On Fri, Jul 14, 2017 at 02:03:53PM -0400, longpeng.m...@gmail.com wrote: > From: "Longpeng(Mike)" <longpe...@huawei.com> > > The AF_ALG socket family is the userspace interface for linux > crypto API, users can use it to access hardware accelerators. > > This patchset adds a afalg-backend for qemu crypto subsystem. QEMU > would try to use afalg-backend first if configures '--enable-crypto > -afalg' and hostos support AF_ALG. > > I measured the performance about the afalg-backend impls, I tested > how many data could be encrypted in 5 seconds. > > NOTE: In some scenarios library-backend using CPU insns for crypto > would be faster. > > test-environment: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz > > *sha256* > chunk_size(bytes) MB/sec(afalg:sha256-ssse3) MB/sec(nettle) > 512 93.03 185.87 > 1024 146.32 201.78 > 2048 213.32 210.93 > 4096 275.48 215.26 > 8192 321.77 217.49 > 16384 349.60 219.26 > 32768 363.59 219.73 > 65536 375.79 219.99 > > *hmac(sha256)* > chunk_size(bytes) MB/sec(afalg:sha256-ssse3) MB/sec(nettle) > 512 71.26 165.55 > 1024 117.43 189.15 > 2048 180.96 203.24 > 4096 247.60 211.38 > 8192 301.99 215.65 > 16384 340.79 218.22 > 32768 365.51 219.49 > 65536 377.92 220.24 > > *cbc(aes128)* > chunk_size(bytes) MB/sec(afalg:cbc-aes-aesni) MB/sec(nettle) > 512 371.76 188.41 > 1024 559.86 189.64 > 2048 768.66 192.11 > 4096 939.15 192.40 > 8192 1029.48 192.49 > 16384 1072.79 190.52 > 32768 1109.38 190.41 > 65536 1102.38 190.40 > > --- > Changes since v5: > - use afalg-backend first only when configured with > '--enable-crypto-afalg' and AF_ALG is supportted. > [Daniel] > > Changes since v4: > - remove 'name' field in 'struct CryptoAFAlg'. [Daniel] > - add error handling for read() returning less than requested. [Daniel] > - use iov_send_recv to recv msg in hash-afalg.c. [Daniel] > - refactor hmac benchmark as suggestion. [Daniel] > > Changes since v3: > - add "Reviewed-by: Daniel P. Berrange <address@hidden>" in > commit messages of PATCH 1/2/3/4/5/7/8/9/10/11. > - PATCH 12: use strlen() instead of qemu_strnlen() in > qcrypto_afalg_build_saddr(). [Daniel] > - PATCH 12: rather than indenting the entire method, just return > immediately > if afalg=NULL. [Daniel] > - PATCH 13: use g_strdup_printf() instead of g_new0+snprintf() and remove > redundant bounds check in qcrypto_afalg_cipher_format_name(). > [Daniel] > - PATCH 13: s/except_niv/expect_niv > s/origin_contorllen/origin_controllen. > [Daniel] > - PATCH 13: use '%zu' to print 'size_t' in qcrypto_afalg_cipher_setiv(). > [Daniel] > - PATCH 13: remove qcrypto_cipher_using_afalg_drv(). [Daniel] > - PATCH 13: refactor the qcrypto_cipher_new() as Daniel's suggestion. > [Daniel] > - PATCH 13: correct the ->cmsg initialization int > qcrypto_afalg_cipher_ctx_new() to > avoid different behaviour in test_cipher_null_iv(). [Daniel] > - PATCH 14: use g_strdup_printf() instead of g_new0+snprintf() and remove > edundant bounds check in qcrypto_afalg_hash_format_name(). > [Daniel] > - PATCH 14: s/except_len/expect_len. [Daniel] > - PATCH 14: free 'errp' if afalg_driver.hash_bytesv() failed. [Daniel] > - PATCH 14: maybe some afalg errors should be treated as fatal, but we > have no idea yet, so add a "TODO" comment. > - PATCH 15: refactor the qcrypto_hmac_new() as Daniel's suggestion. > [Daniel] > > Changes since v2: > - init sockaddr_alg object when it's defined. [Gonglei] > - fix some superfluous initialization. [Gonglei] > - s/opeartion/operation/g in crypto/afalgpriv.h. [Gonglei] > - check 'niv' in qcrypto_afalg_cipher_setiv. [Gonglei] > > Changes since v1: > - use "make check-speed" to testing the performance. [Daniel] > - put private definations into crypto/***priv.h. [Daniel] > - remove afalg socket from qapi-schema, put them into crypto/. [Daniel] > - some Error report change. [Daniel] > - s/QCryptoAfalg/QCryptoAFAlg. [Daniel] > - use snprintf with bounds checking instead of sprintf. [Daniel] > - use "qcrypto_afalg_" prefix and "qcrypto_nettle(gcrypt,glib,builtin)_" > prefix. [Daniel] > - add testing results in cover-letter. [Gonglei] > > --- > Longpeng(Mike) (18): > crypto: cipher: introduce context free function > crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend > crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend > crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend > crypto: cipher: add cipher driver framework > crypto: hash: add hash driver framework > crypto: hmac: move crypto/hmac.h into include/crypto/ > crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend > crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend > crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend > crypto: hmac: add hmac driver framework > crypto: introduce some common functions for af_alg backend > crypto: cipher: add afalg-backend cipher support > crypto: hash: add afalg-backend hash support > crypto: hmac: add af_alg-backend hmac support > tests: crypto: add cipher speed benchmark support > tests: crypto: add hash speed benchmark support > tests: crypto: add hmac speed benchmark support > > configure | 30 ++++++ > crypto/Makefile.objs | 3 + > crypto/afalg.c | 116 +++++++++++++++++++++ > crypto/afalgpriv.h | 64 ++++++++++++ > crypto/cipher-afalg.c | 226 > ++++++++++++++++++++++++++++++++++++++++ > crypto/cipher-builtin.c | 125 +++++++++++----------- > crypto/cipher-gcrypt.c | 105 ++++++++++--------- > crypto/cipher-nettle.c | 84 ++++++++------- > crypto/cipher.c | 80 ++++++++++++++ > crypto/cipherpriv.h | 56 ++++++++++ > crypto/hash-afalg.c | 214 +++++++++++++++++++++++++++++++++++++ > crypto/hash-gcrypt.c | 19 ++-- > crypto/hash-glib.c | 19 ++-- > crypto/hash-nettle.c | 19 ++-- > crypto/hash.c | 30 ++++++ > crypto/hashpriv.h | 39 +++++++ > crypto/hmac-gcrypt.c | 42 ++++---- > crypto/hmac-glib.c | 63 ++++++----- > crypto/hmac-nettle.c | 42 ++++---- > crypto/hmac.c | 58 +++++++++++ > crypto/hmac.h | 166 ----------------------------- > crypto/hmacpriv.h | 48 +++++++++ > include/crypto/cipher.h | 1 + > include/crypto/hmac.h | 167 +++++++++++++++++++++++++++++ > tests/Makefile.include | 13 ++- > tests/benchmark-crypto-cipher.c | 88 ++++++++++++++++ > tests/benchmark-crypto-hash.c | 67 ++++++++++++ > tests/benchmark-crypto-hmac.c | 82 +++++++++++++++ > 28 files changed, 1655 insertions(+), 411 deletions(-) > create mode 100644 crypto/afalg.c > create mode 100644 crypto/afalgpriv.h > create mode 100644 crypto/cipher-afalg.c > create mode 100644 crypto/cipherpriv.h > create mode 100644 crypto/hash-afalg.c > create mode 100644 crypto/hashpriv.h > delete mode 100644 crypto/hmac.h > create mode 100644 crypto/hmacpriv.h > create mode 100644 include/crypto/hmac.h > create mode 100644 tests/benchmark-crypto-cipher.c > create mode 100644 tests/benchmark-crypto-hash.c > create mode 100644 tests/benchmark-crypto-hmac.c
Queued for merge. Thanks for your contribution to QEMU Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
