Received: by 2002:ab2:6d45:0:b0:1fb:d597:ff75 with SMTP id d5csp507665lqr; Wed, 5 Jun 2024 12:14:17 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVT5FkXjhnQAcMEdpTaUtuZ9Ju9k0tyM2OOi3yrwC6CoUD9rvm9QT1MAMUF6Xb3QKK8+oBqA+7V+6u8APMkGYOaslKKDIxCKEKhM0Zg1Q== X-Google-Smtp-Source: AGHT+IGv6NXZNBjpPcpepQ++0WNlt/NGThPoLURFxEE1U9fc/NWJobLwB4a43bCNBJSsd4FoTjG9 X-Received: by 2002:a05:6a00:4b4f:b0:6f8:e442:a282 with SMTP id d2e1a72fcca58-703e59e498cmr4066592b3a.21.1717614856864; Wed, 05 Jun 2024 12:14:16 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717614856; cv=pass; d=google.com; s=arc-20160816; b=LqeHFvrjLHa+1F3dan/VtG4jktIWx3RkXjZTzOgFSRgp6wjSB38CDLLV2O7BkIy7lH GYqYG9Wulg1Hg5OoLxhRIOwwswZEdUqx7aA4QaCon0hyim15kyu3ShPX5izC5iWUvuHX cohVUiWdnzte/VbA9HBwCTVOmjhmmIGKpvxUlDKef28yDpymMitvwbGEhqPOJjI2Yo3v n63/Npxg0Wf4BpgvQnjNbEimOUwjLaFuDH+XkvBO3Dc0WLN+G2Ccxf1uEzUh8EmtwD6h 0CFXmdDMhb9AnWC0fu+COx5OKycnpr+YfhvbRW5KxTV0EHgla3O2UxgfU3Tts74+EkF2 jrCg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=8UxFubtPw9Yyo3eJRz5liUWzrPhVhnjsNFtu+Yu+sRo=; fh=V2TNGKG5uKhzZbmZIeBQVqEHN52tCpjUQL3SSVDjxIs=; b=JsMRws+/RrQGRFJRRwOYkN1EYmxdoEmxtAvhkti1eTzMNYkwOFTbCyQcmNbByZmQuW H1Y5fSzXhNkGjoX18y2iWS28li2NxY7rrqMaoeUhu8eGMRN410EeRNxq1gw2CkuvG+22 XKWq44vqO+IqJm4G/K/hIFr389fz7B9aN6Sudy8N50/MvM3vq1sJLMb4jB5l82mDwyNT b1XKbidlRESRWKLEW+0FTjoCQjHvNm89jC2+bTpJa1pL6NjBq2cTH/yxydoba4oFIpb0 YLR8yx+d1zd5Vo86CwwPDPvL4E2B5urDvCQaljEgGW9gZC0Lyf8VEswOYC0hpFbQrzJz 7tsg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=PmNAZJkq; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4763-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4763-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id d2e1a72fcca58-70242d5edbdsi3224547b3a.374.2024.06.05.12.14.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 05 Jun 2024 12:14:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-4763-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=PmNAZJkq; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4763-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4763-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 270892861A5 for ; Wed, 5 Jun 2024 19:14:16 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E772113CFBD; Wed, 5 Jun 2024 19:14:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="PmNAZJkq" X-Original-To: linux-crypto@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9C79E13C9C7; Wed, 5 Jun 2024 19:14:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717614852; cv=none; b=CoZclH4MK5o1FMnoLTbu8uW2//+wV1JscN8k8EMLkEnVxe5gBdPlEHQk8QsQOUb/brs9h8M2puScqSI0aKxuJMTc8HIpm4z8wFc4GUkxRO1sfuWEuIvf4VrAms12sfZLGeSe1h0jW4Urk4QRJTPltPrOCj+/2WpIxKl0Bq8Dct0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717614852; c=relaxed/simple; bh=anJCOkwW/JCOoSR2rAINEuJ0OMo6WwM1LrBeDLnzJ+k=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=ioIg54q+ff7pCCNNmxXT8xBLUE7DPoWCcRI3/JRAwXXK33RgKNkDgfWfax9Kr/O4EtNb8/szDykRb3p3FwiPZZJKlF5fOH7ByCXl1ckCRavHAd6jElBEFdg5VMehQ0ZfGS7f5023tiHQwInzF2mbKauql+pFJYM/xLTvWzeF0BI= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=PmNAZJkq; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id BFE59C2BD11; Wed, 5 Jun 2024 19:14:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1717614852; bh=anJCOkwW/JCOoSR2rAINEuJ0OMo6WwM1LrBeDLnzJ+k=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=PmNAZJkqpGyH6vjNz47hE1ihjyXMSZTKTyoxMHhsiKfjXaljY0BTR417ondXgtokP 0jKANCFz07Dmgf+Vky5fYkDRhoxj8uCoebggx0Z8Q1djaJknCIvsfjINlfF9dy85CE 6WW38NV01bsMeRVwzeqQo3cDuSZyjB927EtHkUXwIndbI+rh5+RO6JDC16fwnR5SKg hglKztyr1w/MqT5KmbdkXB4ozoW6HFvVCGSt0a0whfigTl20B3QGWYiasLzizdsBtI zkX5Nznmb2/svFBIuTCUL4023Hl8en/suEUqcR2P8Cp0Sk0Z20RAO32FQkjeTnByMz zsTjoIXuPhmFw== Date: Wed, 5 Jun 2024 12:14:10 -0700 From: Eric Biggers To: Herbert Xu Cc: Steffen Klassert , netdev@vger.kernel.org, linux-crypto@vger.kernel.org, fsverity@lists.linux.dev, dm-devel@lists.linux.dev, x86@kernel.org, linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , Sami Tolvanen , Bart Van Assche Subject: Re: [PATCH v4 6/8] fsverity: improve performance by using multibuffer hashing Message-ID: <20240605191410.GB1222@sol.localdomain> References: <20240603183731.108986-1-ebiggers@kernel.org> <20240603183731.108986-7-ebiggers@kernel.org> <20240604184220.GC1566@sol.localdomain> Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Wed, Jun 05, 2024 at 05:46:27PM +0800, Herbert Xu wrote: > On Wed, Jun 05, 2024 at 05:22:21PM +0800, Herbert Xu wrote: > > > > However, I really dislike the idea of shoehorning this into shash. > > I know you really like shash, but I think there are some clear > > benefits to be had by coupling this with ahash. > > If we do this properly, we should be able to immediately use the > mb code with IPsec. In the network stack, we already aggregate > the data prior to IPsec with GSO. So at the boundary between > IPsec and the Crypto API, it's dividing chunks of data up to 64K > into 1500-byte packets and feeding them to crypto one at a time. > > It really should be sending the whole chain of packets to us as > a unit. > > Once we have a proper mb interface, we can fix that and immediately > get the benefit of mb hashing. > This would at most apply to AH, not to ESP. Is AH commonly used these days? Also even for AH, the IPsec code would need to be significantly restructured to make use of multibuffer hashing. See how the segmentation happens in xfrm_output_gso(), but the ahash calls happen much lower in the stack. I'm guessing that you've had the AH use case in mind since your earlier comments. Given you were originally pushing for this to be supported using the existing async support in the ahash API (which would have required fewer code changes on the AH side), but we now agree that is not feasible, maybe it is time to reconsider whether it would still be worthwhile to make all the changes to the AH code needed to support this? Also, even if it would be worthwhile and would use ahash, ahash is almost always just a wrapper for shash. So the shash support would be needed anyway. - Eric