Re: AES assembler optimizations

From: Andi Kleen
Date: Mon Aug 09 2004 - 13:22:08 EST

Next message: Andrew Morton: "Re: [PATCH] Reduce bkl usage in do_coredump"
Previous message: Randy.Dunlap: "Re: [RFC] Host Virtual Serial Interface driver"
In reply to: Bill Davidsen: "Re: AES assembler optimizations"
Next in thread: dean gaudet: "Re: AES assembler optimizations"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Aug 09, 2004 at 06:02:08PM +0200, Bob Deblier wrote:
> On Mon, 2004-08-09 at 16:28, Andi Kleen wrote:
> > Bob Deblier <bob.deblier@xxxxxxxxxx> writes:
> >
> > > Just picked up on KernelTrap that there were some problems with
> > > optimized AES code; if you wish, I can provide my own LGPL licensed (or
> > > I can relicense them for you under GPL), as included in the BeeCrypt
> > > Cryptography Library.
> > >
> > > I have generic i586 code and SSE-optimized code available in GNU
> > > assembler format. Latest version is always available on SourceForge
> > > (http://sourceforge.net/cvs/?group_id=8924).
> >
> > Would be interesting. Do you have any benchmarks for your code?
>
> BeeCrypt contains benchmarks in the 'tests' subdirectory. Running of
> 'make bench' will execute them. Benchmarks results below for repeatedly
> looping over the same 16K block, produced by 'benchbc', without any
> tweaks (YMMV):

I guess a cache cold benchmark would be more interesting. AFAIK
linux does encryption/decryption usually on cache cold buffers.

> P4 2400, with MMX:
> ECB encrypted 738304 KB in 10.00 seconds = 73823.02 KB/s
> CBC encrypted 659456 KB in 10.00 seconds = 65925.82 KB/s
> ECB decrypted 765952 KB in 10.00 seconds = 76564.57 KB/s
> CBC decrypted 616448 KB in 10.02 seconds = 61546.33 KB/s
>
> P4 2400, plain i386:
> ECB encrypted 584704 KB in 10.01 seconds = 58435.34 KB/s
> CBC encrypted 570368 KB in 10.01 seconds = 56979.82 KB/s
> ECB decrypted 444416 KB in 10.02 seconds = 44357.32 KB/s
> CBC decrypted 423936 KB in 10.02 seconds = 42304.76 KB/s

MMX seems to be fast enough that it's probably a win to use,
even with the overhead of kernel_fpu_begin/end

It usually annoys the "low latency" people a bit though because
it requires disabling kernel preemption during the computation.

-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [PATCH] Reduce bkl usage in do_coredump"
Previous message: Randy.Dunlap: "Re: [RFC] Host Virtual Serial Interface driver"
In reply to: Bill Davidsen: "Re: AES assembler optimizations"
Next in thread: dean gaudet: "Re: AES assembler optimizations"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]