Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp5697585imm;
        Tue, 18 Sep 2018 14:02:43 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdZ+6RWHSJYQoxcFtYsU3bs9Kr697e8ir/ILz/KWgbF0xT8kZF/L2BRpNLnKwa67HXML4V41
X-Received: by 2002:a62:aa02:: with SMTP id e2-v6mr8117741pff.211.1537304563812;
        Tue, 18 Sep 2018 14:02:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1537304563; cv=none;
        d=google.com; s=arc-20160816;
        b=bHN44mBV1otsDB64QMJ6uj6irwb8vlTaAUPJ2pa0N4DqVL9Y9mh9AAtkodc5n/oTge
         xWd3nIlg5x8QMixr0AaWu6j7bEVVkhHsP/i95QzcX7BJBiSz3lKlb4+zp47JQaniXGV6
         XvVhEz0mIPHgtbO1ucT2lE2SfPEgFDAr4oVm1D3Tc37QOVVKUZ8h1J9f/i2OfeJETsEe
         lDVKWRLCjb0zDmjIifwOcYW+3Wn76zf+XYrqXMLMJ8WhJ81xRdSiaXg1Ado/hck13G3p
         lF2FgFAXmrDBOHKDgmdkUyDuy2siElw6RiM7vlAt04aC4C7MKQI40y30g6Ypp1bdEosV
         uX2g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date
         :dkim-signature;
        bh=ogiP137+sX4vkuCo8qnXESA+AwrFyTXl+nZVb1G8x4g=;
        b=GbubHo+VqatjzojMb5z47FQ6id8woYjT/iCszNvmJYju8us9dJXV7QIc/0BcTQn7gG
         igcDcwrArjHo31rsNVFenN6U/tHB8hfmxJEvWjCxTyDETDM7+PnR27kFM/dw4UIN5v3r
         cCDNuU6epAc3O4uhiQjXJEH6H6VGpacWP4Mc5Z5wo31nk4GHWpM56r46aAy351We2BTs
         bS3t+oisjmv3wD0PksE4kbZeirGkq81yyOiAyEEZs2encjhUifAj7vLF/+tI6WPiQk/U
         g3MF7SMDdhyPaD425YXIR/Sz3pFGyd8ZI91LGGxtIsdsclD+sEVqJBHKvSZJoH0H1IXj
         kqtw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@zx2c4.com header.s=mail header.b=fkIxkXJH;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c32-v6si19363382plj.272.2018.09.18.14.01.58;
        Tue, 18 Sep 2018 14:02:43 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@zx2c4.com header.s=mail header.b=fkIxkXJH;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1730430AbeISCfs (ORCPT <rfc822;mailist1go@gmail.com>
        + 99 others); Tue, 18 Sep 2018 22:35:48 -0400
Received: from frisell.zx2c4.com ([192.95.5.64]:43269 "EHLO frisell.zx2c4.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1729859AbeISCfr (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 18 Sep 2018 22:35:47 -0400
Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 8b11e3e3;
        Tue, 18 Sep 2018 20:43:46 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=date:from:to
        :cc:subject:message-id:references:mime-version:content-type
        :in-reply-to; s=mail; bh=2FXvB690QsOQefcZErXGaYju0hY=; b=fkIxkXJ
        HfPqyws9Xc1aUkP9XDBkAp7eE5iKaOLP1Vtc96GRJGOHVtZwcID/L8fHtCvdZtYV
        uC8RzoMBORgVOCGYiB9DV1LZN4NdVumpjiA6RaXdTYkBAsnr3fWOgRZgOb24s9Sm
        tN7l/wcMr9cRIzm0xP1kqzkWDpoixQryeGCvAjUTInNm9V8c+msF3kkYeP3jGu3U
        vtSO4Zmp1NpvhZIusceopw5MpnYpw0iwcyVcwCM4Sd1FI/zUKwBYtiD+2DXLsaxB
        gibNOS0BgY1HeMl71PCHDFTs8mJuxcZm5KjngOflelbPIgRTJIUR1ps7GcxPiG2w
        2bcr/rJJnad54EQ==
Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id c1c54e8d (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO);
        Tue, 18 Sep 2018 20:43:46 +0000 (UTC)
Date:   Tue, 18 Sep 2018 23:01:21 +0200
From:   "Jason A. Donenfeld" <Jason@zx2c4.com>
To:     Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc:     Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        "<netdev@vger.kernel.org>" <netdev@vger.kernel.org>,
        "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" 
        <linux-crypto@vger.kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: Re: [PATCH net-next v5 00/20] WireGuard: Secure Network Tunnel
Message-ID: <20180918210120.GA29812@zx2c4.com>
References: <20180918161646.19105-1-Jason@zx2c4.com>
 <CAKv+Gu8doWS+BYzqoT7499CJX0hLm1jBSMfVxJoG3wsWFO7t1w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <CAKv+Gu8doWS+BYzqoT7499CJX0hLm1jBSMfVxJoG3wsWFO7t1w@mail.gmail.com>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi Ard,

On Tue, Sep 18, 2018 at 11:28:50AM -0700, Ard Biesheuvel wrote:
> On 18 September 2018 at 09:16, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> >   - While I initially wasn't going to do this for the initial
> >     patchset, it was just so simple to do: now there's a nosimd
> >     module parameter that can be used to disable simd instructions
> >     for debugging and testing, or on weird systems.
> >
> 
> I was going to respond in the other thread but it is probably better
> to move the discussion here.
> 
> My concern about the monolithic nature of each algo module is not only
> about SIMD, and it has nothing to do with weird systems. It has to do
> with micro-architectural differences which are more common on ARM than
> on other architectures *, I suppose. But generalizing from that, it
> has to do with policy which is currently owned by userland and not by
> the kernel. This will also be important for choosing between the time
> variant but less safe table based scalar AES and the much slower time
> invariant version (which is substantially slower, especially on
> decryption) once we move AES into this library.
> 
> So a command line option for the kernel is not the solution here. If
> we can't have separate modules, could we at least have per-module
> options that put the policy decisions back into userland?
> 
> * as an example, the SHA256 NEON code I collaborated on with Andy
> Polyakov 2 years ago is significantly faster on some cores and not on
> others

Interesting concern. There are micro-architectural quirks on x86 too
that the current code actually already considers. Notably, we use an
AVX-512VL path for Skylake-X but an AVX-512F path for Knights Landing
and Coffee Lake and others, due to thermal throttling when touching the
zmm registers on Skylake-X. So, in the code, we have it automatically
select the right thing based on the micro-architecture.

Is the same thing not possible with ARM? Do you not have access to this
information already, such that the module can just always do the right
thing and not require any user intervention?

If so, that would be ideal. If not (and I'm curious to learn why not
exactly), then indeed we could add some runtime nobs in /sys/module/
{algo}/parameters/{nob}, or the like. This would be super easy to do,
should we ever encounter a situation where we're unable to auto-detect
the correct thing.

Regards,
Jason