ktls / af_ktls

Linux Kernel TLS/DTLS Module
GNU General Public License v2.0
159 stars 25 forks source link

Crypto API scatterwalk copy #58

Open djwatson opened 8 years ago

djwatson commented 8 years ago

The crypto API expects data to be contiguous in memory. This means that even though it supports a scatter/gather buffer interface, under the covers it does a copy to make everything contiguous. This makes sense in some ways: the AESNI routines need data aligned on certain byte boundaries to be most efficient.

For af_ktls however, the header aad data and hash are currently never contiguous. We should either make all the af_ktls data contiguous if possible, or modify the crypto API to accept portions of data that aren't contiguous where it doesn't matter.

Attached was my work in progress diff to modify the crypto API to avoid the copies if possible.

nocopy_crypto.txt

fridex commented 8 years ago

Thank you for the patch. In my opinion it should worth to support both:

djwatson commented 8 years ago

Feedback from netdev1.2:

Should update gcm/aes crypto to support full scatter/gather, and support routines to copy directly to/from userspace. This would make mmap + send() just as fast as sendfile, while supporting more applications