On Fri, 14 Sep 2018 at 02:12, Lev Serebryakov <lev_at_freebsd.org> wrote: > > Hello John, > > Friday, September 14, 2018, 1:44:13 AM, you wrote: > > >> % grep aesni ~/nanobsd/gatevay.v3/J3160 > >> device aesni > > > From my understanding of the OpenSSL code, it doesn't use the kernel driver > > at all (the kernel driver is only needed for in-kernel crypto such as IPSec > > or GELI). > It is my understanding too. > > > AESNI are just instructions that can be used in userland, and > > OpenSSL's AESNI acceleration is purely different routines in userland. > > I would verify if AESNI shows up in the CPU features in dmesg first (if it > > doesn't I'd check for a BIOS option disabling it). > It is enabled. It is used for sure by openssl 1.1.0 on Linux and bu openssl 1.1.1 > on FreeBSD, but not by openssl 1.0.2 and 1.1.0 on FreeBSD. Problem is, > openssl 1.1.1 is not used by anything on FreeBSD (yet) and almost > everything uses system (1.0.2) and only some other ports could use 1.1.0 > from ports. > > -- > Best regards, > Lev mailto:lev_at_FreeBSD.org > Could it be relevant that the Debian binary was probably compiled with gcc, and the FreeBSD binary with clang? This seems like the sort of code that plausibly could bring out some compiler corner cases. (It's weird that 1.1.1 is fine, though.) -- Daniel NebdalReceived on Mon Sep 17 2018 - 06:31:51 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:18 UTC