From owner-svn-src-all@freebsd.org Thu Sep 17 22:45:05 2020 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 36E3C3F0141; Thu, 17 Sep 2020 22:45:05 +0000 (UTC) (envelope-from olivier@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BssVS6wgRz3VjL; Thu, 17 Sep 2020 22:45:04 +0000 (UTC) (envelope-from olivier@freebsd.org) Received: from mail-qv1-f47.google.com (mail-qv1-f47.google.com [209.85.219.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: olivier/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id CC77F29A3B; Thu, 17 Sep 2020 22:45:04 +0000 (UTC) (envelope-from olivier@freebsd.org) Received: by mail-qv1-f47.google.com with SMTP id b13so1884604qvl.2; Thu, 17 Sep 2020 15:45:04 -0700 (PDT) X-Gm-Message-State: AOAM5321Uh/bBNUBnSrs4Ry/IOcKq8/PvvDMsms5xHU9rrgMju8M4lEE Ru1BjyIaXDIp4MO5uk8vY73RcuCzJ2rSNYBbHq0= X-Google-Smtp-Source: ABdhPJx8Z9moMRe8SF/cWBFopxQZ/C2alkXnRsczj12dNvos8fzn20wTMspj/V0zp5SrlHr5ulm07I11tMNGtenWUgI= X-Received: by 2002:a0c:b308:: with SMTP id s8mr31642381qve.16.1600382704486; Thu, 17 Sep 2020 15:45:04 -0700 (PDT) MIME-Version: 1.0 References: <202009081036.088AaCk8085096@repo.freebsd.org> <1ccf2cf7-eb01-a200-4335-4674a010f8a1@FreeBSD.org> In-Reply-To: <1ccf2cf7-eb01-a200-4335-4674a010f8a1@FreeBSD.org> From: =?UTF-8?Q?Olivier_Cochard=2DLabb=C3=A9?= Date: Fri, 18 Sep 2020 00:44:53 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: svn commit: r365449 - head/sbin/rcorder To: John Baldwin Cc: "Andrey V. Elsukov" , src-committers , svn-src-all , svn-src-head Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Sep 2020 22:45:05 -0000 On Thu, Sep 17, 2020 at 10:21 PM John Baldwin wrote: > > > I don't think the issue is with rcorder though. I think the reason the > ordering matters warrants further investigation. Is aesni not getting > used when ipsec is loaded first? You can use dtrace with the script at > https://github.com/bsdjhb/kdbg/blob/master/dtrace/crypto_drivers.d to see > which driver is being used. > > Hi, The driver used is cryptosoft when ipsec keys are set before the aesni module is loaded. I suspect > btw that you could just do 'sh /etc/rc.d/ipsec restart' post-boot without > unloading any modules which would also fix your benchmark. > Correct, just restarting ipsec fix the benchmark. And once restarted, the driver used is aesni. > I think long term we want OCF's notions of sessions to be a bit more > fluid such that "client" sessions for things like GELI and IPSec can > be backed by one or more "driver" sessions (including "driver" sessions > coming and going as devices come and go). That's a fair bit more work > however. > > And why not simply add 'kld' into the REQUIRE part of /etc/rc.d/ipsec ? But this will fix only IPsec: What about other crypto consumers ? Regards, Olivier