Yes, AF_ALG should work with Turris OS.
You may have to load af_alg, algif_hash and algif_skcipher manually.

To get the engine in OpenSSL you will have to compile the engine or OpenSSL yourself.
https://github.com/RidgeRun/af-alg-rr and https://github.com/sarnold/af_alg are among others possible sources. There may be some differences between different implementations.

I am not aware of any prepackaged build of any of these as most people prefer one of the conflicting cryptodev implementations.

In the end you could even use cryptodev in the container. There may be packages around for this.

I do not use any of the acceleration for anything in userspace because software is faster for the interesting packet sizes and the latency is lower. You may save at most 30% cpu time with big packets when using cesa. With small packages the cpu overhead for cesa may go well over 1000%.

Calculation assuming aes-128-cbc and rounded:
OpenSSL with CESA via AF_ALG:
730kbyte/s / 16byte = 45625/s
3000kbyte/s / 64byte = 46875/s
There can be at most about 45000 encryptions per second using AF_ALG and about 75% CPU usage.

OpenSSL without AF_ALG:
48Mbyte/s / 16byte = 3000000/s
55MByte/s / 64byte = 859375/s
We can get 859375 64byte packets per second encrypted using OpenSSL only. Restricting OpenSSL to 75% CPU usage gives the following:
859375/s / 100% * 75% = 644531.25/s

To get the same amount of data encoded as with AF_ALG you would need:
46875/s / 644531.25/s * 100% = 7.27% of the CPU time compared to hardware accelerated.

I took 64bytes as reference because there are quite some small packets like ICMP packets and TCP SYN/ACK that are around 64 bytes in size.

Unfortunately there are no af_alg modules built for Omnia

kmod-crypto-user contains the modules and loads them on boot.

Is there any good way to do IRL bentchmarking of the crypto performance of the routers?

I am thinking like,

IP SEC, or OpenVPN performance?

VPN is pretty easy to benchmark when you just connect another Computer (e. g. VMware with linux distribution) and create a vpn network and check speed with iperf. i get around 45mbit with openvpn and 220mbit with wireguard (should be around 350 with config_PADATA enabled)

I don’t have /dev/crypto. Does it mean that CESA is disabled?
kmod-crypto-ocf isn’t installed because it doesn’t available. All other modules are installed.

in LXC with debian:

openssl speed -elapsed aes-256-cbc

type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes
aes-256 cbc 39110.14k 41221.42k 43204.86k 43422.38k 43619.67k 43248.30k

Yes this is software only on one core but will not be the only limiting factor.

Non-scientific benchmark with IPsec Tunnel mode, AES-256 CBC, HMAC-256 (truncated to 96bits) and iperf (argumens: -d -w 2M):

streams	accel	data-flow	 in	out	idle%
1	none	uni-directional	103	127	~50
1	none	bi-directional	 88	122	 ~0
1	bs	uni-directional	111	161	~45
1	bs	bi-directional	 85	155	 ~0
4	bs	uni-directional	130	188
1	cesa	uni-directional	235	274	~25
1	cesa	bi-directional	 18	261	~30
4	cesa	uni-directional	 24	211

in/out is in Mbit/s and as seen from the omnia.
acceleration bs is the bitsliced implementation (aes-arm-bs, requires custom kernel).

Result: If you upload or download big files then CESA is faster but creates some problems if you have a upload and a download at the same time. Also CPU usage can be higher with CESA than without. And this is only valid for AES-256-CBC+HMAC(SHA256).

Why is there no tutorial for dummies how to activate CESA and boost the VPN speed. I am searching for a good solution for some days, but i don’t get it run…
I think there are a lot of people who decided to buy omnia to use the nice VPN performance…

No hints how to use hw acceleration with omnia?

check this out