From: Andi Kleen <ak@suse.de>
To: Andi Kleen <ak@suse.de>, Herbert Xu <herbert@gondor.apana.org.au>,
linux-crypto@vger.kernel.org
Subject: Re: {twofish,aes}-{x86_64,i586} versus C implementations
Date: Mon, 20 Aug 2007 13:12:39 +0200 [thread overview]
Message-ID: <20070820111239.GI16680@bingen.suse.de> (raw)
In-Reply-To: <20070820100819.GF9651@Chamillionaire.breakpoint.cc>
On Mon, Aug 20, 2007 at 12:08:19PM +0200, Sebastian Siewior wrote:
> * Andi Kleen | 2007-08-20 12:47:14 [+0200]:
>
> >> Not modprobe, but the crypto subsystem. If you have the generic C code
> >> and the assembly variant it picks the assembly over C. The selection is
> >
> >But only if they're both loaded. Who loads both?
> In my case I do.
You're unusual then.
I'm thinking of standard distribution kernel users though. They
just want to tell some high level configuration they want aes
(or twofish) and expect the most efficient implementation
to be loaded automatically.
The distribution kernel could just disable the generic AES,
but if that's a good idea there this could as well be done in all
kernels.
> >> In that case yes. Would it help to add MODULE_ALIAS("aes") to the
> >> assembly version in order to load it (atleast both)?
> >
> >No, modprobe will only load the first it finds.
>
> The s390 guys have MODULE_ALIAS("aes"); in their hw driver [1]. If it
> doesn't load both (aes.ko + aes_s390.ko) modules, than I wonder what's
> the reason for this.
When only one is enabled then aes_s390 will be loaded.
But when both are enabled only one wins. At least on my system
that seems to be the C version.
>
> >> >Also if one implementation is always better than the other
> >> >then I see little reason to ever have both.
> >>
> >> If you are sure that nobody needs aes on machnies prio i586 than you
> >> could disable the generic version on i386.
> >
> >Why should the i586 version not run on 486/386?
>
> I assumed it uses some opcodes which are not available on 486.
There are not many. From a quick scan I didn't find any.
I assume the 586 refers to it being tuned for P5? Although that would
be also weird, few people still care about P5 tuning and it's quite
different from newer CPUs and likely not beneficial on them.
> >> BUT: you might get into some trouble if you remove it from selections
> >> because some modules select it automaticly, IEEE80211_CRYPT_CCMP for
> >> instance.
> >
> >Ok that is a problem.
>
> Not really I guess. The aes algorithm shouldn't be directly used by the
> wlan stack. It should only make sure that the user does not forget to
> enable aes since it is required for CCMP.
Well it still would need to be solved to get rid of the generic
aes/twofish. I don't know how unfortunately. Or could the select
just be dropped?
-Andi
next prev parent reply other threads:[~2007-08-20 10:18 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-08-20 0:34 {twofish,aes}-{x86_64,i586} versus C implementations Andi Kleen
2007-08-20 1:01 ` Herbert Xu
2007-08-20 10:16 ` Andi Kleen
2007-08-20 9:45 ` Sebastian Siewior
2007-08-20 10:47 ` Andi Kleen
2007-08-20 10:08 ` Sebastian Siewior
2007-08-20 11:12 ` Andi Kleen [this message]
2007-08-20 11:27 ` Sebastian Siewior
2007-08-20 12:06 ` Herbert Xu
2007-08-20 13:06 ` Andi Kleen
2007-08-20 13:07 ` Herbert Xu
2007-09-02 22:42 ` Sebastian Siewior
2007-09-04 13:58 ` Andi Kleen
2007-09-19 12:29 ` Herbert Xu
2007-09-19 21:46 ` Sebastian Siewior
2007-09-20 0:20 ` Herbert Xu
2007-09-20 21:09 ` Sebastian Siewior
2007-09-30 12:23 ` Sebastian Siewior
2007-09-30 12:42 ` Sebastian Siewior
2007-10-03 7:35 ` Herbert Xu
2007-10-04 8:35 ` Sebastian Siewior
2007-10-03 19:23 ` [PATCH] [crypto] load the DES module by an alias Sebastian Siewior
2007-10-05 8:48 ` Herbert Xu
2007-10-04 7:37 ` [PATCH] [crypto] load the AES " Sebastian Siewior
2007-10-05 8:52 ` Herbert Xu
2007-10-04 7:37 ` [PATCH] [crypto] load the SHA1[1|256] " Sebastian Siewior
2007-10-05 8:57 ` Herbert Xu
2007-10-05 13:50 ` Sebastian Siewior
2007-10-05 13:12 ` [PATCH] [crypto] load the SHA1[1|256] module by an alias (v2) Sebastian Siewior
2007-10-05 15:10 ` Herbert Xu
2007-10-06 22:02 ` Sebastian Siewior
2007-10-08 3:21 ` Herbert Xu
2007-10-07 21:42 ` Sebastian Siewior
2007-10-08 3:20 ` Herbert Xu
2007-10-08 12:35 ` Sebastian Siewior
2007-10-08 4:12 ` Herbert Xu
2007-10-05 14:20 ` [PATCH] [crypto] load the SHA1[1|256] module by an alias Herbert Xu
2007-10-06 21:54 ` Sebastian Siewior
2007-10-08 11:25 ` Jan Glauber
2007-10-08 11:30 ` Sebastian Siewior
2007-10-04 8:48 ` {twofish,aes}-{x86_64,i586} versus C implementations Herbert Xu
2007-10-04 9:31 ` Andi Kleen
2007-10-04 10:00 ` Sebastian Siewior
2007-10-04 10:00 ` Herbert Xu
2007-10-04 9:39 ` Sebastian Siewior
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070820111239.GI16680@bingen.suse.de \
--to=ak@suse.de \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox