linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Lei He <helei.sig11@bytedance.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "Lei He" <helei.sig11@bytedance.com>,
	davem@davemloft.net, dhowells@redhat.com,
	"Michael S. Tsirkin" <mst@redhat.com>,
	linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
	"\"Daniel P . Berrangé\"" <berrange@redhat.com>,
	"zhenwei pi" <pizhenwei@bytedance.com>
Subject: Re:  [PATCH v2 0/4] virtio-crypto: support ECDSA algorithm
Date: Thu, 30 Jun 2022 20:44:18 +0800	[thread overview]
Message-ID: <274D6476-E37F-4110-BAA5-5B5CE0B63BE9@bytedance.com> (raw)
In-Reply-To: <Yr1nybJ9eSNgU24i@gondor.apana.org.au>

On Jun 30, 2022, at 5:07 PM, Herbert Xu <herbert@gondor.apana.org.au> wrote:

> 
> On Thu, Jun 30, 2022 at 04:30:39PM +0800, Lei He wrote:
>> 
>> I have explained above why we need a driver that supports ECDSA, and this patch
>> enables virtio-crypto to support ECDSA. I think this is a good time to support ECDSA
>> in the kernel crypto framework, and there will be more drivers supporting ECDSA in the 
>> future.
>> Looking forward to your opinion :-).
> 
> Until there are drivers in the kernel it's pointless to implement
> this.
> 

I guess you mean that if there are no drivers in the linux kernel source tree that supports the 
ECDSA, then there is no way under linux to offload ECDSA to other devices, so even if the
virtio-crypto can get the akcipher request, it can’t do better, right? I have some different opinions
 on this:
1. There does exist hardware for offloading ECDSA calculations, for example, IBM PCIe
Cryptographic Coprocessor, Intel QAT, etc, and those chips are already on the market now.
Of course, they also provided corresponding drivers to access these devices, but for some reason,
these drivers have not been submitted to the kernel source tree now.
2. With this patch, when we use QEMU to create a virtual machine, people can directly access the 
virtio-crypto device without caring about where these akcipher requests are executed, and no need
to update drivers(and other stuff) for guest kernel when the  co-processor is updated. 
3.  I will communicate with the Intel QAT team about their plans to provide ECDSA support and ECDH 
support.



  reply	other threads:[~2022-06-30 12:44 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-23  7:05 [PATCH v2 0/4] virtio-crypto: support ECDSA algorithm Lei He
2022-06-23  7:05 ` [PATCH v2 1/4] crypto: fix the calculation of max_size for ECDSA Lei He
2022-06-23  7:05 ` [PATCH v2 2/4] crypto: pkcs8 parser support ECDSA private keys Lei He
2022-06-23  7:05 ` [PATCH v2 3/4] crypto: remove unused field in pkcs8_parse_context Lei He
2022-06-23  7:05 ` [PATCH v2 4/4] virtio-crypto: support ECDSA algorithm Lei He
2022-06-24  6:51 ` [PATCH v2 0/4] " Michael S. Tsirkin
2022-06-30  6:59 ` Herbert Xu
2022-06-30  7:23   ` [External] " Lei He
2022-06-30  7:41     ` Herbert Xu
2022-06-30  8:30       ` Lei He
2022-06-30  9:07         ` Herbert Xu
2022-06-30 12:44           ` Lei He [this message]
2022-06-30 12:50             ` Lei He
2022-06-30 23:12         ` Sandy Harris
2022-07-01  2:54           ` [External] " Lei He
2022-06-30  9:48     ` [External] " Daniel P. Berrangé
2022-06-30 12:43       ` Lei He
2022-08-09 18:36 ` Michael S. Tsirkin
  -- strict thread matches above, loose matches on Subject: below --
2022-06-23  6:09 Lei He

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=274D6476-E37F-4110-BAA5-5B5CE0B63BE9@bytedance.com \
    --to=helei.sig11@bytedance.com \
    --cc=berrange@redhat.com \
    --cc=davem@davemloft.net \
    --cc=dhowells@redhat.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mst@redhat.com \
    --cc=pizhenwei@bytedance.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).