From owner-freebsd-stable  Thu Feb 27  6: 0:10 2003
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E98D137B406
	for <stable@freebsd.org>; Thu, 27 Feb 2003 06:00:06 -0800 (PST)
Received: from oneplusone.ch (oneplusone.ch [212.55.208.170])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D9F3A43F85
	for <stable@freebsd.org>; Thu, 27 Feb 2003 06:00:04 -0800 (PST)
	(envelope-from ast@marabu.ch)
Received: from oneplusone.ch (localhost [127.0.0.1])
	by oneplusone.ch (8.12.6/8.12.3) with ESMTP id h1RE02ew002122
	for <stable@freebsd.org>; Thu, 27 Feb 2003 15:00:02 +0100 (MET)
	(envelope-from ast@marabu.ch)
Received: (from uucp@localhost)
	by oneplusone.ch (8.12.6/8.12.3/Submit) with UUCP id h1RE02eS002121
	for stable@freebsd.org; Thu, 27 Feb 2003 15:00:02 +0100 (MET)
Received: from marabu.marabu.ch (marabu.marabu.ch [192.168.21.3])
	by marabu.ch (8.11.6/8.11.6) with ESMTP id h1RDvwF32535
	for <stable@freebsd.org>; Thu, 27 Feb 2003 14:57:58 +0100 (MET)
	(envelope-from ast@marabu.ch)
Received: by marabu.marabu.ch (8.7.5/20001028-ast-8.3) id OAA00975; Thu, 27 Feb 2003 14:57:56 +0100 (CET)
Message-Id: <200302271357.OAA00975@marabu.marabu.ch>
MIME-Version: 1.0 (NeXT Mail 3.3 v124.8483.6)
Content-Type: text/plain
X-Nextstep-Mailer: Mail 3.3 (Enhance 2.0b6)
Received: by NeXT.Mailer (1.124.8483.6)
From: Adrian Steinmann <ast@marabu.ch>
Date: Thu, 27 Feb 2003 14:57:53 +0100
To: stable@freebsd.org
Subject: Is OpenSSL 0.9.7a really using cryptodev hardware?
X-Organization: Webgroup Consulting AG, Apollostrasse 21, 8032 Zurich
X-Phone-Numbers: Switzerland, Tel +41 1 380 30 83 Fax +41 1 380 30 85
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

I'm running RELENG_4 cvsup-ed 2003/02/25UTC

$ openssl version
OpenSSL 0.9.7a Feb 19 2003
$ ldd /usr/bin/openssl:
        libssl.so.3 => /usr/lib/libssl.so.3 (0x280b0000)
        libcrypto.so.3 => /usr/lib/libcrypto.so.3 (0x280df000)
        libc.so.4 => /usr/lib/libc.so.4 (0x281d6000)

On my Soekris net4501 I have:

    device crypto
    device cryptodev
    device hifn

configured in the kernel and running:
    hifn0 mem 0xa0001000-0xa0001fff,0xa0000000-0xa0000fff irq 10 at device 16.0 on pci0
    hifn0: Hifn 7951, rev 0, 128KB sram, 193 sessions

and /dev/crypto exists as well, openssl reports it as available:

$ openssl engine -vvv -c -t
(cryptodev) BSD cryptodev engine
 [RSA, DSA, DH, DES-CBC, DES-EDE3-CBC]
     [ available ]
... (the other are not available)

When I run cryptotest -z (from /usr/src/tools/tools/crypto)
I get these speeds:
# sysctl -w debug.crypto_timing=1
$ cryptotest -z|grep 8192
 0.474 sec,       2    des crypts,    8192 bytes,    34600 byte/sec,     0.3 Mb/sec
 0.471 sec,       2   3des crypts,    8192 bytes,    34753 byte/sec,     0.3 Mb/sec

and cryptostats reports these:
$ cryptostats
1171 symmetric crypto ops (0 errors, 0 times driver blocked)
0 key ops (0 errors, 0 times driver blocked)
0 crypto dispatch thread activations
1171 crypto return thread activations

dispatch->invoke: avg   7764 ns : min      0 ns : max  102959 ns [823 samps]
    invoke->done: avg 224321569 ns : min      0 ns : max 226578803 ns [823 samps]
        done->cb: avg 8647603 ns : min      0 ns : max 13619770 ns [823 samps]
       cb->finis: avg  27031 ns : min      0 ns : max  120359 ns [823 samps]

However, when I do the same test with openssl the numbers look
identical with and without /dev/crypto:

$ openssl speed -engine cryptodev des
engine "cryptodev" set.
...
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
des cbc            576.97k      612.60k      610.02k      617.09k      609.10k
des ede3           174.44k      181.80k      185.19k      183.17k      183.55k
# rm -f /dev/crypto
$ openssl speed -engine cryptodev des
reports an invalid engine "cryptodev" and then continues with same numbers

cryptostats doesn't report any addironal hifn processing, and when

# sysctl -w debug.hifn=1

is set, no debugging is seen on console during openssl speed either.

Furthermore,

/usr/src/crypto/openssl/crypto/engine/enginetest.c

reports no available engines:

$ ./enginetest

enginetest beginning

listing available engine types
end of list
...

This all leads me to suspect that the -stable openssl 0.9.7a doesn't
have the complete cryptodev engine compiled in. Is openssl failing
to put cryptodev into the engine list when it does speed? I've also
tried encryption runs but they all don't seem to use the hifn for
encryption.

(I've compared ktraces for both cryptotest and openssl, openssl
does three ioctl() on /dev/crypto during speed, whereas cryptotest
keeps on doing the ioctl() for the encryption).

Adrian

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message