[SCM] Samba Shared Repository - branch v4-7-test updated
Karolin Seeger
kseeger at samba.org
Mon Sep 11 03:31:03 UTC 2017
The branch, v4-7-test has been updated
via 4e64d1f WHATSNEW: Unify usage of "''".
via 9651f4a WHATSNEW: Add Using x86_64 Accelerated AES Crypto Instructions section.
via a1aa3f4 lib: crypto: Add the ability to select Intel AESNI instruction set at configure time.
via 9d193a9 lib: crypto: Plumb in the Intel AES instructions.
via 8e2afc8 lib: crypt: Prepare the existing code to switch to Intel AES hardware instructions.
via ed459e2 third_party: Add build capability to aesni-intel.
via add95df third_party: Add the Intel Add support for AES-NI acceleration.
via 36aa4af messaging: Avoid a socket leak after fork
from f08b212 pthreadpool: Test fork with an active thread
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-7-test
- Log -----------------------------------------------------------------
commit 4e64d1fb31196e1e326f097b9e98362bc203f9bc
Author: Karolin Seeger <kseeger at samba.org>
Date: Sun Sep 10 16:02:24 2017 +0200
WHATSNEW: Unify usage of "''".
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Autobuild-User(v4-7-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-7-test): Mon Sep 11 05:30:28 CEST 2017 on sn-devel-144
commit 9651f4a50273efb05146bde929944d82526da124
Author: Jeremy Allison <jra at samba.org>
Date: Wed Sep 6 12:13:32 2017 -0700
WHATSNEW: Add Using x86_64 Accelerated AES Crypto Instructions section.
Describes --accel-aes configure time option.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit c754f48575a5034242594762d62261a48025cebc)
commit a1aa3f49bf348e2c9bbfd23a04b973b2b1e03c6b
Author: Jeremy Allison <jra at samba.org>
Date: Wed Sep 6 11:59:44 2017 -0700
lib: crypto: Add the ability to select Intel AESNI instruction set at configure time.
Add --accel-aes=[none|intelaesni] to select.
Default is none.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 5f87a05aa314776135eec1057dd644c0b25a9d14)
commit 9d193a942fdbcab135e40d06422eab640d33d00b
Author: Jeremy Allison <jra at samba.org>
Date: Wed Sep 6 11:40:02 2017 -0700
lib: crypto: Plumb in the Intel AES instructions.
Causes:
AES_set_encrypt_key()
AES_set_decrypt_key()
AES_encrypt()
AES_decrypt()
to probe for the Intel AES instructions at runtime (only once)
and then call the hardware implementations if so, otherwise
fall back to the software implementations.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008
Based on original work by Justin Maggard <jmaggard at netgear.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 53ac0f7c59a9192e4fa88bf3d257ad80379ded23)
commit 8e2afc83b012bf1caa662a03c4cff28d9f0259a6
Author: Jeremy Allison <jra at samba.org>
Date: Thu Aug 31 11:41:32 2017 -0700
lib: crypt: Prepare the existing code to switch to Intel AES hardware instructions.
Rename the old struct aes_key as an intermediate struct aes_key_rj
and wrap it in a union so we can chose an alternate aes_key struct
when using Intel AES hardware.
Rename the original software implementations of:
AES_set_encrypt_key()
AES_set_decrypt_key()
AES_encrypt()
AES_decrypt()
by adding an _rj on the end, and call them via a wrapper
function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008
Based on original work by Justin Maggard <jmaggard at netgear.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 3324b55bde96d4098df2f1138be5fd243206ceba)
commit ed459e272cf4b8b04555eb2bb363d9aa5f84d011
Author: Jeremy Allison <jra at samba.org>
Date: Wed Sep 6 09:58:06 2017 -0700
third_party: Add build capability to aesni-intel.
Minor modifications to code to allow building as a Samba
shared library.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008
Based on original work by Justin Maggard <jmaggard at netgear.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 11a56768950e1caae302507e15e58eb1c316c30a)
commit add95df6e4720a0416e079d6dfa8df608c041efc
Author: Jeremy Allison <jra at samba.org>
Date: Wed Sep 6 09:44:42 2017 -0700
third_party: Add the Intel Add support for AES-NI acceleration.
This commit takes the Linux kernel AES-NI code, and puts it into a
third_party private library. The Linux kernel code is under GPLv2+
so is compatible with Samba.
This can result in massive speed improvements (up to 200% on some
platforms), by using Intel AES-NI instructions.
These are the pristine check-ins of Linux kernel files for Intel AESNI crypto.
git show 8691ccd764f9ecc69a6812dfe76214c86ac9ba06:arch/x86/crypto/aesni-intel_asm.S
git show 2baad6121e2b2fa3428ee6cb2298107be11ab23a:arch/x86/include/asm/inst.h
Show the exact Linux kernel git refspecs we have imported.
These files are not yet used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008
Based on original work by Justin Maggard <jmaggard at netgear.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 421fa346de575ebbed3496dc203011b80537bd8a)
commit 36aa4af299288cd14a04d695b45269021062be70
Author: Volker Lendecke <vl at samba.org>
Date: Wed Aug 30 17:49:54 2017 +0200
messaging: Avoid a socket leak after fork
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13006
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Sep 5 19:12:34 CEST 2017 on sn-devel-144
(cherry picked from commit d1c96dc0ac95322ce46703a11002873faf55a26c)
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 26 +-
lib/crypto/aes.c | 220 ++-
lib/crypto/aes.h | 11 +-
lib/crypto/aesni.h | 66 +
lib/crypto/wscript | 6 +
lib/crypto/wscript_build | 3 +
lib/crypto/wscript_configure | 13 +
source3/lib/messages_dgm.c | 3 +-
third_party/aesni-intel/aesni-intel_asm.c | 2812 +++++++++++++++++++++++++++++
third_party/aesni-intel/inst-intel.h | 306 ++++
third_party/aesni-intel/wscript | 23 +
third_party/wscript | 2 +
wscript | 1 +
13 files changed, 3476 insertions(+), 16 deletions(-)
create mode 100644 lib/crypto/aesni.h
create mode 100644 lib/crypto/wscript
create mode 100644 third_party/aesni-intel/aesni-intel_asm.c
create mode 100644 third_party/aesni-intel/inst-intel.h
create mode 100644 third_party/aesni-intel/wscript
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 8ba321f..f692e84 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -22,7 +22,7 @@ consistently. In interactive sessions the following banner is now presented
to the user: 'Try "help" do get a list of possible commands.'.
The default for "client max protocol" has changed to "SMB3_11",
-which means that smbclient (and related commands) will work against
+which means that 'smbclient' (and related commands) will work against
servers without SMB1 support.
It's possible to use the '-m/--max-protocol' option to overwrite
@@ -32,7 +32,7 @@ Note that the '-e/--encrypt' option also works with most SMB3 servers
(e.g. Windows >= 2012 and Samba >= 4.0.0), so the SMB1 unix extensions
are not required for encryption.
-The change to SMB3_11 as default also means smbclient no longer
+The change to SMB3_11 as default also means 'smbclient' no longer
negotiates SMB1 unix extensions by default, when talking to a Samba server with
"unix extensions = yes". As a result, some commands are not available, e.g.
'posix_encrypt', 'posix_open', 'posix_mkdir', 'posix_rmdir', 'posix_unlink',
@@ -42,7 +42,7 @@ server supports SMB1.
Note the default ("CORE") for "client min protocol" hasn't changed,
so it's still possible to connect to SMB1-only servers by default.
-'smbclient' learned a new command "deltree" that is able to do
+'smbclient' learned a new command 'deltree' that is able to do
a recursive deletion of a directory tree.
@@ -309,6 +309,25 @@ CTDB changes
uses. The data in replicated databases is valid for the lifetime of
CTDB and cleared on first attach.
+Using x86_64 Accelerated AES Crypto Instructions
+------------------------------------------------
+
+Samba on x86_64 can now be configured to use the Intel accelerated AES
+instruction set, which has the potential to make SMB3 signing and
+encryption much faster on client and server. To enable this, configure
+Samba using the new option --accel-aes=intelaesni.
+
+This is a temporary solution that is being included to allow users
+to enjoy the benefits of Intel accelerated AES on the x86_64 platform,
+but the longer-term solution will be to move Samba to a fully supported
+external crypto library.
+
+The third_party/aesni-intel code will be removed from Samba as soon as
+external crypto library performance reaches parity.
+
+The default is to build without setting --accel-aes, which uses the
+existing Samba software AES implementation.
+
Parameter changes
-----------------
@@ -324,7 +343,6 @@ the previous behaviour. Two new values have been provided,
and 'disabled', totally disabling NTLM authentication and password
changes.
-
smb.conf changes
================
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index 800a97e..c226ac1 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -37,35 +37,235 @@
#ifdef SAMBA_RIJNDAEL
#include "rijndael-alg-fst.h"
-int
-AES_set_encrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key)
+#if defined(HAVE_AESNI_INTEL)
+
+/*
+ * NB. HAVE_AESNI_INTEL is only defined if -lang-asm is
+ * available.
+ */
+
+static inline void __cpuid(unsigned int where[4], unsigned int leaf)
+{
+ asm volatile("cpuid" :
+ "=a" (where[0]),
+ "=b" (where[1]),
+ "=c" (where[2]),
+ "=d" (where[3]): "a" (leaf));
+}
+
+/*
+ * has_intel_aes_instructions()
+ * return true if supports AES-NI and false if doesn't
+ */
+static bool has_intel_aes_instructions(void)
+{
+ static int has_aes_instructions = -1;
+ unsigned int cpuid_results[4];
+
+ if (has_aes_instructions != -1) {
+ return (bool)has_aes_instructions;
+ }
+
+ __cpuid(cpuid_results, 0);
+ /*
+ * MSB LSB
+ * EBX = 'u' 'n' 'e' 'G'
+ * EDX = 'I' 'e' 'n' 'i'
+ * ECX = 'l' 'e' 't' 'n'
+ */
+ if (memcmp((unsigned char *)&cpuid_results[1], "Genu", 4) != 0 ||
+ memcmp((unsigned char *)&cpuid_results[3],
+ "ineI", 4) != 0 ||
+ memcmp((unsigned char *)&cpuid_results[2],
+ "ntel", 4) != 0) {
+ has_aes_instructions = 0;
+ return (bool)has_aes_instructions;
+ }
+
+ __cpuid(cpuid_results, 1);
+ has_aes_instructions = !!(cpuid_results[2] & (1 << 25));
+ return (bool)has_aes_instructions;
+}
+
+/*
+ * Macro to ensure the AES key schedule starts on a 16 byte boundary.
+ */
+
+#define SET_ACC_CTX(k) \
+ do { \
+ (k)->u.aes_ni.acc_ctx = \
+ (struct crypto_aes_ctx *)(((unsigned long)(k)->u.aes_ni._acc_ctx + 15) & ~0xfUL); \
+ } while (0)
+
+/*
+ * The next 4 functions call the Intel AES hardware implementations
+ * of:
+ *
+ * AES_set_encrypt_key()
+ * AES_set_decrypt_key()
+ * AES_encrypt()
+ * AES_decrypt()
+ */
+
+static int AES_set_encrypt_key_aesni(const unsigned char *userkey,
+ const int bits,
+ AES_KEY *key)
+{
+ SET_ACC_CTX(key);
+ return aesni_set_key(key->u.aes_ni.acc_ctx, userkey, bits/8);
+}
+
+static int AES_set_decrypt_key_aesni(const unsigned char *userkey,
+ const int bits,
+ AES_KEY *key)
+{
+ SET_ACC_CTX(key);
+ return aesni_set_key(key->u.aes_ni.acc_ctx, userkey, bits/8);
+}
+
+static void AES_encrypt_aesni(const unsigned char *in,
+ unsigned char *out,
+ const AES_KEY *key)
+{
+ aesni_enc(key->u.aes_ni.acc_ctx, out, in);
+}
+
+static void AES_decrypt_aesni(const unsigned char *in,
+ unsigned char *out,
+ const AES_KEY *key)
+{
+ aesni_dec(key->u.aes_ni.acc_ctx, out, in);
+}
+#else /* defined(HAVE_AESNI_INTEL) */
+
+/*
+ * Dummy implementations if no Intel AES instructions present.
+ * Only has_intel_aes_instructions() will ever be called.
+*/
+
+static bool has_intel_aes_instructions(void)
+{
+ return false;
+}
+
+static int AES_set_encrypt_key_aesni(const unsigned char *userkey,
+ const int bits,
+ AES_KEY *key)
+{
+ return -1;
+}
+
+static int AES_set_decrypt_key_aesni(const unsigned char *userkey,
+ const int bits,
+ AES_KEY *key)
{
- key->rounds = rijndaelKeySetupEnc(key->key, userkey, bits);
- if (key->rounds == 0)
+ return -1;
+}
+
+static void AES_encrypt_aesni(const unsigned char *in,
+ unsigned char *out,
+ const AES_KEY *key)
+{
+ abort();
+}
+
+static void AES_decrypt_aesni(const unsigned char *in,
+ unsigned char *out,
+ const AES_KEY *key)
+{
+ abort();
+}
+#endif /* defined(HAVE_AENI_INTEL) */
+
+/*
+ * The next 4 functions are the pure software implementations
+ * of:
+ *
+ * AES_set_encrypt_key()
+ * AES_set_decrypt_key()
+ * AES_encrypt()
+ * AES_decrypt()
+ */
+
+static int
+AES_set_encrypt_key_rj(const unsigned char *userkey, const int bits, AES_KEY *key)
+{
+ key->u.aes_rj.rounds = rijndaelKeySetupEnc(key->u.aes_rj.key, userkey, bits);
+ if (key->u.aes_rj.rounds == 0)
return -1;
return 0;
}
-int
-AES_set_decrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key)
+static int
+AES_set_decrypt_key_rj(const unsigned char *userkey, const int bits, AES_KEY *key)
{
- key->rounds = rijndaelKeySetupDec(key->key, userkey, bits);
- if (key->rounds == 0)
+ key->u.aes_rj.rounds = rijndaelKeySetupDec(key->u.aes_rj.key, userkey, bits);
+ if (key->u.aes_rj.rounds == 0)
return -1;
return 0;
}
+static void
+AES_encrypt_rj(const unsigned char *in, unsigned char *out, const AES_KEY *key)
+{
+ rijndaelEncrypt(key->u.aes_rj.key, key->u.aes_rj.rounds, in, out);
+}
+
+static void
+AES_decrypt_rj(const unsigned char *in, unsigned char *out, const AES_KEY *key)
+{
+ rijndaelDecrypt(key->u.aes_rj.key, key->u.aes_rj.rounds, in, out);
+}
+
+/*
+ * The next 4 functions are the runtime switch for Intel AES hardware
+ * implementations of:
+ *
+ * AES_set_encrypt_key()
+ * AES_set_decrypt_key()
+ * AES_encrypt()
+ * AES_decrypt()
+ *
+ * If the hardware instructions don't exist, fall back to the software
+ * versions.
+ */
+
+int
+AES_set_encrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key)
+{
+ if (has_intel_aes_instructions()) {
+ return AES_set_encrypt_key_aesni(userkey, bits, key);
+ }
+ return AES_set_encrypt_key_rj(userkey, bits, key);
+}
+
+int
+AES_set_decrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key)
+{
+ if (has_intel_aes_instructions()) {
+ return AES_set_decrypt_key_aesni(userkey, bits, key);
+ }
+ return AES_set_decrypt_key_rj(userkey, bits, key);
+}
+
void
AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
{
- rijndaelEncrypt(key->key, key->rounds, in, out);
+ if (has_intel_aes_instructions()) {
+ return AES_encrypt_aesni(in, out, key);
+ }
+ return AES_encrypt_rj(in, out, key);
}
void
AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
{
- rijndaelDecrypt(key->key, key->rounds, in, out);
+ if (has_intel_aes_instructions()) {
+ return AES_decrypt_aesni(in, out, key);
+ }
+ return AES_decrypt_rj(in, out, key);
}
+
#endif /* SAMBA_RIJNDAEL */
#ifdef SAMBA_AES_CBC_ENCRYPT
diff --git a/lib/crypto/aes.h b/lib/crypto/aes.h
index 48ea764..00bfa3e 100644
--- a/lib/crypto/aes.h
+++ b/lib/crypto/aes.h
@@ -36,6 +36,8 @@
#ifndef LIB_CRYPTO_AES_H
#define LIB_CRYPTO_AES_H 1
+#include "aesni.h"
+
#define SAMBA_RIJNDAEL 1
#define SAMBA_AES_CBC_ENCRYPT 1
#define SAMBA_AES_CFB8_ENCRYPT 1
@@ -59,9 +61,16 @@
#define AES_ENCRYPT 1
#define AES_DECRYPT 0
-typedef struct aes_key {
+struct aes_key_rj {
uint32_t key[(AES_MAXNR+1)*4];
int rounds;
+};
+
+typedef struct aes_key {
+ union {
+ struct aes_key_rj aes_rj;
+ struct crypto_aesni_ctx aes_ni;
+ } u;
} AES_KEY;
#ifdef __cplusplus
diff --git a/lib/crypto/aesni.h b/lib/crypto/aesni.h
new file mode 100644
index 0000000..13d09d2
--- /dev/null
+++ b/lib/crypto/aesni.h
@@ -0,0 +1,66 @@
+/*
+ * Copyright (C) 2008, Intel Corp.
+ * Author: Huang Ying <ying.huang at intel.com>
+ * Vinodh Gopal <vinodh.gopal at intel.com>
+ * Kahraman Akdemir
+ *
+ * Ported x86_64 version to x86:
+ * Author: Mathias Krause <minipli at googlemail.com>
+ *
+ * Modified for use in Samba by Justin Maggard <jmaggard at netgear.com>
+ * and Jeremy Allison <jra at samba.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ */
+
+#ifndef LIB_CRYPTO_AESNI_H
+#define LIB_CRYPTO_AESNI_H 1
+
+#if defined(HAVE_AESNI_INTEL)
+
+#define AES_MAX_KEYLENGTH (15 * 16)
+#define AES_MAX_KEYLENGTH_U32 (AES_MAX_KEYLENGTH / sizeof(uint32_t))
+
+/*
+ * Please ensure that the first two fields are 16-byte aligned
+ * relative to the start of the structure, i.e., don't move them!
+ */
+struct crypto_aes_ctx {
+ uint32_t key_enc[AES_MAX_KEYLENGTH_U32];
+ uint32_t key_dec[AES_MAX_KEYLENGTH_U32];
+ uint32_t key_length;
+};
+
+struct crypto_aesni_ctx {
+ uint8_t _acc_ctx[sizeof(struct crypto_aes_ctx) + 16];
+ struct crypto_aes_ctx *acc_ctx;
+};
+
+/*
+ * These next 4 functions are actually implemented
+ * in the assembly language file:
+ * third_party/aesni-intel/aesni-intel_asm.c
+ */
+
+int aesni_set_key(struct crypto_aes_ctx *ctx,
+ const uint8_t *in_key,
+ unsigned int key_len);
+void aesni_enc(struct crypto_aes_ctx *ctx, uint8_t *dst, const uint8_t *src);
+void aesni_dec(struct crypto_aes_ctx *ctx, uint8_t *dst, const uint8_t *src);
+
+#else /* #if defined(HAVE_AESNI_INTEL) */
+
+/*
+ * We need a dummy definition of struct crypto_aesni_ctx to allow compiles.
+ */
+
+struct crypto_aesni_ctx {
+ int dummy;
+};
+
+#endif /* #if defined(HAVE_AESNI_INTEL) */
+
+#endif /* LIB_CRYPTO_AESNI_H */
diff --git a/lib/crypto/wscript b/lib/crypto/wscript
new file mode 100644
index 0000000..c3708c7
--- /dev/null
+++ b/lib/crypto/wscript
@@ -0,0 +1,6 @@
+#!/usr/bin/env python
+
+def set_options(opt):
+ opt.add_option('--accel-aes',
+ help=("Should we use accelerated AES crypto functions. Options are intelaesni|none."),
+ action="store", dest='accel_aes', default="none")
diff --git a/lib/crypto/wscript_build b/lib/crypto/wscript_build
index d1f152e..f3257d8 100644
--- a/lib/crypto/wscript_build
+++ b/lib/crypto/wscript_build
@@ -11,6 +11,9 @@ elif bld.CONFIG_SET('HAVE_SYS_MD5_H') and bld.CONFIG_SET('HAVE_LIBMD'):
elif not bld.CONFIG_SET('HAVE_SYS_MD5_H') and not bld.CONFIG_SET('HAVE_COMMONCRYPTO_COMMONDIGEST_H'):
extra_source += ' md5.c'
+if bld.CONFIG_SET("HAVE_AESNI_INTEL"):
+ extra_deps += ' aesni-intel'
+
bld.SAMBA_SUBSYSTEM('LIBCRYPTO',
source='''crc32.c hmacmd5.c md4.c arcfour.c sha256.c sha512.c hmacsha256.c
aes.c rijndael-alg-fst.c aes_cmac_128.c aes_ccm_128.c aes_gcm_128.c
diff --git a/lib/crypto/wscript_configure b/lib/crypto/wscript_configure
index 130acec..9fdaf9f 100644
--- a/lib/crypto/wscript_configure
+++ b/lib/crypto/wscript_configure
@@ -1,3 +1,7 @@
+#!/usr/bin/env python
+import Options
+import Utils
+
if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h',
checklibc=True):
conf.CHECK_FUNCS_IN('MD5Init', 'md5', headers='sys/md5.h',
@@ -13,3 +17,12 @@ if conf.CHECK_FUNCS('SHA256_Update'):
conf.DEFINE('SHA256_RENAME_NEEDED', 1)
if conf.CHECK_FUNCS('SHA512_Update'):
conf.DEFINE('SHA512_RENAME_NEEDED', 1)
+
+#
+# --aes-accel=XXX selects accelerated AES crypto library to use, if any.
+# Default is none.
+#
+if Options.options.accel_aes.lower() == "intelaesni":
+ print("Attempting to compile with runtime-switchable x86_64 Intel AES instructions. WARNING - this is temporary.")
+elif Options.options.accel_aes.lower() != "none":
+ raise Utils.WafError('--aes-accel=%s is not a valid option. Valid options are [none|intelaesni]' % Options.options.accel_aes)
diff --git a/source3/lib/messages_dgm.c b/source3/lib/messages_dgm.c
index f29180d..9d87746 100644
--- a/source3/lib/messages_dgm.c
+++ b/source3/lib/messages_dgm.c
@@ -280,7 +280,8 @@ static int messaging_dgm_out_destructor(struct messaging_dgm_out *out)
{
DLIST_REMOVE(out->ctx->outsocks, out);
- if (tevent_queue_length(out->queue) != 0) {
+ if ((tevent_queue_length(out->queue) != 0) &&
+ (getpid() == out->ctx->pid)) {
/*
* We have pending jobs. We can't close the socket,
* this has been handed over to messaging_dgm_out_queue_state.
diff --git a/third_party/aesni-intel/aesni-intel_asm.c b/third_party/aesni-intel/aesni-intel_asm.c
new file mode 100644
index 0000000..7baf703
--- /dev/null
+++ b/third_party/aesni-intel/aesni-intel_asm.c
@@ -0,0 +1,2812 @@
+/*
+ * Implement AES algorithm in Intel AES-NI instructions.
+ *
+ * The white paper of AES-NI instructions can be downloaded from:
+ * http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf
+ *
+ * Copyright (C) 2008, Intel Corp.
+ * Author: Huang Ying <ying.huang at intel.com>
+ * Vinodh Gopal <vinodh.gopal at intel.com>
+ * Kahraman Akdemir
+ *
--
Samba Shared Repository
More information about the samba-cvs
mailing list