lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <461F74F0.1070206@aitel.hist.no>
Date:	Fri, 13 Apr 2007 14:17:52 +0200
From:	Helge Hafting <helge.hafting@...el.hist.no>
To:	Francis Moreau <francis.moro@...il.com>
CC:	linux-kernel@...r.kernel.org
Subject: Re: [CRYPTO] is it really optimized ?

Francis Moreau wrote:
> Hi,
>
> After reading the crypto code and trying to implement a AES driver,
> I'm wondering if the current  implementation is optimum. My plan is to
> use _exclusively_ the AES driver to encrypt filesystems by using
> eCryptfs for example.
>
> But it seems that because the current implementation of the crypto
> core allows the drivers to be accessed by any part of the kernel at
> any time, that forces the AES driver to do extra works for each block
> ciphering: mainly they are (a) set the key in AES controller (b)
> generate the decryption key if in decrypt mode.
>
> So is this interpretation right ? If so wouldn't it be appropriate to
> introduce a mechanism to reserve this AES hardware for a special
> purpose (filesystem encryptions) and thus make it as fast as possible
> ?
>
Would this really help?
When reading/writing files, most of the time is i/o-wait, isn't it?

Reserving the device exclusively seems excessive. How about
a quick test to see if someone else have been using it since
the last time your crypto-fs used it?  If nobody else used it, then
you don't need to reset they key and so on.

If nobody else is using the AES controller, you get the same speed
as with a reservation.  If something else is using AES then it won't be
as fast, but then the AES controller have been used for other useful
work as well.  Other parts of the kernel surely won't use it just for 
fun. :-)

Helge Hafting


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ