Comments (27)
smuellerDD
commented on July 21, 2024
Very good point. And not trivial to fix. We would need to calculate the tosend variable after the _kcapi_aio_send_iov call. But that call returns the number of bytes the kernel received. Now, that needs to be turned back into the number of IOVECs that were sent. And what happens if some IOVECs were only sent partially?
I need to think about that... Maybe we need to turn the tosend variable from a number-of-IOVECs into a number-of-bytes variable?
from libkcapi.
jic23
commented on July 21, 2024
Agreed it is fiddly to deal with. I hadn't thought about the partial IOVEC option. Will look at the options today and see if I can see a clean way forwards. Obviously you'll probably get there first but I want to know more about how libkcapi internals work anyway so a useful exercise!
from libkcapi.
jic23
commented on July 21, 2024
Hi Stephan, I'd forgotten how much I hate sockets ;)
Anyhow, the only 'small' change that will result in the code at least working is to turning it into a synchronous batch process by adding a while loop at the end of _kcapi_aio_read_iov_fd to check wehave received iovlen using handle->aio.completed_reads. Not nice and really doesn't test things properly as a result.
There are several places where the code is assuming we received what we asked for and it will take a much more invasive patch to rip them all out.
Jonathan
from libkcapi.
smuellerDD
commented on July 21, 2024
Still mulling things over.
But can you please send me a pointer to the code where you think the code assumes an equal amount of data went in that was submitted?
from libkcapi.
jic23
commented on July 21, 2024
Let me spend a few more hours on it and I'll see if I can put together some sort of rough patch. I'm tempted to separate the case of partial iov (just spin on that) and do the case where the iov is missing entirely separately but we'll see how it falls out.
from libkcapi.
jic23
commented on July 21, 2024
Hi Stephan,
The biggest complexity so far has been around the cio structures being a simple linear array and the fact we are reusing them. So we need to keep any left over ones untouched when we do the new io_submit. First time we fail to keep up it is simple as they are at the end of the array and we can leave them there. Second time however they will be in the middle of the array - this means we need to break our io_submit it two - before and after our outstanding cio entries. Right now I'm getting some ENOMEM errors coming out from the reads so trying to track down whether this is driver bug my end or not.
Also when running in aio mode I'm not sure what the purpose of the event interface is except in ensuring there is at least one IOV ready to be handled... For now I've dropped it entirely, for now, as it makes the code easier to keep track of.
Jonathan
from libkcapi.
smuellerDD
commented on July 21, 2024
Am Mittwoch, 29. November 2017, 15:13:31 CET schrieb Jonathan Cameron:
Hi Jonathan,
Hi Stephan,
The biggest complexity so far has been around the cio structures being a
simple linear array and the fact we are reusing them. So we need to keep
any left over ones untouched when we do the new io_submit.
How are you sure that either the entire IOVEC is processed or not? As far as I
see, it could be that a subset of one IOVEC can be processed.
First time we
fail to keep up it is simple as they are at the end of the array and we can
leave them there. Second time however they will be in the middle of the
array - this means we need to break our io_submit it two - before and after
our outstanding cio entries. Right now I'm getting some ENOMEM errors
coming out from the reads so trying to track down whether this is driver
bug my end or not.
Also when running in aio mode I'm not sure what the purpose of the event
interface is except in ensuring there is at least one IOV ready to be
handled... For now I've dropped it entirely, for now, as it makes the code
easier to keep track of.
The event interface is needed to get the notification whether the AIO
operation completes and we can get our data out. Otherwise we would need to
poll. Do you have another solution to the notification?
Ciao
Stephan
from libkcapi.
jic23
commented on July 21, 2024
On Wed, 29 Nov 2017 14:59:16 +0000 smuellerDD ***@***.***> wrote:
Am Mittwoch, 29. November 2017, 15:13:31 CET schrieb Jonathan Cameron:
Hi Jonathan,
> Hi Stephan,
>
> The biggest complexity so far has been around the cio structures being a
> simple linear array and the fact we are reusing them. So we need to keep
> any left over ones untouched when we do the new io_submit.
How are you sure that either the entire IOVEC is processed or not? As far as I
see, it could be that a subset of one IOVEC can be processed.
Agreed this could happen - so far I haven't trapped it actually occurring though
so was leaving that case for now and just taking on the question of whole IOVs
but not all of the ones queued - with my current test we tend to do about 53 out
of 64 before we try to read...
> First time we
> fail to keep up it is simple as they are at the end of the array and we can
> leave them there. Second time however they will be in the middle of the
> array - this means we need to break our io_submit it two - before and after
> our outstanding cio entries. Right now I'm getting some ENOMEM errors
> coming out from the reads so trying to track down whether this is driver
> bug my end or not.
>
> Also when running in aio mode I'm not sure what the purpose of the event
> interface is except in ensuring there is at least one IOV ready to be
> handled... For now I've dropped it entirely, for now, as it makes the code
> easier to keep track of.
The event interface is needed to get the notification whether the AIO
operation completes and we can get our data out. Otherwise we would need to
poll. Do you have another solution to the notification?
I think, if we handle the case of there not being anything there at all,
we can just use io_getevents to tell us how many aio events are done.
Sometimes the answer might be 0 though so for efficiency you'd want to
do the event interface select. Effective the io_getevents is polling if
we run it with a timeout of 0.
Just trying to make debugging easier for now my end rather than suggesting
a major change to how you have done it.
Still chasing the question of why I sometimes get the event return values
as -ENOMEM. Can't fine a cause yet, but doesn't seem to be coming from the
err value in af_alg_async_cb in the kernel so presumably not my driver...
If you've seen this before then any suggestions would be most welcome!
Jonathan
…
Ciao
Stephan
from libkcapi.
smuellerDD
commented on July 21, 2024
Am Mittwoch, 29. November 2017, 16:18:04 CET schrieb Jonathan Cameron:
Hi Jonathan,
On Wed, 29 Nov 2017 14:59:16 +0000
smuellerDD ***@***.***> wrote:
> Am Mittwoch, 29. November 2017, 15:13:31 CET schrieb Jonathan Cameron:
>
> Hi Jonathan,
>
> > Hi Stephan,
> >
> > The biggest complexity so far has been around the cio structures being a
> > simple linear array and the fact we are reusing them. So we need to keep
> > any left over ones untouched when we do the new io_submit.
>
> How are you sure that either the entire IOVEC is processed or not? As far
> as I see, it could be that a subset of one IOVEC can be processed.
Agreed this could happen - so far I haven't trapped it actually occurring
though so was leaving that case for now and just taking on the question of
whole IOVs but not all of the ones queued - with my current test we tend to
do about 53 out of 64 before we try to read...
Ok, I can live with a partial fix for now.
> > First time we
> > fail to keep up it is simple as they are at the end of the array and we
> > can
> > leave them there. Second time however they will be in the middle of the
> > array - this means we need to break our io_submit it two - before and
> > after
> > our outstanding cio entries. Right now I'm getting some ENOMEM errors
> > coming out from the reads so trying to track down whether this is driver
> > bug my end or not.
> >
> > Also when running in aio mode I'm not sure what the purpose of the event
> > interface is except in ensuring there is at least one IOV ready to be
> > handled... For now I've dropped it entirely, for now, as it makes the
> > code
> > easier to keep track of.
>
> The event interface is needed to get the notification whether the AIO
> operation completes and we can get our data out. Otherwise we would need
> to
> poll. Do you have another solution to the notification?
I think, if we handle the case of there not being anything there at all,
we can just use io_getevents to tell us how many aio events are done.
Sometimes the answer might be 0 though so for efficiency you'd want to
do the event interface select. Effective the io_getevents is polling if
we run it with a timeout of 0.
Just trying to make debugging easier for now my end rather than suggesting
a major change to how you have done it.
I am open to any suggestions as the AIO support is not yet fully where I want
it to be.
Still chasing the question of why I sometimes get the event return values
as -ENOMEM. Can't fine a cause yet, but doesn't seem to be coming from the
err value in af_alg_async_cb in the kernel so presumably not my driver...
af_alg_async_cb only catches the error that occurred while the cipher
operation was in progress. As you can see in the code, it does not perform any
operation that can cause errors.
Though, have you applied the patch that just when in: https://git.kernel.org/
pub/scm/linux/kernel/git/herbert/crypto-2.6.git/commit/?
id=7d2c3f54e6f646887d019faa45f35d6fe9fe82ce
If you've seen this before then any suggestions would be most welcome!
Unfortunately I do not have a dedicated hardware that can cause a real AIO
operation. All my AIO operations and tests I work with are ultimately
synchronous. :-(
Ciao
Stephan
from libkcapi.
jic23
commented on July 21, 2024
On Wed, 29 Nov 2017 15:30:12 +0000
smuellerDD <[email protected]> wrote:
Am Mittwoch, 29. November 2017, 16:18:04 CET schrieb Jonathan Cameron:
Hi Jonathan,
> On Wed, 29 Nov 2017 14:59:16 +0000
>
> smuellerDD ***@***.***> wrote:
> > Am Mittwoch, 29. November 2017, 15:13:31 CET schrieb Jonathan Cameron:
> >
> > Hi Jonathan,
> >
> > > Hi Stephan,
> > >
> > > The biggest complexity so far has been around the cio structures being a
> > > simple linear array and the fact we are reusing them. So we need to keep
> > > any left over ones untouched when we do the new io_submit.
> >
> > How are you sure that either the entire IOVEC is processed or not? As far
> > as I see, it could be that a subset of one IOVEC can be processed.
>
> Agreed this could happen - so far I haven't trapped it actually occurring
> though so was leaving that case for now and just taking on the question of
> whole IOVs but not all of the ones queued - with my current test we tend to
> do about 53 out of 64 before we try to read...
Ok, I can live with a partial fix for now.
>
> > > First time we
> > > fail to keep up it is simple as they are at the end of the array and we
> > > can
> > > leave them there. Second time however they will be in the middle of the
> > > array - this means we need to break our io_submit it two - before and
> > > after
> > > our outstanding cio entries. Right now I'm getting some ENOMEM errors
> > > coming out from the reads so trying to track down whether this is driver
> > > bug my end or not.
> > >
> > > Also when running in aio mode I'm not sure what the purpose of the event
> > > interface is except in ensuring there is at least one IOV ready to be
> > > handled... For now I've dropped it entirely, for now, as it makes the
> > > code
> > > easier to keep track of.
> >
> > The event interface is needed to get the notification whether the AIO
> > operation completes and we can get our data out. Otherwise we would need
> > to
> > poll. Do you have another solution to the notification?
>
> I think, if we handle the case of there not being anything there at all,
> we can just use io_getevents to tell us how many aio events are done.
> Sometimes the answer might be 0 though so for efficiency you'd want to
> do the event interface select. Effective the io_getevents is polling if
> we run it with a timeout of 0.
>
> Just trying to make debugging easier for now my end rather than suggesting
> a major change to how you have done it.
I am open to any suggestions as the AIO support is not yet fully where I want
it to be.
>
> Still chasing the question of why I sometimes get the event return values
> as -ENOMEM. Can't fine a cause yet, but doesn't seem to be coming from the
> err value in af_alg_async_cb in the kernel so presumably not my driver...
af_alg_async_cb only catches the error that occurred while the cipher
operation was in progress. As you can see in the code, it does not perform any
operation that can cause errors.
Though, have you applied the patch that just when in: https://git.kernel.org/
pub/scm/linux/kernel/git/herbert/crypto-2.6.git/commit/?
id=7d2c3f54e6f646887d019faa45f35d6fe9fe82ce
Yes, needed that one as there is currently a tasklet in our driver
(I need to look at playing with priorities on a interrupt thread to
see if we can get similar performance).
>
> If you've seen this before then any suggestions would be most welcome!
Unfortunately I do not have a dedicated hardware that can cause a real AIO
operation. All my AIO operations and tests I work with are ultimately
synchronous. :-(
Sadly the hardware we have is integrated with the SoC so can't easily get
you some to play with :(
There is suitable hardware in kernelci (thanks Collabora!) though so with
a bit of luck, once we upstream this driver it should be possible to get
them to run some test cases on a regular basis so we get decent regression
coverage at least in a public forum.
Jonathan
…
Ciao
Stephan
from libkcapi.
jic23
commented on July 21, 2024
Hi Stephan,
This has taken me a lot longer than I hoped due to some local bug chasing and the current result is hideous, but I think we need something along the lines of:
https://github.com/hisilicon/libkcapi/commit/2c63885834e26bf246d0795dbcdcaf48b55c14a9
Right now it doesn't correctly account for the last used element in the ring, but instead does a dodgy search to find the hole. That's obviously stupid but it works. Didn't want to sit on this longer and risk straying into the silly season.
Hopefully I'll get the issue I'm seeing in our driver fixed and get back to tidying this up.
That branch also includes a bodged up version of cryptoperf to allow easy hammering of the aio paths. It just runs 2048 blocks of data for everyone you ask for and effectively resynchronizes at the end of each 2048. This adds some overhead to the timing loop but hopefully not that much. Doing it right is obviously rather harder to code up!
Jonathan
from libkcapi.
smuellerDD
commented on July 21, 2024
Am Dienstag, 12. Dezember 2017, 15:30:09 CET schrieb Jonathan Cameron:
Hi Jonathan,
Hi Stephan,
This has taken me a lot longer than I hoped due to some local bug chasing
and the current result is hideous, but I think we need something along the
lines of:
hisilicon/libkcapi@2c63885
48b55c14a9
That patch seems to contain artefacts.
Whatever, I think I found a soltion that is very lean and yet should cover all
reported aspects. In addition, this solution should allow for future work
where a better AIO support is present.
Let me test it a bit more first before releasing it.
Right now it doesn't correctly account for the last used element in the
ring, but instead does a dodgy search to find the hole. That's obviously
stupid but it works. Didn't want to sit on this longer and risk straying
into the silly season.
Hopefully I'll get the issue I'm seeing in our driver fixed and get back to
tidying this up. That branch also includes a bodged up version of
cryptoperf to allow easy hammering of the aio paths. It just runs 2048
blocks of data for everyone you ask for and effectively resynchronizes at
the end of each 2048. This adds some overhead to the timing loop but
hopefully not that much. Doing it right is obviously rather harder to code
up!
Jonathan
Ciao
Stephan
from libkcapi.
jic23
commented on July 21, 2024
On Wed, 13 Dec 2017 11:39:39 +0000 smuellerDD ***@***.***> wrote:
Am Dienstag, 12. Dezember 2017, 15:30:09 CET schrieb Jonathan Cameron:
Hi Jonathan,
> Hi Stephan,
>
> This has taken me a lot longer than I hoped due to some local bug chasing
> and the current result is hideous, but I think we need something along the
> lines of:
> hisilicon/libkcapi@2c63885
> 48b55c14a9
That patch seems to contain artefacts.
Absolutely - that tree is far from clean. I was just meaning to point you
to the key patch for 'where' the issues lay.
Whatever, I think I found a soltion that is very lean and yet should cover all
reported aspects. In addition, this solution should allow for future work
where a better AIO support is present.
Let me test it a bit more first before releasing it.
Great. Looking forward to playing with it.
Thanks,
Jonathan
… >
> Right now it doesn't correctly account for the last used element in the
> ring, but instead does a dodgy search to find the hole. That's obviously
> stupid but it works. Didn't want to sit on this longer and risk straying
> into the silly season.
>
> Hopefully I'll get the issue I'm seeing in our driver fixed and get back to
> tidying this up. That branch also includes a bodged up version of
> cryptoperf to allow easy hammering of the aio paths. It just runs 2048
> blocks of data for everyone you ask for and effectively resynchronizes at
> the end of each 2048. This adds some overhead to the timing loop but
> hopefully not that much. Doing it right is obviously rather harder to code
> up!
>
> Jonathan
Ciao
Stephan
from libkcapi.
smuellerDD
commented on July 21, 2024
Am Mittwoch, 13. Dezember 2017, 14:37:46 CET schrieb Jonathan Cameron:
Hi Jonathan,
> Whatever, I think I found a soltion that is very lean and yet should cover
> all reported aspects. In addition, this solution should allow for future
> work where a better AIO support is present.
>
> Let me test it a bit more first before releasing it.
Great. Looking forward to playing with it.
Look at the current HEAD.
Ciao
Stephan
from libkcapi.
jic23
commented on July 21, 2024
Hi Stephen,
Sorry for the false message a few minutes ago. A dumb error meant my tests weren't quite what I thought they were. Getting an out of FD error then all sorts of nastiness.
Need to do some debugging - hopefully get back to you later.
Jonathan
from libkcapi.
jic23
commented on July 21, 2024
Hi again Stephan.
A few issues identified.
- You can end up not consuming events because you are calling _kcapi_aio_read_all instead of _kcapi_aio_poll_data in the 'catch up' section at the end of _kcapi_cipher_crypto_aio. This is fine for a single run before closing the socket, but if we are feeding more data you then get too many events. Fix is fairly simple case of using the poll form instead. However be careful to only do it if you actually have anything outstanding.
- You have a buffer overrun as a result of setting iovlen_tmp to iovlen. This is then used to index into arrays that are on KCAPI_AIO_CONCURRENT long.
- Transfer accounting is missing some of the data (this is tied up with the iovlen_tmp issue). If you fix that by setting it to KCAPI_AIO_CONCURRENT then you account for only the last pass of 64 iovs. I thought that would be easy to fix but there are some fiddly corners:
A) Be careful of double accounting if we count after each call to aio_read_iov - this I fixed by adding an AIO_ACCOUNTED to the special return values.
B) Misses the data received in the catch up within _kcapi_aio_read_iov_fd. (I haven't fixed this case)
To my mind we need to make all the read calls return what the successfully read rather than trying to account for it at the end.
https://github.com/hisilicon/libkcapi/tree/aiofixes
I see you've pushed some other patches out in the meantime. Guess you may have fixed this already!
Jonathan
from libkcapi.
jic23
commented on July 21, 2024
Rebased my tree on the changes you pushed - whilst you had tidied up a bit in that area, the issues were still present.
from libkcapi.
smuellerDD
commented on July 21, 2024
Am Donnerstag, 14. Dezember 2017, 13:04:24 CET schrieb Jonathan Cameron:
Hi Jonathan,
Hi Stephan
This seems to work well for me. Thanks. A few notes
* The number of concurrent message we may have in flight is now 64 + (64 -
1) which might unexpectedly run people into socket resource limits. I
played games in the 'hideous' branch to ensure we never had to have the
flush in _kcapi_aio_read_iov_fd by limiting us to a maximum of 64 in
flight. That doesn't really matter from a performance point of view though
as we'll have another 64 items in the queue when we hit this (a point I'd
missed when originally working with this code)
Do you see an issue here?
* Looks like there are some places where we can reduce complexity / cost a
little - such as that flush given we can easily account for how many are
outstanding and wait for them.
Please help me and send patches :-)
* I am still unsure what the use of select is giving us given io_readevents
can act as a blocking read anyway.
Yes, right, I eliminated the code.
Your patch did indeed end up a lot less complex than I had. I was focused
on keeping a steady 64 messages queued and missed that the original code
was intended to allow up to 2*64 -1 in flight at a time. oops ;)
Thanks again. On a side note I now actually have a reliably working driver
(having tracked down my stupid bug) so can actually test things properly!
As discussed, I have none.
Did you have any thoughts on how to do a cyptoperf version for AIO?
As a first round, I have added AIO support -- see kcapi-speed -o. Though it
only covers one IOVEC. If you want to test more IOVECs, send a patch.
The bodge I currently have is hideous - though it does give me some rough
numbers.
Jonathan
Ciao
Stephan
from libkcapi.
smuellerDD
commented on July 21, 2024
Am Donnerstag, 14. Dezember 2017, 16:26:49 CET schrieb Jonathan Cameron:
Hi Jonathan,
Hi again Stephan.
A few issues identified.
1) You can end up not consuming events because you are calling
_kcapi_aio_read_all instead of _kcapi_aio_poll_data in the 'catch up'
section at the end of _kcapi_cipher_crypto_aio. This is fine for a single
run before closing the socket, but if we are feeding more data you then get
too many events. Fix is fairly simple case of using the poll form instead.
However be careful to only do it if you actually have anything outstanding.
2) You have a buffer overrun as a result of setting iovlen_tmp to iovlen.
This is then used to index into arrays that are on KCAPI_AIO_CONCURRENT
long.
Looking at your patch https://github.com/hisilicon/libkcapi/commit/
dbeca4e I am unsure about the replacement of
aio_read_all. As I now eliminated aio_poll_data, I think this change is not
valid any more.
Further, I eliminated iovlen_tmp.
2) Transfer accounting is missing some of the data (this is tied up
with the iovlen_tmp issue). If you fix that by setting it to
KCAPI_AIO_CONCURRENT then you account for only the last pass of 64 iovs. I
thought that would be easy to fix but there are some fiddly corners:
I would think that this is fixed now.
A) Be
careful of double accounting if we count after each call to aio_read_iov -
this I fixed by adding an AIO_ACCOUNTED to the special return values.
B)
Misses the data received in the catch up within _kcapi_aio_read_iov_fd. (I
haven't fixed this case) To my mind we need to make all the read calls
return what the successfully read rather than trying to account for it at
the end. https://github.com/hisilicon/libkcapi/tree/aiofixes
I have considered your patch, but not with AIO_ACCOUNTED but simply with 0.
I see you've pushed some other patches out in the meantime. Guess you may
have fixed this already!
Jonathan
PS: I have seen your AIO speed test just now. But I think we do not need to
duplicate the entire test. Look at my suggestion and let me know.
Ciao
Stephan
from libkcapi.
jic23
commented on July 21, 2024
On Thu, 14 Dec 2017 14:46:16 -0800 smuellerDD ***@***.***> wrote:
Am Donnerstag, 14. Dezember 2017, 16:26:49 CET schrieb Jonathan Cameron:
Hi Jonathan,
> Hi again Stephan.
>
> A few issues identified.
> 1) You can end up not consuming events because you are calling
> _kcapi_aio_read_all instead of _kcapi_aio_poll_data in the 'catch up'
> section at the end of _kcapi_cipher_crypto_aio. This is fine for a single
> run before closing the socket, but if we are feeding more data you then get
> too many events. Fix is fairly simple case of using the poll form instead.
> However be careful to only do it if you actually have anything outstanding.
> 2) You have a buffer overrun as a result of setting iovlen_tmp to iovlen.
> This is then used to index into arrays that are on KCAPI_AIO_CONCURRENT
> long.
Looking at your patch https://github.com/hisilicon/libkcapi/commit/
dbeca4e I am unsure about the replacement of
aio_read_all. As I now eliminated aio_poll_data, I think this change is not
valid any more.
Agreed. With the selects and eventfd gone this no longer matters as we aren't
using that to establish how many iovs we have to read.
Further, I eliminated iovlen_tmp.
Great - I was being lazy on that one :)
> 2) Transfer accounting is missing some of the data (this is tied up
> with the iovlen_tmp issue). If you fix that by setting it to
> KCAPI_AIO_CONCURRENT then you account for only the last pass of 64 iovs. I
> thought that would be easy to fix but there are some fiddly corners:
I would think that this is fixed now.
Seems to be - tests on going.
> A) Be
> careful of double accounting if we count after each call to aio_read_iov -
> this I fixed by adding an AIO_ACCOUNTED to the special return values.
> B)
> Misses the data received in the catch up within _kcapi_aio_read_iov_fd. (I
> haven't fixed this case) To my mind we need to make all the read calls
> return what the successfully read rather than trying to account for it at
> the end. https://github.com/hisilicon/libkcapi/tree/aiofixes
I have considered your patch, but not with AIO_ACCOUNTED but simply with 0.
>
> I see you've pushed some other patches out in the meantime. Guess you may
> have fixed this already!
>
> Jonathan
PS: I have seen your AIO speed test just now. But I think we do not need to
duplicate the entire test. Look at my suggestion and let me know.
For a speed test the issue is that we need to keep the hardware queues busy.
So I'll give a quick description of what we have - keeping to things that can
be easily figured out from the driver.
Taking 1 of our SEC acceleration units.
* 16 hardware queues per instance (there are 2 instances per SoC currently) -
doesn't matter from the point of view of this though does
make it much more likely that we'll get unpredictable data rates as a given
instance has no view of what else is queued up for processing. Just to make life
fun they are also out of order queues so we can have multiple elements in flight
and the completions come back out of order (slightly normally). The reordering
is dealt with in the driver as I think the kernel crypto subsystem assumes inorder
return from drivers.
* A number of processing units fed in a round robin fashion from the hardware queues.
So we can have N separate tasks in flight at a time and they may all come from one queue.
- obviously this is only useful with a given context if we are using an encryption
mode that doesn't require chaining (say xts) - otherwise we have to keep them in order.
So the AIO interface is useful for two things from our point of view.
* Hides latency of getting data from userspace down to the queues (at least it is
hidden from the point of view of throughput).
* Allows us to get multiple (up to 32MB) tasks in flight on the processing units at
a time.
So the current approach you have for the speed test doesn't really get us anywhere
on either of these. Not to mention it wouldn't have shown the various bugs you have
been fixing. We need to have more than 64 iovs in flight to see those.
I agree what I had was heavy handed. I wonder if we can easily bolt it on to your
method. I'll have a play - actually that was easy and I forgot to press send on
this email :)
https://github.com/hisilicon/libkcapi/tree/aioenhancements
(second to last commit - the last one just adds support for my device)
For a fairly random midsized test this gives:
1 at a time : 100%
2 at a time : 167%
3 at a time : 232%
16 at a time: 246%
Ciao
Stephan
Thanks,
Jonathan
from libkcapi.
smuellerDD
commented on July 21, 2024
Am Freitag, 15. Dezember 2017, 12:22:54 CET schrieb Jonathan Cameron:
Hi Jonathan,
I agree what I had was heavy handed. I wonder if we can easily bolt it on to
your method. I'll have a play - actually that was easy and I forgot to
press send on this email :)
https://github.com/hisilicon/libkcapi/tree/aioenhancements
(second to last commit - the last one just adds support for my device)
I have taken your patch, and added some slight fixes to it.
Also, your hisi CBC references are in the code now.
For a fairly random midsized test this gives:
1 at a time : 100%
2 at a time : 167%
3 at a time : 232%
16 at a time: 246%
> Ciao
> Stephan
Thanks,
Jonathan
Ciao
Stephan
from libkcapi.
jic23
commented on July 21, 2024
On Fri, 15 Dec 2017 22:48:00 -0800 smuellerDD ***@***.***> wrote:
Am Freitag, 15. Dezember 2017, 12:22:54 CET schrieb Jonathan Cameron:
Hi Jonathan,
>
> I agree what I had was heavy handed. I wonder if we can easily bolt it on to
> your method. I'll have a play - actually that was easy and I forgot to
> press send on this email :)
>
> https://github.com/hisilicon/libkcapi/tree/aioenhancements
>
> (second to last commit - the last one just adds support for my device)
I have taken your patch, and added some slight fixes to it.
That and implementing it for all the other algorithm types :)
There is a little quirk in accounting though which currently means
the performance appears to go down dramatically as we increase the
o parameter.
The byteperop result needs updating to be multiplied by aio
(when aio non zero) in cp_exec_test.
Fix is trivial but I'll send you a pull on github if you want
to do it that way.
Also, your hisi CBC references are in the code now.
Thanks!
… >
> For a fairly random midsized test this gives:
>
> 1 at a time : 100%
> 2 at a time : 167%
> 3 at a time : 232%
> 16 at a time: 246%
>
> > Ciao
> > Stephan
>
> Thanks,
>
> Jonathan
Ciao
Stephan
from libkcapi.
smuellerDD
commented on July 21, 2024
With the current code, I would think that the issue is solved.
The AIO implementation could receive some more love (e.g. not fail the entire AIO operation if one IOCB fails), but this should be covered by a separate patch set.
from libkcapi.
jic23
commented on July 21, 2024
Agreed, it is working fairly well now but needs some love in the longer term.
Thanks,
Jonathan
From: smuellerDD [mailto:[email protected]]
Sent: 19 December 2017 07:26
To: smuellerDD/libkcapi <[email protected]>
Cc: Jonathan Cameron <[email protected]>; State change <[email protected]>
Subject: Re: [smuellerDD/libkcapi] AIO calculation of remaining elements to send is wrong. (#20)
With the current code, I would think that the issue is solved.
The AIO implementation could receive some more love (e.g. not fail the entire AIO operation if one IOCB fails), but this should be covered by a separate patch set.
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub<#20 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AA-rnlBt-2cZsi-ufz3TNhbkd4yNCfGRks5tB2TzgaJpZM4QrxEF>.
from libkcapi.
jic23
commented on July 21, 2024
On Thu, 14 Dec 2017 14:46:16 -0800 smuellerDD ***@***.***> wrote:
Am Donnerstag, 14. Dezember 2017, 16:26:49 CET schrieb Jonathan Cameron:
Hi Jonathan,
> Hi again Stephan.
>
> A few issues identified.
> 1) You can end up not consuming events because you are calling
> _kcapi_aio_read_all instead of _kcapi_aio_poll_data in the 'catch up'
> section at the end of _kcapi_cipher_crypto_aio. This is fine for a single
> run before closing the socket, but if we are feeding more data you then get
> too many events. Fix is fairly simple case of using the poll form instead.
> However be careful to only do it if you actually have anything outstanding.
> 2) You have a buffer overrun as a result of setting iovlen_tmp to iovlen.
> This is then used to index into arrays that are on KCAPI_AIO_CONCURRENT
> long.
Looking at your patch https://github.com/hisilicon/libkcapi/commit/
dbeca4e I am unsure about the replacement of
aio_read_all. As I now eliminated aio_poll_data, I think this change is not
valid any more.
Agreed. With the selects and eventfd gone this no longer matters as we aren't
using that to establish how many iovs we have to read.
Further, I eliminated iovlen_tmp.
Great - I was being lazy on that one :)
> 2) Transfer accounting is missing some of the data (this is tied up
> with the iovlen_tmp issue). If you fix that by setting it to
> KCAPI_AIO_CONCURRENT then you account for only the last pass of 64 iovs. I
> thought that would be easy to fix but there are some fiddly corners:
I would think that this is fixed now.
Seems to be - tests on going.
> A) Be
> careful of double accounting if we count after each call to aio_read_iov -
> this I fixed by adding an AIO_ACCOUNTED to the special return values.
> B)
> Misses the data received in the catch up within _kcapi_aio_read_iov_fd. (I
> haven't fixed this case) To my mind we need to make all the read calls
> return what the successfully read rather than trying to account for it at
> the end. https://github.com/hisilicon/libkcapi/tree/aiofixes
I have considered your patch, but not with AIO_ACCOUNTED but simply with 0.
>
> I see you've pushed some other patches out in the meantime. Guess you may
> have fixed this already!
>
> Jonathan
PS: I have seen your AIO speed test just now. But I think we do not need to
duplicate the entire test. Look at my suggestion and let me know.
For a speed test the issue is that we need to keep the hardware queues busy.
So I'll give a quick description of what we have - keeping to things that can
be easily figured out from the driver.
Taking 1 of our SEC acceleration units.
* 16 hardware queues per instance (there are 2 instances per SoC currently) -
doesn't matter from the point of view of this though does
make it much more likely that we'll get unpredictable data rates as a given
instance has no view of what else is queued up for processing. Just to make life
fun they are also out of order queues so we can have multiple elements in flight
and the completions come back out of order (slightly normally). The reordering
is dealt with in the driver as I think the kernel crypto subsystem assumes inorder
return from drivers.
* A number of processing units fed in a round robin fashion from the hardware queues.
So we can have N separate tasks in flight at a time and they may all come from one queue.
- obviously this is only useful with a given context if we are using an encryption
mode that doesn't require chaining (say xts) - otherwise we have to keep them in order.
So the AIO interface is useful for two things from our point of view.
* Hides latency of getting data from userspace down to the queues (at least it is
hidden from the point of view of throughput).
* Allows us to get multiple (up to 32MB) tasks in flight on the processing units at
a time.
So the current approach you have for the speed test doesn't really get us anywhere
on either of these. Not to mention it wouldn't have shown the various bugs you have
been fixing. We need to have more than 64 iovs in flight to see those.
I agree what I had was heavy handed. I wonder if we can easily bolt it on to your
method. I'll have a play - actually that was easy and I forgot to press send on
this email :)
https://github.com/hisilicon/libkcapi/tree/aioenhancements
(second to last commit - the last one just adds support for my device)
For a fairly random midsized test this gives:
1 at a time : 100% 228
2 at a time : 167% 382
3 at a time : 232% 531
16 at a time: 560
Ciao
Stephan
Thanks,
Jonathan
from libkcapi.
smuellerDD
commented on July 21, 2024
Am Dienstag, 2. Januar 2018, 15:09:06 CET schrieb Jonathan Cameron:
Hi Jonathan,
This message seems to be identical to the one from December 15 -- or is there
anything different that I should pay specific attention to?
Ciao
Stephan
from libkcapi.
jic23
commented on July 21, 2024
Hi Stephan,
I’m going to guess a mail glitch as I didn’t intentionally send anything!
Sorry about that.
Jonathan
From: smuellerDD [mailto:[email protected]]
Sent: 02 January 2018 14:17
To: smuellerDD/libkcapi <[email protected]>
Cc: Jonathan Cameron <[email protected]>; State change <[email protected]>
Subject: Re: [smuellerDD/libkcapi] AIO calculation of remaining elements to send is wrong. (#20)
Am Dienstag, 2. Januar 2018, 15:09:06 CET schrieb Jonathan Cameron:
Hi Jonathan,
This message seems to be identical to the one from December 15 -- or is there
anything different that I should pay specific attention to?
Ciao
Stephan
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub<#20 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AA-rnm2XeJ-I1Su9-O9HuJ9m1TBvxPw8ks5tGjp1gaJpZM4QrxEF>.
from libkcapi.
Related Issues (20)
- Questions about dividing data into chunks HOT 5
- key size fixed at 32 bytes (need 52 for CAAM related "black" keys) HOT 3
- AEAD gcm(aes) decrypt failure HOT 15
- AF_ALG bind error HOT 1
- Kernel API patches Status HOT 3
- Specify key length for kcapi-enc HOT 2
- How to configure the cross compiler toolchain? HOT 1
- Where does the function `kcapi_md_final` implement ? HOT 1
- 1.4.0: test suite failis with `error: clang frontend command failed with exit code 139` HOT 19
- Is `kcapi_handle` thread-safe? HOT 4
- Does LibkcAPI support CFB1/CFB8? HOT 2
- vmsplice() with SPLICE_F_GIFT should not be used on memory allocated from the heap (ie. calloc) HOT 2
- Hang on read call in _kcapi_common_read_data
- Can't get `kcapi_akcipher_init` with `rsa` working locally HOT 6
- Why SHA2-256 is the only hash crypto primitive for KDF in linux kernel crypto? HOT 7
- speed-tests: Bench of Asymmetric Cryptographic Algorithms HOT 3
- coreutils, etc. symlinks created in $PREFIX/libexec/libkcapi HOT 3
- 1.4.0: sha*hmac binaries has been removed? 🤔 HOT 9
- DRBG CAVP Issue HOT 2
- Unable to build on busy box HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libkcapi.