Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp4391360pxu; Wed, 9 Dec 2020 16:21:43 -0800 (PST) X-Google-Smtp-Source: ABdhPJyAkCd3zHaDQff8CZGmH/y80o1uuwlBbm7J9I+iYr1+IF2nifugA645Mt3q47Px7toWcB3S X-Received: by 2002:a50:d888:: with SMTP id p8mr4365692edj.147.1607559703406; Wed, 09 Dec 2020 16:21:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1607559703; cv=none; d=google.com; s=arc-20160816; b=n1yW/s3qpy8ibywkiXrpfz7prEcEtn8nl82e41ehjNzQ6li9uyNDShrWxvvh3jipXd MEd9TwlCA1+XVUsJgNEZnykdyB1MgxxslC3HIlxs4n29/QxDUpjSILDb4IW5Zt3fPTVN DZHTVT/fOv3upyevYL1CEI0dZnMjZJ18v4Sot9l6eH1CFALILdZXBRkfdf6lNTTVrt+l ciZY/pS2bee5R91Rb+aqTDAu9SQLDirOkyAqCa0OYTo+k7JkMagiy8J82pKaY54mTDgX gQCx53ZrQ9SikkF1DfefqZAUfiqO8+gd7pi5R4HYISV4ZliyvB6UUblyrpde0il3WwKx Z5Bg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=7Cpblpt/LbEzVNV2KAczxyEGtx1eX738tJ2rhft8AfQ=; b=ILiF8KHoscn72f345Q4J3lrPupPYTYnzIhDIwd3+sxuJBrnlHcc+VvAvnbTJROHyWL cF9mLV5FpqDwfnESn7VmansIiDoMH5tV4M0lJ49L7iyo9NbJ7FuMX2yVKat3PiTXusEP lgtrwUfrwdoQz4L+6CoPaNIRFuOsnFzNDa+aSgYyq06TKJZqGaKMPrfmW3D1tdymeqWX 5oXJxopINX35e7n420vZgtXjXbo2luI6gYFioC8/iarmx0pVmffw51MVwhJND2IHMOBh s11RowyJsdO23uCodAZQ0tbc/uzFoNosRcwg3GKtje0EZrUapOKYAo2l8a6AGgdV2i42 SyKw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=USdjOkKV; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o31si1788737edd.172.2020.12.09.16.21.04; Wed, 09 Dec 2020 16:21:43 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=USdjOkKV; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729949AbgLJATL (ORCPT + 99 others); Wed, 9 Dec 2020 19:19:11 -0500 Received: from mail.kernel.org ([198.145.29.99]:45208 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729913AbgLJATF (ORCPT ); Wed, 9 Dec 2020 19:19:05 -0500 X-Gm-Message-State: AOAM533K5jk3t7Ja7WQiEid6xWny6yojuS3+Lmk7dejjiH6oHlHOSQml bjVXmbTtsdYc/c/K91FIIbEKcQHL0oqnZRh0ZKI= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1607559504; bh=BK5SfdtLhZjItk74wSKluKT9bgtdmjKwSgCjATsKNsE=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=USdjOkKVsFFJkErWOy+le8vuWBmTWQBZXlARNoERngWpj6Fug0vkTF5EkeqwtKvGw KhuSL4o81QrfmJuY1SKADf9RguDASdtxKgrocutRSUL6H8ACWDqCeYT4n4AwtmhULQ s4jjCJZYptTK6PK8zEoHlHcHhbD8k7u5ajGwGYCUD7QLfH3BPBPC1SEyQb9Lg//k0S mwCB60arcNg7APBpWxgLzkFNgXz/DbZxbpLEJeaDpEoUq6+cYs2N4aa7CUZk2QLRW1 Z2m9LEVFNZ4e45oVU5te+YnQif5cWLKbIIpXgtxOWhDvwYOWasHerfPBn4SbPQdtCU Ea3qADnBymmTA== X-Received: by 2002:aca:b809:: with SMTP id i9mr3717448oif.174.1607559503969; Wed, 09 Dec 2020 16:18:23 -0800 (PST) MIME-Version: 1.0 References: <20201201194556.5220-1-ardb@kernel.org> <20201201215722.GA31941@gondor.apana.org.au> <20201201220431.GA32072@gondor.apana.org.au> <20201201221628.GA32130@gondor.apana.org.au> <20201201231158.GA32274@gondor.apana.org.au> In-Reply-To: <20201201231158.GA32274@gondor.apana.org.au> From: Ard Biesheuvel Date: Thu, 10 Dec 2020 01:18:12 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2] crypto: aesni - add ccm(aes) algorithm implementation To: Herbert Xu Cc: Linux Crypto Mailing List , Ben Greear , Steve deRosier Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Wed, 2 Dec 2020 at 00:12, Herbert Xu wrote: > > On Tue, Dec 01, 2020 at 11:27:52PM +0100, Ard Biesheuvel wrote: > > > > > The problem is that the degradation would come at the worst time, > > > when the system is loaded. IOW when you get an interrupt during > > > your TX path and get RX traffic that's when you'll take the fallback > > > path. > > > > I can see how in the general case, this is something you would prefer > > to avoid. However, on SMP x86_64 systems that implement AES-NI (which > > runs at ~1 cycle per byte), I don't see this as a real problem for > > this driver. > > AES-NI is 1 cycle per byte but the fallback is not. > One thing I realized just now is that in the current situation, all the synchronous skciphers already degrade like this. I.e., in Ben's case, without the special ccm implementation, ccm(aes) will resolve to ccm(ctr(aesni),cbcmac(aesni)), which is instantiated as a sync skcipher using the ctr and ccm/cbcmac templates built on top of the AES-NI cipher (not skcipher). This cipher will also fall back to suboptimal scalar code if the SIMD is in use in process context. > > What we could do is expose both versions, where the async version has > > a slightly higher priority, so that all users that do support the > > async interface will get it, and the wifi stack can use the sync > > interface instead. > > No we've already tried this with IPsec and it doesn't work. That's > why the async path exists in aesni. > > Wireless is no different to IPsec in this respect. > > Cheers, > -- > Email: Herbert Xu > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt