From: Andrei Botila andrei.botila@nxp.com
Since in the software implementation of XTS-AES there is no notion of sector every input length is processed the same way. CAAM implementation has the notion of sector which causes different results between the software implementation and the one in CAAM for input lengths bigger than 512 bytes. Increase sector size to maximum value on 16 bits.
Fixes: c6415a6016bf ("crypto: caam - add support for acipher xts(aes)") Cc: stable@vger.kernel.org # v4.12+ Signed-off-by: Andrei Botila andrei.botila@nxp.com --- This patch needs to be applied from v4.12+ because dm-crypt has added support for 4K sector size at that version. The commit was 8f0009a225171 ("dm-crypt: optionally support larger encryption sector size").
drivers/crypto/caam/caamalg_desc.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/caam/caamalg_desc.c b/drivers/crypto/caam/caamalg_desc.c index aa9ccca67045..8ebbbd28b1f7 100644 --- a/drivers/crypto/caam/caamalg_desc.c +++ b/drivers/crypto/caam/caamalg_desc.c @@ -1518,7 +1518,13 @@ EXPORT_SYMBOL(cnstr_shdsc_skcipher_decap); */ void cnstr_shdsc_xts_skcipher_encap(u32 * const desc, struct alginfo *cdata) { - __be64 sector_size = cpu_to_be64(512); + /* + * Set sector size to a big value, practically disabling + * sector size segmentation in xts implementation. We cannot + * take full advantage of this HW feature with existing + * crypto API / dm-crypt SW architecture. + */ + __be64 sector_size = cpu_to_be64(BIT(15)); u32 *key_jump_cmd;
init_sh_desc(desc, HDR_SHARE_SERIAL | HDR_SAVECTX); @@ -1571,7 +1577,13 @@ EXPORT_SYMBOL(cnstr_shdsc_xts_skcipher_encap); */ void cnstr_shdsc_xts_skcipher_decap(u32 * const desc, struct alginfo *cdata) { - __be64 sector_size = cpu_to_be64(512); + /* + * Set sector size to a big value, practically disabling + * sector size segmentation in xts implementation. We cannot + * take full advantage of this HW feature with existing + * crypto API / dm-crypt SW architecture. + */ + __be64 sector_size = cpu_to_be64(BIT(15)); u32 *key_jump_cmd;
init_sh_desc(desc, HDR_SHARE_SERIAL | HDR_SAVECTX);
+ dm-devel
On 2/28/2020 12:47 PM, Andrei Botila (OSS) wrote:
From: Andrei Botila andrei.botila@nxp.com
Since in the software implementation of XTS-AES there is no notion of sector every input length is processed the same way. CAAM implementation has the notion of sector which causes different results between the software implementation and the one in CAAM for input lengths bigger than 512 bytes. Increase sector size to maximum value on 16 bits.
Fixes: c6415a6016bf ("crypto: caam - add support for acipher xts(aes)") Cc: stable@vger.kernel.org # v4.12+ Signed-off-by: Andrei Botila andrei.botila@nxp.com
Reviewed-by: Horia Geantă horia.geanta@nxp.com
Thanks, Horia
This patch needs to be applied from v4.12+ because dm-crypt has added support for 4K sector size at that version. The commit was 8f0009a225171 ("dm-crypt: optionally support larger encryption sector size").
drivers/crypto/caam/caamalg_desc.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/caam/caamalg_desc.c b/drivers/crypto/caam/caamalg_desc.c index aa9ccca67045..8ebbbd28b1f7 100644 --- a/drivers/crypto/caam/caamalg_desc.c +++ b/drivers/crypto/caam/caamalg_desc.c @@ -1518,7 +1518,13 @@ EXPORT_SYMBOL(cnstr_shdsc_skcipher_decap); */ void cnstr_shdsc_xts_skcipher_encap(u32 * const desc, struct alginfo *cdata) {
- __be64 sector_size = cpu_to_be64(512);
- /*
* Set sector size to a big value, practically disabling* sector size segmentation in xts implementation. We cannot* take full advantage of this HW feature with existing* crypto API / dm-crypt SW architecture.*/- __be64 sector_size = cpu_to_be64(BIT(15)); u32 *key_jump_cmd;
init_sh_desc(desc, HDR_SHARE_SERIAL | HDR_SAVECTX); @@ -1571,7 +1577,13 @@ EXPORT_SYMBOL(cnstr_shdsc_xts_skcipher_encap); */ void cnstr_shdsc_xts_skcipher_decap(u32 * const desc, struct alginfo *cdata) {
- __be64 sector_size = cpu_to_be64(512);
- /*
* Set sector size to a big value, practically disabling* sector size segmentation in xts implementation. We cannot* take full advantage of this HW feature with existing* crypto API / dm-crypt SW architecture.*/- __be64 sector_size = cpu_to_be64(BIT(15)); u32 *key_jump_cmd;
init_sh_desc(desc, HDR_SHARE_SERIAL | HDR_SAVECTX);
On Fri, Feb 28, 2020 at 12:46:48PM +0200, Andrei Botila wrote:
From: Andrei Botila andrei.botila@nxp.com
Since in the software implementation of XTS-AES there is no notion of sector every input length is processed the same way. CAAM implementation has the notion of sector which causes different results between the software implementation and the one in CAAM for input lengths bigger than 512 bytes. Increase sector size to maximum value on 16 bits.
Fixes: c6415a6016bf ("crypto: caam - add support for acipher xts(aes)") Cc: stable@vger.kernel.org # v4.12+ Signed-off-by: Andrei Botila andrei.botila@nxp.com
This patch needs to be applied from v4.12+ because dm-crypt has added support for 4K sector size at that version. The commit was 8f0009a225171 ("dm-crypt: optionally support larger encryption sector size").
drivers/crypto/caam/caamalg_desc.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-)
Patch applied. Thanks.
linux-stable-mirror@lists.linaro.org
-
Andrei Botila -
Herbert Xu -
Horia Geanta