The AF_ALG socket family is the userspace interface for linux
crypto API, users can use it to access hardware accelerators.
This patchset adds a afalg-backend for qemu crypto subsystem. Currently
when performs encrypt/decrypt, we'll try afalg-backend first and will
back to libiary-backend if it failed.
In the next step, It would support a command parameter to specifies
which backends prefer to and some other improvements.
I measured the performance about the afalg-backend impls, I tested
how many data could be encrypted in 5 seconds.
NOTE: If we use specific hardware crypto cards, I think afalg-backend
would even faster.
test-environment: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
*sha256*
chunk_size(bytes) MB/sec(afalg:sha256-ssse3) MB/sec(nettle)
512 93.03 185.87
1024 146.32 201.78
2048 213.32 210.93
4096 275.48 215.26
8192 321.77 217.49
16384 349.60 219.26
32768 363.59 219.73
65536 375.79 219.99
*hmac(sha256)*
chunk_size(bytes) MB/sec(afalg:sha256-ssse3) MB/sec(nettle)
512 71.26 165.55
1024 117.43 189.15
2048 180.96 203.24
4096 247.60 211.38
8192 301.99 215.65
16384 340.79 218.22
32768 365.51 219.49
65536 377.92 220.24
*cbc(aes128)*
chunk_size(bytes) MB/sec(afalg:cbc-aes-aesni) MB/sec(nettle)
512 371.76 188.41
1024 559.86 189.64
2048 768.66 192.11
4096 939.15 192.40
8192 1029.48 192.49
16384 1072.79 190.52
32768 1109.38 190.41
65536 1102.38 190.40
---
Changes since v3:
- add "Reviewed-by: Daniel P. Berrange <berrange@redhat.com>" in
commit messages of PATCH 1/2/3/4/5/7/8/9/10/11.
- PATCH 12: use strlen() instead of qemu_strnlen() in qcrypto_afalg_build_saddr(). [Daniel]
- PATCH 12: rather than indenting the entire method, just return immediately
if afalg=NULL. [Daniel]
- PATCH 13: use g_strdup_printf() instead of g_new0+snprintf() and remove
redundant bounds check in qcrypto_afalg_cipher_format_name(). [Daniel]
- PATCH 13: s/except_niv/expect_niv s/origin_contorllen/origin_controllen. [Daniel]
- PATCH 13: use '%zu' to print 'size_t' in qcrypto_afalg_cipher_setiv(). [Daniel]
- PATCH 13: remove qcrypto_cipher_using_afalg_drv(). [Daniel]
- PATCH 13: refactor the qcrypto_cipher_new() as Daniel's suggestion. [Daniel]
- PATCH 13: correct the ->cmsg initialization int qcrypto_afalg_cipher_ctx_new() to
avoid different behaviour in test_cipher_null_iv(). [Daniel]
- PATCH 14: use g_strdup_printf() instead of g_new0+snprintf() and remove
edundant bounds check in qcrypto_afalg_hash_format_name(). [Daniel]
- PATCH 14: s/except_len/expect_len. [Daniel]
- PATCH 14: free 'errp' if afalg_driver.hash_bytesv() failed. [Daniel]
- PATCH 14: maybe some afalg errors should be treated as fatal, but we
have no idea yet, so add a "TODO" comment.
- PATCH 15: refactor the qcrypto_hmac_new() as Daniel's suggestion. [Daniel]
Changes since v2:
- init sockaddr_alg object when it's defined. [Gonglei]
- fix some superfluous initialization. [Gonglei]
- s/opeartion/operation/g in crypto/afalgpriv.h. [Gonglei]
- check 'niv' in qcrypto_afalg_cipher_setiv. [Gonglei]
Changes since v1:
- use "make check-speed" to testing the performance. [Daniel]
- put private definations into crypto/***priv.h. [Daniel]
- remove afalg socket from qapi-schema, put them into crypto/. [Daniel]
- some Error report change. [Daniel]
- s/QCryptoAfalg/QCryptoAFAlg. [Daniel]
- use snprintf with bounds checking instead of sprintf. [Daniel]
- use "qcrypto_afalg_" prefix and "qcrypto_nettle(gcrypt,glib,builtin)_" prefix. [Daniel]
- add testing results in cover-letter. [Gonglei]
---
Longpeng(Mike) (18):
crypto: cipher: introduce context free function
crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend
crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend
crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend
crypto: cipher: add cipher driver framework
crypto: hash: add hash driver framework
crypto: hmac: move crypto/hmac.h into include/crypto/
crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend
crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend
crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend
crypto: hmac: add hmac driver framework
crypto: introduce some common functions for af_alg backend
crypto: cipher: add afalg-backend cipher support
crypto: hash: add afalg-backend hash support
crypto: hmac: add af_alg hmac support
tests: crypto: add cipher speed benchmark support
tests: crypto: add hash speed benchmark support
tests: crypto: add hmac speed benchmark support
configure | 22 ++++
crypto/Makefile.objs | 3 +
crypto/afalg.c | 118 +++++++++++++++++++++
crypto/afalgpriv.h | 65 ++++++++++++
crypto/cipher-afalg.c | 223 ++++++++++++++++++++++++++++++++++++++++
crypto/cipher-builtin.c | 125 +++++++++++-----------
crypto/cipher-gcrypt.c | 105 ++++++++++---------
crypto/cipher-nettle.c | 84 ++++++++-------
crypto/cipher.c | 80 ++++++++++++++
crypto/cipherpriv.h | 56 ++++++++++
crypto/hash-afalg.c | 217 ++++++++++++++++++++++++++++++++++++++
crypto/hash-gcrypt.c | 19 ++--
crypto/hash-glib.c | 19 ++--
crypto/hash-nettle.c | 19 ++--
crypto/hash.c | 30 ++++++
crypto/hashpriv.h | 39 +++++++
crypto/hmac-gcrypt.c | 42 ++++----
crypto/hmac-glib.c | 63 ++++++------
crypto/hmac-nettle.c | 42 ++++----
crypto/hmac.c | 58 +++++++++++
crypto/hmac.h | 166 ------------------------------
crypto/hmacpriv.h | 48 +++++++++
include/crypto/cipher.h | 1 +
include/crypto/hmac.h | 167 ++++++++++++++++++++++++++++++
tests/Makefile.include | 13 ++-
tests/benchmark-crypto-cipher.c | 88 ++++++++++++++++
tests/benchmark-crypto-hash.c | 67 ++++++++++++
tests/benchmark-crypto-hmac.c | 94 +++++++++++++++++
28 files changed, 1662 insertions(+), 411 deletions(-)
create mode 100644 crypto/afalg.c
create mode 100644 crypto/afalgpriv.h
create mode 100644 crypto/cipher-afalg.c
create mode 100644 crypto/cipherpriv.h
create mode 100644 crypto/hash-afalg.c
create mode 100644 crypto/hashpriv.h
delete mode 100644 crypto/hmac.h
create mode 100644 crypto/hmacpriv.h
create mode 100644 include/crypto/hmac.h
create mode 100644 tests/benchmark-crypto-cipher.c
create mode 100644 tests/benchmark-crypto-hash.c
create mode 100644 tests/benchmark-crypto-hmac.c
--
1.8.3.1