Closed dougch closed 10 months ago
Confirmed that the kTLS test on qemu also suffers from slowness for aead_aes at almost 800 seconds:
2: Running /home/codebuild/s2n-tls/tests/unit/s2n_aead_aes_test.c ... PASSED 32098261 tests
251/251 Test #2: s2n_aead_aes_test ................................ Passed 759.61 sec
I wonder if this is related to hardware acceleration issues? The AEAD test is normally quite slow, so perhaps if it's using a software implementation that might explain the extra time.
https://github.com/cross-platform-actions/action/issues/47 https://github.blog/changelog/2023-02-23-hardware-accelerated-android-virtualization-on-actions-windows-and-linux-larger-hosted-runners/
Security issue notifications
If you discover a potential security issue in s2n we ask that you notify AWS Security via our vulnerability reporting page. Please do not create a public github issue.
Problem:
While looking into FreeBSD CI issues, discovered that on qemu the s2n_aead_aes_test takes 350+ seconds, which is longer than the entire test run on native x86. This might be related to qemu, but this is worth looking into under virtualbox as well (what the GitHub action uses) and with KVM support.
On FreeBSD 13.1
Solution:
A description of the possible solution in terms of S2N architecture. Highlight and explain any potentially controversial design decisions taken.
Unclear until more investigation is done.
Requirements / Acceptance Criteria:
What must a solution address in order to solve the problem? How do we know the solution is complete?
Out of scope:
Is there anything the solution will intentionally NOT address?