1=pod 2 3=head1 NAME 4 5OPENSSL_ia32cap - the x86[_64] processor capabilities vector 6 7=head1 SYNOPSIS 8 9 env OPENSSL_ia32cap=... <application> 10 11=head1 DESCRIPTION 12 13OpenSSL supports a range of x86[_64] instruction set extensions. These 14extensions are denoted by individual bits in capability vector returned 15by processor in EDX:ECX register pair after executing CPUID instruction 16with EAX=1 input value (see Intel Application Note #241618). This vector 17is copied to memory upon toolkit initialization and used to choose 18between different code paths to provide optimal performance across wide 19range of processors. For the moment of this writing following bits are 20significant: 21 22=over 4 23 24=item bit #4 denoting presence of Time-Stamp Counter. 25 26=item bit #19 denoting availability of CLFLUSH instruction; 27 28=item bit #20, reserved by Intel, is used to choose among RC4 code paths; 29 30=item bit #23 denoting MMX support; 31 32=item bit #24, FXSR bit, denoting availability of XMM registers; 33 34=item bit #25 denoting SSE support; 35 36=item bit #26 denoting SSE2 support; 37 38=item bit #28 denoting Hyperthreading, which is used to distinguish 39cores with shared cache; 40 41=item bit #30, reserved by Intel, denotes specifically Intel CPUs; 42 43=item bit #33 denoting availability of PCLMULQDQ instruction; 44 45=item bit #41 denoting SSSE3, Supplemental SSE3, support; 46 47=item bit #43 denoting AMD XOP support (forced to zero on non-AMD CPUs); 48 49=item bit #54 denoting availability of MOVBE instruction; 50 51=item bit #57 denoting AES-NI instruction set extension; 52 53=item bit #58, XSAVE bit, lack of which in combination with MOVBE is used 54to identify Atom Silvermont core; 55 56=item bit #59, OSXSAVE bit, denoting availability of YMM registers; 57 58=item bit #60 denoting AVX extension; 59 60=item bit #62 denoting availability of RDRAND instruction; 61 62=back 63 64For example, in 32-bit application context clearing bit #26 at run-time 65disables high-performance SSE2 code present in the crypto library, while 66clearing bit #24 disables SSE2 code operating on 128-bit XMM register 67bank. You might have to do the latter if target OpenSSL application is 68executed on SSE2 capable CPU, but under control of OS that does not 69enable XMM registers. Historically address of the capability vector copy 70was exposed to application through OPENSSL_ia32cap_loc(), but not 71anymore. Now the only way to affect the capability detection is to set 72OPENSSL_ia32cap environment variable prior target application start. To 73give a specific example, on Intel P4 processor 'env 74OPENSSL_ia32cap=0x16980010 apps/openssl', or better yet 'env 75OPENSSL_ia32cap=~0x1000000 apps/openssl' would achieve the desired 76effect. Alternatively you can reconfigure the toolkit with no-sse2 77option and recompile. 78 79Less intuitive is clearing bit #28, or ~0x10000000 in the "environment 80variable" terms. The truth is that it's not copied from CPUID output 81verbatim, but is adjusted to reflect whether or not the data cache is 82actually shared between logical cores. This in turn affects the decision 83on whether or not expensive countermeasures against cache-timing attacks 84are applied, most notably in AES assembler module. 85 86The capability vector is further extended with EBX value returned by 87CPUID with EAX=7 and ECX=0 as input. Following bits are significant: 88 89=over 4 90 91=item bit #64+3 denoting availability of BMI1 instructions, e.g. ANDN; 92 93=item bit #64+5 denoting availability of AVX2 instructions; 94 95=item bit #64+8 denoting availability of BMI2 instructions, e.g. MULX 96and RORX; 97 98=item bit #64+16 denoting availability of AVX512F extension; 99 100=item bit #64+18 denoting availability of RDSEED instruction; 101 102=item bit #64+19 denoting availability of ADCX and ADOX instructions; 103 104=item bit #64+21 denoting availability of VPMADD52[LH]UQ instructions, 105a.k.a. AVX512IFMA extension; 106 107=item bit #64+29 denoting availability of SHA extension; 108 109=item bit #64+30 denoting availability of AVX512BW extension; 110 111=item bit #64+31 denoting availability of AVX512VL extension; 112 113=item bit #64+41 denoting availability of VAES extension; 114 115=item bit #64+42 denoting availability of VPCLMULQDQ extension; 116 117=back 118 119To control this extended capability word use ':' as delimiter when 120setting up OPENSSL_ia32cap environment variable. For example assigning 121':~0x20' would disable AVX2 code paths, and ':0' - all post-AVX 122extensions. 123 124It should be noted that whether or not some of the most "fancy" 125extension code paths are actually assembled depends on current assembler 126version. Base minimum of AES-NI/PCLMULQDQ, SSSE3 and SHA extension code 127paths are always assembled. Apart from that, minimum assembler version 128requirements are summarized in below table: 129 130 Extension | GNU as | nasm | llvm 131 ------------+--------+--------+-------- 132 AVX | 2.19 | 2.09 | 3.0 133 AVX2 | 2.22 | 2.10 | 3.1 134 ADCX/ADOX | 2.23 | 2.10 | 3.3 135 AVX512 | 2.25 | 2.11.8 | see NOTES 136 AVX512IFMA | 2.26 | 2.11.8 | see NOTES 137 VAES | 2.30 | 2.13.3 | 138 139=head1 NOTES 140 141Even though AVX512 support was implemented in llvm 3.6, compilation of 142assembly modules apparently requires explicit -march flag. But then 143compiler generates processor-specific code, which in turn contradicts 144the mere idea of run-time switch execution facilitated by the variable 145in question. Till the limitation is lifted, it's possible to work around 146the problem by making build procedure use following script: 147 148 #!/bin/sh 149 exec clang -no-integrated-as "$@" 150 151instead of real clang. In which case it doesn't matter which clang 152version is used, as it is GNU assembler version that will be checked. 153 154=head1 RETURN VALUES 155 156Not available. 157 158=head1 COPYRIGHT 159 160Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved. 161 162Licensed under the OpenSSL license (the "License"). You may not use 163this file except in compliance with the License. You can obtain a copy 164in the file LICENSE in the source distribution or at 165L<https://www.openssl.org/source/license.html>. 166 167=cut 168