On Mon, 18 Dec 2023 16:57:37 +0000 George Hartley hartley_george@proton.me wrote:
Please read the code, not only Tor's code, but also OpenSSL's code.
Yes, AES is not displayed as engine itself, however, it still does not seem to use aes-ni instructions unless told to initialize engines via the code I deducted.
If this proves anything, I ran an Exit Relay in 2013 before my host forced me to switch to a Guard one because of excessive abuse, and even though my VM supported aesni instructions, OpenSSL would not actually use them until I added the config parameter, the peak CPU usage (single core) dropped from 88-95% avg to around 23% avg once I added it.
Maybe some developer can comment on the deeper workings of OpenSSL and Tor, and terminology might get weird between the Tor and OpenSSL (both very big code-bases).
Also, regarding the e-mail, I post regularly on here and tor-dev, so no worries :)
Let's just end this pointless discussion here, I will do some more research the next few days because I actually want to know, but to me everything seems pretty clear (from the code I've YET SEEN, not the one I DID NOT YET SEE).
My main point though: it would be an insanity and beyond belief, if Tor would not use the universally-available AES-NI instruction sets on modern CPUs, unless the user somehow knows to find and set a non-default config option.
Moreover, just recently in my experience leading to the message "[tor-relays] Worse throughput with 0.4.8.x, on a slow CPU"[1] I tried ALL sorts of the possible tweaks I could find, which included adding "HardwareAccel 1" to the config (it was absent before), and it made no difference in CPU use.
[1] https://lists.torproject.org/pipermail/tor-relays/2023-December/021407.html