Date: Wed, 19 Jul 2006 16:14:04 +0200 (CEST) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-hackers@FreeBSD.ORG, ato@iem.pw.edu.pl Subject: Re: VIA padlock performance Message-ID: <200607191414.k6JEE4Dw050307@lurza.secnetix.de> In-Reply-To: <20060719130117.GA66208@amper.iem.pw.edu.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrzej Tobola wrote: > Oliver Fromme wrote: > > On my EPIA 10000 (1GHz VIA Nehemia) I did some performance > > testing a few months ago under RELENG_6 (not sophisticated > > enough to call it benchmarking). For testing I used scp(1) > > of a large file (an ISO9660 image, 213 MBytes), because > > that's what I often need to do, so it's an important thing > > for me. These are the results (averages of several runs): > > How exactly you enable it ? You need crypto, cryptodev and padlock in your kernel; see the padlock(4) manpage (you can also load it as a module). That's all. You don't have to enable it explicitly. > I have on -current: > # kldload padlock > DLOCK: No ACE support. That output is pretty clear: Either your CPU does not support ACE (that's the name of Nehemia's padlock engine), or it isn't recognized by your version of the padlock(4) driver. What kind of CPU do you have exactly? Please quote the line from your dmesg output. Mine says: CPU: VIA C3 Nehemiah+RNG+ACE (1002.28-MHz 686-class CPU) Origin = "CentaurHauls" Id = 0x698 Stepping = 8 Features=0x381b83f<FPU,VME,DE,PSE,TSC,MSR,SEP,MTRR,PGE,CMOV,PAT,MMX,FXSR,SSE> As you can see, it explicitly mentions "ACE" in the first line. By the way, it also mentions "RNG" which is a hardware random-number generator, which is supported and used by FreeBSD through /dev/random automatically. Cool, eh? :-) (You also get the information from ``sysctl hw.model''.) > 20 1 0xc3dd6000 3000 padlock.ko > 21 1 0xc3dd9000 19000 crypto.ko You will also need "cryptodev" in addition to "crypto". "crypto" manages only in-kernel access to the cryptographic facilities (including hardware acceleration through the padlock driver), which is used by FAST_IPSEC, for example. "cryptodev" will enable access by userland applications (e.g. scp) and libraries (OpenSSL) through /dev/crypto. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "If you think C++ is not overly complicated, just what is a protected abstract virtual base pure virtual private destructor, and when was the last time you needed one?" -- Tom Cargil, C++ Journal
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200607191414.k6JEE4Dw050307>