Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[openssl-dev] AF_ALG engine support and kernel versions
305 views
Skip to first unread message
Jeffrey Walton
Mar 17, 2016, 11:39:03 PM3/17/16
to
Hi Everyone,
Looking at the code in engines/afalg/e_afalg.c, there is the following:
...
#define K_MAJ 4
#define K_MIN1 1
#define K_MIN2 0
#if LINUX_VERSION_CODE <= KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)
# warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
# warning "Skipping Compilation of AFALG engine"
#else
...
It appears AF_ALG was added to the kernel at 2.6.38. Asynchronous I/O
support appears to have surfaced in the kernel at 2.5.23.
Where is the requirement for 4.1 coming from?
Also, "Fixing asynchronous I/O, again", dated January 2016
(http://lwn.net/Articles/671649/) could explain why later 4.x kernels
are having problems with the afalgtest.
Jeff
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Looking at the code in engines/afalg/e_afalg.c, there is the following:
...
#define K_MAJ 4
#define K_MIN1 1
#define K_MIN2 0
#if LINUX_VERSION_CODE <= KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)
# warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
# warning "Skipping Compilation of AFALG engine"
#else
...
It appears AF_ALG was added to the kernel at 2.6.38. Asynchronous I/O
support appears to have surfaced in the kernel at 2.5.23.
Where is the requirement for 4.1 coming from?
Also, "Fixing asynchronous I/O, again", dated January 2016
(http://lwn.net/Articles/671649/) could explain why later 4.x kernels
are having problems with the afalgtest.
Jeff
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Jeffrey Walton
Mar 25, 2016, 5:09:31 AM3/25/16
to
> Looking at the code in engines/afalg/e_afalg.c, there is the following:
>
> ...
> #define K_MAJ 4
> #define K_MIN1 1
> #define K_MIN2 0
> #if LINUX_VERSION_CODE <= KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)
> # warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
> # warning "Skipping Compilation of AFALG engine"
> #else
> ...
>
> It appears AF_ALG was added to the kernel at 2.6.38. Asynchronous I/O
> support appears to have surfaced in the kernel at 2.5.23.
>
> Where is the requirement for 4.1 coming from?
>
> Also, "Fixing asynchronous I/O, again", dated January 2016
> (http://lwn.net/Articles/671649/) could explain why later 4.x kernels
> are having problems with the afalgtest.
I think this has to do with the asynchronous cipher support. Its just
>
> ...
> #define K_MAJ 4
> #define K_MIN1 1
> #define K_MIN2 0
> #if LINUX_VERSION_CODE <= KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)
> # warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
> # warning "Skipping Compilation of AFALG engine"
> #else
> ...
>
> It appears AF_ALG was added to the kernel at 2.6.38. Asynchronous I/O
> support appears to have surfaced in the kernel at 2.5.23.
>
> Where is the requirement for 4.1 coming from?
>
> Also, "Fixing asynchronous I/O, again", dated January 2016
> (http://lwn.net/Articles/671649/) could explain why later 4.x kernels
> are having problems with the afalgtest.
a guess because I can't seem to find any information on it. CHANGES
talks about "ASYNC support" between 1.0.2 and 1.1.1, but it does not
discuss AF_ALG.
Its not clear to me were the supporting kernel versions begin or end.
It appears asynchronous cipher stuff is still being cut-in. This
meesage is from two weeks ago: "[PATCH v3] crypto: af_alg - add async
support to algif_aead",
http://marc.info/?l=linux-crypto-vger&m=145772613405482.
Jeffrey Walton
Mar 26, 2016, 2:56:53 PM3/26/16
to
On Thu, Mar 17, 2016 at 11:38 PM, Jeffrey Walton <nolo...@gmail.com> wrote:
> Hi Everyone,
3.19.0-56-generic kernel running on a 5th gen i7 that provides some
async drivers for the ciphers. I've also got a Ubuntu 4.2.0-34-generic
kernel running on an old VIA C7 that does not provide any async
ciphers.
I'm also building out-of-tree crypto kernel modules that have the
latest patches. In this case, the kernel version has nothing to do
with availability of async ciphers.
Does anyone know where the requirement is coming from?
Thanks in advance.
**********
# Newer, Intel 5th gen Core-i7
$ uname -r
3.19.0-56-generic
$ sudo cat /proc/crypto | egrep '^(name|driver|async|$)'
name : crct10dif
driver : crct10dif-pclmul
name : crc32
driver : crc32-pclmul
name : xts(aes)
driver : xts-aes-aesni
async : yes
name : lrw(aes)
driver : lrw-aes-aesni
async : yes
name : __xts-aes-aesni
driver : __driver-xts-aes-aesni
name : __lrw-aes-aesni
driver : __driver-lrw-aes-aesni
name : pcbc(aes)
driver : pcbc-aes-aesni
async : yes
name : rfc4106(gcm(aes))
driver : rfc4106-gcm-aesni
async : yes
name : __gcm-aes-aesni
driver : __driver-gcm-aes-aesni
async : no
name : ctr(aes)
driver : ctr-aes-aesni
async : yes
name : __ctr-aes-aesni
driver : __driver-ctr-aes-aesni
name : cbc(aes)
driver : cbc-aes-aesni
async : yes
name : ecb(aes)
driver : ecb-aes-aesni
async : yes
name : __cbc-aes-aesni
driver : __driver-cbc-aes-aesni
name : __ecb-aes-aesni
driver : __driver-ecb-aes-aesni
name : __aes-aesni
driver : __driver-aes-aesni
name : aes
driver : aes-aesni
name : aes
driver : aes-asm
name : hmac(sha256)
driver : hmac(sha256-generic)
name : hmac(sha1)
driver : hmac(sha1-generic)
name : skein1024
driver : skein
name : skein512
driver : skein
name : skein256
driver : skein
name : stdrng
driver : krng
name : lzo
driver : lzo-generic
name : crct10dif
driver : crct10dif-generic
name : crc32c
driver : crc32c-generic
name : aes
driver : aes-generic
name : sha384
driver : sha384-generic
name : sha512
driver : sha512-generic
name : sha224
driver : sha224-generic
name : sha256
driver : sha256-generic
name : sha1
driver : sha1-generic
name : md5
driver : md5-generic
name : crc32c
driver : crc32c-intel
*****
# Older, VIA C7 machine
$ uname -r
4.2.0-34-generic
$ sudo cat /proc/crypto | egrep '^(name|driver|async|$)'
name : sha256
driver : sha256-padlock
name : sha1
driver : sha1-padlock
name : cbc(aes)
driver : cbc-aes-padlock
name : ecb(aes)
driver : ecb-aes-padlock
name : aes
driver : aes-padlock
name : lzo
driver : lzo-generic
name : crct10dif
driver : crct10dif-generic
name : crc32c
driver : crc32c-generic
name : aes
driver : aes-generic
name : sha384
driver : sha384-generic
name : sha512
driver : sha512-generic
name : sha224
driver : sha224-generic
name : sha256
driver : sha256-generic
name : sha1
driver : sha1-generic
name : md5
driver : md5-generic
via:linux$
> Hi Everyone,
>
> Looking at the code in engines/afalg/e_afalg.c, there is the following:
>
> ...
> #define K_MAJ 4
> #define K_MIN1 1
> #define K_MIN2 0
> #if LINUX_VERSION_CODE <= KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)
> # warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
> # warning "Skipping Compilation of AFALG engine"
> #else
> ...
>
> It appears AF_ALG was added to the kernel at 2.6.38. Asynchronous I/O
> support appears to have surfaced in the kernel at 2.5.23.
>
> Where is the requirement for 4.1 coming from?
This requirement does not look quite right. I've got a Ubuntu
> Looking at the code in engines/afalg/e_afalg.c, there is the following:
>
> ...
> #define K_MAJ 4
> #define K_MIN1 1
> #define K_MIN2 0
> #if LINUX_VERSION_CODE <= KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)
> # warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
> # warning "Skipping Compilation of AFALG engine"
> #else
> ...
>
> It appears AF_ALG was added to the kernel at 2.6.38. Asynchronous I/O
> support appears to have surfaced in the kernel at 2.5.23.
>
> Where is the requirement for 4.1 coming from?
3.19.0-56-generic kernel running on a 5th gen i7 that provides some
async drivers for the ciphers. I've also got a Ubuntu 4.2.0-34-generic
kernel running on an old VIA C7 that does not provide any async
ciphers.
I'm also building out-of-tree crypto kernel modules that have the
latest patches. In this case, the kernel version has nothing to do
with availability of async ciphers.
Does anyone know where the requirement is coming from?
Thanks in advance.
**********
# Newer, Intel 5th gen Core-i7
$ uname -r
3.19.0-56-generic
$ sudo cat /proc/crypto | egrep '^(name|driver|async|$)'
name : crct10dif
driver : crct10dif-pclmul
name : crc32
driver : crc32-pclmul
name : xts(aes)
driver : xts-aes-aesni
async : yes
name : lrw(aes)
driver : lrw-aes-aesni
async : yes
name : __xts-aes-aesni
driver : __driver-xts-aes-aesni
name : __lrw-aes-aesni
driver : __driver-lrw-aes-aesni
name : pcbc(aes)
driver : pcbc-aes-aesni
async : yes
name : rfc4106(gcm(aes))
driver : rfc4106-gcm-aesni
async : yes
name : __gcm-aes-aesni
driver : __driver-gcm-aes-aesni
async : no
name : ctr(aes)
driver : ctr-aes-aesni
async : yes
name : __ctr-aes-aesni
driver : __driver-ctr-aes-aesni
name : cbc(aes)
driver : cbc-aes-aesni
async : yes
name : ecb(aes)
driver : ecb-aes-aesni
async : yes
name : __cbc-aes-aesni
driver : __driver-cbc-aes-aesni
name : __ecb-aes-aesni
driver : __driver-ecb-aes-aesni
name : __aes-aesni
driver : __driver-aes-aesni
name : aes
driver : aes-aesni
name : aes
driver : aes-asm
name : hmac(sha256)
driver : hmac(sha256-generic)
name : hmac(sha1)
driver : hmac(sha1-generic)
name : skein1024
driver : skein
name : skein512
driver : skein
name : skein256
driver : skein
name : stdrng
driver : krng
name : lzo
driver : lzo-generic
name : crct10dif
driver : crct10dif-generic
name : crc32c
driver : crc32c-generic
name : aes
driver : aes-generic
name : sha384
driver : sha384-generic
name : sha512
driver : sha512-generic
name : sha224
driver : sha224-generic
name : sha256
driver : sha256-generic
name : sha1
driver : sha1-generic
name : md5
driver : md5-generic
name : crc32c
driver : crc32c-intel
*****
# Older, VIA C7 machine
$ uname -r
4.2.0-34-generic
$ sudo cat /proc/crypto | egrep '^(name|driver|async|$)'
name : sha256
driver : sha256-padlock
name : sha1
driver : sha1-padlock
name : cbc(aes)
driver : cbc-aes-padlock
name : ecb(aes)
driver : ecb-aes-padlock
name : aes
driver : aes-padlock
name : lzo
driver : lzo-generic
name : crct10dif
driver : crct10dif-generic
name : crc32c
driver : crc32c-generic
name : aes
driver : aes-generic
name : sha384
driver : sha384-generic
name : sha512
driver : sha512-generic
name : sha224
driver : sha224-generic
name : sha256
driver : sha256-generic
name : sha1
driver : sha1-generic
name : md5
driver : md5-generic
via:linux$
Grandi, Andrea
Mar 30, 2016, 8:34:56 AM3/30/16
to
Hi Jeffrey,
I have checked with Tadeusz, which is one of the contributors for AF_alg .
Here is what he said with regard to your question about the version number.
_______
The async operation on a socket has been added with this this commit:
commit 0345f93138b2224e0d7ce91fcffdb3dd23f364d7
Author: tadeus...@intel.com <tadeus...@intel.com>
Date: Thu Mar 19 12:31:25 2015 -0700
net: socket: add support for async operations
Add support for async operations.
Signed-off-by: Tadeusz Struk <tadeus...@intel.com>
Signed-off-by: David S. Miller <da...@davemloft.net>
Before this change it didn't work i.e it was translated to a sync call.
This change has been released in 4.1 kernel.
______
Hope this is useful!!
Andrea
--------------------------------------------------------------
Intel Research and Development Ireland Limited
Registered in Ireland
Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
Registered Number: 308263
This e-mail and any attachments may contain confidential material for the sole
use of the intended recipient(s). Any review or distribution by others is
strictly prohibited. If you are not the intended recipient, please contact the
sender and delete all copies.
I have checked with Tadeusz, which is one of the contributors for AF_alg .
Here is what he said with regard to your question about the version number.
_______
The async operation on a socket has been added with this this commit:
commit 0345f93138b2224e0d7ce91fcffdb3dd23f364d7
Author: tadeus...@intel.com <tadeus...@intel.com>
Date: Thu Mar 19 12:31:25 2015 -0700
net: socket: add support for async operations
Add support for async operations.
Signed-off-by: Tadeusz Struk <tadeus...@intel.com>
Signed-off-by: David S. Miller <da...@davemloft.net>
Before this change it didn't work i.e it was translated to a sync call.
This change has been released in 4.1 kernel.
______
Hope this is useful!!
Andrea
Intel Research and Development Ireland Limited
Registered in Ireland
Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
Registered Number: 308263
This e-mail and any attachments may contain confidential material for the sole
use of the intended recipient(s). Any review or distribution by others is
strictly prohibited. If you are not the intended recipient, please contact the
sender and delete all copies.
0 new messages