diff options
| author | Eneas U de Queiroz <cotequeiroz@gmail.com> | 2022-04-19 12:02:09 -0300 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2022-06-09 00:06:55 +0200 |
| commit | fe9c4593b5469b08f9195d5ffe09783e2ea50689 (patch) | |
| tree | 462ca9868fceabfb0904f7a6735df0dd2be46389 | |
| parent | 50b6f5604b158138878955cf6ce745381129ed05 (diff) | |
| download | openwrt-fe9c4593b5469b08f9195d5ffe09783e2ea50689.tar.gz openwrt-fe9c4593b5469b08f9195d5ffe09783e2ea50689.tar.bz2 openwrt-fe9c4593b5469b08f9195d5ffe09783e2ea50689.zip | |
wolfssl: enable CPU crypto instructions
This enables AES & SHA CPU instructions for compatible armv8, and x86_64
architectures. Add this to the hardware acceleration choice, since they
can't be enabled at the same time.
The package was marked non-shared, since the arm CPUs may or may not
have crypto extensions enabled based on licensing; bcm27xx does not
enable them. There is no run-time detection of this for arm.
NOTE:
Should this be backported to a release branch, it must be done shortly
before a new minor release, because the change to nonshared will remove
libwolfssl from the shared packages, but the nonshared are only built in
a subsequent release!
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 0a2edc2714dcda10be902c32525723ce2cbcb138)
| -rw-r--r-- | package/libs/wolfssl/Config.in | 12 | ||||
| -rw-r--r-- | package/libs/wolfssl/Makefile | 11 |
2 files changed, 23 insertions, 0 deletions
diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in index b32d5ab6cb..f495a90ff6 100644 --- a/package/libs/wolfssl/Config.in +++ b/package/libs/wolfssl/Config.in @@ -62,13 +62,25 @@ config WOLFSSL_ALT_NAMES config WOLFSSL_HAS_DEVCRYPTO bool +config WOLFSSL_ASM_CAPABLE + bool + default x86_64 || (aarch64 && !TARGET_bcm27xx) + choice prompt "Hardware Acceleration" + default WOLFSSL_HAS_CPU_CRYPTO if WOLFSSL_ASM_CAPABLE default WOLFSSL_HAS_NO_HW config WOLFSSL_HAS_NO_HW bool "None" + config WOLFSSL_HAS_CPU_CRYPTO + bool "Use CPU crypto instructions" + depends on WOLFSSL_ASM_CAPABLE + help + This will use Intel AESNI insturctions or armv8 Crypto Extensions. + Either of them should easily outperform hardware crypto in WolfSSL. + config WOLFSSL_HAS_AFALG bool "AF_ALG" diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile index 9283737542..3edd526364 100644 --- a/package/libs/wolfssl/Makefile +++ b/package/libs/wolfssl/Makefile @@ -43,6 +43,7 @@ PKG_ABI_VERSION:=$(patsubst %-stable,%,$(PKG_VERSION)).$(call version_abbrev,$(c PKG_CONFIG_DEPENDS+=\ CONFIG_WOLFSSL_HAS_AFALG \ + CONFIG_WOLFSSL_HAS_CPU_CRYPTO \ CONFIG_WOLFSSL_HAS_DEVCRYPTO_AES \ CONFIG_WOLFSSL_HAS_DEVCRYPTO_CBC \ CONFIG_WOLFSSL_HAS_DEVCRYPTO_FULL @@ -59,6 +60,7 @@ endef define Package/libwolfssl $(call Package/libwolfssl/Default) TITLE:=wolfSSL library + PKGFLAGS:=nonshared MENU:=1 PROVIDES:=libcyassl DEPENDS:=+WOLFSSL_HAS_DEVCRYPTO:kmod-cryptodev +WOLFSSL_HAS_AFALG:kmod-crypto-user @@ -133,6 +135,15 @@ CONFIGURE_ARGS += \ --enable-wpas --enable-fortress --enable-fastmath endif +ifdef CONFIG_WOLFSSL_HAS_CPU_CRYPTO + ifdef CONFIG_aarch64 + CONFIGURE_ARGS += --enable-armasm + TARGET_CFLAGS:=$(TARGET_CFLAGS:-mcpu%=-mcpu%+crypto) + else ifdef CONFIG_TARGET_x86_64 + CONFIGURE_ARGS += --enable-intelasm + endif +endif + define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib/pkgconfig $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ |