On Thu, Dec 10, 2020 at 01:18:12AM +0100, Ard Biesheuvel wrote: > > One thing I realized just now is that in the current situation, all > the synchronous skciphers already degrade like this. > > I.e., in Ben's case, without the special ccm implementation, ccm(aes) > will resolve to ccm(ctr(aesni),cbcmac(aesni)), which is instantiated > as a sync skcipher using the ctr and ccm/cbcmac templates built on top > of the AES-NI cipher (not skcipher). This cipher will also fall back > to suboptimal scalar code if the SIMD is in use in process context. Sure, your patch is not making it any worse. But I don't think the extra code is worth it considering that you're still going to be running into that slow fallback path all the time. Much better to fix the wireless code to actually go async. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
