Re: [Qemu-devel] [virtio-dev] Re: [PATCH v14 0/2] virtio-crypto: virtio

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [virtio-dev] Re: [PATCH v14 0/2] virtio-crypto: virtio

From:	Gonglei (Arei)
Subject:	Re: [Qemu-devel] [virtio-dev] Re: [PATCH v14 0/2] virtio-crypto: virtio crypto device specification
Date:	Tue, 10 Jan 2017 00:40:30 +0000

Hi Michael,

>
> Subject: [virtio-dev] Re: [Qemu-devel] [PATCH v14 0/2] virtio-crypto: virtio
> crypto device specification
> 
> On Wed, Jan 04, 2017 at 01:03:21AM +0000, Gonglei (Arei) wrote:
> > Hi Stefan,
> >
> > >
> > > Subject: Re: [Qemu-devel] [PATCH v14 0/2] virtio-crypto: virtio crypto 
> > > device
> > > specification
> > >
> > > On Mon, Dec 26, 2016 at 02:38:29AM +0000, Gonglei (Arei) wrote:
> > > > Both Alex and Stefan mentioned that the process of create/close a
> session
> > > > makes we have a least one full round-trip cost from guest to host to 
> > > > guest
> > > > to be able to send any data for symmetric algorithms. It gets ourself 
> > > > into
> > > > synchronization troubles in some scenarios like a web server handling 
> > > > lots
> > > > of small requests whose algorithms and keys are different.
> > > >
> > > > Because the virtio crypto specification has not been voted yet and v15 
> > > > is
> on
> > > the way.
> > > > I'd like to make some changes in order to support those scenarios 
> > > > better.
> > > That means
> > > > we will support one-blob request (no sessions) as well for symmetric
> > > > algorithms, including HASH, MAC services. The benefit is obvious for
> > > > HASH service because it's usually a one-blob operation.
> > > >
> > > > The main changes will be:
> > > >  1) using the flag property of struct virtio_crypto_op_header to 
> > > > identify
> the
> > > >     type of crypto request. Aka Is it a session-based or non-session
> > > request?
> > > >     The flag is not used currently, so we can make use of it.
> > > >
> > > >  2) extending virtio_crypto_*_para structures, for example, add the
> content
> > > of
> > > >     struct virtio_crypto_cipher_session_para into struct
> > > virtio_crypto_cipher_para.
> > > >     It's true that will increase the size of each crypto request after 
> > > > this
> > > change.
> > > >
> > > > Does it make sense? Thanks!
> > >
> > > That sounds good.  Hopefully many crypto API users only use a single
> > > operation and can therefore benefit from this optimization.
> > >
> > Thanks for your feedback. I'll start this work.
> >
> > Regards,
> > -Gonglei
> 
> I worry what's going to happen with the virtio driver
> I merged upstream though. Do you plan to make changes
> compatible with it?
> 
Yes, I do. We can support both session based and non-session based
crypto operations then. I use some feature bits to negotiate them between
the device and the driver. Please see the spec of v15:

[PATCH v15 0/2] virtio-crypto: virtio crypto device specification


Regards,
-Gonglei

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH v14 0/2] virtio-crypto: virtio crypto device specification, Stefan Hajnoczi, 2017/01/03
- Re: [Qemu-devel] [PATCH v14 0/2] virtio-crypto: virtio crypto device specification, Gonglei (Arei), 2017/01/03
  - Re: [Qemu-devel] [PATCH v14 0/2] virtio-crypto: virtio crypto device specification, Michael S. Tsirkin, 2017/01/09
    - Re: [Qemu-devel] [virtio-dev] Re: [PATCH v14 0/2] virtio-crypto: virtio crypto device specification, Gonglei (Arei) <=

Prev by Date: Re: [Qemu-devel] [PATCH v3 0/3] add support for mice with extra/side buttons
Next by Date: [Qemu-devel] [Bug 1653063] Re: qemu-system-arm hangs with -icount and -nodefaults
Previous by thread: Re: [Qemu-devel] [PATCH v14 0/2] virtio-crypto: virtio crypto device specification
Next by thread: Re: [Qemu-devel] [PATCH 2/2] hw/net: QOM'ify etraxfs_eth.c
Index(es):
- Date
- Thread