lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 23 Jul 2021 12:31:28 -0700
From:   Daniel Latypov <dlatypov@...gle.com>
To:     Herbert Xu <herbert@...dor.apana.org.au>
Cc:     davem@...emloft.net, linux-crypto@...r.kernel.org,
        brendanhiggins@...gle.com, davidgow@...gle.com,
        linux-kernel@...r.kernel.org, kunit-dev@...glegroups.com
Subject: Re: [RFC v1 1/2] crypto: tcrypt: minimal conversion to run under KUnit

On Thu, Jul 22, 2021 at 11:43 PM Herbert Xu <herbert@...dor.apana.org.au> wrote:
>
> On Thu, Jul 15, 2021 at 02:31:37PM -0700, Daniel Latypov wrote:
> >> == Questions ==
> > * does this seem like it would make running the test easier?
>
> I don't mind.  tcrypt these days isn't used so much for correctness
> testing.  It's mostly being used for speed testing.  A secondary
> use is to instantiate templates.

Thanks, that makes a lot of sense.
In that case, how useful would `kunit.py run` be? I.e. Do people
mostly want to see numbers on bare metal?

The default mode of `kunit.py run` is to use ARCH=um.
I assume (for at least most of the library-type crypto code) it should
have the same performance characteristics, but that might not be the
case. I can try and get some numbers on that.

There's an option to make `kunit.py run` use ARCH=86_64, but it'll be
in a QEMU VM, so again there's some performance overhead.

If either option seems useful, then perhaps a minimal patch like this
would be beneficial.
I can make it even smaller and less intrusive by restoring the "ret +=
..." code and having a single `KUNIT_EXPECT_EQ_MSG(test, ret, 0, "at
least one test case failed")` at the very end.

It does not sound like patch #2 or any future attempts to try and make
use of KUnit features is necessarily worth it, if correctness testing
isn't really the goal of tcrypt.c anymore.

>
> > * does `tvmem` actually need page-aligned buffers?
>
> I think it may be needed for those split-SG test cases where
> we deliberately create a buffer that straddles a page boundary.
>
> > * I have no clue how FIPS intersects with all of this.
>
> It doesn't really matter because in FIPS mode when a correctness
> test fails the kernel panics.
>
> >   * would it be fine to leave the test code built-in for FIPS instead of
> >   returning -EAGAIN?
>
> The returning -EAGAIN is irrelevant in FIPS mode.  It's more of
> an aid in normal mode when you use tcrypt for speed testing.
>
> Thanks,
> --
> Email: Herbert Xu <herbert@...dor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ