Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp778598imm;
        Thu, 13 Sep 2018 07:37:02 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdaVdrT9n64nOQZlLn2A4lbkoPucON89PFyPPFB4q9Wj2hGmCHF4sLjCBc1zi/NY/Smn38tJ
X-Received: by 2002:a62:280a:: with SMTP id o10-v6mr7747451pfo.129.1536849422926;
        Thu, 13 Sep 2018 07:37:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536849422; cv=none;
        d=google.com; s=arc-20160816;
        b=efB85jQ9HoPfIliQoLrLJ9sJaKgYASjVaT7k0JEPsKZGrMDh377aD063BxRS+uZ32f
         UWiQzIw+dmuKE6NhXY8StLXSyPTwclKUTUqDDVcyIwl6m5g2sLE1RexTn1MlvI5z4zj2
         tuG+J1qGpIe6rpXPXFYOFh0cyldX470K3sM+TbU0jW2F3vFn9jfvRtahfwCo6e7pc9Lx
         0uxNZUD7sCCAFQ5GtsOkwIly376kW7zce1oW6Y1UpRW5BJ8+3T01pgAqk6wSGOP+lyK1
         DGTtJuIX9ppQptwzvtQr6RHdrICNWpEWF119Md4tWDFPQM5l/NvsVaiidmJu5/U2cmsj
         eNhw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=MrTAiAucSp4yVZqPooG2dWziwkKkDvXSI+sSlWfiTgc=;
        b=xIUPw7DpupYAgAdx7ql71ZKi9iAbv0LZyelkGahP+RHx362rW3wsuarTqGDggPNw3I
         I/dQLZ+8CCWe4FMvOBfUH+wev9p8uPqJQAwCF16DR1qgltDxzl0JeaBxVXcdn/k4uQ7g
         BoldnX5L6d9AWPd6dsvv1MxQNBQfSwWs9+Vr07Y8jV+l+lJBxhdfkfJXP7F15Sou8RqC
         D6EgegMQmnlT4dXG9EUIa6fL4GN3ybLvp13a0U1x+snoFA+P1Efb3prqFNRYIqKStWNc
         NmrF4aem1nrqmsEoO7EXUpejPZU4sKC2TCgYLFkKRrSKKmShjCp17Gyth9QGYf7yFIv+
         7PgQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@zx2c4.com header.s=mail header.b="fgr032y/";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id p13-v6si4464586pgk.344.2018.09.13.07.36.42;
        Thu, 13 Sep 2018 07:37:02 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@zx2c4.com header.s=mail header.b="fgr032y/";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728256AbeIMToq (ORCPT <rfc822;fezhang.suse@gmail.com>
        + 99 others); Thu, 13 Sep 2018 15:44:46 -0400
Received: from frisell.zx2c4.com ([192.95.5.64]:35161 "EHLO frisell.zx2c4.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726741AbeIMToq (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 13 Sep 2018 15:44:46 -0400
Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 0cea1fbc;
        Thu, 13 Sep 2018 14:18:01 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=mime-version
        :references:in-reply-to:from:date:message-id:subject:to:cc
        :content-type; s=mail; bh=Tc+Os4+4Tgycx3VIz2WPOIELyH8=; b=fgr032
        y/FM2y0/jliT1yw6g8XPuQLtialL6WO3uqFtUvFfUNWX+55TfaxRn3nwIfH34x9a
        L9g6grMXVxDV8h/bO9QZOqFP8gSjEF9RQ0ZfYmniO+nk7VEm0rBbX7+FaEGqRPVS
        8NHyhQViYdCt2LSITkpJ4I76mJYOTcpYw28zBE91EPEDd/dtyAQ2Rx0ipQSOTP11
        tNBEBgZztVa6+qNXSI8GAEZ8dfbeZtFsR4GYtVoekpUFP3ovqsCsPHoRAKGXEzRg
        Gy538kFSKLwZ9F+5DqpOu9hZdTPS3z8prAzs0BjjnthI8a0hoA4yC218iV8K4+sk
        jZrB7uoZxmmFluzw==
Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id fc8236b1 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128:NO);
        Thu, 13 Sep 2018 14:18:01 +0000 (UTC)
Received: by mail-ot1-f47.google.com with SMTP id v10-v6so1429899otk.7;
        Thu, 13 Sep 2018 07:34:56 -0700 (PDT)
X-Gm-Message-State: APzg51Cp9V/7gwB+jLn3k3XkQarlSwk354xguXT7vKCfg5oQTHP2lVyZ
        JlSDJvN//+RsdnCPJdrwLw002UakVqJMVPtMi8I=
X-Received: by 2002:a9d:4a8f:: with SMTP id i15-v6mr1464367otf.138.1536849295926;
 Thu, 13 Sep 2018 07:34:55 -0700 (PDT)
MIME-Version: 1.0
References: <20180911010838.8818-1-Jason@zx2c4.com> <20180911010838.8818-3-Jason@zx2c4.com>
 <CAKv+Gu9nSeo4PFVrtjtqGQ32eqyxUp3xVCczZfu+dhFz5yLM0A@mail.gmail.com>
 <CAHmME9rTEFLaYmzFrc719LW2DWS2Ua_vL6by1UXZ9uDvMpbhYw@mail.gmail.com>
 <CAKv+Gu9RGo9rtGsmwMLZ_=-WSQ_h7har4agXP-2XOKupq-KYtA@mail.gmail.com>
 <CALCETrU2qkLVaxC=cpU5iAeT5B7xGsR+m2ZWtLVK37jMMWtcAA@mail.gmail.com> <c5855aa4-1561-8387-aebb-0a7587ac6d4f@gmail.com>
In-Reply-To: <c5855aa4-1561-8387-aebb-0a7587ac6d4f@gmail.com>
From:   "Jason A. Donenfeld" <Jason@zx2c4.com>
Date:   Thu, 13 Sep 2018 16:34:44 +0200
X-Gmail-Original-Message-ID: <CAHmME9oXXHZQXuvum1x69tojsRwXtBM32VXsL2SXbBuq2JCVeg@mail.gmail.com>
Message-ID: <CAHmME9oXXHZQXuvum1x69tojsRwXtBM32VXsL2SXbBuq2JCVeg@mail.gmail.com>
Subject: Re: [PATCH net-next v3 02/17] zinc: introduce minimal cryptography library
To:     gmazyland@gmail.com
Cc:     Andrew Lutomirski <luto@kernel.org>,
        Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Netdev <netdev@vger.kernel.org>,
        David Miller <davem@davemloft.net>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Samuel Neves <sneves@dei.uc.pt>,
        Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com>,
        Linux Crypto Mailing List <linux-crypto@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi Milan,

On Thu, Sep 13, 2018 at 8:40 AM Milan Broz <gmazyland@gmail.com> wrote:
> Please note, that dm-crypt now uses not only block ciphers and modes,
> but also authenticated encryption and hashes (for ESSIV and HMAC
> in authenticated composed modes) and RNG (for random IV).
> We use crypto API, including async variants (I hope correctly :)
>
> There is a long time battle to move initialization vectors generators
> from dm-crypt to crypto API. If there are any plans to use a new library,
> this issue should be discussed as well.
> (Some dm-crypt IV generators are disk encryption specific, some do more
> that just IV so porting is not straightforward etc).
>
> Related problem here is an optimization of chain of sectors encryption -
> if we have new crypto API, it would be nice if can take chain of sectors
> so possible implementation can process this chain in one batch
> (every sector need to be tweaked by differently generated IV - and we
> are back in problem above).
> I think filesystem encryption uses the same pattern.
>
> And btw, we use the same algorithms through AF_ALG in userspace (cryptsetup).
>
> So please, if you mention dm-crypt, note that it is very complex
> crypto API consumer :) And everything is dynamic, configurable through
> dm-crypt options.
>
> That said, I would be more than happy to help in experiments to porting dm-crypt
> to any other crypto library, but if it doesn't not help with problems
> mentioned above, I do not see any compelling reason for the new library for dm-crypt...

dm-crypt is probably a good consumer of the existing crypto API and
won't be impacted by the introduction of Zinc, which is really just
the exposure of a couple low level simple crypto functions, and not a
fancy API like the crypto API which dm-crypt happily uses.

Jason