Re: Patch: cprng_fast performance - please review.

To: Taylor R Campbell <campbell+netbsd-tech-kern%mumble.net@localhost>
Subject: Re: Patch: cprng_fast performance - please review.
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Fri, 18 Apr 2014 14:41:07 -0400

On Fri, Apr 18, 2014 at 06:11:39PM +0000, Taylor R Campbell wrote:
> 
> The majority of systems certainly don't have AES-NI.  Only some recent
> Intel CPUs do, and we can't use it in the kernel anyway.

Right: plenty of systems accellerate AES, but in the wide world of
systems that are not all x86 desktops or servers (embedded MIPS and ARM
are particularly important targets for NetBSD), comparatively few
accelerate AES using instructions rather than an offboard accellerator.

Unless we are going to pre-buffer huge amounts of this keystream in the
kernel (which poses its own risks) using an offboard accellerator for
this purpose doesn't seem practical to me.  And I've worked with them
a lot.

Of the few systems which do have instructions that accellerate AES, on
the most common implementation -- x86 -- we cannot use the instructions
in question in the kernel because they use CPU state we do not save/
restore when the kernel runs.  I'd welcome anyone's work to fix that,
so long as it does not impose major performance costs of its own, but
I do not personally have the skill to do it, and if wishes were horses...

Thor

Follow-Ups:
- Re: Patch: cprng_fast performance - please review.
  - From: David Laight

References:
- Re: Patch: cprng_fast performance - please review.
  - From: Markku-Juhani Olavi Saarinen
- Re: Patch: cprng_fast performance - please review.
  - From: Taylor R Campbell

Prev by Date: Re: Patch: cprng_fast performance - please review.
Next by Date: Re: Patch: cprng_fast performance - please review.
Previous by Thread: Re: Patch: cprng_fast performance - please review.
Next by Thread: Re: Patch: cprng_fast performance - please review.
Indexes:

Home | Main Index | Thread Index | Old Index