VIA padlock performance
olli at lurza.secnetix.de
Wed Jul 19 14:14:12 UTC 2006
Andrzej Tobola wrote:
> Oliver Fromme wrote:
> > On my EPIA 10000 (1GHz VIA Nehemia) I did some performance
> > testing a few months ago under RELENG_6 (not sophisticated
> > enough to call it benchmarking). For testing I used scp(1)
> > of a large file (an ISO9660 image, 213 MBytes), because
> > that's what I often need to do, so it's an important thing
> > for me. These are the results (averages of several runs):
> How exactly you enable it ?
You need crypto, cryptodev and padlock in your kernel; see
the padlock(4) manpage (you can also load it as a module).
That's all. You don't have to enable it explicitly.
> I have on -current:
> # kldload padlock
> DLOCK: No ACE support.
That output is pretty clear: Either your CPU does not
support ACE (that's the name of Nehemia's padlock engine),
or it isn't recognized by your version of the padlock(4)
What kind of CPU do you have exactly? Please quote the
line from your dmesg output. Mine says:
CPU: VIA C3 Nehemiah+RNG+ACE (1002.28-MHz 686-class CPU)
Origin = "CentaurHauls" Id = 0x698 Stepping = 8
As you can see, it explicitly mentions "ACE" in the first
line. By the way, it also mentions "RNG" which is a
hardware random-number generator, which is supported and
used by FreeBSD through /dev/random automatically.
Cool, eh? :-)
(You also get the information from ``sysctl hw.model''.)
> 20 1 0xc3dd6000 3000 padlock.ko
> 21 1 0xc3dd9000 19000 crypto.ko
You will also need "cryptodev" in addition to "crypto".
"crypto" manages only in-kernel access to the cryptographic
facilities (including hardware acceleration through the
padlock driver), which is used by FAST_IPSEC, for example.
"cryptodev" will enable access by userland applications
(e.g. scp) and libraries (OpenSSL) through /dev/crypto.
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.
"If you think C++ is not overly complicated, just what is a protected
abstract virtual base pure virtual private destructor, and when was the
last time you needed one?"
-- Tom Cargil, C++ Journal
More information about the freebsd-hackers