Re: [RFC] crypto: Remove mcryptd

From: Herbert Xu
Date: Thu Aug 16 2018 - 02:55:29 EST

On Thu, Aug 09, 2018 at 07:40:33PM -0700, Megha Dey wrote:
> 1.
> @@ -495,7 +534,10 @@ static void cryptd_skcipher_encrypt(struct
> crypto_async_request *base,
> skcipher_request_set_crypt(subreq, req->src, req->dst,
> req->cryptlen, req->iv);
> - err = crypto_skcipher_encrypt(subreq);
> + subreq-> = req->;
> + subreq->base.complete = rctx->complete;
> + rctx->desc = *subreq;
> + err = crypto_skcipher_encrypt(&rctx->desc);
> skcipher_request_zero(subreq);
> This change is necessary because for the multibuffer algorithms, the
> inner algorithm needs a pointer to the original request. In the slow
> path, since we allocate a skcipher_request on the stack, there is no
> easy way to retrieve the request. In the mcryptd_layer, we had extra
> logic to store this pointer.

Why do you need the original request?

I think the fact that you need this at all indicates that you're
not using cryptd correctly. cryptd should be completely transparent
to the underlying algorithm. All it's doing is making sure that
the underlying algorithm gets called in a context that allows SIMD

> Lastly, for hashes, we have
> struct cryptd_hash_request_ctx {
> crypto_completion_t complete;
> struct shash_desc desc;
> };
> If we were to use this(with the added fields for multibuffer), we should
> update the shash_desc to ahash_request since we are an async algorithm
> right?

That's a good point. More importantly, you also need to extend
cryptd to allow an ASYNC underlying algorithm, for skcipher as well
as hashes. This is not as simple as just modifying the type/mask
during algorithm creation. But you also need to modify the run-time
(e.g., cryptd_skcipher_encrypt) to defer the completion in case of an
async return value.

The same change also needs to be made to crypto/simd.c, but at least
there the run-time doesn't need any changes AFAICS.

Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page:
PGP Key: