From: Stephan Mueller <smueller-T9tCv8IpfcWELgA04lAiVw@public.gmane.org>
To: Herbert Xu <herbert-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
Cc: Daniel Borkmann
<dborkman-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
'Quentin Gouchet'
<quentin.gouchet-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
'LKML' <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
linux-crypto-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [PATCH v5 3/8] crypto: AF_ALG: add AEAD support
Date: Thu, 25 Dec 2014 09:59:41 +0100 [thread overview]
Message-ID: <4303878.9KB6gYbbHH@tachyon.chronox.de> (raw)
In-Reply-To: <2159528.zCJB0y2Cap-PJstQz4BMNNP20K/wil9xYQuADTiUCJX@public.gmane.org>
Am Mittwoch, 24. Dezember 2014, 09:54:33 schrieb Stephan Mueller:
Hi Stephan,
> Am Mittwoch, 24. Dezember 2014, 07:24:01 schrieb Herbert Xu:
>
> Hi Herbert,
>
> > On Tue, Dec 23, 2014 at 03:52:27PM +0100, Stephan Mueller wrote:
> > > Am Dienstag, 23. Dezember 2014, 22:56:26 schrieb Herbert Xu:
> > > > In fact AEAD is rather awkward because you need to do everything
> > > > in one go. Perhaps we could adapt our kernel interface to allow
> > > > partial AEAD operations?
> > >
> > > I am not sure what you are referring to. The invocation does not need to
> > > be in one go. You can have arbitrary number of sendmsg calls. But all
> > > input data needs to be supplied before you call recvmsg.
> >
> > What I mean is that unlike skcipher we cannot precede until we
> > have the complete input. So you cannot begin recvmsg until all
> > input has been sent.
>
> That is right, but isn't that the nature of AEAD ciphers in general? Even if
> you are in the kernel, you need to have all scatter lists together for one
> invocation of the AEAD cipher.
>
> In case of a threaded application, the recvmsg does not start until all data
> is in, marked with the missing MSG_MORE -- see aead_readable.
>
> All we can do is allow the user to use multiple system calls to collect all
> data before the AEAD operation takes place.
>
> Or do you see another way on how to invoke the AEAD operation in a different
> manner?
>
> The only item that I see that could be made better is the output side:
> currently the code allows only one and exactly one iovec to point to the
> output buffer. I would like to allow multiple iovec buffers that are filled
> with the output of one invocation of the AEAD operation. However, to avoid
> making a kernel-internal scratch buffer, I would need to somehow link the
> kernel-internal scatter lists with the iovec buffers. That only works when
> walking the iovec lists first and call af_alg_make_sg with every iovec entry
> and create the kernel-internal scatterlist representation. That is followed
> by the AEAD operation on the scatterlist.
>
> If we agree on walking the iovec list first, then the question arises how
> many iovec list entries we allow at max. Is 16 entries a sensible value?
I would be now ready with a new release of the AEAD and RNG interface patches
against the current code base (including the iov_iter update). Though, I would
like to get your answer regarding your concerns.
Thanks.
--
Ciao
Stephan
WARNING: multiple messages have this Message-ID (diff)
From: Stephan Mueller <smueller@chronox.de>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Daniel Borkmann <dborkman@redhat.com>,
"'Quentin Gouchet'" <quentin.gouchet@gmail.com>,
"'LKML'" <linux-kernel@vger.kernel.org>,
linux-crypto@vger.kernel.org, linux-api@vger.kernel.org
Subject: Re: [PATCH v5 3/8] crypto: AF_ALG: add AEAD support
Date: Thu, 25 Dec 2014 09:59:41 +0100 [thread overview]
Message-ID: <4303878.9KB6gYbbHH@tachyon.chronox.de> (raw)
In-Reply-To: <2159528.zCJB0y2Cap@tachyon.chronox.de>
Am Mittwoch, 24. Dezember 2014, 09:54:33 schrieb Stephan Mueller:
Hi Stephan,
> Am Mittwoch, 24. Dezember 2014, 07:24:01 schrieb Herbert Xu:
>
> Hi Herbert,
>
> > On Tue, Dec 23, 2014 at 03:52:27PM +0100, Stephan Mueller wrote:
> > > Am Dienstag, 23. Dezember 2014, 22:56:26 schrieb Herbert Xu:
> > > > In fact AEAD is rather awkward because you need to do everything
> > > > in one go. Perhaps we could adapt our kernel interface to allow
> > > > partial AEAD operations?
> > >
> > > I am not sure what you are referring to. The invocation does not need to
> > > be in one go. You can have arbitrary number of sendmsg calls. But all
> > > input data needs to be supplied before you call recvmsg.
> >
> > What I mean is that unlike skcipher we cannot precede until we
> > have the complete input. So you cannot begin recvmsg until all
> > input has been sent.
>
> That is right, but isn't that the nature of AEAD ciphers in general? Even if
> you are in the kernel, you need to have all scatter lists together for one
> invocation of the AEAD cipher.
>
> In case of a threaded application, the recvmsg does not start until all data
> is in, marked with the missing MSG_MORE -- see aead_readable.
>
> All we can do is allow the user to use multiple system calls to collect all
> data before the AEAD operation takes place.
>
> Or do you see another way on how to invoke the AEAD operation in a different
> manner?
>
> The only item that I see that could be made better is the output side:
> currently the code allows only one and exactly one iovec to point to the
> output buffer. I would like to allow multiple iovec buffers that are filled
> with the output of one invocation of the AEAD operation. However, to avoid
> making a kernel-internal scratch buffer, I would need to somehow link the
> kernel-internal scatter lists with the iovec buffers. That only works when
> walking the iovec lists first and call af_alg_make_sg with every iovec entry
> and create the kernel-internal scatterlist representation. That is followed
> by the AEAD operation on the scatterlist.
>
> If we agree on walking the iovec list first, then the question arises how
> many iovec list entries we allow at max. Is 16 entries a sensible value?
I would be now ready with a new release of the AEAD and RNG interface patches
against the current code base (including the iov_iter update). Though, I would
like to get your answer regarding your concerns.
Thanks.
--
Ciao
Stephan
next prev parent reply other threads:[~2014-12-25 8:59 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-07 22:20 [PATCH v5 0/8] crypto: AF_ALG: add AEAD and RNG support Stephan Mueller
2014-12-07 22:20 ` Stephan Mueller
2014-12-07 22:21 ` [PATCH v5 1/8] crypto: AF_ALG: add user space interface for AEAD Stephan Mueller
2014-12-08 6:50 ` Stephan Mueller
2014-12-07 22:21 ` [PATCH v5 2/8] crypto: AF_ALG: add setsockopt for auth tag size Stephan Mueller
2014-12-22 12:05 ` Herbert Xu
2014-12-07 22:22 ` [PATCH v5 3/8] crypto: AF_ALG: add AEAD support Stephan Mueller
2014-12-22 11:23 ` Herbert Xu
2014-12-23 8:14 ` Stephan Mueller
[not found] ` <101382546.xjTjAHLGAb-PJstQz4BMNNP20K/wil9xYQuADTiUCJX@public.gmane.org>
2014-12-23 11:56 ` Herbert Xu
2014-12-23 11:56 ` Herbert Xu
[not found] ` <20141223115626.GA31450-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2014-12-23 14:52 ` Stephan Mueller
2014-12-23 14:52 ` Stephan Mueller
[not found] ` <4537021.IXSvIIgcH4-PJstQz4BMNNP20K/wil9xYQuADTiUCJX@public.gmane.org>
2014-12-23 20:24 ` Herbert Xu
2014-12-23 20:24 ` Herbert Xu
[not found] ` <20141223202401.GA2474-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2014-12-24 8:54 ` Stephan Mueller
2014-12-24 8:54 ` Stephan Mueller
[not found] ` <2159528.zCJB0y2Cap-PJstQz4BMNNP20K/wil9xYQuADTiUCJX@public.gmane.org>
2014-12-25 8:59 ` Stephan Mueller [this message]
2014-12-25 8:59 ` Stephan Mueller
2014-12-25 20:28 ` Herbert Xu
2014-12-25 20:28 ` Herbert Xu
2014-12-07 22:23 ` [PATCH v5 4/8] crypto: AF_ALG: enable AEAD interface compilation Stephan Mueller
2014-12-07 22:23 ` [PATCH v5 5/8] crypto: AF_ALG: add user space interface for RNG Stephan Mueller
[not found] ` <3380968.kTQNpvjKFa-PJstQz4BMNNP20K/wil9xYQuADTiUCJX@public.gmane.org>
2014-12-22 11:27 ` Herbert Xu
2014-12-22 11:27 ` Herbert Xu
[not found] ` <20141222112730.GB19532-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2014-12-23 8:27 ` Stephan Mueller
2014-12-23 8:27 ` Stephan Mueller
2014-12-07 22:25 ` [PATCH v5 7/8] crypto: AF_ALG: add random number generator support Stephan Mueller
[not found] ` <56740432.V2v4gLHrzS-PJstQz4BMNNP20K/wil9xYQuADTiUCJX@public.gmane.org>
2014-12-07 22:24 ` [PATCH v5 6/8] crypto: AF_ALG: zeroize key / seed data Stephan Mueller
2014-12-07 22:24 ` Stephan Mueller
2014-12-07 22:25 ` [PATCH v5 8/8] crypto: AF_ALG: enable RNG interface compilation Stephan Mueller
2014-12-07 22:25 ` Stephan Mueller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4303878.9KB6gYbbHH@tachyon.chronox.de \
--to=smueller-t9tcv8ipfcwelga04laivw@public.gmane.org \
--cc=dborkman-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=herbert-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-crypto-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=quentin.gouchet-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.