LKML Archive on lore.kernel.org
 help / Atom feed
From: Megha Dey <megha.dey@intel.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org
Subject: Re: [RFC] crypto: Remove mcryptd
Date: Thu, 09 Aug 2018 19:40:33 -0700
Message-ID: <1533868833.19050.19.camel@megha-Z97X-UD7-TH> (raw)
In-Reply-To: <20180808095621.h7ecacftx5ofe5ki@gondor.apana.org.au>

On Wed, 2018-08-08 at 17:56 +0800, Herbert Xu wrote:
> On Thu, Jul 26, 2018 at 05:25:07PM -0700, Megha Dey wrote:
> > 
> > 1. On the existing algorithms covered in aesni_intel-glue.c (eg:
> > __cbc-aes-aesni), 3 algorithms are registered in /proc/crypto:
> > 
> >      __cbc(aes)
> >      cryptd(__cbc-aes-aesni)--> registered via cryptd_create_skcipher
> > 
> >      cbc(aes)
> >      cbc-aes-aesni	--> registered via simd_skcipher_create_compat
> > 
> >      __cbc(aes)
> >      __cbc-aes-aesni    --> registered as the internal algorithm
> > 
> > I would want to know why do we need the cryptd(__cbc-aes-aesni)
> > algorithm at all. I do not see any of the associated setkey, encrypt or
> > decrypt functions getting called during the selftest or while running
> > tcrypt. I just see the simd_(setkey, encrypt, decrypt) functions
> > directly called the inner algorithms. However, if I remove the cryptd
> > algorithm, none of the algorithms are registered.
> 
> The simd functions are the fast path where you are running in a
> context where SIMD can be used directly.  cryptd is the slow path
> where we defer the work to a work queue.

Hi Herbert,

Thank you for the clarification.

I seem to have gotten things to work (i.e remove mcryptd layer). I have
tried this with the skcipher on top of my previously posted patches for
the aes-cbc-mb multibuffer algorithm since the simd wrappers already
exist for it. I am working on extending to hashes, sorry for the
confusion.

I would like to get your approval first on the changes I have made in
the cryptd layer:

1. 
@@ -495,7 +534,10 @@ static void cryptd_skcipher_encrypt(struct
crypto_async_request *base,
        skcipher_request_set_crypt(subreq, req->src, req->dst,
req->cryptlen, req->iv);
 
-       err = crypto_skcipher_encrypt(subreq);
+       subreq->base.data = req->base.data;
+       subreq->base.complete = rctx->complete;
+       rctx->desc = *subreq;
+       err = crypto_skcipher_encrypt(&rctx->desc);
        skcipher_request_zero(subreq);

This change is necessary because for the multibuffer algorithms, the
inner algorithm needs a pointer to the original request. In the slow
path, since we allocate a skcipher_request on the stack, there is no
easy way to retrieve the request. In the mcryptd_layer, we had extra
logic to store this pointer. 

2. Currently, 
-struct cryptd_skcipher_request_ctx {
-       crypto_completion_t complete;
-};
-

For multibuffer algorithms, we need more structure members:
+struct cryptd_skcipher_request_ctx {
+        struct list_head waiter;
+        crypto_completion_t complete;
+        struct cryptd_tag tag;
+        struct skcipher_walk walk;
+        u8 flag;
+        int nbytes;
+        int error;
+        struct skcipher_request desc;
+        void *job;
+        u128 seq_iv;

I am not sure if adding the member to the original structure definition
is acceptable or I should introduce a new structure.

Lastly, for hashes, we have
struct cryptd_hash_request_ctx {
        crypto_completion_t complete;
        struct shash_desc desc;
};

If we were to use this(with the added fields for multibuffer), we should
update the shash_desc to ahash_request since we are an async algorithm
right?


> 
> > > What you need to do is create an actual simd wrapper with cryptd
> >  
> > This simd wrapper is already present for skcipher right(in simd.c)?
> > Assuming we only have ciphers and no hash algorithms, are any changes
> > required in these wrappers?
> 
> For skcipher yes they already exist.  But this thread was about
> hashes.
> 
> Cheers,



  reply index

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-12  1:44 Megha Dey
2018-05-31 18:15 ` Megha Dey
2018-07-20  3:53 ` Herbert Xu
2018-07-27  0:25   ` Megha Dey
2018-08-08  9:56     ` Herbert Xu
2018-08-10  2:40       ` Megha Dey [this message]
2018-08-16  6:55         ` Herbert Xu

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1533868833.19050.19.camel@megha-Z97X-UD7-TH \
    --to=megha.dey@intel.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git
	git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org linux-kernel@archiver.kernel.org
	public-inbox-index lkml


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/ public-inbox