From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+110915+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id D1A699414D2
	for <rebecca@openfw.io>; Wed,  8 Nov 2023 14:39:23 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=UICxY/nd/vf/hdOS7OD8aVL+WBmtjUWqW22+7PFD470=;
 c=relaxed/simple; d=groups.io;
 h=Message-ID:Date:MIME-Version:User-Agent:Subject:To:Cc:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding;
 s=20140610; t=1699454362; v=1;
 b=rkMYsUnrkMP6+YDFiMl3j1AsRZ2X48RohG9qzSCbhcaEJzS5UliLmjLckRqFhG+JTJgNB5Q9
 R6PKOHF6RXv8GRqFOFmR4Ss0DWCY5LjDoYkUMn94k7WHDrn1GaTY929BG1OrRFWw5fGCp1EUNxD
 1JnVgONDC/wQqfbBryd7x9Z8=
X-Received: by 127.0.0.2 with SMTP id PQMPYY7687511x1vCO3KbWTE; Wed, 08 Nov 2023 06:39:22 -0800
X-Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web11.15358.1699454361589557433
 for <devel@edk2.groups.io>;
 Wed, 08 Nov 2023 06:39:21 -0800
X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 945E71477;
	Wed,  8 Nov 2023 06:40:05 -0800 (PST)
X-Received: from [10.34.100.114] (unknown [10.34.100.114])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id D35C43F64C;
	Wed,  8 Nov 2023 06:39:19 -0800 (PST)
Message-ID: <28adea97-b7ae-4f2e-96bb-a115806966d5@arm.com>
Date: Wed, 8 Nov 2023 15:39:04 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [edk2-devel] [PATCH v1 0/7] CryptoPkg: Enable Openssl native instruction support for AARCH64
To: "Li, Yi1" <yi1.li@intel.com>, "devel@edk2.groups.io"
 <devel@edk2.groups.io>
Cc: "Yao, Jiewen" <jiewen.yao@intel.com>, "Lu, Xiaoyu1"
 <xiaoyu1.lu@intel.com>, "Jiang, Guomin" <guomin.jiang@intel.com>,
 Leif Lindholm <quic_llindhol@quicinc.com>,
 Ard Biesheuvel <ardb+tianocore@kernel.org>,
 Sami Mujawar <sami.mujawar@arm.com>, Gerd Hoffmann <kraxel@redhat.com>
References: <20231102135417.336334-1-pierre.gondois@arm.com>
 <SJ1PR11MB622717EAE57CE98DC7135866C5A9A@SJ1PR11MB6227.namprd11.prod.outlook.com>
From: "PierreGondois" <pierre.gondois@arm.com>
In-Reply-To: <SJ1PR11MB622717EAE57CE98DC7135866C5A9A@SJ1PR11MB6227.namprd11.prod.outlook.com>
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,pierre.gondois@arm.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: 6V4VZT3LZ2yYLNDZXf8EbV4qx7686176AA=
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=rkMYsUnr;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=arm.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

Hello Yi,

The tests run are based on the TestBaseCryptLibShell module.
Each test is run 100 times, then the first 5 values
(considered as warmup) are removed.

The NoAccel column relies on the OpensslLibFull implementation,
the Accel column relies on the OpensslLibFullAccel implementation.
The 'Improvement' column is computed as:
   100 * ('Accel (ns)' - 'NoAccel (ns)') / 'NoAccel (ns)'

The std deviation of the TestVerifyDhGenerateKey is big.
It is due to [1] being called with the 'safe' parameter set, leading
to the prime number taking more time to generate. It requires ~10
iterations when safe=3Dfalse, ~1000 iterations when safe=3Dtrue.

The test was run on a Juno-r2. The native Openssl implementation makes
use of the following features (cf. [2]):
  - ARMV7_NEON
  - ARMV8_AES
  - ARMV8_SHA1
  - ARMV8_SHA256
and misses:
  - ARMV8_PMULL
  - ARMV8_SHA512

[1] CryptoPkg/Library/OpensslLib/openssl/crypto/bn/bn_prime.c:BN_generate_p=
rime_ex2()
[2] CryptoPkg/Library/OpensslLib/openssl/crypto/arm_arch.h

| TestName            |   NoAccel (ns) |   NoAccel std |   Accel (ns) |   A=
ccel std |   Improvement |
|:--------------------|---------------:|--------------:|-------------:|----=
--------:|--------------:|
| mPkcs7EkuTest       |       14883462 |         16175 |     14777782 |    =
   28099 |      -0.71005 |
| mAeadAesGcmTest     |         137082 |          1937 |       116010 |    =
     722 |     -15.3718  |
| mBlockCipherTest    |           7390 |            85 |         7192 |    =
     189 |      -2.6793  |
| mAuthenticodeTest   |       71440889 |       3150754 |     64153427 |    =
 1525259 |     -10.2007  |
| mBnTest             |         755820 |         55968 |       730951 |    =
   65075 |      -3.29033 |
| mDhTest             |     3625850738 |    3194665276 |   2585215827 |  23=
94541660 |     -28.7004  |
| mEcTest             |       24661474 |        187448 |     23480124 |    =
  174758 |      -4.79027 |
| mHkdfTest           |        1013338 |          4648 |       903299 |    =
    7193 |     -10.8591  |
| mHmacTest           |         250284 |         35322 |       213063 |    =
   36323 |     -14.8715  |
| mImageTimestampTest |       14674681 |         87409 |     11877127 |    =
   20965 |     -19.0638  |
| mOaepTest           |       25750532 |        100301 |     18066871 |    =
   40274 |     -29.8388  |
| mPkcs5Test          |         174126 |          1537 |       151554 |    =
    2287 |     -12.963   |
| mPkcs7Test          |       28141988 |         62781 |     25136968 |    =
   59675 |     -10.6781  |
| mPrngTest           |         750055 |          3376 |       451404 |    =
    4437 |     -39.8172  |
| mRsaCertTest        |       38935884 |         90999 |     36458419 |    =
   97471 |      -6.36294 |
| mRsaTest            |       22441717 |         61863 |     16673925 |    =
   58522 |     -25.7012  |
| mRsaPssTest         |      142031418 |        131585 |     98656708 |    =
  110644 |     -30.5388  |
| mHashTest           |          22383 |          6507 |        17628 |    =
    7553 |     -21.2438  |
| mX509Test           |       53441738 |         90749 |     51609184 |    =
  184683 |      -3.42907 |

Regards,
Pierre

On 11/7/23 03:38, Li, Yi1 wrote:
> Hi Pierre,
>=20
> Could you share what tests you did and the test results?
>=20
> Regards,
> Yi
>=20
> -----Original Message-----
> From: Pierre Gondois <pierre.gondois@arm.com>
> Sent: Thursday, November 2, 2023 9:54 PM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Li, Yi1 <yi1.li@intel.com>; Lu, X=
iaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Leif=
 Lindholm <quic_llindhol@quicinc.com>; Ard Biesheuvel <ardb+tianocore@kerne=
l.org>; Sami Mujawar <sami.mujawar@arm.com>; Gerd Hoffmann <kraxel@redhat.c=
om>
> Subject: [PATCH v1 0/7] CryptoPkg: Enable Openssl native instruction supp=
ort for AARCH64
>=20
> Various OpensslLib implementations are available in edk2. The OpensslLibA=
ccel.inf and OpensslLibFullAccel.inf ones use architecture specific instruc=
tions, e.g. AESE, PMULL, SHA256H, ..., allowing to improve speed.
>=20
> Enable support for Aarch64's native instructions:
> - Add ArmReadCntPctReg() and ArmReadIdAA64Isar0Reg() to
>    Aarch64's BaseLib.
> - Generate Aarch64's specific Openssl functions.
> - Add a OpensslStub/AArch64Cap.c file to allow Openssl
>    to probe Aarch64 native instruction support.
>=20
> This patch-set only enable support for GCC for now (MSFT support not adde=
d).
>=20
> Pierre Gondois (7):
>    MdePkg/BaseLib: AARCH64: Add ArmReadCntPctReg()
>    MdePkg/BaseLib: AARCH64: Add ArmReadIdAA64Isar0Reg()
>    MdePkg/BaseRngLib: Prefer ArmReadIdAA64Isar0Reg() over
>      ArmReadIdIsar0()
>    CryptoPkg/OpensslLib: Add native instruction support for AARCH64
>    CryptoPkg/OpensslLib: Generate files for AARCH64 native support
>    CryptoPkg/OpensslLib: Add AArch64Cap for arch specific hooks
>    CryptoPkg: Enable Openssl Accel builds for AARCH64
>=20
>   CryptoPkg/CryptoPkg.dsc                       |   23 +-
>   .../AARCH64-GCC/crypto/aes/aesv8-armx.S       | 3180 ++++++++
>   .../AARCH64-GCC/crypto/aes/vpaes-armv8.S      | 1196 +++
>   .../AARCH64-GCC/crypto/arm64cpuid.S           |  129 +
>   .../AARCH64-GCC/crypto/bn/armv8-mont.S        | 2124 ++++++
>   .../crypto/ec/ecp_nistz256-armv8.S            | 4242 +++++++++++
>   .../crypto/modes/aes-gcm-armv8_64.S           | 6389 +++++++++++++++++
>   .../AARCH64-GCC/crypto/modes/ghashv8-armx.S   |  552 ++
>   .../AARCH64-GCC/crypto/sha/keccak1600-armv8.S | 1009 +++
>   .../AARCH64-GCC/crypto/sha/sha1-armv8.S       | 1211 ++++
>   .../AARCH64-GCC/crypto/sha/sha256-armv8.S     | 2051 ++++++
>   .../AARCH64-GCC/crypto/sha/sha512-armv8.S     | 1606 +++++
>   .../Library/OpensslLib/OpensslLibAccel.inf    |  642 +-
>   .../OpensslLib/OpensslLibFullAccel.inf        |  691 +-
>   .../OpensslLib/OpensslStub/AArch64Cap.c       |  107 +
>   CryptoPkg/Library/OpensslLib/UefiAsm.conf     |    6 +
>   CryptoPkg/Library/OpensslLib/configure.py     |    5 +-
>   CryptoPkg/Readme.md                           |   14 +-
>   MdePkg/Include/Library/BaseLib.h              |   86 +
>   .../BaseLib/AArch64/ArmReadCntPctReg.S        |   30 +
>   .../BaseLib/AArch64/ArmReadCntPctReg.asm      |   30 +
>   .../AArch64/ArmReadIdAA64Isar0Reg.S}          |   10 +-
>   .../AArch64/ArmReadIdAA64Isar0Reg.asm}        |   10 +-
>   MdePkg/Library/BaseLib/BaseLib.inf            |    6 +-
>   MdePkg/Library/BaseRngLib/AArch64/ArmRng.h    |   12 -
>   MdePkg/Library/BaseRngLib/AArch64/Rndr.c      |   14 +-
>   MdePkg/Library/BaseRngLib/BaseRngLib.inf      |    2 -
>   27 files changed, 25320 insertions(+), 57 deletions(-)  create mode 100=
644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/crypto/aes/aesv8-ar=
mx.S
>   create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/=
crypto/aes/vpaes-armv8.S
>   create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/=
crypto/arm64cpuid.S
>   create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/=
crypto/bn/armv8-mont.S
>   create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/=
crypto/ec/ecp_nistz256-armv8.S
>   create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/=
crypto/modes/aes-gcm-armv8_64.S
>   create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/=
crypto/modes/ghashv8-armx.S
>   create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/=
crypto/sha/keccak1600-armv8.S
>   create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/=
crypto/sha/sha1-armv8.S
>   create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/=
crypto/sha/sha256-armv8.S
>   create mode 100644 CryptoPkg/Library/OpensslLib/OpensslGen/AARCH64-GCC/=
crypto/sha/sha512-armv8.S
>   create mode 100644 CryptoPkg/Library/OpensslLib/OpensslStub/AArch64Cap.=
c
>   create mode 100644 MdePkg/Library/BaseLib/AArch64/ArmReadCntPctReg.S
>   create mode 100644 MdePkg/Library/BaseLib/AArch64/ArmReadCntPctReg.asm
>   rename MdePkg/Library/{BaseRngLib/AArch64/ArmReadIdIsar0.S =3D> BaseLib=
/AArch64/ArmReadIdAA64Isar0Reg.S} (70%)  rename MdePkg/Library/{BaseRngLib/=
AArch64/ArmReadIdIsar0.asm =3D> BaseLib/AArch64/ArmReadIdAA64Isar0Reg.asm} =
(72%)
>=20
> --
> 2.25.1
>=20


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110915): https://edk2.groups.io/g/devel/message/110915
Mute This Topic: https://groups.io/mt/102342394/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-