tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

crypto: caam - update xts sector size for large input length

Since in the software implementation of XTS-AES there is
no notion of sector every input length is processed the same way.
CAAM implementation has the notion of sector which causes different
results between the software implementation and the one in CAAM
for input lengths bigger than 512 bytes.
Increase sector size to maximum value on 16 bits.

Fixes: c6415a6016bf ("crypto: caam - add support for acipher xts(aes)")
Cc: <stable@vger.kernel.org> # v4.12+
Signed-off-by: Andrei Botila <andrei.botila@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Andrei Botila and committed by
Herbert Xu 3f142b6a 3a5a9e1e

+14 -2
+14 -2
drivers/crypto/caam/caamalg_desc.c
··· 1524 1524 */ 1525 1525 void cnstr_shdsc_xts_skcipher_encap(u32 * const desc, struct alginfo *cdata) 1526 1526 { 1527 - __be64 sector_size = cpu_to_be64(512); 1527 + /* 1528 + * Set sector size to a big value, practically disabling 1529 + * sector size segmentation in xts implementation. We cannot 1530 + * take full advantage of this HW feature with existing 1531 + * crypto API / dm-crypt SW architecture. 1532 + */ 1533 + __be64 sector_size = cpu_to_be64(BIT(15)); 1528 1534 u32 *key_jump_cmd; 1529 1535 1530 1536 init_sh_desc(desc, HDR_SHARE_SERIAL | HDR_SAVECTX); ··· 1583 1577 */ 1584 1578 void cnstr_shdsc_xts_skcipher_decap(u32 * const desc, struct alginfo *cdata) 1585 1579 { 1586 - __be64 sector_size = cpu_to_be64(512); 1580 + /* 1581 + * Set sector size to a big value, practically disabling 1582 + * sector size segmentation in xts implementation. We cannot 1583 + * take full advantage of this HW feature with existing 1584 + * crypto API / dm-crypt SW architecture. 1585 + */ 1586 + __be64 sector_size = cpu_to_be64(BIT(15)); 1587 1587 u32 *key_jump_cmd; 1588 1588 1589 1589 init_sh_desc(desc, HDR_SHARE_SERIAL | HDR_SAVECTX);