Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp412861pxu; Tue, 1 Dec 2020 14:39:58 -0800 (PST) X-Google-Smtp-Source: ABdhPJxBDosDPVtNvVUAGsoGhzQBjFur6Uy1mvls9sg1EAgU68/HJyD4XQSfSH1CK9BmFV7gLJk9 X-Received: by 2002:a17:906:3807:: with SMTP id v7mr5184750ejc.441.1606862398125; Tue, 01 Dec 2020 14:39:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1606862398; cv=none; d=google.com; s=arc-20160816; b=MaOEewwYDWaEoBiOo3AOCO2PQoTmGhFS7Qq+NYXUwiwiPnD3l3lKtT1Q2BMLbBGP3U ANxDaKxKZjHsvDz7HIt97KeOXD4xp0p/n10wFOz1lyY3D02qlSxyG+ODSw+8frZYWBxU 3IlVN50IehjtmqW79+PyqT8832AEZCHQ6U0c5GuxfBfsSlXx8yyK39AvO6JjuqdYyGxq TCqJG0QfuH6d7nU5FPPBaKEeYm+GztfV/gDtWdf6cXxYtba9jmACZi6cCR0rNzirznTd irMCSiPwXQY6jIKkErV0T7gQEQKlI+Ae637pL9+AWTf48jdNvzpo73umTSqr7ahZMbld Rh7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=ndtOSewrIKtsCgNnUlhsA+8tPsmxU4z8VIKTLauWuS4=; b=LPosLi1xudevYMQ1wa5/PfbW4lwGfa5yFmq2waris62MgQ2l7RWEsNz4hCJgRstvYe XTM8f87/sPFnNUMZ+AkMUctbbpOo6aLCs5MHOhNuFJmd8zdd4rwjUKz63UdmwJwbPoWA UwnGJK8lwSAGizmtaGofk856aK7mFwvAAB1aYUTQSP2+gmw4EFwn4CYseIGHOh6BwE2D 2FhHmScCY0Oqz89XRDuCXO1hfeMtUq/mGDdNYFjJ9aN3+IGdthZJL19hB5n+WCw/WNfi 9gCtwfjgaJx7C+TDe78env9p49zV+94J9Qy4MttaPEZiaiyxXMH2J2SJSON4HmEyyj7k w+og== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=fKMiYKzQ; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bt1si801409edb.267.2020.12.01.14.39.34; Tue, 01 Dec 2020 14:39:58 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=fKMiYKzQ; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726316AbgLAWN0 (ORCPT + 99 others); Tue, 1 Dec 2020 17:13:26 -0500 Received: from mail.kernel.org ([198.145.29.99]:34714 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726194AbgLAWNZ (ORCPT ); Tue, 1 Dec 2020 17:13:25 -0500 Received: from mail-ot1-f52.google.com (mail-ot1-f52.google.com [209.85.210.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id B240B2086A for ; Tue, 1 Dec 2020 22:12:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1606860764; bh=53Kuug004oBRQ6G67nb1gdBv+0lLYRybJwxVfusFilw=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=fKMiYKzQ97aGcctRGbMTl/NUECWMbPtjG37v8z4/7mpffrxsl3oZFZw4ijxnJ+BGd 5WNcNIjrTgVlSdSYhT2AyhzQKqFwQ7Zkr9OqSCXlUbNqW/4Ifi5p1TBM5HvEuoCBjA nKmnmkgm9nogNd2rPALS1hXj8styt9k2cWxX/KXI= Received: by mail-ot1-f52.google.com with SMTP id e105so3246354ote.5 for ; Tue, 01 Dec 2020 14:12:44 -0800 (PST) X-Gm-Message-State: AOAM532WS4mYzS1O4FPPkIbLRLN643LBemzcRCLk3fcij6VjRfghb09U CcgermqLhWJ7rEOKyluYwiM8KtglDudk1ndKaDI= X-Received: by 2002:a05:6830:214c:: with SMTP id r12mr3426863otd.90.1606860763972; Tue, 01 Dec 2020 14:12:43 -0800 (PST) MIME-Version: 1.0 References: <20201201194556.5220-1-ardb@kernel.org> <20201201215722.GA31941@gondor.apana.org.au> <20201201220431.GA32072@gondor.apana.org.au> In-Reply-To: <20201201220431.GA32072@gondor.apana.org.au> From: Ard Biesheuvel Date: Tue, 1 Dec 2020 23:12:32 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2] crypto: aesni - add ccm(aes) algorithm implementation To: Herbert Xu Cc: Linux Crypto Mailing List , Ben Greear , Steve deRosier Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Tue, 1 Dec 2020 at 23:04, Herbert Xu wrote: > > On Tue, Dec 01, 2020 at 11:01:57PM +0100, Ard Biesheuvel wrote: > > > > This is not the first time this has come up. The point is that CCMP in > > the wireless stack is not used in 99% of the cases, given that any > > wifi hardware built in the last ~10 years can do it in hardware. Only > > in exceptional cases, such as Ben's, is there a need for exercising > > this interface. > > Either it matters or it doesn't. If it doesn't matter why are we > having this dicussion at all? If it does then fixing just one > direction makes no sense. > What do you mean by just one direction? Ben just confirmed a substantial speedup for his use case, which requires the use of software encryption even on hardware that could support doing it in hardware, and that software encryption currently only supports the synchronous interface. Even if it is nicer in theory, I don't see the point of implementing support for the asynchronous interface, given that nobody is going to wire up a AES accelerator to a wifi controller. > > Also, care to explain why we have synchronous AEADs in the first place > > if they are not supposed to be used? > > Sync AEADs would make sense if you were dealing with a very small > amount of data, e.g., one block. > Why? The processing occurs in *exactly* the same way, given that the wifi stack never calls into the AEAD from a context where the FPU is unavailable. So we basically have to choose between a non-SIMD fallback path that never gets exercised, or a SIMD async helper that always relays the request directly, and never queues it for asynchronous completion. IOW, we are arguing a theoretical difference here, and the code paths that actually get exercised are 100% the same.