From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-136255-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1S7Wy7-0007zd-Bc
	for garchives@archives.gentoo.org; Tue, 13 Mar 2012 19:01:11 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 901CBE097B;
	Tue, 13 Mar 2012 19:00:47 +0000 (UTC)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25])
	by pigeon.gentoo.org (Postfix) with ESMTP id 6FD06E0980
	for <gentoo-user@lists.gentoo.org>; Tue, 13 Mar 2012 18:59:03 +0000 (UTC)
Received: from compute5.internal (compute5.nyi.mail.srv.osa [10.202.2.45])
	by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 2DD9320CB3
	for <gentoo-user@lists.gentoo.org>; Tue, 13 Mar 2012 14:59:03 -0400 (EDT)
Received: from frontend2.nyi.mail.srv.osa ([10.202.2.161])
  by compute5.internal (MEProxy); Tue, 13 Mar 2012 14:59:03 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=binarywings.net;
	 h=message-id:date:from:mime-version:to:subject:references
	:in-reply-to:content-type; s=mesmtp; bh=fJvF2HeAG8RdvrOqcYdkp2zY
	BVc=; b=o3msdNqPI79CYzy5SJwR0oGb8eXiBFjwmbznU6mqyVtvGx6KkMH4MV2h
	psSiJIUVULJVctS4TTEi9P/Et0wynSvZRhcD34UElOcLqfPONSjPBVDKbbcuoK8r
	X8PvKI90vK0qucHZOxEm/Cdrntgpx9wPTB2DS78k5BbvxFIXG30=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
	messagingengine.com; h=message-id:date:from:mime-version:to
	:subject:references:in-reply-to:content-type; s=smtpout; bh=fJvF
	2HeAG8RdvrOqcYdkp2zYBVc=; b=G7oZZSbRoAGevOourt1XVKt/KM2Nv1c4NHYr
	sdqRPo2lchOQtBGbJ4jksOZZsicqkvpUfJrE7gIcUhDfSKwfVS92C44M2/+3dRWv
	H4MME3RZmnFZBi9hPt88Z415owKJdGxhf8UhenBDOcnXszJa9/xTko1rLXbXn1JN
	U+WfIYc=
X-Sasl-enc: j7ttYfwIhES3Zofr6j7YIkFyfRXCFV0ISd8Gx4O7qMdv 1331665142
Received: from [192.168.5.18] (serv.binarywings.net [83.169.5.6])
	by mail.messagingengine.com (Postfix) with ESMTPSA id E39124824EE
	for <gentoo-user@lists.gentoo.org>; Tue, 13 Mar 2012 14:59:01 -0400 (EDT)
Message-ID: <4F5F98EF.6050704@binarywings.net>
Date: Tue, 13 Mar 2012 19:58:55 +0100
From: Florian Philipp <lists@binarywings.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.1) Gecko/20120303 Thunderbird/10.0.1
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] hard drive encryption
References: <4F5CC6F5.6020303@gmail.com> <4F5CEF0D.5050801@binarywings.net> <4F5F35C1.8070301@gmail.com> <4F5F71C3.6070206@binarywings.net> <20120313174555.GA15334@eisen.lan> <4F5F8CC3.7070402@binarywings.net> <CA+czFiCcDMz7nMhfabGL6iRL4ecd+cxWdhu3ZeGSQeJf_MKM1Q@mail.gmail.com>
In-Reply-To: <CA+czFiCcDMz7nMhfabGL6iRL4ecd+cxWdhu3ZeGSQeJf_MKM1Q@mail.gmail.com>
X-Enigmail-Version: 1.3.5
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="------------enigA4D4C42DB3C40201D513D738"
X-Archives-Salt: 92241c44-a04f-4c86-92c6-22d48881588e
X-Archives-Hash: 3fee7b0788da385665c6e25a94b80d6d

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigA4D4C42DB3C40201D513D738
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Am 13.03.2012 19:18, schrieb Michael Mol:
> On Tue, Mar 13, 2012 at 2:06 PM, Florian Philipp <lists@binarywings.net=
> wrote:
>> Am 13.03.2012 18:45, schrieb Frank Steinmetzger:
>>> On Tue, Mar 13, 2012 at 05:11:47PM +0100, Florian Philipp wrote:
>>>
>>>>> Since I am planning to encrypt only home/ under LVM control, what k=
ind
>>>>> of overhead should I expect?
>>>>
>>>> What do you mean with overhead? CPU utilization? In that case the
>>>> overhead is minimal, especially when you run a 64-bit kernel with th=
e
>>>> optimized AES kernel module.
>>>
>>> Speaking of that...
>>> I always wondered what the exact difference was between AES and AES i=
586. I
>>> can gather myself that it's about optimisation for a specific archite=
cture.
>>> But which one would be best for my i686 Core 2 Duo?
>>
>> From what I can see in the kernel sources, there is a generic AES
>> implementation using nothing but portable C code and then there is
>> "aes-i586" assembler code with "aes_glue" C code.
>=20
>=20
>> So I assume the i586
>> version is better for you --- unless GCC suddenly got a lot better at
>> optimizing code.
>=20
> Since when, exactly? GCC isn't the best compiler at optimization, but
> I fully expect current versions to produce better code for x86-64 than
> hand-tuned i586. Wider registers, more registers, crypto acceleration
> instructions and SIMD instructions are all very nice to have. I don't
> know the specifics of AES, though, or what kind of crypto algorithm it
> is, so it's entirely possible that one can't effectively parallelize
> it except in some relatively unique circumstances.
>=20

One sec. We are talking about an Core2 Duo running in 32bit mode, right?
That's what the i686 reference in the question meant --- or at least,
that's what I assumed.

If we talk about 32bit mode, none of what you describe is available.
Those additional registers and instructions are not accessible with i686
instructions. A Core 2 also has no AES instructions.

Of course, GCC could make use of what it knows about the CPU, like
number of parallel pipelines, pipeline depth, cache size, instructions
added in i686 and so on. But even then I doubt it can outperform
hand-tuned assembler, even if it is for a slightly older instruction set.=


If instead we are talking about an Core 2 Duo running in x86_64 mode, we
should be talking about the aes-x86_64 module instead of the aes-i586
module and that makes use of the complete instruction set of the Core 2,
including SSE2.

Regards,
Florian Philipp


--------------enigA4D4C42DB3C40201D513D738
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk9fmPMACgkQqs4uOUlOuU/4UgCeMfVTIW3GvNAkdXzBlk/0s4VO
n/wAnR9XvhrAY9zXvVN9+zVbuwyx7h4v
=sIVp
-----END PGP SIGNATURE-----

--------------enigA4D4C42DB3C40201D513D738--