From: "Daniel P. Berrange" <berrange@redhat.com>
To: longpeng.mike@gmail.com
Cc: qemu-devel@nongnu.org, arei.gonglei@huawei.com,
weidong.huang@huawei.com, "Longpeng(Mike)" <longpeng2@huawei.com>
Subject: Re: [Qemu-devel] [PATCH v6 00/18] crypto: add afalg-backend support
Date: Tue, 18 Jul 2017 10:55:32 +0100 [thread overview]
Message-ID: <20170718095532.GF11927@redhat.com> (raw)
In-Reply-To: <1500055451-14041-1-git-send-email-longpeng.mike@gmail.com>
On Fri, Jul 14, 2017 at 02:03:53PM -0400, longpeng.mike@gmail.com wrote:
> From: "Longpeng(Mike)" <longpeng2@huawei.com>
>
> The AF_ALG socket family is the userspace interface for linux
> crypto API, users can use it to access hardware accelerators.
>
> This patchset adds a afalg-backend for qemu crypto subsystem. QEMU
> would try to use afalg-backend first if configures '--enable-crypto
> -afalg' and hostos support AF_ALG.
>
> I measured the performance about the afalg-backend impls, I tested
> how many data could be encrypted in 5 seconds.
>
> NOTE: In some scenarios library-backend using CPU insns for crypto
> would be faster.
>
> test-environment: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
>
> *sha256*
> chunk_size(bytes) MB/sec(afalg:sha256-ssse3) MB/sec(nettle)
> 512 93.03 185.87
> 1024 146.32 201.78
> 2048 213.32 210.93
> 4096 275.48 215.26
> 8192 321.77 217.49
> 16384 349.60 219.26
> 32768 363.59 219.73
> 65536 375.79 219.99
>
> *hmac(sha256)*
> chunk_size(bytes) MB/sec(afalg:sha256-ssse3) MB/sec(nettle)
> 512 71.26 165.55
> 1024 117.43 189.15
> 2048 180.96 203.24
> 4096 247.60 211.38
> 8192 301.99 215.65
> 16384 340.79 218.22
> 32768 365.51 219.49
> 65536 377.92 220.24
>
> *cbc(aes128)*
> chunk_size(bytes) MB/sec(afalg:cbc-aes-aesni) MB/sec(nettle)
> 512 371.76 188.41
> 1024 559.86 189.64
> 2048 768.66 192.11
> 4096 939.15 192.40
> 8192 1029.48 192.49
> 16384 1072.79 190.52
> 32768 1109.38 190.41
> 65536 1102.38 190.40
>
> ---
> Changes since v5:
> - use afalg-backend first only when configured with
> '--enable-crypto-afalg' and AF_ALG is supportted.
> [Daniel]
>
> Changes since v4:
> - remove 'name' field in 'struct CryptoAFAlg'. [Daniel]
> - add error handling for read() returning less than requested. [Daniel]
> - use iov_send_recv to recv msg in hash-afalg.c. [Daniel]
> - refactor hmac benchmark as suggestion. [Daniel]
>
> Changes since v3:
> - add "Reviewed-by: Daniel P. Berrange <address@hidden>" in
> commit messages of PATCH 1/2/3/4/5/7/8/9/10/11.
> - PATCH 12: use strlen() instead of qemu_strnlen() in
> qcrypto_afalg_build_saddr(). [Daniel]
> - PATCH 12: rather than indenting the entire method, just return immediately
> if afalg=NULL. [Daniel]
> - PATCH 13: use g_strdup_printf() instead of g_new0+snprintf() and remove
> redundant bounds check in qcrypto_afalg_cipher_format_name().
> [Daniel]
> - PATCH 13: s/except_niv/expect_niv s/origin_contorllen/origin_controllen.
> [Daniel]
> - PATCH 13: use '%zu' to print 'size_t' in qcrypto_afalg_cipher_setiv().
> [Daniel]
> - PATCH 13: remove qcrypto_cipher_using_afalg_drv(). [Daniel]
> - PATCH 13: refactor the qcrypto_cipher_new() as Daniel's suggestion.
> [Daniel]
> - PATCH 13: correct the ->cmsg initialization int
> qcrypto_afalg_cipher_ctx_new() to
> avoid different behaviour in test_cipher_null_iv(). [Daniel]
> - PATCH 14: use g_strdup_printf() instead of g_new0+snprintf() and remove
> edundant bounds check in qcrypto_afalg_hash_format_name().
> [Daniel]
> - PATCH 14: s/except_len/expect_len. [Daniel]
> - PATCH 14: free 'errp' if afalg_driver.hash_bytesv() failed. [Daniel]
> - PATCH 14: maybe some afalg errors should be treated as fatal, but we
> have no idea yet, so add a "TODO" comment.
> - PATCH 15: refactor the qcrypto_hmac_new() as Daniel's suggestion. [Daniel]
>
> Changes since v2:
> - init sockaddr_alg object when it's defined. [Gonglei]
> - fix some superfluous initialization. [Gonglei]
> - s/opeartion/operation/g in crypto/afalgpriv.h. [Gonglei]
> - check 'niv' in qcrypto_afalg_cipher_setiv. [Gonglei]
>
> Changes since v1:
> - use "make check-speed" to testing the performance. [Daniel]
> - put private definations into crypto/***priv.h. [Daniel]
> - remove afalg socket from qapi-schema, put them into crypto/. [Daniel]
> - some Error report change. [Daniel]
> - s/QCryptoAfalg/QCryptoAFAlg. [Daniel]
> - use snprintf with bounds checking instead of sprintf. [Daniel]
> - use "qcrypto_afalg_" prefix and "qcrypto_nettle(gcrypt,glib,builtin)_"
> prefix. [Daniel]
> - add testing results in cover-letter. [Gonglei]
>
> ---
> Longpeng(Mike) (18):
> crypto: cipher: introduce context free function
> crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend
> crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend
> crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend
> crypto: cipher: add cipher driver framework
> crypto: hash: add hash driver framework
> crypto: hmac: move crypto/hmac.h into include/crypto/
> crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend
> crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend
> crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend
> crypto: hmac: add hmac driver framework
> crypto: introduce some common functions for af_alg backend
> crypto: cipher: add afalg-backend cipher support
> crypto: hash: add afalg-backend hash support
> crypto: hmac: add af_alg-backend hmac support
> tests: crypto: add cipher speed benchmark support
> tests: crypto: add hash speed benchmark support
> tests: crypto: add hmac speed benchmark support
>
> configure | 30 ++++++
> crypto/Makefile.objs | 3 +
> crypto/afalg.c | 116 +++++++++++++++++++++
> crypto/afalgpriv.h | 64 ++++++++++++
> crypto/cipher-afalg.c | 226 ++++++++++++++++++++++++++++++++++++++++
> crypto/cipher-builtin.c | 125 +++++++++++-----------
> crypto/cipher-gcrypt.c | 105 ++++++++++---------
> crypto/cipher-nettle.c | 84 ++++++++-------
> crypto/cipher.c | 80 ++++++++++++++
> crypto/cipherpriv.h | 56 ++++++++++
> crypto/hash-afalg.c | 214 +++++++++++++++++++++++++++++++++++++
> crypto/hash-gcrypt.c | 19 ++--
> crypto/hash-glib.c | 19 ++--
> crypto/hash-nettle.c | 19 ++--
> crypto/hash.c | 30 ++++++
> crypto/hashpriv.h | 39 +++++++
> crypto/hmac-gcrypt.c | 42 ++++----
> crypto/hmac-glib.c | 63 ++++++-----
> crypto/hmac-nettle.c | 42 ++++----
> crypto/hmac.c | 58 +++++++++++
> crypto/hmac.h | 166 -----------------------------
> crypto/hmacpriv.h | 48 +++++++++
> include/crypto/cipher.h | 1 +
> include/crypto/hmac.h | 167 +++++++++++++++++++++++++++++
> tests/Makefile.include | 13 ++-
> tests/benchmark-crypto-cipher.c | 88 ++++++++++++++++
> tests/benchmark-crypto-hash.c | 67 ++++++++++++
> tests/benchmark-crypto-hmac.c | 82 +++++++++++++++
> 28 files changed, 1655 insertions(+), 411 deletions(-)
> create mode 100644 crypto/afalg.c
> create mode 100644 crypto/afalgpriv.h
> create mode 100644 crypto/cipher-afalg.c
> create mode 100644 crypto/cipherpriv.h
> create mode 100644 crypto/hash-afalg.c
> create mode 100644 crypto/hashpriv.h
> delete mode 100644 crypto/hmac.h
> create mode 100644 crypto/hmacpriv.h
> create mode 100644 include/crypto/hmac.h
> create mode 100644 tests/benchmark-crypto-cipher.c
> create mode 100644 tests/benchmark-crypto-hash.c
> create mode 100644 tests/benchmark-crypto-hmac.c
Queued for merge.
Thanks for your contribution to QEMU
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
prev parent reply other threads:[~2017-07-18 9:55 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-14 18:03 [Qemu-devel] [PATCH v6 00/18] crypto: add afalg-backend support longpeng.mike
2017-07-14 18:03 ` [Qemu-devel] [PATCH v6 01/18] crypto: cipher: introduce context free function longpeng.mike
2017-07-14 18:03 ` [Qemu-devel] [PATCH v6 02/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend longpeng.mike
2017-07-14 18:03 ` [Qemu-devel] [PATCH v6 03/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend longpeng.mike
2017-07-14 18:03 ` [Qemu-devel] [PATCH v6 04/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend longpeng.mike
2017-07-14 18:03 ` [Qemu-devel] [PATCH v6 05/18] crypto: cipher: add cipher driver framework longpeng.mike
2017-07-14 18:03 ` [Qemu-devel] [PATCH v6 06/18] crypto: hash: add hash " longpeng.mike
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 07/18] crypto: hmac: move crypto/hmac.h into include/crypto/ longpeng.mike
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 08/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend longpeng.mike
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 09/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend longpeng.mike
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 10/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend longpeng.mike
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 11/18] crypto: hmac: add hmac driver framework longpeng.mike
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 12/18] crypto: introduce some common functions for af_alg backend longpeng.mike
2017-07-18 9:49 ` Daniel P. Berrange
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 13/18] crypto: cipher: add afalg-backend cipher support longpeng.mike
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 14/18] crypto: hash: add afalg-backend hash support longpeng.mike
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 15/18] crypto: hmac: add af_alg-backend hmac support longpeng.mike
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 16/18] tests: crypto: add cipher speed benchmark support longpeng.mike
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 17/18] tests: crypto: add hash " longpeng.mike
2017-07-14 18:04 ` [Qemu-devel] [PATCH v6 18/18] tests: crypto: add hmac " longpeng.mike
2017-07-18 9:55 ` Daniel P. Berrange [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170718095532.GF11927@redhat.com \
--to=berrange@redhat.com \
--cc=arei.gonglei@huawei.com \
--cc=longpeng.mike@gmail.com \
--cc=longpeng2@huawei.com \
--cc=qemu-devel@nongnu.org \
--cc=weidong.huang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.