linux-crypto.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Stephan Müller" <smueller@chronox.de>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: linux-crypto@vger.kernel.org
Subject: Re: [PATCH 00/13] crypto: copy AAD during encrypt for AEAD ciphers
Date: Thu, 12 Jan 2017 16:50:46 +0100	[thread overview]
Message-ID: <19793111.SdtrLVTG75@tauon.atsec.com> (raw)
In-Reply-To: <20170112153924.GA16347@gondor.apana.org.au>

Am Donnerstag, 12. Januar 2017, 23:39:24 CET schrieb Herbert Xu:

Hi Herbert,

> On Thu, Jan 12, 2017 at 04:34:39PM +0100, Stephan Müller wrote:
> > We would only be able to remove it if all AEAD implementations are
> > converted. But for the conversion time, we do face that issue.
> 
> It doesn't matter.  Nobody in the kernel uses that.  In fact I
> wonder whether we should even do it for the kernel API.  We only
> need it for the user-space API because it goes through read/write.

So you say that we could remove it from authenc() entirely (this is currently 
the only location where such copy operation is found for the encryption 
direction)?

I would concur that the kernel does not need that.
> 
> > Are you suggesting that the entire data in the src SGL is first copied to
> > the dst SGL by algif_aead? If yes, that still requires significant
> > src/dst SGL tinkering as we have the tag -- the src SGL for encrypt does
> > not have the tag space where the dst SGL for encrypt is required to have
> > the tag size. This is vice versa for the decryption operation.
> 
> It's really only a problem for decryption.  In that case you can
> extend the dst SG list to include the tag.

If we only want to solve that for algif_aead, wouldn't it make more sense if 
the user space caller takes care of that (such as libkcapi)? By tinkering with 
the SGLs and copying the data to the dst buffer before the cipher operation 
takes place, I guess we will add performance degradation and more complexity 
in the kernel.

Having such logic in user space would keep the algif_aead cleaner IMHO.

Ciao
Stephan

  reply	other threads:[~2017-01-12 15:50 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-01-10  1:36 [PATCH 00/13] crypto: copy AAD during encrypt for AEAD ciphers Stephan Müller
2017-01-10  1:36 ` [PATCH 01/13] crypto: service function to copy AAD from src to dst Stephan Müller
2017-01-10  1:37 ` [PATCH 02/13] crypto: gcm_generic - copy AAD during encryption Stephan Müller
2017-01-10  1:37 ` [PATCH 03/13] crypto: ccm_generic " Stephan Müller
2017-01-10  1:37 ` [PATCH 04/13] crypto: rfc4106-gcm-aesni " Stephan Müller
2017-01-10  1:38 ` [PATCH 05/13] crypto: ccm-aes-ce " Stephan Müller
2017-01-10  1:38 ` [PATCH 06/13] crypto: talitos " Stephan Müller
2017-01-10  1:38 ` [PATCH 07/13] crypto: picoxcell " Stephan Müller
2017-01-10  1:39 ` [PATCH 08/13] crypto: ixp4xx " Stephan Müller
2017-01-10  1:39 ` [PATCH 09/13] crypto: atmel " Stephan Müller
2017-01-10  1:39 ` [PATCH 10/13] crypto: caam " Stephan Müller
2017-01-10  1:40 ` [PATCH 11/13] crypto: chelsio " Stephan Müller
2017-01-10  1:40 ` [PATCH 12/13] crypto: nx " Stephan Müller
2017-01-10  1:41 ` [PATCH 13/13] crypto: qat " Stephan Müller
2017-01-12  6:19 ` [PATCH 00/13] crypto: copy AAD during encrypt for AEAD ciphers Herbert Xu
2017-01-12 11:22   ` Stephan Müller
2017-01-12 14:57     ` Herbert Xu
2017-01-12 15:23       ` Stephan Müller
2017-01-12 15:27         ` Herbert Xu
2017-01-12 15:34           ` Stephan Müller
2017-01-12 15:39             ` Herbert Xu
2017-01-12 15:50               ` Stephan Müller [this message]
2017-01-12 15:53                 ` Herbert Xu
2017-01-12 16:01                   ` Stephan Müller
2017-01-12 16:06                     ` Herbert Xu
2017-01-12 16:37                       ` Stephan Müller
2017-01-13 10:23                         ` Herbert Xu
2017-01-13 10:58                           ` Stephan Müller
2017-01-13 11:04                             ` Herbert Xu
2017-01-13 11:12                               ` Stephan Müller
2017-01-13 11:14                                 ` Herbert Xu
2017-01-13 11:19                                   ` Stephan Müller
2017-01-13 11:26                                     ` Herbert Xu
2017-01-13 11:30                                       ` Stephan Müller
2017-01-13 11:33                                         ` Herbert Xu
2017-01-13 11:36                                           ` Stephan Müller
2017-01-13 11:39                                             ` Herbert Xu
2017-01-20 17:07                                               ` Cyrille Pitchen
2017-01-20 20:28                                                 ` Stephan Müller
2017-01-23 13:10                                                 ` Herbert Xu
2017-01-12 12:43   ` Stephan Müller
2017-01-18 14:57 ` Cyrille Pitchen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=19793111.SdtrLVTG75@tauon.atsec.com \
    --to=smueller@chronox.de \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).