Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp4824048imm; Sun, 22 Jul 2018 06:40:46 -0700 (PDT) X-Google-Smtp-Source: AAOMgpdGAZQYuws2h6xSWbxnPDs/wWRL1OsNehB7bOF79QNhjwOXqWMc0ID6E/ZFw/G1L5pJeTPX X-Received: by 2002:a17:902:8a90:: with SMTP id p16-v6mr375317plo.106.1532266846038; Sun, 22 Jul 2018 06:40:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532266846; cv=none; d=google.com; s=arc-20160816; b=ZY4kd0WpdgxKqfQNgFUgNxPsnCMFmVNeQimg2kcjjtJGkq0OVpNocH/lmWywPZo9Do iFLmSXMrBUHxSlkyz11nNbhMD70eHxPk5KK0GzTABf2rIpyUfMpP80U9azHC1/+XwAVb 5X5h+vnPBnxsiPiQATu/xwYVmzJhyMdcc8HRAoUW9oQ+qItA0bvCAb2VXgPPuvaKGnXL I4MGaRPWkrhslnkEnJ1YNju/YZp/Z9v/PymkTWtYE/nK3/ccylIoAXMEDezB6HfSE6Yu NV6ohE/nH0NtqJdEG/EJ4TH8e5tKk5faDm5y18r+r8b3e8uHhg6Uv40ZEKV62ggA+AEb abBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:references:in-reply-to:mime-version :dkim-signature:arc-authentication-results; bh=qnAhNW20wIaJAK8/KcaJKA0PMXL60t3oY/uJsyWYVAo=; b=pxYQB1aQg8umIB+QJ83aiu65bIHDHAeV8xnLn3wZ2QQuDY+jxviMUwkkjjo4bbH35c gomuXEFFCgV+G7lIbT/34RR6NjNASoeMuC8DekdAgC4wO9yaaCsV10RAwd2epUS1brqr QT3WGeP879oln1voq+/zHEdP82y+/AuudilIQCKLGfRyUZZu/CFikY5bfy333LLRFKSW Q6FT+ceHAQNtzd+QIEZxkLZPAjY3GgCa47V2f1flpFc5fcc5XVPA5I2xK0Eog5IriflI TFeMX8sRPOwnT5Cp4JoQTYuO+NIrGkaeraDA61KQb1cBzuFIpH1AT8wkxVPd7dvJTFr1 HtbQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@benyossef-com.20150623.gappssmtp.com header.s=20150623 header.b=Q6ZoVDPm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i62-v6si6172750pge.93.2018.07.22.06.40.31; Sun, 22 Jul 2018 06:40:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@benyossef-com.20150623.gappssmtp.com header.s=20150623 header.b=Q6ZoVDPm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728380AbeGVOgQ (ORCPT + 99 others); Sun, 22 Jul 2018 10:36:16 -0400 Received: from mail-ua0-f196.google.com ([209.85.217.196]:41792 "EHLO mail-ua0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728002AbeGVOgQ (ORCPT ); Sun, 22 Jul 2018 10:36:16 -0400 Received: by mail-ua0-f196.google.com with SMTP id t14-v6so10147549uao.8 for ; Sun, 22 Jul 2018 06:39:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=benyossef-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=qnAhNW20wIaJAK8/KcaJKA0PMXL60t3oY/uJsyWYVAo=; b=Q6ZoVDPmMmkbsE+Q41xKt9jRGlNQlgZem6381XqEyOwyA6USWkGGbo8qGSIU8w5ogt h2n1XNLcriE5hWy7xMap/rbY/lllHdJSANTZbLiuWaubRqridpSarr4Ml97suKX87jKG 8p/oacYjoIJ3JDlmR1jyrS5RydVm/7fn9WmzmkVA756KE/TdCe/qD4F547aDMoZoZnol 8GnP+uRDIF04JClbz55V/dft2qmlIpM09/kyrkL5yRttc27NZ7/d1B/i55H5S7FuomJr I25Oj+otQ8r6Fh6Bi4DV0IFi5jgryD3jb3oIrWnfif9utWM+BJYmHs5rnhbcrYmIY07B sQMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=qnAhNW20wIaJAK8/KcaJKA0PMXL60t3oY/uJsyWYVAo=; b=cGyHBj1HI8HsXmF4LS5lq6tqiGu76vOD6/ilN/emT9EyK5heK9YZ7DMuIrQ4xFOo+k 6eZ0i3C1qkvG+YE9uKvssOKgF7FNjxBB7Fj3BpWARdY8T8onNobjVrrLSVG1KVDCkfpd LohqtznOb67pEs615cc+3RG1KhTqRFkxLncbFh3eao79ZbuplkVDMNdHXRZad22NiKpl F/Ti1qkmrYt6YSkWBKV7/7oTIhy4bGCIRsLEiwkNGJLn5OJUslvUtFmCGgWrnstIMufE MDpOA1ib3aEo7viBmnb4DBvJhGnoyZW80sK0UEvfrujgJQ++YZKGW471nr/7/kXmWrGU 17+Q== X-Gm-Message-State: AOUpUlGlL1Ay2J6TA9Wo5ncscJCWilggWtU5OfPcCnLz+WtEwPmPNvtR 4a/WsseykaY98fASNqrnOqXUmbdPuxDTyXUPVyvJFxKuh/g= X-Received: by 2002:ab0:6583:: with SMTP id v3-v6mr6255787uam.107.1532266772240; Sun, 22 Jul 2018 06:39:32 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:ab0:74d7:0:0:0:0:0 with HTTP; Sun, 22 Jul 2018 06:39:31 -0700 (PDT) X-Originating-IP: [217.140.106.29] In-Reply-To: <20180720114509.GA10784@sirena.org.uk> References: <1531899055-29362-1-git-send-email-wangxiongfeng2@huawei.com> <5d0bb72c-862e-63be-3cc5-83ed02b9a575@huawei.com> <20180719155026.GF27938@sirena.org.uk> <20180720114509.GA10784@sirena.org.uk> From: Gilad Ben-Yossef Date: Sun, 22 Jul 2018 16:39:31 +0300 Message-ID: Subject: Re: [PATCH 0/5] crypto: add IV generation templates To: Mark Brown Cc: Ard Biesheuvel , Xiongfeng Wang , Arnd Bergmann , Alasdair Kergon , Mike Snitzer , Herbert Xu , device-mapper development , Linux Kernel Mailing List , Jonathan Cameron Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi there, Sorry for delay in response - the patch set was sent just as we shut down the office for moving to a new location... :-) On Fri, Jul 20, 2018 at 2:45 PM, Mark Brown wrote: > On Fri, Jul 20, 2018 at 10:02:21AM +0900, Ard Biesheuvel wrote: >> On 20 July 2018 at 00:50, Mark Brown wrote: > >> > Existing hardware can definitely do the IV generation and I believe th= at >> > it can chain multiple sectors together though I'd need to confirm this= , >> > as mentioned elsewhere in the thread the ccree driver is for one of >> > the relevant devices. I've poked some relevant people. > >> As far as I can infer from the ccree driver source, IV generation and >> en/decryption are separate operations, and given that each sector >> requires both operations to be applied in sequence, letting the crypto >> layer handle an entire bio does not have any benefit *at the moment*. > So there are two separate things that can be considered IV generation in the ccree driver: - The ability to generate a none repeating IV for encryption mode of operations that require it. - The ability to compute an IV from sector number for storage related modes of operation, such as xts What you saw in the driver relates to the first whereas we are discussing making use of the second. In essence, it means providing a key, buffer to encrypt (that may span a sector or possibly more) and the sector number and the CryptoCell hardware can compute the IV hence forth for blocks in the sector and across sector boundaries (it knows the size of the sector so can increment the sector number as needed) when fed a buffer that is bigger than a single sector. Consider getting a 4k page with a sector size of 512 bytes and the difference between 8 x 512 HW accesses and crypto APi calls vs just one. Of course, you can just set the sector size to 4k and indeed a recent change to dm-crypt allows that. You get similar benefit but at the cost of having to read 4k of data even if you just need 1 byte..= . I believe that other security hardware from other common vendors posses similar abilities - but can't really speak for them. I will note that the Android source code contains a hacked up dm-crypt that uses an out-of-tree version of a common vendor driver to drive this ability. What is being aimed at here is to do the same but in an upstream-able, community reviewed and accepted fashion. Of course, breaking it up to stages is fine - it's just that it is hard to show the benefits if you don't do the full monty.... I hope I've managed to shed some light on the matter and would be happy to supply more details if needed. Gilad --=20 Gilad Ben-Yossef Chief Coffee Drinker values of =CE=B2 will give rise to dom!