From: Stefan Hellermann <stefan@the2masters.de>
To: Sebastian Siewior <linux-crypto@ml.breakpoint.cc>
Cc: linux-crypto@vger.kernel.org
Subject: Re: [PATCH] [crypto] XTS: use proper alignment.
Date: Sun, 02 Mar 2008 14:49:56 +0100 [thread overview]
Message-ID: <47CAB084.6060607@the2masters.de> (raw)
In-Reply-To: <20080302132202.GB16659@Chamillionaire.breakpoint.cc>
Sebastian Siewior schrieb:
> * Stefan Hellermann | 2008-03-02 13:04:37 [+0100]:
>
>> But I get much lower speed than with aes-cbc-essiv:sha256.
> Yes, I expected this :)
> The aes-cbc operation is supported directly in HW. So the
> driver just says here is the key, source, destination, length and now do
> it. So the HW fetches the key once and is going to process the whole
> request (lets say 4 KiB) in one go.
>
> The XTS blockmode on the other hand encrypts encrypts only 16 bytes in
> one go and performs some GF operations in between. This is
> repeated until we encrypt the whole request. So for a 4 KiB we need here
> 257 calls to the HW instead of one (the one extra is to encrypt the IV).
> For every encryption call we have to reset the HW key. According to the
> spec fetching the key from memory takes more time than the whole
> encryption process as it (in case of a 16 byte block). This might still
> be faster than the pure software solution.
> Anyway, XTS is way more complex than CBC and part of it is done in
> software what we can't change.
Ah, good to know! Could this information be placed in the Kconfig-help for padlock_aes?
>
>> With xts I get 57MB/s while reading the cryptodev with dd, and >90% sys in top, 0% wait
>> With cbc-essiv I get about 75MB/s while reading it with dd, 60% sys int top, 30% wait
>> without cryptodev I get 75MB/s while reading the raw lvm-volume with dd, 40% sys, 50% wait
>> I do a blockdev --flushbufs beetween each read.
> According to this numbers I would say in CBC mode the HD is breaking in
> XTS the CPU is.
> I could try to tune it a little but don't expect much.
> Could you please compare xts with and without padlock?
Yes, xts with padlock is almost 3 times faster.
20-21MB/s read in dd without padlock_aes, >90% CPU sys, 0% wait
57-58MB/s read in dd with padlock_aes, >90% CPU sys, 0% wait
I tried lrw-benbi/lrw-plain this time, but it doesn't work, with or without padlock_aes.
dmesg logs:
device-mapper: table: 252:6: crypt: Error allocating crypto tfm
device-mapper: ioctl: error adding target to table
device-mapper: ioctl: device doesn't appear to be in the dev hash table
... but I will use cbc-essiv, if I ever need better encryption I can take xts-plain. (no
need for lrw-benbi)
Thanks
Stefan
next prev parent reply other threads:[~2008-03-02 13:50 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-24 11:01 [RFC] padlock aes, unification of setkey() Sebastian Siewior
2008-02-24 11:01 ` [RFC] generic_aes: export generic setkey Sebastian Siewior
2008-03-13 21:40 ` Stefan Hellermann
2008-02-24 11:01 ` [RFC] [crypto] padlock-AES, use generic setkey function Sebastian Siewior
2008-03-13 21:40 ` Stefan Hellermann
2008-03-14 11:44 ` Sebastian Siewior
2008-03-14 12:49 ` Stefan Hellermann
2008-03-14 14:16 ` Sebastian Siewior
2008-04-01 13:25 ` Herbert Xu
2008-02-24 11:54 ` [RFC] padlock aes, unification of setkey() Stefan Hellermann
2008-02-24 12:51 ` Sebastian Siewior
2008-02-24 20:07 ` Via Padlock Bug with LRW/XTS Stefan Hellermann
2008-02-27 8:30 ` Sebastian Siewior
2008-03-02 11:20 ` [PATCH] [crypto] XTS: use proper alignment Sebastian Siewior
2008-03-02 12:04 ` Stefan Hellermann
2008-03-02 13:22 ` Sebastian Siewior
2008-03-02 13:49 ` Stefan Hellermann [this message]
2008-03-02 14:04 ` Stefan Hellermann
-- strict thread matches above, loose matches on Subject: below --
2008-03-02 13:51 [PATCH] fix alignment problem in XTS and LRW blockmode Sebastian Siewior
2008-03-02 11:09 ` [PATCH] [crypto] XTS: use proper alignment Sebastian Siewior
2008-03-05 11:16 ` Herbert Xu
2008-03-05 11:46 ` Sebastian Siewior
2008-03-05 11:52 ` Herbert Xu
2008-03-05 12:01 ` Sebastian Siewior
2008-03-05 14:02 ` Stefan Hellermann
2008-03-05 16:37 ` Sebastian Siewior
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47CAB084.6060607@the2masters.de \
--to=stefan@the2masters.de \
--cc=linux-crypto@ml.breakpoint.cc \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.