On Fri, Jun 03, 2016 at 04:15:28PM +0800, Baolin Wang wrote: > > Suppose the cbc(aes) algorithm, which can not be handled through bulk > interface, it need to map the data sector by sector. > If we also handle the cbc(aes) algorithm with bulk interface, we need > to divide the sg table into sectors and need to allocate request > memory for each divided sectors (As Mike pointed out this is in the > IO mapping > path and we try to avoid memory allocations at all costs -- due to the > risk of deadlock when issuing IO to stacked block devices (dm-crypt > could be part of a much more elaborate IO stack). ), that will > introduce more messy things I think. Perhaps I'm not making myself very clear. If you move the IV generation into the crypto API, those crypto API algorithms will be operating at the sector level. For example, assuming you're doing lmk, then the algorithm would be called lmk(cbc(aes)) and it will take as its input one or more sectors and for each sector it should generate an IV and operate on it. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html