Hi,

>> So maybe it's the feature detection that runs when the plugin is loaded.
>>  But that's some simple push/pop/mov and cpuid assembler code [1].  Does
>> your CPU lack support for cpuid?
> 
> It has cpuid. Wikipedia agrees cpuid exists since 486, cpuid should be safe.
> Debian 12 cpu_feature.c uses only cpuid leaf 0 and leaf 1, that should be 
> safe.
> 
> Result from gdb: Illegal instruction is punpcklqdq in aesni_plugin_create.
>   <+52>: movd %ecs,%xmm0
>   <+56>: movd %edx,%xmm0
>   <+60>: punpckldq %xmm2,%xmm1
>   <+64>: punpckldq %xmm3,%xmm0
> =><+68>: puncpklqdq %xmm1,%xmm0
>   <+72>: movups %#mm0,(%eax)
>   <+75>: add $0x18,%esp
>   <+78>: pop %ebx
>   <+79>: ret

Oh, interesting.  The complete `aesni` plugin is compiled with `-maes
-mpclmul -mssse3`.  That apparently causes the compiler to "optimize"
the code there.  I guess we could split the plugin into a helper library
that uses those flags and compile the plugin constructor/detection code
without it.  I've pushed such a change to the devel branch [1].

Anyway, another question is if it actually makes sense to ship the
plugin in Debian.  The default crypto library is OpenSSL nowadays and
since that will use AES-NI etc. anyway (likely more optimized than this
plugin), there is probably not much use having `aesni` enabled as well.

Regards,
Tobias

[1]
https://github.com/strongswan/strongswan/commit/553ac5678b50729da896fa07ff8bc502a2a8f3da

Reply via email to