| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 3 Jun 2016 16:15:28 +0800 From: Baolin Wang <baolin.wang@...aro.org> To: Herbert Xu <herbert@...dor.apana.org.au> Cc: Jens Axboe <axboe@...nel.dk>, Alasdair G Kergon <agk@...hat.com>, Mike Snitzer <snitzer@...hat.com>, "open list:DEVICE-MAPPER (LVM)" <dm-devel@...hat.com>, David Miller <davem@...emloft.net>, Eric Biggers <ebiggers3@...il.com>, Joonsoo Kim <js1304@...il.com>, tadeusz.struk@...el.com, smueller@...onox.de, Masanari Iida <standby24x7@...il.com>, Shaohua Li <shli@...nel.org>, Dan Williams <dan.j.williams@...el.com>, "Martin K. Petersen" <martin.petersen@...cle.com>, Sagi Grimberg <sagig@...lanox.com>, Kent Overstreet <kent.overstreet@...il.com>, Keith Busch <keith.busch@...el.com>, Tejun Heo <tj@...nel.org>, Ming Lei <ming.lei@...onical.com>, Mark Brown <broonie@...nel.org>, Arnd Bergmann <arnd@...db.de>, linux-crypto@...r.kernel.org, linux-block@...r.kernel.org, "open list:SOFTWARE RAID (Multiple Disks) SUPPORT" <linux-raid@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [RFC v2 2/3] crypto: Introduce CRYPTO_ALG_BULK flag On 3 June 2016 at 15:54, Herbert Xu <herbert@...dor.apana.org.au> wrote: > On Fri, Jun 03, 2016 at 03:10:31PM +0800, Baolin Wang wrote: >> On 3 June 2016 at 14:51, Herbert Xu <herbert@...dor.apana.org.au> wrote: >> > On Fri, Jun 03, 2016 at 02:48:34PM +0800, Baolin Wang wrote: >> >> >> >> If we move the IV generation into the crypto API, we also can not >> >> handle every algorithm with the bulk interface. Cause we also need to >> >> use different methods to map one whole bio or map one sector according >> >> to the algorithm whether can support bulk mode or not. Please correct >> >> me if I misunderstand your points. Thanks. >> > >> > Which ones can't be handled this way? >> >> What I mean is bulk mode and sector mode's difference is not only the >> IV handling method, but also the method to map the data with >> scatterlists. >> Then we have two processes in dm-crypt ( crypt_convert_block() and >> crypt_convert_bulk_block() ) to handle the data, so we can not handle >> every algorithm with the bulk interface. > > As I asked, which algorithm can't you handle through the bulk > interface, assuming it did all the requisite magic to generate > the correct IV? Suppose the cbc(aes) algorithm, which can not be handled through bulk interface, it need to map the data sector by sector. If we also handle the cbc(aes) algorithm with bulk interface, we need to divide the sg table into sectors and need to allocate request memory for each divided sectors (As Mike pointed out this is in the IO mapping path and we try to avoid memory allocations at all costs -- due to the risk of deadlock when issuing IO to stacked block devices (dm-crypt could be part of a much more elaborate IO stack). ), that will introduce more messy things I think. > > Cheers, > -- > Email: Herbert Xu <herbert@...dor.apana.org.au> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- Baolin.wang Best Regards
Powered by blists - more mailing lists