From: "Stephan Müller" <smueller@chronox.de>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: linux-crypto@vger.kernel.org
Subject: Re: [PATCH v5 1/2] crypto: skcipher AF_ALG - overhaul memory management
Date: Thu, 16 Mar 2017 09:55:17 +0100 [thread overview]
Message-ID: <13069331.7r3bo5pPcW@positron.chronox.de> (raw)
In-Reply-To: <20170316083922.GA11653@gondor.apana.org.au>
Am Donnerstag, 16. März 2017, 09:39:23 CET schrieb Herbert Xu:
Hi Herbert,
> On Fri, Feb 17, 2017 at 11:31:41PM +0100, Stephan Müller wrote:
> > + } else {
> > + /* Synchronous operation */
> > + skcipher_request_set_callback(&areq->req,
> > + CRYPTO_TFM_REQ_MAY_SLEEP |
> > + CRYPTO_TFM_REQ_MAY_BACKLOG,
> > + af_alg_complete,
> > + &ctx->completion);
> > + err = af_alg_wait_for_completion(ctx->enc ?
> > + crypto_skcipher_encrypt(&areq->req) :
> > + crypto_skcipher_decrypt(&areq->req),
> > + &ctx->completion);
> > + }
>
> This is now outside of the loop for the sync case. The purpose
> of the loop in the sync case was to segment the data when we get
> a very large SG list that does not fit inside a single call.
>
> Or did I miss something?
The while loop present in the skcipher_recvmsg_sync present in the current
upstream kernel operates on ctx->rsgl. That data structure is defined as:
struct af_alg_sgl {
struct scatterlist sg[ALG_MAX_PAGES + 1];
struct page *pages[ALG_MAX_PAGES];
unsigned int npages;
};
I.e. recvmsg operates on at most 16 SGs where each can take one page of data.
Thus, if a user provides more data than 16 pages, such while loop would make
much sense.
The patch proposed here is not limited on a fixed set of 16 SGs in the RX-SGL.
The recvmsg code path allocates the required amount of SGLs space:
/* convert iovecs of output buffers into RX SGL */
while (len < ctx->used && iov_iter_count(&msg->msg_iter)) {
struct skcipher_rsgl *rsgl;
...
rsgl = sock_kmalloc(sk, sizeof(*rsgl), GFP_KERNEL);
...
struct skcipher_rsgl uses the af_alg_sgl data structure with its 16 SG
entries. But now you can have arbitrary numbers of af_alg_sgl instances up to
the memory provided by sock_kmalloc. I.e. recvmsg can now operate on multiples
of af_alg_sgl in one go.
With this approach I thought that the while loop could be a thing of the past,
considering that this is also the approach taken in skcipher_recvmsg_async
that is present in the current upstream code base.
>
> Overall I like this patch.
Thank you very much.
>
> Thanks,
Ciao
Stephan
next prev parent reply other threads:[~2017-03-16 9:04 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-17 22:31 [PATCH v5 0/2] crypto: AF_ALG memory management fix Stephan Müller
2017-02-17 22:31 ` [PATCH v5 1/2] crypto: skcipher AF_ALG - overhaul memory management Stephan Müller
2017-03-16 8:39 ` Herbert Xu
2017-03-16 8:55 ` Stephan Müller [this message]
2017-03-16 9:08 ` Herbert Xu
2017-03-16 9:23 ` Stephan Müller
2017-03-16 9:52 ` Herbert Xu
2017-03-16 10:18 ` Stephan Müller
2017-03-16 12:20 ` Stephan Müller
2017-03-31 10:33 ` Herbert Xu
2017-03-19 4:34 ` Stephan Müller
2017-03-30 13:59 ` Stephan Müller
2017-02-17 22:32 ` [PATCH v5 2/2] crypto: aead " Stephan Müller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=13069331.7r3bo5pPcW@positron.chronox.de \
--to=smueller@chronox.de \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.