Bug 13008 - smbd does not use the Intel AES instruction set for signing and encryption.
smbd does not use the Intel AES instruction set for signing and encryption.
Status: RESOLVED FIXED
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services
unspecified
All All
: P5 normal
: ---
Assigned To: Karolin Seeger
Samba QA Contact
:
: 11286 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-08-31 18:27 UTC by Jeremy Allison
Modified: 2017-09-21 16:06 UTC (History)
4 users (show)

See Also:


Attachments
Original patch from Justin. (94.74 KB, patch)
2017-08-31 18:29 UTC, Jeremy Allison
no flags Details
git-am fix for master. (99.73 KB, patch)
2017-08-31 19:49 UTC, Jeremy Allison
no flags Details
git-am fix for master (99.73 KB, patch)
2017-08-31 20:10 UTC, Jeremy Allison
no flags Details
git-am fix for master (99.80 KB, patch)
2017-08-31 22:26 UTC, Jeremy Allison
no flags Details
git-am fix for master (3.97 KB, patch)
2017-09-01 19:02 UTC, Jeremy Allison
no flags Details
Slightly improved git-am fix for master (3.98 KB, patch)
2017-09-01 19:45 UTC, Jeremy Allison
no flags Details
git am fix allowing configure-time selectable AES cryto. (107.89 KB, patch)
2017-09-06 00:01 UTC, Jeremy Allison
no flags Details
git-am fix allowing configure time switch between AES implementations. (111.25 KB, patch)
2017-09-06 00:04 UTC, Jeremy Allison
no flags Details
Latest version submitted to master. (108.30 KB, patch)
2017-09-06 20:28 UTC, Jeremy Allison
no flags Details
git-am cherry-pick from master. (109.27 KB, patch)
2017-09-07 17:23 UTC, Jeremy Allison
metze: review+
jra: review? (asn)
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Jeremy Allison 2017-08-31 18:27:35 UTC
This means we are much slower than we should be on traffic using signing or sealing.
Comment 1 Jeremy Allison 2017-08-31 18:29:05 UTC
Created attachment 13524 [details]
Original patch from Justin.

I've modified this, but for the record.
Comment 2 Jeremy Allison 2017-08-31 19:49:28 UTC
Created attachment 13525 [details]
git-am fix for master.

Should back-port cleanly to 4.7.0.
Comment 3 Jeremy Allison 2017-08-31 20:10:22 UTC
Created attachment 13526 [details]
git-am fix for master

Fix typo in non-AES-ni code path (struct struct doesn't work :-).
Comment 4 Justin Maggard 2017-08-31 22:19:33 UTC
This wasn't in my original patch, but I think we'll need this or non-x86 platforms:

diff --git a/third_party/aesni-intel/wscript b/third_party/aesni-intel/wscript
index 151892f6889..ee7be031fd0 100644
--- a/third_party/aesni-intel/wscript
+++ b/third_party/aesni-intel/wscript
@@ -5,6 +5,9 @@ def configure(conf):
                conf.DEFINE('HAVE_AESNI_INTEL', 1)
 
 def build(bld):
+    if not bld.CONFIG_SET('HAVE_AESNI_INTEL'):
+        return
+
     bld.SAMBA_LIBRARY('aesni-intel',
                       source='aesni-intel_asm.c',
                       cflags='-Wp,-E,-lang-asm',
Comment 5 Jeremy Allison 2017-08-31 22:26:22 UTC
Created attachment 13527 [details]
git-am fix for master

Updated patch containing Justin's fix for non-x86 systems.
Comment 6 Jeremy Allison 2017-09-01 19:02:16 UTC
Created attachment 13528 [details]
git-am fix for master

So this is the version requested by Andreas, based on Metze's patch here:

https://git.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=3759eb23b38c

that calls into libnettle.

Can you check it provides the same effects as directly calling the Intel AESNI instructions ?

Cheers,

Jeremy.
Comment 7 Jeremy Allison 2017-09-01 19:45:35 UTC
Created attachment 13529 [details]
Slightly improved git-am fix for master

Updated lib/crypto/wscript_configure to check for nettle/memxor.h as well as nettle/aes.h
Comment 8 Jeremy Allison 2017-09-06 00:01:49 UTC
Created attachment 13549 [details]
git am fix allowing configure-time selectable AES cryto.
Comment 9 Jeremy Allison 2017-09-06 00:03:23 UTC
Comment on attachment 13549 [details]
git am fix allowing configure-time selectable AES cryto.

Incorrect patch uploaded - sorry.
Comment 10 Jeremy Allison 2017-09-06 00:04:50 UTC
Created attachment 13550 [details]
git-am fix allowing configure time switch between AES implementations.
Comment 11 Jeremy Allison 2017-09-06 20:28:11 UTC
Created attachment 13552 [details]
Latest version submitted to master.
Comment 12 Justin Maggard 2017-09-06 22:59:41 UTC
Comment on attachment 13552 [details]
Latest version submitted to master.

I ran a couple quick tests and it's working well. I don't see a place to add a + to the review, but LGTM.
Comment 13 Jeremy Allison 2017-09-07 17:23:28 UTC
Created attachment 13557 [details]
git-am cherry-pick from master.

I think we should only back-port this to 4.7.
Comment 14 Karolin Seeger 2017-09-10 13:36:59 UTC
(In reply to Jeremy Allison from comment #13)
Pushed to autobuild-v4-7-test.
Comment 15 Karolin Seeger 2017-09-11 16:15:48 UTC
Pushed to v4-7-test.
Closing out bug report.

Thanks!
Comment 16 Björn Jacke 2017-09-21 07:24:52 UTC
*** Bug 11286 has been marked as a duplicate of this bug. ***
Comment 17 Björn Jacke 2017-09-21 07:32:10 UTC
AFAIK the AES-NI instructions are also supported in 32-bit mode of the CPUs (I know 32bit is quite old-fashioned these days :). Is the aes-ni code 64bit specific or could we allow the same also for i?68 architecture systems maybe?
Comment 18 Jeremy Allison 2017-09-21 16:06:46 UTC
(In reply to Björn Jacke from comment #17)

I don't have an x86 32-bit test environment, so someone with access to that will need to test if it can work.