#regzbot introduced: 7bcb2c99f8ed
I am running the NixOS distribution cross-compiled from x86_64 to a Marvell Armada 388 armv7 SoC.
I am not getting expected speeds when reading/writing on my encrypted hard drive with 6.5.5, while it is fast on 5.4.257. Volume is formatted like this: `cryptsetup luksFormat -c aes-cbc-essiv:sha256 /dev/sda`.
Specifically, I tracked this down to the changes to crypto/essiv.c from 7bcb2c99f8ed mentioned above. Reverting those changes on top of a 6.5.5 kernel provides working (see applicable diff further below).
I'm *guessing* that this is related to the mv-aes-cbc crypto driver (from the marvell-cesa module) being registered as async (according to /proc/crypto), and I *suspect* that async drivers are not being used anymore by essiv or dm_crypt. Going by the commit description, which sounds more like a refactor, this does not seem intentional.
Would appreciate a lot if someone more experienced with the crypto subsystem can have a look at this.
Greetings,
Yureka
---
Some more detailed information
Excerpt from /proc/crypto in 5.4.257:
name : essiv(cbc(aes),sha256)
driver : essiv(mv-cbc-aes,sha256-generic)
async : yes
speeds of 130MB/s can be observed
In 5.10.197 (the first branch that has this issue and is still receiving updates):
name : essiv(cbc(aes),sha256)
driver : essiv(cbc(aes-arm),sha256-generic)
async : no
speeds are less than half, 55MB/s
the other listings in /proc/crypto seem to be unchanged. mv-cbc-aes is still the highest priority driver providing cbc(aes)
diff that restores the working state on recent kernels (tested with 6.5.5):
diff --git a/crypto/essiv.c b/crypto/essiv.c
index 85bb624e32b9..8d57245add54 100644
--- a/crypto/essiv.c
+++ b/crypto/essiv.c
@@ -471,7 +471,7 @@ static int essiv_create(struct crypto_template *tmpl, struct rtattr **tb)
return PTR_ERR(shash_name);
type = algt->type & algt->mask;
- mask = crypto_algt_inherited_mask(algt);
+ mask = (algt->type ^ CRYPTO_ALG_ASYNC) & algt->mask & CRYPTO_ALG_ASYNC;
switch (type) {
case CRYPTO_ALG_TYPE_SKCIPHER:
@@ -530,7 +530,7 @@ static int essiv_create(struct crypto_template *tmpl, struct rtattr **tb)
/* Synchronous hash, e.g., "sha256" */
_hash_alg = crypto_alg_mod_lookup(shash_name,
CRYPTO_ALG_TYPE_SHASH,
- CRYPTO_ALG_TYPE_MASK | mask);
+ CRYPTO_ALG_TYPE_MASK);
if (IS_ERR(_hash_alg)) {
err = PTR_ERR(_hash_alg);
goto out_drop_skcipher;
@@ -562,12 +562,7 @@ static int essiv_create(struct crypto_template *tmpl, struct rtattr **tb)
hash_alg->base.cra_driver_name) >= CRYPTO_MAX_ALG_NAME)
goto out_free_hash;
- /*
- * hash_alg wasn't gotten via crypto_grab*(), so we need to inherit its
- * flags manually.
- */
- base->cra_flags |= (hash_alg->base.cra_flags &
- CRYPTO_ALG_INHERITED_FLAGS);
+ base->cra_flags = block_base->cra_flags & CRYPTO_ALG_ASYNC;
base->cra_blocksize = block_base->cra_blocksize;
base->cra_ctxsize = sizeof(struct essiv_tfm_ctx);
base->cra_alignmask = block_base->cra_alignmask;
