Re: [PATCH 2/2] qapi/crypto: support enable encryption/decryption in par

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/2] qapi/crypto: support enable encryption/decryption in par

From:	Daniel P . Berrangé
Subject:	Re: [PATCH 2/2] qapi/crypto: support enable encryption/decryption in parallel
Date:	Fri, 17 Jan 2025 13:04:37 +0000
User-agent:	Mutt/2.2.13 (2024-03-09)

On Thu, Nov 28, 2024 at 06:51:22PM +0800, tugy@chinatelecom.cn wrote:
> From: Guoyi Tu <tugy@chinatelecom.cn>
> 
> add encrypt-in-parallel option to enable encryption/decryption
> in parallel
> 
> Signed-off-by: Guoyi Tu <tugy@chinatelecom.cn>
> ---
>  block/crypto.c       | 8 ++++++++
>  block/crypto.h       | 9 +++++++++
>  qapi/block-core.json | 6 +++++-
>  qapi/crypto.json     | 6 +++++-
>  4 files changed, 27 insertions(+), 2 deletions(-)
> 
> diff --git a/block/crypto.c b/block/crypto.c
> index c085f331ce..b02400fb26 100644
> --- a/block/crypto.c
> +++ b/block/crypto.c
> @@ -212,6 +212,7 @@ static QemuOptsList block_crypto_runtime_opts_luks = {
>      .head = QTAILQ_HEAD_INITIALIZER(block_crypto_runtime_opts_luks.head),
>      .desc = {
>          BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""),
> +        BLOCK_CRYPTO_OPT_DEF_LUKS_ENCRYPT_IN_PARALLEL(""),
>          { /* end of list */ }
>      },
>  };
> @@ -347,6 +348,13 @@ static int block_crypto_open_generic(QCryptoBlockFormat 
> format,
>      }
>  
>      cryptoopts = qemu_opts_to_qdict(opts, NULL);
> +
> +    if (!g_strcmp0(qdict_get_try_str(cryptoopts,
> +                   BLOCK_CRYPTO_OPT_LUKS_ENCRYPT_IN_PARALLEL), "on") ||
> +        qdict_get_try_bool(cryptoopts,
> +                           BLOCK_CRYPTO_OPT_LUKS_ENCRYPT_IN_PARALLEL, 
> false)) {
> +        crypto->encrypt_in_parallel = true;
> +    }
>      qdict_put_str(cryptoopts, "format", QCryptoBlockFormat_str(format));
>  
>      open_opts = block_crypto_open_opts_init(cryptoopts, errp);
> diff --git a/block/crypto.h b/block/crypto.h
> index dc3d2d5ed9..6729420941 100644
> --- a/block/crypto.h
> +++ b/block/crypto.h
> @@ -46,6 +46,7 @@
>  #define BLOCK_CRYPTO_OPT_LUKS_STATE "state"
>  #define BLOCK_CRYPTO_OPT_LUKS_OLD_SECRET "old-secret"
>  #define BLOCK_CRYPTO_OPT_LUKS_NEW_SECRET "new-secret"
> +#define BLOCK_CRYPTO_OPT_LUKS_ENCRYPT_IN_PARALLEL "encrypt-in-parallel"
>  
>  
>  #define BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(prefix)                    \
> @@ -130,6 +131,14 @@
>                  "Empty string to erase",                        \
>      }
>  
> +#define BLOCK_CRYPTO_OPT_DEF_LUKS_ENCRYPT_IN_PARALLEL(prefix)     \
> +    {                                                             \
> +        .name = prefix BLOCK_CRYPTO_OPT_LUKS_ENCRYPT_IN_PARALLEL, \
> +        .type = QEMU_OPT_BOOL,                                    \
> +        .help = "perform encryption and decryption through "      \
> +                "thread pool",                                    \
> +    }
> +
>  QCryptoBlockCreateOptions *
>  block_crypto_create_opts_init(QDict *opts, Error **errp);
>  
> diff --git a/qapi/block-core.json b/qapi/block-core.json
> index fd3bcc1c17..1e47b6ea80 100644
> --- a/qapi/block-core.json
> +++ b/qapi/block-core.json
> @@ -3365,12 +3365,16 @@
>  #
>  # @header: block device holding a detached LUKS header.  (since 9.0)
>  #
> +# @encrypt-in-parallel: perform encryption and decryption through
> +#   thread pool
> +#
>  # Since: 2.9
>  ##
>  { 'struct': 'BlockdevOptionsLUKS',
>    'base': 'BlockdevOptionsGenericFormat',
>    'data': { '*key-secret': 'str',
> -            '*header': 'BlockdevRef'} }
> +            '*header': 'BlockdevRef',
> +            '*encrypt-in-parallel': 'bool'} }
>  
>  ##
>  # @BlockdevOptionsGenericCOWFormat:
> diff --git a/qapi/crypto.json b/qapi/crypto.json
> index c9d967d782..91963c693f 100644
> --- a/qapi/crypto.json
> +++ b/qapi/crypto.json
> @@ -192,10 +192,14 @@
>  #     decryption key.  Mandatory except when probing image for
>  #     metadata only.
>  #
> +# @encrypt-in-parallel: perform encryption and decryption through
> +#   thread pool
> +#
>  # Since: 2.6
>  ##
>  { 'struct': 'QCryptoBlockOptionsLUKS',
> -  'data': { '*key-secret': 'str' }}
> +  'data': { '*key-secret': 'str',
> +            '*encrypt-in-parallel': 'bool' }}

Perhaps better named as    'use-thread-pool': 'bool', not least because
this applies to decrypt too, not just encrypt .


NB, both the qapi changes need a "(since 10.0.0)" annotation too

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH 2/2] qapi/crypto: support enable encryption/decryption in parallel, Daniel P . Berrangé <=

Prev by Date: Re: [PATCH 0/2] support block encryption/decryption in parallel
Next by Date: Re: [PATCH v4 1/2] glib-compat: Define g_spawn_check_wait_status()
Previous by thread: [PATCH v3 0/3] scripts: mandate use of SPDX-License-Identifier tags in new files
Next by thread: [PULL 00/37] maintainer updates for gdb, plugins, documentation and windows builds
Index(es):
- Date
- Thread