[PATCH] Use Intel AES instruction set if it exists.
Andreas Schneider
asn at samba.org
Fri Sep 1 19:51:05 UTC 2017
On Friday, 1 September 2017 21:12:08 CEST Jeremy Allison via samba-technical
wrote:
> On Fri, Sep 01, 2017 at 10:05:18AM -0700, Jeremy Allison via samba-technical
wrote:
> > OK, let's chat. In the meantime, parsing Metze's cryptic words
> > of wisdom... :-)
> >
> > Isn't this:
> >
> > https://git.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=3759eb23b38c
> >
> > *exactly* what we're both talking about ?
>
> Indeed it was...
>
> So as Metze already essentially *did* the libnettle work (just didn't
> mention it :-) here is a version that uses libnettle for the 4 AES
> functions (I added Metze's 'Signed-off-by:' as well as mine as it's
> 99% his work):
>
> AES_set_encrypt_key()
> AES_set_decrypt_key()
> AES_encrypt()
> AES_decrypt()
>
> which (if libnettle has been compiled correctly) should use the Intel
> AESNI instructions - giving the same speed benefits as the direct patch.
>
> I'm getting Justin @ Netgear to test, so I'm not proposing this for
> inclusion until I get the results - just wanted to report back sooner
> rather than later (I got a bit snotty asking for resource and schedules
> 'cos I was pissed over people looking a gift horse in the mouth - sorry
> about that). Seems I was looking Metze's gift horse in the mouth myself
> (although in my defense I didn't know about it :-) :-).
The nettle implementation *could be* a slower than the one from the Kernel.
Niels wrote on the nettle mailinglist:
~~~~ quote ~~~~
* Nettle's AESNI assembly routines were written for simplicity and small
code size, without putting a lot of effort into it. They could
probably be sped up by some unrolling or more careful instruction
scheduling. Patches welcome (but we shouldn't use excessive unrolling
unless there's a significant speedup).
~~~~ quote ~~~~
http://lists.lysator.liu.se/pipermail/nettle-bugs/2017/003295.html
Looks like GnuTLS uses the OpenSSL assembler files (because they are BSD
licensed).
Andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
More information about the samba-technical
mailing list