Some add. IBM info:
---Problem Description---
The openssl s390x assembly code is not available, causing a fallback to openssl
internal C-code. The performance degradation is up to a factor 4 for asymmetric
(RSA, ...) and a factor >10 for symmetric cipher like SHA & AES.
Contact Information = bastian.pfei...@de.ibm.com
---uname output---
4.4.0-28-generic #47-Ubuntu SMP Fri Jun 24 10:14:29 UTC 2016 s390x s390x s390x
GNU/Linux
Machine Type = 2964, 701
---Debugger---
A debugger is not configured
---Steps to Reproduce---
#Run a benchmark
openssl speed sha1
#Check if CPACF was used
cpacfstatsd
cpacfstats
Userspace tool common name: OpenSSL 1.0.2g-fips 1 Mar 2016
The userspace tool has the following bit modes: 64-bit
Userspace rpm: OpenSSL 1.0.2g-fips 1 Mar 2016
Userspace tool obtained from project website: na
*Additional Instructions for bastian.pfei...@de.ibm.com:
-Attach ltrace and strace of userspace application.
To me it seems the following compiler flags
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM
-DSHA512_ASM -DAES_ASM -DAES_CTR_ASM -DAES_XTS_ASM -DGHASH_ASM
are completely missing. Probably openssl was configured with the 'no-
asm' option. This option, for example, is applied for s390 as defined in
the openssl Configure file.
"debian-s390","gcc:-DB_ENDIAN
${debian_cflags}::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_INT
DES_UNROLL:${no_asm}:dlfcn:linux-
shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debian-s390x","gcc:-DB_ENDIAN
${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK
DES_INT
DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-------
Its the same code as in bug IBM140645(LP1601836), right, where I report
performance improvements using modified s390x code already upstream on openssl
github. Tested by a locally installed openssl source package.
The issue reported here says that the s390x CPACF assembly code is not
configured into the openssl build of Ubuntu at all and thus is not
available in openssl client/server workloads; a fallback to very slow
C-code is the result.
Probably, just some compiler flags are missing ...
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1601836
Title:
Openssl libcrypto performance issue
Status in OpenSSL:
New
Status in Ubuntu on IBM z Systems:
New
Status in openssl package in Ubuntu:
New
Bug description:
== Comment: #0 - Bastian Pfeifer <bastian.pfei...@de.ibm.com> - 2016-04-22
03:37:03 ==
---Problem Description---
Performance problem with s390x assembly code in the openssl libcrypto library:
CPACF functions such as SHA, AES ... queries the CPACF facility bits too
often.
Problematic code can be found here:
https://github.com/openssl/openssl/blob/master/crypto/sha/asm/sha1-s390x.pl
What happens is that for every e.g SHA1 call the code first tests if
the HW function is available. That's the case for all the CPACF
functions.
However what the lib should do is to query only once, safe the value
and then use the function. The problem is that the Hipervisor in
certain scenarios is required to intercept the query instructions,
which makes this really expensive.
Contact Information = bastian.pfei...@de.ibm.com
---uname output---
4.4.0-18-generic #34-Ubuntu SMP
Machine Type = 2964, 701 NC9
---Debugger---
A debugger is not configured
---Steps to Reproduce---
n/a
Userspace tool common name: OpenSSL
The userspace tool has the following bit modes: 64-bit
Userspace rpm: OpenSSL 1.0.2g 1 Mar 2016
Userspace tool obtained from project website: na
*Additional Instructions for bastian.pfei...@de.ibm.com:
-Attach ltrace and strace of userspace application.
== Comment: #8 - Bastian Pfeifer <bastian.pfei...@de.ibm.com> - 2016-06-02
07:05:00 ==
We performed tests on the new SHA,AES and GHASH code and report performance
improvements especially for SHA (up to 20%).
Here are the links to the new s390x assembly code which should be used
to create patches for the UBUNTU specific openssl versions.
1)
https://github.com/openssl/openssl/blob/master/crypto/s390xcpuid.S
2)
https://github.com/openssl/openssl/blob/master/crypto/s390xcap.c
3)
https://github.com/openssl/openssl/blob/master/crypto/sha/asm/sha1-s390x.pl
4)
https://github.com/openssl/openssl/blob/master/crypto/sha/asm/sha512-s390x.pl
5)
https://github.com/openssl/openssl/blob/master/crypto/aes/asm/aes-s390x.pl
6)
https://github.com/openssl/openssl/blob/master/crypto/modes/asm/ghash-s390x.pl
In case of AES I was forced to change the following code in aes-
s390x.pl
.globl AES_set_decrypt_key
.type AES_set_decrypt_key,\@function
goes to
.globl private_AES_set_decrypt_key
.type private_AES_set_decrypt_key,\@function
This was done for 'AES_set_encrypt_key as well; to be consistent with
the openssl code which comes with UBUNTU. For my performance tests
this worked properly and I checked the CPACF counter with the tool
'cpacfstats'.
To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1601836/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
