[PATCH v3 6/8] fsverity: improve performance by using multibuffer hashing
Herbert Xu
herbert at gondor.apana.org.au
Thu May 30 21:50:20 PDT 2024
Eric Biggers <ebiggers at kernel.org> wrote:
>
> + if (multibuffer) {
> + if (ctx->pending_data) {
> + /* Hash and verify two data blocks. */
> + err = fsverity_hash_2_blocks(params,
> + inode,
> + ctx->pending_data,
> + data,
> + ctx->hash1,
> + ctx->hash2);
> + kunmap_local(data);
> + kunmap_local(ctx->pending_data);
> + ctx->pending_data = NULL;
> + if (err != 0 ||
> + !verify_data_block(inode, vi, ctx->hash1,
> + ctx->pending_pos,
> + ctx->max_ra_pages) ||
> + !verify_data_block(inode, vi, ctx->hash2,
> + pos, ctx->max_ra_pages))
> + return false;
> + } else {
> + /* Wait and see if there's another block. */
> + ctx->pending_data = data;
> + ctx->pending_pos = pos;
> + }
> + } else {
> + /* Hash and verify one data block. */
> + err = fsverity_hash_block(params, inode, data,
> + ctx->hash1);
> + kunmap_local(data);
> + if (err != 0 ||
> + !verify_data_block(inode, vi, ctx->hash1,
> + pos, ctx->max_ra_pages))
> + return false;
> + }
> + pos += block_size;
I think this complexity is gross. Look at how we did GSO in
networking. There should be a unified code-path for aggregated
data and simple data, not an aggregated path versus a simple path.
I think ultimately it stems from the fact that this code went from
ahash to shash. What were the issues back then? If it's just vmalloc
we should fix ahash to support that, rather than making users of the
Crypto API go through contortions like this.
Cheers,
--
Email: Herbert Xu <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the linux-arm-kernel
mailing list