MDEV-20386: Allow RDRAND, RDSEED WITH_MSANbb-10.5-MDEV-20386

Let us use Intel intrinsic functions in WolfSSL whenever possible. This allows such code to be compiled WITH_MSAN.
author: Marko Mäkelä <marko.makela@mariadb.com> 2020-12-10 17:36:59 +0200
committer: Marko Mäkelä <marko.makela@mariadb.com> 2020-12-10 17:36:59 +0200
commit: ec9c5e9d19719ab9b6ce91c4c939e5203ba39c0d (patch)
tree: 5042197a8fcbcc7eefab78e79cf026b60fdfc92e
parent: 0c7c449267655ed759f223067c5095d7df3665b3 (diff)
download: mariadb-git-bb-10.5-MDEV-20386.tar.gz
3 files changed, 30 insertions, 29 deletions
diff --git a/extra/wolfssl/CMakeLists.txt b/extra/wolfssl/CMakeLists.txt
index 953d377ebcf..c2d71ab0f31 100644
--- a/extra/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/CMakeLists.txt
@@ -9,20 +9,32 @@ ENDIF()
 IF(CMAKE_SIZEOF_VOID_P MATCHES 8)
 IF(MSVC)
   SET(WOLFSSL_INTELASM ON)
+  SET(WOLFSSL_X86_64_BUILD 1)
+  SET(HAVE_INTEL_RDSEED 1)
+  SET(HAVE_INTEL_RDRAND 1)
 ELSEIF(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64|amd64")
+  SET(WOLFSSL_X86_64_BUILD 1)
   IF(CMAKE_C_COMPILER_ID MATCHES GNU  AND CMAKE_C_COMPILER_VERSION VERSION_LESS 4.9)
     MESSAGE_ONCE(NO_INTEL_ASSEMBLY "Disable Intel assembly for WolfSSL - compiler is too old")
-  ELSEIF(WITH_MSAN)
-    MESSAGE_ONCE(MSAN_CANT_HANDLE_IT
-      "Disable Intel assembly for WolfSSL - MSAN can't handle it")
   ELSE()
-    MY_CHECK_C_COMPILER_FLAG(-maes)
-    MY_CHECK_C_COMPILER_FLAG(-msse4)
-    MY_CHECK_C_COMPILER_FLAG(-mpclmul)
+    IF(WITH_MSAN)
+      MESSAGE_ONCE(MSAN_CANT_HANDLE_IT
+	"Disable Intel assembly for WolfSSL - MSAN can't handle it")
+    ELSE()
+      MY_CHECK_C_COMPILER_FLAG(-maes)
+      MY_CHECK_C_COMPILER_FLAG(-msse4)
+      MY_CHECK_C_COMPILER_FLAG(-mpclmul)
+      IF(have_C__maes AND have_C__msse4 AND have_C__mpclmul)
+        SET(WOLFSSL_INTELASM ON)
+      ENDIF()
+    ENDIF()
     MY_CHECK_C_COMPILER_FLAG(-mrdrnd)
     MY_CHECK_C_COMPILER_FLAG(-mrdseed)
-    IF(have_C__maes AND have_C__msse4 AND have_C__mpclmul)
-      SET(WOLFSSL_INTELASM ON)
+    IF(have_C__mrdrnd)
+      SET(HAVE_INTEL_RDRAND ON)
+    ENDIF()
+    IF(have_C__mrdseed)
+      SET(HAVE_INTEL_RDSEED ON)
     ENDIF()
   ENDIF()
 ENDIF()
@@ -109,33 +121,22 @@ ELSE()
   SET(WOLFCRYPT_SOURCES  ${WOLFCRYPT_SOURCES} ${WOLFCRYPT_SRCDIR}/integer.c)
 ENDIF()
 
-IF(WOLFSSL_INTELASM)
-  SET(WOLFSSL_AESNI 1)
-
+IF(WOLFSSL_X86_64_BUILD)
   LIST(APPEND WOLFCRYPT_SOURCES ${WOLFCRYPT_SRCDIR}/cpuid.c)
   IF(MSVC)
+    SET(WOLFSSL_AESNI 1)
     LIST(APPEND WOLFCRYPT_SOURCES ${WOLFCRYPT_SRCDIR}/aes_asm.asm)
-    SET(WOLFSSL_X86_64_BUILD 1)
-    SET(HAVE_INTEL_RDSEED 1)
-    SET(HAVE_INTEL_RDRAND 1)
     IF(CMAKE_C_COMPILER_ID MATCHES Clang)
       SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -maes -msse4.2 -mpclmul -mrdrnd -mrdseed")
     ENDIF()
-  ELSEIF(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64|amd64")
+  ELSEIF(WOLFSSL_INTELASM)
+    SET(WOLFSSL_AESNI 1)
     SET(USE_INTEL_SPEEDUP 1)
     LIST(APPEND WOLFCRYPT_SOURCES
-        ${WOLFCRYPT_SRCDIR}/aes_asm.S
-        ${WOLFCRYPT_SRCDIR}/sha512_asm.S
-        ${WOLFCRYPT_SRCDIR}/sha256_asm.S)
-    ADD_DEFINITIONS(-maes -msse4 -mpclmul)
-    IF(have_C__mrdrnd)
-      SET(HAVE_INTEL_RDRAND 1)
-      ADD_DEFINITIONS(-mrdrnd)
-    ENDIF()
-    IF(have_C__mrdseed)
-      SET(HAVE_INTEL_RDSEED 1)
-      ADD_DEFINITIONS(-mrdseed)
-    ENDIF()
+      ${WOLFCRYPT_SRCDIR}/aes_asm.S
+      ${WOLFCRYPT_SRCDIR}/sha512_asm.S
+      ${WOLFCRYPT_SRCDIR}/sha256_asm.S)
+    ADD_DEFINITIONS(-maes -msse4.2 -mpclmul)
   ENDIF()
 ENDIF()
 
diff --git a/extra/wolfssl/wolfssl b/extra/wolfssl/wolfssl
-Subproject e116c89a58af750421d82ece13f80516d2bde02
+Subproject ad1118326b157ff393c90eee1b2587838a07bf7
diff --git a/include/ssl_compat.h b/include/ssl_compat.h
index 8cc0e6a9a2b..160de1e2812 100644
--- a/include/ssl_compat.h
+++ b/include/ssl_compat.h
@@ -73,19 +73,19 @@
 #define EVP_MD_CTX_SIZE                 sizeof(EVP_MD_CTX)
 #endif
 
-#define OPENSSL_init_ssl(X,Y)           SSL_library_init()
 #define DH_set0_pqg(D,P,Q,G)            ((D)->p= (P), (D)->g= (G))
 #define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf)
 #define EVP_CIPHER_CTX_encrypting(ctx)  ((ctx)->encrypt)
 #define EVP_CIPHER_CTX_SIZE             sizeof(EVP_CIPHER_CTX)
 
 #ifndef HAVE_WOLFSSL
+#define OPENSSL_init_ssl(X,Y)           SSL_library_init()
 #define EVP_MD_CTX_reset(X) EVP_MD_CTX_cleanup(X)
 #define EVP_CIPHER_CTX_reset(X) EVP_CIPHER_CTX_cleanup(X)
-#endif
 #define X509_get0_notBefore(X) X509_get_notBefore(X)
 #define X509_get0_notAfter(X) X509_get_notAfter(X)
 #endif
+#endif
 
 #ifndef TLS1_3_VERSION
 #define SSL_CTX_set_ciphersuites(X,Y) 0
author	Marko Mäkelä <marko.makela@mariadb.com>	2020-12-10 17:36:59 +0200
committer	Marko Mäkelä <marko.makela@mariadb.com>	2020-12-10 17:36:59 +0200
commit	ec9c5e9d19719ab9b6ce91c4c939e5203ba39c0d (patch)
tree	5042197a8fcbcc7eefab78e79cf026b60fdfc92e
parent	0c7c449267655ed759f223067c5095d7df3665b3 (diff)
download	mariadb-git-bb-10.5-MDEV-20386.tar.gz