Re: [PATCH v2 1/4] crypto: essiv - create wrapper template for ESSIV generation

Hi Ard, ut 18. 6. 2019 o 23:28 Ard Biesheuvel napísal(a): > Implement a template that wraps a (skcipher,cipher,shash) or > (aead,cipher,shash) tuple so that we can consolidate the ESSIV handling > in fscrypt and dm-crypt and move it into the crypto API. This will result > in better test coverage,

Re: [dm-devel] [PATCH] dm: switch dm-verity to async hash crypto API

Hi Gilad, 2017-01-24 15:38 GMT+01:00 Gilad Ben-Yossef : > - v->tfm = crypto_alloc_shash(v->alg_name, 0, 0); > + v->tfm = crypto_alloc_ahash(v->alg_name, 0, CRYPTO_ALG_ASYNC); I believe you should pass zero as the mask here. When flags == 0 and mask == CRYPTO_ALG_ASYNC, you are basical

Re: [dm-devel] [RFC PATCH 0/6] Add bulk skcipher requests to crypto API and dm-crypt

2017-01-18 5:48 GMT+01:00 Herbert Xu : > I'm open to other proposals. The basic requirement is to be able to > process multiple blocks as one entity at the driver level, potentially > generating the IVs there too. > > It's essentially the equivalent to full IPsec offload. Hm, I just looked at wha

Re: [dm-devel] [RFC PATCH 6/6] dm-crypt: Add bulk crypto processing support

Hi Binoy, 2017-01-16 9:37 GMT+01:00 Binoy Jayan : > The initial goal of our proposal was to process the encryption requests with > the > maximum possible block sizes with a hardware which has automated iv generation > capabilities. But when it is done in software, and if the bulk > requests are p

Re: [dm-devel] [RFC PATCH 0/6] Add bulk skcipher requests to crypto API and dm-crypt

2017-01-13 15:29 GMT+01:00 Herbert Xu : > What if the driver had hardware support for generating these IVs? > With your scheme this cannot be supported at all. That's true... I'm starting to think that this isn't really a good idea. I was mainly trying to keep the door open for the random IV suppo

Re: [dm-devel] [RFC PATCH 0/6] Add bulk skcipher requests to crypto API and dm-crypt

2017-01-13 11:41 GMT+01:00 Herbert Xu : > On Thu, Jan 12, 2017 at 01:59:52PM +0100, Ondrej Mosnacek wrote: >> the goal of this patchset is to allow those skcipher API users that need to >> process batches of small messages (especially dm-crypt) to do so efficiently. > > Please explain why this can'

Re: [dm-devel] [RFC PATCH 5/6] crypto: aesni-intel - Add bulk request support

Hi Eric, 2017-01-13 4:19 GMT+01:00 Eric Biggers : > To what extent does the performance benefit of this patchset result from just > the reduced numbers of calls to kernel_fpu_begin() and kernel_fpu_end()? > > If it's most of the benefit, would it make any sense to optimize > kernel_fpu_begin() and

Re: [dm-devel] [RFC PATCH v2] crypto: Add IV generation algorithms

Hi Binoy, 2016-12-13 9:49 GMT+01:00 Binoy Jayan : > Currently, the iv generation algorithms are implemented in dm-crypt.c. > The goal is to move these algorithms from the dm layer to the kernel > crypto layer by implementing them as template ciphers so they can be > implemented in hardware for per