Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp996731imu; Fri, 16 Nov 2018 13:53:45 -0800 (PST) X-Google-Smtp-Source: AJdET5dWOYEYCqRJWFdFW1w16DY7LyJszwVz344DRXPlbRH7PtMwFsHarRru0FGhX1LAuSLxl2JA X-Received: by 2002:a17:902:443:: with SMTP id 61-v6mr12385168ple.216.1542405225223; Fri, 16 Nov 2018 13:53:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542405225; cv=none; d=google.com; s=arc-20160816; b=tOWGu3eXOelpFm0WR6nxtaTfvnJnx0JEgnESGqOE/OCnfg9muZvqZgR7BAXLUFbrja vIqmGe646x2NuZu++QsxjyadqRKJCMi8GokMkooYs5DUzOckaP3Uzdec86Zyv76PrgVc slm9eBwd/hu2GH3B7RrkTz15i7FWdoV7PHVKi2OJQqc1FswT6D0ixrfO6ydf7MpushEd V96FQyX8OQKbAvONr6hawfJlFML81w5cv2xxB8NpJLzXcwEa2yCbgLskEUzUgHhA0CIE FLfjsP8GZ0w75dYIJfQvKBNgsogzYvkeE8+4yAxAil0STg8FW5J/H1sXRbR/8rKTy0Hj DCmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=B1Xs1IxTU9fsvYLu3AfZZQ2AZvTov+7d3XIPlNGJQXo=; b=Lxnl5l2+r8C2ZYZF0JZkzQmb2J3MB3e21ZsIvQ5RpB+p3pEsZcs95vOkynkgLUV1t7 VH++jjv6ZOg/udOu5HxJSF2ZypFEZjk8lb7WJxkvOP6kucRmlxMONzGK+PJWP3ABpH0z ur4dhF3NvALygAjF3WFaUstJnLWM/TujR7OSqQMjQV6OCpJDViuFaXNBJUA2rUecI02a PCJ5lTHF88NbrB10wCqTh96f538oFRGakWAr+cpoq/UxkxPnB2GlNHMSeNu3XmvDeDuq 3F4OSLQ0eXpaJhggIg/jWrbmA3oHBDY94psJgY3XObvnSCQ8J3b+Ka1ASlHwc0kPP6lu hIyg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="Zth/Ym4J"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b65si31149085pgc.259.2018.11.16.13.53.30; Fri, 16 Nov 2018 13:53:45 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="Zth/Ym4J"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728760AbeKQIHA (ORCPT + 99 others); Sat, 17 Nov 2018 03:07:00 -0500 Received: from mail.kernel.org ([198.145.29.99]:40914 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725819AbeKQIHA (ORCPT ); Sat, 17 Nov 2018 03:07:00 -0500 Received: from gmail.com (unknown [104.132.1.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id F24C62086A; Fri, 16 Nov 2018 21:52:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1542405172; bh=fdf9LE1XIzhfZ6C60W5NHkMAr3+NKq+ArFxGbnrHgug=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Zth/Ym4JRdYPDHSi5WN3DcFhykZAgvgtUA2Yprdv9xVu3WRqKcOBxQXv71M218MxO CML4oGNfSk38n7/MatH/8h3/awNxL2xIOOEirfv7HNhi3dxHgNaCq5MYz82imXwUtU d2gwY+Yp/MErR8OZseW/2r94FgEEarERoni35oAw= Date: Fri, 16 Nov 2018 13:52:50 -0800 From: Eric Biggers To: Milan Broz Cc: "Jason A. Donenfeld" , Linux Crypto Mailing List , linux-fscrypt@vger.kernel.org, linux-arm-kernel@lists.infradead.org, LKML , Herbert Xu , Paul Crowley , Greg Kaiser , Michael Halcrow , Samuel Neves , Tomer Ashur Subject: Re: [RFC PATCH v2 00/12] crypto: Adiantum support Message-ID: <20181116215249.GA27149@gmail.com> References: <20181015175424.97147-1-ebiggers@kernel.org> <20181019190411.GB246441@gmail.com> <1f65ce09-93b3-f43e-49d5-9d9d6c0bb9e0@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1f65ce09-93b3-f43e-49d5-9d9d6c0bb9e0@gmail.com> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Milan, On Sat, Oct 20, 2018 at 12:26:20PM +0200, Milan Broz wrote: > > Adiantum (as in your current git branches on kernel.org) can be used for dm-crypt > without any changes (yes, I played with it :) and with some easy tricks directly > through cryptsetup/LUKS as well. > > I think we should have this as an alternative to length-preserving wide-block > cipher modes for FDE. > Yes, dm-crypt can use Adiantum by specifying the cipher as "capi:adiantum(xchacha12,aes)-plain64". But, I'm having trouble getting cryptsetup/LUKS to use Adiantum. Using LUKS1, the following works: cryptsetup luksFormat /dev/$partition --cipher='capi:adiantum(xchacha12,aes)-plain64' --key-size 256 However, when possible we'd like people to use 4K sectors for better performance, which I understand requires using the LUKS2 format along with cryptsetup v2.0.0+ and Linux v4.12+. But the following does *not* work: cryptsetup luksFormat /dev/$partition --cipher='capi:adiantum(xchacha12,aes)-plain64' --key-size 256 --type luks2 --sector-size 4096 The problem seems to be that when cryptsetup tries to encrypt the keyslot in luks2_encrypt_to_storage(), it tries to use the algorithm via AF_ALG, but it incorrectly requests "plain64(capi:adiantum(xchacha12,aes))" which fails. It should request just "adiantum(xchacha12,aes)". What are the "easy tricks" you had in mind -- do you mean there's already a way to use Adiantum with cryptsetup, or do you mean that cryptsetup still needs to be updated to fully support algorithms using the crypto API syntax? Thanks, - Eric