From owner-freebsd-hackers@freebsd.org Thu Jan 28 08:48:34 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C1C27A719F4 for ; Thu, 28 Jan 2016 08:48:34 +0000 (UTC) (envelope-from stas@freebsd.org) Received: from mx0.deglitch.com (mx0.deglitch.com [62.152.53.178]) by mx1.freebsd.org (Postfix) with ESMTP id 89BD414B4; Thu, 28 Jan 2016 08:48:34 +0000 (UTC) (envelope-from stas@freebsd.org) Received: from [IPv6:2601:646:8401:8465:d9b8:181a:a593:380c] (unknown [IPv6:2601:646:8401:8465:d9b8:181a:a593:380c]) by mx0.deglitch.com (Postfix) with ESMTPSA id 58CE88FC0A; Thu, 28 Jan 2016 00:48:30 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\)) Subject: Re: aesni doesn't play nice with krb5 From: Stanislav Sedov In-Reply-To: <20160128084349.GJ74231@kib.kiev.ua> Date: Thu, 28 Jan 2016 00:48:49 -0800 Cc: Alan Somers , "freebsd-hackers@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: <6329AC49-E26B-4DB8-A897-77FE3C858C86@freebsd.org> References: <20160128084349.GJ74231@kib.kiev.ua> To: Konstantin Belousov X-Mailer: Apple Mail (2.3112) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jan 2016 08:48:34 -0000 > On Jan 28, 2016, at 12:43 AM, Konstantin Belousov = wrote: >=20 > On Wed, Jan 27, 2016 at 06:21:11PM -0800, Stanislav Sedov wrote: >>=20 >>> On Jan 27, 2016, at 3:55 PM, Alan Somers = wrote: >>>=20 >>> I'm experimenting with Kerberized NFS, but my performance sucks when = I >>> use krb5p. I tracked the problem down to an interaction between = aesni >>> and krb5: aes_set_key in kcrypto_aes.c registers for a crypto = session >>> and requests support for two algorithms: CRYPTO_SHA1_HMAC and >>> CRYPTO_AES_CBC. aesni(4) supports the latter, but not the former. = So >>> crypto_select_driver returns cryptosoft and krb5 uses software for >>> both algorithms. >>>=20 >>> It's too bad that aesni doesn't support SHA1, but other software = like >>> OpenSSL deals with it by using hardware for AES and software for = SHA1. >>> It seems to me like krb5 could be made to do the same by registering >>> for two sessions, one for each algorithm. In fact, it seems like it >>> would be pretty easy to do. The changes would probably be confined >>> strictly to crypto_aes.c. Is there any reason why this wouldn't = work? >>>=20 >>=20 >> This sounds great to me. Might be worth checking with the upstream >> Heimdal project to see if they might have some suggestions. But we >> can definitely apply this change locally in FreeBSD as we're probably >> affected by this more than other Heimdal consumers (who do not rely = on >> encryption that much). >>=20 >=20 > Could somebody clarify whether the session initiator is the code > from user or kernel space ? My note is that utilizing AESNI through > /dev/crypto is useless, the syscall overhead and kernel bookkeeping = eats > so much time that even software AES implementations are faster than > AESNI through /dev/crypto. >=20 It=E2=80=99s actually in the kernel: sys/kgssapi/krb5/kcrypto_aes.c. = Please disregard my earlier reply as I somehow assumed we were talking about Heimdal, but now I realized that given it=E2=80=99s NFS encryption, it = obviously isn=E2=80=99t in userspace. -- ST4096-RIPE