Speed problems with both system openssl and security/openssl-devel
Lev Serebryakov
lev at FreeBSD.org
Fri Sep 14 00:11:37 UTC 2018
Hello John,
Friday, September 14, 2018, 1:44:13 AM, you wrote:
>> % grep aesni ~/nanobsd/gatevay.v3/J3160
>> device aesni
> From my understanding of the OpenSSL code, it doesn't use the kernel driver
> at all (the kernel driver is only needed for in-kernel crypto such as IPSec
> or GELI).
It is my understanding too.
> AESNI are just instructions that can be used in userland, and
> OpenSSL's AESNI acceleration is purely different routines in userland.
> I would verify if AESNI shows up in the CPU features in dmesg first (if it
> doesn't I'd check for a BIOS option disabling it).
It is enabled. It is used for sure by openssl 1.1.0 on Linux and bu openssl 1.1.1
on FreeBSD, but not by openssl 1.0.2 and 1.1.0 on FreeBSD. Problem is,
openssl 1.1.1 is not used by anything on FreeBSD (yet) and almost
everything uses system (1.0.2) and only some other ports could use 1.1.0
from ports.
--
Best regards,
Lev mailto:lev at FreeBSD.org
More information about the freebsd-current
mailing list