Linux cryptographic layer development
 help / color / mirror / Atom feed
From: Eric Biggers <ebiggers3@gmail.com>
To: Gilad Ben-Yossef <gilad@benyossef.com>
Cc: "Ondrej Mosnáček" <omosnacek+linux-crypto@gmail.com>,
	dm-devel@redhat.com, "Alasdair Kergon" <agk@redhat.com>,
	"Mike Snitzer" <snitzer@redhat.com>,
	linux-crypto@vger.kernel.org, gilad.benyossef@arm.com,
	Ofir <ofir.drang@arm.com>
Subject: Re: [PATCH] dm: switch dm-verity to async hash crypto API
Date: Sun, 29 Jan 2017 16:28:44 -0800	[thread overview]
Message-ID: <20170130002844.GB5253@zzz> (raw)
In-Reply-To: <CAOtvUMfx4xYQk7_NQTQsc0xxGnsKkQdGk97XY5vv2tE0aHLpfw@mail.gmail.com>

On Sun, Jan 29, 2017 at 09:39:20AM +0200, Gilad Ben-Yossef wrote:
> Hi Odrej,
> 
> On Thu, Jan 26, 2017 at 1:34 PM, Ondrej Mosnáček
> <omosnacek+linux-crypto@gmail.com> wrote:
> > Hi Gilad,
> >
> > 2017-01-24 15:38 GMT+01:00 Gilad Ben-Yossef <gilad@benyossef.com>:
> >> -       v->tfm = crypto_alloc_shash(v->alg_name, 0, 0);
> >> +       v->tfm = crypto_alloc_ahash(v->alg_name, 0, CRYPTO_ALG_ASYNC);
> >
> > I believe you should pass zero as the mask here. When flags == 0 and
> > mask == CRYPTO_ALG_ASYNC, you are basically saying "I want only algs
> > that have flags & CRYPTO_ALG_ASYNC == 0", which means you should only
> > get ahash tfms that are always synchronous (see [1]). However, since
> > you set a non-NULL callback in verity_hash_init, I don't think this
> > was your intention. By setting the mask to zero, you should be able to
> > get also an actual async tfm.
> >
> > Thanks,
> > Ondrej
> >
> > [1] https://lkml.org/lkml/2016/12/13/904
> 
> Thank you very much for the review.
> 
> I am the first to admit that I find the Crypto API very cryptic (pun
> intended)... :-)
> 
> I actually followed the example in Documentation/crypto/api-intro.txt.
> I see now the example is
> not doing what I though it was doing. Thank you for clarifying this. I
> will send out a 2nd version.
> 
> The thing I find puzzling in this is that I saw a difference in
> latency when a async algorythm
> provider driver with high priority (3000) was loaded vs. not. Based on
> your description I would
> expect the performance not to change. I will retest with the change
> and will publish the results.
> 
> Thanks!
> Gilad

Hi Gilad,

One thing to keep in mind is that the crypto API somewhat conflates the concept
of "is the algorithm asynchronous?" with "does this algorithm operate on virtual
memory or physical memory?".  The shash API is both synchronous and operates on
virtual memory, and when using it you only have access to shash algorithms.  The
ahash API on the other hand operates on physical memory and can be used either
synchronously or asynchronously.  In addition, both shash and ahash algorithms
may be accessed through the ahash API, and for shash algorithms the API will
handle translating physical addresses to virtual addresses.

So simply by using the ahash API instead of the shash API, even still requiring
a "synchronous" algorithm, you may gain access to a different implementation of
the algorithm, thereby changing the performance.  So whenever doing any
benchmarks I suggest including the actual driver name (cra_driver_name) of the
algorithms used; otherwise it may be unclear why the performance changed.

As for the patch, I haven't looked at it in detail, but I agree that if
dm-verity is indeed operating on sufficiently large buffers in physically
contiguous memory, then the ahash API would be better than the shash API.  Note,
that it also could be useful look into supporting having multiple async requests
issued and pending at the same time, similar to what dm-crypt does.

Eric

  reply	other threads:[~2017-01-30  0:28 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-01-24 14:38 [PATCH] dm: switch dm-verity to async hash crypto API Gilad Ben-Yossef
2017-01-26 11:34 ` Ondrej Mosnáček
2017-01-29  7:39   ` Gilad Ben-Yossef
2017-01-30  0:28     ` Eric Biggers [this message]
2017-02-06 14:02       ` Gilad Ben-Yossef

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170130002844.GB5253@zzz \
    --to=ebiggers3@gmail.com \
    --cc=agk@redhat.com \
    --cc=dm-devel@redhat.com \
    --cc=gilad.benyossef@arm.com \
    --cc=gilad@benyossef.com \
    --cc=linux-crypto@vger.kernel.org \
    --cc=ofir.drang@arm.com \
    --cc=omosnacek+linux-crypto@gmail.com \
    --cc=snitzer@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox