Merge pull request #299 from AkihiroSuda/aesni

AkihiroSuda · web-flow · commit 8091d059b549 · 2021-10-08T15:17:51.000+09:00
sshutil: prioritize aes128-gcm@openssh.com when AES acceleration is available (roughly 60% faster on Intel Mac)
diff --git a/pkg/sshutil/sshutil.go b/pkg/sshutil/sshutil.go
@@ -158,6 +158,18 @@ func CommonArgs(useDotSSH bool) ([]string, error) {
 		"-o", "IdentitiesOnly=yes",
 		"-F", "/dev/null",
 	)
+
+	// By default, `ssh` choose chacha20-poly1305@openssh.com, even when AES accelerator is available.
+	// (OpenSSH_8.1p1, macOS 11.6, MacBookPro 2020, Core i7-1068NG7)
+	//
+	// We prioritize AES algorithms when AES accelerator is available.
+	if aesAccelerated {
+		logrus.Debugf("AES accelerator seems available, prioritizing aes128-gcm@openssh.com and aes256-gcm@openssh.com")
+		args = append(args, "-o", "Ciphers=^aes128-gcm@openssh.com,aes256-gcm@openssh.com")
+	} else {
+		logrus.Debugf("AES accelerator does not seem available, prioritizing chacha20-poly1305@openssh.com")
+		args = append(args, "-o", "Ciphers=^chacha20-poly1305@openssh.com")
+	}
 	return args, nil
 }
 
@@ -182,3 +194,8 @@ func SSHArgs(instDir string, useDotSSH bool) ([]string, error) {
 	)
 	return args, nil
 }
+
+// aesAccelerated is set to true when AES acceleration is available.
+//
+// Available on almost all modern Intel/AMD processors.
+var aesAccelerated = detectAESAcceleration()
diff --git a/pkg/sshutil/sshutil_darwin.go b/pkg/sshutil/sshutil_darwin.go
@@ -0,0 +1,28 @@
+package sshutil
+
+import (
+	"fmt"
+	"runtime"
+	"strings"
+	"syscall"
+
+	"github.com/sirupsen/logrus"
+)
+
+func detectAESAcceleration() bool {
+	switch runtime.GOARCH {
+	case "amd64":
+		const fallback = true
+		features, err := syscall.Sysctl("machdep.cpu.features") // not available on M1
+		if err != nil {
+			err = fmt.Errorf("failed to read sysctl \"machdep.cpu.features\": %w", err)
+			logrus.WithError(err).Warnf("failed to detect whether AES accelerator is available, assuming %v", fallback)
+			return fallback
+		}
+		return strings.Contains(features, "AES ")
+	default:
+		// According to https://gist.github.com/voluntas/fd279c7b4e71f9950cfd4a5ab90b722b ,
+		// aes-128-gcm is faster than chacha20-poly1305 on Apple M1.
+		return true
+	}
+}
diff --git a/pkg/sshutil/sshutil_linux.go b/pkg/sshutil/sshutil_linux.go
@@ -0,0 +1,20 @@
+package sshutil
+
+import (
+	"os"
+	"runtime"
+	"strings"
+
+	"github.com/sirupsen/logrus"
+)
+
+func detectAESAcceleration() bool {
+	const fallback = runtime.GOARCH == "amd64"
+	cpuinfo, err := os.ReadFile("/proc/cpuinfo")
+	if err != nil {
+		logrus.WithError(err).Warnf("failed to detect whether AES accelerator is available, assuming %v", fallback)
+		return fallback
+	}
+	// Checking "aes " should be enough for x86_64 and aarch64
+	return strings.Contains(string(cpuinfo), "aes ")
+}
diff --git a/pkg/sshutil/sshutil_others.go b/pkg/sshutil/sshutil_others.go
@@ -0,0 +1,16 @@
+//go:build !darwin && !linux
+// +build !darwin,!linux
+
+package sshutil
+
+import (
+	"runtime"
+
+	"github.com/sirupsen/logrus"
+)
+
+func detectAESAcceleration() bool {
+	const fallback = runtime.GOARCH == "amd64"
+	logrus.WithError(err).Warnf("cannot detect whether AES accelerator is available, assuming %v", fallback)
+	return fallback
+}
