Default maximum request size to use software for AES
configname: CONFIG_CRYPTO_DEV_QCE_SW_MAX_LEN
Linux Kernel Configuration
└─>Cryptographic API
└─>Hardware crypto devices
└─>Default maximum request size to use software for AES
In linux kernel since version 5.1 (release Date: 2019-05-05)
This sets the default maximum request size to perform AES requests
using software instead of the crypto engine. It can be changed by
setting the aes_sw_max_len parameter.
Small blocks are processed faster in software than hardware.
Considering the 256-bit ciphers, software is 2-3 times faster than
qce at 256-bytes, 30% faster at 512, and about even at 768-bytes.
With 128-bit keys, the break-even point would be around 1024-bytes.
The default is set a little lower, to 512 bytes, to balance the
cost in CPU usage. The minimum recommended setting is 16-bytes
(1 AES block), since AES-GCM will fail if you set it lower.
Setting this to zero will send all requests to the hardware.
Note that 192-bit keys are not supported by the hardware and are
always processed by the software fallback, and all DES requests
are done by the hardware.
using software instead of the crypto engine. It can be changed by
setting the aes_sw_max_len parameter.
Small blocks are processed faster in software than hardware.
Considering the 256-bit ciphers, software is 2-3 times faster than
qce at 256-bytes, 30% faster at 512, and about even at 768-bytes.
With 128-bit keys, the break-even point would be around 1024-bytes.
The default is set a little lower, to 512 bytes, to balance the
cost in CPU usage. The minimum recommended setting is 16-bytes
(1 AES block), since AES-GCM will fail if you set it lower.
Setting this to zero will send all requests to the hardware.
Note that 192-bit keys are not supported by the hardware and are
always processed by the software fallback, and all DES requests
are done by the hardware.