From: Eric Biggers <ebiggers@kernel.org>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Steffen Klassert <steffen.klassert@secunet.com>,
netdev@vger.kernel.org, linux-crypto@vger.kernel.org,
fsverity@lists.linux.dev, dm-devel@lists.linux.dev,
x86@kernel.org, linux-arm-kernel@lists.infradead.org,
Ard Biesheuvel <ardb@kernel.org>,
Sami Tolvanen <samitolvanen@google.com>,
Bart Van Assche <bvanassche@acm.org>
Subject: Re: [PATCH v4 6/8] fsverity: improve performance by using multibuffer hashing
Date: Wed, 5 Jun 2024 12:14:10 -0700 [thread overview]
Message-ID: <20240605191410.GB1222@sol.localdomain> (raw)
In-Reply-To: <ZmAz8-glRX2wl13D@gondor.apana.org.au>
On Wed, Jun 05, 2024 at 05:46:27PM +0800, Herbert Xu wrote:
> On Wed, Jun 05, 2024 at 05:22:21PM +0800, Herbert Xu wrote:
> >
> > However, I really dislike the idea of shoehorning this into shash.
> > I know you really like shash, but I think there are some clear
> > benefits to be had by coupling this with ahash.
>
> If we do this properly, we should be able to immediately use the
> mb code with IPsec. In the network stack, we already aggregate
> the data prior to IPsec with GSO. So at the boundary between
> IPsec and the Crypto API, it's dividing chunks of data up to 64K
> into 1500-byte packets and feeding them to crypto one at a time.
>
> It really should be sending the whole chain of packets to us as
> a unit.
>
> Once we have a proper mb interface, we can fix that and immediately
> get the benefit of mb hashing.
>
This would at most apply to AH, not to ESP. Is AH commonly used these days?
Also even for AH, the IPsec code would need to be significantly restructured to
make use of multibuffer hashing. See how the segmentation happens in
xfrm_output_gso(), but the ahash calls happen much lower in the stack.
I'm guessing that you've had the AH use case in mind since your earlier
comments. Given you were originally pushing for this to be supported using the
existing async support in the ahash API (which would have required fewer code
changes on the AH side), but we now agree that is not feasible, maybe it is time
to reconsider whether it would still be worthwhile to make all the changes to
the AH code needed to support this?
Also, even if it would be worthwhile and would use ahash, ahash is almost always
just a wrapper for shash. So the shash support would be needed anyway.
- Eric
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2024-06-05 19:14 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-03 18:37 [PATCH v4 0/8] Optimize dm-verity and fsverity using multibuffer hashing Eric Biggers
2024-06-03 18:37 ` [PATCH v4 1/8] crypto: shash - add support for finup_mb Eric Biggers
2024-06-04 18:55 ` Ard Biesheuvel
2024-06-04 19:25 ` Eric Biggers
2024-06-03 18:37 ` [PATCH v4 2/8] crypto: testmgr - generate power-of-2 lengths more often Eric Biggers
2024-06-03 18:37 ` [PATCH v4 3/8] crypto: testmgr - add tests for finup_mb Eric Biggers
2024-06-03 18:37 ` [PATCH v4 4/8] crypto: x86/sha256-ni - add support " Eric Biggers
2024-06-03 18:37 ` [PATCH v4 5/8] crypto: arm64/sha256-ce " Eric Biggers
2024-06-04 19:00 ` Ard Biesheuvel
2024-06-03 18:37 ` [PATCH v4 6/8] fsverity: improve performance by using multibuffer hashing Eric Biggers
2024-06-04 9:37 ` Herbert Xu
2024-06-04 18:42 ` Eric Biggers
2024-06-05 9:19 ` Herbert Xu
2024-06-05 9:22 ` Herbert Xu
2024-06-05 9:46 ` Herbert Xu
2024-06-05 19:14 ` Eric Biggers [this message]
2024-06-06 2:00 ` Herbert Xu
2024-06-06 5:28 ` Eric Biggers
2024-06-06 5:41 ` Herbert Xu
2024-06-06 6:58 ` Ard Biesheuvel
2024-06-06 7:34 ` Herbert Xu
2024-06-06 7:55 ` Ard Biesheuvel
2024-06-06 8:08 ` Herbert Xu
2024-06-06 8:33 ` Ard Biesheuvel
2024-06-06 9:15 ` Herbert Xu
2024-06-10 16:42 ` Eric Biggers
2024-06-11 15:21 ` Herbert Xu
2024-06-11 15:39 ` Herbert Xu
2024-06-11 20:32 ` Eric Biggers
2024-06-11 15:46 ` Ard Biesheuvel
2024-06-11 15:51 ` Herbert Xu
2024-06-11 20:18 ` Eric Biggers
2024-06-05 18:58 ` Eric Biggers
2024-06-03 18:37 ` [PATCH v4 7/8] dm-verity: hash blocks with shash import+finup when possible Eric Biggers
2024-06-03 18:37 ` [PATCH v4 8/8] dm-verity: improve performance by using multibuffer hashing Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240605191410.GB1222@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=ardb@kernel.org \
--cc=bvanassche@acm.org \
--cc=dm-devel@lists.linux.dev \
--cc=fsverity@lists.linux.dev \
--cc=herbert@gondor.apana.org.au \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=samitolvanen@google.com \
--cc=steffen.klassert@secunet.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox