Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp2975614ybv; Mon, 24 Feb 2020 15:38:10 -0800 (PST) X-Google-Smtp-Source: APXvYqxQO2fTrd+klVsl1EChOwoD9NoYitw6zF2JR6P2VcHm1aOa2FJki4KXH40OqqIn5SX3Q15o X-Received: by 2002:a9d:7ac9:: with SMTP id m9mr40731428otn.80.1582587490304; Mon, 24 Feb 2020 15:38:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582587490; cv=none; d=google.com; s=arc-20160816; b=cgj4ISW1HGRZTEPhwljGOl86iOjONJjBMhrkVm/8qybCQtGOcQ+2RL3zF/BIFSCBG7 j4g9hQ7ZFhTdrawrmcC+XHR14vAhUSMs4SPj5VR6k3FXZuRXvCWUN5I2shATvXuzgYtA mZVNyHw/nyWjyc1dNKEisYQUDhaSAOR9pJg+qBhwOvO6yulIEGKXm1i4CVbxc9pSCGER uvRNBDsAI1qoClwMUKZNEDyf/9F6LaknCHlYPHlY+osFGeNOstBXqWgu7Y2oBq7NWdmQ aPy6LgnzHvTAqtBqhvx8kraZf6OhlDeQxpuegG320JVWQ3w45gj8o+Qzipz7+ZK0kB/L +gXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=su7zxcSpmTZRMT/KaDln9XS6SD5jlWklN/1EnJqLTaY=; b=eQ6y9S8ZFeTJdHktL/IxrJC+ZqtCY0tztWSQmcCDeV3QWLbd8wyklJPUhO470ECgPG MqteRnSwpSILPWqV4qk413E5SrlIdA5yywYDbyu1/Ou8aKnCU+AGgq3dWqXLIAxH+dnv +pSZ+uzKR0xRcE9jirF+XnpzSF5aUqVoJjQO00P/wXJuzmYPwK7chCs8mh3aGwV/nt3k OROjs7iBBO79ZLYZBLs8b7HWj/tixzPBiDVzgtHtO9VYIKj0PQ33W7PQYdr19Ww0jKbt sHm0EXYUyUXsDRC7gKU73/0mYLVNbelBlFDEfsUNV1pDpApn3f+cF+OUYhNPRlJtVJhD iFGg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=a8iBiTmL; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c5si8740290ots.233.2020.02.24.15.37.59; Mon, 24 Feb 2020 15:38:10 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=a8iBiTmL; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727976AbgBXXg1 (ORCPT + 99 others); Mon, 24 Feb 2020 18:36:27 -0500 Received: from bombadil.infradead.org ([198.137.202.133]:53570 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727081AbgBXXg1 (ORCPT ); Mon, 24 Feb 2020 18:36:27 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=In-Reply-To:Content-Type:MIME-Version :References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=su7zxcSpmTZRMT/KaDln9XS6SD5jlWklN/1EnJqLTaY=; b=a8iBiTmLkCfR2U9kE0H0YYhTfn o/scgFru4hBFHzGI47rRZprkclexGVaEqLsg/rB+QSE6MOYe5nK5Y1JE/sYlvoTfKu9jWgQOBc04h sbbQ4fEsVPSyaV0j12+5FyNyWHxuj2OsU1d8qRaMZxJ/8ab/QhwonRXL1U4J2B0RsT1evDF4WLvD3 Nki3qFEibQFrRTlru5egSP0PRrZb4Qdm9/KhXRx+RzSljbgj93kiY7faRf0dBqTSaibeFHOp3N4tJ wbdqJqnYtIVPFODIAQhv+tQ+vb02DXh4rvICJ6LbuJXKYUDZHVJSycZVvB6U1fjvMp3txTYeymc1R 4jZ/y1eA==; Received: from hch by bombadil.infradead.org with local (Exim 4.92.3 #3 (Red Hat Linux)) id 1j6NGz-0001wx-Mm; Mon, 24 Feb 2020 23:36:25 +0000 Date: Mon, 24 Feb 2020 15:36:25 -0800 From: Christoph Hellwig To: Eric Biggers Cc: Christoph Hellwig , Satya Tangirala , linux-block@vger.kernel.org, linux-scsi@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org, Barani Muthukumaran , Kuohong Wang , Kim Boojin Subject: Re: [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption Message-ID: <20200224233625.GB30288@infradead.org> References: <20200221115050.238976-1-satyat@google.com> <20200221115050.238976-4-satyat@google.com> <20200221173539.GA6525@infradead.org> <20200221183437.GC925@sol.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200221183437.GC925@sol.localdomain> X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org. See http://www.infradead.org/rpr.html Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Fri, Feb 21, 2020 at 10:34:37AM -0800, Eric Biggers wrote: > On Fri, Feb 21, 2020 at 09:35:39AM -0800, Christoph Hellwig wrote: > > High-level question: Does the whole keyslot manager concept even make > > sense for the fallback? With the work-queue we have item that exectutes > > at a time per cpu. So just allocatea per-cpu crypto_skcipher for > > each encryption mode and there should never be a slot limitation. Or > > do I miss something? > > It does make sense because if blk-crypto-fallback didn't use a keyslot manager, > it would have to call crypto_skcipher_setkey() on the I/O path for every bio to > ensure that the CPU's crypto_skcipher has the correct key. That's undesirable, > because setting a new key can be expensive with some encryption algorithms, and > also it can require a memory allocation which can fail. For example, with the > Adiantum algorithm, setting a key requires encrypting ~1100 bytes of data in > order to generate subkeys. It's better to set a key once and use it many times. I didn't think of such expensive operations when setting the key. Note that you would not have to do it on every I/O, as chances are high you'll get I/O from the same submitter and thus the same key, and we can optimize for that case pretty easily. But if you think the keyslot manager is better I accept that, this was just a throught when looking over the code.