Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
DescriptionStanislav Zidek
2015-02-27 13:40:07 UTC
Description of problem:
When measuring algorithms' speed while using engine ibmca, results are wildly inaccurate, because number of operations is divided by the ammount of processor time used, which is very low for external engine.
Version-Release number of selected component (if applicable):
openssl-ibmca-1.2.0-4.el6.s390x
openssl-1.0.1e-30.el6_6.5.s390x
How reproducible:
always
Steps to Reproduce:
1. openssl speed -engine ibmca rsa512
Actual results:
engine "ibmca" set.
Doing 512 bit private rsa's for 10s: 4015 512 bit private RSA's in 0.02s
Doing 512 bit public rsa's for 10s: 4336 512 bit public RSA's in 0.03s
OpenSSL 1.0.1e-fips 11 Feb 2013
built on: Tue Jan 13 08:38:01 EST 2015
options:bn(64,64) md2(int) rc4(8x,char) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 -DB_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -march=z9-109 -mtune=z10 -Wa,--noexecstack -DPURIFY -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DAES_CTR_ASM -DAES_XTS_ASM -DGHASH_ASM
sign verify sign/s verify/s
rsa 512 bits 0.000005s 0.000007s 200750.0 144533.3
Expected results: (cca)
...
sign verify sign/s verify/s
rsa 512 bits 0.002490s 0.002306s 401.5 433.6
I think this is rather problem of openssl computing the speeds, not of the engine itself. Switching to openssl. Please open the question on the upstream mailing list (https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech) if you think it is engine problem.
Tomas, according to the summary of this bug you set, I would expect some explicit mention of the fact that CPU time is used by default. However, it is now only deducable from '-elapsed' option documentation ("Measure time in real time instead of CPU time.").
Didn't you also want to mention the CPU time being used by default somewhere in DESCRIPTION part of manpage?
I'd say the man page is so short that reading it all including the -elapsed option description to get the info should be OK.
Also normally (apart from the hardware engines) the information that CPU time is used instead of real time is not that important.
VERIFIED manually.
NEW: openssl-1.0.1e-46.el6
man page documents '-elapsed' option:
-elapsed
Measure time in real time instead of CPU time. It can be useful
when testing speed of hardware engines.
OLD: openssl-1.0.1e-42.el6_7.2
No mention of '-elapsed' option.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://rhn.redhat.com/errata/RHBA-2016-0933.html
Description of problem: When measuring algorithms' speed while using engine ibmca, results are wildly inaccurate, because number of operations is divided by the ammount of processor time used, which is very low for external engine. Version-Release number of selected component (if applicable): openssl-ibmca-1.2.0-4.el6.s390x openssl-1.0.1e-30.el6_6.5.s390x How reproducible: always Steps to Reproduce: 1. openssl speed -engine ibmca rsa512 Actual results: engine "ibmca" set. Doing 512 bit private rsa's for 10s: 4015 512 bit private RSA's in 0.02s Doing 512 bit public rsa's for 10s: 4336 512 bit public RSA's in 0.03s OpenSSL 1.0.1e-fips 11 Feb 2013 built on: Tue Jan 13 08:38:01 EST 2015 options:bn(64,64) md2(int) rc4(8x,char) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 -DB_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -march=z9-109 -mtune=z10 -Wa,--noexecstack -DPURIFY -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DAES_CTR_ASM -DAES_XTS_ASM -DGHASH_ASM sign verify sign/s verify/s rsa 512 bits 0.000005s 0.000007s 200750.0 144533.3 Expected results: (cca) ... sign verify sign/s verify/s rsa 512 bits 0.002490s 0.002306s 401.5 433.6