.0 - Removals and deprecations in Mbed TLS Backlog Aug 27, 2024
@github-project-automation github-project-automation bot moved this to Mbed TLS 4.0 COULD in Backlog for Mbed TLS Aug 30, 2024
This was referenced Nov 30, 2024
Open
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
api-break This issue/PR breaks the API and must wait for a new major version component-crypto Crypto primitives and low-level interfaces
Projects
Backlog for Mbed TLS
Status: Mbed TLS 4.0 COULD
Mbed TLS 4.0 planning
Status: Planning needed
Mbed TLS Backlog
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gilles-peskine-arm