From: "Stephan Müller" <smueller@chronox.de>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: linux-crypto@vger.kernel.org
Subject: Re: [PATCH 1/2] crypto: aead AF_ALG - overhaul memory management
Date: Thu, 12 Jan 2017 16:56:04 +0100 [thread overview]
Message-ID: <3051008.MbfH4VO98W@tauon.atsec.com> (raw)
In-Reply-To: <20170112155127.GA19252@gondor.apana.org.au>
Am Donnerstag, 12. Januar 2017, 23:51:28 CET schrieb Herbert Xu:
Hi Herbert,
> On Sun, Dec 25, 2016 at 06:15:06PM +0100, Stephan Müller wrote:
> > + * The following concept of the memory management is used:
> > + *
> > + * The kernel maintains two SGLs, the TX SGL and the RX SGL. The TX SGL
> > is
> > + * filled by user space with the data submitted via sendpage/sendmsg.
> > Filling + * up the TX SGL does not cause a crypto operation -- the data
> > will only be + * tracked by the kernel. Upon receipt of one recvmsg call,
> > the caller must + * provide a buffer which is tracked with the RX SGL.
> > + *
> > + * During the processing of the recvmsg operation, the cipher request is
> > + * allocated and prepared. To support multiple recvmsg operations
> > operating + * on one TX SGL, an offset pointer into the TX SGL is
> > maintained. The TX SGL + * that is used for the crypto request is
> > scatterwalk_ffwd by the offset + * pointer to obtain the start address
> > the crypto operation shall use for + * the input data.
>
> I think this is overcomplicating things. The async interface
> should be really simple. It should be exactly the same as the
> sync interface, except that completion is out-of-line.
>
> So there should be no mixing of SGLs from different requests.
> Just start with a clean slate after each recvmsg regardless of
> whether it's sync or async.
>
> The only difference in the async case is that you need to keep a
> reference to the old pages and free them upon completion. But this
> should in no way interfere with subsequent requests.
That would mean that we would only support one IOCB.
At least with algif_skcipher, having multiple IOCBs would reduce the number of
system calls user space needs to make for multiple plaintext / ciphertext
blocks. But then, with the use of IOVECs, user space could provide all input
data with one system call anyway.
Ok, I will update the patch as suggested.
>
> Cheers,
Ciao
Stephan
next prev parent reply other threads:[~2017-01-12 15:56 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-25 17:13 [PATCH 0/2] crypto: AF_ALG memory management fix Stephan Müller
2016-12-25 17:15 ` [PATCH 1/2] crypto: aead AF_ALG - overhaul memory management Stephan Müller
2017-01-12 15:51 ` Herbert Xu
2017-01-12 15:56 ` Stephan Müller [this message]
2017-01-12 16:05 ` Stephan Müller
2017-01-12 16:07 ` Herbert Xu
2017-01-12 16:10 ` Stephan Müller
2017-01-12 16:17 ` Herbert Xu
2017-01-12 16:19 ` Stephan Müller
2017-01-13 10:21 ` Herbert Xu
2017-01-13 10:49 ` Stephan Müller
2017-01-13 11:03 ` Herbert Xu
2017-01-13 11:10 ` Stephan Müller
2017-01-13 11:12 ` Herbert Xu
2017-01-13 11:16 ` Stephan Müller
2017-01-13 11:25 ` Herbert Xu
2017-01-13 11:51 ` Stephan Müller
2017-01-16 13:41 ` Stephan Müller
2016-12-25 17:15 ` [PATCH 2/2] crypto: skcipher " Stephan Müller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3051008.MbfH4VO98W@tauon.atsec.com \
--to=smueller@chronox.de \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).