Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LibreSSL flavor doesn't use aesni #2343

Closed
h-2 opened this issue Apr 10, 2018 · 5 comments
Closed

LibreSSL flavor doesn't use aesni #2343

h-2 opened this issue Apr 10, 2018 · 5 comments
Assignees
@fichtner
Labels
bug Production bug
Milestone
18.7

Comments

@h-2
Copy link

h-2 commented Apr 10, 2018
edited
Loading

Coming here from #222

LibreSSL does not seem to be able to make use of AES-NI:

speed
openssl -evp 390 MB/s
openssl 86 MB/s
libressl -evp 55 MB/s
libressl 55 MB/s

(all of the above is 8KB, aes-128-cbc)

Long log:

root@fire:~ # openssl speed -evp aes-128-cbc
OpenSSL 1.0.2k-freebsd  26 Jan 2017
built on: date not available
options:bn(64,64) rc4(16x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) 
compiler: clang
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128-cbc     259552.04k   346362.11k   368229.12k   385205.63k   390116.57k

root@fire:~ # openssl speed  aes-128-cbc
OpenSSL 1.0.2k-freebsd  26 Jan 2017
built on: date not available
options:bn(64,64) rc4(16x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) 
compiler: clang
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128 cbc      32988.44k    36508.98k    37855.04k    85214.55k    86029.65k

root@fire:~ # /usr/local/bin/openssl speed -evp aes-128-cbc
LibreSSL 2.6.4
built on: date not available
options:bn(64,64) rc4(ptr,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) 
compiler: information not available
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128-cbc      45461.70k    52489.94k    54501.63k    55128.06k    55235.93k

root@fire:~ # /usr/local/bin/openssl speed aes-128-cbc
LibreSSL 2.6.4
built on: date not available
options:bn(64,64) rc4(ptr,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) 
compiler: information not available
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128 cbc      50298.05k    53927.98k    54856.77k    55211.87k    55160.47k

Also note how the performance differs between the (block?) sizes in OpenSSL, but not in LibreSSL ❓

VERSIONS:
OPNsense 18.1.5-amd64
FreeBSD 11.1-RELEASE-p8
LibreSSL 2.6.4
@fichtner
Copy link
Member

I looked into this. LibreSSL 2.6 seems to have broken their assembler inclusion switch in the portable version. First attempts to undo this ended in compiler errors...

@fichtner fichtner self-assigned this Apr 10, 2018
@fichtner fichtner added the bug Production bug label Apr 10, 2018
@fichtner fichtner added this to the 18.7 milestone Apr 10, 2018
@h-2
Copy link
Author

h-2 commented Apr 10, 2018

Thanks for looking into this!

LibreSSL 2.6 seems to have broken their assembler inclusion switch in the portable version. First attempts to undo this ended in compiler errors...

Yeah, I heard that the "for other OS" - versions of OpenBSD tools receive a lot less love, but I would have hoped for something like LibreSSL to have upstream regression testing...

@fichtner
Copy link
Member

Even OpenSSL was shipped without assembler bits in FreeBSD ports for a while... because it is a difficult regression to observe as it passes all checks... :)

Will try again tomorrow.

@fichtner
Copy link
Member

Here's a report of the same issue, but with inconclusive outcome https://forums.freebsd.org/threads/openssl-almost-10x-faster-than-libressl.64497/

@fichtner
Copy link
Member

Will be fixed in 18.1.7, or you can build from ports: opnsense/ports@167e07f

# /usr/local/bin/openssl speed aes-128-cbc
Doing aes-128 cbc for 3s on 16 size blocks: 5804203 aes-128 cbc's in 3.01s
Doing aes-128 cbc for 3s on 64 size blocks: 1538558 aes-128 cbc's in 3.00s
Doing aes-128 cbc for 3s on 256 size blocks: 398692 aes-128 cbc's in 3.03s
Doing aes-128 cbc for 3s on 1024 size blocks: 259775 aes-128 cbc's in 3.00s
Doing aes-128 cbc for 3s on 8192 size blocks: 33573 aes-128 cbc's in 3.05s
LibreSSL 2.6.4
built on: date not available
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) 
compiler: information not available
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128 cbc      30875.34k    32822.57k    33670.98k    88669.87k    90035.40k


# /usr/local/bin/openssl speed -evp aes-128-cbc
Doing aes-128-cbc for 3s on 16 size blocks: 42103543 aes-128-cbc's in 2.99s
Doing aes-128-cbc for 3s on 64 size blocks: 15075790 aes-128-cbc's in 3.03s
Doing aes-128-cbc for 3s on 256 size blocks: 4999768 aes-128-cbc's in 3.07s
Doing aes-128-cbc for 3s on 1024 size blocks: 1347537 aes-128-cbc's in 3.09s
Doing aes-128-cbc for 3s on 8192 size blocks: 169767 aes-128-cbc's in 3.05s
LibreSSL 2.6.4
built on: date not available
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) 
compiler: information not available
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128-cbc     225138.53k   318301.22k   416876.33k   447150.30k   456445.13k


# openssl speed -evp aes-128-cbc
Doing aes-128-cbc for 3s on 16 size blocks: 46193717 aes-128-cbc's in 3.01s
Doing aes-128-cbc for 3s on 64 size blocks: 15384777 aes-128-cbc's in 2.99s
Doing aes-128-cbc for 3s on 256 size blocks: 4979313 aes-128-cbc's in 3.04s
Doing aes-128-cbc for 3s on 1024 size blocks: 1350271 aes-128-cbc's in 3.09s
Doing aes-128-cbc for 3s on 8192 size blocks: 167022 aes-128-cbc's in 3.00s
OpenSSL 1.0.2k-freebsd  26 Jan 2017
built on: date not available
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) 
compiler: clang
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128-cbc     245726.58k   329065.52k   419439.92k   448057.52k   456081.41k


# openssl speed aes-128-cbc
Doing aes-128 cbc for 3s on 16 size blocks: 5905486 aes-128 cbc's in 3.02s
Doing aes-128 cbc for 3s on 64 size blocks: 1558719 aes-128 cbc's in 3.01s
Doing aes-128 cbc for 3s on 256 size blocks: 399193 aes-128 cbc's in 3.01s
Doing aes-128 cbc for 3s on 1024 size blocks: 262289 aes-128 cbc's in 3.00s
Doing aes-128 cbc for 3s on 8192 size blocks: 33245 aes-128 cbc's in 3.02s
OpenSSL 1.0.2k-freebsd  26 Jan 2017
built on: date not available
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) 
compiler: clang
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128 cbc      31251.77k    33166.30k    33975.99k    89527.98k    90077.28k

Thanks for the report!

fichtner referenced this issue in opnsense/ports Apr 12, 2018
@fichtner
security/libressl: AES-NI assembler wasn't active...
167e07f 
it looks like this is a mix of bad AC scripting and AC version
update breaking the bad AC scripting in the process.  Oh well.
@h-2 h-2 mentioned this issue Jun 23, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fichtner fichtner

Labels
bug Production bug
Milestone
18.7
Development

No branches or pull requests
2 participants
@fichtner @h-2