[GIT PULL] Asymmetric keys fix for v6.4-rc5

Herbert Xu herbert at gondor.apana.org.au
Mon Jun 5 08:49:06 UTC 2023


On Fri, Jun 02, 2023 at 08:02:23PM -0400, Linus Torvalds wrote:
>
> I absolutely abhor the crypto interfaces. They all seem designed for
> that "external DMA engine" case that seems so horrendously pointless
> and slow.  In practice so few of them are that, and we have all those
> optimized routines for doing it all on the CPU - but have in the
> meantime wasted all that time and effort into copying everything,
> turning simple buffers into sg-bufs etc etc. The amount of indirection
> and "set this state in the state machine" is just nasty, and this
> seems to all be a prime example of it all. With some of it then
> randomly going through some kthread too.

You're right.  Originally SG lists were used as the majority of
our input came from network packets, in the form of skb's.  They
are easily translated into SG lists.  This is still somewhat the
case for parts of the Crypto API (e.g., skcipher and ahash).

However, for akcipher the only user of the underlying API is the
file in question so I absolutely agree that forcing it to go through
an SG list is just wrong.

I'll change the underlying akcipher interface to take pointers
instead and hide the SG list stuff (along with the copying) inside
API.

In the mean time feel free to take this patch as it appears to be
correct and should keep things chugging along while we work on the
API.

Acked-by: Herbert Xu <herbert at gondor.apana.org.au>

Cheers,
-- 
Email: Herbert Xu <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



More information about the Linux-security-module-archive mailing list