From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EA96FC433F5 for ; Wed, 4 May 2022 09:48:08 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-18-ROmS22tqPFCzbjXHoH-6yA-1; Wed, 04 May 2022 05:48:04 -0400 X-MC-Unique: ROmS22tqPFCzbjXHoH-6yA-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B7C25803D4E; Wed, 4 May 2022 09:48:02 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 88D8644A180; Wed, 4 May 2022 09:48:01 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 476671947043; Wed, 4 May 2022 09:48:01 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id E27C91947040 for ; Wed, 4 May 2022 09:47:59 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id C7E764021D9; Wed, 4 May 2022 09:47:59 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C3A5D463E0B for ; Wed, 4 May 2022 09:47:59 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A8F3B800186 for ; Wed, 4 May 2022 09:47:59 +0000 (UTC) Received: from mail-ed1-f45.google.com (mail-ed1-f45.google.com [209.85.208.45]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-593-kh6lHGlLN8-AlUG4yRrkXQ-1; Wed, 04 May 2022 05:47:56 -0400 X-MC-Unique: kh6lHGlLN8-AlUG4yRrkXQ-1 Received: by mail-ed1-f45.google.com with SMTP id be20so1054514edb.12; Wed, 04 May 2022 02:47:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=UMi5L4NU7YtuCRrDszdWe8xOLn3j2yayIhCAekkyhRM=; b=QgarMMrUNJKv93plSOivs+nIELF3x9AggtaZ3lXwINWcf/B+VsyJr8h3MDCTDy+TjW BXynQuuie2iRRmlovhf9V+VYijmRG68gLFaD5V37zG8hFp/fMnWvSK2LhOG6n/4js8kJ kbC+SyzqAiYUSv23iUqTwXoo4vxuIgrhQWnGBzPcNXhiYqrhP25vIklTcWyVmD4+xp4T Y/TzSux5HNxGTd23kuDHJ0qQICx0+eACiWq1PYQQLlzStiX4n9LqGSCbKNrgeZTFHJWs T24EkpKshCszb8Fed7KnR8CwDDSWtVzh+E3+KgRAGZFxAvQUOtZ/QX7cl3lNmfpARi0k MTWA== X-Gm-Message-State: AOAM530jDbHf654esdF0duQgEXr2Ve46TUJDGGRF+0Pf8Ejn8UZpNQ0k 4C1XMKzDRkC5ANwUC+6DRRw= X-Google-Smtp-Source: ABdhPJya6lHf7igGAb2eIfhtj49OpcX70BuRC8nDoJHvWavZcEixqKxkVIAJZ6KPK65JpqjcGV6fqQ== X-Received: by 2002:aa7:cc02:0:b0:411:487e:36fe with SMTP id q2-20020aa7cc02000000b00411487e36femr22183786edt.338.1651657674535; Wed, 04 May 2022 02:47:54 -0700 (PDT) Received: from [192.168.2.27] (85-70-151-113.rcd.o2.cz. [85.70.151.113]) by smtp.gmail.com with ESMTPSA id r23-20020a056402019700b0042617ba637bsm8951540edv.5.2022.05.04.02.47.53 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 04 May 2022 02:47:54 -0700 (PDT) Message-ID: <24c9a856-be10-e9b3-b26d-e6ced9e13c63@gmail.com> Date: Wed, 4 May 2022 11:47:52 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.1 To: Andy Shevchenko , Mikulas Patocka References: From: Milan Broz In-Reply-To: X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 Subject: Re: [dm-devel] [PATCH v2] hex2bin: make the function hex_to_bin constant-time X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Andy Shevchenko , Mike Snitzer , Herbert Xu , Linux Kernel Mailing List , Mimi Zohar , device-mapper development , Linux Crypto Mailing List , Jason@zx2c4.com, Stafford Horne , Linus Torvalds , "David S. Miller" Errors-To: dm-devel-bounces@redhat.com Sender: "dm-devel" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.9 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=dm-devel-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" On 04/05/2022 11:20, Andy Shevchenko wrote: > On Wed, May 04, 2022 at 04:57:35AM -0400, Mikulas Patocka wrote: >> On Wed, 4 May 2022, Stafford Horne wrote: >>> On Mon, Apr 25, 2022 at 08:07:48AM -0400, Mikulas Patocka wrote: > > ... > >>> Just a heads up it seems this patch is causing some instability with crypto self >>> tests on OpenRISC when using a PREEMPT kernel (no SMP). >>> >>> This was reported by Jason A. Donenfeld as it came up in wireguard testing. >>> >>> I am trying to figure out if this is an OpenRISC PREEMPT issue or something >>> else. > >> That patch is so simple that I can't imagine how could it break the >> curve25519 test. Are you sure that you bisected it correctly? > > Can you provide a test cases for hex_to_bin()? BTW we use exactly the same code from Mikulas in cryptsetup now (actually the report was initiated from here :) and I added some tests for this code, you can probably adapt it (we just use generic wrapper around it): https://gitlab.com/cryptsetup/cryptsetup/-/commit/2d8cdb2e356d187658efa6efc7bfa146be5d3f60#d9c94cde02e4509f6d12c3edd40f8a9138696807_0_176 (it calls this: https://gitlab.com/cryptsetup/cryptsetup/-/commit/ff14c17de794fe85299d90e34e12a677e6148b71 ) I do not have OpenRISC available, but it would be interesting to run cryptsetup/tests/vectors-test there... Milan -- dm-devel mailing list dm-devel@redhat.com https://listman.redhat.com/mailman/listinfo/dm-devel From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 69D68C433F5 for ; Wed, 4 May 2022 09:48:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347635AbiEDJvd (ORCPT ); Wed, 4 May 2022 05:51:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58442 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1347567AbiEDJvc (ORCPT ); Wed, 4 May 2022 05:51:32 -0400 Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1B5751EC4D; Wed, 4 May 2022 02:47:56 -0700 (PDT) Received: by mail-ed1-x52f.google.com with SMTP id t5so1057977edw.11; Wed, 04 May 2022 02:47:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:content-language:to :cc:references:from:in-reply-to:content-transfer-encoding; bh=UMi5L4NU7YtuCRrDszdWe8xOLn3j2yayIhCAekkyhRM=; b=WDmxoCNXwFJk/LykyGgZ5h6mI4rzQG3Rg9y9I7kpI/c8+Urxqy6b7qcRzX1N/kSF/f WK2ENuP5ABc3//g8suPgi+V176dSQkgsEcDWAM8k2z4JO5A/3yiJ0+rh8JX0v1i/EVBL gNLqXJw2qYFH4+u5xTfiGD8p9kQtN98eA5n8/bQ37xMZSVLRB3nvP9VODCE0bpiybwN/ zhxyhW4+//JA8Xk8bHrKKHfX6A9+raZ4IWiKlpNye0P5lY/DD9OnSD8f4D8Vew8iur8D 8Cx80hnvraEIbG2EEZRgLKd7dhg5rzkVgJBcJBhG4fgtO7yKdXK+vG3R3vZhuDBoHkLc M10A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=UMi5L4NU7YtuCRrDszdWe8xOLn3j2yayIhCAekkyhRM=; b=OEztZPBFVGDg9WetNTixFKExhYxPNVbTeg+/6InVh9kWMW9n9g7yo/khbQlXpWuWoD z3b6RWuvzodkgvlBP58DKVO4z7U6u6qsOEj8eynZGvOHc1G/QNhnQvXfUAd7BgTdoxyu h2411M4Oh6DsFRLh7lFj/5L0KIYPzl2IoHddvKwQh7f9TGnANoonjmNTpntW36SzVNz/ HZwtyys56y67CA2PXcZes4RDnZDPeL7H6rD32y0MwqPbj1sfN6b/D8UFCJYCy4x+pH6h vRYqmjXCFIXe/mQ/xjyQZ8bejux01ViqUtr5Qa3W8UrRPqwTSl+btBy6OiNK5etyYV3w jWNQ== X-Gm-Message-State: AOAM531FTmlH5iyX8UxIwaRExDnxYU6aIo1tbAW3drhjd1Hb4SDGKS81 mjjeLlnNrGZfVwuho6H+hE4= X-Google-Smtp-Source: ABdhPJya6lHf7igGAb2eIfhtj49OpcX70BuRC8nDoJHvWavZcEixqKxkVIAJZ6KPK65JpqjcGV6fqQ== X-Received: by 2002:aa7:cc02:0:b0:411:487e:36fe with SMTP id q2-20020aa7cc02000000b00411487e36femr22183786edt.338.1651657674535; Wed, 04 May 2022 02:47:54 -0700 (PDT) Received: from [192.168.2.27] (85-70-151-113.rcd.o2.cz. [85.70.151.113]) by smtp.gmail.com with ESMTPSA id r23-20020a056402019700b0042617ba637bsm8951540edv.5.2022.05.04.02.47.53 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 04 May 2022 02:47:54 -0700 (PDT) Message-ID: <24c9a856-be10-e9b3-b26d-e6ced9e13c63@gmail.com> Date: Wed, 4 May 2022 11:47:52 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.1 Subject: Re: [PATCH v2] hex2bin: make the function hex_to_bin constant-time Content-Language: en-US To: Andy Shevchenko , Mikulas Patocka Cc: Stafford Horne , Linus Torvalds , Andy Shevchenko , device-mapper development , Linux Kernel Mailing List , Linux Crypto Mailing List , Herbert Xu , "David S. Miller" , Mike Snitzer , Mimi Zohar , Jason@zx2c4.com References: From: Milan Broz In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 04/05/2022 11:20, Andy Shevchenko wrote: > On Wed, May 04, 2022 at 04:57:35AM -0400, Mikulas Patocka wrote: >> On Wed, 4 May 2022, Stafford Horne wrote: >>> On Mon, Apr 25, 2022 at 08:07:48AM -0400, Mikulas Patocka wrote: > > ... > >>> Just a heads up it seems this patch is causing some instability with crypto self >>> tests on OpenRISC when using a PREEMPT kernel (no SMP). >>> >>> This was reported by Jason A. Donenfeld as it came up in wireguard testing. >>> >>> I am trying to figure out if this is an OpenRISC PREEMPT issue or something >>> else. > >> That patch is so simple that I can't imagine how could it break the >> curve25519 test. Are you sure that you bisected it correctly? > > Can you provide a test cases for hex_to_bin()? BTW we use exactly the same code from Mikulas in cryptsetup now (actually the report was initiated from here :) and I added some tests for this code, you can probably adapt it (we just use generic wrapper around it): https://gitlab.com/cryptsetup/cryptsetup/-/commit/2d8cdb2e356d187658efa6efc7bfa146be5d3f60#d9c94cde02e4509f6d12c3edd40f8a9138696807_0_176 (it calls this: https://gitlab.com/cryptsetup/cryptsetup/-/commit/ff14c17de794fe85299d90e34e12a677e6148b71 ) I do not have OpenRISC available, but it would be interesting to run cryptsetup/tests/vectors-test there... Milan