[Pkg-openssl-devel] Bug#622387: Bug#622387: padlock on via nano
Gilles Chanteperdrix
gilles.chanteperdrix at xenomai.org
Sun Mar 10 13:43:01 UTC 2013
On 03/10/2013 02:36 PM, Kurt Roeckx wrote:
> On Sun, Mar 10, 2013 at 02:19:53PM +0100, Gilles Chanteperdrix wrote:
>>
>> There seems to exist a patch to enable padlock on via nano, it may be
>> found here:
>> https://bugzilla.redhat.com/attachment.cgi?id=433962
>>
>> I have tried it and it seems to improve openssl performance on via nano,
>> BUT...
>>
>> For some reason, this patch does not seem to be in the (more recent)
>> version of openssl used on sid, so I am not sure it is safe to apply it.
>
> If you apply the attached patch to /etc/ssl/openssl.cnf it should
> work for you. I added this patch to Debian at some point, but
> it broke on non-via CPUs so I had to disable it again.
No, the file engine/e_padlock.c on sid and crypto/engines/eng_padlock.c
on squeeze contains the following piece of code:
#undef COMPILE_HW_PADLOCK
#if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
(defined(_MSC_VER) && defined(_M_IX86))
# define COMPILE_HW_PADLOCK
# endif
#endif
Which avoids compilation of the padlock engine on amd64, openssl engine
returns:
(dynamic) Dynamic engine loading support
So, no padlock.
The patch mentioned in the mail to which you are replying not only fixes
that, but also provides assembly code for amd64.
--
Gilles.
More information about the Pkg-openssl-devel
mailing list