subject:"\[Qemu\-devel\] \[virtio\-dev\] Re\: \[RFC 0\/8\] virtio\-crypto\: add multiplexing mode support"

Re: [Qemu-devel] [virtio-dev] Re: [RFC 0/8] virtio-crypto: add multiplexing mode support

2017-09-15 Thread Halil Pasic



On 09/14/2017 02:58 AM, Longpeng (Mike) wrote:
> 
> 
> On 2017/9/14 2:14, Halil Pasic wrote:
> 
>>
>>
>> On 09/11/2017 03:10 AM, Longpeng(Mike) wrote:
>>> *NOTE*
>>> The code realization is based on the latest virtio crypto spec:
>>>  [PATCH v19 0/2] virtio-crypto: virtio crypto device specification
>>>https://lists.nongnu.org/archive/html/qemu-devel/2017-08/msg05217.html
>>>
>>> In session mode, the process of create/close a session
>>> makes we have a least one full round-trip cost from guest to host to guest
>>> to be able to send any data for symmetric algorithms. It gets ourself into
>>> synchronization troubles in some scenarios like a web server handling lots
>>> of small requests whose algorithms and keys are different.
>>>
>>> We can support one-blob request (no sessions) as well for symmetric
>>> algorithms, including HASH, MAC services. The benefit is obvious for
>>> HASH service because it's usually a one-blob operation.
>>>
>>
>> Hi!
>>
>> I've just started looking at this. Patch #1 modifies linux/virtio_crypto.h
>> which if I compare with the (almost) latest linux master is different. Thus
>> I would expect a corresponding kernel patch set too, but I haven't received
>> one, nor did I find a reference in the cover letter.
>>
>> I think if I want to test the new features I need the kernel counter-part
>> too, or?
>>
>> Could you point me to the kernel counterpart?
>>
> 
> 
> Hi Halil,
> 
> We haven't implemented the kernel frontend part yet, but there's a testcase
> based on qtest, you can use it.
> 
> Please see the attachment.
> 

Thanks Longpeng! I have two problems with this: first I can't use this on s390x
and as you may have noticed I'm working mostly on s390x (that's what I'm payed
for). OK, my laptop is amd64 so I was able to try it out, and that leads to the
next problem. I can't test before/after and cross version stuff with this. That
hurts me because I have a feeling things can be done simpler but that feeling 
has
failed me before, so I tend to try out first and then start a discussion.

Is some kernel patch series already in the pipeline? 

Regards,
Halil

Re: [Qemu-devel] [virtio-dev] Re: [RFC 0/8] virtio-crypto: add multiplexing mode support

2017-09-13 Thread Longpeng (Mike)



On 2017/9/14 2:14, Halil Pasic wrote:

> 
> 
> On 09/11/2017 03:10 AM, Longpeng(Mike) wrote:
>> *NOTE*
>> The code realization is based on the latest virtio crypto spec:
>>  [PATCH v19 0/2] virtio-crypto: virtio crypto device specification
>>https://lists.nongnu.org/archive/html/qemu-devel/2017-08/msg05217.html
>>
>> In session mode, the process of create/close a session
>> makes we have a least one full round-trip cost from guest to host to guest
>> to be able to send any data for symmetric algorithms. It gets ourself into
>> synchronization troubles in some scenarios like a web server handling lots
>> of small requests whose algorithms and keys are different.
>>
>> We can support one-blob request (no sessions) as well for symmetric
>> algorithms, including HASH, MAC services. The benefit is obvious for
>> HASH service because it's usually a one-blob operation.
>>
> 
> Hi!
> 
> I've just started looking at this. Patch #1 modifies linux/virtio_crypto.h
> which if I compare with the (almost) latest linux master is different. Thus
> I would expect a corresponding kernel patch set too, but I haven't received
> one, nor did I find a reference in the cover letter.
> 
> I think if I want to test the new features I need the kernel counter-part
> too, or?
> 
> Could you point me to the kernel counterpart?
> 


Hi Halil,

We haven't implemented the kernel frontend part yet, but there's a testcase
based on qtest, you can use it.

Please see the attachment.

-- 
Regards,
Longpeng(Mike)

> Regards,
> Halil
> 
> 
>> Gonglei (3):
>>   virtio-crypto: add stateless crypto request handler
>>   cryptodev: extract one util function
>>   virtio-crypto: add host feature bits support
>>
>> Longpeng(Mike) (5):
>>   virtio-crypto: add new definations for multiplexing mode
>>   virtio-crypto: add session creation logic for mux mode
>>   virtio-crypto: add dataq operation logic for mux mode
>>   cryptodev: add stateless mode cipher support
>>   cryptodev-builtin: add stateless cipher support
>>
>>  backends/cryptodev-builtin.c   | 189 ---
>>  backends/cryptodev.c   |  21 ++
>>  hw/virtio/virtio-crypto.c  | 433 
>> +++--
>>  include/hw/virtio/virtio-crypto.h  |   2 +
>>  include/standard-headers/linux/virtio_crypto.h | 182 ++-
>>  include/sysemu/cryptodev.h |  21 ++
>>  6 files changed, 774 insertions(+), 74 deletions(-)
>>
> 
> 
> -
> To unsubscribe, e-mail: virtio-dev-unsubscr...@lists.oasis-open.org
> For additional commands, e-mail: virtio-dev-h...@lists.oasis-open.org
> 
> 
> .
> 


-- 
Regards,
Longpeng(Mike)
From 259359700b1847cd66f9c3e04a86a14546f6f0e0 Mon Sep 17 00:00:00 2001
From: Gonglei 
Date: Mon, 8 May 2017 13:42:53 +0800
Subject: [PATCH] qtest: emulate virtio crypto as a legacy device for
 experiment

Because the current qtest framework do not support virtio-1
or latter devices. For experimental purpose,
let's emulate the virtio crypto device as a legacy virtio
device by default. Using 0x1014 as virtio crypto pci device ID
because virtio crypto ID is 20 (0x14).

Signed-off-by: Gonglei 

virtio-crypto-test: add qtest case for virtio-crypto

We can simply test the functions of virtio crypto
device, including session creation, session closing,
cipher encryption and decryption.

Quick usage:
 # make tests/virtio-crypto-test && ./tests/virtio-crypto-test
  CCtests/virtio-crypto-test.o
  LINK  tests/virtio-crypto-test
/virtio/crypto/cbc(aes-128-session-mode): OK
/virtio/crypto/cbc(aes-128-stateless-mode): OK

Signed-off-by: Gonglei 
[rebase on the v19 spec]
Signed-off-by: Longpeng(Mike) 
---
 docs/specs/pci-ids.txt|   2 +
 hw/virtio/virtio-crypto-pci.c |   4 +-
 include/hw/pci/pci.h  |   2 +
 tests/Makefile.include|   3 +
 tests/virtio-crypto-test.c| 600 ++
 5 files changed, 610 insertions(+), 1 deletion(-)
 create mode 100644 tests/virtio-crypto-test.c

diff --git a/docs/specs/pci-ids.txt b/docs/specs/pci-ids.txt
index bb99a02..61877b7 100755
--- a/docs/specs/pci-ids.txt
+++ b/docs/specs/pci-ids.txt
@@ -22,6 +22,7 @@ maintained as part of the virtio specification.
 1af4:1004  SCSI host bus adapter device (legacy)
 1af4:1005  entropy generator device (legacy)
 1af4:1009  9p filesystem device (legacy)
+1af4:1014  crypto device (legacy)
 
 1af4:1041  network device (modern)
 1af4:1042  block device (modern)
@@ -32,6 +33,7 @@ maintained as part of the virtio specification.
 1af4:1049  9p filesystem device (modern)
 1af4:1050  virtio gpu device (modern)
 1af4:1052  virtio input device (modern)
+1af4:1054  crypto device (modern)
 
 1af4:10f0  Available for experimental usage without registration.  Must get
to  official ID when the code leaves the test lab

Re: [Qemu-devel] [virtio-dev] Re: [RFC 0/8] virtio-crypto: add multiplexing mode support

Re: [Qemu-devel] [virtio-dev] Re: [RFC 0/8] virtio-crypto: add multiplexing mode support

2 matches

Site Navigation

Mail list logo

Footer information