Bug 1655493 - Support SHA2 HW acceleration using Intel SHA Extension.…

… r=bbeurdouche Before applying (on Ryzen 9 3900X) ``` # mode in opreps cxreps context op time(sec) thrgput sha256_e 1Gb 208Mb 23M 0 0.000 10000.000 10.000 123Mb 301Kb ``` After applying ``` # mode in opreps cxreps context op time(sec) thrgput sha256_e 5Gb 797Mb 110M 0 0.000 10000.000 10.000 591Mb 769Kb ``` Differential Revision: https://phabricator.services.mozilla.com/D116962
ffontaine · Jun 25, 2021 · 56d664e · 56d664e
1 parent 866c672
commit 56d664e
Show file tree

Hide file tree

Showing 7 changed files with 343 additions and 9 deletions.
diff --git a/automation/taskcluster/graph/src/extend.js b/automation/taskcluster/graph/src/extend.js
@@ -567,6 +567,13 @@ async function scheduleLinux(name, overrides, args = "") {
       CC: "gcc-4.8",
       CCC: "g++-4.8"
     },
+    // Use -Ddisable-intelhw_sha=1, GYP doesn't have a proper GCC version
+    // check for Intel SHA support.
+    command: [
+      "/bin/bash",
+      "-c",
+      "bin/checkout.sh && nss/automation/taskcluster/scripts/build_gyp.sh -Ddisable_intel_hw_sha=1"
+    ],
     symbol: "gcc-4.8"
   }));
 

diff --git a/coreconf/WIN32.mk b/coreconf/WIN32.mk
@@ -56,6 +56,8 @@ else
 	_MSC_VER_GE_11 := $(shell expr $(_MSC_VER) \>= 1700)
 	# VC12 (2013).
 	_MSC_VER_GE_12 := $(shell expr $(_MSC_VER) \>= 1800)
+	# VC14 (2015).
+	_MSC_VER_GE_14 := $(shell expr $(_MSC_VER) \>= 1900)
 	ifeq ($(_CC_VMAJOR),14)
 	    # -DYNAMICBASE is only supported on VC8SP1 or newer,
 	    # so be very specific here!

diff --git a/coreconf/config.gypi b/coreconf/config.gypi
@@ -99,6 +99,7 @@
     'disable_arm_hw_aes%': 0,
     'disable_arm_hw_sha1%': 0,
     'disable_arm_hw_sha2%': 0,
+    'disable_intel_hw_sha%': 0,
     'disable_tests%': 0,
     'disable_chachapoly%': 0,
     'disable_deprecated_seed%': 0,

diff --git a/lib/freebl/Makefile b/lib/freebl/Makefile
@@ -118,6 +118,20 @@ ifneq (,$(USE_64)$(USE_X32))
 else
         DEFINES += -DNSS_X86
 endif
+    ifdef CC_IS_CLANG
+        EXTRA_SRCS += sha256-x86.c
+        DEFINES += -DUSE_HW_SHA2
+    else ifeq (1,$(CC_IS_GCC))
+        # Old compiler doesn't support Intel SHA extension
+        ifneq (,$(filter 4.9,$(word 1,$(GCC_VERSION)).$(word 2,$(GCC_VERSION))))
+            EXTRA_SRCS += sha256-x86.c
+            DEFINES += -DUSE_HW_SHA2
+        endif
+        ifeq (,$(filter 0 1 2 3 4,$(word 1,$(GCC_VERSION))))
+            EXTRA_SRCS += sha256-x86.c
+            DEFINES += -DUSE_HW_SHA2
+        endif
+    endif
 endif
 ifeq ($(CPU_ARCH),aarch64)
     ifdef CC_IS_CLANG
@@ -204,6 +218,11 @@ else
 	    INTEL_GCM_CLANG_CL = 1
 	endif
     endif
+    # The Intel SHA extenstion requires Visual C++ 2015.
+    ifeq ($(_MSC_VER_GE_14),1)
+        DEFINES += -DUSE_HW_SHA2
+        EXTRA_SRCS += sha256-x86.c
+    endif
 endif
 else
     # -DMP_NO_MP_WORD
@@ -230,6 +249,11 @@ ifeq ($(CPU_ARCH),x86_64)
 	    INTEL_GCM_CLANG_CL = 1
 	endif
     endif
+    # The Intel SHA extenstion requires Visual C++ 2015.
+    ifeq ($(_MSC_VER_GE_14),1)
+        DEFINES += -DUSE_HW_SHA2
+        EXTRA_SRCS += sha256-x86.c
+    endif
     MPI_SRCS += mpi_amd64.c
 endif
 endif
@@ -740,6 +764,8 @@ ifdef INTEL_GCM_CLANG_CL
 $(OBJDIR)/$(PROG_PREFIX)intel-gcm-wrap$(OBJ_SUFFIX): CFLAGS += -mssse3
 endif
 
+$(OBJDIR)/$(PROG_PREFIX)sha256-x86$(OBJ_SUFFIX): CFLAGS += -msha -mssse3 -msse4.1
+
 ifeq ($(CPU_ARCH),arm)
 # When the compiler uses the softfloat ABI, we want to use the compatible softfp ABI when
 # enabling NEON for these objects.

diff --git a/lib/freebl/freebl.gyp b/lib/freebl/freebl.gyp
@@ -219,6 +219,38 @@
         }]
       ]
     },
+    {
+      'target_name': 'sha-x86_c_lib',
+      'type': 'static_library',
+      'sources': [
+        'sha256-x86.c'
+      ],
+      'dependencies': [
+        '<(DEPTH)/exports.gyp:nss_exports'
+      ],
+      'cflags': [
+        '-msha',
+        '-mssse3',
+        '-msse4.1'
+      ],
+      'cflags_mozilla': [
+        '-msha',
+        '-mssse3',
+        '-msse4.1'
+      ],
+      'conditions': [
+        # macOS build doesn't use cflags.
+        [ 'OS=="mac" or OS=="ios"', {
+          'xcode_settings': {
+            'OTHER_CFLAGS': [
+              '-msha',
+              '-mssse3',
+              '-msse4.1'
+            ],
+          },
+        }]
+      ]
+    },
     {
       'target_name': 'gcm-aes-arm32-neon_c_lib',
       'type': 'static_library',
@@ -488,6 +520,11 @@
             'armv8_c_lib'
           ],
         }],
+        [ '(target_arch=="ia32" or target_arch=="x64") and disable_intel_hw_sha==0', {
+          'dependencies': [
+            'sha-x86_c_lib',
+          ],
+        }],
         [ 'disable_arm32_neon==0 and target_arch=="arm"', {
           'dependencies': [
             'gcm-aes-arm32-neon_c_lib',
@@ -570,6 +607,11 @@
             'armv8_c_lib',
           ],
         }],
+        [ '(target_arch=="ia32" or target_arch=="x64") and disable_intel_hw_sha==0', {
+          'dependencies': [
+            'sha-x86_c_lib',
+          ],
+        }],
         [ 'disable_arm32_neon==0 and target_arch=="arm"', {
           'dependencies': [
             'gcm-aes-arm32-neon_c_lib',
@@ -765,6 +807,11 @@
           },
         },
       }],
+      [ '(OS=="win" or OS=="mac" or OS=="ios") and (target_arch=="ia32" or target_arch=="x64") and disable_intel_hw_sha==0', {
+        'defines': [
+          'USE_HW_SHA2',
+        ],
+      }],
       [ '(OS=="win" or OS=="mac" or OS=="ios") and (target_arch=="arm64" or target_arch=="aarch64") and disable_arm_hw_aes==0', {
         'defines': [
           'USE_HW_AES',
@@ -846,6 +893,11 @@
               'ARMHF',
             ],
           }],
+          [ 'disable_intel_hw_sha==0 and (target_arch=="ia32" or target_arch=="x64")', {
+            'defines': [
+              'USE_HW_SHA2',
+            ],
+          }],
           [ 'disable_arm_hw_aes==0 and (target_arch=="arm" or target_arch=="arm64" or target_arch=="aarch64")', {
             'defines': [
               'USE_HW_AES',