On Thu, 20 Aug 2020 at 09:54, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > > On Thu, Aug 20, 2020 at 09:48:02AM +0200, Ard Biesheuvel wrote: > > > > > Or are you saying on Ben's machine cbc-aesni would have worse > > > performance vs. aes-generic? > > > > > > > Yes, given the pathological overhead of FPU preserve/restore for every > > block of 16 bytes processed by the cbcmac wrapper. > > I'm sceptical. Do we have numbers showing this? You can get them > from tcrypt with my patch: > > https://patchwork.kernel.org/patch/11701343/ > > Just do > > modprobe tcrypt mode=400 alg='cmac(aes-aesni)' klen=16 > modprobe tcrypt mode=400 alg='cmac(aes-generic)' klen=16 > > > cmac() is not really relevant for performance, afaict. Only cbcmac() > > is used for bulk data. > > Sure but it's trivial to extend my cmac patch to support cbcmac. > Sure. Ben, care to have a go at the above on your hardware? It would help us get to the bottom of this issue.
