Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp1893848ybi;
        Wed, 17 Jul 2019 23:54:48 -0700 (PDT)
X-Google-Smtp-Source: APXvYqziWAeFIFe9qpHhuBO/ap4B8b2gYs31Hg7BMuCLyPQWUQlpFY0Nv3aEn7N77y/Toq2CvX85
X-Received: by 2002:a17:90a:bb01:: with SMTP id u1mr48452582pjr.92.1563432888257;
        Wed, 17 Jul 2019 23:54:48 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1563432888; cv=none;
        d=google.com; s=arc-20160816;
        b=e7pF/HgJrdGH2hQbB5dCUeO9yBR3vGprIwkyQHnFKPuG5CaWY/Vxtvl1BsOMhxoGkf
         mM+oxm/WIb40pUOrl8UwMpEaukfYRiGH+f4N30x6MYPAQ698zqhy7lwfkj0h+F5pA8m6
         lXZbsrrCE1UFjhmK7RhZBcAQqTaNzpAjwnrikrspU1rOHu4iV5xFJ6L4lauZIQjRCNw9
         08uIadNSE8nY1Cw+KDMgS5lPlnFtZJ29ofMgAWw8sqs5UCN84t2OVhwY/JBKVZZ5ECzD
         ywNYPeFGEwUkWILWPaag91zu9e+Ate9sAq9sOAjiWFIBRDwLGL7ExgYAG8JqDPnmPLpy
         CxBw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=5VsCuLfoWlyMs5DGvCN+nlAcnAGXAZaz8X/J0ihyo0o=;
        b=oms8KRiyFNl+veD5t5X7niOVQfobQSak23mqC5F/HglX8yyAYCEuqqjZ2Ie9jXsOcZ
         OxKB8gwXXvJXHGM7BZXk6FXo3kzTx+3kGTYKlOym3xr1Tw6GOLuYK+CY8CM0T5hQA9qO
         neJDl3yggJltkrP54gE9Uajxj823fOWXrymFAEE9VTGINH9Uv8ojoIVh+pBacjZRS2AM
         /7odwTbGJCPxd9pnDeLuwJZ4j02yYsnHCYLYcSJjQ5yblgmyQPsTi6TLoG7pQExqgJWF
         9z0nA3F0m6XbbUnbepS5h9QyCEbY2LqRFZwYK7VbaLfmtP63u5O+cxxOgqM/AcdjXR2G
         qx1w==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id n19si894968pgh.219.2019.07.17.23.54.25;
        Wed, 17 Jul 2019 23:54:48 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726495AbfGRGwc (ORCPT <rfc822;cvimail81@gmail.com> + 99 others);
        Thu, 18 Jul 2019 02:52:32 -0400
Received: from helcar.hmeau.com ([216.24.177.18]:35472 "EHLO deadmen.hmeau.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726397AbfGRGwb (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Thu, 18 Jul 2019 02:52:31 -0400
Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar)
        by deadmen.hmeau.com with esmtps (Exim 4.89 #2 (Debian))
        id 1ho0HD-00089G-Tk; Thu, 18 Jul 2019 14:52:27 +0800
Received: from herbert by gondobar with local (Exim 4.89)
        (envelope-from <herbert@gondor.apana.org.au>)
        id 1ho0H9-0005lW-GX; Thu, 18 Jul 2019 14:52:23 +0800
Date:   Thu, 18 Jul 2019 14:52:23 +0800
From:   Herbert Xu <herbert@gondor.apana.org.au>
To:     Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc:     Horia Geanta <horia.geanta@nxp.com>,
        "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
        "dm-devel@redhat.com" <dm-devel@redhat.com>
Subject: Re: xts fuzz testing and lack of ciphertext stealing support
Message-ID: <20190718065223.4xaefcwjoxvujntw@gondor.apana.org.au>
References: <VI1PR0402MB34858E4EF0ACA7CDB446FF5798CE0@VI1PR0402MB3485.eurprd04.prod.outlook.com>
 <20190716221639.GA44406@gmail.com>
 <VI1PR0402MB34857BBB18C2BB8CBA2DEC7198C90@VI1PR0402MB3485.eurprd04.prod.outlook.com>
 <20190717172823.GA205944@gmail.com>
 <CAKv+Gu__offPaWvyURJr8v56ig58q-Deo16QhP26EJ32uf5m3w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAKv+Gu__offPaWvyURJr8v56ig58q-Deo16QhP26EJ32uf5m3w@mail.gmail.com>
User-Agent: NeoMutt/20170113 (1.7.2)
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Wed, Jul 17, 2019 at 08:08:27PM +0200, Ard Biesheuvel wrote:
>
> Since the kernel does not support CTS for XTS any way, and since no
> AF_ALG users can portably rely on this, I agree with Eric that the
> only sensible way to address this is to disable this functionality in
> the driver.

But the whole point of XTS is that it supports sizes that are
not multiples of the block size.  So implementing it without
supporting ciphertext stealing is just wrong.

So let's fix the generic implementation rather than breaking
the caam driver.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt