Received: by 2002:a25:f815:0:0:0:0:0 with SMTP id u21csp2096065ybd; Mon, 24 Jun 2019 00:20:36 -0700 (PDT) X-Google-Smtp-Source: APXvYqzmrt4Q/OPjYKHw9XGHDJARcTcYoaenpSYcjyFfHKJkOs6UnxDnoDIjbN6+O8JPOwi2zNVt X-Received: by 2002:a17:902:5c2:: with SMTP id f60mr145514523plf.61.1561360836584; Mon, 24 Jun 2019 00:20:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561360836; cv=none; d=google.com; s=arc-20160816; b=EBRHlwwFotoSFxu8Smipv34VYc1IjHTpTXV2Wenot5FRfN9BnmFFQ5ebbD1X6bWaFL xH80BiJt6vFCTQNGC78Bi1RcwbDwawhg2RuCV6UyVrRxd9+YxO4CIt/abG68ds81c2SV 7y37vmvwBrHLuiL8MXCOFaSvLgqRlYMgDZgoTfeXm97Wv5W6KIJp5ohwcPBha1Uvokpt 3Iy5PyO8z6+oOMAPIFTSSQ0/cgJ3a/qSTkerBC4cB4lyAlHii7o8/PIn77pnRdaB8S9U 2XDC8QI6zXIVCFYNep80yEW1wzfd4wH/n6cgADSX9T7tMBNmH9Xk46m2mJ4VfydJa/MA Caug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:openpgp:from:references:cc:to:subject:dkim-signature; bh=/dsVZYxomLMoyXfQ9mUiAOft0OKIueHGnSJjcph32Cw=; b=uZQAZQvQJol/0vhgIetInbYvECk5ugodBGLKL3VHvsXzbHqB7bpVM01jUZKoi83/28 QszsMf2LG438Wofr3jBoYp/aYHUisdIvGksFRVux6jSLckCCSDVx5AGUodiQyKP2pf1o JCA5yk6a2lXoDrOUu0AhQ4VLjLss9/VoZ2dddk0F/vYqTecYzKV5xqM12Mmukc8sl6kK MUyvkhzTtpH3BjU6Sa83anuBGoe/LaoXwMUt28s7J4JE2ZkD9GbE7MLWkjvipxhlCsyY 81E07F6SP1ep2fDoDeZORcl5CKlpWelJYjJ9/Za/Ie2KsWBWHtJROH6gyxnmomgMFD+I 6e2Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=GEIfAnvW; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i18si10080139pfr.65.2019.06.24.00.20.22; Mon, 24 Jun 2019 00:20:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=GEIfAnvW; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726351AbfFXHFe (ORCPT + 99 others); Mon, 24 Jun 2019 03:05:34 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:35166 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726340AbfFXHFd (ORCPT ); Mon, 24 Jun 2019 03:05:33 -0400 Received: by mail-wr1-f68.google.com with SMTP id f15so2720664wrp.2; Mon, 24 Jun 2019 00:05:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:openpgp:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=/dsVZYxomLMoyXfQ9mUiAOft0OKIueHGnSJjcph32Cw=; b=GEIfAnvWKV2cM8oGcFp3ij+jFe48MAsv65mEMsXEuF0n6HNp090g3BbJ/pmx094Bl1 hP02uJOzrd9bb5kYCp0rQDC+wu322cBBMfnFbBs/ggiXcm2xS4StK4pvVqbEhOmNNLwe ZQ81Cw1GBBkA5FU8XLioNSYwnj6Q5QnOfhRoVZQ+qmfx3nDAjVBSxMLiyn2qBv5r3cPR T50UFs+dAEHvc3fnRMOUnl2rRm0T8BKbTgKvWA69qATU9VpgAC5jksGE2/ZNF/fHWpuk XvL+Rvwv4EdS5cZeszfMm6XDuAIVb5IJEzkuDuGzFTQ/mx1WWWiL9WEx8ybZHBOYuoU1 zW0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:openpgp:message-id :date:user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=/dsVZYxomLMoyXfQ9mUiAOft0OKIueHGnSJjcph32Cw=; b=TWczTl6jKiLIreWppA3QdvufH/T04tMlh9nBQdsDngvLqZlD44ZD23P+JNv/8K9a5J xK5KCZaV9nZqIV4lqIoDAokxOseDWZPX0cAopasCuKVH8G5dNAGS8W9WUpeJ79BE8IS4 YiwiVAW4eiKBGq3dSvyzDkSUteX4ksMNcjX5KnqtLHrKSFPlQx1QxIoXZlpwWfSQJRqr CCjEBHp0vPkF/i/2yKahwgsHFGk5ZpdpCyAmtuwYw+2N4w7dT8Jvo78KX0Nwc0C1g41r DYt2r8SlRsYaiVUKy+BOigStwPDS+VqbI/htdlPOSUZgCLWgJfmeih2CT4Fb1RuerUP/ BLEA== X-Gm-Message-State: APjAAAXF+6SuMuriNyB9iKIugc5nUcno1A3ftQo2p4BbjSphbzR4+ezn nrD7ZjxTwsToYPTEYT+b9ok= X-Received: by 2002:a5d:528b:: with SMTP id c11mr44329691wrv.25.1561359931675; Mon, 24 Jun 2019 00:05:31 -0700 (PDT) Received: from [172.22.36.64] (redhat-nat.vtp.fi.muni.cz. [78.128.215.6]) by smtp.gmail.com with ESMTPSA id t15sm8225210wrx.84.2019.06.24.00.05.30 (version=TLS1_3 cipher=AEAD-AES128-GCM-SHA256 bits=128/128); Mon, 24 Jun 2019 00:05:31 -0700 (PDT) Subject: Re: [PATCH v4 4/6] md: dm-crypt: switch to ESSIV crypto API template To: ard.biesheuvel@linaro.org, linux-crypto@vger.kernel.org Cc: Herbert Xu , Eric Biggers , dm-devel@redhat.com, linux-fscrypt@vger.kernel.org, Gilad Ben-Yossef References: <20190621080918.22809-1-ard.biesheuvel@arm.com> <20190621080918.22809-5-ard.biesheuvel@arm.com> From: Milan Broz Openpgp: preference=signencrypt Message-ID: Date: Mon, 24 Jun 2019 09:05:30 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2 MIME-Version: 1.0 In-Reply-To: <20190621080918.22809-5-ard.biesheuvel@arm.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 21/06/2019 10:09, Ard Biesheuvel wrote: > From: Ard Biesheuvel > > Replace the explicit ESSIV handling in the dm-crypt driver with calls > into the crypto API, which now possesses the capability to perform > this processing within the crypto subsystem. I tried a few crazy dm-crypt configurations and was not able to crash it this time :-) So, it definitely need some more testing, but for now, I think it works. Few comments below for this part: > --- a/drivers/md/dm-crypt.c > +++ b/drivers/md/dm-crypt.c > static const struct crypt_iv_operations crypt_iv_benbi_ops = { > .ctr = crypt_iv_benbi_ctr, > .dtr = crypt_iv_benbi_dtr, > @@ -2283,7 +2112,7 @@ static int crypt_ctr_ivmode(struct dm_target *ti, const char *ivmode) > else if (strcmp(ivmode, "plain64be") == 0) > cc->iv_gen_ops = &crypt_iv_plain64be_ops; > else if (strcmp(ivmode, "essiv") == 0) > - cc->iv_gen_ops = &crypt_iv_essiv_ops; > + cc->iv_gen_ops = &crypt_iv_plain64_ops; This is quite misleading - it looks like you are switching to plain64 here. The reality is that it uses plain64 to feed the ESSIV wrapper. So either it need some comment to explain it here, or just keep simple essiv_iv_ops and duplicate that plain64 generator (it is 2 lines of code). For the clarity, I would prefer the second variant (duplicate ops) here. > @@ -2515,8 +2357,18 @@ static int crypt_ctr_cipher_old(struct dm_target *ti, char *cipher_in, char *key > if (!cipher_api) > goto bad_mem; > > - ret = snprintf(cipher_api, CRYPTO_MAX_ALG_NAME, > - "%s(%s)", chainmode, cipher); > + if (*ivmode && !strcmp(*ivmode, "essiv")) { > + if (!*ivopts) { > + ti->error = "Digest algorithm missing for ESSIV mode"; > + return -EINVAL; > + } > + ret = snprintf(cipher_api, CRYPTO_MAX_ALG_NAME, > + "essiv(%s(%s),%s,%s)", chainmode, cipher, > + cipher, *ivopts); This becomes quite long string already (limit is now 128 bytes), we should probably check also for too long string. It will perhaps fail later, but I would better add if (ret < 0 || ret >= CRYPTO_MAX_ALG_NAME) { ... > + } else { > + ret = snprintf(cipher_api, CRYPTO_MAX_ALG_NAME, > + "%s(%s)", chainmode, cipher); > + } > if (ret < 0) { > kfree(cipher_api); > goto bad_mem; > Thanks, Milan