Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp2444493ybi; Thu, 18 Jul 2019 08:29:12 -0700 (PDT) X-Google-Smtp-Source: APXvYqzUpw1D5cGkr5MXToVpMjGF5ihaByMGPTv6jhgKWOuYCdQfqgkl07TwRWsa1BC5eBCYxGJR X-Received: by 2002:a17:902:7686:: with SMTP id m6mr50635334pll.239.1563463752673; Thu, 18 Jul 2019 08:29:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1563463752; cv=none; d=google.com; s=arc-20160816; b=NtlDxDoXcN75/4MK0hFn06VxdCJ9WEw6C6jbkojvyHueH41vag24+PX6TubAgGdaEH G8aBElgBD4N3Vpl1AsGUfL6vR+8UIN28TAZBde4Tytcv6L4LFFK9o6ZVaM2wkodB4kYD PMborZaNaJzH7atl+/s0+XDcV4J5rZHVHLUWIP6WqEHijtRo3rHvxhkVQEkC6dKRriPI fLHyicF94e/eP+I1yx/InVT+7kIaZOWnBDVzUVeXJhiaFlUP18KfxDt6gsahKoiSKv3X wxuEEXdpi3XFfMyaEw/TpLJHrKDArv6FDO8xds6JXwwhjilwxgT8eSpj7Hn9mYlBkqfF pcIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=0LRdMKuUffYWXO+D5mPScx4ENbXdkR50TH/rrS8YdWA=; b=Xi61BwhIkH1yHkpKY75BRMUXzXKF+BYaLouJnj1Z9C7U1WuJ7AriZxOvnITFGW8S6L M7SPqtgDU+I0Ytbv5bfeyUlLWmUTB+anHuc+EEFlPT3KmJWYe2chtvRFtUT8p1Ey8ayV yxwsnpxSnTrFy0kV8GNjTQGtoDMkQTpcZLMeYORSWkCOIiSr2BVFbEdO+c+RwEjmFXOc BRkuRn4duIFj0XuE3vQzQiwVyXb42nQUkChBvEhZ62uoXq63bAljWIhLb73QV65PBJOl DQEuFlG1BeVyF9JBrJQDHKeW5DSQ59ZvdMWr2UDwEnor2aMNa0zSPr/b3D+MLCEYn9al wNlw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c62si2073586pga.441.2019.07.18.08.28.54; Thu, 18 Jul 2019 08:29:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390515AbfGRP1s (ORCPT + 99 others); Thu, 18 Jul 2019 11:27:48 -0400 Received: from helcar.hmeau.com ([216.24.177.18]:53328 "EHLO deadmen.hmeau.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727982AbfGRP1s (ORCPT ); Thu, 18 Jul 2019 11:27:48 -0400 Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar) by deadmen.hmeau.com with esmtps (Exim 4.89 #2 (Debian)) id 1ho8Jr-00019q-JN; Thu, 18 Jul 2019 23:27:43 +0800 Received: from herbert by gondobar with local (Exim 4.89) (envelope-from ) id 1ho8Jm-0006gi-8R; Thu, 18 Jul 2019 23:27:38 +0800 Date: Thu, 18 Jul 2019 23:27:38 +0800 From: Herbert Xu To: Milan Broz Cc: Pascal Van Leeuwen , Ard Biesheuvel , Horia Geanta , "linux-crypto@vger.kernel.org" , "dm-devel@redhat.com" Subject: Re: xts fuzz testing and lack of ciphertext stealing support Message-ID: <20190718152738.e6yfjymggsdtcafg@gondor.apana.org.au> References: <20190716221639.GA44406@gmail.com> <20190717172823.GA205944@gmail.com> <20190718065223.4xaefcwjoxvujntw@gondor.apana.org.au> <20190718072154.m2umem24x4grbf6w@gondor.apana.org.au> <36e78459-1594-6d19-0ab4-95b03a6de036@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20170113 (1.7.2) Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, Jul 18, 2019 at 01:19:41PM +0200, Milan Broz wrote: > > Also, I would like to avoid another "just because it is nicer" module dependence (XTS->XEX->ECB). > Last time (when XTS was reimplemented using ECB) we have many reports with initramfs > missing ECB module preventing boot from AES-XTS encrypted root after kernel upgrade... > Just saying. (Despite the last time it was keyring what broke encrypted boot ;-) > > (That said, I will try to find some volunteer to help with CTS in XTS implementation, if needed.) Well the main advantage of doing it on top of the existing xts is that you can retain the existing ARM implementations without any changes. This would also apply to any existing xts drivers that also don't implement CTS (I'm not aware of the status on these so someone will need to check them one by one). But if you were going to volunteer to change them all in one swoop then it wouldn't matter. Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt