From: Eric Biggers via ltp <ltp@lists.linux.it>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: lkp@intel.com, "Horia Geantă" <horia.geanta@nxp.com>,
"Russell King (Oracle)" <linux@armlinux.org.uk>,
"David S. Miller" <davem@davemloft.net>,
"kernel test robot" <oliver.sang@intel.com>,
linux-crypto@vger.kernel.org, oe-lkp@lists.linux.dev,
"Linus Torvalds" <torvalds@linux-foundation.org>,
"Ard Biesheuvel" <ardb@kernel.org>,
ltp@lists.linux.it
Subject: Re: [LTP] [PATCH] crypto: api - Fix generic algorithm self-test races
Date: Sat, 5 Oct 2024 20:06:18 -0700 [thread overview]
Message-ID: <20241006030618.GA30755@sol.localdomain> (raw)
In-Reply-To: <ZwHfiNsP7fUvDwbH@gondor.apana.org.au>
On Sun, Oct 06, 2024 at 08:53:28AM +0800, Herbert Xu wrote:
> On Sat, Oct 05, 2024 at 03:24:48PM -0700, Eric Biggers wrote:
> >
> > The tests are still failing on upstream:
> >
> > [ 0.343845] alg: self-tests for rfc4106(gcm(aes)) using rfc4106(gcm_base(ctr(aes-generic),ghash-generic)) failed (rc=-2)
>
> You're right. I only disabled the warnings at the point of
> allocation, the overall self-test warning is still there. Let
> me get rid of them too.
>
> > Besides the test failures, it looks like there's no longer any guarantee that
> > algorithms are actually available now that their module is loaded.
>
> That would indeed be a bug. But I haven't seen it in practice.
> Although the s390 folks were reporting some weird errors with
> dm-crypt, they have recently disappeared.
>
> If you do see an actual failure please report it and then I'll
> consider reverting it until it's fixed.
>
> > E.g. consider if someone does 'modprobe aesni-intel' and then immediately
> > creates a dm-crypt device. Now it sounds like the AES-NI algorithms might not
> > have finished being tested yet and the generic algorithms can be used instead,
> > resulting in a performance regression.
>
> That is not the case. After modprobe returns, the algorithm is
> guaranteed to have been registered. Yes it is untested, but that
> should not be a problem because a test larval will have been created
> and all users looking for that algorithm will be waiting on that
> test larval.
I'm not sure about that, since the code that looks up algorithms only looks for
algorithms that already have the CRYPTO_ALG_TESTED flag.
> > I understand that you want to try to fix the edge cases in "fallback" ciphers.
> > But "fallback" ciphers have always seemed like a bad design due to how they use
> > the crypto API recursively. I think the algorithms that use them should
> > generally be migrated off of them, e.g. as I did in commit f235bc11cc95
> > ("crypto: arm/aes-neonbs - go back to using aes-arm directly"). That fixed the
> > problem in aes-neonbs that seems to have triggered this work in the first place.
>
> Yes getting rid of fallbacks is nice, but this it not the reason why
> we're making self-test asynchronous. The primary issue with synchronous
> self-tests is the modprobe dead-lock.
That problem is caused by the use of fallback ciphers, though.
- Eric
--
Mailing list info: https://lists.linux.it/listinfo/ltp
next prev parent reply other threads:[~2024-10-06 3:06 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <ZrbTUk6DyktnO7qk@gondor.apana.org.au>
2024-08-16 8:45 ` [LTP] [PATCH 1/3] crypto: api - Remove instance larval fulfilment kernel test robot
2024-08-17 6:56 ` [LTP] [v3 PATCH " Herbert Xu via ltp
2024-08-17 6:57 ` [LTP] [v3 PATCH 2/3] crypto: api - Do not wait for tests during registration Herbert Xu via ltp
2024-08-17 6:58 ` [LTP] [v3 PATCH 3/3] crypto: simd - Do not call crypto_alloc_tfm " Herbert Xu via ltp
2024-08-27 18:48 ` Eric Biggers via ltp
2024-08-28 2:59 ` Herbert Xu via ltp
2024-08-30 17:51 ` Eric Biggers via ltp
2024-09-01 8:05 ` [LTP] [PATCH] crypto: api - Fix generic algorithm self-test races Herbert Xu via ltp
2024-09-02 17:05 ` Eric Biggers via ltp
[not found] ` <ZtZFOgh3WylktM1E@gondor.apana.org.au>
2024-10-05 22:24 ` Eric Biggers via ltp
2024-10-06 0:53 ` Herbert Xu via ltp
2024-10-06 3:06 ` Eric Biggers via ltp [this message]
2024-10-07 4:32 ` Herbert Xu via ltp
2024-10-07 7:58 ` Herbert Xu via ltp
2024-10-07 8:31 ` Herbert Xu via ltp
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241006030618.GA30755@sol.localdomain \
--to=ltp@lists.linux.it \
--cc=ardb@kernel.org \
--cc=davem@davemloft.net \
--cc=ebiggers@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=horia.geanta@nxp.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=lkp@intel.com \
--cc=oe-lkp@lists.linux.dev \
--cc=oliver.sang@intel.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox