Re: [PATCH] crypto: ccm - avoid scatterlist for MAC encryption
From: Johannes Berg
Date: Wed Oct 19 2016 - 11:44:28 EST
On Wed, 2016-10-19 at 11:31 +0800, Herbert Xu wrote:
> On Mon, Oct 17, 2016 at 06:21:14PM +0100, Ard Biesheuvel wrote:
> >
> >
> > Annoyingly, all this complication with scatterlists etc is for
> > doing
> > asynchronous crypto via DMA capable crypto accelerators, and the
> > networking code (ipsec as well as mac80211, afaik) only allow
> > synchronous in the first place, given that they execute in softirq
> > context.
>
> I'm still thinking about the issue (in particular, whether we
> should continue to rely on the request context being SG-capable
> or allow it to be on the stack for AEAD).
:)
> But IPsec definitely supports async crypto.ÂÂIn fact it was the
> very first user of async crypto.
Yeah.
> mac80211 on the other hand is currently sync-only.
We could probably make mac80211 do that too, but can we guarantee in-
order processing? Anyway, it's pretty low priority, maybe never
happening, since hardly anyone really uses "software" crypto, the wifi
devices mostly have it built in anyway.
(One problem is that the skb->cb is already completely full, so we
can't stash away the AAD there)
johannes