VIA PadLock support for Linux

VIA PadLock Advanced Cryptography Engine (VIA PadLock ACE) is a technology used in VIA C3 Nehemiah processors that provides very fast hardware encryption and decryption. Although the processors are completely x86-compatible they provide some new instructions for accessing the ACE (xcrypt-group instructions). See the list of available boards.
Check out results of some simple benchmarks.

If you want to be informed about updated patches, new features, etc., you may subscribe to the PadLock mailing list (archive).

More informations about programming for VIA PadLock and its linux support can be found in this article:

[english]  VIA PadLock - Wicked Fast Encryption
[czech]  VIA PadLock - Dabelsky rychle sifrovani

News

[2006-12-27]
Anyone unable to load PadLock engine in OpenSSL 0.9.8 should apply this patch
[2006-11-30]
Linux kernel 2.6.19 released with full PadLock support, i.e. AES, SHA1, SHA256
[2006-07-18]
SHA1/SHA256 patches for Linux kernels 2.6.16, 2.6.17 and 2.6.18
[2006-06-27]
OpenSSL patch for SHA1/SHA256 support
[2006-04-27]
Up to 6-times faster sha1sum for CPUs with SHA1 hardware support. Download and more information.

Linux Kernel

Kernels 2.6.11 and newer have driver for AES in VIA C3 PadLock out of the box. No need to patch it anymore to get fast AES encryption.

Kernels 2.6.19 and newer have driver for SHA1/SHA256 in VIA C7 PadLock out of the box. No need to patch it anymore to get fast SHA hashing.

VIA C7 processors have extended PadLock engine that supports SHA1 and SHA256 digest algorithms. To get access to superfast SHA-family digests in the Linux kernel apply the following patch. If you're running kernel 2.6.16, 2.6.17 or 2.6.18-rc1 apply the appropriate prereq patch before the padlock-sha patch itself. From 2.6.18-rc2 on there is no need for prereq patch anymore. Kernels 2.6.15 and older are not supported.

PadLock SHA patch for 2.6.16, 2.6.17 and 2.6.18

padlock-sha-complete.diff2009-07-19 23:32, MD5, SHA1, gpg signature
Padlock SHA1 / SHA256 for Linux kernel

prerequisities for Linux kernel before 2.6.18-rc2

padlock-prereq-2.6.18-rc1.diff2009-07-19 23:32, MD5, SHA1, gpg signature
prereq patch for 2.6.18-rc1
padlock-prereq-2.6.17.diff2009-07-19 23:32, MD5, SHA1, gpg signature
prereq patch for 2.6.17
padlock-prereq-2.6.16.diff2009-07-19 23:32, MD5, SHA1, gpg signature
prereq patch for 2.6.16

OpenSSL 0.9.8

OpenSSL provides a standard way to have drivers for hardware crypto engines. The following patches add a new engine called padlock.
OpenSSL 0.9.8 has AES support out of the box. However to use VIA C7 hash engine to speed up SHA1, SHA224 or SHA256 you need the following patch:

openssl-0.9.8b-sha.diff2009-07-19 23:32, MD5, SHA1, gpg signature
SHA1 / SHA224 / SHA256 engine

IMPORTANT: In certain setups most OpenSSL hardware accelerator drivers (so called engines) are compiled as shared modules. Although PadLock engine is always compiled statically OpenSSL core doesn't know that, tries to load it dynamically and fails. That renders PadLock support in OpenSSL 0.9.8 unusable. Please attach the following patch should you encounter any such problems and recompile your openssl library.

openssl-0.9.8-padlock-static.diff2009-07-19 23:32, MD5, SHA1, gpg signature
Initialize PadLock engine statically

Alternatively apply the following two patches instead of the above one to correctly compile the padlock engine into a standalone libpadlock.so

openssl098-padlock-shared-move.diff2009-07-19 23:32, MD5, SHA1, gpg signature
Patch to move crypto/engine/eng_padlock.c to engines/e_padlock.c
openssl098-padlock-shared-makefiles.diff2009-07-19 23:32, MD5, SHA1, gpg signature
Update for Makefiles to compile the padlock module as a shared module

OpenSSL 0.9.7

Patches for OpenSSL 0.9.7 to speed up AES128 in ECB, CBC, CFB and OFB modes. Supported is AES128 in ECB, CBC, CFB and OFB modes and AES192/AES256 in ECB and CBC modes.

Patches

openssl-0.9.7d-padlock-glue.diff2009-07-19 23:32, MD5, SHA1, gpg signature
- registration of the padlock engine in required places.
openssl-0.9.7d-padlock-engine.diff2009-07-19 23:32, MD5, SHA1, gpg signature
- the engine itself.

Applications using OpenSSL

Applications that use OpenSSL library for their cryptographic needs (such as OpenSSH) must explicitly load the available hardware crypto engines. This can be done with these simple calls during startup of the program:

#include <openssl/engine.h>

int main ()
{
	[...]
	/* Init available hardware crypto engines. */
	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();
	[...]
}	

Contributed patches

Following patches add such a support for some popular applications:

Apache 2.2.4
No patch needed, see SSLCryptoDevice directive
(Thx cilly for info)
Postfix 2.3.6
postfix-2.3.6-padlock.diff2009-07-19 23:32
(Thx cilly for contribution)
Courier-imap 4.0.6
courier-imap-4.0.6-padlock.diff2009-07-19 23:32
(Thx cilly for contribution)
LigHTTPd 1.4.13
lighttpd-1.4.13-padlock.diff2009-07-19 23:32
(Thx Michael Baudino for contribution)
OpenSSh 4.5p1
openssh-4.5p1-engines.diff2009-07-19 23:32
(Thx Danielle for contribution)
OpenSSH 3.8p1
openssh-3.8p1-engines.diff2009-07-19 23:32, MD5, SHA1, gpg signature
openssh 4.6p, openssl 0.9.7l, mini_httpd 1.19
(Thx Kristian Kielhofner for contribution)

Once you get bored with patching heaps of client programs have a look at this patch from Cecilia: openssl-0.9.8e-engine.diff2009-07-19 23:32
"The openssl-0.9.8e patch will make the ssl-library to load the padlock engine. This means, if you apply the openssl-0.9.8e patch, you do not have to apply any other patches or modifications, since every time the ssl-library is called, the padlock-engine is initialized by the ssl-library."
In other words - Patch for OpenSSL to always load PadLock engine.

 

Have you found PadLock support useful? If so please consider making a PayPal donation for author's expenses.

 

Place for your feedback...
May 16   9:31 via padlock support (by daniel w.)
Jun 25   22:18 Re: via padlock support (by anonymous)
Jun 8   17:17 Why is it so slow? (by john)
Jun 8   17:23 Re: Why is it so slow? (by Michal Ludvig)
Jan 26   14:37 Re: Re: Why is it so slow? (by Frank)
Aug 8   20:24 Updates? (by Sadara)
Oct 2   19:51 I like it (by Markus)
Oct 3   22:13 Re: I like it (by Michal Ludvig)
Oct 26   22:09 padlock gentoo (by flipstar)
Oct 27   18:52 hardware entropy support (by coderman)
Mar 14   17:16 Via padlock transparent (by Ben Jones)
Mar 14   21:25 Re: Via padlock transparent (by Michal Ludvig)
Mar 15   17:01 Re: Re: Via padlock transparent (by Ben Jones)
Apr 8   18:16 multiblock vs. singleblock (by Arnd)
Apr 10   18:13 Re: multiblock vs. singleblock (by Arnd)
Apr 10   22:17 Re: Re: multiblock vs. singleblock (by Michal Ludvig)
May 15   10:43 HD encryption performance insights (by EvilOverlord)
Nov 29   4:35 Re: HD encryption performance insights (by klaus_kleber)
Jun 29   13:25 How can I confirm.. (by james c)
Apr 17   23:34 Re: How can I confirm.. (by Fabien Wernli)
Apr 17   23:52 Re: Re: How can I confirm.. (by Michal)
Dec 17   13:26 Re: Re: How can I confirm.. (by Arnd Hannemann)
Jul 10   22:43 padlock detection failed (by padlock detection failed)
Jul 10   22:45 Re: padlock detection failed (by padlock detection failed)
Jul 10   22:50 Re: padlock detection failed (by Michal Ludvig)
Jul 11   20:02 Re: padlock detection failed (by padlock detection failed)
Jul 11   21:10 Re: Re: padlock detection failed (by padlock detection failed)
Jul 11   23:39 Re: Re: Re: padlock detection failed (by Michal Ludvig)
Jul 14   14:48 no-RNG, ACE (by Goetz Bock)
Jul 24   21:11 Re: no-RNG, ACE (by Michal Ludvig)
Aug 3   3:30 Re: Re: no-RNG, ACE (by ET Tan)
Feb 16   21:50 Re: Re: no-RNG, ACE--openssl (by anonymous)
Sep 15   21:40 Re: Re: Re: no-RNG, ACE--openssl (by anonymous)
Oct 9   5:27 Padlock vpn support? (by Matt S)
Jan 10   16:57 xstore in etherboot (by Robert Hamilton)
Jan 10   21:05 Re: xstore in etherboot (by Robert Hamilton)
Jan 11   0:12 Re: Re: xstore in etherboot (by Robert Hamilton)
Feb 6   4:56 new DP-310 dual-cpu-boards (by Stephan)
Feb 6   9:24 Re: new DP-310 dual-cpu-boards (by Michal)
Feb 24   3:02 Re: Re: new DP-310 dual-cpu-boards (by Stephan)
Dec 21   11:28 Re: Re: new DP-310 dual-cpu-boards (by Witek Baryluk)
Feb 17   7:36 selecting aes type (by udo)
Feb 17   12:50 patching OpenSSL 0.9.7f (by udo)
Sep 16   0:56 Re: patching OpenSSL 0.9.7f (by anonymous)
Feb 17   16:34 Further openssl investigations (by udo)
Mar 24   17:20 openssl 0.9.8a-5.2 on FC5 (by udo)
Mar 26   14:22 openssl on FC5 (by udo)
Apr 27   15:28 optimisation - large blocks (by peter)
Apr 27   22:59 Re: optimisation - large blocks (by Michal Ludvig)
May 8   15:57 Padlock by default (by anonymous)
Jul 25   2:50 Re: Padlock by default (by Michal Ludvig)
Sep 13   11:28 OpenSSH Patch (by Michael)
Sep 17   15:23 Re: OpenSSH Patch (by anonymous)
Sep 29   19:30 Re: OpenSSH Patch (by G.)
Sep 23   19:08 Buggy OpenSSL AES-CFB decryption? (by François)
Oct 19   2:37 Re: Buggy OpenSSL AES-CFB decryption? (by eloj)
Oct 23   17:31 Re: Re: Buggy OpenSSL AES-CFB decryption? (by Lasse Bigum)
Jun 5   20:04 Re: Re: Re: Buggy OpenSSL AES-CFB decryption? (by TzyWPcKrZdNJNZaPMA)
Jul 3   23:37 Re: Re: Re: Buggy OpenSSL AES-CFB decryption? (by NcrPuYBjIAjrt)
Jul 9   6:45 Re: Re: Re: Buggy OpenSSL AES-CFB decryption? (by MjXRPpVkySfyWdQfl)
Jul 19   4:00 Re: Re: Re: Buggy OpenSSL AES-CFB decryption? (by QIZjmgzdbGJHqzjbD)
Jul 25   1:34 Re: Re: Re: Buggy OpenSSL AES-CFB decryption? (by CuyhSfENyKKojT)
Nov 27   12:42 Re: Re: Buggy OpenSSL AES-CFB decryption? (by honx)
Dec 22   20:23 libpadlock.so missing (by Markus Koetter)
Dec 28   11:33 Re: libpadlock.so missing (by Michal)
Dec 29   7:52 Re: Re: libpadlock.so missing (by Markus)
Dec 25   11:30 missing engine (by Franz Wudy)
Dec 26   18:34 Re: missing engine (by Markus)
Dec 28   7:58 patches online :) (by Markus)
Apr 9   14:32 Re: patches online :) (by Markus Kötter)
Jan 14   20:35 openssl -engine padlock is somewhat slow (by ONes)
Jan 22   0:27 Re: openssl -engine padlock is somewhat slow (by Zoidberg)
Jan 22   0:48 Re: Re: openssl -engine padlock is somewhat slow (by Michal Ludvig)
Aug 13   23:42 Re: Re: Re: openssl -engine padlock is somewhat slow (by Ove Andersen)
Mar 26   15:51 Re: openssl -engine padlock is somewhat slow (by Daniele)
Jan 18   22:47 Apply benchmark to "real world" file encryption (by H. Latzko)
Feb 3   18:11 gpg can use padlock ace? (by udo)
Feb 4   13:58 Re: gpg can use padlock ace? (by Michal Ludvig)
Feb 4   13:41 VIA PadLock: RNG ACE2 PHE(8192) PMM (by udo)
Feb 4   13:56 Re: VIA PadLock: RNG ACE2 PHE(8192) PMM (by Michal Ludvig)
Jun 20   12:21 Re: Re: VIA PadLock: RNG ACE2 PHE(8192) PMM (by Daniel Kalchev)
May 13   9:59 aes-types when using cryptsetup-luks? (by udo)
May 13   11:33 Re: aes-types when using cryptsetup-luks? (by Michal)
May 23   8:02 OpenVPN/padlock.so (by Prasanna)
Oct 2   1:22 openssl 0.9.8e is horrible slow (by Markus Kötter)
May 26   1:35 latest patch for ssh (by Tofu)
May 26   7:55 Re: latest patch for ssh (by Michal Ludvig)
Jun 8   20:29 Re: latest patch for ssh (by eloj)
Aug 4   0:50 OpenSSH SCP no speed diff (by Justin)
Aug 13   0:30 Re: OpenSSH SCP no speed diff (by horst)
Oct 15   2:40 Re: OpenSSH SCP no speed diff (by Denny)
Aug 6   9:07 Error in FC7 (by warren)
Aug 6   17:24 Re: Error in FC7 (by warren)
Aug 28   22:02 RNG Hack (by henric)
Feb 8   23:43 Re: RNG Hack (by eloj)
Sep 2   10:45 patch for Linux 2.4? (by dennis khoo)
Nov 17   16:57 rng difference? (by udo)
Nov 18   22:43 Re: rng difference? (by Michal)
Nov 24   14:46 Re: Re: rng difference? (by udo)
Nov 24   14:36 phe_sum (by udo)
Jan 25   18:37 padlock in squid (by Konstantin Gavrilenko)
Jun 3   4:31 Re: padlock in squid (by Wade Mealing)
Aug 3   15:38 VIA releases PadLock documentation (by Lasse Bigum)
Aug 3   17:12 Re: VIA releases PadLock documentation (by Michal Ludvig)
Dec 1   9:22 speed differences not understood (by Paul)
Dec 1   9:27 Re: speed differences not understood (by Paul)
Jun 20   2:05 padlock_sha_copy(): malloc() failed (by udovdh)
Dec 21   11:14 HMAC slowdown, AES in Core i9 (by Witek Baryluk)
Feb 8   5:40 64 bit (by Carsten)
Sep 15   3:47 padlock for ubuntu 10.04 (source + binary) (by Ciaby)