On Wed, 2016-06-29 at 09:41 -0700, Andy Lutomirski wrote: > Overall, it looks like there's overhead of something like 50ns for > each ahash invocation vs the shash equivalent. It's not huge, but > it's there. (This is cache-hot. I bet it's considerably worse if > cache-cold, because ahash will require a lot more code cache lines as > well as the extra cache lines involved in the scatterlist and whatever > arch stuff is needed to map back and forth between virtual and > physical addresses.
I am kind of mystified seeing someone caring about TCP MD5, other than just making sure it wont crash the host when it needs to be used ;) The real useful work would be to use a jump label so that we can avoid spending cycles for non TCP MD5 sessions, when a host never had to use any MD5 negotiation.
