RE: [PATCH v2] crypto/caam: add backlogging support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Herbert,

> -----Original Message-----
> From: Herbert Xu [mailto:herbert@xxxxxxxxxxxxxxxxxxx]
> Sent: Friday, September 18, 2015 4:50 PM
> To: Porosanu Alexandru-B06830 <alexandru.porosanu@xxxxxxxxxxxxx>
> Cc: linux-crypto@xxxxxxxxxxxxxxx; Geanta Neag Horia Ioan-B05471
> <Horia.Geanta@xxxxxxxxxxxxx>; Pop Mircea-R19439
> <mircea.pop@xxxxxxxxxxxxx>
> Subject: Re: [PATCH v2] crypto/caam: add backlogging support
> 
> On Fri, Sep 18, 2015 at 01:46:50PM +0000, Porosanu Alexandru wrote:
> >
> > Before this patch, for CAAM driver, regardless if a tfm has
> > MAY_BACKLOG set or not, if there are no more slots available in the HW JR,
> the API will return -EBUSY, but the request will _not_ be saved for future
> processing. That's wrong, and as a result, dm-crypt _hangs_ when using
> CAAM offloaded algorithms.
> 
> I understand that the current driver is buggy.  However your fix is broken
> too.  MAY_BACKLOG must be reliable and that means not dropping requests.

MAY_BACKLOG requests will fail once you run out of memory (f.i. backlogging using crypto_queue)
Now, for this patch requests will be dropped if there are no more "backlogging" slots available.
Would limiting the # of tfms w/MAY_BACKLOG associated with the driver to the # of backlogging slots be OK?


> 
> > Now, the proposed patch sets aside a # of HW slots that will be used for
> storing "backloggable" requests. The purpose of this is to ensure that never
> will the JR drop a "backloggable" request, but they will be stored for eventual
> processing (when the HW read pointer reaches the respective slot).
> > More to the point this patch does the following: 1 enqueue is accepted (if
> MAY_BACKLOG is set on the tfm), but the API will return -EBUSY, iff there
> are less than <threshold> slots available in the HW JR.
> > For non-backloggable requests (or when the HW JR is sufficiently empty)
> are treated w/o any change. One observation would be that this change is
> completely transparent to the HW, which works in the same way as before.
> > What I was trying to point out in the caveat above is that a rogue user
> which will keep on enqueing requests, will eventually be denied and the
> requests _will_ be dropped.
> > As a side-observation, for crypto_queues, the limit is the available
> memory, so a bad-behaved user will generate an OOM.
> 
> Yes there is a resource control issue but that should be handled by limiting
> the number of tfms and not an arbitrary limit in the driver.

Let me try and put it another way: for each tfm w/MAY_BACKLOG, the driver will accept a request and will return -EBUSY.
Once there are really no more slots available, yes, requests will get dropped (i.e. -EIO will be returned)

> 
> Cheers,
> --
> Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page:
> http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Thanks,

Alex P.
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux