Received: by 2002:a05:6500:2018:b0:1fb:9675:f89d with SMTP id t24csp647530lqh; Fri, 31 May 2024 11:51:36 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWjB7ZZh1moEUWtpkbrNAXmdmzvhe/ajES6XwsFuoasRLaVg56/HyOqFBY7/GsbhXZmiFMww1sJZG3R8BJz2X7tK2jdlGtP4wIygNXvqg== X-Google-Smtp-Source: AGHT+IH1pyrb85Tqep9KB0ffcHk/LDe9kVhFtvyy1JK8HRhOyETzer+f/QulkPL1sA+4aW7mjAll X-Received: by 2002:a17:906:2293:b0:a5a:15f6:157f with SMTP id a640c23a62f3a-a681f87e9damr189718466b.14.1717181496394; Fri, 31 May 2024 11:51:36 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717181496; cv=pass; d=google.com; s=arc-20160816; b=PvqXuJ6tKyQZV3CRvaC7B5pvsuKWhHwFp44W+VO+rZF88sbm2CnXfXbeUx3/n1mkUU eAwRg5GWfNqB2285X38k3+m3d32aZ+hVO6pt3VkXtgcA3PoOM80tcUpPkYDX4MoNjb1O dERcPooxWvtRQNAKgtKwXN3VVVfMDASmqY/RyTcCmrR4ukEDq8YsqYefXe0BJhvJNkRf XQfuXEFu6BN3oU8PUBC+/jenKe4DzvMI0MlC1U4C6sAShXeSjES9YjbkNKRStRDDrbHq jpsMaJm0BXi0msto8AEmmpmcL+2vk4Uk8MZJdrU+RBSliMh4yVRzfypoXz49p6n867tY 4eAg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=Zt0lA8QIwurImwhxUI3yr6q1saye+VTlarnVvIC/HBQ=; fh=BVP83eNr+oWatb4qMBZYyHe7HobjerBKYantRajwKl4=; b=CvLh8IT1A5dAJD1Xnt2XG+aq6jZVWrViQSntVaqJ91JCzjFztkYGT4i8sHVj8K+IXw AJ8to15fN/qczBciIsTAfkgqpzLn4KYySaAjaqDIrk8MKzZ9FDleDjsgdkvG56RMbz/y HTUt5qFQ0rDUpsw8lR+axomwv17+0zMNSg1C4/eQs9U857b3htnVGIQdxV0Y6C7NnxiT FezmNlRMFOk/G9uapxs/6i/lCtQhEtfUJKhhPHgV2J/KqxtbRVxzWc+Zn/GNUwLgt2sh bDy5i15zXHAgv7VIpymxrLitnoVIqXFJe6vxjgBnnzyo5Qr99NdGWToNgAtJZbIkpTt0 7u3A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=U6+A2RRF; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4622-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4622-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id a640c23a62f3a-a67ea38edc1si120026366b.397.2024.05.31.11.51.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 31 May 2024 11:51:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-4622-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=U6+A2RRF; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4622-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4622-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 20B321F264E5 for ; Fri, 31 May 2024 18:51:36 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B70F67E761; Fri, 31 May 2024 18:51:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="U6+A2RRF" X-Original-To: linux-crypto@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6C97F1CA89; Fri, 31 May 2024 18:51:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717181489; cv=none; b=rKiBCUeeMQHwZAU1oDO6dbW1ca5z77EHthW8QUA6kVIvCNHXd9NCUPC8i6Gb1l717jdqRs8uv2eFuE5QGinUvVvYjtQbbUFNQinPkVrhO4P1gLV8qCx4DaLfVIcWweRKH5gBDJBux7zlEyG4XoFPlgGh6DPkJOJJrfbOIlKxH+4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717181489; c=relaxed/simple; bh=425DZ3UCisx8otC/gkXIPtUZJzI0dGvveryU7QJMn1I=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=OYqyPJe0NJ8zZyayRvc9YPZ96genSU3EHWOI8vDrnuUlDT7iSLgL4ZykQjszKVMeGawsE+mO6h4sNSsHvYVmHLxPunmYLASQPvh6qn5LFsMyuMFublV/09+mlwKIa9OgWlcEY+U8gos59M3tJzT9nyIyB0sTLeATYmrt1T+JIog= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=U6+A2RRF; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9668BC116B1; Fri, 31 May 2024 18:51:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1717181488; bh=425DZ3UCisx8otC/gkXIPtUZJzI0dGvveryU7QJMn1I=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=U6+A2RRFyGIHsAjGQ6xAKJCMtrdiNLyterSfNkeWqKSAdCsxac5rAYlmq164zeqQM bzmNi9gCIYj5DF7lP5oge4jy8fdOrkDGoSHVuBRqWiyLH6FYED/BngevptVBDWYLGM ZyA4rTnUdHw4WTSJBwAOss8k8hE6pAkHFBUFxQSFl/kIPWjSwD474mif6AKN98x7Ia ABjuyg3y1DnBmfY8cxX2N8HuVmKB2xVc8jQBfDquiifcPu8rw4jPov8wRpBBg4LY2g gQvMCTOX8CX/fWmh78AtB9A4sTQ23avCpGo9wz7Q7fYTdYGWNQljxOeNZiaJza1u27 lelAZ+JKM7PzA== Date: Fri, 31 May 2024 11:51:26 -0700 From: Eric Biggers To: Herbert Xu Cc: linux-crypto@vger.kernel.org, fsverity@lists.linux.dev, dm-devel@lists.linux.dev, x86@kernel.org, linux-arm-kernel@lists.infradead.org, ardb@kernel.org, samitolvanen@google.com, bvanassche@acm.org Subject: Re: [PATCH v3 6/8] fsverity: improve performance by using multibuffer hashing Message-ID: <20240531185126.GA1153@sol.localdomain> References: <20240507002343.239552-7-ebiggers@kernel.org> <20240531061348.GG6505@sol.localdomain> <20240531065258.GH6505@sol.localdomain> Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Fri, May 31, 2024 at 04:49:28PM +0800, Herbert Xu wrote: > On Thu, May 30, 2024 at 11:52:58PM -0700, Eric Biggers wrote: > > > > Looking at it again a bit more closely, both fsverity and dm-verity have > > per-block information that they need to keep track of in the queue in addition > > to the data buffers and hashes: the block number, and in dm-verity's case also a > > bvec_iter pointing to that block. > > Again I'm not asking you to make this API asynchronous at all. What exactly are you suggesting, then? It seems that you want multibuffer hashing to be supported by the existing ahash API. However, that only works if it's made asynchronous, given how the messages would have to be queued up on a global queue. That has a huge number of issues which I've already explained. (And it was even tried before, and it failed.) > I was just commenting on the added complexity in fsverify due to > the use of the linear shash API instead of the page-based ahash API. It's the other way around. The shash version is much simpler. Just look at the diff of commit 8fcd94add6c5 that changed from ahash to shash: 4 files changed, 71 insertions(+), 200 deletions(-) > This complexity was then compounded by the multi-buffer support. fsverity and dm-verity will have to be updated to use multibuffer hashing anyway, given that transparently supporting it in the existing API is not viable. If your concern is that in my current patchset fsverity and dm-verity have separate code paths for multibuffer vs. single-buffer, as I mentioned I can address that by restructuring them to operate on arrays (similar to what I already did with the crypto API part). > I think this would look a lot simpler if it moved back to ahash. > > The original commit mentioned that ahash was bad for fsverify > because of vmalloc. But the only use of linear pointers in fsverify > seems to be from kmalloc. Where is the vmalloc coming from? XFS is working on adding support for fsverity, and XFS was planning to provide their Merkle tree blocks in vmalloced buffers. Their plans have shifted several times, and I think their latest plan no longer uses vmalloced buffers. But in any case it's still very convenient and much simpler to be able to just use virtual addresses without having to worry about what type of memory it is. - Eric