On Mon, Aug 05, 2013 at 05:25:57PM -0300, Marcelo Cerri wrote: > > My first doubt is regarding which kind of concurrency the Crypto API > allows. For example, can a single `struct crypto_tfm` be used by two > concurrent calls? I'm asking about that because I noticed that for Yes. > blkcipher the only implementation-specific context that can be used is > allocated inside the tfm struct. Both blkcipher and ablkcipher are meant to be fully reentrant. So you must take necessary precautions if your implementation is not reentrant, e.g., by locking. > I'm working to fix some bugs in the NX driver (located in > drivers/crypto/nx), and one issue that we are facing is that NFS when > using Kerberos uses the same tfm with different kthreads. That causes > concurrent accesses to the internal data stored into the context and > incorrect results. > > So my question here is: should this type of concurrency be handled by > the driver or a caller is not allowed to use the same tfm for concurrent > calls? >From what you've said NFS seems to be doing the right thing, so the bug would be in the driver. > My second doubt is regarding the difference between ablkcipher and > blkcipher. I do understand their difference from caller's point of view. > But I'm not sure what are the consequences of implementing a driver > using one or another option. > > For example, can a blkcipher implementation be used asynchronously and > vice versa? In general which model you pick for drivers depend on what your hardware looks like. For example, padlock-aes uses the blkcipher model because the hardware presents itself through a synchronous CPU instruction, while most other drivers use the ablkcipher interface because the underlying hardware completes asynchronously. A blkcipher implementation is always available through both the blkcipher and the ablkcipher interface. While an ablkcipher implementaiton can only be used through the ablkcipher interface. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
