Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp3692506pxb; Tue, 17 Nov 2020 00:36:17 -0800 (PST) X-Google-Smtp-Source: ABdhPJzrXaA1beM92q3s5qxhlibsnxlfO/9+dpDXEk/tZHwzqTHz5qiIQEpXmI9iJwbLqALAp26O X-Received: by 2002:a17:907:2667:: with SMTP id ci7mr19389647ejc.282.1605602176951; Tue, 17 Nov 2020 00:36:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1605602176; cv=none; d=google.com; s=arc-20160816; b=OFt6rBdgo1wA/U5zZJQM9fCYCBnEOvbCsrBo1cVmEp7aiY4Z2smxalTbStFmBgQcH4 1vQQnQFSabTVW84/KAORR5vksnA7CG4tbEHJM+//ZqaUIE3HbFaULEqHw8T2x0IMypFz wNkygbgI0BjVaBy03eBpvppRnKyneST6Oe3iHGZlgKO+cYWM3VUkR+rac1/nw6fKr2SY OkjSBD2bupkO3EFyu0e1+J06FK5cKRKCHs7k88BDFTRfU5z6frmEtXE9n7OXwen/bEy+ pXlJcFAjRGEJfd3iXjNu7OOMDxI5B+jyEltV5cWKrqFE4KlSFXLSBg1oqGoPATSNkCDd LqYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=VySCC9UP8agwomo3YOJi7sabEv/wnw6zrWDTn8OxVfQ=; b=oALkUSu7pD0juMMA0DF/bH6y/c7OS3ha2rDjollT2Tg71aHX0Ut++ApiLVHP86PJZO AzQyylE/J82nbp5mlGvoRNAL91rXS5VLstnNNC/hrLpFzI0S0o44KQn5vYrH15HKJIZ3 D5WWTyf9C6USRT4qB1lks7DN72EvmUuCZ8lUEYRdvQY2ThsUeO2kyAr8E6E5LsPTKYEv XwujOdrjmwIAHyGJ4T+fyyOu9KeVCHmzkG8pc2haQsIWPc66mqoKoS15FL1i7W821J+u 2VgZq0zVFewWKOj7UKe3YRgKAIHW1aluKLQYZA1A1UL0GxvRuJJ0QihBeEii3/z2Oujz ZiqA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b=ZAGMil2h; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id hs16si7038011ejc.314.2020.11.17.00.35.53; Tue, 17 Nov 2020 00:36:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b=ZAGMil2h; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726297AbgKQIfq (ORCPT + 99 others); Tue, 17 Nov 2020 03:35:46 -0500 Received: from mail.zx2c4.com ([192.95.5.64]:42039 "EHLO mail.zx2c4.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726211AbgKQIfq (ORCPT ); Tue, 17 Nov 2020 03:35:46 -0500 Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 5f5f8117; Tue, 17 Nov 2020 08:31:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=mime-version :references:in-reply-to:from:date:message-id:subject:to:cc :content-type; s=mail; bh=Hr+jI+KVdqgUSqaJucRaw9uwCVA=; b=ZAGMil 2h6me0N7K8kyNY4QsrK8PyskCMWyz9/JNkfEywmRPm2FPJumdSZdhMUWiS7+rAhK Lf9kiMA4h/IN7aF+k5H1loaXIr4qOzlRV9lfv6JZIYnKhDaGyBHKW6R8gF9ChgRe Vm+9S2rfvh/+/VC4GecX8VNItLHAF4CKT3EyesP/UgT26Us4wp2hhswk1IzIw6Ap 02a+1gT0CIlz15iy4VTiydfYh8WAxb/eA4wbKlzqH4UTPZuhsyC8QjkAckdW0OF4 LqBy0oobxCWUkYnFLWLg7GyAHS1YdUF5f88okOEmPC7YXb5CrtQJXJti3DAsOK9s cJCi2qRlx5f9ZrAg== Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 14ca90a1 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Tue, 17 Nov 2020 08:31:54 +0000 (UTC) Received: by mail-yb1-f174.google.com with SMTP id c129so18201561yba.8; Tue, 17 Nov 2020 00:35:42 -0800 (PST) X-Gm-Message-State: AOAM533TrTfq/08KF4CH8nr3aKc3kICHKnOdcu2qnwmGbjX6VM+J7X8u k2HK4AypLey+Id8F3NkQKZ8DLzAzZmeNlN8KvVw= X-Received: by 2002:a25:6f83:: with SMTP id k125mr26083401ybc.123.1605602142005; Tue, 17 Nov 2020 00:35:42 -0800 (PST) MIME-Version: 1.0 References: <20201117021839.4146-1-a@unstable.cc> In-Reply-To: From: "Jason A. Donenfeld" Date: Tue, 17 Nov 2020 09:35:31 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH cryptodev] crypto: lib/chacha20poly1305 - allow users to specify 96bit nonce To: Ard Biesheuvel Cc: Antonio Quartulli , Linux Crypto Mailing List , WireGuard mailing list , "open list:BPF JIT for MIPS (32-BIT AND 64-BIT)" , keyrings@vger.kernel.org, linux-security-module , Antonio Quartulli , Herbert Xu , David Howells , Jarkko Sakkinen , Jakub Kicinski Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Tue, Nov 17, 2020 at 9:32 AM Ard Biesheuvel wrote: > If you are going back to the drawing board with in-kernel acceleration > for OpenVPN As far as I can tell, they're mostly after compatibility with their existing userspace stuff. Otherwise, if they were going back to the drawing board, they could just make openvpn userspace set up xfrm or wg tunnels to achieve basically the same design. And actually, the xfrm approach kind of makes a lot of sense for what they're doing; it was designed for that type of split-daemon tunneling design.