[Top] [All Lists]

Re: [RFC] Replace scatterlist with crypto_frag

To: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [RFC] Replace scatterlist with crypto_frag
From: Evgeniy Polyakov <johnpol@xxxxxxxxxxx>
Date: Sat, 4 Jun 2005 13:55:35 +0400
Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>, James Morris <jmorris@xxxxxxxxxx>, Linux Crypto Mailing List <linux-crypto@xxxxxxxxxxxxxxx>, netdev@xxxxxxxxxxx
In-reply-to: <20050603234623.GA20088@xxxxxxxxxxxxxxxxxxx>
Organization: MIPT
References: <20050603234623.GA20088@xxxxxxxxxxxxxxxxxxx>
Reply-to: johnpol@xxxxxxxxxxx
Sender: netdev-bounce@xxxxxxxxxxx
On Sat, 4 Jun 2005 09:46:23 +1000
Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:

> Hi:
> I was looking at how we can move the IPsec input/output processing out
> of the critical section protected by the spin locks on the xfrm_state.
> This is useful because it would allow concurrent processing of IPsec
> packets for the same SA.  It is also necessary if we're ever going to
> add support for asynchronous crypto to IPsec.

Asynchronous schemas already works without any changes to scaterlist 
processing code. And you can not easily move away of SA lock due to
synchronous problems with the same tfm.
Existing asynchronous schemas do not use any shared object in SA,
only skb.

> The first requirement for this is that we need to stop using data that
> is shared across a single SA in the IPsec input/output routines.  The
> biggest hurdle there as it stands is sgbuf in esp_data.  This was
> introduced to reduce stack usage in esp_input/esp_output as sgbuf
> would consume up to 64 bytes of space.

No need to have it at all, I think.

> Cheers,
> -- 
> Visit Openswan at
> Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page:
> PGP Key:
> -
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at

        Evgeniy Polyakov

Only failure makes us experts. -- Theo de Raadt

<Prev in Thread] Current Thread [Next in Thread>