From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Thomas Huth <thuth@redhat.com>
Cc: qemu-devel@nongnu.org, "Alex Bennée" <alex.bennee@linaro.org>,
"Wainer dos Santos Moschetta" <wainersm@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Cédric Le Goater" <clg@redhat.com>,
Longpeng <longpeng2@huawei.com>
Subject: Re: [PATCH] gitlab: enable afalg tests in fedora system test
Date: Tue, 22 Oct 2024 09:03:58 +0100 [thread overview]
Message-ID: <Zxdcbl-kaTRggFeJ@redhat.com> (raw)
In-Reply-To: <ea8e87e4-eade-4926-8c0c-b583a605f270@redhat.com>
On Tue, Oct 22, 2024 at 07:31:49AM +0200, Thomas Huth wrote:
> On 21/10/2024 19.02, Daniel P. Berrangé wrote:
> > The AF_ALG crypto integration for Linux is not being tested in
> > any CI scenario. It always requires an explicit configure time
> > flag to be passed to turn it on. The Fedora system test is
> > arbitrarily picked as the place to test it.
> >
> > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> > ---
> > .gitlab-ci.d/buildtest.yml | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > This is to detect the situation Markus found here:
> >
> > https://lists.nongnu.org/archive/html/qemu-devel/2024-10/msg03040.html
> >
> > diff --git a/.gitlab-ci.d/buildtest.yml b/.gitlab-ci.d/buildtest.yml
> > index 01e8470a69..f0cbdf1992 100644
> > --- a/.gitlab-ci.d/buildtest.yml
> > +++ b/.gitlab-ci.d/buildtest.yml
> > @@ -115,7 +115,7 @@ build-system-fedora:
> > job: amd64-fedora-container
> > variables:
> > IMAGE: fedora
> > - CONFIGURE_ARGS: --disable-gcrypt --enable-nettle --enable-docs
> > + CONFIGURE_ARGS: --disable-gcrypt --enable-nettle --enable-docs --enable-crypto-afalg
> > TARGETS: microblaze-softmmu mips-softmmu
> > xtensa-softmmu m68k-softmmu riscv32-softmmu ppc-softmmu sparc64-softmmu
> > MAKE_CHECK_ARGS: check-build
>
> Is there a reason for this feature being disabled by default? Who is using
> it if it is disabled by default? Should we maybe rather enable it by default
> instead?
afalg isn't something you want to use in general. It performs worse than
the userspace crypto in many cases, especially for small buffers where the
context switch overhead kills.
It is potentially interesting if you have hardware crypto accelerator and
your guest workload also wants virtio-crypto.
Having it as a compile time option is not ideal, but it was the least
effort tradeoff.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2024-10-22 8:05 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-21 17:02 [PATCH] gitlab: enable afalg tests in fedora system test Daniel P. Berrangé
2024-10-22 4:24 ` Philippe Mathieu-Daudé
2024-10-22 5:31 ` Thomas Huth
2024-10-22 8:03 ` Daniel P. Berrangé [this message]
2024-10-22 8:54 ` Thomas Huth
2024-10-22 16:26 ` Cédric Le Goater
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zxdcbl-kaTRggFeJ@redhat.com \
--to=berrange@redhat.com \
--cc=alex.bennee@linaro.org \
--cc=armbru@redhat.com \
--cc=clg@redhat.com \
--cc=longpeng2@huawei.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=thuth@redhat.com \
--cc=wainersm@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).