Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp2293228ybp; Sat, 5 Oct 2019 09:15:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqw/z+BWXCaXs5VZPhht35MgFZjxJm9PUjmVXbFy945YtWELrEtjcnY0Y3vGQQeQmENzCKPd X-Received: by 2002:a50:e791:: with SMTP id b17mr20701801edn.11.1570292157756; Sat, 05 Oct 2019 09:15:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570292157; cv=none; d=google.com; s=arc-20160816; b=TxZb1AbqToVVPlvengzt5E73QPhRxQkdE1EerFjeyvlU3x6GF5R4ecKOBo2FvSBJmX dzBRhQCTQ11xkEaeLwRcKaq8lBmPRhKLk1rfh0sbG6IAdKUCG1HVrZ+W/VvYHLXnrDK6 YcKEoa1dACsY+zHLGUEwDbvi/3Mi4MLdGzlXIj2A3ksne2F+LIVB48gm8FCB2CxJOGXb 3c2VtQWFl/ws1W4/Rqlp70EMHuzUypYwrIYxW7OPnH/LzhNH5cpVLKwSI5HQEAeBcaAe fbslkXd0XtmCzFEAg2doogG14zyNminEeqDB+4qA4kdmO0WHDBuSlsnL6SDiwFU7yy9/ dQCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=//o4V/e3L1ZOLgI+qPeHtxKZWrYrHMyzKPiVK7QZbeA=; b=KpbPRQU/mIADPDHHth5iuu2HL8vGSqXfwDPTWla0N5aAKFUCakaboZnaWnVTNW4Qqo GQZR6KmvAywHpzpZYpIeN16PzvZeSytoEnwBqcxcfKHNklzvnVQRN4Xp0j+nEFwzWzkz oDtpNgonDvq/yNcv2S9cLiGGPsWOWwq3IgQxQU88xsNxp/oDsAeJqjFu1J2ryYeWGOQX 9xPXZVhzX4ZASDLqeHsn+OpDDL6Zud82UD4owhy/VIhHzIdhS3kFareZHL/Wt88ns1qF QxE9ldvgfOu6X372IAIZY16iZK+1B5lsIO2Ogi68R9TA838rqCRVXcXrh1zmzFce0/5A 4D6w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m5si3443118ejr.429.2019.10.05.09.15.24; Sat, 05 Oct 2019 09:15:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728545AbfJEQPW (ORCPT + 99 others); Sat, 5 Oct 2019 12:15:22 -0400 Received: from relay4-d.mail.gandi.net ([217.70.183.196]:33223 "EHLO relay4-d.mail.gandi.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728101AbfJEQPW (ORCPT ); Sat, 5 Oct 2019 12:15:22 -0400 X-Originating-IP: 134.19.189.134 Received: from d.localdomain (unknown [134.19.189.134]) (Authenticated sender: out@gert.gr) by relay4-d.mail.gandi.net (Postfix) with ESMTPSA id CEC5EE0005; Sat, 5 Oct 2019 16:15:17 +0000 (UTC) Subject: Re: [PATCH v2] crypto: geode-aes - switch to skcipher for cbc(aes) fallback To: Ard Biesheuvel , linux-crypto@vger.kernel.org Cc: jelledejong@powercraft.nl, ebiggers@kernel.org, florian@bezdeka.de, herbert@gondor.apana.org.au References: <20191005091110.12556-1-ard.biesheuvel@linaro.org> From: Gert Robben Message-ID: Date: Sat, 5 Oct 2019 18:15:16 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: <20191005091110.12556-1-ard.biesheuvel@linaro.org> Content-Type: text/plain; charset=iso-8859-15; format=flowed Content-Language: nl-NL Content-Transfer-Encoding: 7bit Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Op 05-10-2019 om 11:11 schreef Ard Biesheuvel: > Commit 79c65d179a40e145 ("crypto: cbc - Convert to skcipher") updated > the generic CBC template wrapper from a blkcipher to a skcipher algo, > to get away from the deprecated blkcipher interface. However, as a side > effect, drivers that instantiate CBC transforms using the blkcipher as > a fallback no longer work, since skciphers can wrap blkciphers but not > the other way around. This broke the geode-aes driver. > > So let's fix it by moving to the sync skcipher interface when allocating > the fallback. At the same time, align with the generic API for ECB and > CBC by rejecting inputs that are not a multiple of the AES block size. > > Fixes: 79c65d179a40e145 ("crypto: cbc - Convert to skcipher") > Cc: # v4.20+ ONLY > Signed-off-by: Ard Biesheuvel > --- > v2: pass dst and src scatterlist in the right order > reject inputs that are not a multiple of the block size Yes, with this patch, the CRYPTO_MANAGER_EXTRA_TESTS output nothing (apart from "extra crypto tests enabled"). All items in /proc/crypto have "selftest: passed" mentioned. "openssl speed -evp aes-128-cbc -elapsed -engine afalg" reaches the proper speed. And nginx (correctly) transfers files about 40% faster than without geode-aes. I didn't think about testing ecb before, because I don't use it. Now that I did, I tried the same openssl benchmark for ecb. But that only reaches software AES speed, and "time" also shows the work is being done in "user" instead of "sys" (see below). Yet I see no errors. (Maybe this is normal/expected, so I didn't look much further into it). Thank you, Gert # time openssl speed -evp aes-128-cbc -elapsed -engine afalg - - - 8< - - - type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes aes-128-cbc 135.82k 539.29k 2087.90k 7491.16k 29221.69k 34943.67k real 0m18.081s user 0m0.516s sys 0m17.541s # time openssl speed -evp aes-128-ecb -elapsed -engine afalg - - - 8< - - - type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes aes-128-ecb 4480.65k 5137.66k 5336.94k 5410.19k 5409.91k 5409.91k real 0m18.084s user 0m18.046s sys 0m0.012s