Enable H/W encryption in Geode

To set the required modules to load at startup, add these to /etc/modules:

ocf
cryptodev
cryptosoft

Also, make sure geode_aes is loaded automatically, if not, add to /etc/modules.

For 0.6.2, the bundled openssl and libssl does not have cryptodev support. Need to install the patched openssl and libssl with cryptodev support:

# install from voyage APT repository at http://www.voyage.hk/dists/0.6
apt-get install --reinstall openssl libssl0.9.8

After reboot, check for cryptodev support in openssl by:

openssl engine

You should see this line:

(cryptodev) BSD cryptodev engine

Test performance by:

openssl speed -evp aes128

You should see something like these:

Doing aes-128-cbc for 3s on 16 size blocks: 149156 aes-128-cbc's in 0.09s
Doing aes-128-cbc for 3s on 64 size blocks: 141139 aes-128-cbc's in 0.05s
Doing aes-128-cbc for 3s on 256 size blocks: 118003 aes-128-cbc's in 0.18s
Doing aes-128-cbc for 3s on 1024 size blocks: 71261 aes-128-cbc's in 0.10s
Doing aes-128-cbc for 3s on 2048 size blocks: 46546 aes-128-cbc's in 0.03s
OpenSSL 0.9.8g 19 Oct 2007
built on: Thu Aug  6 10:51:32 HKT 2009
options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) blowfish(idx)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DHAVE_CRYPTODEV -DL_ENDIAN -DTERMIO -O3 -march=i586 -Wa,--noexecstack -g -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM
available timing options: TIMES TIMEB HZ=100 [sysconf value]
timing function used: times
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   2048 bytes
aes-128-cbc      26516.62k   180657.92k   167826.49k   729712.64k  3177540.27k