Friday, December 22, 2006

encryption speed - Debian vs Fedora

I'm in the process of converting my Fedora/rawhide laptop to Debian.

On Fedora the AES encrypted filesystems deliver about 38MB/s read speed according to dd. On Debian the speed is 2.4MB/s when running Xen and 2.7MB/s when not running Xen. The tests were done on the same block device.

Debian uses a SMP kernel (there are no non-SMP kernels in Debian), but I don't expect this to give an order of magnitude performance drop. Both systems use i686 optimised kernels.

Update: As suggested I replaced the aes module with the aes_586 module. Unfortunately it made no apparent difference.

Update2: As suggested by a comment I checked the drive settings with hdparm and discovered that my hard drive was not using DMA. After I configured the initramfs to load the piix driver first it all started working correctly. Thanks for all the suggestions, I'll post some benchmarks of encryption performance in a future blog entry.

11 comments:

Unknown said...

hdparm/sdparm settings? (More generally, unencrypted performance?)

Anonymous said...

Are you using the i586/i686/x86_64 optimized aes module? I load aes_x86_64 manually instead of allowing it to automatically load the aes module.

Anonymous said...

Make sure to put aes_i586 into /etc/modules and before dm-crypt. And make sure that it is loaded before cryptsetup is run.

Normalle only "aes" is loaded which is an unoptimized version of the same thing. You can check /proc/crypto for the available modules and their usage priority.

Anonymous said...

Thanks for the suggestions about the optimised module. I'll try that as soon as I get home.

If that turns out to be the case then I will file a release-critical bug report about it. I believe that when I installed the 686 kernel package I should have only been provided with a 686 optimised AES module. Given that the kernel would not boot on a 386 there is no reason for using a 386 compatible AES module.

Maybe the aes_686 module should be renamed to aes or there should be a sym-link so that this is kept within the kernel package. If I moved my hard drive to a machine with a different CPU (a common practice in the case of a system being sent for repair) then I should be able to merely install a different kernel package and not be required to edit modules configuration (for the case of non-root encryption) or reconfigure initramfs-tools (for the case of root encryption.


Russell Coker (from work so not signed in)

Anonymous said...

aes_i586 shouldn't cost that much. On a P3M-1133 with a 4200RPM disk, ICH3M controller I see about 8.5 MB/s with the generic aes module (2.6.18-1-686 #1 SMP). The unencrypted disk can do about 25MB/s.

Anonymous said...

I assume you've checked that DMA is enabled.

Anonymous said...

Does Fedora actually encrypt? :-)
Maybe you could check with an encrypted USB stick or so that they're actually doing the same thing.

Anonymous said...

I've just switched to debian as well and had some problems with latncy/performance of the kernel with desktop workloads aswell. I found that recompiling the debian kernel with the following changes helped a lot, though:

- turn off SMP, which enables you to turn on the two local APIC settings (this one might be especially important for you as at last in my case, th default debian kernel did not use lapic (check /proc/interrupts, you want to see only IO-APIC, no entris with something like XT-APIC))
- enable preempt
- switch the timer frequenzy from 250 to 1000 Hz

Anonymous said...

Are you really sure that aes_586 is actually used? Please run "lsmod | grep aes" and make sure that the usage count of aes_586 is the same as the number of encrypted disks you have and the count of "aes" is 0 - if the latter is loaded at all.

Anonymous said...

Your posts have the wrong time, causing them to appear at the top of Planet Debian for a long time, even when other people post after you.

etbe said...

I update the time stamp when I make an update to a post (which is quite rare). Is there any other time issue?