From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:58914) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjkPx-00083Y-CS for qemu-devel@nongnu.org; Tue, 13 Sep 2016 05:54:18 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bjkPt-0007k5-To for qemu-devel@nongnu.org; Tue, 13 Sep 2016 05:54:17 -0400 Received: from mx1.redhat.com ([209.132.183.28]:1369) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjkPt-0007jx-MJ for qemu-devel@nongnu.org; Tue, 13 Sep 2016 05:54:13 -0400 Date: Tue, 13 Sep 2016 10:54:05 +0100 From: "Daniel P. Berrange" Message-ID: <20160913095405.GI30949@redhat.com> Reply-To: "Daniel P. Berrange" References: <1473738741-220600-1-git-send-email-arei.gonglei@huawei.com> <20160913085746.GB30949@redhat.com> <33183CC9F5247A488A2544077AF19020B03C927D@SZXEMA503-MBS.china.huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <33183CC9F5247A488A2544077AF19020B03C927D@SZXEMA503-MBS.china.huawei.com> Subject: Re: [Qemu-devel] [PATCH v2 00/15] virtio-crypto: introduce framework and device emulation List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Gonglei (Arei)" Cc: "qemu-devel@nongnu.org" , "virtio-dev@lists.oasis-open.org" , "Huangpeng (Peter)" , Luonengjun , "mst@redhat.com" , "stefanha@redhat.com" , "pbonzini@redhat.com" , "Huangweidong (C)" , "mike.caraman@nxp.com" , "agraf@suse.de" , "xin.zeng@intel.com" , Claudio Fontana , "nmorey@kalray.eu" , "vincent.jardin@6wind.com" On Tue, Sep 13, 2016 at 09:45:05AM +0000, Gonglei (Arei) wrote: > Hi Daniel, > > Thanks for your comments fristly, please see my embedded reply. > > Regards, > -Gonglei > > > > -----Original Message----- > > From: Daniel P. Berrange [mailto:berrange@redhat.com] > > Sent: Tuesday, September 13, 2016 4:58 PM > > To: Gonglei (Arei) > > Cc: qemu-devel@nongnu.org; virtio-dev@lists.oasis-open.org; Huangpeng > > (Peter); Luonengjun; mst@redhat.com; stefanha@redhat.com; > > pbonzini@redhat.com; Huangweidong (C); mike.caraman@nxp.com; > > agraf@suse.de; xin.zeng@intel.com; Claudio Fontana; nmorey@kalray.eu; > > vincent.jardin@6wind.com > > Subject: Re: [PATCH v2 00/15] virtio-crypto: introduce framework and device > > emulation > > > > On Tue, Sep 13, 2016 at 11:52:06AM +0800, Gonglei wrote: > > > Changes since v1: > > > - rmmove mixed endian-ness handler for virtio-crypto device, just > > > use little-endian. [mst] > > > - add sg list support according virtio-crypto spec v10 (will be posted soon). > > > - fix a memory leak in session handler. > > > - add a feature page link in qemu.org > > (http://qemu-project.org/Features/VirtioCrypto) > > > - fix some trivial problems, sush as 's/Since 2.7/Since 2.8/g' in > > qapi-schema.json > > > - rebase the latest qemu master tree. > > > > > > Please review, thanks! > > > > > > This patch series realize the framework and emulation of a new > > > virtio crypto device, which is similar with virtio net device. > > > > > > - I introduce the cryptodev backend as the client of virtio crypto device > > > which can be realized by different methods, such as cryptodev-linux in my > > series, > > > vhost-crypto kernel module, vhost-user etc. > > > - The patch set abides by the virtio crypto speccification. > > > - The virtio crypto support symmetric algorithms (including CIPHER and > > algorithm chainning) > > > at present, except HASH, MAC and AEAD services. > > > - unsupport hot plug/unplug cryptodev client at this moment. > > > > > > Cryptodev-linux is a device that allows access to Linux kernel cryptographic > > drivers; > > > thus allowing of userspace applications to take advantage of hardware > > accelerators. > > > It can be found here: > > > > > > http://cryptodev-linux.org/ > > > > > > (please use the latest version) > > > > > > To use the cryptodev-linux as the client, the cryptodev.ko should be insert on > > the host. > > > > > > # enter cryptodev-linux module root directory, then > > > make;make install > > > > > > The cryptodev kernel module is not upstream and shows no sign of > > ever being likely to be accepted & merged upstream. On that basis, > > support for it in QEMU has a firm NACK from me, as trying to support > > out of tree kernel modules long term never ends well. This is > > particularly bad because it appears to be the only impl backend > > you've provided in this series. > > > > OK, I agree with you :) But if we support multiple backends, can > we keep cryptodev-linux module as one option? I'm personally against any support for out of tree kernel modules in QEMU, regardless of whether QEMU also implements alternative backends, unless there is a strong sign that the module in question is on the verge of being accepted into mainline Linux. That does not seem to be the case there - mainline settled on AF_ALG as the only supported approach AFAICT. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|