lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YoKzTtBv3qWQf4SI@silpixa00400314>
Date:   Mon, 16 May 2022 21:25:50 +0100
From:   Giovanni Cabiddu <giovanni.cabiddu@...el.com>
To:     yoan.picchi@....com
Cc:     Herbert Xu <herbert@...dor.apana.org.au>,
        "David S . Miller" <davem@...emloft.net>, qat-linux@...el.com,
        linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH 0/2] Crypto: Remove x86 dependency on QAT drivers

On Mon, May 16, 2022 at 10:16:33AM +0000, yoan.picchi@....com wrote:
> From: Yoan Picchi <yoan.picchi@....com>
> 
> The QAT acceleration card can be very helpfull for some tasks like dealing
> with IPSEC but it is currently restricted to be used only on x86 machine.
> Looking at the code we didn't see any reasons why those drivers might not
> work on other architectures. We've successfully built all of them on x86,
> arm64, arm32, mips64, powerpc64, riscv64 and sparc64.
> 
> We also have tested the driver with an Intel Corporation C62x Chipset
> QuickAssist Technology (rev 04) PCIe card on an arm64 server. After the numa
> patch, it works with the AF_ALG crypto userland interface, allowing us to
> encrypt some data with cbc for instance. We've also successfully created
> some VF, bound them to DPDK, and used the card this way, thus showing some
> real life usecases of x86 do work on arm64 too.
> 
> Please let us know if we missed something that would warrants some further
> testing.
Thanks Yoan.

Can you please confirm that you tested the driver on the platform you
reported using a kernel with CONFIG_CRYPTO_MANAGER_DISABLE_TESTS not set
and CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y and the self test is passing?
You can check it by running
    $ cat /proc/crypto | grep -B 4 passed | grep -e "qat_\|qat-" | sort
This should report:
    driver       : qat_aes_cbc
    driver       : qat_aes_cbc_hmac_sha1
    driver       : qat_aes_cbc_hmac_sha256
    driver       : qat_aes_cbc_hmac_sha512
    driver       : qat_aes_ctr
    driver       : qat_aes_xts
    driver       : qat-dh
    driver       : qat-rsa

Note that if you are using the HEAD of cryptodev-2.6 you will have to
either revert 8893d27ffcaf6ec6267038a177cb87bcde4dd3de or apply
https://patchwork.kernel.org/project/linux-crypto/list/?series=639755 as
the algorithms have been temporarily disabled.

Regards,

-- 
Giovanni

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ