OPENSSL_SMALL: imply MY_ASSEMBLER_IS_TOO_OLD_FOR_512AVX on x86_64#3319
Open
justsmth wants to merge 1 commit into
Open
OPENSSL_SMALL: imply MY_ASSEMBLER_IS_TOO_OLD_FOR_512AVX on x86_64#3319justsmth wants to merge 1 commit into
justsmth wants to merge 1 commit into
Conversation
When OPENSSL_SMALL is defined on x86_64, automatically define MY_ASSEMBLER_IS_TOO_OLD_FOR_512AVX. This eliminates ~912 KB of AVX-512 assembly (AES-GCM, AES-XTS, RSAZ) from the binary, which is the single largest contributor to object code size on x86_64. Combined with the existing EC precomputed table gating, this reduces libcrypto.a from 5.6 MB to 3.5 MB under OPENSSL_SMALL. The performance cost is limited to AVX-512-capable CPUs (Ice Lake+, Zen 4+) for bulk AES-GCM, AES-XTS, and SHA operations. On CPUs without AVX-512, behavior is unchanged. Additionally, enforce the implication MY_ASSEMBLER_IS_TOO_OLD_FOR_AVX -> MY_ASSEMBLER_IS_TOO_OLD_FOR_512AVX in target.h. Previously this was only enforced by CMakeLists.txt, meaning builds that pass defines directly via CFLAGS (e.g., the aws-lc-sys CcBuilder) did not get the implication.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #3319 +/- ##
==========================================
+ Coverage 78.17% 78.39% +0.21%
==========================================
Files 693 693
Lines 123874 123896 +22
Branches 17200 17209 +9
==========================================
+ Hits 96840 97127 +287
+ Misses 26116 25848 -268
- Partials 918 921 +3 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
sgmenda
approved these changes
Jun 26, 2026
justsmth
added a commit
to justsmth/aws-lc
that referenced
this pull request
Jun 26, 2026
OPENSSL_SMALL implies MY_ASSEMBLER_IS_TOO_OLD_FOR_512AVX on x86_64 (aws#3319), which disables s2n-bignum entirely. Remove the now-unnecessary x86_64 branches from the OPENSSL_SMALL selector header and CMakeLists, leaving only the aarch64 variant pinning.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Issues:
Addresses: aws/aws-lc-rs#745, P353434599
Description of changes:
When OPENSSL_SMALL is defined on x86_64, automatically define MY_ASSEMBLER_IS_TOO_OLD_FOR_512AVX. This eliminates ~912 KB of AVX-512 assembly (AES-GCM, AES-XTS, RSAZ) from the binary, which is the single largest contributor to object code size on x86_64. Combined with the existing EC precomputed table gating, this reduces libcrypto.a from 5.6 MB to 3.5 MB under OPENSSL_SMALL.
Call out
MY_ASSEMBLER_IS_TOO_OLD_FOR_AVX -> MY_ASSEMBLER_IS_TOO_OLD_FOR_512AVXin "target.h". Previously this was only enforced by CMakeLists.txt, meaning builds that pass defines directly via CFLAGS (e.g., the aws-lc-sys CcBuilder) did not get the implication.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.