From: Eric Biggers <ebiggers@kernel.org>
To: Christoph Hellwig <hch@infradead.org>
Cc: Satya Tangirala <satyat@google.com>,
linux-block@vger.kernel.org, linux-scsi@vger.kernel.org,
linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-ext4@vger.kernel.org,
Barani Muthukumaran <bmuthuku@qti.qualcomm.com>,
Kuohong Wang <kuohong.wang@mediatek.com>,
Kim Boojin <boojin.kim@samsung.com>
Subject: Re: [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption
Date: Fri, 21 Feb 2020 10:34:37 -0800 [thread overview]
Message-ID: <20200221183437.GC925@sol.localdomain> (raw)
In-Reply-To: <20200221173539.GA6525@infradead.org>
On Fri, Feb 21, 2020 at 09:35:39AM -0800, Christoph Hellwig wrote:
> High-level question: Does the whole keyslot manager concept even make
> sense for the fallback? With the work-queue we have item that exectutes
> at a time per cpu. So just allocatea per-cpu crypto_skcipher for
> each encryption mode and there should never be a slot limitation. Or
> do I miss something?
It does make sense because if blk-crypto-fallback didn't use a keyslot manager,
it would have to call crypto_skcipher_setkey() on the I/O path for every bio to
ensure that the CPU's crypto_skcipher has the correct key. That's undesirable,
because setting a new key can be expensive with some encryption algorithms, and
also it can require a memory allocation which can fail. For example, with the
Adiantum algorithm, setting a key requires encrypting ~1100 bytes of data in
order to generate subkeys. It's better to set a key once and use it many times.
Making blk-crypto-fallback use the keyslot manager also allows the keyslot
manager to be tested by routine filesystem regression testing, e.g.
'gce-xfstests -c ext4/encrypt -g auto -m inlinecrypt'.
- Eric
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: Christoph Hellwig <hch@infradead.org>
Cc: linux-ext4@vger.kernel.org, linux-scsi@vger.kernel.org,
Kim Boojin <boojin.kim@samsung.com>,
Kuohong Wang <kuohong.wang@mediatek.com>,
Barani Muthukumaran <bmuthuku@qti.qualcomm.com>,
linux-f2fs-devel@lists.sourceforge.net,
linux-block@vger.kernel.org, linux-fscrypt@vger.kernel.org,
linux-fsdevel@vger.kernel.org,
Satya Tangirala <satyat@google.com>
Subject: Re: [f2fs-dev] [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption
Date: Fri, 21 Feb 2020 10:34:37 -0800 [thread overview]
Message-ID: <20200221183437.GC925@sol.localdomain> (raw)
In-Reply-To: <20200221173539.GA6525@infradead.org>
On Fri, Feb 21, 2020 at 09:35:39AM -0800, Christoph Hellwig wrote:
> High-level question: Does the whole keyslot manager concept even make
> sense for the fallback? With the work-queue we have item that exectutes
> at a time per cpu. So just allocatea per-cpu crypto_skcipher for
> each encryption mode and there should never be a slot limitation. Or
> do I miss something?
It does make sense because if blk-crypto-fallback didn't use a keyslot manager,
it would have to call crypto_skcipher_setkey() on the I/O path for every bio to
ensure that the CPU's crypto_skcipher has the correct key. That's undesirable,
because setting a new key can be expensive with some encryption algorithms, and
also it can require a memory allocation which can fail. For example, with the
Adiantum algorithm, setting a key requires encrypting ~1100 bytes of data in
order to generate subkeys. It's better to set a key once and use it many times.
Making blk-crypto-fallback use the keyslot manager also allows the keyslot
manager to be tested by routine filesystem regression testing, e.g.
'gce-xfstests -c ext4/encrypt -g auto -m inlinecrypt'.
- Eric
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2020-02-21 18:34 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-21 11:50 [PATCH v7 0/9] Inline Encryption Support Satya Tangirala
2020-02-21 11:50 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-02-21 11:50 ` [PATCH v7 1/9] block: Keyslot Manager for Inline Encryption Satya Tangirala
2020-02-21 11:50 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-02-21 17:04 ` Christoph Hellwig
2020-02-21 17:04 ` [f2fs-dev] " Christoph Hellwig
2020-02-21 17:31 ` Christoph Hellwig
2020-02-21 17:31 ` [f2fs-dev] " Christoph Hellwig
2020-02-27 18:14 ` Eric Biggers
2020-02-27 18:14 ` [f2fs-dev] " Eric Biggers
2020-02-27 21:25 ` Satya Tangirala
2020-02-27 21:25 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-03-05 16:11 ` Christoph Hellwig
2020-03-05 16:11 ` [f2fs-dev] " Christoph Hellwig
2020-02-27 18:48 ` Eric Biggers
2020-02-27 18:48 ` [f2fs-dev] " Eric Biggers
2020-02-21 11:50 ` [PATCH v7 2/9] block: Inline encryption support for blk-mq Satya Tangirala
2020-02-21 11:50 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-02-21 17:22 ` Christoph Hellwig
2020-02-21 17:22 ` [f2fs-dev] " Christoph Hellwig
2020-02-22 0:52 ` Satya Tangirala
2020-02-22 0:52 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-02-24 23:34 ` Christoph Hellwig
2020-02-24 23:34 ` [f2fs-dev] " Christoph Hellwig
2020-02-27 18:25 ` Eric Biggers
2020-02-27 18:25 ` [f2fs-dev] " Eric Biggers
2020-02-21 11:50 ` [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption Satya Tangirala
2020-02-21 11:50 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-02-21 16:51 ` Randy Dunlap
2020-02-21 16:51 ` [f2fs-dev] " Randy Dunlap
2020-02-21 17:25 ` Christoph Hellwig
2020-02-21 17:25 ` [f2fs-dev] " Christoph Hellwig
2020-02-21 17:35 ` Christoph Hellwig
2020-02-21 17:35 ` [f2fs-dev] " Christoph Hellwig
2020-02-21 18:34 ` Eric Biggers [this message]
2020-02-21 18:34 ` Eric Biggers
2020-02-24 23:36 ` Christoph Hellwig
2020-02-24 23:36 ` [f2fs-dev] " Christoph Hellwig
2020-02-27 19:25 ` Eric Biggers
2020-02-27 19:25 ` [f2fs-dev] " Eric Biggers
2020-02-21 11:50 ` [PATCH v7 4/9] scsi: ufs: UFS driver v2.1 spec crypto additions Satya Tangirala
2020-02-21 11:50 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-02-21 11:50 ` [PATCH v7 5/9] scsi: ufs: UFS crypto API Satya Tangirala
2020-02-21 11:50 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-02-22 4:59 ` Eric Biggers
2020-02-22 4:59 ` [f2fs-dev] " Eric Biggers
2020-02-21 11:50 ` [PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS Satya Tangirala
2020-02-21 11:50 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-02-21 17:22 ` Christoph Hellwig
2020-02-21 17:22 ` [f2fs-dev] " Christoph Hellwig
2020-02-21 18:11 ` Eric Biggers
2020-02-21 18:11 ` [f2fs-dev] " Eric Biggers
2020-02-23 13:47 ` Stanley Chu
2020-02-23 13:47 ` [f2fs-dev] " Stanley Chu
2020-02-24 23:37 ` Christoph Hellwig
2020-02-24 23:37 ` [f2fs-dev] " Christoph Hellwig
2020-02-25 7:21 ` Stanley Chu
2020-02-25 7:21 ` [f2fs-dev] " Stanley Chu
2020-02-26 1:12 ` Eric Biggers
2020-02-26 1:12 ` [f2fs-dev] " Eric Biggers
2020-02-26 6:43 ` Stanley Chu
2020-02-26 6:43 ` [f2fs-dev] " Stanley Chu
2020-03-02 9:17 ` Stanley Chu
2020-03-02 9:17 ` [f2fs-dev] " Stanley Chu
2020-02-21 11:50 ` [PATCH v7 7/9] fscrypt: add inline encryption support Satya Tangirala
2020-02-21 11:50 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-02-21 18:40 ` Eric Biggers
2020-02-21 18:40 ` [f2fs-dev] " Eric Biggers
2020-02-22 5:39 ` Eric Biggers
2020-02-22 5:39 ` [f2fs-dev] " Eric Biggers
2020-02-26 0:30 ` Eric Biggers
2020-02-26 0:30 ` [f2fs-dev] " Eric Biggers
2020-02-21 11:50 ` [PATCH v7 8/9] f2fs: " Satya Tangirala
2020-02-21 11:50 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-02-21 11:50 ` [PATCH v7 9/9] ext4: " Satya Tangirala
2020-02-21 11:50 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-02-22 5:21 ` Eric Biggers
2020-02-22 5:21 ` [f2fs-dev] " Eric Biggers
2020-02-21 17:16 ` [PATCH v7 0/9] Inline Encryption Support Eric Biggers
2020-02-21 17:16 ` [f2fs-dev] " Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200221183437.GC925@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=bmuthuku@qti.qualcomm.com \
--cc=boojin.kim@samsung.com \
--cc=hch@infradead.org \
--cc=kuohong.wang@mediatek.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=satyat@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.