From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-74.mimecast.com (us-smtp-delivery-74.mimecast.com [63.128.21.74]) by mx.groups.io with SMTP id smtpd.web11.51704.1584968382801112741 for ; Mon, 23 Mar 2020 05:59:43 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=OorrUwQC; spf=pass (domain: redhat.com, ip: 63.128.21.74, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1584968381; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=aC2SanAN0NM1UOLlquRC9CDZ9GAZ0cRY/8vo9MW1tKM=; b=OorrUwQCnFluWxHH6XNefDL3qJ3fXYtLqfuP0JV6KSN8wyR5EryQ5nd9TQ7GLIYFG1citM Y/FFyzHWbQopIvCAc0//tZvo+r3i6WIghNlHFMrRkjPS85kffohjIqDuDtSJuFsmVTqqqo RnR9f/iOf7Ssb/v1TDVToRdzNU5FH0c= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-210-Juh5Kc1tMsWbN3etJHnajA-1; Mon, 23 Mar 2020 08:59:33 -0400 X-MC-Unique: Juh5Kc1tMsWbN3etJHnajA-1 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 637598017DF; Mon, 23 Mar 2020 12:59:32 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-112-32.ams2.redhat.com [10.36.112.32]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8651F19C70; Mon, 23 Mar 2020 12:59:30 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH 0/1] CryptoPkg/OpensslLib: Add native instruction support for IA32 and X64 To: devel@edk2.groups.io, christopher.j.zurcher@intel.com Cc: Jian J Wang , Xiaoyu Lu , Eugene Cohen , Ard Biesheuvel References: <20200317102656.20032-1-christopher.j.zurcher@intel.com> From: "Laszlo Ersek" Message-ID: <648e8630-1cfc-82e8-2666-b372cd647e1e@redhat.com> Date: Mon, 23 Mar 2020 13:59:29 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20200317102656.20032-1-christopher.j.zurcher@intel.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit On 03/17/20 11:26, Zurcher, Christopher J wrote: > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2507 > > This patch adds support for building the native instruction algorithms for > IA32 and X64 versions of OpensslLib. The process_files.pl script was modified > to parse the .asm file targets from the OpenSSL build config data struct, and > generate the necessary assembly files for the EDK2 build environment. > > For the X64 variant, OpenSSL includes calls to a Windows error handling API, > and that function has been stubbed out in ApiHooks.c. > > For all variants, a constructor was added to call the required CPUID function > within OpenSSL to facilitate processor capability checks in the native > algorithms. > > Additional native architecture variants should be simple to add by following > the changes made for these two architectures. > > The OpenSSL assembly files are traditionally generated at build time using a > perl script. To avoid that burden on EDK2 users, these end-result assembly > files are generated during the configuration steps performed by the package > maintainer (through process_files.pl). The perl generator scripts inside > OpenSSL do not parse file comments as they are only meant to create > intermediate build files, so process_files.pl contains additional hooks to > preserve the copyright headers as well as clean up tabs and line endings to > comply with EDK2 coding standards. The resulting file headers align with > the generated .h files which are already included in the EDK2 repository. > > Cc: Jian J Wang > Cc: Xiaoyu Lu > Cc: Eugene Cohen > Cc: Ard Biesheuvel > > Christopher J Zurcher (1): > CryptoPkg/OpensslLib: Add native instruction support for IA32 and X64 > > CryptoPkg/Library/OpensslLib/OpensslLib.inf | 2 +- > CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 2 +- > CryptoPkg/Library/OpensslLib/OpensslLibIa32.inf | 680 ++ > CryptoPkg/Library/OpensslLib/OpensslLibX64.inf | 691 ++ > CryptoPkg/Library/Include/openssl/opensslconf.h | 3 - > CryptoPkg/Library/OpensslLib/ApiHooks.c | 18 + > CryptoPkg/Library/OpensslLib/OpensslLibConstructor.c | 34 + > CryptoPkg/Library/OpensslLib/Ia32/crypto/aes/aesni-x86.nasm | 3209 ++++++++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/aes/vpaes-x86.nasm | 648 ++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/bn/bn-586.nasm | 1522 ++++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/bn/co-586.nasm | 1259 +++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/bn/x86-gf2m.nasm | 352 + > CryptoPkg/Library/OpensslLib/Ia32/crypto/bn/x86-mont.nasm | 486 ++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/des/crypt586.nasm | 887 +++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/des/des-586.nasm | 1835 +++++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/md5/md5-586.nasm | 690 ++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/modes/ghash-x86.nasm | 1264 +++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/rc4/rc4-586.nasm | 381 + > CryptoPkg/Library/OpensslLib/Ia32/crypto/sha/sha1-586.nasm | 3977 ++++++++++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/sha/sha256-586.nasm | 6796 ++++++++++++++++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/sha/sha512-586.nasm | 2842 +++++++ > CryptoPkg/Library/OpensslLib/Ia32/crypto/x86cpuid.nasm | 513 ++ > CryptoPkg/Library/OpensslLib/X64/crypto/aes/aesni-mb-x86_64.nasm | 1772 +++++ > CryptoPkg/Library/OpensslLib/X64/crypto/aes/aesni-sha1-x86_64.nasm | 3271 ++++++++ > CryptoPkg/Library/OpensslLib/X64/crypto/aes/aesni-sha256-x86_64.nasm | 4709 +++++++++++ > CryptoPkg/Library/OpensslLib/X64/crypto/aes/aesni-x86_64.nasm | 5084 ++++++++++++ > CryptoPkg/Library/OpensslLib/X64/crypto/aes/vpaes-x86_64.nasm | 1170 +++ > CryptoPkg/Library/OpensslLib/X64/crypto/bn/rsaz-avx2.nasm | 1989 +++++ > CryptoPkg/Library/OpensslLib/X64/crypto/bn/rsaz-x86_64.nasm | 2242 ++++++ > CryptoPkg/Library/OpensslLib/X64/crypto/bn/x86_64-gf2m.nasm | 432 + > CryptoPkg/Library/OpensslLib/X64/crypto/bn/x86_64-mont.nasm | 1479 ++++ > CryptoPkg/Library/OpensslLib/X64/crypto/bn/x86_64-mont5.nasm | 4033 ++++++++++ > CryptoPkg/Library/OpensslLib/X64/crypto/md5/md5-x86_64.nasm | 794 ++ > CryptoPkg/Library/OpensslLib/X64/crypto/modes/aesni-gcm-x86_64.nasm | 984 +++ > CryptoPkg/Library/OpensslLib/X64/crypto/modes/ghash-x86_64.nasm | 2077 +++++ > CryptoPkg/Library/OpensslLib/X64/crypto/rc4/rc4-md5-x86_64.nasm | 1395 ++++ > CryptoPkg/Library/OpensslLib/X64/crypto/rc4/rc4-x86_64.nasm | 784 ++ > CryptoPkg/Library/OpensslLib/X64/crypto/sha/keccak1600-x86_64.nasm | 532 ++ > CryptoPkg/Library/OpensslLib/X64/crypto/sha/sha1-mb-x86_64.nasm | 7581 ++++++++++++++++++ > CryptoPkg/Library/OpensslLib/X64/crypto/sha/sha1-x86_64.nasm | 5773 ++++++++++++++ > CryptoPkg/Library/OpensslLib/X64/crypto/sha/sha256-mb-x86_64.nasm | 8262 ++++++++++++++++++++ > CryptoPkg/Library/OpensslLib/X64/crypto/sha/sha256-x86_64.nasm | 5712 ++++++++++++++ > CryptoPkg/Library/OpensslLib/X64/crypto/sha/sha512-x86_64.nasm | 5668 ++++++++++++++ > CryptoPkg/Library/OpensslLib/X64/crypto/x86_64cpuid.nasm | 472 ++ > CryptoPkg/Library/OpensslLib/process_files.pl | 208 +- > CryptoPkg/Library/OpensslLib/uefi-asm.conf | 14 + > 46 files changed, 94478 insertions(+), 50 deletions(-) > create mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibIa32.inf > create mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibX64.inf > create mode 100644 CryptoPkg/Library/OpensslLib/ApiHooks.c > create mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibConstructor.c > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/aes/aesni-x86.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/aes/vpaes-x86.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/bn/bn-586.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/bn/co-586.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/bn/x86-gf2m.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/bn/x86-mont.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/des/crypt586.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/des/des-586.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/md5/md5-586.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/modes/ghash-x86.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/rc4/rc4-586.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/sha/sha1-586.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/sha/sha256-586.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/sha/sha512-586.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/Ia32/crypto/x86cpuid.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/aes/aesni-mb-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/aes/aesni-sha1-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/aes/aesni-sha256-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/aes/aesni-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/aes/vpaes-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/bn/rsaz-avx2.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/bn/rsaz-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/bn/x86_64-gf2m.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/bn/x86_64-mont.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/bn/x86_64-mont5.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/md5/md5-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/modes/aesni-gcm-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/modes/ghash-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/rc4/rc4-md5-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/rc4/rc4-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/sha/keccak1600-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/sha/sha1-mb-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/sha/sha1-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/sha/sha256-mb-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/sha/sha256-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/sha/sha512-x86_64.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/X64/crypto/x86_64cpuid.nasm > create mode 100644 CryptoPkg/Library/OpensslLib/uefi-asm.conf > (1) Please break this patch into at least two patches. The generated files add more than ninety thousand lines, and (as I understand) noone is expected to review them in detail. They should be separated to a dedicated patch. The rest of the code changes should be reviewed with more care, so they deserve at least one stand-alone patch (several patches if necessary). (2) Furthermore, I would suggest including a comment near the top of each generated NASM file that said file was generated, and should not be modified manually. (Of course this would mean updating the perl script -- I'm not asking for manual comments!) Thanks! Laszlo