+ dm-devel
On 2/28/2020 12:47 PM, Andrei Botila (OSS) wrote:
> From: Andrei Botila <andrei.botila@xxxxxxx>
>
> Since in the software implementation of XTS-AES there is
> no notion of sector every input length is processed the same way.
> CAAM implementation has the notion of sector which causes different
> results between the software implementation and the one in CAAM
> for input lengths bigger than 512 bytes.
> Increase sector size to maximum value on 16 bits.
>
> Fixes: c6415a6016bf ("crypto: caam - add support for acipher xts(aes)")
> Cc: <stable@xxxxxxxxxxxxxxx> # v4.12+
> Signed-off-by: Andrei Botila <andrei.botila@xxxxxxx>
Reviewed-by: Horia Geantă <horia.geanta@xxxxxxx>
Thanks,
Horia
> ---
> This patch needs to be applied from v4.12+ because dm-crypt has added support
> for 4K sector size at that version. The commit was
> 8f0009a225171 ("dm-crypt: optionally support larger encryption sector size").
>
> drivers/crypto/caam/caamalg_desc.c | 16 ++++++++++++++--
> 1 file changed, 14 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/crypto/caam/caamalg_desc.c b/drivers/crypto/caam/caamalg_desc.c
> index aa9ccca67045..8ebbbd28b1f7 100644
> --- a/drivers/crypto/caam/caamalg_desc.c
> +++ b/drivers/crypto/caam/caamalg_desc.c
> @@ -1518,7 +1518,13 @@ EXPORT_SYMBOL(cnstr_shdsc_skcipher_decap);
> */
> void cnstr_shdsc_xts_skcipher_encap(u32 * const desc, struct alginfo *cdata)
> {
> - __be64 sector_size = cpu_to_be64(512);
> + /*
> + * Set sector size to a big value, practically disabling
> + * sector size segmentation in xts implementation. We cannot
> + * take full advantage of this HW feature with existing
> + * crypto API / dm-crypt SW architecture.
> + */
> + __be64 sector_size = cpu_to_be64(BIT(15));
> u32 *key_jump_cmd;
>
> init_sh_desc(desc, HDR_SHARE_SERIAL | HDR_SAVECTX);
> @@ -1571,7 +1577,13 @@ EXPORT_SYMBOL(cnstr_shdsc_xts_skcipher_encap);
> */
> void cnstr_shdsc_xts_skcipher_decap(u32 * const desc, struct alginfo *cdata)
> {
> - __be64 sector_size = cpu_to_be64(512);
> + /*
> + * Set sector size to a big value, practically disabling
> + * sector size segmentation in xts implementation. We cannot
> + * take full advantage of this HW feature with existing
> + * crypto API / dm-crypt SW architecture.
> + */
> + __be64 sector_size = cpu_to_be64(BIT(15));
> u32 *key_jump_cmd;
>
> init_sh_desc(desc, HDR_SHARE_SERIAL | HDR_SAVECTX);
>
--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel
