Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp4469248pxu; Wed, 9 Dec 2020 19:02:31 -0800 (PST) X-Google-Smtp-Source: ABdhPJw0W0EjHFrOwzon3Dr9xjsJ6f1oZ+jSLvzilXfI/HuMkZ79ND4zIggISSz9cT+YCu8vUI8R X-Received: by 2002:a05:6402:3074:: with SMTP id bs20mr4746120edb.365.1607569351666; Wed, 09 Dec 2020 19:02:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1607569351; cv=none; d=google.com; s=arc-20160816; b=hQp2TkJOj2QPlMpowHqjY4IA8OZsRbsBwwoMXa9Lhxqu3+439sGZ0RhAG8WdW12Kh0 oaCrptdeR9LVWvVLD1mzloNHb9xwP4HGq6zpeYhXq/bO/BNRAEtwDT9/agLsBq0ol1Pe y/BrpNe8ewPOEot2263SVQmPkLGuAV1dGrkIg3TtvJqTGrwZhjm2u85w1BMVyCNXNyIB rjMpv9fZuVUsr3dzTEs7bXykvcgBiW3e4RXxKKzvS5sfQbp40w+nLLy05H9bwjzxfvbS GCPJMLP1M95PBLTWwBO+uElI9EF4sL9060LlnLHKEGdaQOv3If+8I60qyG0OpP9eHlfl 8kRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:organization :from:references:cc:to:subject:dkim-signature:dkim-filter; bh=drnAafWMYH+i+YVYO5G1VHVaQeQbuIVMWXUkhEJjT40=; b=vS8iMBs+gXdZCj463DYZVH17941neIKH9csMeQRTrB0vKogSpUx6A0eBUOHgbVsWLZ BIOZna8kQ7wNB+dN58PrgXxpHZfAjGcYboph8BXsBNm/jJjRmqc3f7rQ5Af+wknBoecR Fep18uoyVH8yzJZtRLBkJBe5ypE2e8H3hrSNJrz1zHUAjpXJhdnpAw7khKOqIj5ldZwj YaPJ/rqd15Vg7SvuRSxMdN20AsYr/R3hao3Neyy/hNFRbrqkvHVm9B7dQpy6J5EteWmE GuvyXibrcanR/1iJC7lXZ6rkIno380Sk4vvZXRY9G9h/vfowknJz+fRKr+eeuluCpoV/ jQQQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@candelatech.com header.s=default header.b=d07wuo8y; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=candelatech.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o3si1731345ejn.637.2020.12.09.19.02.08; Wed, 09 Dec 2020 19:02:31 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@candelatech.com header.s=default header.b=d07wuo8y; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=candelatech.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726620AbgLJDBx (ORCPT + 99 others); Wed, 9 Dec 2020 22:01:53 -0500 Received: from mail2.candelatech.com ([208.74.158.173]:37208 "EHLO mail3.candelatech.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727612AbgLJDBx (ORCPT ); Wed, 9 Dec 2020 22:01:53 -0500 Received: from [192.168.254.6] (unknown [50.46.158.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail3.candelatech.com (Postfix) with ESMTPSA id 8414713C2B0; Wed, 9 Dec 2020 19:01:12 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.11.0 mail3.candelatech.com 8414713C2B0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=candelatech.com; s=default; t=1607569272; bh=W8GxDXTMxRLEiD0SqBXS9XG80ehCSR90Y34022flBDA=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=d07wuo8yYrCkhxpxEw08R9teUUbwZ4hUF1ejoEAtFQDA908D3i1lS7Mok3PHzYrb/ D78YKMk7XJLY2w+WGmjq2ebjZigDNbA/6QLPspqBt8qNo7Ks3vbXOCt+hyBzM9RCga 6RG+BHi+bS5FjY8DmeRrrmF3Th3NoxSvbYQCpBFc= Subject: Re: [PATCH v2] crypto: aesni - add ccm(aes) algorithm implementation To: Herbert Xu , Ard Biesheuvel Cc: Linux Crypto Mailing List , Steve deRosier References: <20201201194556.5220-1-ardb@kernel.org> <20201201215722.GA31941@gondor.apana.org.au> <20201201220431.GA32072@gondor.apana.org.au> <20201201221628.GA32130@gondor.apana.org.au> <20201201231158.GA32274@gondor.apana.org.au> <20201210024342.GA26428@gondor.apana.org.au> From: Ben Greear Organization: Candela Technologies Message-ID: Date: Wed, 9 Dec 2020 19:01:12 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <20201210024342.GA26428@gondor.apana.org.au> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-MW Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 12/9/20 6:43 PM, Herbert Xu wrote: > On Thu, Dec 10, 2020 at 01:18:12AM +0100, Ard Biesheuvel wrote: >> >> One thing I realized just now is that in the current situation, all >> the synchronous skciphers already degrade like this. >> >> I.e., in Ben's case, without the special ccm implementation, ccm(aes) >> will resolve to ccm(ctr(aesni),cbcmac(aesni)), which is instantiated >> as a sync skcipher using the ctr and ccm/cbcmac templates built on top >> of the AES-NI cipher (not skcipher). This cipher will also fall back >> to suboptimal scalar code if the SIMD is in use in process context. > > Sure, your patch is not making it any worse. But I don't think > the extra code is worth it considering that you're still going to > be running into that slow fallback path all the time. How can we test this assumption? I see 3x performance gain, so it is not hitting the fallback path much in my case. What traffic pattern and protocol do you think will cause the slow fallback path to happen often enough to make this patch not helpful? > Much better to fix the wireless code to actually go async. This will not happen any time soon, so better to make incremental improvement in the crypt code. Thanks, Ben -- Ben Greear Candela Technologies Inc http://www.candelatech.com