Received: by 2002:a25:b323:0:0:0:0:0 with SMTP id l35csp1792006ybj;
        Sun, 22 Sep 2019 12:02:45 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzfqlTVp0LY3r9gh43NiJ6t85cW77i8F9cIPXs1PDv8JqWsX/PidthjIE/egXbydv++rG4L
X-Received: by 2002:a17:906:5a96:: with SMTP id l22mr24684981ejq.310.1569178965571;
        Sun, 22 Sep 2019 12:02:45 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1569178965; cv=none;
        d=google.com; s=arc-20160816;
        b=pIr5yL7IFq8Bz8TKbLRM+gq/nIPHSPhytHdsVRXCq6SNiMQufQHX5voe1ZL4Nd9nZ2
         4wcDB8Feq0zz5I4Aux541InFD0RhQOxXh94WDM8gZT4UttnEhZvCTfe9GeVCt5E0Se5Z
         2cZcGP1H2AMeD2eMiMrssEkl5xeDvloBlugMKGRCECmMBxZMd6gca88sKdcEadJPQrLu
         o03kP0YPKFr5lni3YqSG5+NOCFI4I+01tuSoCC2wDmTX42fuGD4cEDNh48in2QTHbmka
         9PdF1a5ihDdrXWL7Csigwi2QeesjIv4P08P1dyCU6qZJ4oddugtDsEjYs6SS21E3k/ta
         m84A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:openpgp:from:references:cc:to:subject:dkim-signature;
        bh=PJyeClMQVfNi5aFiPW4+LQNcu88byDAQ1TqGQo4z/1g=;
        b=nHnoNMiiaCyDY3lBHvKNfsDpSui0kTwIF2Zp1yPICtM/vt7GsI2qJeb1idj0W54j5Q
         FLB3nbYVRM5zQj9EHMToU7t8+h2T5ejRB899jvw3yv/neksjT0yUye6pbpkc25JElUWl
         tIcS/p+Xd3sWL3rTDPXhNXcINBdMSaxRVIff5GJjc9iXB91oSpVxMRTIGIML8hlM4/mV
         18tsDGfAY0Eoakdqq/CcVdBmk+jYX1fDXpfOktoopHAHclVso6AtNkw/A/oI1l143Y72
         rSEBpUXO9WInlcntvTdlddcCwpwQnL1A03RUsCtOZgA6+gtODklKIAuR5tOBHhbu1rj3
         +fdA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=a3VFKP3p;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c52si5423529eda.132.2019.09.22.12.02.22;
        Sun, 22 Sep 2019 12:02:45 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=a3VFKP3p;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726311AbfITTVi (ORCPT <rfc822;sujaykul91@gmail.com>
        + 99 others); Fri, 20 Sep 2019 15:21:38 -0400
Received: from mail-wr1-f68.google.com ([209.85.221.68]:41685 "EHLO
        mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725869AbfITTVi (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 20 Sep 2019 15:21:38 -0400
Received: by mail-wr1-f68.google.com with SMTP id h7so7864370wrw.8
        for <linux-kernel@vger.kernel.org>; Fri, 20 Sep 2019 12:21:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=subject:to:cc:references:from:openpgp:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=PJyeClMQVfNi5aFiPW4+LQNcu88byDAQ1TqGQo4z/1g=;
        b=a3VFKP3pP7MsgoR9+U3VItQ4jCWJoGV9jijSEb+eqgTlAziNCCnavHxtgIFsD5J95R
         g/cCazSjQSATWLk0WQEygPus1eLmpmmfRaw1bYPrh6OI5CGl3HB65VzcLNMDcEIk690x
         8B5uS9XkRPcKshYWtDUR5DyJ1dZGPD2JjFeY4PEKM9J6xg0Yp9Bzn3Kl3Ofli6LThZXx
         NHZkfo903VKQS/izbH1VPZTgb5gNPYBkesO0p4bO8ubWOmKDaqxdAoUBTcyWgaTycd8s
         ROznvdCjMZdGL2EOcBN1jlgyYbRASLU0gv/+7ZIBchCqwYQrvJDQjdoazEv7kBFZpabQ
         HsAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:openpgp:message-id
         :date:user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=PJyeClMQVfNi5aFiPW4+LQNcu88byDAQ1TqGQo4z/1g=;
        b=L5IztBSFpbIZs9Lg//4EEANZ2zVQgrL8vGX7rsMxAzZxBMTh7fxtP+2t+l7UNrdXk5
         a6NbZpSA8VZqORNR5nbNWCuKb7ZmfJ1XuUEUYyB88YBn8SgIZgzDY05wde2ZDuq9xOwT
         NU7mxdY35PaUUry9FAAFgflJeYKqITQfeEP5pk9bOX5Q+u6ancC952gwmP3wjlUo3V4d
         8CGReBwsoYs0ApPjl6zzyIy2tb7XHnvyF230OQUubAgieUMbyXV6d2MMTcqe0rP+ZabY
         CzUdwu32PS+TyIy85oiiqDOfU9lo79mgFpp8id8HwKRQX9GZYSFn2lLv8Nbd12xxjZ/V
         4cHw==
X-Gm-Message-State: APjAAAVYdKjL82wwWQMgwjVcznV/Rqsw6f0xJ2h50kfNjoDJOwfCmdbU
        Ik//YDNwJGV6tIeQlFPtnSU2P1bA
X-Received: by 2002:a5d:5352:: with SMTP id t18mr13608922wrv.72.1569007295889;
        Fri, 20 Sep 2019 12:21:35 -0700 (PDT)
Received: from [192.168.2.28] (39.35.broadband4.iol.cz. [85.71.35.39])
        by smtp.gmail.com with ESMTPSA id o9sm4917013wrh.46.2019.09.20.12.21.34
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Fri, 20 Sep 2019 12:21:35 -0700 (PDT)
Subject: Re: dm-crypt error when CONFIG_CRYPTO_AUTHENC is disabled
To:     Mike Snitzer <snitzer@redhat.com>,
        Thibaut Sautereau <thibaut.sautereau@clip-os.org>
Cc:     dm-devel@redhat.com, Alasdair Kergon <agk@redhat.com>,
        linux-kernel@vger.kernel.org
References: <20190920154434.GA923@gandi.net>
 <20190920173707.GA21143@redhat.com>
From:   Milan Broz <gmazyland@gmail.com>
Openpgp: preference=signencrypt
Message-ID: <13e25b01-f344-ea1d-8f6c-9d0a60eb1e0f@gmail.com>
Date:   Fri, 20 Sep 2019 21:21:33 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <20190920173707.GA21143@redhat.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 20/09/2019 19:37, Mike Snitzer wrote:
> On Fri, Sep 20 2019 at 11:44am -0400,
> Thibaut Sautereau <thibaut.sautereau@clip-os.org> wrote:
> 
>> Hi,
>>
>> I just got a dm-crypt "crypt: Error allocating crypto tfm" error when
>> trying to "cryptsetup open" a volume. I found out that it was only
>> happening when I disabled CONFIG_CRYPTO_AUTHENC.
>>
>> drivers/md/dm-crypt.c includes the crypto/authenc.h header and seems to
>> use some CRYPTO_AUTHENC-related stuff. Therefore, shouldn't
>> CONFIG_DM_CRYPT select CONFIG_CRYPTO_AUTHENC?
> 
> Yes, it looks like commit ef43aa38063a6 ("dm crypt: add cryptographic
> data integrity protection (authenticated encryption)") should've added
> 'select CRYPTO_AUTHENC' to dm-crypt's Kconfig.  I'll let Milan weigh-in
> but that seems like the right way forward.

No, I don't this so. It is like you use some algorithm that is just not compiled-in,
or it is disabled in the current state (because of FIPS mode od so) - it fails
to initialize it.

I think we should not force dm-crypt to depend on AEAD - most users
do not use authenticated encryption, it is perfectly ok to keep this compiled out.

I do not see any principal difference from disabling any other crypto
(if you disable XTS mode, it fails to open device that uses it).

IMO the current config dependence is ok.

Milan