[SOLVED] Slow ZFS encryption: will we get a fix for AVX/AVX2 not being selected?

[meyergru]

There is an ongoing discussion about slow encrypted ZFS performance, e.g. here: https://github.com/openzfs/zfs/issues/15245 and here: https://github.com/openzfs/zfs/issues/15276

Obviously this is due to a regression introduced in kernel 5.15.0-82 and discussed here: https://lore.kernel.org/lkml/87r0nsddb5.ffs@tglx/T/#m3407d88a81289c7f94cc1e09bf27c3b1229ce87e

It leads to AVX and AVX2 instruction sets not being used for OpenZFS encryption and slowing things down for modern CPUs. You can check if "cat /sys/module/icp/parameters/icp_gcm_impl" includes AVX if your CPU has it (i.e. "cat /proc/cpuinfo" contains AVX.

An upstream patch has been included in kernel 6.1.50 (look for "x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4" in https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.50), but not for any upstream 6.2 kernel. The upstream commit is 2c66ca3949dc701da7f4c9407f2140ae425683a5.

Alas, since PVE 8 kernels are based on 6.2.16, this has not yet landed here. Can we expect this to be included in the near future pve-kernel-6.2?

P.S.: 6.2.16-10 and 6.2.16-12 are affected, whereas 6.2.16-6 (which really is 6.2.16-5) is not.

 

[Stoiko Ivanov]

You probably already saw that - but for the people only reading here and not on github/openzfs

the next version of Proxmox kernels (6.2.16-14) will contain the cherry-picked fix (already confirmed to fix the regression, but currently still in internal testing)

https://github.com/openzfs/zfs/issues/15223

 

[meyergru]

Yup, saw it. Thank you!