Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp5546248pxb;
        Mon, 14 Feb 2022 01:29:28 -0800 (PST)
X-Google-Smtp-Source: ABdhPJzGucQijMCl9oRTJv7plZai6Hfhm43Ny8HWc/HgpMUpAt7yk7iRV4z0cQanlL+iHlge0qq/
X-Received: by 2002:a17:906:6a05:: with SMTP id qw5mr10614167ejc.90.1644830967990;
        Mon, 14 Feb 2022 01:29:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1644830967; cv=none;
        d=google.com; s=arc-20160816;
        b=xcaGDtllI8ipjg0okmOPyRXcQnVf+WvrhHVUzgYK0kUW1+RGmKUKeXldDqDCOTpFna
         re5f+h/AvQuHSAjPpivpb3sq4x/70SDbnZ4yh9Cc/VLsJYnZoJugRfO39xfMkm79+D5y
         03tWLzWQP1eQsjHUyC+2BYDsm2hrnUcar4PqDSNukOuegRxQm23Ph525izFuM8sansgh
         gRWQpVcul/vNF6lYtq5qo4ICjS/d7f8bJGBfFkMWvoSg5eEpj/SzeWAr14Iahoy/GlIe
         riIWZeka1bIGTDFaQt0N2vgsjOUqvNAuy5gDmY4FSP/T+2GvKUuQNxT8eXTEzW2j4DlX
         UjQQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=QRDH9vbLQS3f2Q0ccQNr5Qp4Ug7VGO9DxqH6NW74phY=;
        b=PqIdnYlXTsFl3Yb3y5yWMYoa3s55y8+FBGyt8uaq6u6ER5LPeytP7CiKpliBRy1GUS
         VDm1SCivPAMHLNUVnwbzjNhjJCT/jXVgmTS9UYyk+OE61pwPkNioTFHYwp5LYAOcVNS6
         KMU0qng9KZfc57v21SkEdoCqxjEK9Kt92DerFW8IlBfMguK8S4brOnQmsS3x0Y1XRHvn
         pm1TzJmtj9PmpL/gPsZ6KMS/ZViR4br+y6L5bJF+YD3COMn6Z2/9OXgAnkNZA2TsG54C
         neFfReyxo/2GVNX6MDF7LIdZZ2SgcDLkKRnrfDH4enuAMyv1LSP5ov9sBZkZjxaGuEP3
         dbew==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=NJIxKes7;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id 4si18686917ejr.136.2022.02.14.01.28.59;
        Mon, 14 Feb 2022 01:29:27 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=NJIxKes7;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1353222AbiBKUak (ORCPT <rfc822;linux.lists.archive@gmail.com>
        + 99 others); Fri, 11 Feb 2022 15:30:40 -0500
Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:33144 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1351181AbiBKUaj (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Fri, 11 Feb 2022 15:30:39 -0500
Received: from mail-lj1-x229.google.com (mail-lj1-x229.google.com [IPv6:2a00:1450:4864:20::229])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AA33CCCC
        for <linux-crypto@vger.kernel.org>; Fri, 11 Feb 2022 12:30:37 -0800 (PST)
Received: by mail-lj1-x229.google.com with SMTP id e17so14046221ljk.5
        for <linux-crypto@vger.kernel.org>; Fri, 11 Feb 2022 12:30:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=QRDH9vbLQS3f2Q0ccQNr5Qp4Ug7VGO9DxqH6NW74phY=;
        b=NJIxKes7hqTAQq6UETKdRks+KkvgxMtmurUEuG0s8UMHc3d/LRgcB/qBrCsrX0FFVA
         uZ5lyBVJufxhoGZLIH3NGuSNMbTVXbfgT8/MifUJQFws3Ts8wbGQ5JshOYM7+NQUWBgU
         uHwliOvgNoDGpAEG4oKjQVATcchkoR7JLQ8g2524zxfpFA+sVznoAzKcH2nJf8hlgmrE
         meUKL3x10CCZwPRsO3c5IiKsnrWPnR8gbX3KbMrcOY6TtQrMjUh5xSzEUDX9zfZx1UjG
         9j4fdB3t7L4H6AvSjX0NQkcMYL1jASb6M0umgeviBWV96O5v+tT1W+aspMd6uEw6lfdz
         R1sg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=QRDH9vbLQS3f2Q0ccQNr5Qp4Ug7VGO9DxqH6NW74phY=;
        b=7bInpN0HVWw4d6TNX1hAFp775hwTv89kWAOvr1mDiGvTCbdy4bJolcfLftEBrAeknX
         2TvCoqSJ88I35s52C20/kQeWjg0IhxMjRrBwUtTnECL7zfgkZ17J9Jc5Oar+7Rhjwxwt
         RovHZar8AcXpkuRFhXpdoVik1pi2wI7y/cpRRySgMVEoI/HW6ti61wRkKvL0OyxQd77L
         uNwI0M7XuT2JcFPyuX9XnfC0FdznCt7F03Q3xi6mdl0SBlhPGWJ3mtB/1dHfPrUgkAPy
         j83rZ4JnYPZ/oBekwrNLJViUoHiOGE2laotiCEqFpTnoFl0RlhoRA4y6QnpTElNNLPhi
         EdHw==
X-Gm-Message-State: AOAM5338Imzfobt0SKs3V8+mdZL8PxWjL99F06p/2gCdHpdZmX6dl723
        y9SXWqLqigOmCC6QRdc1cImgZJ6URJ/0ohfi0xizuA==
X-Received: by 2002:a2e:8686:: with SMTP id l6mr1951872lji.145.1644611435564;
 Fri, 11 Feb 2022 12:30:35 -0800 (PST)
MIME-Version: 1.0
References: <20220210232812.798387-1-nhuck@google.com> <20220210232812.798387-6-nhuck@google.com>
 <CAMj1kXEJRBcLBsO6HVQJNmGkxmY+aXY+BnyApn6s_MCtXo0eng@mail.gmail.com>
In-Reply-To: <CAMj1kXEJRBcLBsO6HVQJNmGkxmY+aXY+BnyApn6s_MCtXo0eng@mail.gmail.com>
From:   Nathan Huckleberry <nhuck@google.com>
Date:   Fri, 11 Feb 2022 14:30:24 -0600
Message-ID: <CAJkfWY7bet2V-w7NwMxqAsiwUqF5q7-FmFsgKJaMOBYSuY9M2g@mail.gmail.com>
Subject: Re: [RFC PATCH v2 5/7] crypto: arm64/aes-xctr: Add accelerated
 implementation of XCTR
To:     Ard Biesheuvel <ardb@kernel.org>
Cc:     Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>,
        Linux ARM <linux-arm-kernel@lists.infradead.org>,
        Paul Crowley <paulcrowley@google.com>,
        Eric Biggers <ebiggers@kernel.org>,
        Sami Tolvanen <samitolvanen@google.com>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
        ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,
        T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL
        autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Fri, Feb 11, 2022 at 5:48 AM Ard Biesheuvel <ardb@kernel.org> wrote:
>
> On Fri, 11 Feb 2022 at 00:28, Nathan Huckleberry <nhuck@google.com> wrote:
> >
> > Add hardware accelerated version of XCTR for ARM64 CPUs with ARMv8
> > Crypto Extension support.  This XCTR implementation is based on the CTR
> > implementation in aes-modes.S.
> >
> > More information on XCTR can be found in
> > the HCTR2 paper: Length-preserving encryption with HCTR2:
> > https://eprint.iacr.org/2021/1441.pdf
> >
> > Signed-off-by: Nathan Huckleberry <nhuck@google.com>
> > ---
> >
> > Changes since v1:
> >  * Added STRIDE back to aes-glue.c
> >
>
> NAK. Feel free to respond to my comments/questions against v1 if you
> want to discuss this.

 Oops, I misunderstood the tail block behavior of the CTR implementation and
 thought it wouldn't work with XCTR mode.  I have XCTR mirroring the tail
 behavior of CTR now. I'll submit it with the v3.