From owner-freebsd-hackers@freebsd.org Thu Jan 28 08:43:56 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 439A3A71912 for ; Thu, 28 Jan 2016 08:43:56 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B5E1C12EA; Thu, 28 Jan 2016 08:43:55 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kostik@localhost [127.0.0.1]) by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id u0S8hosw010277 (version=TLSv1 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Thu, 28 Jan 2016 10:43:50 +0200 (EET) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua u0S8hosw010277 Received: (from kostik@localhost) by tom.home (8.15.2/8.15.2/Submit) id u0S8hnon010276; Thu, 28 Jan 2016 10:43:49 +0200 (EET) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Thu, 28 Jan 2016 10:43:49 +0200 From: Konstantin Belousov To: Stanislav Sedov Cc: Alan Somers , "freebsd-hackers@freebsd.org" Subject: Re: aesni doesn't play nice with krb5 Message-ID: <20160128084349.GJ74231@kib.kiev.ua> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on tom.home X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jan 2016 08:43:56 -0000 On Wed, Jan 27, 2016 at 06:21:11PM -0800, Stanislav Sedov wrote: > > > On Jan 27, 2016, at 3:55 PM, Alan Somers wrote: > > > > I'm experimenting with Kerberized NFS, but my performance sucks when I > > use krb5p. I tracked the problem down to an interaction between aesni > > and krb5: aes_set_key in kcrypto_aes.c registers for a crypto session > > and requests support for two algorithms: CRYPTO_SHA1_HMAC and > > CRYPTO_AES_CBC. aesni(4) supports the latter, but not the former. So > > crypto_select_driver returns cryptosoft and krb5 uses software for > > both algorithms. > > > > It's too bad that aesni doesn't support SHA1, but other software like > > OpenSSL deals with it by using hardware for AES and software for SHA1. > > It seems to me like krb5 could be made to do the same by registering > > for two sessions, one for each algorithm. In fact, it seems like it > > would be pretty easy to do. The changes would probably be confined > > strictly to crypto_aes.c. Is there any reason why this wouldn't work? > > > > This sounds great to me. Might be worth checking with the upstream > Heimdal project to see if they might have some suggestions. But we > can definitely apply this change locally in FreeBSD as we're probably > affected by this more than other Heimdal consumers (who do not rely on > encryption that much). > Could somebody clarify whether the session initiator is the code from user or kernel space ? My note is that utilizing AESNI through /dev/crypto is useless, the syscall overhead and kernel bookkeeping eats so much time that even software AES implementations are faster than AESNI through /dev/crypto.