Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp1947599ybi;
        Thu, 18 Jul 2019 00:51:43 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxgQi8OVl+bCWrpy3HTh2uLdondi6gZGu8r0y7ZKKSqWDMo8xKVg3OrcFnVMgo6urI9nyuH
X-Received: by 2002:a17:902:a50d:: with SMTP id s13mr48933714plq.12.1563436303482;
        Thu, 18 Jul 2019 00:51:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1563436303; cv=none;
        d=google.com; s=arc-20160816;
        b=W7ouu32g3VlGUdNDJj1WquFUbgef8Oh5UMiTk0g1IYJlrsT/25YcYEIhP96d5DLJ7o
         Qc//vIEz1Qt+racojGB9l8Z9vcOI/YBeBOe9TbOMOr9q3pmmrle/logitca93RpkTb2a
         tp0ffBRQ+LoRmMZZfOtKQW8dxlFLc/5MqSAARTWkp/mxQz8grIAilRN56MNrkasGYm5r
         I19Pgc0Ar0fC8Hg1pe2NgQVvWQy9D/LyiEyIa2lj7T79RoxED5EmhvXszTQ3Ne2rg906
         b/PnONIWJtlJhmsiR0Pwg/OexlaulHawFE/+JsdEHdV1xRSie3aBLbTAc0ZcjESvl9in
         fewg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=yEA8O7enWf1k2LGJK+O0cy4x5+jMwzKjfwaSptbgXGM=;
        b=SEdqpkL1rUK5dft/yCNxC2ugr78OHUn4EhXR/Th3t7rqD8wMYfAihAVK1OzCUORcRk
         AxpjJAsBDiB9uTnKHDGo33Ik+A5jv3L4cKHJG3uULZ790wrU0nprUAm+7WrAdDkih5HO
         tPRpSWUbYBc+iVJ3VG2wiALaBSpCYQ5+5urvEC7/S+uNFyY9GTpw9mL5XtdZORySAog/
         ADen/3zs0h5mYRHPJ7de4e/qGNq6RcYTEQ2T+s6sy5dkKhzsb2MbdVH7kx+9w17/gyBc
         mXSNUfb6/bhIerXrT19oLsmuFvb/4KqD+mgces0+2MSu0yg0GR4JMl97aR1AyL4Nh+EY
         Q/ZQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m99si24963652pjb.107.2019.07.18.00.51.26;
        Thu, 18 Jul 2019 00:51:43 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726386AbfGRHuu (ORCPT <rfc822;cvimail81@gmail.com> + 99 others);
        Thu, 18 Jul 2019 03:50:50 -0400
Received: from helcar.hmeau.com ([216.24.177.18]:37110 "EHLO deadmen.hmeau.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726608AbfGRHut (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Thu, 18 Jul 2019 03:50:49 -0400
Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar)
        by deadmen.hmeau.com with esmtps (Exim 4.89 #2 (Debian))
        id 1ho1Bd-0000ca-IH; Thu, 18 Jul 2019 15:50:45 +0800
Received: from herbert by gondobar with local (Exim 4.89)
        (envelope-from <herbert@gondor.apana.org.au>)
        id 1ho1BZ-0005qk-5u; Thu, 18 Jul 2019 15:50:41 +0800
Date:   Thu, 18 Jul 2019 15:50:41 +0800
From:   Herbert Xu <herbert@gondor.apana.org.au>
To:     Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc:     Horia Geanta <horia.geanta@nxp.com>,
        "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
        "dm-devel@redhat.com" <dm-devel@redhat.com>
Subject: Re: xts fuzz testing and lack of ciphertext stealing support
Message-ID: <20190718075041.2mutant44rxx2ipq@gondor.apana.org.au>
References: <VI1PR0402MB34858E4EF0ACA7CDB446FF5798CE0@VI1PR0402MB3485.eurprd04.prod.outlook.com>
 <20190716221639.GA44406@gmail.com>
 <VI1PR0402MB34857BBB18C2BB8CBA2DEC7198C90@VI1PR0402MB3485.eurprd04.prod.outlook.com>
 <20190717172823.GA205944@gmail.com>
 <CAKv+Gu__offPaWvyURJr8v56ig58q-Deo16QhP26EJ32uf5m3w@mail.gmail.com>
 <20190718065223.4xaefcwjoxvujntw@gondor.apana.org.au>
 <CAKv+Gu9-EWNpJ9viSsjhYRdOZb=7a=Mpddmyt8SLEq9aFtawjg@mail.gmail.com>
 <20190718072154.m2umem24x4grbf6w@gondor.apana.org.au>
 <CAKv+Gu_CVBKUkb19yPPHJp3HcnAgxRn834yfKHcuUD5A69786g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAKv+Gu_CVBKUkb19yPPHJp3HcnAgxRn834yfKHcuUD5A69786g@mail.gmail.com>
User-Agent: NeoMutt/20170113 (1.7.2)
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Thu, Jul 18, 2019 at 09:28:03AM +0200, Ard Biesheuvel wrote:
>
> If we were adding XTS to the kernel today, then I would agree with
> you. But xts() has an established meaning now, and I don't think it
> makes sense to update all implementations for a theoretical use case,
> given that no portable userland code can rely on the correct semantics
> today, since CAAM is the only one that implements them correctly.
> 
> In any case, I won't have time to fix the ARM or arm64 implementations
> (or review the changes if someone else steps up) until the end of
> September.

I'm not asking you or anyone to fix this right away.  I'm just
saying that this is the direction we should be moving in.

After all, there is no immediate crisis as all that is broken
today is a fuzz test.

It should be possible to do this without causing performance
regressions for ARM.  We could rename the existing xts to a
new name (xek perhaps) and add xts into the cts template as
a wrapper around xek.

That way you don't have to touch the ARM code at all and it
should just work.

PS should we mark xek or whatever it's called as internal so
it isn't visible to user-space?

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt