From: Sabrina Dubroca <sd@queasysnail.net>
To: Jakub Kicinski <kuba@kernel.org>
Cc: netdev@vger.kernel.org, Jonathan Corbet <corbet@lwn.net>,
linux-doc@vger.kernel.org, Scott Dial <scott@scottdial.com>
Subject: Re: [PATCH net-next] macsec: introduce default_async_crypto sysctl
Date: Tue, 22 Aug 2023 17:39:56 +0200 [thread overview]
Message-ID: <ZOTWzJ4aEa5geNva@hog> (raw)
In-Reply-To: <20230818184648.127b2ccf@kernel.org>
2023-08-18, 18:46:48 -0700, Jakub Kicinski wrote:
> On Thu, 17 Aug 2023 17:07:03 +0200 Sabrina Dubroca wrote:
> > Commit ab046a5d4be4 ("net: macsec: preserve ingress frame ordering")
> > tried to solve an issue caused by MACsec's use of asynchronous crypto
> > operations, but introduced a large performance regression in cases
> > where async crypto isn't causing reordering of packets.
> >
> > This patch introduces a per-netns sysctl that administrators can set
> > to allow new SAs to use async crypto, such as aesni. Existing SAs
> > won't be modified.
> >
> > By setting default_async_crypto=1 and reconfiguring macsec, a single
> > netperf instance jumps from 1.4Gbps to 4.4Gbps.
>
> Can we not fix the ordering problem?
> Queue the packets locally if they get out of order?
Actually, looking into the crypto API side, I don't see how they can
get out of order since commit 81760ea6a95a ("crypto: cryptd - Add
helpers to check whether a tfm is queued"):
[...] ensure that no reordering is introduced because of requests
queued in cryptd with respect to requests being processed in
softirq context.
And cryptd_aead_queued() is used by AESNI (via simd_aead_decrypt()) to
decide whether to process the request synchronously or not.
So I really don't get what commit ab046a5d4be4 was trying to fix. I've
never been able to reproduce that issue, I guess commit 81760ea6a95a
explains why.
I'd suggest to revert commit ab046a5d4be4, but it feels wrong to
revert it without really understanding what problem Scott hit and why
81760ea6a95a didn't solve it.
What do you think?
--
Sabrina
next prev parent reply other threads:[~2023-08-22 15:40 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-17 15:07 [PATCH net-next] macsec: introduce default_async_crypto sysctl Sabrina Dubroca
2023-08-19 1:46 ` Jakub Kicinski
2023-08-22 15:39 ` Sabrina Dubroca [this message]
2023-08-22 15:59 ` Jakub Kicinski
2023-08-23 20:22 ` Scott Dial
2023-08-24 13:01 ` Sabrina Dubroca
2023-08-24 17:08 ` Scott Dial
2023-08-28 9:42 ` Sabrina Dubroca
2023-08-28 19:04 ` Scott Dial
2023-08-31 14:10 ` Sabrina Dubroca
2023-09-01 2:35 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZOTWzJ4aEa5geNva@hog \
--to=sd@queasysnail.net \
--cc=corbet@lwn.net \
--cc=kuba@kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=scott@scottdial.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).