(Weitergeleitet von Verschluesselung mit dm-crypt beschleunigen)
|
Dieser Artikel ist veraltet und wird nur noch aus Gründen der Nostalgie im Wiki gespeichert. |
Möchte man bei der Festplattenverschlüsselung mit LUKS bzw. dm-crypt noch ein wenig Performance rausholen, sollte man dafür sorgen, dass das Modul aes_i586 anstatt aes geladen wird.
Bei Ubuntu (und wohl auch bei Debian) kann man bspw. mit einer wie folgt befüllten Datei /etc/initramfs-tools/modules für das Laden des richtigen Moduls sorgen:
# List of modules that you want to include in your initramfs. # # Syntax: module_name [args ...] # # You must run update-initramfs(8) to effect this change. # # Examples: # # raid1 # sd_mod ide-disk dm_mod dm_crypt sha256 aes_i586
Danach:
update-initramfs -u
Messungen
Gemessen wurde mit folgenden Skript (Partitionenvariable anpassen für eigene Messungen!):
#!/bin/sh partition=/dev/mapper/crypto-pub runs=10 echo == CPU == cat /proc/cpuinfo | egrep "^cpu|^model" echo == Modules == uname -a lsmod | grep aes echo == Disk read performance == echo $partition for i in $(seq $runs); do hdparm -t $partition 2>/dev/null | grep Timing; done
Messung ohne aes_i586
# ./measure-dm-crypt == CPU == cpu family : 15 model : 2 model name : Intel(R) Celeron(R) CPU 2.40GHz cpu MHz : 2394.346 cpuid level : 2 == Modules == Linux kerouac 2.6.20-16-lowlatency #2 SMP PREEMPT Thu Jun 7 20:23:03 UTC 2007 i6 86 GNU/Linux aes 28608 9 == Disk read performance == /dev/mapper/crypto-pub Timing buffered disk reads: 110 MB in 3.02 seconds = 36.41 MB/sec Timing buffered disk reads: 110 MB in 3.01 seconds = 36.52 MB/sec Timing buffered disk reads: 110 MB in 3.02 seconds = 36.42 MB/sec Timing buffered disk reads: 110 MB in 3.03 seconds = 36.30 MB/sec Timing buffered disk reads: 112 MB in 3.04 seconds = 36.83 MB/sec Timing buffered disk reads: 110 MB in 3.01 seconds = 36.54 MB/sec Timing buffered disk reads: 110 MB in 3.03 seconds = 36.31 MB/sec Timing buffered disk reads: 110 MB in 3.05 seconds = 36.09 MB/sec Timing buffered disk reads: 110 MB in 3.01 seconds = 36.50 MB/sec Timing buffered disk reads: 110 MB in 3.02 seconds = 36.44 MB/sec
Messung mit aes_i586
# ./measure-dm-crypt == CPU == cpu family : 15 model : 2 model name : Intel(R) Celeron(R) CPU 2.40GHz cpu MHz : 2394.265 cpuid level : 2 == Modules == Linux kerouac 2.6.20-16-lowlatency #2 SMP PREEMPT Thu Jun 7 20:23:03 UTC 2007 i6 86 GNU/Linux aes 28608 0 aes_i586 34304 9 == Disk read performance == /dev/mapper/crypto-pub Timing buffered disk reads: 136 MB in 3.00 seconds = 45.33 MB/sec Timing buffered disk reads: 138 MB in 3.03 seconds = 45.56 MB/sec Timing buffered disk reads: 138 MB in 3.03 seconds = 45.48 MB/sec Timing buffered disk reads: 136 MB in 3.04 seconds = 44.79 MB/sec Timing buffered disk reads: 136 MB in 3.01 seconds = 45.25 MB/sec Timing buffered disk reads: 138 MB in 3.04 seconds = 45.45 MB/sec Timing buffered disk reads: 138 MB in 3.03 seconds = 45.58 MB/sec Timing buffered disk reads: 136 MB in 3.00 seconds = 45.29 MB/sec Timing buffered disk reads: 136 MB in 3.03 seconds = 44.83 MB/sec Timing buffered disk reads: 136 MB in 3.02 seconds = 45.01 MB/sec