| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMz4kuKXJ5xUXj111VBb9hMH=kT3Y5P3_iVtgeS8kidbLZ+6TA@mail.gmail.com> Date: Wed, 15 Jun 2016 14:27:04 +0800 From: Baolin Wang <baolin.wang@...aro.org> To: Herbert Xu <herbert@...dor.apana.org.au> Cc: Jens Axboe <axboe@...nel.dk>, Alasdair G Kergon <agk@...hat.com>, Mike Snitzer <snitzer@...hat.com>, "open list:DEVICE-MAPPER (LVM)" <dm-devel@...hat.com>, David Miller <davem@...emloft.net>, Eric Biggers <ebiggers3@...il.com>, Joonsoo Kim <js1304@...il.com>, tadeusz.struk@...el.com, smueller@...onox.de, Masanari Iida <standby24x7@...il.com>, Shaohua Li <shli@...nel.org>, Dan Williams <dan.j.williams@...el.com>, "Martin K. Petersen" <martin.petersen@...cle.com>, Sagi Grimberg <sagig@...lanox.com>, Kent Overstreet <kent.overstreet@...il.com>, Keith Busch <keith.busch@...el.com>, Tejun Heo <tj@...nel.org>, Ming Lei <ming.lei@...onical.com>, Mark Brown <broonie@...nel.org>, Arnd Bergmann <arnd@...db.de>, linux-crypto@...r.kernel.org, linux-block@...r.kernel.org, "open list:SOFTWARE RAID (Multiple Disks) SUPPORT" <linux-raid@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [RFC v4 2/4] crypto: Introduce CRYPTO_ALG_BULK flag Hi Herbert, On 8 June 2016 at 10:00, Baolin Wang <baolin.wang@...aro.org> wrote: > Hi Herbert, > > On 7 June 2016 at 22:16, Herbert Xu <herbert@...dor.apana.org.au> wrote: >> On Tue, Jun 07, 2016 at 08:17:05PM +0800, Baolin Wang wrote: >>> Now some cipher hardware engines prefer to handle bulk block rather than one >>> sector (512 bytes) created by dm-crypt, cause these cipher engines can handle >>> the intermediate values (IV) by themselves in one bulk block. This means we >>> can increase the size of the request by merging request rather than always 512 >>> bytes and thus increase the hardware engine processing speed. >>> >>> So introduce 'CRYPTO_ALG_BULK' flag to indicate this cipher can support bulk >>> mode. >>> >>> Signed-off-by: Baolin Wang <baolin.wang@...aro.org> >> >> Nack. As I said before, please do it using explicit IV generators >> like we do for IPsec. > > OK. I would like to try your suggestion. Thanks. After some investigation, I still think we should divide the bulk request from dm-crypt into small request (each one is 512bytes) if this algorithm is not support bulk mode (like CBC). We have talked with dm-crypt maintainers why dm-crypt always use 512 bytes as one request size in below thread, could you please check it? http://www.kernelhub.org/?p=2&msg=907022 That means if we move the IV handling into crypto API, we still can not use bulk interface for all algorithm, for example we still need to read/write with 512 bytes for CBC, you can't use 4k or more block on CBC (and most other encryption modes). If only a part of 4k block is written (and then system crash happens), CBC would corrupt the block completely. It means if we map one whole bio with bulk interface in dm-crypt, we need to divide into every 512 bytes requests in crypto layer. So I don't think we can handle every algorithm with bulk interface just moving the IV handling into crypto API. Thanks. > >> -- >> Email: Herbert Xu <herbert@...dor.apana.org.au> >> Home Page: http://gondor.apana.org.au/~herbert/ >> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt > > > > -- > Baolin.wang > Best Regards -- Baolin.wang Best Regards
Powered by blists - more mailing lists