Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp1202223ybi; Wed, 19 Jun 2019 15:44:19 -0700 (PDT) X-Google-Smtp-Source: APXvYqyACttq1URjxJXIYVbuMOyvZCmPIBV2huQHf5rJ1WSO/p2nvRNtuNcOJ5jh8+4V36uogVXi X-Received: by 2002:a17:90b:f0e:: with SMTP id br14mr13549654pjb.117.1560984259670; Wed, 19 Jun 2019 15:44:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560984259; cv=none; d=google.com; s=arc-20160816; b=FdEh7GpDpXDtGYxPeXCU+3befsumt7rXDyd4auhI4F7kmJDTjcN5WwAGsPMPsg6k6V dUdu940dzBmXp2YhuQYmDDlPy4mmYuQ7NaKPemKlqKIjw5Mp092gAQIZAaHZfgV75zxO 27YG0hG4i8EC42FJ5wiQil0kS/nBQxxMKpt2liq9SAChZFIrQWDlewOYv/kDb6pPexP5 oN78t0+a4U729LSqUo8iO52nWUPr87xCS+2DOi0QJxuviMPLqn3oCffgF5pk/y+usWSo 7USvE5Yhg/A35hTrXQml10HVPH+q/4lemc7IYcwYNsNtIRhsSheSLyZ5E1ZzgCwkqUOK rCgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=cqxlS8TUrayOrx9RbCCJk5wRQ9lf+ZHmU1Gk3w573sA=; b=gQ7JWHOco3kMH7VUYqWJD2mvym+DUONAiRtWhX86+P+XMpc6h3BS58Fb2a4MQ38z0F S/RjSR4lLI58R1PC6A8krbRehF/k247AlQdt9Cfl+EMjiP7lIqlQSNfGLaew+u50Ve1f jHVWjZ0OkVpLnMPQXEOVsQpmg5uvziy8UkLEmyF0aJynsn/gD06GonplcNn03AjFidyR 4KYseG0MlaoV80/itB/KsFPZO0iQEI3EqeiNN7OjrYDKNGSWSlduVVqXwpxGkU9J3v7N TBXQMvVbf0eTLIGh4k14VQyCSD3T8VrLreHZTsY4Bt/5pK5exAoNS0JGUOsU2CQ4mYne Ietg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Zo1OClAy; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i4si17444997pfc.26.2019.06.19.15.44.05; Wed, 19 Jun 2019 15:44:19 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Zo1OClAy; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726449AbfFSWoD (ORCPT + 99 others); Wed, 19 Jun 2019 18:44:03 -0400 Received: from mail-io1-f66.google.com ([209.85.166.66]:39825 "EHLO mail-io1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726251AbfFSWoD (ORCPT ); Wed, 19 Jun 2019 18:44:03 -0400 Received: by mail-io1-f66.google.com with SMTP id r185so995714iod.6 for ; Wed, 19 Jun 2019 15:44:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=cqxlS8TUrayOrx9RbCCJk5wRQ9lf+ZHmU1Gk3w573sA=; b=Zo1OClAyhkahly1M3GDgTSgP8bluNQ3KeJKArO+j5QmLCtuO3iq7To5FgWOUm2TQ7H vnxsuXXb9FhJZEtz7mnlEpM7m6n1QPIJ428Tktag2AvEf3iFS9wxAIQwevEtXysPQXxr F17f2AZUvSmIuo5i/y/ioaQFG2wivHpLH4+EtPD22dBE/YkIIjVt+yMpQen2bEnocUab FlWffctvJ22Z82i77vdnmcRkbW14uOwLDAl5ZTFsiJ8BEqN+yEbdvCxmOTWd3BZzqbEx Gzixhlz8c1YWVEXGT1+zas646xkbxUlm93S+2MSNB91B0zxwF05m7IK3rQGMrVuJFdFS U0HQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=cqxlS8TUrayOrx9RbCCJk5wRQ9lf+ZHmU1Gk3w573sA=; b=j5kQFKRs3H1hdv2Ekk7QSnJiUWhNm0xxvkQdKnbPn3uMjfoyEmXsQHQx6MinE3Gr9w kkDLgPjWttRL5gs6Z/VdLY4P9Xnrg7B09ycGMoNCaRIiDqvhaXOve6s380aX0aMhS/k6 Pw/ndbkrJiv3Ao/sxvMmT31+1MQYyD53Ln8klxp4jyCJ8nX9RIfPSfz2ZTJRHg8ej2Gg YX70IoM6KaN4JSFsOJ92brDjHPtdl5REsTgRxP1RMWKn2U+scU4QcmIp6KgprL46CW3C HKXoRc16XrJiKx+01+5tg5NexHD3EZwlBnvc/eCjAKptdb9VUiuZJztq8NypqpMSRx+d enOA== X-Gm-Message-State: APjAAAW9BMTH63PocLF+jy7lUILF765bq+R0fxNSLAF4hc4N+2hjjiW8 VdqjIOte1y0Whb1m0hnh9xxtGfeqezeSNnTZuthPlQ== X-Received: by 2002:a5e:820a:: with SMTP id l10mr13301247iom.283.1560984242534; Wed, 19 Jun 2019 15:44:02 -0700 (PDT) MIME-Version: 1.0 References: <20190619162921.12509-1-ard.biesheuvel@linaro.org> <20190619162921.12509-7-ard.biesheuvel@linaro.org> <20190619223710.GC33328@gmail.com> In-Reply-To: <20190619223710.GC33328@gmail.com> From: Ard Biesheuvel Date: Thu, 20 Jun 2019 00:43:50 +0200 Message-ID: Subject: Re: [PATCH v3 6/6] crypto: arm64/aes - implement accelerated ESSIV/CBC mode To: Eric Biggers Cc: "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" , Herbert Xu , device-mapper development , linux-fscrypt@vger.kernel.org, Gilad Ben-Yossef , Milan Broz Content-Type: text/plain; charset="UTF-8" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, 20 Jun 2019 at 00:37, Eric Biggers wrote: > > On Wed, Jun 19, 2019 at 06:29:21PM +0200, Ard Biesheuvel wrote: > > Add an accelerated version of the 'essiv(cbc(aes),aes,sha256)' > > skcipher, which is used by fscrypt, and in some cases, by dm-crypt. > > This avoids a separate call into the AES cipher for every invocation. > > > > Signed-off-by: Ard Biesheuvel > > I'm not sure we should bother with this, since fscrypt normally uses AES-256-XTS > for contents encryption. AES-128-CBC-ESSIV support was only added because > people wanted something that is fast on low-powered embedded devices with crypto > accelerators such as CAAM or CESA that don't support XTS. > > In the case of Android, the CDD doesn't even allow AES-128-CBC-ESSIV with > file-based encryption (fscrypt). It's still the default for "full disk > encryption" (which uses dm-crypt), but that's being deprecated. > > So maybe dm-crypt users will want this, but I don't think it's very useful for > fscrypt. > If nobody cares, we can drop it. I don't feel too strongly about this, and since it is on the mailinglist now, people will be able to find it and ask for it to be merged if they have a convincing use case.