Received: by 2002:a17:90a:88:0:0:0:0 with SMTP id a8csp220860pja; Fri, 22 Nov 2019 05:40:05 -0800 (PST) X-Google-Smtp-Source: APXvYqw6SpAHqf9wyw94cXw7H1iO8TdwNnRAdWOKjfU12KKK7yWtJHpwjEYTdhtdLrTkDNH7VsTU X-Received: by 2002:a17:906:aad5:: with SMTP id kt21mr21813274ejb.228.1574430005390; Fri, 22 Nov 2019 05:40:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1574430005; cv=none; d=google.com; s=arc-20160816; b=H9Rlk3dMSblDzut5d53GIuDGDZnpxzVyz7JJUGSblU/acVQQj4n3jAZ2Jy8zEgWtDh HyQh4H10mfJim5lGKZAo0/cpQ+Tvt8Bx+/0jBDq+zhishp15PLc6qA+uu6LHYxMTmVsH P87uaIOadnL+zHsmYCfRHzPlif+p0uW2yds7SurMiQ1lu77fyJWfSHhUD6hWjJpIrM2C ggCECIbEGWGLcAoYBXHao5S8OyyC8d1qfknmCgSnCpPCbZ8gT6oqQSwbgC+Daho354Ne c377LG6N7lmpB1P6it0eBi1OvcrNWQhtkUEzG+w261pKRGftfz1bqVBnor7VRlEaBGoI XIhA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :from:references:cc:to:subject; bh=3x9n5LnBTodZMxwf54U22qktiWhN83o7HQek9N0zVLI=; b=J+aRGtQFbkdvWzPYGwkR8DXPi0SslNzeHPQSpkpObmIyyzH2/Zdh/B/vLqyUOqv9er koepbW9/fqgq6Q97S1rfmoOuomN0ig9AdHmd8zZsL62pEneHLl7ZdQZ1Ut3JA7ZAkmWF Uqi6YZbJHyNCIchr6EwezPgIZTCa1U+FXhBmwuoi8DwaBRpmMu2g49TuvQqHR3wdHBbZ U9QSN4eOJwiLFRPlpelhZ3PVWVqVIK1w/25bs8aemjxYi3dHz9sRrcHa2/59PwxkCbeg xKkz2ZnDdGuKqQwGHiSsWHvRioeW2gBVJVl0GJ7Bpg27LbRlr7AFideeEBEwmbohmR3n cSpg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f22si4919875eds.54.2019.11.22.05.39.31; Fri, 22 Nov 2019 05:40:05 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727194AbfKVNik (ORCPT + 99 others); Fri, 22 Nov 2019 08:38:40 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:59994 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726526AbfKVNij (ORCPT ); Fri, 22 Nov 2019 08:38:39 -0500 Received: from pps.filterd (m0098421.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAMDaYxT065352 for ; Fri, 22 Nov 2019 08:38:38 -0500 Received: from e06smtp04.uk.ibm.com (e06smtp04.uk.ibm.com [195.75.94.100]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wdkdftbfu-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 22 Nov 2019 08:38:38 -0500 Received: from localhost by e06smtp04.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 22 Nov 2019 13:38:36 -0000 Received: from b06cxnps3075.portsmouth.uk.ibm.com (9.149.109.195) by e06smtp04.uk.ibm.com (192.168.101.134) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 22 Nov 2019 13:38:32 -0000 Received: from d06av24.portsmouth.uk.ibm.com (mk.ibm.com [9.149.105.60]) by b06cxnps3075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAMDcVoE46334196 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 22 Nov 2019 13:38:32 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E03E34204F; Fri, 22 Nov 2019 13:38:31 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 641EC4204B; Fri, 22 Nov 2019 13:38:31 +0000 (GMT) Received: from funtu.home (unknown [9.145.67.101]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 22 Nov 2019 13:38:31 +0000 (GMT) Subject: Re: [PATCH 2/3] s390/crypto: Rework on paes implementation To: Herbert Xu Cc: linux-crypto@vger.kernel.org, ebiggers@kernel.org, heiko.carstens@de.ibm.com, gor@linux.ibm.com References: <20191113105523.8007-1-freude@linux.ibm.com> <20191113105523.8007-3-freude@linux.ibm.com> <20191122081338.6bdjevtyttpdzzwl@gondor.apana.org.au> <87e9dbee-4024-602c-7717-051df3ac644d@linux.ibm.com> <20191122104259.ofodwadrgszdxuto@gondor.apana.org.au> From: Harald Freudenberger Date: Fri, 22 Nov 2019 14:38:30 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: <20191122104259.ofodwadrgszdxuto@gondor.apana.org.au> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-US X-TM-AS-GCONF: 00 x-cbid: 19112213-0016-0000-0000-000002CAD04D X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112213-0017-0000-0000-0000332C9B50 Message-Id: X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-22_02:2019-11-21,2019-11-22 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 mlxlogscore=999 adultscore=0 clxscore=1015 lowpriorityscore=0 spamscore=0 impostorscore=0 suspectscore=0 malwarescore=0 priorityscore=1501 bulkscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911220121 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 22.11.19 11:42, Herbert Xu wrote: > On Fri, Nov 22, 2019 at 10:54:50AM +0100, Harald Freudenberger wrote: >> The setkey() sets the base key material (usually a secure key) to an >> tfm instance. From this key a 'protected key' (pkey) is derived which >> may get invalid at any time and may need to get re-derived from the >> base key material. >> An tfm instance may be shared, so the context where the pkey is >> stored into is also shared. So when a pkey gets invalid there is a need >> to update the pkey value within the context struct. This update needs >> to be done atomic as another thread may concurrently use this pkey >> value. That's all what this spinlock does. Make sure read and write >> operations on the pkey within the context are atomic. >> It is still possible that two threads copy the pkey, try to use it, find out >> that it is invalid and needs refresh, re-derive and both update the pkey >> memory serialized by the spinlock. But this is no issue. The spinlock >> makes sure the stored pkey is always a consistent pkey (which may >> be valid or invalid but not corrupted). > OK. Can you give me a bit more background info on how often > this is likely to happen? I mean it happened every time you > might as well not store the protected key in the tfm at all. > > Thanks, The pkey is in fact a encrypted key + a verification pattern for the encrypted key used. It gets invalid when this encryption key changes. The encryption key changes when the LPAR is re-activated so for example on suspend/resume or an Linux running as kvm guest gets relocated. So this happens very rarely.