From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.2 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2B6D9C76191 for ; Thu, 18 Jul 2019 07:50:51 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 0A6B0208C0 for ; Thu, 18 Jul 2019 07:50:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726386AbfGRHuu (ORCPT ); Thu, 18 Jul 2019 03:50:50 -0400 Received: from helcar.hmeau.com ([216.24.177.18]:37110 "EHLO deadmen.hmeau.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726608AbfGRHut (ORCPT ); Thu, 18 Jul 2019 03:50:49 -0400 Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar) by deadmen.hmeau.com with esmtps (Exim 4.89 #2 (Debian)) id 1ho1Bd-0000ca-IH; Thu, 18 Jul 2019 15:50:45 +0800 Received: from herbert by gondobar with local (Exim 4.89) (envelope-from ) id 1ho1BZ-0005qk-5u; Thu, 18 Jul 2019 15:50:41 +0800 Date: Thu, 18 Jul 2019 15:50:41 +0800 From: Herbert Xu To: Ard Biesheuvel Cc: Horia Geanta , "linux-crypto@vger.kernel.org" , "dm-devel@redhat.com" Subject: Re: xts fuzz testing and lack of ciphertext stealing support Message-ID: <20190718075041.2mutant44rxx2ipq@gondor.apana.org.au> References: <20190716221639.GA44406@gmail.com> <20190717172823.GA205944@gmail.com> <20190718065223.4xaefcwjoxvujntw@gondor.apana.org.au> <20190718072154.m2umem24x4grbf6w@gondor.apana.org.au> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20170113 (1.7.2) Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, Jul 18, 2019 at 09:28:03AM +0200, Ard Biesheuvel wrote: > > If we were adding XTS to the kernel today, then I would agree with > you. But xts() has an established meaning now, and I don't think it > makes sense to update all implementations for a theoretical use case, > given that no portable userland code can rely on the correct semantics > today, since CAAM is the only one that implements them correctly. > > In any case, I won't have time to fix the ARM or arm64 implementations > (or review the changes if someone else steps up) until the end of > September. I'm not asking you or anyone to fix this right away. I'm just saying that this is the direction we should be moving in. After all, there is no immediate crisis as all that is broken today is a fuzz test. It should be possible to do this without causing performance regressions for ARM. We could rename the existing xts to a new name (xek perhaps) and add xts into the cts template as a wrapper around xek. That way you don't have to touch the ARM code at all and it should just work. PS should we mark xek or whatever it's called as internal so it isn't visible to user-space? Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt