Package: libnss3
Version: 2:3.23-1
Severity: important
Tags: patch
User: debian-...@lists.debian.org
Usertags: port-x32
Hi!
I'm afraid there's a problem in the hardware AES implementation on x32 on
certain Intel CPUs. This is caught by the testsuite but only when the package
is built on one of such CPUs. This includes the vs76 buildd but none of
machines I currently have access to.
I've narrowed the problem to intel_aes_*_worker() functions in freebl, their
implementation is in nss/lib/freebl/intel-gcm-x64-masm.asm . Alas, properly
fixing this would require knowledge of obscure crypto opcodes, which I don't
possess. Here's a patch that disables this acceleration until someone with
more clue can help.
Description: disable Intel AES on x32
Currently intel_aes_*_worker() doesn't appear to work on x32, at least on
certain newer Intel CPUs (all reported to fail were i7). Thus, disable this
acceleration on x32 until someone who knows these functions can help.
--- nss-3.23.orig/nss/lib/freebl/rijndael.c
+++ nss-3.23/nss/lib/freebl/rijndael.c
@@ -1066,6 +1066,9 @@ aes_InitContext(AESContext *cx, const un
}
use_hw_aes = (PRBool)
(has_intel_aes > 0 && (keysize % 8) == 0 && blocksize == 16);
+#if defined __x86_64__ && defined __ILP32__
+ use_hw_aes = 0; // disable on x32 for now
+#endif
#ifdef INTEL_GCM
use_hw_gcm = (PRBool)
(use_hw_aes && has_intel_avx>0 && has_intel_clmul>0);
