<div dir="ltr"><span style="font-size:12.8px">Most ARMs have hardware crypto.</span><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">IIRC, aarch64 chips have AES inline instruction like modern x86 CPUs. OpenSSL that ships with CentOS aarch64 already takes advantage of this.</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">On armv7hl and earlier, they typically come with an asynchronous crypto coprocessor. What this does is allows the application to provide a source data pointer, key, and target data pointer, and waits for the co-processor to do it's thing.</div><div style="font-size:12.8px">The upshot of this is what while the process is iowaiting for the response, the kernel can schedule other things requiring CPU time to run, so the main CPU can be productively busy while something else is doing the crypto. On a Marvell Kirkwood, the crypto throughput of this co-processor is approximately the same as what the main CPU can produce, but does so while consuming less power and leaving the CPU free to do other things, potentially doubling the throughput.</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">To use this, you will need to:</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">1) build and install this kernel module:</div><div style="font-size:12.8px"><a href="http://cryptodev-linux.org/" target="_blank">http://cryptodev-linux.org/</a><br></div><div style="font-size:12.8px">2) Recompile your openssl package with a modified ./configure line to enable cryptodev offload</div><div style="font-size:12.8px">3) Rebuild openssh package to back out RedHat's audit patch because it breaks things horribly. IIRC (it's been a while since I worked on this), RH's audit patch adds functionality to store the session crypto keys used in the audit log for debugging. Unfortunately, once you have passed the crypto keys to the crypto coprocessor, you cannot get to them, so the code attempts the equivalent of use-after-free, which (thankfully) fails and crashes sshd. In reality what you are much better off doing is creating a SRPM of a clean vanilla latest upstream openssh source and just using that, without any broken distro patches getting in the way.</div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Aug 11, 2017 at 1:08 PM, Robert Moskowitz <span dir="ltr"><<a href="mailto:rgm@htt-consult.com" target="_blank">rgm@htt-consult.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
How does OpenSSL work on ARM?<br>
<br>
Do any arms have hardware crypto?<br>
<br>
thanks<br>
<div class="m_9161673883200790723moz-forward-container"><br>
<br>
-------- Forwarded Message --------
<table class="m_9161673883200790723moz-email-headers-table" border="0" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<th align="RIGHT" nowrap valign="BASELINE">Subject:
</th>
<td>Re: [openssl-users] Does openssl pick low level
interface or high level interface to do encrypt?</td>
</tr>
<tr>
<th align="RIGHT" nowrap valign="BASELINE">Date: </th>
<td>Thu, 10 Aug 2017 15:16:09 +0000</td>
</tr>
<tr>
<th align="RIGHT" nowrap valign="BASELINE">From: </th>
<td>Salz, Rich via openssl-users
<a class="m_9161673883200790723moz-txt-link-rfc2396E" href="mailto:openssl-users@openssl.org" target="_blank"><openssl-users@openssl.org></a></td>
</tr>
<tr>
<th align="RIGHT" nowrap valign="BASELINE">Reply-To:
</th>
<td>Salz, Rich <a class="m_9161673883200790723moz-txt-link-rfc2396E" href="mailto:rsalz@akamai.com" target="_blank"><rsalz@akamai.com></a>,
<a class="m_9161673883200790723moz-txt-link-abbreviated" href="mailto:openssl-users@openssl.org" target="_blank">openssl-users@openssl.org</a></td>
</tr>
<tr>
<th align="RIGHT" nowrap valign="BASELINE">To: </th>
<td><a class="m_9161673883200790723moz-txt-link-abbreviated" href="mailto:openssl-users@openssl.org" target="_blank">openssl-users@openssl.org</a>
<a class="m_9161673883200790723moz-txt-link-rfc2396E" href="mailto:openssl-users@openssl.org" target="_blank"><openssl-users@openssl.org></a></td>
</tr>
</tbody>
</table>
<br>
<br>
<div class="m_9161673883200790723WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">What
OpenSSL does is not necessarily obvious. The INSTALL
document talks about the no-asm configuration option.
Details about what the assembler code does in terms of
optimization are only available by reading the source code
comments in the various Perl files that generate the
assembler, mostly.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">On
x86, the assembly code uses the CPUID instruction (see the
OPENSSL_ia32cap.pod manpage) to determine if various
instructions (AES, SSE, MMX, etc) are available and will use
them if so. For other processors, similar tests are
performed if at all possible.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">I
have added this to the FAQ<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><u></u> <u></u></span></p>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">--
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Senior
Architect, Akamai Technologies<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Member,
OpenSSL Dev Team<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">IM:
<a class="m_9161673883200790723moz-txt-link-abbreviated" href="mailto:richsalz@jabber.at" target="_blank">richsalz@jabber.at</a> Twitter: RichSalz<u></u><u></u></span></p>
</div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><u></u> <u></u></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> -
JinsongJi [<a class="m_9161673883200790723moz-txt-link-freetext" href="mailto:jjsbear@hotmail.com" target="_blank">mailto:jjsbear@hotmail.com</a>]
<br>
<b>Sent:</b> Wednesday, August 09, 2017 9:09 AM<br>
<b>To:</b> <a class="m_9161673883200790723moz-txt-link-abbreviated" href="mailto:openssl-users@openssl.org" target="_blank">openssl-users@openssl.org</a><br>
<b>Subject:</b> [openssl-users] Does openssl pick low
level interface or high level interface to do encrypt?<u></u><u></u></span></p>
</div>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
<div id="m_9161673883200790723divtagdefaultwrapper">
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black">Hi,<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black"> <u></u><u></u></span></p>
<pre><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">For one simple operation: </span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#778596">openssl enc -aes-256-cbc -salt -in foo.txt -out foo.enc</span><span style="color:black"><u></u><u></u></span></pre>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black">Does
openssl pick classic implementation or AES-NI
implementation to do this encrypt?
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black"> <u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black">Does any
user/application always pick classic implementation
for AES operation regardless of AES-NI improves speed
much?<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black">Is there
any document about this interface selection?<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black"> <u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black">Thanks,<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">Jinsong</span><span style="font-family:"Calibri",sans-serif;color:black">
<u></u><u></u></span></p>
</div>
</div>
</div>
</div>
</div>
<br>______________________________<wbr>_________________<br>
Arm-dev mailing list<br>
<a href="mailto:Arm-dev@centos.org">Arm-dev@centos.org</a><br>
<a href="https://lists.centos.org/mailman/listinfo/arm-dev" rel="noreferrer" target="_blank">https://lists.centos.org/<wbr>mailman/listinfo/arm-dev</a><br>
<br></blockquote></div><br></div>