Re: [PATCH 0/7] crypto: Convert all AEAD users to new interface
Am Donnerstag, 21. Mai 2015, 18:39:39 schrieb Herbert Xu: Hi Herbert, Hi: This series of patches convert all in-tree AEAD users that I could find to the new single SG list interface. For IPsec it also adopts the new explicit IV generator scheme. To recap, the old AEAD interface takes an associated data (AD) SG list in addition to the plain/cipher text SG list(s). That forces the underlying AEAD algorithm implementors to try to stitch those two lists together where possible in order to maximise the contiguous chunk of memory passed to the ICV/hash function. Things get even more hairy for IPsec as it has a third piece of memory, the generated IV (giv) that needs to be hashed. One look at the nasty things authenc does for example is enough to make anyone puke :) In fact the interface is just getting in our way because for the main user IPsec the data is naturally contiguous as the protocol was designed with this in mind. So the new AEAD interface gets rid of the separate AD SG list and instead simply requires the AD to be at the head of the src and dst SG lists. There is further provision for optional space between the AD and the plain/cipher text for ease of implementation. Wouldn't algif_aead be also a candiate for the transition? The current implementation of aead_recvmsg() splits the one SGL it received from user space into two: one for AD and one for the ciphertext. I would assume that this split now can be completely eliminated by removing the for loop in aead_recvmsg entirely. Ciao Stephan -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 0/7] crypto: Convert all AEAD users to new interface
Hi: This series of patches convert all in-tree AEAD users that I could find to the new single SG list interface. For IPsec it also adopts the new explicit IV generator scheme. To recap, the old AEAD interface takes an associated data (AD) SG list in addition to the plain/cipher text SG list(s). That forces the underlying AEAD algorithm implementors to try to stitch those two lists together where possible in order to maximise the contiguous chunk of memory passed to the ICV/hash function. Things get even more hairy for IPsec as it has a third piece of memory, the generated IV (giv) that needs to be hashed. One look at the nasty things authenc does for example is enough to make anyone puke :) In fact the interface is just getting in our way because for the main user IPsec the data is naturally contiguous as the protocol was designed with this in mind. So the new AEAD interface gets rid of the separate AD SG list and instead simply requires the AD to be at the head of the src and dst SG lists. There is further provision for optional space between the AD and the plain/cipher text for ease of implementation. The conversion of in-tree users is fairly straightforward. The only non-trivial bit is IPsec as I'm taking this opportunity to move the IV generation knowledge into IPsec as that's where it belongs since we may in future wish to support different generation schemes for a single algorithm. As this depends on patches that have not hit mainline yet please do not apply them. Cheers, -- Email: Herbert Xu herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 0/7] crypto: Convert all AEAD users to new interface
On Thu, May 21, 2015 at 12:03:47PM -0400, David Miller wrote: No objections on my end. I assume since the dependencies exist in the crypto tree, you'll want to merge this series there right? Yes that's probably the easiest path. Thanks, -- Email: Herbert Xu herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 0/7] crypto: Convert all AEAD users to new interface
On Thu, May 21, 2015 at 02:29:10PM +0200, Stephan Mueller wrote: Wouldn't algif_aead be also a candiate for the transition? The current implementation of aead_recvmsg() splits the one SGL it received from user space into two: one for AD and one for the ciphertext. Yes of course, that's what inspired this :) I just want to do the users outside crypto first before the rest. Cheers, -- Email: Herbert Xu herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 0/7] crypto: Convert all AEAD users to new interface
From: Herbert Xu herb...@gondor.apana.org.au Date: Thu, 21 May 2015 18:39:39 +0800 This series of patches convert all in-tree AEAD users that I could find to the new single SG list interface. For IPsec it also adopts the new explicit IV generator scheme. No objections on my end. I assume since the dependencies exist in the crypto tree, you'll want to merge this series there right? -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
