[Raspbian-devel] [PATCH] debian, raspbian, openssl and performance
Yuriy M. Kaminskiy
yumkam+debian at gmail.com
Fri Jan 25 12:11:30 GMT 2019
On 12.01.2019 19:16, Yuriy M. Kaminskiy wrote:
...
> Same applies to libssl1.0.2 package (source package openssl1.0)
> that is still used in {debian,raspbian}-stretch (notably, in curl)
... and openssh, apache, etc; list of libssl1.0.2's rdepends in stretch
is still rather long
> Patches attached (for stretch - openssl-1.0.2q^1 and openssl-1.1.0j, and
> for buster - 1.1.1a); they are probably acceptable for upstream (debian)
> packaging inclusion, however as they bring practically nothing to
> "debian proper", I'm not sure if they will.
>
> ^1 openssl 1.0.2 required backporting commit
> cfe670732b63b875054aabd965a7bcecc6508657; beware: it is not
> straightforward, hopefully I have not messed up anything, but I don't
> have hardware to test - affected code only runs on armv8 with sha256
> extension.
FWIW, I managed to ran test that exercised affected (1.0.2) code with
LD_LIBRARY_PATH=/path/to qemu-arm-static -cpu max -d in_asm
/path/to/openssl-1.0.2 sha256 2>in_asm.trace
and found no problems (sha256 are correct for several-sized samples, and
there are sha256* instructions from affected code in the trace), so it
should be safe.
> Passed limited testing on rpi3b+; I don't have hardware to test on
> earlier version (or other fruit-pi).
>
> Another option is to build and install separate `-marmv7-a -mfpu=neon`
> optimized binary in {/usr,}/lib/neon; but performance difference with
> "universal build" is very minor.
More information about the Raspbian-devel
mailing list