Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp3535165imm; Wed, 5 Sep 2018 01:35:46 -0700 (PDT) X-Google-Smtp-Source: ANB0VdZuOZRKPkyuRMvehkMAea4ccczjloCsEVraJgHEAqfpRf9aS2aPyEzdTIpvzIatLhuyRXfc X-Received: by 2002:a63:de10:: with SMTP id f16-v6mr35077115pgg.97.1536136546195; Wed, 05 Sep 2018 01:35:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536136546; cv=none; d=google.com; s=arc-20160816; b=AjZ6ZBmsH8vDHvYZZgqvic2x5SffF19R1N3hgOr7skB8H0GB5I/WAl6deEVskdmY/S ncJkO/qT76fW4KityQinU8KAp7GvYHymKhFLUtqRhv2UQQ2xMC5h1HBsuTd0fKpZLLnE gs6eb07PTwzBYSPZ2wJUniZsNz1GNQmiBodsF6t+5UmEkZx2rMfjN5tl63WFEyKiaJUe CzW83VCE1PK+9iz7Q1EH5HccBgrwt0miE2QECNSO7+s8jN+/VuJGPIuI8LUPnrJknjEv O39xja0N+gaD9ixvqbNVUvK5FUXAlKl5OtT2pbVcpSUEyvxcHn9H9nA80ftQBY9bFz5g w4dw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :message-id:subject:cc:to:from:date:dkim-signature; bh=9kK749RISeQorgRDsLhpAah28I7dobUTxNmOlBW9+W4=; b=XJtCpKXodGNivg2i121iNOfYNu0LVH/ljpETe7ebse/43b4zt2lVxay2xTsDc7XPEo 6tvnvIY0CAj26cDCVvmgQ6ozApZRvuBFvXfKAMDQN37F1lgpfrAQp6RqdtmFWfNcvOi+ I3pF1NUbP4nL2FVrDRBFJjFufAvNt4Nj+jOE6uwyzFTeAh1+w3fFQJcwsna5jLelUT5z seFoCmzXjRyqNkIvuKVpXNU3t6wV0c64Jx8VSjct1jl7oeZl3k6ERfT1VCv9+O2UK8l0 ObZru/wRglq1ZgaVTPZ1dTKD+g5TqI8MIYeNg8yf/CpCs1WUGFsKaHwr+n/U5KDeJC2Q TICg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linbit-com.20150623.gappssmtp.com header.s=20150623 header.b="lUW/a870"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c12-v6si1334562plz.456.2018.09.05.01.35.31; Wed, 05 Sep 2018 01:35:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linbit-com.20150623.gappssmtp.com header.s=20150623 header.b="lUW/a870"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728198AbeIENCb (ORCPT + 99 others); Wed, 5 Sep 2018 09:02:31 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:44803 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727048AbeIENCb (ORCPT ); Wed, 5 Sep 2018 09:02:31 -0400 Received: by mail-wr1-f67.google.com with SMTP id v16-v6so6634015wro.11 for ; Wed, 05 Sep 2018 01:33:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linbit-com.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to:user-agent; bh=9kK749RISeQorgRDsLhpAah28I7dobUTxNmOlBW9+W4=; b=lUW/a870V7+AFr7SkkwCbAVq8aQ8qv6zH22JRt7dfuhWaRPjh/LtuNY+2nQyt3Gq/I sn5Zh+2AYFDE1XL6SC7+sLovNsq8g16txnZU72pPUGJ8HkUZ2YDBqN2K/2pxpsa17uDp A2DoVt0P+1+cbWDAXMYu2/BLPUIZBFcoQEHdEHvHQGcRDh5Im2+YlRRhY03qA4sbF61H e18y5r1wD4XzBJTemqaXGR4uHFXtxs+azJdg2lTYv8yVf+4l49qZZvQKAI5Jv+RgXCMZ oYeMMl4BhxP59zGv6WJXQcAA1NcPudUK2CVNRIYXc+TV9B+dJLXZVY5Qub6KYfD0G95o qihg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to:user-agent; bh=9kK749RISeQorgRDsLhpAah28I7dobUTxNmOlBW9+W4=; b=KSlwMebkY08Zt5RonW9ueYO6nXxyJ9kM1en8y9pGEBAfej3kAyS2Ss0JPks6Uu3Bhg /YxSI5gKWnNJyJa1KV2zN7OsJtEeN8YRmalzJaAevOEdxGUQFilQBzLOXmR64ypgzSuC SgEyF5QbRTpB7FGhzTXDBf8jEmfvA5nkP6pF2i14hpeFtICkMgsxmRIKQYat+j/OJzjZ dFguxNfKFZW9QNUwr5eUu5Jck8xs5C/cIjwxQxX3quJzhS4pj3aXOksOYjLj9gbRJckt 4YxpVnJxq2HuFrgZdMdftlKRzRZ2oitikLB0lZvR+QCLqFnHNqiTvYjAzrQZGJJ9VBKB YsYA== X-Gm-Message-State: APzg51DlfmiBjnX2CTjYC5N68BUFTZe/1fn3lENn7BNU4NWHe6kK3RT+ KVzwQ4kH2u1t7U53b/nr7Dyeiw== X-Received: by 2002:a05:6000:10d0:: with SMTP id b16mr8625940wrx.226.1536136402475; Wed, 05 Sep 2018 01:33:22 -0700 (PDT) Received: from soda.linbit (212-186-191-219.static.upcbusiness.at. [212.186.191.219]) by smtp.gmail.com with ESMTPSA id 69-v6sm1183590wmb.27.2018.09.05.01.33.21 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 05 Sep 2018 01:33:21 -0700 (PDT) Date: Wed, 5 Sep 2018 10:33:20 +0200 From: Lars Ellenberg To: Kees Cook Cc: Jens Axboe , Philipp Reisner , linux-block , drbd-dev@lists.linbit.com, LKML Subject: Re: [PATCH v7] drbd: Convert from ahash to shash Message-ID: <20180905083320.GA28462@soda.linbit> Mail-Followup-To: Kees Cook , Jens Axboe , Philipp Reisner , linux-block , drbd-dev@lists.linbit.com, LKML References: <20180806233216.GA6037@beast> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Sep 04, 2018 at 08:04:18PM -0700, Kees Cook wrote: > On Mon, Sep 3, 2018 at 11:04 PM, Kees Cook wrote: > > On Mon, Aug 6, 2018 at 4:32 PM, Kees Cook wrote: > >> In preparing to remove all stack VLA usage from the kernel[1], this > >> removes the discouraged use of AHASH_REQUEST_ON_STACK in favor of > >> the smaller SHASH_DESC_ON_STACK by converting from ahash-wrapped-shash > >> to direct shash. By removing a layer of indirection this both improves > >> performance and reduces stack usage. The stack allocation will be made > >> a fixed size in a later patch to the crypto subsystem. > >> > >> The bulk of the lines in this change are simple s/ahash/shash/, but the > >> main logic differences are in drbd_csum_ee() and drbd_csum_bio(), which > >> externalizes the page walking with k(un)map_atomic() instead of using > >> scattergather. > > > > Hi Lars! How does this look to you? If you can Ack I assume Jens would > > be able to take this. Sure, I should have ACKed it a month ago already. As I said, I believe you the crypto. And you added the kmap_atomic as I pointed out. All good. > FWIW I've tested a simple drbd configuration before/after this change > and things seem to be working correctly. You'd need "data-integrity-alg" set (or "verify-alg", and then have it do an online-verify) to excercise the crypto stuff, and you'd need a highmem system (are these still out there?) to have the kmap not be a no-op. But I don't see any potential problem. Thanks! Lars