Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp2311122rwb; Fri, 20 Jan 2023 00:55:27 -0800 (PST) X-Google-Smtp-Source: AMrXdXvs+/ZcoBCxi8W3s8PRPkxGrGg7vJ1bgWA1wjNWDqaXZHvrS0CnHDoeYDCQbg6z2MoPDvVq X-Received: by 2002:a05:6a21:e203:b0:b8:5ada:5254 with SMTP id by3-20020a056a21e20300b000b85ada5254mr14269555pzc.25.1674204927534; Fri, 20 Jan 2023 00:55:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674204927; cv=none; d=google.com; s=arc-20160816; b=BA8c+8rUabOWT5M06gZ1FvZ/vQHeaxAd5K+126JcJB3gh0n+7It0GFssExxcUPrznK Whk8Hfqns6TbuFH0BIvaKMD8zA9MQoZKy934f5MxsgVB0GKqYNwdwpp1kJCu8RVo7fLA 9kTEl5b9kCURn6fvsl3yoVRuPbNVxoBWH8DvuhlReillgpqvuYasRQ9K81jUzWtQ3qe7 CMpDYpwjBd2LcMEwUrJmAGKjtjxib0UcaFG/f8tvPSDAoEdKbD3lYXlylBFBerho5qir 4bfen7Jxv0zpFTkVD60qSJjoFDJurLp+BsahC4eh8F3Lvkqu4mEIr3WvnT/PXysM7mH1 lwxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=h42z0UQMdcLFjlUoH0XuLpn+rD7bMqkcB/1Zy7f3hAw=; b=kZTt3PL5/mkYOzMHod8e1jt0eQTE3yqoH0h+7VIwpwHyjLpKEThNhyeuqnEumNb1ka gPhgGWtoSW2RV2CVzNliYClEPorxcapyqKgFdnYpmwO02U7we3+yTUBkRRMAQb/w+YdE DUA8/k0u8HIf9U+jFgLRHEuZEZTO6YD3H33fm0rqUmQvO4/2kN91ZMddWhKbkgbZkQHu 0X1DxsS30hIMjhwrQ8c4Fq6VIzH48nTojgADBugM1NjZ9ILBMCNTA3yGX299YKLvbXLC sJwTlcW1XAJGSRyLY0z/bRQtgnbo777BVjTD0RGPmdLqaK4ceqjS5FQ5xewleoDY2FJp IFqA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x5-20020a654145000000b0049d33832387si20781664pgp.461.2023.01.20.00.55.14; Fri, 20 Jan 2023 00:55:27 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229638AbjATIuC (ORCPT + 99 others); Fri, 20 Jan 2023 03:50:02 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60950 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229448AbjATIuB (ORCPT ); Fri, 20 Jan 2023 03:50:01 -0500 Received: from formenos.hmeau.com (helcar.hmeau.com [216.24.177.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 84D6B7DFBD; Fri, 20 Jan 2023 00:49:58 -0800 (PST) Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.94.2 #2 (Debian)) id 1pIn5e-00297g-Rr; Fri, 20 Jan 2023 16:49:39 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Fri, 20 Jan 2023 16:49:38 +0800 Date: Fri, 20 Jan 2023 16:49:38 +0800 From: Herbert Xu To: Dmitry Safonov Cc: linux-kernel@vger.kernel.org, David Ahern , Eric Dumazet , Jakub Kicinski , "David S. Miller" , Andy Lutomirski , Bob Gilligan , Dmitry Safonov <0x7f454c46@gmail.com>, Hideaki YOSHIFUJI , Leonard Crestez , Paolo Abeni , Salam Noureddine , netdev@vger.kernel.org, linux-crypto@vger.kernel.org Subject: Re: [PATCH v4 1/4] crypto: Introduce crypto_pool Message-ID: References: <20230118214111.394416-1-dima@arista.com> <20230118214111.394416-2-dima@arista.com> <7c4138b4-e7dd-c9c5-11ac-68be90563cad@arista.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <7c4138b4-e7dd-c9c5-11ac-68be90563cad@arista.com> X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, Jan 19, 2023 at 06:03:40PM +0000, Dmitry Safonov wrote: > > - net/ipv4/ah4.c could benefit from it: currently it allocates > crypto_alloc_ahash() per every connection, allocating user-specified > hash algorithm with ahash = crypto_alloc_ahash(x->aalg->alg_name, 0, 0), > which are not shared between each other and it doesn't provide > pre-allocated temporary/scratch buffer to calculate hash, so it uses > GFP_ATOMIC in ah_alloc_tmp() > - net/ipv6/ah6.c is copy'n'paste of the above > - net/ipv4/esp4.c and net/ipv6/esp6.c are more-or-less also copy'n'paste > with crypto_alloc_aead() instead of crypto_alloc_ahash() No they should definitely not switch over to the pool model. In fact, these provide the correct model that you should follow. The correct model is to allocate the tfm on the control/slow path, and allocate requests on the fast path (or reuse existing memory, e.g., from the skb). We have not yet explored doing the latter with IPsec but that is certainly a possibility. Yes I understand that this is currently impossible for hashes but that is why I'm working on per-request keys. > - net/xfrm/xfrm_ipcomp.c has its own manager for different compression > algorithms that are used in quite the same fashion. The significant > exception is scratch area: it's IPCOMP_SCRATCH_SIZE=65400. So, if it > could be shared with other crypto users that do the same pattern > (bh-disabled usage), it would save some memory. IPcomp uses the legacy crypto compression interface. We now have a new acomp interface which was specifically designed so that we don't need to have these memory pools. Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt