From patchwork Fri Aug 16 14:06:24 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ard Biesheuvel <ard.biesheuvel@linaro.org>
X-Patchwork-Id: 171509
Delivered-To: patch@linaro.org
Received: by 2002:a92:d204:0:0:0:0:0 with SMTP id y4csp924051ily;
 Fri, 16 Aug 2019 07:06:38 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxVIC+k9yGLkr2DBpUsRQFiy+aRu8PFByN5ylZAH9cMrzhhhqJpCwCiVFl74gkgVd+mW8KD
X-Received: by 2002:a17:902:7049:: with SMTP id
 h9mr9689667plt.232.1565964398143; 
 Fri, 16 Aug 2019 07:06:38 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1565964398; cv=none;
 d=google.com; s=arc-20160816;
 b=XfniW8QthU4I1YpROoVUka8Z0Yyy51PKwzrWS4FM+ehfv19ciMjplbXpXT9pyEOYbV
 YpKzh/iChp2WT98pt792xfrrsgXa3qmjgZIm8alUTB6NygU6r/yOsirp7eaaCo3qSmBS
 rweWX9MTz40xE4OGki0O/4spBJEvSxBYVj3kVvkxhZKhrbexeFWJFUZaPicX75Qfq/Uu
 zkB7pOrTHhIghcQaYWbwCRYF5T2SRQAO8P+rUUczpcgvc0aFc3cd+EYVuNsXuS8XTOBr
 XWUwCsdSL4eqHtZl0Zyn7bv+xnPOlvJU3wcB5r2d7XKPbSJBUU5LudVc5yjVGVjzCxui
 7t6w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=list-id:precedence:sender:message-id:date:subject:cc:to:from
 :dkim-signature;
 bh=FDmnpjEbDvIvEVLNq8R7T0AYfQ4p5jgV5DbMjGWZEWg=;
 b=LdTsMWCdcuRGeloqC4l5+Xnuc7X6IVwkkUoC6LZ02OEVHcHZN+zYiUWxZ1PeOLHb22
 9iqdqgk1lAvKbFlQ0GkDgX+NbSnDTf0v2HP1WoI3la8qrheabvy9o1n6nzn/YdvJVC4z
 k46gbYqkhHTmybWWj5ynNEM4mibjfDHy26NKL+sFfze4gRljsHwg6DpkVqBIEl+pTvDs
 s1pbaTPUw/zRqlxe4K/xIw0a0YsL8zPK6EZFjY2uWEdkBdpTcJQE4lrS1lcIe6OpW2jV
 CDRdUgN6+j1sM6a46FHoZpn53086jN/wRUoFxG+D1ONSZw8zEH5gYniqqeh4rvUjcdJe
 +j7g==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=DeUw93E3;
 spf=pass (google.com: best guess record for domain of
 linux-crypto-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender)
 smtp.mailfrom=linux-crypto-owner@vger.kernel.org; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
 by mx.google.com with ESMTP id
 h38si3886440pgi.327.2019.08.16.07.06.37; 
 Fri, 16 Aug 2019 07:06:38 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of
 linux-crypto-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender) client-ip=209.132.180.67; 
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=DeUw93E3;
 spf=pass (google.com: best guess record for domain of
 linux-crypto-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender)
 smtp.mailfrom=linux-crypto-owner@vger.kernel.org; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
 id S1727252AbfHPOGg (ORCPT <rfc822;sumit.garg@linaro.org>
 + 3 others); Fri, 16 Aug 2019 10:06:36 -0400
Received: from mail-wr1-f67.google.com ([209.85.221.67]:40667 "EHLO
 mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
 with ESMTP id S1727286AbfHPOGg (ORCPT
 <rfc822;linux-crypto@vger.kernel.org>);
 Fri, 16 Aug 2019 10:06:36 -0400
Received: by mail-wr1-f67.google.com with SMTP id c3so1665781wrd.7
 for <linux-crypto@vger.kernel.org>;
 Fri, 16 Aug 2019 07:06:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:cc:subject:date:message-id;
 bh=FDmnpjEbDvIvEVLNq8R7T0AYfQ4p5jgV5DbMjGWZEWg=;
 b=DeUw93E3HJ0D037HC4xGonLxRTV/6nyj1dVW94whegeI0gf/K5qH9GABzkUDkDVZN+
 WTLbHlHTK0y88Wj4BmhZ5VDDzNzMnVo4ltmNvdMmST7lfJjggn4qF8wsVo65ArPg51Bv
 uYKq03pUe8c+uWHG2JN5/zBvuxzWw4yrYY5n5eINw7q9F/ygy8FGHeiZY5DjEJONitCP
 dRBA+eBaVwvQYsLTfixFhL4vYRZnuzwrgRs1dzNzIzo6s9aPWMdp3UdP1/VJCjZAQAbQ
 uzwxjFhRp+wySx257SX66O0HD3+ZifJ6oiJrubsnuG/aLd6qCwvQZJ0Tu+s3sJCtoqCz
 LQBw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id;
 bh=FDmnpjEbDvIvEVLNq8R7T0AYfQ4p5jgV5DbMjGWZEWg=;
 b=dUMmPwMWAW2Gaq6bkgQ63EIXfgnVbhBtJgXie1S/yyjpk++31aAdCUQx+xPGcog5Eq
 pdwmXP+g7rFN2jUBpzAxppGaiZ9OaUb3q9z/yujGWt7sCH7z5fStOZ7LuS16YZTRFMeL
 y195R28GjK+GH4LvudfJu4GYlaKoeamlEsDCDLhp+WxPb5ohyj3LPPLe0aCnkc4nefKV
 uaOnIv0NwlIXhUxocrGaWCIbVGxyBnswdb+IivF1ElomdbRxKpy3hF7QMYOYU+fpMu/v
 BsCPIq9Z8e4AEJ1a0MtW2tTefOeMGkNZeetskQxvlk51qVJXxMH56klZy6pwfjM8k29N
 ScFQ==
X-Gm-Message-State: APjAAAXf6zrksuan84VUpYQX70+Z7St8PDIDzvfR/o8/Ch9PPqnxvhzE
 Gf7GyW6wW9rLOQC/GXsCrFCdU1DyKVko3cT5
X-Received: by 2002:adf:ecc3:: with SMTP id s3mr11573963wro.302.1565964394407; 
 Fri, 16 Aug 2019 07:06:34 -0700 (PDT)
Received: from localhost.localdomain ([2a02:587:a407:da00:f1b5:e68c:5f7f:79e7])
 by smtp.gmail.com with ESMTPSA id
 i5sm5465389wrn.48.2019.08.16.07.06.32
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Fri, 16 Aug 2019 07:06:33 -0700 (PDT)
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: linux-crypto@vger.kernel.org
Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org,
 linuxppc-dev@lists.ozlabs.org, leitao@debian.org,
 nayna@linux.ibm.com, pfsmorigo@gmail.com,
 Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: [PATCH] crypto: vmx/xts - use fallback for ciphertext stealing
Date: Fri, 16 Aug 2019 17:06:24 +0300
Message-Id: <20190816140625.27053-1-ard.biesheuvel@linaro.org>
X-Mailer: git-send-email 2.17.1
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

For correctness and compliance with the XTS-AES specification, we are
adding support for ciphertext stealing to XTS implementations, even
though no use cases are known that will be enabled by this.

Since the Power8 implementation already has a fallback skcipher standby
for other purposes, let's use it for this purpose as well. If ciphertext
stealing use cases ever become a bottleneck, we can always revisit this.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/crypto/vmx/aes_xts.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.17.1

diff --git a/drivers/crypto/vmx/aes_xts.c b/drivers/crypto/vmx/aes_xts.c
index 49f7258045fa..d59e736882f6 100644
--- a/drivers/crypto/vmx/aes_xts.c
+++ b/drivers/crypto/vmx/aes_xts.c
@@ -84,7 +84,7 @@ static int p8_aes_xts_crypt(struct skcipher_request *req, int enc)
 	u8 tweak[AES_BLOCK_SIZE];
 	int ret;
 
-	if (!crypto_simd_usable()) {
+	if (!crypto_simd_usable() || (req->cryptlen % XTS_BLOCK_SIZE) != 0) {
 		struct skcipher_request *subreq = skcipher_request_ctx(req);
 
 		*subreq = *req;