Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The CryptX Perl module contains a vendored copy of libtomcrypt. It uses
-msse4.1 -maes
to enable AES-NI support. The problem is that these flags are used for all source files. This results inSIGILL
crashes on CPUs without SSE4.1.I think the solution is for CryptX to use
-msse4.1 -maes
only foraesni.c
. But this is not possible without several changes to libtomcrypt. This pull request is a proposal for those changes.The primary change is in how SSE4.1 is detected. Currently libtomcrypt checks
__SSE4_1__
. But this requires that-msse4.1
is used for multiple source files. Moreover, it's a compile-time check, not a run-time one. I think it would be better to detect SSE4.1 withcpuid
.Then there is the build procedure. I came up with the following approach. By default, AES-NI support is disabled. To enable it, add
-DLTC_AES_NI
toCFLAGS
and set the required compiler flags inCFLAGS_AES_NI
(typically-maes -msse4.1
). For example:Checklist