Package: libnss3 Version: 2:3.23-1 Severity: important Tags: patch User: debian-...@lists.debian.org Usertags: port-x32
Hi! I'm afraid there's a problem in the hardware AES implementation on x32 on certain Intel CPUs. This is caught by the testsuite but only when the package is built on one of such CPUs. This includes the vs76 buildd but none of machines I currently have access to. I've narrowed the problem to intel_aes_*_worker() functions in freebl, their implementation is in nss/lib/freebl/intel-gcm-x64-masm.asm . Alas, properly fixing this would require knowledge of obscure crypto opcodes, which I don't possess. Here's a patch that disables this acceleration until someone with more clue can help.
Description: disable Intel AES on x32 Currently intel_aes_*_worker() doesn't appear to work on x32, at least on certain newer Intel CPUs (all reported to fail were i7). Thus, disable this acceleration on x32 until someone who knows these functions can help. --- nss-3.23.orig/nss/lib/freebl/rijndael.c +++ nss-3.23/nss/lib/freebl/rijndael.c @@ -1066,6 +1066,9 @@ aes_InitContext(AESContext *cx, const un } use_hw_aes = (PRBool) (has_intel_aes > 0 && (keysize % 8) == 0 && blocksize == 16); +#if defined __x86_64__ && defined __ILP32__ + use_hw_aes = 0; // disable on x32 for now +#endif #ifdef INTEL_GCM use_hw_gcm = (PRBool) (use_hw_aes && has_intel_avx>0 && has_intel_clmul>0);