[Touch-packages] [Bug 1674399] [openssl/zesty] possible regression found
As a part of the Stable Release Updates quality process a search for
Launchpad bug reports using the version of openssl from zesty-proposed
was performed and bug 1692981 was found. Please investigate this bug
report to ensure that a regression will not be created by this SRU. In
the event that this is not a regression remove the "verification-failed"
tag from this bug report and add the tag "bot-stop-nagging" to bug
1692981 (not this bug). Thanks!
** Tags added: verification-failed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1674399
Title:
OpenSSL CPU detection for AMD Ryzen CPUs
Status in openssl package in Ubuntu:
Fix Released
Status in openssl source package in Xenial:
Fix Committed
Status in openssl source package in Yakkety:
Fix Committed
Status in openssl source package in Zesty:
Fix Committed
Status in openssl source package in Artful:
Fix Released
Bug description:
[Impact]
* Context:
AMD added support in their processors for SHA Extensions[1] (CPU flag:
sha_ni[2]) starting with Ryzen[3] CPU. Note that Ryzen CPU come in
64bit only (Confirmed with AMD representative). Current OpenSSL
version in Ryzens still calls SHA for SSSE3 routine as result a number
of extensions were effectively masked on Ryzen and shows no
improvement.
[1] /proc/cpuinfo
processor : 0
vendor_id : AuthenticAMD
cpu family : 23
model : 1
model name : AMD Ryzen 5 1600 Six-Core Processor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat
pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm
constant_tsc rep_good nopl nonstop_tsc extd_apicid aperfmperf eagerfpu pni
pclmulqdq monitor ssse3 fma cx16 sse
4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm
extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw skinit wdt tce
topoext perfctr_core perfctr_nb bpext perfctr_l2 mwaitx hw_pstate vmmcall
fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflusho
pt sha_ni xsaveopt xsavec xgetbv1 clzero arat npt lbrv svm_lock nrip_save
tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold
[2] - sha_ni: SHA1/SHA256 Instruction Extensions
[3] - https://en.wikipedia.org/wiki/Ryzen
...
All models support: x87, MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, AES,
CLMUL, AVX, AVX2, FMA, CVT16/F16C, ABM, BMI1, BMI2, SHA.[5]
...
* Program to performs the CPUID check:
Reference :
https://software.intel.com/en-us/articles/intel-sha-extensions
... Availability of the Intel® SHA Extensions on a particular
processor can be determined by checking the SHA CPUID bit in
CPUID.(EAX=07H, ECX=0):EBX.SHA [bit 29]. The following C function,
using inline assembly, performs the CPUID check:
--
int CheckForIntelShaExtensions() {
int a, b, c, d;
// Look for CPUID.7.0.EBX[29]
// EAX = 7, ECX = 0
a = 7;
c = 0;
asm volatile ("cpuid"
:"=a"(a), "=b"(b), "=c"(c), "=d"(d)
:"a"(a), "c"(c)
);
// Intel® SHA Extensions feature bit is EBX[29]
return ((b >> 29) & 1);
}
--
On CPU with sha_ni the program return "1". Otherwise it return "0".
[Test Case]
* Reproducible with Xenial/Zesty/Artful release.
* Generated a checksum of a big file (e.g. 5GB file) with openssl
$ time /usr/bin/openssl dgst -sha256 /var/tmp/5Gfile
SHA256(/var/tmp/5Gfile)=
8d448d81521cbc1bfdc04dd199d448bd3c49374221007bd0846d8d39a70dd4f8
real 0m12.835s
user 0m12.344s
sys 0m0.484s
* Openssl speed
$ openssl speed sha1
Doing sha1 for 3s on 16 size blocks: 9969152 sha1's in 3.00s
Doing sha1 for 3s on 64 size blocks: 8019164 sha1's in 3.00s
Doing sha1 for 3s on 256 size blocks: 5254219 sha1's in 2.99s
Doing sha1 for 3s on 1024 size blocks: 2217067 sha1's in 3.00s
Doing sha1 for 3s on 8192 size blocks: 347842 sha1's in 3.00s
OpenSSL 1.0.2g 1 Mar 2016
built on: reproducible build, date unspecified
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int)
blowfish(idx)
compiler: gcc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT
-DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall
-DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM
-DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
sha1 53168.81k 171075.50k 449859.55k 756758.87k 949840.55
The performance are clearly better when using the patch which take
benefit of the sha extension. (See Regression Potential section for
result with patch)
[Regression Potential]
* Note : IRC discussion with infinity :
https://bugs.launchpad.net/ubuntu/xenial/+source/openssl/+b
[Touch-packages] [Bug 1674399] [openssl/zesty] possible regression found
As a part of the Stable Release Updates quality process a search for
Launchpad bug reports using the version of openssl from zesty-proposed
was performed and bug 1692981 was found. Please investigate this bug
report to ensure that a regression will not be created by this SRU. In
the event that this is not a regression remove the "verification-failed"
tag from this bug report and add the tag "bot-stop-nagging" to bug
1692981 (not this bug). Thanks!
** Tags added: verification-failed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1674399
Title:
OpenSSL CPU detection for AMD Ryzen CPUs
Status in openssl package in Ubuntu:
Fix Released
Status in openssl source package in Xenial:
Fix Committed
Status in openssl source package in Yakkety:
Fix Committed
Status in openssl source package in Zesty:
Fix Committed
Status in openssl source package in Artful:
Fix Released
Bug description:
[Impact]
* Context:
AMD added support in their processors for SHA Extensions[1] (CPU flag:
sha_ni[2]) starting with Ryzen[3] CPU. Note that Ryzen CPU come in
64bit only (Confirmed with AMD representative). Current OpenSSL
version in Ryzens still calls SHA for SSSE3 routine as result a number
of extensions were effectively masked on Ryzen and shows no
improvement.
[1] /proc/cpuinfo
processor : 0
vendor_id : AuthenticAMD
cpu family : 23
model : 1
model name : AMD Ryzen 5 1600 Six-Core Processor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat
pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm
constant_tsc rep_good nopl nonstop_tsc extd_apicid aperfmperf eagerfpu pni
pclmulqdq monitor ssse3 fma cx16 sse
4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm
extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw skinit wdt tce
topoext perfctr_core perfctr_nb bpext perfctr_l2 mwaitx hw_pstate vmmcall
fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflusho
pt sha_ni xsaveopt xsavec xgetbv1 clzero arat npt lbrv svm_lock nrip_save
tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold
[2] - sha_ni: SHA1/SHA256 Instruction Extensions
[3] - https://en.wikipedia.org/wiki/Ryzen
...
All models support: x87, MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, AES,
CLMUL, AVX, AVX2, FMA, CVT16/F16C, ABM, BMI1, BMI2, SHA.[5]
...
* Program to performs the CPUID check:
Reference :
https://software.intel.com/en-us/articles/intel-sha-extensions
... Availability of the Intel® SHA Extensions on a particular
processor can be determined by checking the SHA CPUID bit in
CPUID.(EAX=07H, ECX=0):EBX.SHA [bit 29]. The following C function,
using inline assembly, performs the CPUID check:
--
int CheckForIntelShaExtensions() {
int a, b, c, d;
// Look for CPUID.7.0.EBX[29]
// EAX = 7, ECX = 0
a = 7;
c = 0;
asm volatile ("cpuid"
:"=a"(a), "=b"(b), "=c"(c), "=d"(d)
:"a"(a), "c"(c)
);
// Intel® SHA Extensions feature bit is EBX[29]
return ((b >> 29) & 1);
}
--
On CPU with sha_ni the program return "1". Otherwise it return "0".
[Test Case]
* Reproducible with Xenial/Zesty/Artful release.
* Generated a checksum of a big file (e.g. 5GB file) with openssl
$ time /usr/bin/openssl dgst -sha256 /var/tmp/5Gfile
SHA256(/var/tmp/5Gfile)=
8d448d81521cbc1bfdc04dd199d448bd3c49374221007bd0846d8d39a70dd4f8
real 0m12.835s
user 0m12.344s
sys 0m0.484s
* Openssl speed
$ openssl speed sha1
Doing sha1 for 3s on 16 size blocks: 9969152 sha1's in 3.00s
Doing sha1 for 3s on 64 size blocks: 8019164 sha1's in 3.00s
Doing sha1 for 3s on 256 size blocks: 5254219 sha1's in 2.99s
Doing sha1 for 3s on 1024 size blocks: 2217067 sha1's in 3.00s
Doing sha1 for 3s on 8192 size blocks: 347842 sha1's in 3.00s
OpenSSL 1.0.2g 1 Mar 2016
built on: reproducible build, date unspecified
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int)
blowfish(idx)
compiler: gcc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT
-DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall
-DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM
-DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
sha1 53168.81k 171075.50k 449859.55k 756758.87k 949840.55
The performance are clearly better when using the patch which take
benefit of the sha extension. (See Regression Potential section for
result with patch)
[Regression Potential]
* Note : IRC discussion with infinity :
https://bugs.launchpad.net/ubuntu/xenial/+source/openssl/+b
[Touch-packages] [Bug 1674399] [openssl/zesty] possible regression found
As a part of the Stable Release Updates quality process a search for
Launchpad bug reports using the version of openssl from zesty-proposed
was performed and bug 1692981 was found. Please investigate this bug
report to ensure that a regression will not be created by this SRU. In
the event that this is not a regression remove the "verification-failed"
tag from this bug report and add the tag "bot-stop-nagging" to bug
1692981 (not this bug). Thanks!
** Tags added: verification-failed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1674399
Title:
OpenSSL CPU detection for AMD Ryzen CPUs
Status in openssl package in Ubuntu:
Fix Released
Status in openssl source package in Xenial:
Fix Committed
Status in openssl source package in Yakkety:
Fix Committed
Status in openssl source package in Zesty:
Fix Committed
Status in openssl source package in Artful:
Fix Released
Bug description:
[Impact]
* Context:
AMD added support in their processors for SHA Extensions[1] (CPU flag:
sha_ni[2]) starting with Ryzen[3] CPU. Note that Ryzen CPU come in
64bit only (Confirmed with AMD representative). Current OpenSSL
version in Ryzens still calls SHA for SSSE3 routine as result a number
of extensions were effectively masked on Ryzen and shows no
improvement.
[1] /proc/cpuinfo
processor : 0
vendor_id : AuthenticAMD
cpu family : 23
model : 1
model name : AMD Ryzen 5 1600 Six-Core Processor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat
pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm
constant_tsc rep_good nopl nonstop_tsc extd_apicid aperfmperf eagerfpu pni
pclmulqdq monitor ssse3 fma cx16 sse
4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm
extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw skinit wdt tce
topoext perfctr_core perfctr_nb bpext perfctr_l2 mwaitx hw_pstate vmmcall
fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflusho
pt sha_ni xsaveopt xsavec xgetbv1 clzero arat npt lbrv svm_lock nrip_save
tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold
[2] - sha_ni: SHA1/SHA256 Instruction Extensions
[3] - https://en.wikipedia.org/wiki/Ryzen
...
All models support: x87, MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, AES,
CLMUL, AVX, AVX2, FMA, CVT16/F16C, ABM, BMI1, BMI2, SHA.[5]
...
* Program to performs the CPUID check:
Reference :
https://software.intel.com/en-us/articles/intel-sha-extensions
... Availability of the Intel® SHA Extensions on a particular
processor can be determined by checking the SHA CPUID bit in
CPUID.(EAX=07H, ECX=0):EBX.SHA [bit 29]. The following C function,
using inline assembly, performs the CPUID check:
--
int CheckForIntelShaExtensions() {
int a, b, c, d;
// Look for CPUID.7.0.EBX[29]
// EAX = 7, ECX = 0
a = 7;
c = 0;
asm volatile ("cpuid"
:"=a"(a), "=b"(b), "=c"(c), "=d"(d)
:"a"(a), "c"(c)
);
// Intel® SHA Extensions feature bit is EBX[29]
return ((b >> 29) & 1);
}
--
On CPU with sha_ni the program return "1". Otherwise it return "0".
[Test Case]
* Reproducible with Xenial/Zesty/Artful release.
* Generated a checksum of a big file (e.g. 5GB file) with openssl
$ time /usr/bin/openssl dgst -sha256 /var/tmp/5Gfile
SHA256(/var/tmp/5Gfile)=
8d448d81521cbc1bfdc04dd199d448bd3c49374221007bd0846d8d39a70dd4f8
real 0m12.835s
user 0m12.344s
sys 0m0.484s
* Openssl speed
$ openssl speed sha1
Doing sha1 for 3s on 16 size blocks: 9969152 sha1's in 3.00s
Doing sha1 for 3s on 64 size blocks: 8019164 sha1's in 3.00s
Doing sha1 for 3s on 256 size blocks: 5254219 sha1's in 2.99s
Doing sha1 for 3s on 1024 size blocks: 2217067 sha1's in 3.00s
Doing sha1 for 3s on 8192 size blocks: 347842 sha1's in 3.00s
OpenSSL 1.0.2g 1 Mar 2016
built on: reproducible build, date unspecified
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int)
blowfish(idx)
compiler: gcc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT
-DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall
-DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM
-DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
sha1 53168.81k 171075.50k 449859.55k 756758.87k 949840.55
The performance are clearly better when using the patch which take
benefit of the sha extension. (See Regression Potential section for
result with patch)
[Regression Potential]
* Note : IRC discussion with infinity :
https://bugs.launchpad.net/ubuntu/xenial/+source/openssl/+b
[Touch-packages] [Bug 1674399] [openssl/zesty] possible regression found
As a part of the Stable Release Updates quality process a search for
Launchpad bug reports using the version of openssl from zesty-proposed
was performed and bug 1692981 was found. Please investigate this bug
report to ensure that a regression will not be created by this SRU. In
the event that this is not a regression remove the "verification-failed"
tag from this bug report and add the tag "bot-stop-nagging" to bug
1692981 (not this bug). Thanks!
** Tags added: verification-failed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1674399
Title:
OpenSSL CPU detection for AMD Ryzen CPUs
Status in openssl package in Ubuntu:
Fix Released
Status in openssl source package in Xenial:
Fix Committed
Status in openssl source package in Yakkety:
Fix Committed
Status in openssl source package in Zesty:
Fix Committed
Status in openssl source package in Artful:
Fix Released
Bug description:
[Impact]
* Context:
AMD added support in their processors for SHA Extensions[1] (CPU flag:
sha_ni[2]) starting with Ryzen[3] CPU. Note that Ryzen CPU come in
64bit only (Confirmed with AMD representative). Current OpenSSL
version in Ryzens still calls SHA for SSSE3 routine as result a number
of extensions were effectively masked on Ryzen and shows no
improvement.
[1] /proc/cpuinfo
processor : 0
vendor_id : AuthenticAMD
cpu family : 23
model : 1
model name : AMD Ryzen 5 1600 Six-Core Processor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat
pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm
constant_tsc rep_good nopl nonstop_tsc extd_apicid aperfmperf eagerfpu pni
pclmulqdq monitor ssse3 fma cx16 sse
4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm
extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw skinit wdt tce
topoext perfctr_core perfctr_nb bpext perfctr_l2 mwaitx hw_pstate vmmcall
fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflusho
pt sha_ni xsaveopt xsavec xgetbv1 clzero arat npt lbrv svm_lock nrip_save
tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold
[2] - sha_ni: SHA1/SHA256 Instruction Extensions
[3] - https://en.wikipedia.org/wiki/Ryzen
...
All models support: x87, MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, AES,
CLMUL, AVX, AVX2, FMA, CVT16/F16C, ABM, BMI1, BMI2, SHA.[5]
...
* Program to performs the CPUID check:
Reference :
https://software.intel.com/en-us/articles/intel-sha-extensions
... Availability of the Intel® SHA Extensions on a particular
processor can be determined by checking the SHA CPUID bit in
CPUID.(EAX=07H, ECX=0):EBX.SHA [bit 29]. The following C function,
using inline assembly, performs the CPUID check:
--
int CheckForIntelShaExtensions() {
int a, b, c, d;
// Look for CPUID.7.0.EBX[29]
// EAX = 7, ECX = 0
a = 7;
c = 0;
asm volatile ("cpuid"
:"=a"(a), "=b"(b), "=c"(c), "=d"(d)
:"a"(a), "c"(c)
);
// Intel® SHA Extensions feature bit is EBX[29]
return ((b >> 29) & 1);
}
--
On CPU with sha_ni the program return "1". Otherwise it return "0".
[Test Case]
* Reproducible with Xenial/Zesty/Artful release.
* Generated a checksum of a big file (e.g. 5GB file) with openssl
$ time /usr/bin/openssl dgst -sha256 /var/tmp/5Gfile
SHA256(/var/tmp/5Gfile)=
8d448d81521cbc1bfdc04dd199d448bd3c49374221007bd0846d8d39a70dd4f8
real 0m12.835s
user 0m12.344s
sys 0m0.484s
* Openssl speed
$ openssl speed sha1
Doing sha1 for 3s on 16 size blocks: 9969152 sha1's in 3.00s
Doing sha1 for 3s on 64 size blocks: 8019164 sha1's in 3.00s
Doing sha1 for 3s on 256 size blocks: 5254219 sha1's in 2.99s
Doing sha1 for 3s on 1024 size blocks: 2217067 sha1's in 3.00s
Doing sha1 for 3s on 8192 size blocks: 347842 sha1's in 3.00s
OpenSSL 1.0.2g 1 Mar 2016
built on: reproducible build, date unspecified
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int)
blowfish(idx)
compiler: gcc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT
-DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall
-DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM
-DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
sha1 53168.81k 171075.50k 449859.55k 756758.87k 949840.55
The performance are clearly better when using the patch which take
benefit of the sha extension. (See Regression Potential section for
result with patch)
[Regression Potential]
* Note : IRC discussion with infinity :
https://bugs.launchpad.net/ubuntu/xenial/+source/openssl/+b
