From: "PierreGondois" <pierre.gondois@arm.com>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: "Li, Yi1" <yi1.li@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>,
"Yao, Jiewen" <jiewen.yao@intel.com>,
"Lu, Xiaoyu1" <xiaoyu1.lu@intel.com>,
"Jiang, Guomin" <guomin.jiang@intel.com>,
Leif Lindholm <quic_llindhol@quicinc.com>,
Ard Biesheuvel <ardb+tianocore@kernel.org>,
Sami Mujawar <sami.mujawar@arm.com>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: Re: [edk2-devel] [PATCH v1 0/7] CryptoPkg: Enable Openssl native instruction support for AARCH64
Date: Wed, 8 Nov 2023 17:19:40 +0100 [thread overview]
Message-ID: <1a6b36af-caa3-48e3-af75-1b38c5b8418f@arm.com> (raw)
In-Reply-To: <CAMj1kXHNBpQTFC84kibpv=52uhwzwCX4U8n=a+XzJVsQYmMy3g@mail.gmail.com>
Hello Ard,
On 11/8/23 16:03, Ard Biesheuvel wrote:
> Hello Pierre,
>
> Thanks for working on this.
>
> On Wed, 8 Nov 2023 at 15:39, Pierre Gondois <pierre.gondois@arm.com> wrote:
>>
>> Hello Yi,
>>
>> The tests run are based on the TestBaseCryptLibShell module.
>> Each test is run 100 times, then the first 5 values
>> (considered as warmup) are removed.
>>
>> The NoAccel column relies on the OpensslLibFull implementation,
>> the Accel column relies on the OpensslLibFullAccel implementation.
>> The 'Improvement' column is computed as:
>> 100 * ('Accel (ns)' - 'NoAccel (ns)') / 'NoAccel (ns)'
>>
>> The std deviation of the TestVerifyDhGenerateKey is big.
>> It is due to [1] being called with the 'safe' parameter set, leading
>> to the prime number taking more time to generate. It requires ~10
>> iterations when safe=false, ~1000 iterations when safe=true.
>>
>> The test was run on a Juno-r2. The native Openssl implementation makes
>> use of the following features (cf. [2]):
>> - ARMV7_NEON
>> - ARMV8_AES
>> - ARMV8_SHA1
>> - ARMV8_SHA256
>> and misses:
>> - ARMV8_PMULL
>
> Why was this omitted? Juno implements the underlying instruction so we
> should be able to use this code too.
The Juno effectively has PMULL, this was due to some badly defined values in:
[PATCH v1 2/7] MdePkg/BaseLib: AARCH64: Add ArmReadIdAA64Isar0Reg()
I will correct this in the v2 ...
Regards,
Pierre
>
>
>> - ARMV8_SHA512
>>
>> [1] CryptoPkg/Library/OpensslLib/openssl/crypto/bn/bn_prime.c:BN_generate_prime_ex2()
>> [2] CryptoPkg/Library/OpensslLib/openssl/crypto/arm_arch.h
>>
>> | TestName | NoAccel (ns) | NoAccel std | Accel (ns) | Accel std | Improvement |
>> |:--------------------|---------------:|--------------:|-------------:|------------:|--------------:|
>> | mPkcs7EkuTest | 14883462 | 16175 | 14777782 | 28099 | -0.71005 |
>> | mAeadAesGcmTest | 137082 | 1937 | 116010 | 722 | -15.3718 |
>> | mBlockCipherTest | 7390 | 85 | 7192 | 189 | -2.6793 |
>> | mAuthenticodeTest | 71440889 | 3150754 | 64153427 | 1525259 | -10.2007 |
>> | mBnTest | 755820 | 55968 | 730951 | 65075 | -3.29033 |
>> | mDhTest | 3625850738 | 3194665276 | 2585215827 | 2394541660 | -28.7004 |
>> | mEcTest | 24661474 | 187448 | 23480124 | 174758 | -4.79027 |
>> | mHkdfTest | 1013338 | 4648 | 903299 | 7193 | -10.8591 |
>> | mHmacTest | 250284 | 35322 | 213063 | 36323 | -14.8715 |
>> | mImageTimestampTest | 14674681 | 87409 | 11877127 | 20965 | -19.0638 |
>> | mOaepTest | 25750532 | 100301 | 18066871 | 40274 | -29.8388 |
>> | mPkcs5Test | 174126 | 1537 | 151554 | 2287 | -12.963 |
>> | mPkcs7Test | 28141988 | 62781 | 25136968 | 59675 | -10.6781 |
>> | mPrngTest | 750055 | 3376 | 451404 | 4437 | -39.8172 |
>> | mRsaCertTest | 38935884 | 90999 | 36458419 | 97471 | -6.36294 |
>> | mRsaTest | 22441717 | 61863 | 16673925 | 58522 | -25.7012 |
>> | mRsaPssTest | 142031418 | 131585 | 98656708 | 110644 | -30.5388 |
>> | mHashTest | 22383 | 6507 | 17628 | 7553 | -21.2438 |
>> | mX509Test | 53441738 | 90749 | 51609184 | 184683 | -3.42907 |
>>
>> Regards,
>> Pierre
>>
>> On 11/7/23 03:38, Li, Yi1 wrote:
>>> Hi Pierre,
>>>
>>> Could you share what tests you did and the test results?
>>>
>>> Regards,
>>> Yi
>>>
>>> -----Original Message-----
>>> From: Pierre Gondois <pierre.gondois@arm.com>
>>> Sent: Thursday, November 2, 2023 9:54 PM
>>> To: devel@edk2.groups.io
>>> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Li, Yi1 <yi1.li@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Leif Lindholm <quic_llindhol@quicinc.com>; Ard Biesheuvel <ardb+tianocore@kernel.org>; Sami Mujawar <sami.mujawar@arm.com>; Gerd Hoffmann <kraxel@redhat.com>
>>> Subject: [PATCH v1 0/7] CryptoPkg: Enable Openssl native instruction support for AARCH64
>>>
>>> Various OpensslLib implementations are available in edk2. The OpensslLibAccel.inf and OpensslLibFullAccel.inf ones use architecture specific instructions, e.g. AESE, PMULL, SHA256H, ..., allowing to improve speed.
>>>
>>> Enable support for Aarch64's native instructions:
>>> - Add ArmReadCntPctReg() and ArmReadIdAA64Isar0Reg() to
>>> Aarch64's BaseLib.
>>> - Generate Aarch64's specific Openssl functions.
>>> - Add a OpensslStub/AArch64Cap.c file to allow Openssl
>>> to probe Aarch64 native instruction support.
>>>
>>> This patch-set only enable support for GCC for now (MSFT support not added).
>>>
>>> Pierre Gondois (7):
>>> MdePkg/BaseLib: AARCH64: Add ArmReadCntPctReg()
>>> MdePkg/BaseLib: AARCH64: Add ArmReadIdAA64Isar0Reg()
>>> MdePkg/BaseRngLib: Prefer ArmReadIdAA64Isar0Reg() over
>>> ArmReadIdIsar0()
>>> CryptoPkg/OpensslLib: Add native instruction support for AARCH64
>>> CryptoPkg/OpensslLib: Generate files for AARCH64 native support
>>> CryptoPkg/OpensslLib: Add AArch64Cap for arch specific hooks
>>> CryptoPkg: Enable Openssl Accel builds for AARCH64
>>>
>>> CryptoPkg/CryptoPkg.dsc | 23 +-
>>> .../AARCH64-GCC/crypto/aes/aesv8-armx.S | 3180 ++++++++
>>> .../AARCH64-GCC/crypto/aes/vpaes-armv8.S | 1196 +++
>>> .../AARCH64-GCC/crypto/arm64cpuid.S | 129 +
>>> .../AARCH64-GCC/crypto/bn/armv8-mont.S | 2124 ++++++
>>> .../crypto/ec/ecp_nistz256-armv8.S | 4242 +++++++++++
>>> .../crypto/modes/aes-gcm-armv8_64.S | 6389 +++++++++++++++++
>>> .../AARCH64-GCC/crypto/modes/ghashv8-armx.S | 552 ++
>>> .../AARCH64-GCC/crypto/sha/keccak1600-armv8.S | 1009 +++
>>> .../AARCH64-GCC/crypto/sha/sha1-armv8.S | 1211 ++++
>>> .../AARCH64-GCC/crypto/sha/sha256-armv8.S | 2051 ++++++
>>> .../AARCH64-GCC/crypto/sha/sha512-armv8.S | 1606 +++++
>>> .../Library/OpensslLib/OpensslLibAccel.inf | 642 +-
>>> .../OpensslLib/OpensslLibFullAccel.inf | 691 +-
>>> .../OpensslLib/OpensslStub/AArch64Cap.c | 107 +
>>> CryptoPkg/Library/OpensslLib/UefiAsm.conf | 6 +
>>> CryptoPkg/Library/OpensslLib/configure.py | 5 +-
>>> CryptoPkg/Readme.md | 14 +-
>>> MdePkg/Include/Library/BaseLib.h | 86 +
>>> .../BaseLib/AArch64/ArmReadCntPctReg.S | 30 +
>>> .../BaseLib/AArch64/ArmReadCntPctReg.asm | 30 +
>>> .../AArch64/ArmReadIdAA64Isar0Reg.S} | 10 +-
>>> .../AArch64/ArmReadIdAA64Isar0Reg.asm} | 10 +-
>>> MdePkg/Library/BaseLib/BaseLib.inf | 6 +-
>>> MdePkg/Library/BaseRngLib/AArch64/ArmRng.h | 12 -
>>> MdePkg/Library/BaseRngLib/AArch64/Rndr.c | 14 +-
>>> MdePkg/Library/BaseRngLib/BaseRngLib.inf | 2 -
>>> 27 files changed, 25320 insertions(+), 57 deletions(-) create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/aes/aesv8-armx.S
>>> create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/aes/vpaes-armv8.S
>>> create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/arm64cpuid.S
>>> create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/bn/armv8-mont.S
>>> create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/ec/ecp_nistz256-armv8.S
>>> create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/modes/aes-gcm-armv8_64.S
>>> create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/modes/ghashv8-armx.S
>>> create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/sha/keccak1600-armv8.S
>>> create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/sha/sha1-armv8.S
>>> create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/sha/sha256-armv8.S
>>> create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/sha/sha512-armv8.S
>>> create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/AArch64Cap.c
>>> create mode 100644 MdePkg/Library/BaseLib/AArch64/ArmReadCntPctReg.S
>>> create mode 100644 MdePkg/Library/BaseLib/AArch64/ArmReadCntPctReg.asm
>>> rename MdePkg/Library/{BaseRngLib/AArch64/ArmReadIdIsar0.S => BaseLib/AArch64/ArmReadIdAA64Isar0Reg.S} (70%) rename MdePkg/Library/{BaseRngLib/AArch64/ArmReadIdIsar0.asm => BaseLib/AArch64/ArmReadIdAA64Isar0Reg.asm} (72%)
>>>
>>> --
>>> 2.25.1
>>>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110919): https://edk2.groups.io/g/devel/message/110919
Mute This Topic: https://groups.io/mt/102342394/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
prev parent reply other threads:[~2023-11-08 16:19 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-02 13:54 [edk2-devel] [PATCH v1 0/7] CryptoPkg: Enable Openssl native instruction support for AARCH64 PierreGondois
2023-11-02 13:54 ` [edk2-devel] [PATCH v1 1/7] MdePkg/BaseLib: AARCH64: Add ArmReadCntPctReg() PierreGondois
2023-11-02 13:54 ` [edk2-devel] [PATCH v1 2/7] MdePkg/BaseLib: AARCH64: Add ArmReadIdAA64Isar0Reg() PierreGondois
2023-11-02 13:54 ` [edk2-devel] [PATCH v1 3/7] MdePkg/BaseRngLib: Prefer ArmReadIdAA64Isar0Reg() over ArmReadIdIsar0() PierreGondois
2023-11-02 13:54 ` [edk2-devel] [PATCH v1 4/7] CryptoPkg/OpensslLib: Add native instruction support for AARCH64 PierreGondois
2023-11-02 13:54 ` [edk2-devel] [PATCH v1 5/7] CryptoPkg/OpensslLib: Generate files for AARCH64 native support PierreGondois
2023-11-02 13:54 ` [edk2-devel] [PATCH v1 6/7] CryptoPkg/OpensslLib: Add AArch64Cap for arch specific hooks PierreGondois
2023-11-07 9:21 ` Gerd Hoffmann
2023-11-08 14:40 ` PierreGondois
2023-11-02 13:54 ` [edk2-devel] [PATCH v1 7/7] CryptoPkg: Enable Openssl Accel builds for AARCH64 PierreGondois
2023-11-07 2:38 ` [edk2-devel] [PATCH v1 0/7] CryptoPkg: Enable Openssl native instruction support " Li, Yi
2023-11-07 2:57 ` Yao, Jiewen
2023-11-08 14:39 ` PierreGondois
2023-11-08 15:03 ` Ard Biesheuvel
2023-11-08 16:19 ` PierreGondois [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1a6b36af-caa3-48e3-af75-1b38c5b8418f@arm.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox