Received: by 2002:a05:6500:1b41:b0:1fb:d597:ff75 with SMTP id cz1csp300314lqb; Tue, 4 Jun 2024 11:42:27 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUPs8qU6pj4pXfO2bwOKk7hRiUcYVyfJiEuVVBmtoIz7PuI2ul96JqmT4qSR62SR/CUWHxFD+FR9iiBujL0cxoNwp3HHkgoQeqc51M+zg== X-Google-Smtp-Source: AGHT+IFG6ccpwC6zBCfXOCw1pCMWIittoNOiUCajTyej0xXatO8c0SgOGFlOzZHwFx/fOxRWJV5n X-Received: by 2002:a17:902:f688:b0:1f2:feb4:84f3 with SMTP id d9443c01a7336-1f6a10772bdmr18687745ad.1.1717526547353; Tue, 04 Jun 2024 11:42:27 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717526547; cv=pass; d=google.com; s=arc-20160816; b=mm7hTIt33OapPrvSWbn7gLe7ftzk0PzpqJoaK/8kckecYYK3KjMp0r10hHKmyLCqfE oRsDPL7Db8zefU8P3ImCTTTSopM/yTjm5PBfAe/R48rdDfY1L4KFKnS+B4MQgb7PGwTM qQFJ7lMzw2WEJssS+eGsCutocy+oRos1N2D+LUPaXM1CzRxC5/L3gDeDEx3aHEAPjd3I LLDhiBeb+X22jVqiOISQKqPR6sf/GPZ66x0QLw+CLdw52HbmSrNlfoh2zFdnD7Z4lKj3 kJ3Yo7Q42yErgD0GbJ/c8C0rty8j8AfTjc3QF/A2C0D8P2kCvf19gywHz+sLmmYpItnJ iIoA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=0Pz7Y3QgSKCRl+hj5wDmlyddgYBrCrFbqMIAuC5zuyY=; fh=PhjcRUevoInpMasAa/8hoLgoaNjfou5FLS3vcqu9Nww=; b=xo9ALuv/odqCFtf1omXXebxgKetT2L7Um2j2YlSfv7z0nBOrcELt4DlHQ3IsyypgAO Lijsz+4D9uIGQKgjPpEQ3bbvUmPBSEUMEFXP7aKvlu1v87CoXBVPBF5P1yiXs/gVvJEw 2hnMvQY086sbejNYW67h9TxgLEpVv/EYoKSs88acO7GkDgYtwe49/Nu/OPSuMBtawPhV 9u1Sissak+CPK11v5t9Agb0C+ukeYEvlC4SKK9ApkGTOcdUK0EViJKSh/CnwcHC4pxL1 GCfuWqr/hMMagP+6z8BNSB4F7Tqlx7FR0H5OTltE2JhPwBUuvWSyfTGdKH5RvojRNPzC nKVQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=bfdxaZrU; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4706-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4706-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id d9443c01a7336-1f632401abcsi84972375ad.484.2024.06.04.11.42.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Jun 2024 11:42:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-4706-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=bfdxaZrU; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4706-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4706-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 97243286227 for ; Tue, 4 Jun 2024 18:42:26 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BDD991474D9; Tue, 4 Jun 2024 18:42:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="bfdxaZrU" X-Original-To: linux-crypto@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7433613B5A0; Tue, 4 Jun 2024 18:42:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717526542; cv=none; b=NMvx3VN5JVPAcb3uo2iFNk0yo1iI58QaerDB54ZwCnaKcr0VrXgKW39vxsA54S8i5hYh5IaYJ89HHFJ0PDsoFzIv6PhGvKoo84PbrDZE6Nu9Cwp+sIkYvtEx9xunFwXVa7CVYvKB38s2n+fGW8y68WnyaCFHf9sa0nPk8L3L+z4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717526542; c=relaxed/simple; bh=TAmCuYHgvksi5yyEVMkM6NTME/kcFTf5GBRttrygVtI=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=V6Yf6/bh1zAEe6fZqGGNJ6xXic9b0rYFCsnZo2bjUeuvEW+w4cWaSmLTB/IxFB7rUXsFhDMpWRqCUD7v1rWjfj9Mii/a8z35cssQeDfCkKOBbS3zDBdk1FiPO+UGaU8h6+HPIF4v+KoKktjTNkunZeCq+uqKbO/LpMpX0EWn0NU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=bfdxaZrU; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id A7205C2BBFC; Tue, 4 Jun 2024 18:42:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1717526542; bh=TAmCuYHgvksi5yyEVMkM6NTME/kcFTf5GBRttrygVtI=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=bfdxaZrUUfeWaewS3+OMZfVZyZ/6y0h0RkZ6D9paQP7HPumPolPQQskFYL6esLdNW UQM3oxuC10eW1VW0GtWsISafG3E+Ng9lq6mc5h7qF2JfGH0E5XSwQWx/oXmBZ5exke 4J12DaZoG4OsnvptXz3U8KjpFgdwJi8hOEElfEam0iOXOI6LSBQICVcSu2gY40vOe2 +6efNfsIHtta3Hi/Er2JkRjiseTsidl6N8ft1Qof67aZbnzknNddD5pK/vsZIxBShe zxXHHdMmluqGD/KEFay+/DxZXT83prvA6O2n78rU2zcsRfVlem8iDQ5+UyII9cckOB 8IkTKkQVdiFwA== Date: Tue, 4 Jun 2024 11:42:20 -0700 From: Eric Biggers To: Herbert Xu Cc: linux-crypto@vger.kernel.org, fsverity@lists.linux.dev, dm-devel@lists.linux.dev, x86@kernel.org, linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , Sami Tolvanen , Bart Van Assche Subject: Re: [PATCH v4 6/8] fsverity: improve performance by using multibuffer hashing Message-ID: <20240604184220.GC1566@sol.localdomain> References: <20240603183731.108986-1-ebiggers@kernel.org> <20240603183731.108986-7-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Tue, Jun 04, 2024 at 05:37:36PM +0800, Herbert Xu wrote: > On Mon, Jun 03, 2024 at 11:37:29AM -0700, Eric Biggers wrote: > > > > + for (i = 0; i < ctx->num_pending; i++) { > > + data[i] = ctx->pending_blocks[i].data; > > + outs[i] = ctx->pending_blocks[i].hash; > > + } > > + > > + desc->tfm = params->hash_alg->tfm; > > + if (params->hashstate) > > + err = crypto_shash_import(desc, params->hashstate); > > + else > > + err = crypto_shash_init(desc); > > + if (err) { > > + fsverity_err(inode, "Error %d importing hash state", err); > > + return false; > > + } > > + err = crypto_shash_finup_mb(desc, data, params->block_size, outs, > > + ctx->num_pending); > > + if (err) { > > + fsverity_err(inode, "Error %d computing block hashes", err); > > + return false; > > + } > > So with ahash operating in synchronous mode (callback == NULL), this > would look like: > > struct ahash_request *reqs[FS_VERITY_MAX_PENDING_DATA_BLOCKS]; > > for (i = 0; i < ctx->num_pending; i++) { > reqs[i] = fsverity_alloc_hash_request(); > if (!req) { > free all reqs; > return false; > } > > if (params->hashstate) > err = crypto_ahash_import(&reqs[i], params->hashstate); > else > err = crypto_ahash_init(&reqs[i]); > > if (err) { > fsverity_err(inode, "Error %d importing hash state", err); > free all reqs; > return false; > } > } > > for (i = 0; i < ctx->num_pending; i++) { > unsigned more; > > if (params->hashstate) > err = crypto_ahash_import(req, params->hashstate); > else > err = crypto_ahash_init(req); > > if (err) { > fsverity_err(inode, "Error %d importing hash state", err); > free all requests; > return false; > } > > more = 0; > if (i + 1 < ctx->num_pending) > more = CRYPTO_TFM_REQ_MORE; > ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP | more, > NULL, NULL); > ahash_request_set_crypt(req, ctx->pending_blocks[i].sg, > ctx->pending_blocks[i].hash, > params->block_size); > > err = crypto_ahash_finup(req); > if (err) { > fsverity_err(inode, "Error %d computing block hashes", err); > free all requests; > return false; > } > } > > You're hiding some of the complexity by not allocating memory > explicitly for each hash state. This might fit on the stack > for two requests, but eventually you will have to allocate memory. > > With the ahash API, the allocation is explicit. > This doesn't make any sense, though. First, the requests need to be enqueued for the task, but crypto_ahash_finup() would only have the ability to enqueue it in a queue associated with the tfm, which is shared by many tasks. So it can't actually work unless the tfm maintained a separate queue for each task, which would be really complex. Second, it adds a memory allocation per block which is very undesirable. You claim that it's needed anyway, but actually it's not; with my API there is only one initial hash state regardless of how high the interleaving factor is. In fact, if multiple initial states were allowed, multibuffer hashing would become much more complex because the underlying algorithm would need to validate that these different states are synced up. My proposal is much simpler and avoids all this unnecessary overhead. Really the only reason to even consider ahash at all would be try to support software hashing and off-CPU hardware accelerators using the "same" code. However, your proposal would not achieve that either, as it would not use the async callback. Note, as far as I know no one actually cares about off-CPU hardware accelerator support in fsverity anyway... - Eric