Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp4081413imm;
        Mon, 17 Sep 2018 07:56:35 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdaV48smAeb673Ev0aTXq3srYPJw+Fi2TCBjpakieCksZXM/smJXvKzbNVhcITnCgWAslFp/
X-Received: by 2002:a63:5b1b:: with SMTP id p27-v6mr23840533pgb.322.1537196195874;
        Mon, 17 Sep 2018 07:56:35 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1537196195; cv=none;
        d=google.com; s=arc-20160816;
        b=MCHnjJsyz1N7F93v+Nj/RVOVK4BojylrvReCuEMYxZ3yMd7qONUyPS3Zdyg89ia9+d
         qc3+jfHZwuSW9I0CpbSOBMXLbY6OxabW9+QcNbB4na4lPtloce3QOXHr9yIZRvpdarsL
         k5VP1Mw64CkP2dcvyELXWsA2EkCHHN6QOjxfmQJ4U3EOYCZaY5wTS66CVHYRmJBTmWKT
         jzrAE8+0A/K+wmi0t6F63a3f11EJonMhGtRTJrW7yIq4ToYnOhbccHHLNwnBqjWdr+Qv
         wmRrBYyBhK+YZXKheC5rzP+CWAFsB4Ln3ulA3k+e8nlEUtOS+glzPMtcqGqOZ34b39p3
         +pjA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:to:references:message-id
         :content-transfer-encoding:cc:date:in-reply-to:from:subject
         :mime-version:dkim-signature;
        bh=QFe5O0BbarCm42o+NA11nxio8+ywxPv3qhJutPW8ZPA=;
        b=ZMnID2F3Ad0rUtd0BVphqpLMZFR5tS6oNPc2n07KnyFiyKtZDZOG61Q0pMvztJxU73
         qpfGrxgILeJmglIbur3GpXGuvzdSHdSzywgfjwcjPS0X7IxdtN3Zz3AsI4Hhlfk7AyDO
         bPvdNZWgFIIoqUTzY2DkIw6Mt1suapj8gs9fGPVKme4sD1OWv3tfdsKMJrrN+8cugiOC
         25oNPEi1ygsWnQIWoZZSArMQHJ63VYgW6/szPbzupr1685VgDhGNSRj3bXxsL0r0qA8s
         hihZVVT1KGNFk2yPG86C+TZ8LqoiT3zdJRi+TJpFFNM6eFSvT0ZfRE91uG5cLowFkP8o
         vChg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=VbTMn9jn;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id j1-v6si15640974pgh.160.2018.09.17.07.56.20;
        Mon, 17 Sep 2018 07:56:35 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=VbTMn9jn;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728620AbeIQUVk (ORCPT <rfc822;yxhlfx@gmail.com> + 99 others);
        Mon, 17 Sep 2018 16:21:40 -0400
Received: from mail-pl1-f196.google.com ([209.85.214.196]:41673 "EHLO
        mail-pl1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728614AbeIQUVj (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 17 Sep 2018 16:21:39 -0400
Received: by mail-pl1-f196.google.com with SMTP id b12-v6so7543093plr.8
        for <linux-kernel@vger.kernel.org>; Mon, 17 Sep 2018 07:53:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=amacapital-net.20150623.gappssmtp.com; s=20150623;
        h=mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=QFe5O0BbarCm42o+NA11nxio8+ywxPv3qhJutPW8ZPA=;
        b=VbTMn9jnq5qoBtg1SRKDkPSni/fcOUIe3p9hWQmSd1fc4YIzFgxH0hwBQMs6TRpl0r
         Ot89rMbx4Ihwg+s8XEnnclgm755RwM4PqR46FLLc91ieAgnLEO0T5+5/5tvcJIp1Del5
         1Lc+bWvzwt/sKV0vuwno7Me1Nf7vi8EdO6z86s+yFCDk+UgF8u7kYQVBP1xRuM/NhLcb
         PDzBfITs2yc2bwvq1gqqZCelg090+HWFkowPF8V9cFKQI/12bSzBqYdESYsr2vAj9NSh
         oRSXjh0ZvXznVSSYmFl/vGT+kkaeR5HTUbtO8V0u4sZdooUb/5n36cxRyjYxVT20Wkhf
         1n5Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=QFe5O0BbarCm42o+NA11nxio8+ywxPv3qhJutPW8ZPA=;
        b=Qj/jQGt8tIr54r+mNno+AdfTqxojWvMotFpcUeuLPq2XF1A2JqyA378yv7VcCEiNVO
         khPobtAXtxTfocN1tJU9J7UHUGq1qGvQumEXDPBapbTYQnDCLnxVwlpO5sLDQZmMw14E
         wJ8q5vrRyp5En4Lo3q1KpYoM8H2P/YcHjo1a2GrALV+3XCKG7OhmTi2vsJw9P9eDwJFK
         5x+dyrDmy8L3n96kmigG0/opgSIJvsvLCBtFwEDPsz0SCqZrEO4m7a9yuaWaNwa78Rbe
         CDzMEL01LhBng38IxPRpe2XXqBvkZo2rHd/2iiLcApC60Q0nr4Da4EvVWpOuPmgnyZA0
         SuUA==
X-Gm-Message-State: APzg51B2S3t2wQlLQ0oT5V47OcoQmHqlRArexqVKDwEcoODeESvhQbOU
        n7QPj1vEuXiUBM3V0AKgBzHpze0W5qM=
X-Received: by 2002:a17:902:ac1:: with SMTP id 59-v6mr25322888plp.18.1537196038658;
        Mon, 17 Sep 2018 07:53:58 -0700 (PDT)
Received: from ?IPv6:2601:646:c200:7429:d8c5:6393:c455:3e7? ([2601:646:c200:7429:d8c5:6393:c455:3e7])
        by smtp.gmail.com with ESMTPSA id 143-v6sm22116890pfy.156.2018.09.17.07.53.57
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 17 Sep 2018 07:53:57 -0700 (PDT)
Content-Type: text/plain;
        charset=utf-8
Mime-Version: 1.0 (1.0)
Subject: Re: [PATCH net-next v3 02/17] zinc: introduce minimal cryptography library
From:   Andy Lutomirski <luto@amacapital.net>
X-Mailer: iPhone Mail (15G77)
In-Reply-To: <CAHmME9ohGPTX-fkhP6zaWdx3SbkiqO5kWkWE-bDk=pm-nUqYvw@mail.gmail.com>
Date:   Mon, 17 Sep 2018 07:53:56 -0700
Cc:     Andrew Lutomirski <luto@kernel.org>,
        David Miller <davem@davemloft.net>,
        Andrew Lunn <andrew@lunn.ch>,
        Eric Biggers <ebiggers@kernel.org>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Netdev <netdev@vger.kernel.org>, Samuel Neves <sneves@dei.uc.pt>,
        Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com>,
        Linux Crypto Mailing List <linux-crypto@vger.kernel.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <8937D6B1-D21C-4C47-8A89-A466CDB6FB04@amacapital.net>
References: <20180911214737.GA81235@gmail.com> <CAHmME9rFUruF-VN1pmU-k5nFsb9ppAPhPpW-5Ho9dKL2HCg4kA@mail.gmail.com> <20180911233015.GD11474@lunn.ch> <20180911.165739.2032677219588723041.davem@davemloft.net> <CALCETrXrJPcs3h9CtF50N4k2AGx3qzspJd_UW3t+KGYOj7+p=Q@mail.gmail.com> <CAHmME9ohGPTX-fkhP6zaWdx3SbkiqO5kWkWE-bDk=pm-nUqYvw@mail.gmail.com>
To:     "Jason A. Donenfeld" <Jason@zx2c4.com>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org




> On Sep 16, 2018, at 10:07 PM, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>=20
> Hey Andy,
>=20
> Thanks a lot for your feedback.
>=20
>> On Mon, Sep 17, 2018 at 6:09 AM Andy Lutomirski <luto@kernel.org> wrote:
>> 1. Zinc conflates the addition of a new API with the replacement of
>> some algorithm implementations.  This is problematic.  Look at the
>> recent benchmarks of ipsec before and after this series.  Apparently
>> big packets get faster and small packets get slower.  It would be
>> really nice to bisect the series to narrow down *where* the regression
>> came from, but, as currently structured, you can't.
>>=20
>> The right way to do this is to rearrange the series.  First, the new
>> Zinc APIs should be added, and they should be backed with the
>> *existing* crypto code.  (If the code needs to be moved or copied to a
>> new location, so be it.  The patch will be messy because somehow the
>> Zinc API is going to have to dispatch to the arch-specific code, and
>> the way that the crypto API handles it is not exactly friendly to this
>> type of use.  So be it.)  Then another patch should switch the crypto
>> API to use the Zinc interface.  That patch, *by itself*, can be
>> benchmarked.  If it causes a regression for small ipsec packets, then
>> it can be tracked down relatively easily.  Once this is all done, the
>> actual crypto implementation can be changed, and that changed can be
>> reviewed on its own merits.
>=20
> That ipsec regression was less related to the implementation and more
> related to calling kernel_fpu_begin() unnecessarily, something I've
> now fixed. So I'm not sure that's such a good example. However, I can
> try to implement Zinc over the existing assembly (Martin's and Ard's),
> first, as you've described. This will be a pretty large amount of
> work, but if you think it's worth it for the commit history, then I'll
> do it.

Ard, what do you think?  I think it would
be nice, but if the authors of that assembly are convinced it should be repl=
aced, then this step is optional IMO.

>=20
>> 2. The new Zinc crypto implementations look like they're brand new.  I
>> realize that they have some history, some of them are derived from
>> OpenSSL, etc, but none of this is really apparent in the patches
>> themselves.
>=20
> The whole point of going with these is that they _aren't_ brand new,
> yet they are very fast. Eyeballs and fuzzer hours are important, and
> AndyP's seems to get the most eyeballs and fuzzer hours, generally.
>=20
>> it would be nice if
>> the patches made it more clear how the code differs from its origin.
>> At the very least, though, if the replacement of the crypto code were,
>> as above, a patch that just replaced the crypto code, it would be much
>> easier to review and benchmark intelligently.
>=20
> You seem to have replied to the v3 thread, not the v4 thread. I've
> already started to include lots of detail about the origins of the
> code and [any] important differences in v4, and I'll continue to add
> more detail for v5.

This is indeed better.  Ard=E2=80=99s reply covers this better.