Re: [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption

[PATCH v7 0/9] Inline Encryption Support · Satya Tangirala <hidden> · 2020-02-21
[PATCH v7 1/9] block: Keyslot Manager for Inline Encryption · Satya Tangirala <hidden> · 2020-02-21
Re: [PATCH v7 1/9] block: Keyslot Manager for Inline Encryption · Christoph Hellwig <hch@infradead.org> · 2020-02-21
Re: [PATCH v7 1/9] block: Keyslot Manager for Inline Encryption · Christoph Hellwig <hch@infradead.org> · 2020-02-21
Re: [PATCH v7 1/9] block: Keyslot Manager for Inline Encryption · Eric Biggers <ebiggers@kernel.org> · 2020-02-27
Re: [PATCH v7 1/9] block: Keyslot Manager for Inline Encryption · Satya Tangirala <hidden> · 2020-02-27
Re: [PATCH v7 1/9] block: Keyslot Manager for Inline Encryption · Christoph Hellwig <hch@infradead.org> · 2020-03-05
Re: [PATCH v7 1/9] block: Keyslot Manager for Inline Encryption · Eric Biggers <ebiggers@kernel.org> · 2020-02-27
[PATCH v7 2/9] block: Inline encryption support for blk-mq · Satya Tangirala <hidden> · 2020-02-21
Re: [PATCH v7 2/9] block: Inline encryption support for blk-mq · Christoph Hellwig <hch@infradead.org> · 2020-02-21
Re: [PATCH v7 2/9] block: Inline encryption support for blk-mq · Satya Tangirala <hidden> · 2020-02-22
Re: [PATCH v7 2/9] block: Inline encryption support for blk-mq · Christoph Hellwig <hch@infradead.org> · 2020-02-24
Re: [PATCH v7 2/9] block: Inline encryption support for blk-mq · Eric Biggers <ebiggers@kernel.org> · 2020-02-27
[PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption · Satya Tangirala <hidden> · 2020-02-21
Re: [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption · Randy Dunlap <hidden> · 2020-02-21
Re: [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption · Christoph Hellwig <hch@infradead.org> · 2020-02-21
Re: [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption · Christoph Hellwig <hch@infradead.org> · 2020-02-21
Re: [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption · Eric Biggers <ebiggers@kernel.org> · 2020-02-21
Re: [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption · Christoph Hellwig <hch@infradead.org> · 2020-02-24
Re: [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption · Eric Biggers <ebiggers@kernel.org> · 2020-02-27
[PATCH v7 4/9] scsi: ufs: UFS driver v2.1 spec crypto additions · Satya Tangirala <hidden> · 2020-02-21
[PATCH v7 7/9] fscrypt: add inline encryption support · Satya Tangirala <hidden> · 2020-02-21
Re: [PATCH v7 7/9] fscrypt: add inline encryption support · Eric Biggers <ebiggers@kernel.org> · 2020-02-21
Re: [PATCH v7 7/9] fscrypt: add inline encryption support · Eric Biggers <ebiggers@kernel.org> · 2020-02-22
Re: [PATCH v7 7/9] fscrypt: add inline encryption support · Eric Biggers <ebiggers@kernel.org> · 2020-02-26
[PATCH v7 8/9] f2fs: add inline encryption support · Satya Tangirala <hidden> · 2020-02-21
[PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS · Satya Tangirala <hidden> · 2020-02-21
Re: [PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS · Christoph Hellwig <hch@infradead.org> · 2020-02-21
Re: [PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS · Eric Biggers <ebiggers@kernel.org> · 2020-02-21
Re: [PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS · Stanley Chu <hidden> · 2020-02-23
Re: [PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS · Christoph Hellwig <hch@infradead.org> · 2020-02-24
Re: [PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS · Stanley Chu <hidden> · 2020-02-25
Re: [PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS · Eric Biggers <ebiggers@kernel.org> · 2020-02-26
Re: [PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS · Stanley Chu <hidden> · 2020-02-26
Re: [PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS · Stanley Chu <hidden> · 2020-03-02
[PATCH v7 9/9] ext4: add inline encryption support · Satya Tangirala <hidden> · 2020-02-21
Re: [PATCH v7 9/9] ext4: add inline encryption support · Eric Biggers <ebiggers@kernel.org> · 2020-02-22
[PATCH v7 5/9] scsi: ufs: UFS crypto API · Satya Tangirala <hidden> · 2020-02-21
Re: [PATCH v7 5/9] scsi: ufs: UFS crypto API · Eric Biggers <ebiggers@kernel.org> · 2020-02-22
Re: [PATCH v7 0/9] Inline Encryption Support · Eric Biggers <ebiggers@kernel.org> · 2020-02-21

From: Eric Biggers <ebiggers@kernel.org>
Date: 2020-02-21 18:34:41
Also in: linux-ext4, linux-f2fs-devel, linux-fscrypt, linux-fsdevel, linux-scsi

On Fri, Feb 21, 2020 at 09:35:39AM -0800, Christoph Hellwig wrote:

High-level question:  Does the whole keyslot manager concept even make
sense for the fallback?  With the work-queue we have item that exectutes
at a time per cpu.  So just allocatea per-cpu crypto_skcipher for
each encryption mode and there should never be a slot limitation.  Or
do I miss something?

It does make sense because if blk-crypto-fallback didn't use a keyslot manager,
it would have to call crypto_skcipher_setkey() on the I/O path for every bio to
ensure that the CPU's crypto_skcipher has the correct key.  That's undesirable,
because setting a new key can be expensive with some encryption algorithms, and
also it can require a memory allocation which can fail.  For example, with the
Adiantum algorithm, setting a key requires encrypting ~1100 bytes of data in
order to generate subkeys.  It's better to set a key once and use it many times.

Making blk-crypto-fallback use the keyslot manager also allows the keyslot
manager to be tested by routine filesystem regression testing, e.g.
'gce-xfstests -c ext4/encrypt -g auto -m inlinecrypt'.

- Eric

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help