On 8/20/20 1:10 PM, Herbert Xu wrote:
On Thu, Aug 20, 2020 at 06:54:58AM -0700, Ben Greear wrote:Here's a run on an: Intel(R) Core(TM) i7-7700T CPU @ 2.90GHz testing speed of async cmac(aes-aesni) (cmac(aes-aesni)) [ 259.397910] tcrypt: test 8 ( 1024 byte blocks, 1024 bytes per update, 1 updates): 8442 cycles/operation, 8 cycles/byte testing speed of async cmac(aes-generic) (cmac(aes-generic)) [ 294.171530] tcrypt: test 8 ( 1024 byte blocks, 1024 bytes per update, 1 updates): 9022 cycles/operation, 8 cycles/byte On my slow apu2 board with processor: AMD GX-412TC SOC testing speed of async cmac(aes-aesni) (cmac(aes-aesni)) [ 51.751810] tcrypt: test 8 ( 1024 byte blocks, 1024 bytes per update, 1 updates): 18759 cycles/operation, 18 cycle testing speed of async cmac(aes-generic) (cmac(aes-generic)) [ 97.837497] tcrypt: test 8 ( 1024 byte blocks, 1024 bytes per update, 1 updates): 31365 cycles/operation, 30 cycleSo clearly aes-generic is slower than aes-aesni even with saving and restoring for each block. Therefore improving the performance of the latter per se does not make sense.
I have always assumed that I need aesni instructions to have any chance at this performing well, but there are certainly chips out there that don't have aesni, so possibly it is still worth improving if it is relatively easy to do so. I am currently using x86-64 CPUs with aesni, and also some AP platforms running QCA ARM chips. I am not sure if ARM is using aesni or not...it is certainly not that fast, but maybe for other reasons. Thanks, Ben
Cheers,
-- Ben Greear <greearb@xxxxxxxxxxxxxxx> Candela Technologies Inc http://www.candelatech.com
