Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp5541910ybp; Tue, 8 Oct 2019 04:40:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqy3J4TD21R9CcUI3dCSWI4yD8m6wz6joIQdJhMI4YAEELcEsv/DvDiz8aH/7EACFcRUSwh2 X-Received: by 2002:a17:907:20e4:: with SMTP id rh4mr28480706ejb.59.1570534857216; Tue, 08 Oct 2019 04:40:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570534857; cv=none; d=google.com; s=arc-20160816; b=NYC36cSXfzAtzmPrxHRF0Udx2Kg3x+9iFLC3m1bDuu0YfRTuK3k+hoV+lGsKC01OMK N9ezEOAKTSDF6JXD/dKu5WE3FfTfOzNIGgGTow/3KlglXsNyPbyVc3NPjyt/ITIrdt+H 4PcX43Akx98PvHptwUKVEbdFxehVgAgS27flMPN7+4ML/q0sm5TYLdfFqhNZZF19/8SL b7LTYK+ZNWjSQ3ooUkSNkRBoff9HD2AGxyn+PluxiPKpuRM4DVJNhrIRH5BodzgFNEbs I+F/VfrL62WLLThj4GiuiEj8itze6YIwZmWG6iXLLUC3KZ6gaeJyVOt/7R8eZHsiexEi tEPA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=VH+0C0uR5m7C8bWg29oN3PksDQMhMsMgqlBp18FmE1w=; b=TsM2cJGEg44FxhsCrxFZX8tm9UeJa7TekF4weLzp10xx1xFxFjLiESa+hZekxdncY+ ap3oe9sTkqq8o5CLwVxJ+EOu8cLhcCpBzX7xBA62XggptYwh1dNH/mx2Hr3olEot2vvH 1LGTytRbkBzRuFInfwIYBG/tB1F6Vm+J/Fr2bhnbLKfnUYsFYdlBi+UTOqlb7hBwjoQ4 BMZOIMGjxZcfrhpbro6qNxPb5czVW/iaHAFmrwP2qYzqGgsb53BN3m08gahek5x67ZrP z0wITuN44ONhtmRBOk+3cqYIY1mpGD+PeNq0pc82eQS2exgkdlqn//XuFHKHgfIJZlGo U4mw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=X9KLNDPr; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w14si9784999edx.197.2019.10.08.04.40.32; Tue, 08 Oct 2019 04:40:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=X9KLNDPr; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730156AbfJHLi1 (ORCPT + 99 others); Tue, 8 Oct 2019 07:38:27 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:54187 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729790AbfJHLi1 (ORCPT ); Tue, 8 Oct 2019 07:38:27 -0400 Received: by mail-wm1-f65.google.com with SMTP id i16so2774991wmd.3 for ; Tue, 08 Oct 2019 04:38:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=VH+0C0uR5m7C8bWg29oN3PksDQMhMsMgqlBp18FmE1w=; b=X9KLNDPrZQbpAmY00fnhH3gUBt6So+TIaZQLwaiQIA/KlAgzLQHUIMJihzinKAJaiv pcGxMPQZPBgvYSqCVRkiUxpDHLHD188BvJhOS9f/1cctx0r1APjJvRQGLoYaDv8xEv84 0Zz3TNl4qxcBCx00104lW2Z1BfLCeW66TPaVr26kfDiefOOMraeHKm1o0u0p9j2OY8/v LHfWMpOzon1tOizzwxqsX1g7ffYqKUOXcAlq5PGSaY0R6DMQEE/js2Ha3/fKhOvSJ5qY joCWdY7O8VmiSRwbax1qUPkLQigrdViqmyEcpPbecCl3j+4zWCLVQ4H1tN+Yd1DnjKQo gZtA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=VH+0C0uR5m7C8bWg29oN3PksDQMhMsMgqlBp18FmE1w=; b=NSvYobunResrGwGYue25KA6FDLM8QjHPWgyPoII83fawCy7MpiPtkAMVFiDF75q1uL 1tdFZFp/RPahsrp0eka6Q6YbrmLmHESnkM6DVqKKTO1E2EFz6C8keydkj5Bn/DQDrZ+5 86eUP6eR1XvVWT1rtbFNSPZzTnQt0OPQ+W8JoGmUp8cI1poIn6hQmjWqBuCDGJ88EFIL 7Hj97jKG30cTr+Hol8xocmHoeweXcq2XdntlV3XFqn77zZiuS/l/xW92Y7LWs//HJFYL p4JSFt2edHzPzjuLG1Ao71GyGAUGP3cbwDFvNNnklOgpbaOix91YoIYejrx/l+DxgwPr sT+w== X-Gm-Message-State: APjAAAWYMxG8Zf6qj+kJmXK5LLCZ9Xklfl2ZAP/jZpEQp61OhtQ1JJAd ug0/+Mlxg/QmlN98OExbXvR5B2vxpNsxiHoRYVGfrQ== X-Received: by 2002:a1c:2546:: with SMTP id l67mr3589422wml.10.1570534704763; Tue, 08 Oct 2019 04:38:24 -0700 (PDT) MIME-Version: 1.0 References: <20191005091110.12556-1-ard.biesheuvel@linaro.org> In-Reply-To: From: Ard Biesheuvel Date: Tue, 8 Oct 2019 13:38:13 +0200 Message-ID: Subject: Re: [PATCH v2] crypto: geode-aes - switch to skcipher for cbc(aes) fallback To: Gert Robben Cc: "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" , Jelle de Jong , Eric Biggers , Florian Bezdeka , Herbert Xu Content-Type: text/plain; charset="UTF-8" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Sat, 5 Oct 2019 at 18:15, Gert Robben wrote: > > Op 05-10-2019 om 11:11 schreef Ard Biesheuvel: > > Commit 79c65d179a40e145 ("crypto: cbc - Convert to skcipher") updated > > the generic CBC template wrapper from a blkcipher to a skcipher algo, > > to get away from the deprecated blkcipher interface. However, as a side > > effect, drivers that instantiate CBC transforms using the blkcipher as > > a fallback no longer work, since skciphers can wrap blkciphers but not > > the other way around. This broke the geode-aes driver. > > > > So let's fix it by moving to the sync skcipher interface when allocating > > the fallback. At the same time, align with the generic API for ECB and > > CBC by rejecting inputs that are not a multiple of the AES block size. > > > > Fixes: 79c65d179a40e145 ("crypto: cbc - Convert to skcipher") > > Cc: # v4.20+ ONLY > > Signed-off-by: Ard Biesheuvel > > --- > > v2: pass dst and src scatterlist in the right order > > reject inputs that are not a multiple of the block size > > Yes, with this patch, the CRYPTO_MANAGER_EXTRA_TESTS output nothing > (apart from "extra crypto tests enabled"). > All items in /proc/crypto have "selftest: passed" mentioned. > "openssl speed -evp aes-128-cbc -elapsed -engine afalg" reaches the > proper speed. > And nginx (correctly) transfers files about 40% faster than without > geode-aes. > > I didn't think about testing ecb before, because I don't use it. > Now that I did, I tried the same openssl benchmark for ecb. > But that only reaches software AES speed, and "time" also shows the work > is being done in "user" instead of "sys" (see below). > Yet I see no errors. > (Maybe this is normal/expected, so I didn't look much further into it). > > Thank you, > Gert > > # time openssl speed -evp aes-128-cbc -elapsed -engine afalg > - - - 8< - - - > type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 > bytes 16384 bytes > aes-128-cbc 135.82k 539.29k 2087.90k 7491.16k > 29221.69k 34943.67k > > real 0m18.081s > user 0m0.516s > sys 0m17.541s > > # time openssl speed -evp aes-128-ecb -elapsed -engine afalg > - - - 8< - - - > type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 > bytes 16384 bytes > aes-128-ecb 4480.65k 5137.66k 5336.94k 5410.19k > 5409.91k 5409.91k > > real 0m18.084s > user 0m18.046s > sys 0m0.012s > It seems likely that the ECB code in OpenSSL is not invoking the afalg code at all. Since ECB is just the bare block cipher applied to each block in the input, I wonder if it even uses a skcipher like interface internally.