Received: by 10.223.164.202 with SMTP id h10csp439132wrb; Mon, 6 Nov 2017 09:07:52 -0800 (PST) X-Google-Smtp-Source: ABhQp+TPGl0ZbRZC0uRRLcsQICciGHoZdeHVO7D7TQyxuEbOQKpmr7q6w40P3a6f5rx6o/GinwYq X-Received: by 10.84.253.23 with SMTP id z23mr15217791pll.210.1509988072132; Mon, 06 Nov 2017 09:07:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1509988072; cv=none; d=google.com; s=arc-20160816; b=YADwXlzu6r+HC2lFnGHeeUCRd+poY4cHblVNIQX5k92e85UkHpZpVN7/GHoDXQUV5b a/6W9mkmzVrNiH7ABwM9B5PZrfd7/rufFuk/JPZ8uOb9fKpIx8iFTMrQv/k4MAWxyQKz fWALWo84Mo6gl/GfUsJ9GhUd3wbU2lJHIZuwjo19svCVjncNmJWFJUc+pmgBt1ilgIcn pAepxHtaI3S/KEQ2Gyd3PIU7oIXAyMVi5YhL+DKwqy+WPknMJQ53YWLpSWOzuyS6w7Dn opDAJl03URMbtw9QV5Y4CAVGdYJNFB/PS2DA2bP9oFh4dzWpNnxGTran1JLCc9LaJn9s +kXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=d+R79vXhES7aGCKhcZ8EyR0uxKbwZe0+5LE7ON4043s=; b=IAfImNFnbPE36btCrcc/heNUvhEgWstiPL1yi/BgjnhR0F5l5vP2+dnhLXfw+vR1qm Apfhf3y1yP30P6DcMH6tdGZ/PRXvI+PrfZVu6ppbiepHS5Sy9tGoI6lb/VHDNQHSsnLm uX3wge7ZzR+MEmTELn7vkNJSfwXpVGuzIhu79YIJk3+NljTYls4xMslGb5Ydi3NrAslB KALyEoYT5PyByB4xP8jDiSaPag6ufN8ClqJNdCXTK1GkB1weCTG7J8VAVeY4PV4JkNI5 CO7q87ouxuCSNygOGL7723tt8PDGsuLqm7g20mJeCFSEdVKYKeow8wLQHUk8aRfAChC1 mA6Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@mobile-devices.fr header.s=google header.b=v94IPqNz; dkim=fail header.i=@gmail.com header.s=20161025 header.b=PeRJxhLq; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b188si11433985pgc.824.2017.11.06.09.07.38; Mon, 06 Nov 2017 09:07:52 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@mobile-devices.fr header.s=google header.b=v94IPqNz; dkim=fail header.i=@gmail.com header.s=20161025 header.b=PeRJxhLq; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753993AbdKFP5f (ORCPT + 97 others); Mon, 6 Nov 2017 10:57:35 -0500 Received: from mail-qk0-f174.google.com ([209.85.220.174]:51725 "EHLO mail-qk0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753979AbdKFP5e (ORCPT ); Mon, 6 Nov 2017 10:57:34 -0500 Received: by mail-qk0-f174.google.com with SMTP id n66so6883515qki.8 for ; Mon, 06 Nov 2017 07:57:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mobile-devices.fr; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=d+R79vXhES7aGCKhcZ8EyR0uxKbwZe0+5LE7ON4043s=; b=v94IPqNz9Ke4P0+jtrzR3+B6VsfctbfWFQZ3ckpf1LazOYdx31sYK0tfNTPncfdTyR w8Kn5gfB5z0gbcNmmpSB9VF6VvW1zRPn/vuUV103hdg6o/M3h/8Wc1qOb+UJRlUBd5zI lJ5e1Svx0x+UmchFk1VQ/+PpklueJ836u3ms0= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=d+R79vXhES7aGCKhcZ8EyR0uxKbwZe0+5LE7ON4043s=; b=PeRJxhLqdNLpO78sBlmulBHBLx5Rxb8Dm8MmH99gAcMZcktmUgOaKe632ssKKn5tW6 4ngwXTnHs/Ga3U4KkOcFNqQ88bAbzh8bqzQf1WklbjsCSoDplD7CH8TKIR2N/7u6xCev ymEnhrNC13pCBTd67eozrx51dvk26sIWF197N2QtB85IxnmXt7aHtoaQ524NkB8v9yYk 5/AZkT4Scqf3BeuOPQiBcw3QSKoIAkuQcHj1D6UHPCWlYYI/UOpMplNHNYSKYIoF+zgz vl8RRHSdjPiR23VorBRuTROXJzCCLOck4lQFdW13HCKzY78zRk90wshbC6futX3HgmI0 dBNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=d+R79vXhES7aGCKhcZ8EyR0uxKbwZe0+5LE7ON4043s=; b=jJE/ILhgsPKh4/ZrGMESCtZfzgYBJlkGJkI46K9pviK95vLsT68ahh82miO5vacXRq SVMCc0Svc2air67uU47gbSYD3ldr2OXYuQsV58aTX41gQg1Gen1MbnsdqC8NyIKmgyYr /5VzLSotLdrG26EMA8Exxti9I81OxmgYWM/2ZNayqnWWecqum4ZLwgeWYe4vdARX8m/i We8SAivOA4QLnOULbDjhVjfSzwj1pl3UQIpZ61VTiMa/RvPwsxDhJO5ZtdlSq2bNIrX2 VJuHT64aR4gQYJH4NRXKNRCkYWSStLJoHU5sZ7CT/LoHi+TT/85Mwu/9aTqiRib6WOWS EwQQ== X-Gm-Message-State: AJaThX6gzuisbptKAcJ8Ub4I5o3UwU4EUJy3dCRnuZVlG28VylMUn1eV iavI7Qc8nV4y1BBC94pJh4XekgQrJnqlka9Giw9lcA== X-Received: by 10.55.21.135 with SMTP id 7mr10659353qkv.216.1509983852533; Mon, 06 Nov 2017 07:57:32 -0800 (PST) MIME-Version: 1.0 Received: by 10.200.23.61 with HTTP; Mon, 6 Nov 2017 07:57:12 -0800 (PST) In-Reply-To: References: <20171031152524.25216-1-romain.izard.pro@gmail.com> <20171031152524.25216-3-romain.izard.pro@gmail.com> From: Romain Izard Date: Mon, 6 Nov 2017 16:57:12 +0100 X-Google-Sender-Auth: eFkBs_xH446OCzMyuOuNf2PMRdY Message-ID: Subject: Re: [PATCH 2/2] crypto: atmel-aes - Reset the controller before each use To: Tudor Ambarus Cc: Herbert Xu , "David S . Miller" , Nicolas Ferre , linux-arm-kernel , linux-crypto@vger.kernel.org, LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 2017-11-06 16:45 GMT+01:00 Tudor Ambarus : > Hi, Romain, > > On 10/31/2017 05:25 PM, Romain Izard wrote: >> >> When using the rfc4543(gcm(aes))) mode, the registers of the hardware >> engine are not empty after use. If the engine is not reset before its >> next use, the following results will be invalid. >> >> Always reset the hardware engine. > > > Thanks for the fix! I could reproduce the issue only when running > rfc4543(gcm(aes))) and then, immediately after, ecb(aes). > > Have you encountered this bug with other combination of algorithms? > > I'm trying to isolate the bug so that we can have a more fine-grained > fix. I just ran the tcrypt tests because they were failing on the cts(cbc(aes)) transform and I observed this issue when the ecb test failed only on the second run. For me, the issue looks like the rfc4543 mode does not read all the registers from the AES engine, and the following operation fails because the registers are reused directly in the ECB mode. As the ECB mode is a rare case where we do not use an IV, this may be the reason why other modes do not display the issue. -- Romain Izard From 1582787357553038657@xxx Tue Oct 31 15:27:31 +0000 2017 X-GM-THRID: 1582787357553038657 X-Gmail-Labels: Inbox,Category Forums