All of lore.kernel.org
 help / color / mirror / Atom feed
From: Sandy Harris <sandyinchina@gmail.com>
To: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Cc: Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
	John Gilmore <gnu@toad.com>
Subject: Re: Fostering linux community collaboration on hardware accelerators
Date: Wed, 11 Oct 2017 11:51:49 -0400	[thread overview]
Message-ID: <CACXcFmk3RDaKo0uasnXBeQvgq8aaX88vExv+GOqMAdZTL7=iXQ@mail.gmail.com> (raw)
In-Reply-To: <20171009112425.00003966@huawei.com>

I shortened the cc list radically. If the discussion continues, it may
be a good idea to add people back. I added John Gilmore since I cite
one of his posts below.

Jonathan Cameron <Jonathan.Cameron@huawei.com> wrote:

> On behalf of Huawei, I am looking into options to foster a wider community
> around the various ongoing projects related to Accelerator support within
> Linux.  The particular area of interest to Huawei is that of harnessing
> accelerators from userspace, but in a collaborative way with the kernel
> still able to make efficient use of them, where appropriate.
>
> We are keen to foster a wider community than one just focused on
> our own current technology.

Good stuff, but there are problems. e.g. see the thread starting
with my message here:
https://www.mail-archive.com/linux-crypto@vger.kernel.org/msg27274.html

My perspective is that of a crypto guy working on general-purpose
CPUs, anything from 32-bit ARM up. There are certainly problems for
devices with massive loads like a high-end router or with more limited
CPUs that I will not even pretend to address.

For me, far & away the biggest issue is having a good source of random
numbers; more-or-less all crypto depends on that. The Linux random(4)
RNG gets close, but there are cases where it may not be well
initialized soon enough on some systems. If a system provides a
hardware RNG, I will certainly use it to feed random(4). I do not care
nearly as much about anything else that might be in a hardware crypto
accelerator.

Separate accelerator devices require management, separating accesses
by different kernel threads or by user processes if they are allowed
to play, keeping them from seeing each other's keys, perhaps saving &
restoring state sometimes. Things that can be built into the CPU --
RNG instruction or register, AES instructions, Intel's instruction for
128-bit finite field multiplication which accelerates AES-GCM,
probably some I have not heard of -- require less management and are
usable by  any process, assuming either compiler support or some
assembler code. As a software guy, I'd far rather the hardware
designers gave me those than anything that needs a driver.

  parent reply	other threads:[~2017-10-11 15:51 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-10-10 11:28 Fostering linux community collaboration on hardware accelerators Jonathan Cameron
     [not found] ` <CAHFG_=UfO54nkM68RmLmZWLtYROhaUu9U866kqTzpU=MgxfCkA@mail.gmail.com>
2017-10-11 14:43   ` Jonathan Cameron
2017-10-11 15:51 ` Sandy Harris [this message]
2017-10-11 16:49   ` Jonathan Cameron
     [not found] <201710101132.v9ABUs28138304@mx0a-001b2d01.pphosted.com>
2017-10-12  5:22 ` Andrew Donnellan
2017-10-12 13:31   ` Douglas Miller
2017-10-12 14:57     ` Jonathan Cameron
2017-10-12 15:48       ` Francois Ozog
2017-10-12 17:10         ` Douglas Miller
2017-10-16 14:07   ` Jonathan Cameron

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CACXcFmk3RDaKo0uasnXBeQvgq8aaX88vExv+GOqMAdZTL7=iXQ@mail.gmail.com' \
    --to=sandyinchina@gmail.com \
    --cc=Jonathan.Cameron@huawei.com \
    --cc=gnu@toad.com \
    --cc=linux-crypto@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.