lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 1 Jun 2016 12:17:35 +0900
From:	Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>
To:	Minchan Kim <minchan@...nel.org>
Cc:	Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>,
	Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Joonsoo Kim <iamjoonsoo.kim@....com>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 4/8] zram: use crypto api to check alg availability

On (06/01/16 11:27), Minchan Kim wrote:
[..]
> > > So, if we do 'cat /sys/block/zram0/comp_algorithm", every crypto modules
> > > in the backend array are loaded in memory and not unloaded until admin
> > > executes rmmod? Right?
> > 
> > yes, I think so.
> 
> It scares me. Common case, except one we choosed, every loaded modules
> will be not used. I think it's really not good. Although the wastage
> might be not big now, it will be heavy as crypto comp modules are
> increased.

well... if you have those modules enabled then you somehow expect
them to be loaded at some point, if not by zram, then by something
else (networking, etc.). /* not speaking of the systems that have
those modules built-in */ I'm not saying that what we have is
optimal, of course, but it's not so senseless at the same time.


> What do you think about it?

I can do something like this:

diff --git a/drivers/block/zram/zcomp.c b/drivers/block/zram/zcomp.c
index 1a4bd20..9b704cc 100644
--- a/drivers/block/zram/zcomp.c
+++ b/drivers/block/zram/zcomp.c
@@ -20,10 +20,18 @@
 
 static const char * const backends[] = {
        "lzo",
+#if IS_ENABLED(CONFIG_CRYPTO_LZ4)
        "lz4",
+#endif
+#if IS_ENABLED(CONFIG_CRYPTO_DEFLATE)
        "deflate",
+#endif
+#if IS_ENABLED(CONFIG_CRYPTO_LZ4HC)
        "lz4hc",
+#endif
+#if IS_ENABLED(CONFIG_CRYPTO_842)
        "842",
+#endif
        NULL
 };


so both BUILTIN and BUILT-AS-A-MODULE cases are handled at compile
time now and we can avoid crypto_has_comp() checks for most of the
comp_algorithm calls, except for the case when someone requests an
out-of-tree module.

	-ss

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ