lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 14 Jan 2020 10:40:53 +0000
From:   Iuliana Prodan <iuliana.prodan@....com>
To:     Herbert Xu <herbert@...dor.apana.org.au>,
        "baolin.wang@...aro.org" <baolin.wang@...aro.org>
CC:     Horia Geanta <horia.geanta@....com>,
        Aymen Sghaier <aymen.sghaier@....com>,
        "David S. Miller" <davem@...emloft.net>,
        "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        dl-linux-imx <linux-imx@....com>,
        Silvano Di Ninno <silvano.dininno@....com>
Subject: Re: [PATCH v2 09/10] crypto: caam - add crypto_engine support for RSA
 algorithms

On 1/14/2020 2:14 AM, Herbert Xu wrote:
> On Mon, Jan 13, 2020 at 09:48:11AM +0000, Iuliana Prodan wrote:
>>
>> Regarding the transfer request to crypto-engine: if sending all requests
>> to crypto-engine, multibuffer tests, for non-backlogging requests fail
>> after only 10 requests, since crypto-engine queue has 10 entries.
> 
> That isn't right.  The crypto engine should never refuse to accept
> a request 
Crypto-engine accepts all request that have the backlog flag, the 
non-backlog are accepted till the configured limit (of 10).

> unless the hardware queue is really full.  
Crypto-engine doesn't check the status of hardware queue.
The non-backlog requests are dropped after 10 entries.

> Perhaps the
> crypto engine code needs to be fixed?
To me, crypto-engine seems to be made for backlogged request, that's why 
I'm sending the non-backlog directly to CAAM. The implicit serialization 
of request in crypto-engine is the bottleneck.

But, as I said before, I want to update crypto-engine to set queue 
length when initialize crypto-engine, and remove serialization of 
requests in crypto-engine by adding knowledge about the underlying hw 
accelerator (number of request that can be processed in parallel).
I'll send a RFC with my proposal for crypto-engine enhancements.

But, until then, I would like to have a backlogging solution in CAAM driver.

Thanks,
Iulia

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ