[Bug 2030784] Re: Backport Intel's AVX512 patches on openssl 3.0
Adrien Nader
2030784 at bugs.launchpad.net
Mon Feb 19 10:43:38 UTC 2024
While preparing an update to 3.0.13 for Noble, I started encoutering
testsuite failures.
The cause is the AES patch combined with 3.0.13 (more specifically with the dupctx patches. The problematic combination looks something like the following:
- AES-GCM-enabled-with-AVX512-vAES-and-vPCLMULQDQ
- make-inability-to-dup-clone-ciphers-an-error
- Add-dupctx-support-to-aead-ciphers
- Fix-a-key-repointing-in-various-ciphers (this is probably only needed to avoid merge conflicts and not a cause of the issue)
This happens both on Intel and AMD systems which have the corresponding
CPU features.
I am going to prepare 3.0.13 _without_ the AES patch from here and I
will continue to investigate this with upstream's 3.2 (since this is a
rare CPU feature, it's possible CI tests don't exercise it).
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/2030784
Title:
Backport Intel's AVX512 patches on openssl 3.0
Status in openssl package in Ubuntu:
Fix Released
Bug description:
https://github.com/openssl/openssl/pull/14908
https://github.com/openssl/openssl/pull/17239
These should provide a nice performance bonus on recent CPUs, and the
patches are fairly self-contained.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2030784/+subscriptions
More information about the foundations-bugs
mailing list