From owner-freebsd-arch@freebsd.org Mon Mar 26 15:18:56 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F2851F4CAC8 for ; Mon, 26 Mar 2018 15:18:55 +0000 (UTC) (envelope-from emeric.poupon@stormshield.eu) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 875838247F for ; Mon, 26 Mar 2018 15:18:55 +0000 (UTC) (envelope-from emeric.poupon@stormshield.eu) Received: by mailman.ysv.freebsd.org (Postfix) id 44091F4CAC6; Mon, 26 Mar 2018 15:18:55 +0000 (UTC) Delivered-To: arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 31C05F4CAC5 for ; Mon, 26 Mar 2018 15:18:55 +0000 (UTC) (envelope-from emeric.poupon@stormshield.eu) Received: from work.stormshield.eu (gwlille.netasq.com [91.212.116.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C722F8247D; Mon, 26 Mar 2018 15:18:53 +0000 (UTC) (envelope-from emeric.poupon@stormshield.eu) Received: from work.stormshield.eu (localhost [127.0.0.1]) by work.stormshield.eu (Postfix) with ESMTPS id 1DC7737604F4; Mon, 26 Mar 2018 17:09:16 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by work.stormshield.eu (Postfix) with ESMTP id 110A937603B9; Mon, 26 Mar 2018 17:09:16 +0200 (CEST) Received: from work.stormshield.eu ([127.0.0.1]) by localhost (work.stormshield.eu [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id U91PFkAYLHh4; Mon, 26 Mar 2018 17:09:16 +0200 (CEST) Received: from work.stormshield.eu (localhost [127.0.0.1]) by work.stormshield.eu (Postfix) with ESMTP id F2D673760393; Mon, 26 Mar 2018 17:09:15 +0200 (CEST) Date: Mon, 26 Mar 2018 17:09:15 +0200 (CEST) From: Emeric POUPON To: John Baldwin Cc: arch@freebsd.org Message-ID: <411722908.3896403.1522076955839.JavaMail.zimbra@stormshield.eu> In-Reply-To: <3790717.UIxaijsHl3@ralph.baldwin.cx> References: <3790717.UIxaijsHl3@ralph.baldwin.cx> Subject: Re: Ranting about OCF / crypto(9) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Thread-Topic: Ranting about OCF / crypto(9) Thread-Index: lsICCUX7Ybc1rzKmA1kjPsh55wjdOA== X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Mar 2018 15:18:56 -0000 > - We need to not treat accelerated software (e.g. AES-NI) as a > hardware interface. Right now OCF's model of priorities when > trying to choose a backend driver for a session only has two > "levels" software vs hardware and aesni(4) (and the ARMv8 variant) > are lumped into the hardware bucket so that they have precedence > over the "dumb" software implementation. However, the accelerated > software algorithms do need some of the same support features of > the "dumb" software implementation (such as being scheduled on a > thread pool to use CPU cycles) that are not needed by other "hardware" > engines. OCF needs to understand this distinction. Hello, As you already mentioned before, we cannot benefit from aesni(4) with IPSec on Intel platforms, except when using AEAD algorithms like GCM. Maybe we should not expose accelerated software (e.g. AESNI) as crypto drivers. Plugging them directly into cryptosoft brings some benefits: - no duplicate code about crypto session handling, - partially accelerated crypto (e.g. aesni for AES-CBC, soft for SHA256. Useful for IPSec), - possible use of the 'async' mode to process crypto jobs using a thread pool. Actually that's something we already did using straightforward, internal patches. Now I would like to know what you think about this idea and what you would suggest to achieve this? (using a new framework?) Regards, Emeric