Re: Linking coreutils against OpenSSL

[Guillem Jover]

Hi!

On Thu, 2023-11-09 at 17:38:05 -0500, Benjamin Barenblat wrote:
> coreutils can link against OpenSSL, yielding a substantial speed boost
> in sha256sum etc. For many years, this was inadvisable due to license
> conflicts. However, as of bookworm, coreutils requires GPL-3+ and
> OpenSSL is Apache-2.0, so I believe all license compatibility questions
> have been resolved.
> 
> What would you think about having coreutils Depend on libssl3? This
> would make the libssl3 package essential, which is potentially
> undesirable, but it also has the potential for serious user time savings
> (on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
> coreutils’ internal implementation).

This increases the pseudo-essential-set by around 6 MiB, to increase
performance for the digest tools, which do not seem like something
that gets run too often? So the trade-off here does not seem worth it
to me TBH.

The other thing is that the OpenSSL support seems to be coming from
gnulib, which is using the deprecated low-level digest functions from
OpenSSL (supposedly to be removed in the future), and where the
supported high-level ones have the problem (AFAIUI) of being affected
by the OpenSSL policies (such as FIPS or other config or similar) which
could then render those commands unusable once and if they switch API.
This is one of the reasons for why I switched dpkg from its embedded
digest functions to use libmd (currently pseudo-essential) instead one
of the other crypto libs. Of course libmd does not currently contain
optimized functions, but I'd be happy to take patches for that, or might
eventually look into adding support to it to use the Linux Kernel Crypto
API or similar.

Thanks,
Guillem

Re: Linking coreutils against OpenSSL

[Emanuele Rocca]

On 2023-11-11 09:32, Julian Andres Klode wrote:
> While libraries are dependencies of Essential packages, they
> themselves are distinctively not Essential, they are pseudo-essential.

Fair enough, but still the general point of being very careful about
what we make (pseudo-)essential is valid and important I think. We
should only make the set bigger if the benefits are absolutely clear,
and I argue that improving the performance of /usr/bin/sha256sum is not
a good example.

Re: Linking coreutils against OpenSSL

[Pierre-Elliott Bécue]

Luca Boccassi  wrote on 10/11/2023 at 16:08:30+0100:

> On Fri, 10 Nov 2023 at 14:22, Pierre-Elliott Bécue  wrote:
>>
>> Luca Boccassi  wrote on 10/11/2023 at 15:00:24+0100:
>>
>> > On Fri, 10 Nov 2023 at 13:45, Bjørn Mork  wrote:
>> >>
>> >> Luca Boccassi  writes:
>> >>
>> >> > If we want to start nitpicking, then let's be exact: 0.61% of popcon.
>> >> > Whether that qualifies as "plenty" we'll leave as an exercise for the
>> >> > readers.
>> >>
>> >> I wonder if this sort of arrogant "don't care about minorities" attitude
>> >> will ever stop?  Was sort of hoping that things would quiet down when
>> >> everyone just gave up on the systemd and usr-merge crazyness. But it
>> >> seems the bullies continue on and on and on and on.
>> >>
>> >> I guess those 0.61% are run bt the most valuable Debian users out there.
>> >> I'm sorry to not be one of them, but that's the way things have become.
>> >> Not by choice.
>> >
>> > Having a 5x performance improvement in core utilities at zero cost for
>> > 99.39% of users and at the cost of an extra library that is already
>> > widely used for 0.61% --> bullying. Noted.
>>
>> The problem is not the argument but clearly the way you state it, which
>> is quite coherent with your way of answering most of the time.
>>
>> I know it's not mandatory, but a bit of empathy, a bit of caring and a
>> bit of "just because I can act bluntly with a pinch of contempt doesn't
>> mean I should" would be really appreciable.
>
> You know what else would be really appreciable? Not starting the
> usual, tired, old flamewar, with heavily emotionally charged language
> ("bullying", "contempt", "lack of empathy", "lack of caring", etc),
> when talking about something as trivial and harmless as installing a
> widely used and common library to get a 5x performance boost out of
> the core system. How about we do that instead? Because, just in case
> perspective was already lost, this is what started the tirade:
>
>> This sounds great. systemd also uses OpenSSL for various things, so
>> libssl3 is pretty much a given on any bootable installation anyway
>> already.
>
> IE: a supportive and appreciative comment, followed by a relevant and
> objective piece of information. Where's the bullying?

I'd like to extend an apology to Luca, my mail was intended to be
private, I used the wrong shortcut to reply. I'll therefore reply to
this second mail privately as it was first intended.

Regards,

-- 
PEB


signature.asc
Description: PGP signature

Re: Linking coreutils against OpenSSL

[Florian Weimer]

* Theodore Ts'o:

> If you can get upstream a patch so that coreutils could try to dlopen
> OpenSSL and use it if it is available, but skip it if it is not, that
> might be one way to avoid OpenSSL going into essential.  The challenge
> is that OpenSSL is not known for its ability to maintain a stable ABI,
> but if we only care about supporting a specific version of OpenSSL
> (the one which is shipped with coreutils) and given that the fallback
> is a slower sha256sum, which IMHO is *not* a disaster, perhaps it's
> doable?

I think the OpenSSL 3 ABI should be stable for quite some time.  It's
probably not even necessary to use dlvsym instead of dlsym because I
think OpenSSL upstream just adds new functions if they need new
behaviors.

Re: Linking coreutils against OpenSSL

[Theodore Ts'o]

On Sat, Nov 11, 2023 at 09:32:46AM +0200, Julian Andres Klode wrote:
> 
> WRT dlopen(), this is never an appealing solution because you do not
> get any type-checking, you have to make sourceful changes for an soname
> bump. It is an interface you can use for loading plugins (that is, you
> should be in control of what the interface is that you are loading from
> the library object), but it's not really usable for stuff that is outside
> of your control.

There are some caveats, yes, but I *have* made it work.  For example,
see [1].  This allows debugfs in e2fsprogs to use GNU readline (or
BSD's libedit), which is *super* convenient, without requiring forcing
GNU readline to be placed in emergency boot floppies or being added to
essential.

[1] https://github.com/tytso/e2fsprogs/blob/master/lib/ss/get_readline.c

For things which are optional, if there is a soname bump, things won't
stop working.  In the case of coreutils and OpenSSL, sha1sum will just
git a bit slower --- in fact, the speeds that it has today, which has
never been a problem for me, FWIW.  And yes, to add accomodate a
soname bump you might need to make some sourceful changes, but it's
often not that hard to do.  At least for the libreadline functionality
used by debugfs, it's mainly doing a bit of testing, concluding "nope,
the ABI didn't change for the functions that libss cares about", and
just adding the additional SONAME to:

#define DEFAULT_LIBPATH 
"libreadline.so.8:libreadline.so.7:libreadline.so.6:libreadline.so.5:libreadline.so.4:libreadline.so:libedit.so.2:libedit.so:libeditline.so.0:libeditline.so"

:-)

As another example, I have a pending patch to e2fsprogs that I will
shortly integrating which allows mke2fs to optionally use libarchive,
so that mke2fs -d can take a tarball, but again, without expanding the
dependencies for e2fsprogs.  It's not *that* bad.

- Ted

Re: Linking coreutils against OpenSSL

[Andreas Metzler]

On 2023-11-11 Michael Stone  wrote:
> On Sat, Nov 11, 2023 at 11:50:31AM +0100, Andreas Metzler wrote:
> > you seem to have missed/deleted the paragraph where Ansgar suggested how
> > to do this *without* tradeoff. ("explicitly disable/enable build options
> > per arch")

> No, I didn't. That was in my original email and is one of the possibilities
> for future versions depending on the feedback from people testing to guide
> whether it makes sense to make this per-arch rather than global.

Hm. Would you mind explaining why you chose to not implement this but
instead only used a per-arch build-dep? (With the downside of wrong
builds on dirty chroots and slent breakage when a respective feature
is not found)?

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

Re: Linking coreutils against OpenSSL

[Michael Stone]

On Sat, Nov 11, 2023 at 11:50:31AM +0100, Andreas Metzler wrote:

you seem to have missed/deleted the paragraph where Ansgar suggested how
to do this *without* tradeoff. ("explicitly disable/enable build options
per arch")


No, I didn't. That was in my original email and is one of the 
possibilities for future versions depending on the feedback from people 
testing to guide whether it makes sense to make this per-arch rather 
than global.

Re: Linking coreutils against OpenSSL

[Andreas Metzler]

On 2023-11-10 Michael Stone  wrote:
> On Fri, Nov 10, 2023 at 03:10:42PM +0100, Ansgar wrote:
>> Please avoid producing different results depending on the build
>> environment. That just results in non-reproducible issues in unclean
>> environments (suddenly different dependencies, different features,
>> ...).

> I think that is an acceptable tradeoff at this time; the only difference
> will be the dependencies, but that is the intent. Automated buildd packages
> should be stable. Based on further experience and feedback, one of the other
> options could be chosen instead. (I'm particularly interested in hearing
> from people who compare the different builds on arm, as that is where
> there's been an assertion of a performance regression.)

Hello,

you seem to have missed/deleted the paragraph where Ansgar suggested how
to do this *without* tradeoff. ("explicitly disable/enable build options
per arch")

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
diff -Nru coreutils-9.4/debian/rules coreutils-9.4/debian/rules
--- coreutils-9.4/debian/rules	2023-11-10 14:31:21.0 +0100
+++ coreutils-9.4/debian/rules	2023-11-11 11:37:05.0 +0100
@@ -13,13 +13,20 @@
   DEB_CFLAGS_MAINT_APPEND += -mieee
 endif
 
+ifeq ($(DEB_TARGET_MULTIARCH),x86_64-linux-gnu)
+opensslconf = --with-openssl=auto-gpl-compat
+else
+opensslconf = --with-openssl=no
+endif
+
 BIN_PROGS = cat chgrp chmod chown cp date dd df dir echo false ln ls mkdir \
 	mknod mv pwd readlink rm rmdir vdir sleep stty sync touch true uname \
 	mktemp
 d=debian/coreutils
 
 override_dh_auto_configure:
-	dh_auto_configure -- --enable-install-program=arch --with-openssl=auto-gpl-compat
+	dh_auto_configure -- --enable-install-program=arch \
+		$(opensslconf)
 
 %:
 	dh $@ --with autoreconf

Re: Linking coreutils against OpenSSL

[Julian Andres Klode]

On Sat, Nov 11, 2023 at 06:52:50AM +0100, Emanuele Rocca wrote:
> Hi,
> 
> On 2023-11-09 07:31, Theodore Ts'o wrote:
> > If you can get upstream a patch so that coreutils could try to dlopen
> > OpenSSL and use it if it is available, but skip it if it is not, that
> > might be one way to avoid OpenSSL going into essential.  The challenge
> > is that OpenSSL is not known for its ability to maintain a stable ABI,
> > but if we only care about supporting a specific version of OpenSSL
> > (the one which is shipped with coreutils) and given that the fallback
> > is a slower sha256sum, which IMHO is *not* a disaster, perhaps it's
> > doable?
> 
> This idea seems appealing to me.
> 

WRT dlopen(), this is never an appealing solution because you do not
get any type-checking, you have to make sourceful changes for an soname
bump. It is an interface you can use for loading plugins (that is, you
should be in control of what the interface is that you are loading from
the library object), but it's not really usable for stuff that is outside
of your control.


> In terms of costs vs benefits, adding OpenSSL to essential has a fairly
> high cost for unclear benefits.
> 
> Costs, from Policy 3.8 [1]:
> 
> "Maintainers should take great care in adding any programs, interfaces,
>  or functionality to essential packages. Packages may assume that
>  functionality provided by essential packages is always available without
>  declaring explicit dependencies, which means that removing functionality
>  from the Essential set is very difficult and is almost never done. Any
>  capability added to an essential package therefore creates an obligation
>  to support that capability as part of the Essential set in perpetuity."
> 
> Can we quantify the benefits? Not in terms of artificial benchmarks, but
> real use cases if possible.
> 
> [1] https://www.debian.org/doc/debian-policy/ch-binary.html#essential-packages

I do not think this is a reasonable argument to make. While libraries
are dependencies of Essential packages, they themselves are
distinctively not Essential, they are pseudo-essential.

The rules here don't apply to pseudo-essential library packages because
quite frankly, they would have to apply to the specific soname because
that is the provided interface.

But since libraries frequently change their soname, they can't be 
considered subject to essential clauses because every soname bump,
you'd be removing a package from the essential set and adding a new
one to it.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en

Re: Linking coreutils against OpenSSL

[Emanuele Rocca]

Hi,

On 2023-11-09 07:31, Theodore Ts'o wrote:
> If you can get upstream a patch so that coreutils could try to dlopen
> OpenSSL and use it if it is available, but skip it if it is not, that
> might be one way to avoid OpenSSL going into essential.  The challenge
> is that OpenSSL is not known for its ability to maintain a stable ABI,
> but if we only care about supporting a specific version of OpenSSL
> (the one which is shipped with coreutils) and given that the fallback
> is a slower sha256sum, which IMHO is *not* a disaster, perhaps it's
> doable?

This idea seems appealing to me.

In terms of costs vs benefits, adding OpenSSL to essential has a fairly
high cost for unclear benefits.

Costs, from Policy 3.8 [1]:

"Maintainers should take great care in adding any programs, interfaces,
 or functionality to essential packages. Packages may assume that
 functionality provided by essential packages is always available without
 declaring explicit dependencies, which means that removing functionality
 from the Essential set is very difficult and is almost never done. Any
 capability added to an essential package therefore creates an obligation
 to support that capability as part of the Essential set in perpetuity."

Can we quantify the benefits? Not in terms of artificial benchmarks, but
real use cases if possible.

[1] https://www.debian.org/doc/debian-policy/ch-binary.html#essential-packages

Re: Linking coreutils against OpenSSL

[Theodore Ts'o]

On Thu, Nov 09, 2023 at 11:13:51PM +, Luca Boccassi wrote:
> > Alternatively, what would you think about making sha256sum etc.
> > divertible and providing implementations both with and without the
> > OpenSSL dependency?
> 
> Please, no, no more diversion/alternatives/shenanigans, it's just huge
> and convoluted complications for no real gain.

Agreed, let's not.

If you can get upstream a patch so that coreutils could try to dlopen
OpenSSL and use it if it is available, but skip it if it is not, that
might be one way to avoid OpenSSL going into essential.  The challenge
is that OpenSSL is not known for its ability to maintain a stable ABI,
but if we only care about supporting a specific version of OpenSSL
(the one which is shipped with coreutils) and given that the fallback
is a slower sha256sum, which IMHO is *not* a disaster, perhaps it's
doable?

- Ted

Re: Linking coreutils against OpenSSL

[Diederik de Haas]

https://lists.debian.org/debian-arm/2021/06/msg1.html is the start of a 
thread about support for encryption in HW, which AFAIK uses the Crypto API.
That's available on a number of arm64 devices.

It may be useful to specify/detail a test so that people can (uniformly) test 
the performance on their devices (on various architectures).
I did an OpenSSH/OpenSSL test, but I actually don't know if those were good 
tests.

Still far from being an expert, but I was recently involved with testing a 
Crypto implementation for rk3566 (based) devices and noticed the results were 
rather mixed. It was much slower with 16 bytes, but significantly faster with 
16384 bytes and the 'turnover' point was around 1024 bytes.
In the discussion that followed, the point was made that HW-based Crypto would 
be much energy efficient and it would free up the CPU to do other things.
So that could also be a factor that could be considered.

Personally I don't have a problem with linking to OpenSSL, but I'm not a 
subject matter expert.

HTH

PS: The 'argument' wrt a certain package of Priority: important (not 
Essential) makes my blood boil, so this will likely be my only contribution to 
this thread.

signature.asc
Description: This is a digitally signed message part.

Re: Linking coreutils against OpenSSL

[Simon Richter]

Hi,

On 11/11/23 03:34, Julian Andres Klode wrote:


1) we use libgcrypt in libapt-pkg, which needs global initialization.
Libraries should not be doing the initialization, we're basically
misusing it.


I remember that KiCad had problems with OpenSSL for this exact reason -- 
we were using libcurl from multiple threads from different plugins, and 
OpenSSL required us to initialize some locking mechanism from the KiCad 
main program so plugins could operate safely, breaking the abstraction.


For this reason, KiCad had a direct dependency on OpenSSL for years, 
even if libcurl was provided by libcurl-gnutls -- can't know whether 
libcurl pulls in openssl, so we need to initialize it.


We removed that code a while ago after the offending plugins were 
removed, and it seems the OpenSSL API has removed the 
CRYPTO_set_locking_functions call since then so there is a good chance 
that they've cleaned up a bit.


There are still some globals, but mostly for malloc replacements, so I 
guess these can be ignored.


   Simon

Re: Linking coreutils against OpenSSL

[Julian Andres Klode]

On Sat, Nov 11, 2023 at 12:55:16AM +0900, Simon Richter wrote:
> Hi,
> 
> On 11/10/23 21:07, Stephan Verbücheln wrote:
> 
> > In my opinion, this is yet another reason to use a proper cryptography
> > library (openssl, gnutls or gcrypt) instead of a custom implementation
> > for this kind of algorithm.
> 
> Yes and no. The reason several of our core tools bring their own functions
> is to specifically reduce the Essential package set. Hence this thread: we
> need to weigh the benefits against the drawbacks here.
> 
> In coreutils' case, I think the benefits are kind of qualified by the number
> of direct users. Basically, few people have use cases that require them to
> routinely verify checksums with the tools from coreutils[1].
> 
> The main benefit of this move is that container images will shrink because
> libssl becomes part of the base layer, so fewer copies of it will be kept in
> stacked layers. I would disregard this as a benefit, otherwise we could make
> a case that more packages should be Essential.
> 
> The actual drawbacks for users are minimal too:
>  - systemd pulls it in anyway
>  - apt will pull it in on the remaining systems
> 
> I don't quite see the appeal of OpenSSL as a dependency for apt either. I
> have 2 Gbps Internet at home, and a laptop I bought in 2012, and apt is
> never CPU bound. I could see the benefit of gzip offloading into the kernel
> crypto engine, that would be noticeable to me and at least two other people.

It's not a performance issue for APT, but:

1) we use libgcrypt in libapt-pkg, which needs global initialization.
   Libraries should not be doing the initialization, we're basically
   misusing it.

   The reason we use a library is to not have to vendorize the hashing
   algorithms.

   But more importantly, OpenSSL is the right choice because:

2) We use GnuTLS for the https support and that has various little
   incompatibilities that break it with some servers, certificates,
   or oppressive government firewalls, causing people not to be able
   to download their updates via https.

   Hence want to replace that with OpenSSL


-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en

Re: Linking coreutils against OpenSSL

[Simon Richter]

Hi,

On 11/10/23 21:07, Stephan Verbücheln wrote:


In my opinion, this is yet another reason to use a proper cryptography
library (openssl, gnutls or gcrypt) instead of a custom implementation
for this kind of algorithm.


Yes and no. The reason several of our core tools bring their own 
functions is to specifically reduce the Essential package set. Hence 
this thread: we need to weigh the benefits against the drawbacks here.


In coreutils' case, I think the benefits are kind of qualified by the 
number of direct users. Basically, few people have use cases that 
require them to routinely verify checksums with the tools from coreutils[1].


The main benefit of this move is that container images will shrink 
because libssl becomes part of the base layer, so fewer copies of it 
will be kept in stacked layers. I would disregard this as a benefit, 
otherwise we could make a case that more packages should be Essential.


The actual drawbacks for users are minimal too:
 - systemd pulls it in anyway
 - apt will pull it in on the remaining systems

I don't quite see the appeal of OpenSSL as a dependency for apt either. 
I have 2 Gbps Internet at home, and a laptop I bought in 2012, and apt 
is never CPU bound. I could see the benefit of gzip offloading into the 
kernel crypto engine, that would be noticeable to me and at least two 
other people.


We already have two other such libraries in the quasi-essential set: 
libcrypt, and the Linux kernel.


libcrypt:
 + already in the quasi-essential set (no extra space)
 - still slow

kernel:
 + No extra space needed
 + Support for offload engines that use privileged access
 - Invisible dependency

OpenSSL:
 + Handwritten optimized assembler functions for a set of architectures
 - Horrible code

The optimized assembler function brings a massive speedup on amd64, 
which is what triggered this thread. The ARM NEON assembler code gives a 
moderate speedup for hashing compared to autovectorized generic code, 
but in general vector units are the wrong tool for cryptographic hashes, 
so I'm not surprised it isn't an order of magnitude.



Over time, when these libraries add support for cryptography
acceleration instructions for more architectures, all programs will
benefit from it.


Yes, but crypto acceleration in instruction form is difficult to 
implement in RISC architectures -- which is why these usually have 
separate DMA capable devices, and work queues managed in the kernel.



I would expect that many rich ARM SoCs for phones, laptops and servers
already have something and that openssl supports it already. What
device did you run your benchmark on?


I used a Zynq SoC, and just tested a random file I had that fit into 
memory, running sha256sum and kcapi-dgst -c sha256 five times each. 
OpenSSL is a bit faster (going from 1 minute to 45 seconds), but in a 
real world application I'd give this an offload engine on the FPGA side 
if it was a hot path, and ignore it if it was not.


In summary, I don't believe this change has any measurable effect beyond 
growing the Essential set and improving artificial benchmarks, so I'm 
pretty lukewarm about this.


   Simon

[1] "debootstrap george" is an outlier and should not have been counted

Re: Linking coreutils against OpenSSL

[Luca Boccassi]

On Fri, 10 Nov 2023 at 14:22, Pierre-Elliott Bécue  wrote:
>
> Luca Boccassi  wrote on 10/11/2023 at 15:00:24+0100:
>
> > On Fri, 10 Nov 2023 at 13:45, Bjørn Mork  wrote:
> >>
> >> Luca Boccassi  writes:
> >>
> >> > If we want to start nitpicking, then let's be exact: 0.61% of popcon.
> >> > Whether that qualifies as "plenty" we'll leave as an exercise for the
> >> > readers.
> >>
> >> I wonder if this sort of arrogant "don't care about minorities" attitude
> >> will ever stop?  Was sort of hoping that things would quiet down when
> >> everyone just gave up on the systemd and usr-merge crazyness. But it
> >> seems the bullies continue on and on and on and on.
> >>
> >> I guess those 0.61% are run bt the most valuable Debian users out there.
> >> I'm sorry to not be one of them, but that's the way things have become.
> >> Not by choice.
> >
> > Having a 5x performance improvement in core utilities at zero cost for
> > 99.39% of users and at the cost of an extra library that is already
> > widely used for 0.61% --> bullying. Noted.
>
> The problem is not the argument but clearly the way you state it, which
> is quite coherent with your way of answering most of the time.
>
> I know it's not mandatory, but a bit of empathy, a bit of caring and a
> bit of "just because I can act bluntly with a pinch of contempt doesn't
> mean I should" would be really appreciable.

You know what else would be really appreciable? Not starting the
usual, tired, old flamewar, with heavily emotionally charged language
("bullying", "contempt", "lack of empathy", "lack of caring", etc),
when talking about something as trivial and harmless as installing a
widely used and common library to get a 5x performance boost out of
the core system. How about we do that instead? Because, just in case
perspective was already lost, this is what started the tirade:

> This sounds great. systemd also uses OpenSSL for various things, so
> libssl3 is pretty much a given on any bootable installation anyway
> already.

IE: a supportive and appreciative comment, followed by a relevant and
objective piece of information. Where's the bullying?

Re: Linking coreutils against OpenSSL

[Michael Stone]

On Fri, Nov 10, 2023 at 03:10:42PM +0100, Ansgar wrote:

Please avoid producing different results depending on the build
environment. That just results in non-reproducible issues in unclean
environments (suddenly different dependencies, different features,
...).


I think that is an acceptable tradeoff at this time; the only difference 
will be the dependencies, but that is the intent. Automated buildd 
packages should be stable. Based on further experience and feedback, one 
of the other options could be chosen instead. (I'm particularly 
interested in hearing from people who compare the different builds on 
arm, as that is where there's been an assertion of a performance 
regression.)

Re: Linking coreutils against OpenSSL

[Pierre-Elliott Bécue]

Luca Boccassi  wrote on 10/11/2023 at 15:00:24+0100:

> On Fri, 10 Nov 2023 at 13:45, Bjørn Mork  wrote:
>>
>> Luca Boccassi  writes:
>>
>> > If we want to start nitpicking, then let's be exact: 0.61% of popcon.
>> > Whether that qualifies as "plenty" we'll leave as an exercise for the
>> > readers.
>>
>> I wonder if this sort of arrogant "don't care about minorities" attitude
>> will ever stop?  Was sort of hoping that things would quiet down when
>> everyone just gave up on the systemd and usr-merge crazyness. But it
>> seems the bullies continue on and on and on and on.
>>
>> I guess those 0.61% are run bt the most valuable Debian users out there.
>> I'm sorry to not be one of them, but that's the way things have become.
>> Not by choice.
>
> Having a 5x performance improvement in core utilities at zero cost for
> 99.39% of users and at the cost of an extra library that is already
> widely used for 0.61% --> bullying. Noted.

The problem is not the argument but clearly the way you state it, which
is quite coherent with your way of answering most of the time.

I know it's not mandatory, but a bit of empathy, a bit of caring and a
bit of "just because I can act bluntly with a pinch of contempt doesn't
mean I should" would be really appreciable.

-- 
PEB


signature.asc
Description: PGP signature

Re: Linking coreutils against OpenSSL

[Luca Boccassi]

On Fri, 10 Nov 2023 at 13:48, Michael Stone  wrote:
>
> On Fri, Nov 10, 2023 at 10:38:13AM +, Luca Boccassi wrote:
> >Per-architecture dependencies are possible though, so maybe starting
> >to add the libssl dependency only on amd64 is a good starting point,
> >and then users of other architectures can request to be added too if
> >it is beneficial for them.
>
> I haven't seen any objections to the basic idea, so I'm starting here:
> coreutils 9.4-2 will link to libcrypto if there's a gpl-compatible
> version available at build time, but I've added the build-dependency as
> linux-amd64 only for now. That should make it fairly straightforward for
> people to control the linking on other architectures by controlling
> their build environment. Going forward, depending on feedback, I can
> roll this back, expand the build-dep, and/or make the configure option
> also depend on the arch.

Very nice, thank you for this work!

Re: Linking coreutils against OpenSSL

[Ansgar]

On Fri, 2023-11-10 at 08:48 -0500, Michael Stone wrote:
> On Fri, Nov 10, 2023 at 10:38:13AM +, Luca Boccassi wrote:
> > Per-architecture dependencies are possible though, so maybe starting
> > to add the libssl dependency only on amd64 is a good starting point,
> > and then users of other architectures can request to be added too if
> > it is beneficial for them.
> 
> I haven't seen any objections to the basic idea, so I'm starting here: 
> coreutils 9.4-2 will link to libcrypto if there's a gpl-compatible 
> version available at build time, but I've added the build-dependency as 
> linux-amd64 only for now. That should make it fairly straightforward for 
> people to control the linking on other architectures by controlling 
> their build environment. Going forward, depending on feedback, I can 
> roll this back, expand the build-dep, and/or make the configure option 
> also depend on the arch.

Please avoid producing different results depending on the build
environment. That just results in non-reproducible issues in unclean
environments (suddenly different dependencies, different features,
...).

Please consider to just use openssl everywhere or also explicitly
disable/enable build options per arch. (Personally I would in this case
probably just enable openssl everywhere and recommend people to improve
openssl in case it is slower than the built-in implementation; openssl
is probably use widely enough to warrant that.)

Ansgar

Re: Linking coreutils against OpenSSL

[Ansgar]

Hi,

On Fri, 2023-11-10 at 14:45 +0100, Bjørn Mork wrote:
> I guess those 0.61% are run bt the most valuable Debian users out
> there. I'm sorry to not be one of them, but that's the way things
> have become.

Do you have any data to back up this claim?  Or is it just a totally
made up guess and one could just as well claim that those are the least
valuable 0.61%?

Ansgar

Re: Linking coreutils against OpenSSL

[Luca Boccassi]

On Fri, 10 Nov 2023 at 13:45, Bjørn Mork  wrote:
>
> Luca Boccassi  writes:
>
> > If we want to start nitpicking, then let's be exact: 0.61% of popcon.
> > Whether that qualifies as "plenty" we'll leave as an exercise for the
> > readers.
>
> I wonder if this sort of arrogant "don't care about minorities" attitude
> will ever stop?  Was sort of hoping that things would quiet down when
> everyone just gave up on the systemd and usr-merge crazyness. But it
> seems the bullies continue on and on and on and on.
>
> I guess those 0.61% are run bt the most valuable Debian users out there.
> I'm sorry to not be one of them, but that's the way things have become.
> Not by choice.

Having a 5x performance improvement in core utilities at zero cost for
99.39% of users and at the cost of an extra library that is already
widely used for 0.61% --> bullying. Noted.

Re: Linking coreutils against OpenSSL

[Michael Stone]

On Fri, Nov 10, 2023 at 10:38:13AM +, Luca Boccassi wrote:

Per-architecture dependencies are possible though, so maybe starting
to add the libssl dependency only on amd64 is a good starting point,
and then users of other architectures can request to be added too if
it is beneficial for them.


I haven't seen any objections to the basic idea, so I'm starting here: 
coreutils 9.4-2 will link to libcrypto if there's a gpl-compatible 
version available at build time, but I've added the build-dependency as 
linux-amd64 only for now. That should make it fairly straightforward for 
people to control the linking on other architectures by controlling 
their build environment. Going forward, depending on feedback, I can 
roll this back, expand the build-dep, and/or make the configure option 
also depend on the arch.

Re: Linking coreutils against OpenSSL

[Bjørn Mork]

Luca Boccassi  writes:

> If we want to start nitpicking, then let's be exact: 0.61% of popcon.
> Whether that qualifies as "plenty" we'll leave as an exercise for the
> readers.

I wonder if this sort of arrogant "don't care about minorities" attitude
will ever stop?  Was sort of hoping that things would quiet down when
everyone just gave up on the systemd and usr-merge crazyness. But it
seems the bullies continue on and on and on and on.

I guess those 0.61% are run bt the most valuable Debian users out there.
I'm sorry to not be one of them, but that's the way things have become.
Not by choice.


Bjørn

Re: Linking coreutils against OpenSSL

[Luca Boccassi]

On Fri, 10 Nov 2023 at 11:54, Matthew Vernon  wrote:
>
> Luca Boccassi  writes:
>
> > On Thu, 9 Nov 2023 at 22:54, Benjamin Barenblat  wrote:
>
> >> What would you think about having coreutils Depend on libssl3? This
> >> would make the libssl3 package essential, which is potentially
> >> undesirable, but it also has the potential for serious user time savings
> >> (on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
> >> coreutils’ internal implementation).
> >
> > This sounds great. systemd also uses OpenSSL for various things, so
> > libssl3 is pretty much a given on any bootable installation anyway
> > already.
>
> I have no particular opinion on the proposal to make coreutils Depend
> on libssl3; but there are plenty of bootable Debian systems without
> systemd, so I'd like to gently push back on the idea that the only
> bootable Debian systems are those using systemd as init.
>
> Thanks,
>
> Matthew
> [commenting here, but I see at least one repetition of the claim in the
> thread]

If we want to start nitpicking, then let's be exact: 0.61% of popcon.
Whether that qualifies as "plenty" we'll leave as an exercise for the
readers.

Re: Linking coreutils against OpenSSL

[Stephan Verbücheln]

In my opinion, this is yet another reason to use a proper cryptography
library (openssl, gnutls or gcrypt) instead of a custom implementation
for this kind of algorithm.

Over time, when these libraries add support for cryptography
acceleration instructions for more architectures, all programs will
benefit from it.

I would expect that many rich ARM SoCs for phones, laptops and servers
already have something and that openssl supports it already. What
device did you run your benchmark on? 

Regards
Stephan


signature.asc
Description: This is a digitally signed message part

Re: Linking coreutils against OpenSSL

[Matthew Vernon]

Luca Boccassi  writes:

> On Thu, 9 Nov 2023 at 22:54, Benjamin Barenblat  wrote:

>> What would you think about having coreutils Depend on libssl3? This
>> would make the libssl3 package essential, which is potentially
>> undesirable, but it also has the potential for serious user time savings
>> (on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
>> coreutils’ internal implementation).
>
> This sounds great. systemd also uses OpenSSL for various things, so
> libssl3 is pretty much a given on any bootable installation anyway
> already.

I have no particular opinion on the proposal to make coreutils Depend
on libssl3; but there are plenty of bootable Debian systems without
systemd, so I'd like to gently push back on the idea that the only
bootable Debian systems are those using systemd as init.

Thanks,

Matthew
[commenting here, but I see at least one repetition of the claim in the
thread] 
-- 
"At least you know where you are with Microsoft."
"True. I just wish I'd brought a paddle."
http://www.debian.org

Re: Linking coreutils against OpenSSL

[Andrew M.A. Cater]

On Fri, Nov 10, 2023 at 10:38:13AM +, Luca Boccassi wrote:
> On Fri, 10 Nov 2023 at 02:26, Simon Richter  wrote:
> >
> > Hi,
> >
> > > What would you think about having coreutils Depend on libssl3? This
> > > would make the libssl3 package essential, which is potentially
> > > undesirable, but it also has the potential for serious user time savings
> > > (on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
> > > coreutils’ internal implementation).
> >
> > That is only on amd64 though.
> >
> > On ARM and riscv64, OpenSSL is slightly slower than coreutils'
> > sha256sum, so this would introduce an additional dependency and degrade
> > performance. The best choice there is the kernel crypto API, which knows
> > about offload hardware and special CPU instructions, both of which are
> > common.
> 
> Per-architecture dependencies are possible though, so maybe starting
> to add the libssl dependency only on amd64 is a good starting point,
> and then users of other architectures can request to be added too if
> it is beneficial for them.
>

Per architecture does cause problems if we end up with a two tier system
where some architectures can never catch up or if we have users who assume
that Debian will work similarly on every architecture.

It may also introduce code complexity which is undesirable in the longer term.

Just my 0.02 - I have no particular viewpoint in the best course of action
overall.

Andy
[amaca...@debian.org]

Re: Linking coreutils against OpenSSL

[Luca Boccassi]

On Fri, 10 Nov 2023 at 02:26, Simon Richter  wrote:
>
> Hi,
>
> > What would you think about having coreutils Depend on libssl3? This
> > would make the libssl3 package essential, which is potentially
> > undesirable, but it also has the potential for serious user time savings
> > (on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
> > coreutils’ internal implementation).
>
> That is only on amd64 though.
>
> On ARM and riscv64, OpenSSL is slightly slower than coreutils'
> sha256sum, so this would introduce an additional dependency and degrade
> performance. The best choice there is the kernel crypto API, which knows
> about offload hardware and special CPU instructions, both of which are
> common.

Per-architecture dependencies are possible though, so maybe starting
to add the libssl dependency only on amd64 is a good starting point,
and then users of other architectures can request to be added too if
it is beneficial for them.

Re: Linking coreutils against OpenSSL

[Julian Andres Klode]

On Thu, Nov 09, 2023 at 05:38:05PM -0500, Benjamin Barenblat wrote:
> Dear Debian folks,
> 
> coreutils can link against OpenSSL, yielding a substantial speed boost
> in sha256sum etc. For many years, this was inadvisable due to license
> conflicts. However, as of bookworm, coreutils requires GPL-3+ and
> OpenSSL is Apache-2.0, so I believe all license compatibility questions
> have been resolved.
> 
> What would you think about having coreutils Depend on libssl3? This
> would make the libssl3 package essential, which is potentially
> undesirable, but it also has the potential for serious user time savings
> (on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
> coreutils’ internal implementation).

I plan to switch APT to OpenSSL for trixie too, so this is not a huge
concern to me. It was rightfully pointed out that systemd already uses
it, so it's already on bootable systems, with APT using it, it will also
be around in chroots.

> 
> Alternatively, what would you think about making sha256sum etc.
> divertible and providing implementations both with and without the
> OpenSSL dependency?

Oh please no. There should be a single build of coreutils. There
is no point in doing multiple ones.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en

Re: Linking coreutils against OpenSSL

[Julian Andres Klode]

On Fri, Nov 10, 2023 at 11:25:34AM +0900, Simon Richter wrote:
> Hi,
> 
> > What would you think about having coreutils Depend on libssl3? This
> > would make the libssl3 package essential, which is potentially
> > undesirable, but it also has the potential for serious user time savings
> > (on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
> > coreutils’ internal implementation).
> 
> That is only on amd64 though.
> 
> On ARM and riscv64, OpenSSL is slightly slower than coreutils' sha256sum, so
> this would introduce an additional dependency and degrade performance. The
> best choice there is the kernel crypto API, which knows about offload
> hardware and special CPU instructions, both of which are common.

OpenSSL should have the same hardware acceleration features as the
kernel crypto API, without the socket overhead.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en

Re: Linking coreutils against OpenSSL

[Tobias Heider]

On Thu, Nov 09, 2023 at 11:13:51PM +, Luca Boccassi wrote:
> On Thu, 9 Nov 2023 at 22:54, Benjamin Barenblat  wrote:
> >
> > Dear Debian folks,
> >
> > coreutils can link against OpenSSL, yielding a substantial speed boost
> > in sha256sum etc. For many years, this was inadvisable due to license
> > conflicts. However, as of bookworm, coreutils requires GPL-3+ and
> > OpenSSL is Apache-2.0, so I believe all license compatibility questions
> > have been resolved.
> >
> > What would you think about having coreutils Depend on libssl3? This
> > would make the libssl3 package essential, which is potentially
> > undesirable, but it also has the potential for serious user time savings
> > (on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
> > coreutils’ internal implementation).
> 
> This sounds great. systemd also uses OpenSSL for various things, so
> libssl3 is pretty much a given on any bootable installation anyway
> already.

Strongly agree. In addition to possible performance gains I think there are
other benefits.  Fewer better reviewed crypto implementations and a single
upgrade path would be two, especially since like you say libcrypto is pretty
much always there anyway.

> 
> > Alternatively, what would you think about making sha256sum etc.
> > divertible and providing implementations both with and without the
> > OpenSSL dependency?
> 
> Please, no, no more diversion/alternatives/shenanigans, it's just huge
> and convoluted complications for no real gain.
> 

+1

Re: Linking coreutils against OpenSSL

[Simon Richter]

Hi,


What would you think about having coreutils Depend on libssl3? This
would make the libssl3 package essential, which is potentially
undesirable, but it also has the potential for serious user time savings
(on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
coreutils’ internal implementation).


That is only on amd64 though.

On ARM and riscv64, OpenSSL is slightly slower than coreutils' 
sha256sum, so this would introduce an additional dependency and degrade 
performance. The best choice there is the kernel crypto API, which knows 
about offload hardware and special CPU instructions, both of which are 
common.



Alternatively, what would you think about making sha256sum etc.
divertible and providing implementations both with and without the
OpenSSL dependency?


Makes sense to me, especially if it is a diversion only, not full 
alternatives (which could not have sensible priorities, because what is 
fastest is system dependent.


   Simon

Re: Linking coreutils against OpenSSL

[Luca Boccassi]

On Thu, 9 Nov 2023 at 22:54, Benjamin Barenblat  wrote:
>
> Dear Debian folks,
>
> coreutils can link against OpenSSL, yielding a substantial speed boost
> in sha256sum etc. For many years, this was inadvisable due to license
> conflicts. However, as of bookworm, coreutils requires GPL-3+ and
> OpenSSL is Apache-2.0, so I believe all license compatibility questions
> have been resolved.
>
> What would you think about having coreutils Depend on libssl3? This
> would make the libssl3 package essential, which is potentially
> undesirable, but it also has the potential for serious user time savings
> (on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
> coreutils’ internal implementation).

This sounds great. systemd also uses OpenSSL for various things, so
libssl3 is pretty much a given on any bootable installation anyway
already.

> Alternatively, what would you think about making sha256sum etc.
> divertible and providing implementations both with and without the
> OpenSSL dependency?

Please, no, no more diversion/alternatives/shenanigans, it's just huge
and convoluted complications for no real gain.

Linking coreutils against OpenSSL

[Benjamin Barenblat]

Dear Debian folks,

coreutils can link against OpenSSL, yielding a substantial speed boost
in sha256sum etc. For many years, this was inadvisable due to license
conflicts. However, as of bookworm, coreutils requires GPL-3+ and
OpenSSL is Apache-2.0, so I believe all license compatibility questions
have been resolved.

What would you think about having coreutils Depend on libssl3? This
would make the libssl3 package essential, which is potentially
undesirable, but it also has the potential for serious user time savings
(on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
coreutils’ internal implementation).

Alternatively, what would you think about making sha256sum etc.
divertible and providing implementations both with and without the
OpenSSL dependency?

Best,
Benjamin