diff options
| -rw-r--r-- | src/aesround.rs | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/aesround.rs b/src/aesround.rs index 6f63243..4ae3f6f 100644 --- a/src/aesround.rs +++ b/src/aesround.rs @@ -61,9 +61,11 @@ impl AesRound for AesSoft { // under the hood), but there is a big benefit here: // First, we can save time by only loading the keys once as a __m128i, which makes the whole thing // a bit faster. -// More importantly though, when using target-cpu=native, we get nicely vectorized AES instructions -// (VAESENC), which we don't get if we go through aes::hazmat::cipher_round. This is a *huge* -// speedup, which we don't want to miss. +// More importantly though, the compiler does not inline the call to cipher_round, even when using +// target-cpu=native. I guess this is because it crosses a crate boundary (and cross-crate inlining +// only happens with LTO). In fact, compiling with lto=true does inline the call, but we don't want +// to force that to all library users. Anyway, by re-implementing the AES instruction here, we get +// nice inlining without relying on LTO and therefore a huge speedup, as AES is called a lot. #[cfg(target_arch = "x86_64")] pub mod x86_64 { use super::*; |