You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Since Mbed TLS 3.4.0, we have two implementations of AES that use AESNI: with inline assembly or with intrinsics. We added intrinsics primarily to extend support to MSVC. I'm not aware of any modern compiler that supports our inline assembly but not the intrinsics. So we may want to drop the assembly in the next major release.
Note that while this doesn't visibly change the API, it changes the behavior: it means that builds done with a compiler that supports the assembly but not the intrinsics will no longer get AESNI. Dropping support for ancient versions of GCC is ok, but we need more work for modern compilers.
The intrinsics do require extra flags on the compiler command line or pragma directives to tell the compiler that it's ok to use CPU-variant-specific instructions there, even if the build as a whole is done for a more generic variant. We can't just tell people to (e.g.) always pass -maes to their compiler: that prevents them from generating a binary that works on all CPU of the right family, but uses AESNI where available and software AES otherwise.
Since Mbed TLS 3.4.0, we have two implementations of AES that use AESNI: with inline assembly or with intrinsics. We added intrinsics primarily to extend support to MSVC. I'm not aware of any modern compiler that supports our inline assembly but not the intrinsics. So we may want to drop the assembly in the next major release.
Note that while this doesn't visibly change the API, it changes the behavior: it means that builds done with a compiler that supports the assembly but not the intrinsics will no longer get AESNI. Dropping support for ancient versions of GCC is ok, but we need more work for modern compilers.
The intrinsics do require extra flags on the compiler command line or pragma directives to tell the compiler that it's ok to use CPU-variant-specific instructions there, even if the build as a whole is done for a more generic variant. We can't just tell people to (e.g.) always pass
-maes
to their compiler: that prevents them from generating a binary that works on all CPU of the right family, but uses AESNI where available and software AES otherwise.Mailing list thread: https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/thread/WTFFP2KHCC2QVZ24JMH7PK7TZL3TSTUF/
The text was updated successfully, but these errors were encountered: