From: Florian Weimer <fweimer@redhat.com>
To: Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>
Cc: libc-alpha@sourceware.org, Yann Droneaud <ydroneaud@opteya.com>
Subject: Re: [PATCH v8 1/9] stdlib: Add arc4random, arc4random_buf, and arc4random_uniform (BZ #4417)
Date: Tue, 12 Jul 2022 19:15:32 +0200 [thread overview]
Message-ID: <87bktus157.fsf@oldenburg.str.redhat.com> (raw)
In-Reply-To: <4172a764-e463-b357-fd1e-b6151a239775@linaro.org> (Adhemerval Zanella Netto's message of "Tue, 12 Jul 2022 13:57:40 -0300")
* Adhemerval Zanella Netto:
>>> +/* arc4random keeps two counters: 'have' is the current valid bytes not yet
>>> + consumed in 'buf' while 'count' is the maximum number of bytes until a
>>> + reseed.
>>> +
>>> + Both the initial seed and reseed try to obtain entropy from the kernel
>>> + and abort the process if none could be obtained.
>>> +
>>> + The state 'buf' improves the usage of the cipher calls, allowing to call
>>> + optimized implementations (if the architecture provides it) and optimize
>>> + arc4random calls (since only multiple calls it will encrypt the next
>>> + block). */
>> I don't understand the “since only multiple calls it will encrypt the
>> next block” part.
>
> I changed to 'and minimize function call overhead'. Using the generic
> implementation, a 8 times the chacha20 blocks buffer shows about 2x more
> throughput um aarch64.
>
> A buffer with 4x the chacha20 block size shows slight less performance,
> so one option might to make the buffer sizes arch-specific (since AVX2,
> and potentially AVX512 requires large block size for the arch-specific
> implementations).
Ah, that makes sense. I think the quoted part is just a bit garbled and
needs some polishing.
>>> +/* Reinit the thread context by reseeding the cipher state with kernel
>>> + entropy. */
>>> +static void
>>> +arc4random_check_stir (struct arc4random_state_t *state, size_t len)
>> Could you add a comment describing the len parameter?
>
> I changed to:
>
> /* Check if the thread context STATE should be reseed with kernel entropy
> depending of requested LEN bytes. If there is less than requested,
> the state is either initialized or reseed, otherwise the internal
> counter subtract the requested lenght. */
“reseeded”
>> Why not simply call __arc4random_buf? If you want to retain the
>> optimization, turn the implementation of __arc4random_buf into an inline
>> function and call it here and from __arc4random_buf.
>
> I actually tried in some interation and I recall that it yield some
> worse throughput. I just tested again and it holds true, on
> an aarch64 system current approach with generic implementation yields
> 290 MB/s while calling arc4random_buf shows 172 MB/s.
>
> I am trying to decompose the function to eliminate the need of the
> loop (which I think compiler can't optimize away for arc4random)
> but I don't think it would be simpler than open code the logic
> on both functions.
Hmm, this isn't great, but I see why you are doing it.
Thanks,
Florian
next prev parent reply other threads:[~2022-07-12 17:15 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-29 21:34 [PATCH v8 0/9] Add arc4random support Adhemerval Zanella
2022-06-29 21:34 ` [PATCH v8 1/9] stdlib: Add arc4random, arc4random_buf, and arc4random_uniform (BZ #4417) Adhemerval Zanella
2022-07-12 8:57 ` Florian Weimer
2022-07-12 16:57 ` Adhemerval Zanella Netto
2022-07-12 17:15 ` Florian Weimer [this message]
2022-07-12 17:21 ` Adhemerval Zanella Netto
2022-06-29 21:34 ` [PATCH v8 2/9] stdlib: Add arc4random tests Adhemerval Zanella
2022-07-12 9:20 ` Florian Weimer
2022-07-12 17:17 ` Adhemerval Zanella Netto
2022-06-29 21:34 ` [PATCH v8 3/9] benchtests: Add arc4random benchtest Adhemerval Zanella
2022-07-12 9:29 ` Florian Weimer
2022-07-12 17:26 ` Adhemerval Zanella Netto
2022-06-29 21:34 ` [PATCH v8 4/9] aarch64: Add optimized chacha20 Adhemerval Zanella
2022-07-12 9:30 ` Florian Weimer
2022-06-29 21:34 ` [PATCH v8 5/9] x86: Add SSE2 " Adhemerval Zanella
2022-06-29 21:34 ` [PATCH v8 6/9] x86: Add AVX2 " Adhemerval Zanella
2022-06-29 21:34 ` [PATCH v8 7/9] powerpc64: Add " Adhemerval Zanella
2022-06-29 21:34 ` [PATCH v8 8/9] s390x: " Adhemerval Zanella
2022-06-29 21:34 ` [PATCH v8 9/9] manual: Add documentation for arc4random functions Adhemerval Zanella
2022-06-29 21:45 ` Noah Goldstein
2022-06-29 21:53 ` Adhemerval Zanella
2022-06-29 22:05 ` Noah Goldstein
2022-06-30 7:58 ` Yann Droneaud
2022-06-30 19:37 ` Adhemerval Zanella
2022-06-29 21:55 ` Adhemerval Zanella
2022-07-12 9:31 ` [PATCH v8 0/9] Add arc4random support Florian Weimer
2022-07-12 17:36 ` Adhemerval Zanella Netto
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87bktus157.fsf@oldenburg.str.redhat.com \
--to=fweimer@redhat.com \
--cc=adhemerval.zanella@linaro.org \
--cc=libc-alpha@sourceware.org \
--cc=ydroneaud@opteya.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).