[PATCH v4 6/8] fsverity: improve performance by using multibuffer hashing
Eric Biggers
ebiggers at kernel.org
Wed Jun 5 22:28:01 PDT 2024
On Thu, Jun 06, 2024 at 10:00:05AM +0800, Herbert Xu wrote:
> On Wed, Jun 05, 2024 at 12:14:10PM -0700, Eric Biggers wrote:
> >
> > This would at most apply to AH, not to ESP. Is AH commonly used these days?
>
> No AH is completely useless. However, this applies perfectly to
> ESP, in conjunction with authenc. Obviously we would need to add
> request linking to authenc (AEAD) as well so that it can pass it
> along to sha.
>
> BTW, does any of this interleaving apply to AES? If so we should
> explore adding request linking to skcipher as well.
>
With AES, interleaving would only help with non-parallelizable modes such as CBC
encryption. Anyone who cares about IPsec performance should of course be using
AES-GCM, which is parallelizable. Especially since my other patch
https://lore.kernel.org/linux-crypto/20240602222221.176625-2-ebiggers@kernel.org/
is making AES-GCM twice as fast...
With hashing we unfortunately don't have the luxury of there being widely used
and accepted parallelizable algorithms. In particular, all the SHAs are
serialized. So that's why interleaving makes sense there.
In any case, it seems that what you're asking for at this point is far beyond
the scope of this patchset.
- Eric
More information about the linux-arm-kernel
mailing list