lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAPcyv4jst3PSPU5HFdcrzQ2Bxt1uXd_-cbundYRP_i=fUsd5-g@mail.gmail.com>
Date:   Mon, 29 Nov 2021 23:03:24 -0800
From:   Dan Williams <dan.j.williams@...el.com>
To:     "Bae, Chang Seok" <chang.seok.bae@...el.com>
Cc:     Eric Biggers <ebiggers@...nel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Borislav Petkov <bp@...e.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        "mingo@...nel.org" <mingo@...nel.org>,
        "Lutomirski, Andy" <luto@...nel.org>,
        "x86@...nel.org" <x86@...nel.org>,
        "herbert@...dor.apana.org.au" <herbert@...dor.apana.org.au>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
        "Gairuboyina, Charishma1" <charishma1.gairuboyina@...el.com>,
        "Dwarakanath, Kumar N" <kumar.n.dwarakanath@...el.com>,
        "Krishnakumar, Lalithambika" <lalithambika.krishnakumar@...el.com>,
        "Shankar, Ravi V" <ravi.v.shankar@...el.com>
Subject: Re: [PATCH v3 11/15] crypto: x86/aes-kl - Support AES algorithm using
 Key Locker instructions

On Mon, Nov 29, 2021 at 10:57 PM Bae, Chang Seok
<chang.seok.bae@...el.com> wrote:
>
> On Nov 29, 2021, at 19:48, Eric Biggers <ebiggers@...nel.org> wrote:
> > On Wed, Nov 24, 2021 at 12:06:56PM -0800, Chang S. Bae wrote:
> >> diff --git a/arch/x86/crypto/Makefile b/arch/x86/crypto/Makefile
> >> index ef6c0b9f69c6..f696b037faa5 100644
> >> --- a/arch/x86/crypto/Makefile
> >> +++ b/arch/x86/crypto/Makefile
> >> @@ -50,6 +50,9 @@ obj-$(CONFIG_CRYPTO_AES_NI_INTEL) += aesni-intel.o
> >> aesni-intel-y := aesni-intel_asm.o aesni-intel_glue.o aes-intel_glue.o
> >> aesni-intel-$(CONFIG_64BIT) += aesni-intel_avx-x86_64.o aes_ctrby8_avx-x86_64.o
> >>
> >> +obj-$(CONFIG_CRYPTO_AES_KL) += aeskl-intel.o
> >> +aeskl-intel-y := aeskl-intel_asm.o aesni-intel_asm.o aeskl-intel_glue.o aes-intel_glue.o
> >
> > This makes the object files aesni-intel_asm.o and aes-intel_glue.o each be built
> > into two separate kernel modules.  My understanding is that duplicating code
> > like that is generally frowned upon.  These files should either be built into a
> > separate module, which both aesni-intel.ko and aeskl-intel.ko would depend on,
> > or aeskl-intel.ko should depend on aesni-intel.ko.
>
> The only reason to include the AES-NI object here is that AES-KL does not
> support the 192-bit key.
>
> Maybe the fallback can be the aes-generic driver [1] instead of AES-NI here.
>
> >> diff --git a/arch/x86/crypto/aeskl-intel_asm.S b/arch/x86/crypto/aeskl-intel_asm.S
> >> new file mode 100644
> >> index 000000000000..d56ec8dd6644
> >> --- /dev/null
> >> +++ b/arch/x86/crypto/aeskl-intel_asm.S
> >
> > This file gets very long after all the modes are added (> 1100 lines).  Is there
> > really no feasible way to share code between this and aesni-intel_asm.S, similar
> > to how the arm64 AES implementations work?  Surely most of the logic is the
> > same, and it's just the actual AES instructions that differ?
>
> No, these two instruction sets are separate. So I think no room to share the
> ASM code.
>
> >> +config CRYPTO_AES_KL
> >> +    tristate "AES cipher algorithms (AES-KL)"
> >> +    depends on (LD_VERSION >= 23600) || (LLD_VERSION >= 120000)
> >> +    depends on DM_CRYPT
> >
> > 'depends on DM_CRYPT' doesn't really make sense here, since there is no actual
> > dependency on dm-crypt in the code.
>
> I think the intention here is to build a policy that the library is available
> only when there is a clear use case.
>
> But maybe putting such restriction is too much here.
>

Yeah, my bad the "depends on DM_CRYPT" can go. Even though the Key
Locker support has no real pressing reason to be built without it,
there is still no actual code dependency.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ