Bug 170200 - [crypto] [patch] AES-NI XTS mode performance lower than CBC
Summary: [crypto] [patch] AES-NI XTS mode performance lower than CBC
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 10.0-CURRENT
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs (Nobody)
Depends on:
Reported: 2012-07-26 19:20 UTC by Shane Nievera
Modified: 2020-07-12 05:08 UTC (History)
0 users

See Also:

aesni.diff (8.11 KB, patch)
2012-07-26 19:20 UTC, Shane Nievera
no flags Details | Diff
patchv2.diff (12.90 KB, patch)
2012-09-07 19:40 UTC, Shane Nievera
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Shane Nievera 2012-07-26 19:20:07 UTC
Performance of XTS mode using aesni.ko driver is lower than expected.  AES-XTS mode is often slower than AES-CBC.

Fix: A patch is attached that makes the aesni driver call the assembly routines in
crypto/openssl.  This at least doubles the current throughput.  The attached
benchmark output is for an i5-2500, 10.0-current, Clang system with debugging
options on.  Appplying the patch to stable with gcc results in 16Gbps throughput
without maxing out the CPU.  Perl will be required to generate the assembly
instructions from the scripts in crypto/openssl.

Patch attached with submission follows:
How-To-Repeat: Benchmark using tools/tools/cryptotest, or perform large file operations on a GEOM_ELI filesystem.
Comment 1 Shane Nievera 2012-09-07 19:40:48 UTC
This update removes the perl/openssl dependencies.  The c implementation
is a drop-in replacement for the existing assembly code.  It captures
most of the performance of the openssl module, and I still have a few
optimizations to try.  amd64 only until I get clang to cross compile the
module.  gcc4.2 lacks the opcodes for the new instructions, but it will
compile with gcc47 from ports.  The module will compile with -mavx and
improves performance in user-space.

Shane Nievera Tablizo nievera@mm.st
Comment 2 John-Mark Gurney freebsd_committer 2014-01-24 21:47:52 UTC
State Changed
From-To: open->feedback

I recently did some work on pipelining aes-ni and I'm not sure how 
applicable your patch is anymore, can you evaluate and maybe we can 
work together to get even better performance from it? 

Comment 3 John-Mark Gurney freebsd_committer 2014-01-24 21:50:59 UTC
Responsible Changed
From-To: freebsd-bugs->jmg

forgot to take ownership of this bug..
Comment 4 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 07:59:33 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped