From: Eric Dumazet
Date: Mon, 27 Jun 2016 18:51:53 +0200
> From: Eric Dumazet
>
> Some arches have virtually mapped kernel stacks, or will soon have.
>
> tcp_md5_hash_header() uses an automatic variable to copy tcp header
> before mangling
On Wed, Jun 29, 2016 at 03:39:37PM -0700, Andy Lutomirski wrote:
>
> I don't care about TCP MD5 performance at all. Ease of maintenance is
> nice, though, and maybe there are other places in the kernel where
> performance does matter.
TCP MD5 is using ahash because it touches SG lists. Touching
On Wed, Jun 29, 2016 at 2:44 PM, Eric Dumazet wrote:
> On Wed, 2016-06-29 at 09:41 -0700, Andy Lutomirski wrote:
>
>> Overall, it looks like there's overhead of something like 50ns for
>> each ahash invocation vs the shash equivalent. It's not huge, but
>> it's there.
On Wed, 2016-06-29 at 09:41 -0700, Andy Lutomirski wrote:
> Overall, it looks like there's overhead of something like 50ns for
> each ahash invocation vs the shash equivalent. It's not huge, but
> it's there. (This is cache-hot. I bet it's considerably worse if
> cache-cold, because ahash will
On Wed, Jun 29, 2016 at 8:38 AM, Herbert Xu wrote:
> On Wed, Jun 29, 2016 at 08:26:43AM -0700, Andy Lutomirski wrote:
>>
>> Two reasons:
>>
>> 1. Code like tcp md5 would be simpler if it could pass a scatterlist
>> to hash the skb but use a virtual address for the
On Wed, Jun 29, 2016 at 08:26:43AM -0700, Andy Lutomirski wrote:
>
> Two reasons:
>
> 1. Code like tcp md5 would be simpler if it could pass a scatterlist
> to hash the skb but use a virtual address for the header.
True. But I bet we can make it simpler in other ways without
creating special
On Wed, Jun 29, 2016 at 8:02 AM, Herbert Xu wrote:
> On Wed, Jun 29, 2016 at 07:59:22AM -0700, Andy Lutomirski wrote:
>>> I suspect that, if you compare a synchronous implementation that can
>> use virtual addresses to a DMA based implementation that can't, you'll
>>
On Wed, Jun 29, 2016 at 07:59:22AM -0700, Andy Lutomirski wrote:
>> I suspect that, if you compare a synchronous implementation that can
> use virtual addresses to a DMA based implementation that can't, you'll
> find that, for short messages like tcp md5 uses, the synchronous
> implementation
On Tue, Jun 28, 2016 at 7:23 PM, Herbert Xu wrote:
> On Tue, Jun 28, 2016 at 10:35:31AM -0700, Andy Lutomirski wrote:
>>
>> Do you mean this code:
>
> Yes.
>
>> I'm wondering why support for scatterlists is all-or-nothing. Why
>> can't we initialize a hash object and
On Tue, Jun 28, 2016 at 10:35:31AM -0700, Andy Lutomirski wrote:
>
> Do you mean this code:
Yes.
> I'm wondering why support for scatterlists is all-or-nothing. Why
> can't we initialize a hash object and then alternate between passing
> it scatterlists and pointers?
Because once you have
On Mon, Jun 27, 2016 at 8:41 PM, Herbert Xu wrote:
> On Mon, Jun 27, 2016 at 10:58:42AM -0700, Andy Lutomirski wrote:
>>
>> I wonder if it's worth switching from ahash to shash, though. It
>> would probably be simpler and faster.
>
> No shash is not appropriate here
On Mon, Jun 27, 2016 at 10:58:42AM -0700, Andy Lutomirski wrote:
>
> I wonder if it's worth switching from ahash to shash, though. It
> would probably be simpler and faster.
No shash is not appropriate here because it needs to hash skb
frags which are SG lists.
Cheers,
--
Email: Herbert Xu
On Mon, 2016-06-27 at 11:31 -0700, Cong Wang wrote:
> Not a problem of your patch, but it seems these allocations never
> get freed once we start using tcp md5. Maybe we should free them
> when the last socket using tcp md5 is gone?
If we constantly allocate-deallocate these tiny blocks for
On Mon, 2016-06-27 at 10:58 -0700, Andy Lutomirski wrote:
> Seems reasonable.
>
> I wonder if it's worth switching from ahash to shash, though. It
> would probably be simpler and faster.
Well, I have no opinion on this, I will let a crypto guy doing this
change if he cares ;)
Thanks.
On Mon, Jun 27, 2016 at 9:51 AM, Eric Dumazet wrote:
> diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
> index
> 5c7ed147449c1b7ba029b12e033ad779a631460a..fddc0ab76c1df82cb05dba03271b773e3b2d
> 100644
> --- a/net/ipv4/tcp.c
> +++ b/net/ipv4/tcp.c
> @@ -2969,8 +2969,18
On Mon, Jun 27, 2016 at 9:51 AM, Eric Dumazet wrote:
> From: Eric Dumazet
>
> Some arches have virtually mapped kernel stacks, or will soon have.
>
> tcp_md5_hash_header() uses an automatic variable to copy tcp header
> before mangling th->check and
From: Eric Dumazet
Some arches have virtually mapped kernel stacks, or will soon have.
tcp_md5_hash_header() uses an automatic variable to copy tcp header
before mangling th->check and calling crypto function, which might
be problematic on such arches.
David says that
17 matches
Mail list logo