Re: [PATCH v2] fscrypt: log the crypto algorithm implementations

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, May 18, 2018 at 10:58:14AM -0700, Eric Biggers wrote:
> Log the crypto algorithm driver name for each fscrypt encryption mode on
> its first use, also showing a friendly name for the mode.
> 
> This will help people determine whether the expected implementations are
> being used.  In some cases we've seen people do benchmarks and reject
> using encryption for performance reasons, when in fact they used a much
> slower implementation of AES-XTS than was possible on the hardware.  It
> can make an enormous difference; e.g., AES-XTS on ARM is about 10x
> faster with the crypto extensions (AES instructions) than without.
> 
> This also makes it more obvious which modes are being used, now that
> fscrypt supports multiple combinations of modes.
> 
> Example messages (with default modes, on x86_64):
> 
> [   35.492057] fscrypt: AES-256-CTS-CBC using implementation "cts(cbc-aes-aesni)"
> [   35.492171] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
> 
> Note: algorithms can be dynamically added to the crypto API, which can
> result in different implementations being used at different times.  But
> this is rare; for most users, showing the first will be good enough.
> 
> Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>

Applied, thanks.

					- Ted



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux