Neccessary to enable "AES-NI" in CPU flags?

[TheHellSite]

Hello,

I have a few questions.

1. Is it explicitly neccessary to enable AES in the cpu flag settings when using kvm64?
2. Which AES versions are supported by that flag?
3. Would you advise to run an OPNsense using host cpu type or is it okay to run it as kvm64+aes?

EDIT:
I did a quick test.
Question 1: The answer seems to be yes, can any of the devs please confirm this?
Question 3: I think there isn't really a difference. (Funny though that host was slower than kvm64+aes...)

 

[janssensm]

Hello,

I have a few questions.

1. Is it explicitly neccessary to enable AES in the cpu flag settings when using kvm64?
2. Which AES versions are supported by that flag?
3. Would you advise to run an OPNsense using host cpu type or is it okay to run it as kvm64+aes?

EDIT:
I did a quick test.
Question 1: The answer seems to be yes, can any of the devs please confirm this?
Question 3: I think there isn't really a difference. (Funny though that host was slower than kvm64+aes...)
View attachment 25294

Hi, not a dev here, but you can check inside the opnsense vm what cpu features are known by the freebsd kernel by checking dmesg.
In the first lines you will see the lines Features.
Freebsd lacks the lscpu command as in linux, but dmesg will do fine for this.
A common guideline for using cpu models is in the qemu documentation [1]
So if you don't use live migration, you will probably want to use Host cpu model.

[1] https://qemu.readthedocs.io/en/latest/system/qemu-cpu-models.html

 

[TheHellSite]

Sorry for my late reply. Thanks for the information and link, very helpful.
I have been using kvm64 since your post.

However yesterday I noticed something strange in the boot log of OPNsense.
It is not written to "/var/run/dmesg.boot" and only visible using the console view during boot.

Configuring kernel modules...aesni0: No AES or SHA support.

This error appears in the boot log on both of my OPNsense VMs.
All of them are running with a kvm64 CPU (aes flag set to enabled).
VM_1 is running on an AMD based Proxmox server (Ryzen 3 PRO 4350G APU).
VM_2 is running on an Intel based Proxmox server (Intel J3160).
Apart from that the VM specs (CPU, RAM, HDD, NIC...) are the same.


So I decided to run some additional testing.
At first I did some OpenSSL speed tests, "openssl speed -evp aes-256-cbc".
I know the correct binary is at "/usr/local/bin/openssl" but for comparison it shouldn't matter.

Intel Server --> results as expected
host (with and without aes flag) = kvm64 (with aes flag)
kvm64 (without aes flag) = as expected, way slower than host or kvm64 (with aes flag)

AMD Server --> results not as expected
What I am wondering here is: Why is the kvm64 CPU type (with aes flag) faster than the host CPU type, especially at 16 bytes?
kvm64(without aes flag) type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes aes-256-cbc 183911.84k 214165.31k 218240.60k 224476.34k 220454.74k 221420.73k kvm64 (with aes flag) type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes aes-256-cbc 728565.07k 1016349.00k 1019030.16k 1039692.61k 1063829.76k 1089562.83k host (with and without aes flag = identical results) type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes aes-256-cbc 288019.65k 639515.31k 939824.13k 1017438.70k 977331.24k 1103118.64k



After that I booted both VMs on both systems with various flag and cpu settings (host vs kvm64) to see when the error appears.
The error "aesni0: No AES or SHA support" only appears when the CPU type is set to kvm64.
Furthermore it doesn't matter if the aes flag is set to enabled or at default.

When selecting host CPU type the error doesn't appear, instead it displays the following.
AMD Server Configuring kernel modules...aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS,SHA1,SHA256> on motherboard. Intel Server Configuring kernel modules...aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS> on motherboard.





TL;DR
1. Why is the kvm64 CPU type (with aes flag) on my AMD system that much faster than the host CPU type, especially at 16 bytes?
2. Why isn't OPNsense recognizing the aes flag with kvm64 as CPU type during boot.
3. Is it even neccessary to set CPU flags when using host CPU type?

I guess on my Intel system it shouldn't matter that much if I use kvm64 or host CPU type. But on my AMD system there seems to be a huge benefit when using kvm64, which doesn't make any sense.

 

[janssensm]

The error "aesni0: No AES or SHA support" only appears when the CPU type is set to kvm64.
Furthermore it doesn't matter if the aes flag is set to enabled or at default.

So, that would mean that your VM isn't using aes.

host (with and without aes flag = identical results)

That is the expected result, as host model should map the exact host cpu features to the vm.

AMD Server Configuring kernel modules...aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS,SHA1,SHA256> on motherboard.

So aes is used and detected correctly in the vm.

TL;DR
1. your vm isn't detecting aes with model kvm64, so it is using other ways to compute. You should probably be comparing your cpu load during these tests, because perhaps it seems faster, but the aes computing isn't offloaded, so you probably will have higher cpu loads with KVM64(+aes flag). (have to say that I'm not an expert on this)
2. you probably want to ask yourself if you really want to use kvm64, because you will be missing a lot of other cpu features too.
As mentioned before and recommended by pve docs and qemu docs, you should only use kvm64 if you really need live migration. If you don't need it, select host model or the closest matching model. Then you get best mix of performance and security.

@Stefan_R also gave a nice advice here [1]

[1] https://forum.proxmox.com/threads/q-cpu-flags-security.91805/post-400612

 

[TheHellSite]

1. ... You should probably be comparing your cpu load during these tests, because perhaps it seems faster, but the aes computing isn't offloaded, so you probably will have higher cpu loads with KVM64(+aes flag) ...

That is a very good point! I don't know why I never even thought of that!
Totally makes sense.

Changed all of my VMs to host CPU now.

 

[miles267]

Hi - I am running a Protectli VP4650 appliance that supports AES-NI. Have setup a guest VM to host Untangle NGFW. I’m unsure whether AES-NI support is enabled in my Untangle Guest VM as I’ve not specified anything during my setup to enable it though the host CPU supports it. I’ve only passed thru Intel NICs from the host for faster internet throughout. Is there something I need to configure in my existing Untangle VM to enable AES-NI either on the host or within this guest VM? I’ve upgraded recently from Proxmox version to 7 to 8. Thank you.

 

[fritjof]

Hi - I am running a Protectli VP4650 appliance that supports AES-NI. Have setup a guest VM to host Untangle NGFW. I’m unsure whether AES-NI support is enabled in my Untangle Guest VM as I’ve not specified anything during my setup to enable it though the host CPU supports it. I’ve only passed thru Intel NICs from the host for faster internet throughout. Is there something I need to configure in my existing Untangle VM to enable AES-NI either on the host or within this guest VM? I’ve upgraded recently from Proxmox version to 7 to 8. Thank you.

Did you enable AES in the processor settings of the VM?