Received: by 2002:a05:6a10:9e8c:0:0:0:0 with SMTP id y12csp303688pxx; Thu, 29 Oct 2020 03:06:22 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyI1P5V9jyU9a38c0LooLyF1881EYsUrYirBgNlsEjOQBhueBf4asZRoeXrd5PXaKAq0LMS X-Received: by 2002:a17:906:934d:: with SMTP id p13mr3107616ejw.245.1603965982353; Thu, 29 Oct 2020 03:06:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1603965982; cv=none; d=google.com; s=arc-20160816; b=fdZxr54Cgz80aVFXbAnHAD02sYCErt48Um1BDaGUO8F1ELhCEx+nbyivhpBAGCFPmW gy9FU51SIblVKSBPl8Xiy+2bzwvkpZ7ZhDS3qx2eKVIprMYjAuALPsgOD2EO5ctAww94 +/xIQhJ9zvq8UuhUDRPtEOskUJbjkGwb8ZNHKEwXAXqmGlzvjOKB58zqSDxGgWMfOoDA LBeHzmiunFHL4KYbcGwgvvtQEfzKONsl2doAqNBVl2vtX2fL/EiYh9Yn3O34tt8FX/rR EQ8Vmutd5Uo1o+KNXEhvYx8o+YXXKlEPUPU671xdI3UkrRG+60RZGmhSxvINWpcJiUiX 8hNw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=kUu6yaMSqZcWhxNuyYRUUm4HL2IAUyw0e6MPysOYULw=; b=ojD4FgtMtxB8ENz+TzcHwLdeR95OyVmgfNO0gXTdkBtfJ2EZR7ZTW5xhr2f9Q3Hoyg LiBLI1XDths1hI34iLvxiESJD4+rcX0D09XWyfXcvjWrUFLG/VuMkQuPJE/aQQg0xx49 PHsQr/m82atM9MMf6knql2JM+tp12nV7LRCN4djetrrdFkQJr3LMdNiNaJmTv0h2LnZN 4r3m4MilzzTcOhBiyNI6qgKW8EefxRxfgPsw0MsiY0lM7SYeM6P7LDwDMVUpJayy1OOz m4NaBziU8YuUzzZJQS1LkKX9ZnPxr54p/oRS7SOwUwuamzZhnTksAiC279jOcthDaKRR Vg+Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b9si1681067edk.342.2020.10.29.03.05.50; Thu, 29 Oct 2020 03:06:22 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725385AbgJ2KFt (ORCPT + 99 others); Thu, 29 Oct 2020 06:05:49 -0400 Received: from foss.arm.com ([217.140.110.172]:58624 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725774AbgJ2KFs (ORCPT ); Thu, 29 Oct 2020 06:05:48 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C516F139F; Thu, 29 Oct 2020 03:05:47 -0700 (PDT) Received: from e110176-lin.kfn.arm.com (unknown [172.31.20.19]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 68FC63F66E; Thu, 29 Oct 2020 03:05:45 -0700 (PDT) From: Gilad Ben-Yossef To: Herbert Xu , "David S. Miller" , Alasdair Kergon , Mike Snitzer , dm-devel@redhat.com Cc: Ofir Drang , Eric Biggers , Milan Broz , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v3 0/4] crypto: switch to crypto API for EBOIV generation Date: Thu, 29 Oct 2020 12:05:41 +0200 Message-Id: <20201029100546.28686-1-gilad@benyossef.com> X-Mailer: git-send-email 2.28.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org This series creates an EBOIV template that produces a skcipher transform which passes through all operations to the skcipher, while using the same skcipher and key to encrypt the input IV, which is assumed to be a sector offset, although this is not enforced. This matches dm-crypt use of EBOIV to provide BitLocker support, and so it is proposed as a replacement in patch #3. Replacing the dm-crypt specific EBOIV implementation to a Crypto API based one allows us to save a memory allocation per each request, as well as opening the way for use of compatible alternative transform providers, one of which, based on the Arm TrustZone CryptoCell hardware, is proposed as patch #4. Future potential work to allow encapsulating the handling of multiple subsequent blocks by the Crypto API may also benefit from this work. The code has been tested on both x86_64 virtual machine with the dm-crypt test suite and on an arm 32 bit board with the CryptoCell hardware. Since no offical source for eboiv test vectors is known, the test vectors supplied as patch #2 are derived from sectors which are part of the dm-crypt test suite. Signed-off-by: Gilad Ben-Yossef Cc: Eric Biggers Cc: Milan Broz Changes from v2: - Remove needless internal include left over by mistake. Changes from v1: - Incorporated feedback from Eric Biggers regarding eboiv template code. - Incorporated fixes for issues found by kernel test robot. - Moved from a Kconfig dependency of DM_CRYPT to EBOIV to EBOIV default of DM_CRYPT as suggested by Herbert Xu. Gilad Ben-Yossef (4): crypto: add eboiv as a crypto API template crypto: add eboiv(cbc(aes)) test vectors dm crypt: switch to EBOIV crypto API template crypto: ccree: re-introduce ccree eboiv support crypto/Kconfig | 23 +++ crypto/Makefile | 1 + crypto/eboiv.c | 269 ++++++++++++++++++++++++++ crypto/tcrypt.c | 9 + crypto/testmgr.c | 6 + crypto/testmgr.h | 279 +++++++++++++++++++++++++++ drivers/crypto/ccree/cc_cipher.c | 132 +++++++++---- drivers/crypto/ccree/cc_crypto_ctx.h | 1 + drivers/md/dm-crypt.c | 61 ++---- 9 files changed, 702 insertions(+), 79 deletions(-) create mode 100644 crypto/eboiv.c -- 2.28.0