From: Theo Buehler Subject: Re: openssl/1.1: missing endbr64 for padlock engine To: Mark Kettenis Cc: ports@openbsd.org, kettenis@openbsd.org Date: Sat, 24 Feb 2024 17:47:42 +0100 On Sat, Feb 24, 2024 at 05:39:23PM +0100, Mark Kettenis wrote: > > Date: Sat, 24 Feb 2024 17:33:10 +0100 > > From: Theo Buehler > > > > This adds missing endbr64 to the padlock engine in openssl/1.1: > > > > ld: warning: padlock_capability: missing endbr64 > > ld: warning: padlock_key_bswap: missing endbr64 > > ld: warning: padlock_verify_context: missing endbr64 > > ld: warning: padlock_reload_key: missing endbr64 > > ld: warning: padlock_aes_block: missing endbr64 > > ld: warning: padlock_xstore: missing endbr64 > > ld: warning: padlock_sha1_oneshot: missing endbr64 > > ld: warning: padlock_sha1_blocks: missing endbr64 > > ld: warning: padlock_sha256_oneshot: missing endbr64 > > ld: warning: padlock_sha256_blocks: missing endbr64 > > ld: warning: padlock_sha512_blocks: missing endbr64 > > ld: warning: padlock_ecb_encrypt: missing endbr64 > > ld: warning: padlock_cbc_encrypt: missing endbr64 > > ld: warning: padlock_cfb_encrypt: missing endbr64 > > ld: warning: padlock_ofb_encrypt: missing endbr64 > > ld: warning: padlock_ctr32_encrypt: missing endbr64 > > Not opposed to fixing these, but I doubt we'll ever see a CPU that has > both the VIA PadLock instructions and IBT ;). > > (Sorry, didn't realize this until after I sent out that diff) Me neither until deraadt pointed it out off-list. > ok kettenis@ (but also fine if you decide to drop this) Let's not do it then. > Is this code still there in openssl 3.x? Yes, it is there and it does not have endbr64 annotations unlike most of the other code.