Closed Bug 706024 Opened 14 years ago Closed 13 years ago

AES-NI enhancements to NSS on Sandy Bridge systems

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Version:
3.13
Platform:
x86_64
All
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: aleksey.v.ignatenko, Unassigned)

Details

(Keywords: perf)

Attachments

(3 files)

Enhancement patch
66.42 KB, patch
rrelyea
: review+
Details | Diff | Splinter Review
Micro benchmark
6.15 KB, text/plain
Details
howto
1.88 KB, text/plain
Details
In Sandy Bridge, the AES round instructions have a throughput of one cycle and latency of eight cycles. Compared to the Westmere, where these instructions have throughput of two cycles and a latency of six cycles, Sandy Bridge offers a two fold increase in the throughput, with some additional latency. As a result, the AES encryption/decryption throughput can be significantly increased, for parallel modes of operation (Intel® 64 and IA-32 Architectures Optimization Reference Manual, page 310, paragraph 2). In NSS, parallel mode is already implemented for eight blocks (it's optimum). But without loop unrolling, which also can increase results for CBC decrypt and ECB encrypt/decrypt for various key sizes. The bug contains implementation of unrolled version of CBC decrypt and ECB encrypt/decrypt. Platforms: Sandy Bridge (RHEL 6, gcc 4.4.4), Westmere (RHEL 5.5, gcc 4.1.2). NSS: Mozilla nss 3.12.11 with nspr 4.8.9. JDK: b147-x64. Microbenchmark: written on Java // warmup: 2 minutes; iteration: 3 minutes; score = number of operations (CBC decrypt, ECB decrypt or ECB encrypt) / time iteration [ops/m]. Testing results: the results show performance improve on Sandy Bridge: Ratio Unrolled/Original on 1 thread Cipher/Key_Size 128-bit 192-bit 256-bit CBC decrypt 1.238 1.247 1.297 ECB decrypt 1.280 1.320 1.300 ECB encrypt 1.185 1.212 1.165 Ratio Unrolled/Original on 4 threads Cipher/Key Size 128-bit 192-bit 256-bit CBC decrypt 1.201 1.242 1.277 ECB decrypt 1.228 1.293 1.269 ECB encrypt 1.160 1.170 1.151 There is no performance impact on Westmere platform. Micro benchmark, intel-aes.s patch with loop unrolling and howto in attach.
Attached file Micro benchmark
Attached file howto
Keywords: perf
Link to Optimization Notice http://software.intel.com/en-us/articles/optimization-notice
Version: 3.12.11 → 3.13
Status: UNCONFIRMED → NEW
Ever confirmed: true
Who needs to review this to move this along? Any interdependency with bug 540986?
The enhancement proposed in this bug is for Linux only, #540986 is a port to Windows and seems not to be related to Linux intel-aes implementation.
Attachment #577519 - Attachment is patch: true
Attachment #577519 - Flags: review?(rrelyea)
Comment on attachment 577519 [details] [diff] [review] Enhancement patch r+ rrelyea
Attachment #577519 - Flags: review?(rrelyea) → review+
Patch applied in the trunk: revision 1.7 date: 2012/05/03 00:51:37; author: emaldona%redhat.com; state: Exp; lines: +1011 -159 Bug 706024 - AES-NI enhancements to NSS on Sandy Bridge system, author=aleksey.v.ignatenko@intel.com, r=rrelyea
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: