Received: by 2002:a25:f815:0:0:0:0:0 with SMTP id u21csp1220247ybd; Sun, 23 Jun 2019 02:49:31 -0700 (PDT) X-Google-Smtp-Source: APXvYqx2dbADZgWI5YFz5SD2RLqgPdrZ5yBh1t9V7o05Dc7JET4MZVPfWHVSeAPUET/uGJxO8olj X-Received: by 2002:a63:5961:: with SMTP id j33mr26335900pgm.89.1561283371408; Sun, 23 Jun 2019 02:49:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561283371; cv=none; d=google.com; s=arc-20160816; b=bIbHcwRR6m23OCpJ7vXyPx9ZCHIGdC6wj3jKjK7M93OyR8+jmewErRGpGs0BqnUB3/ 1RvoBv0MsH49WIp8Mq9KnnQ4xKCJ45Hq/8chDrKR2ZftgSWxj8EfoWURctt5cJTaRn67 wILRiQUQmrPK1GN4CXuY7G7JtipYuEmkxSBm7/UaKdxPSQeRa/WmckQpK7FVtZTVKxPu qMCyywV5VTBkeVapbuqpzFzTEtMa1NXrYCXUHo/c/uT4DJ/Auy4O4DLsoyTmclJHPRW+ OUVepWhZ75Yar4wN9oTZohB4bt5R7/5bm+Q3dH+GEb1Q5EUlfwRz27Nq1V92q8m1KaVk JKrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=wvgYQJkZGqcc1lfJilFFMb7xsNi0HiPMMJpo064zefM=; b=zIGI29WdlJpgjX3R3n5vfYVnx5LnGvQO1MiUc/olocIbFMxqoqQr8N5z61rLfdFiFt xAvp55//KCjYZrZJLoSeVVXzR1mY95MUG9qK0gMa06ykkgtEzdW2dAq/ZKRF6Vv5cq6X g1LoRUjiLVeNy50smOJgO69w13Ph9+0pJ5y0P0K33COKrha7KlQTc5XcVM8a3VQAEIPz 09RIlim0QyR2qvTjTb8kv4s5e/DmjQcAGJ2svDKsyl6HJsOqTMxurW/5hQm7+XAnrU8O l1BofMcnQ11+6u0LEKc7mBFvI9/hXaRWxy6zCyujBhhj4HYMo//EbN/zEAzwsUi1QDhm ES6A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=XIWvSciJ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w6si7765387pjr.100.2019.06.23.02.49.04; Sun, 23 Jun 2019 02:49:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=XIWvSciJ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726440AbfFWJaz (ORCPT + 99 others); Sun, 23 Jun 2019 05:30:55 -0400 Received: from mail-io1-f66.google.com ([209.85.166.66]:45625 "EHLO mail-io1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726415AbfFWJaz (ORCPT ); Sun, 23 Jun 2019 05:30:55 -0400 Received: by mail-io1-f66.google.com with SMTP id e3so1946328ioc.12 for ; Sun, 23 Jun 2019 02:30:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wvgYQJkZGqcc1lfJilFFMb7xsNi0HiPMMJpo064zefM=; b=XIWvSciJXTWxUHdpOJ/Jiw7mhnXChMAz38UwfOCNYhyxtiP5995AZVApj5EI1r64qE G5Wb50bCXsb63Sy0BT9k05wbOEaMxUv54DGQFr61UYycrgIvHMzur3LWuloXlUEBCCaw dtFMdlCVVo3+ieBGYj2lThfkRy8GABw5srKabwQYjzqsUnZt0LRsesAbKNb+ATr9jcPw iah80UTd4lExTLdH1RzhcUQ4it23dakXPQiMyqQpY4Yp0RS8wvEIV6o8w/mkaNN5d98P yAk/MjnWrm0JKZw9hhyk9KJDeSjzHSgAZL2sMFJOkgPmwLTOa2yjnFos/mv5KvelBlLz 29rQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wvgYQJkZGqcc1lfJilFFMb7xsNi0HiPMMJpo064zefM=; b=KOpnSN3LE/n4OWHXSamZSTvR4+vPRkxcuAULZO9cd7bZ1Q7c2LjJkjRQolEYWDhqMi 7D7cAjo/YEFk/0WVnV0xWmy0FMsLbahP98u/+XPIk9QsDeNt2kw5p7RJPX0mz5Nj0muk 06rq7F5eCfp2NVSV99DTdPHCgadu268kem2LLUl42hkMml4dayfaJUG4EAtj8sqvf/Rj EY65CE8BkIlZ17D05o3eKXoCCfPIcNXaKFP8ZgJxuG/daHin9ftnwHNs8hPZg437tRB3 yc+FciytUgM6kajiVSrcmeepo16fYmFhg8dn+Uh5EcbMZntP/ussU2p7geqit5Km5sMe 5Klg== X-Gm-Message-State: APjAAAUCy5Z+Jjc2NFchGZlww/fmQ2suoofjBXJee/eYfo5gJWj9Ue9c WgAoLl9advZFaS5tVc741qLINCRcW/m6xCc84R7esw== X-Received: by 2002:a5e:d51a:: with SMTP id e26mr503654iom.71.1561282254656; Sun, 23 Jun 2019 02:30:54 -0700 (PDT) MIME-Version: 1.0 References: <20190621080918.22809-1-ard.biesheuvel@arm.com> In-Reply-To: <20190621080918.22809-1-ard.biesheuvel@arm.com> From: Ard Biesheuvel Date: Sun, 23 Jun 2019 11:30:41 +0200 Message-ID: Subject: Re: [PATCH v4 0/6] crypto: switch to crypto API for ESSIV generation To: Ard Biesheuvel Cc: "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" , Herbert Xu , Eric Biggers , device-mapper development , linux-fscrypt@vger.kernel.org, Gilad Ben-Yossef , Milan Broz Content-Type: text/plain; charset="UTF-8" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, 21 Jun 2019 at 10:09, Ard Biesheuvel wrote: > > From: Ard Biesheuvel > ... > > - given that hardware already exists that can perform en/decryption including > ESSIV generation of a range of blocks, it would be useful to encapsulate > this in the ESSIV template, and teach at least dm-crypt how to use it > (given that it often processes 8 512-byte sectors at a time) I thought about this a bit more, and it occurred to me that the capability of issuing several sectors at a time and letting the lower layers increment the IV between sectors is orthogonal to whether ESSIV is being used or not, and so it probably belongs in another wrapper. I.e., if we define a skcipher template like dmplain64le(), which is defined as taking a sector size as part of the key, and which increments a 64 LE counter between sectors if multiple are passed, it can be used not only for ESSIV but also for XTS, which I assume can be h/w accelerated in the same way. So with that in mind, I think we should decouple the multi-sector discussion and leave it for a followup series, preferably proposed by someone who also has access to some hardware to prototype it on.