On Thu, Aug 01, 2024 at 05:02:26PM +0100, Jonathan Cameron wrote:
> On Mon, 29 Jul 2024 15:48:00 +0200 Lukas Wunner <lukas@xxxxxxxxx> wrote:
> > Commit 6cb8815f41a9 ("crypto: sig - Add interface for sign/verify")
> > introduced an API which accepts kernel buffers instead of sglists for
> > signature generation and verification.
> >
> > Commit 63ba4d67594a ("KEYS: asymmetric: Use new crypto interface without
> > scatterlists") converted the sole user in the tree to the new API.
> >
> > Although the API externally accepts kernel buffers, internally it still
> > converts them to sglists, which results in overhead for asymmetric
> > algorithms because they need to copy the sglists back into kernel
> > buffers.
> >
> > Take the next step and switch signature verification over to using
> > kernel buffers internally, thereby avoiding the sglists overhead.
> >
> > Because all ->verify implementations are synchronous, forego invocation
> > of crypto_akcipher_sync_{prep,post}() and call crypto_akcipher_verify()
> > directly from crypto_sig_verify().
>
> Rather than passing scatter lists and buffers
> via the same function void akcipher_request_set_crypt()
> why not add a variant that takes buffers for signing cases so
> that you can maintain the scatterlist pointers for the encrypt/decrypt
> cases?
[...]
> Maybe it's worth a 'special' variant.
> static inline void akcipher_request_set_crypt_for_verify()
> so that you can keep the other list typed and not rely
> on overlapping pointer fields via the union.
I need some guidance from Herbert as to which operations he envisages
shall be migrated to kernel buffers.
Perhaps he wants to migrate the encrypt/decrypt operations as well?
The present patch migrates verify and the other ones (sign/encrypt/decrypt)
could be migrated one by one afterwards.
In that case I don't think it makes sense to introduce a new function.
We'd retain the name of the existing function and only change parameters
passed to it.
There is no caller for encrypt/decrypt operations in the tree which
uses sglists:
* The only caller of crypto_akcipher_sync_{en,de}crypt() in the tree is
software_key_eds_op() and uses kernel buffers.
* The only callers of crypto_akcipher_{en,de}crypt() are rsa-pkcs1pad.c
and three crypto hardware drivers which fall back to software RSA for
certain key sizes (aspeed-acry.c, hpre_crypto.c, jh7110-rsa.c).
They could use kernel buffers as well.
Thanks,
Lukas
