diff mbox series

crypto: vmx/xts - use fallback for ciphertext stealing

Message ID 20190816140625.27053-1-ard.biesheuvel@linaro.org
State Accepted
Commit 23966841934908ad4ef997231f1fdd1f9a9d0f42
Headers show
Series crypto: vmx/xts - use fallback for ciphertext stealing | expand

Commit Message

Ard Biesheuvel Aug. 16, 2019, 2:06 p.m. UTC
For correctness and compliance with the XTS-AES specification, we are
adding support for ciphertext stealing to XTS implementations, even
though no use cases are known that will be enabled by this.

Since the Power8 implementation already has a fallback skcipher standby
for other purposes, let's use it for this purpose as well. If ciphertext
stealing use cases ever become a bottleneck, we can always revisit this.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

---
 drivers/crypto/vmx/aes_xts.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.17.1

Comments

Herbert Xu Aug. 22, 2019, 5:57 a.m. UTC | #1
On Fri, Aug 16, 2019 at 05:06:24PM +0300, Ard Biesheuvel wrote:
> For correctness and compliance with the XTS-AES specification, we are

> adding support for ciphertext stealing to XTS implementations, even

> though no use cases are known that will be enabled by this.

> 

> Since the Power8 implementation already has a fallback skcipher standby

> for other purposes, let's use it for this purpose as well. If ciphertext

> stealing use cases ever become a bottleneck, we can always revisit this.

> 

> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

> ---

>  drivers/crypto/vmx/aes_xts.c | 2 +-

>  1 file changed, 1 insertion(+), 1 deletion(-)


Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
diff mbox series

Patch

diff --git a/drivers/crypto/vmx/aes_xts.c b/drivers/crypto/vmx/aes_xts.c
index 49f7258045fa..d59e736882f6 100644
--- a/drivers/crypto/vmx/aes_xts.c
+++ b/drivers/crypto/vmx/aes_xts.c
@@ -84,7 +84,7 @@  static int p8_aes_xts_crypt(struct skcipher_request *req, int enc)
 	u8 tweak[AES_BLOCK_SIZE];
 	int ret;
 
-	if (!crypto_simd_usable()) {
+	if (!crypto_simd_usable() || (req->cryptlen % XTS_BLOCK_SIZE) != 0) {
 		struct skcipher_request *subreq = skcipher_request_ctx(req);
 
 		*subreq = *req;