hubertf's NetBSD Blog
Send interesting links to hubert at feyrer dot de!
[20100113] Hardware crypto with Geode LX based ALIX board
I'm using an Alix 2d13 machine as home router for quite some time now - uptime was 158 days today. The board has a 500MHz AMD Geode LX800 CPU, which can do AES crypto in hardware. Today, I've found time to play with the glxsb(4) driver, and get some numbers:

The 'numbers' are in 1000s of bytes per second processed.
crypto   type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
sw       aes-128-cbc       3583.29k     3931.51k     4037.32k     8113.75k     8205.61k
hw       aes-128-cbc       1200.70k     4470.18k    11729.65k    17328.05k    34006.33k
The command "openssl speed -evp aes-128-cbc -elapsed" was ran each time, in the first case with glxsb(4) disabled (boot -c, disable glxsb), in the second case with the driver enabled.

Still, I find those numbers interesting in comparison to those of a Soekris 5501, esp. as the machines have the same CPU & clock rate.

I couldn't find a way to switch use of hardware crypto off in software, anyone got a hint? openssl(1)'s "-engine cryptodev" seems to always use hardware crypto when it's there, and leaving out that switch uses the same engine, so no difference. I've found a few sysctls under kern.*, but apparently none seems relevant to my goal (not to speak of the lack of documentation...)

[Tags: , , , ]

Disclaimer: All opinion expressed here is purely my own. No responsibility is taken for anything.

Access count: 27787854
Copyright (c) Hubert Feyrer