From 360e04f3791e62ab217f27cb145ebf309b2d75dc Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Fri, 9 Jun 2023 17:18:32 +0100
Subject: [PATCH] Fix AES-XTS perf regression

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/aes.c    |  2 +-
 library/common.h | 12 ++++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/library/aes.c b/library/aes.c
index a137fb14e0..aa230fd15a 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -1172,7 +1172,7 @@ int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx,
     }
 
     while (blocks--) {
-        if (leftover && (mode == MBEDTLS_AES_DECRYPT) && blocks == 0) {
+        if (MBEDTLS_UNLIKELY(leftover && (mode == MBEDTLS_AES_DECRYPT) && blocks == 0)) {
             /* We are on the last block in a decrypt operation that has
              * leftover bytes, so we need to use the next tweak for this block,
              * and this tweak for the leftover bytes. Save the current tweak for
diff --git a/library/common.h b/library/common.h
index 9e1c4f6f41..724c44ed8c 100644
--- a/library/common.h
+++ b/library/common.h
@@ -182,4 +182,16 @@ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned
 #define MBEDTLS_STATIC_ASSERT(expr, msg)
 #endif
 
+/* Define compiler branch hints */
+#if defined(__has_builtin)
+#if __has_builtin(__builtin_expect)
+#define MBEDTLS_LIKELY(x)       __builtin_expect((x),1)
+#define MBEDTLS_UNLIKELY(x)     __builtin_expect((x),0)
+#endif
+#endif
+#if !defined(MBEDTLS_LIKELY)
+#define MBEDTLS_LIKELY(x)       x
+#define MBEDTLS_UNLIKELY(x)     x
+#endif
+
 #endif /* MBEDTLS_LIBRARY_COMMON_H */