From: Scott Mayhew <smayhew@redhat.com>
To: linux-crypto@vger.kernel.org
Cc: chuck.lever@oracle.com, linux-nfs@vger.kernel.org
Subject: RPCSEC GSS krb5 KUnit test fails on arm64 with h/w accelerated ciphers enabled
Date: Wed, 19 Apr 2023 17:53:53 -0400 [thread overview]
Message-ID: <ZEBi8ReG9LKLcmW3@aion.usersys.redhat.com> (raw)
Chuck's recently-added RPCSEC GSS krb5 KUnit test
(net/sunrpc/auth_gss/gss_krb5_test.c) is failing on arm64, specifically
the RFC 3962 test cases (I'm just pasting the output of 1 case, but all
6 cases fail):
---8<---
[ 237.255197] # Subtest: RFC 3962 encryption
[ 237.255588] # RFC 3962 encryption: EXPECTATION FAILED at net/sunrpc/auth_gss/gss_krb5_test.c:772
Expected memcmp(param->next_iv->data, iv, param->next_iv->len) == 0, but
memcmp(param->next_iv->data, iv, param->next_iv->len) == 1 (0x1)
IV mismatch
---8<---
If I disable the hardware accelerated ciphers
(CONFIG_CRYPTO_AES_ARM64_CE_BLK and CONFIG_CRYPTO_AES_ARM64_NEON_BLK),
then the test works.
Likewise, if I modify Chuck's test to explicitly request
"cts(cbc(aes-generic))", then the test works.
The problem is that the asm helper aes_cbc_cts_encrypt in
arch/arm64/crypto/aes-modes.S doesn't return the next IV.
If I make the following change, then the test works:
diff --git a/arch/arm64/crypto/aes-modes.S b/arch/arm64/crypto/aes-modes.S
index 0e834a2c062c..477605fad76b 100644
--- a/arch/arm64/crypto/aes-modes.S
+++ b/arch/arm64/crypto/aes-modes.S
@@ -268,6 +268,7 @@ AES_FUNC_START(aes_cbc_cts_encrypt)
add x4, x0, x4
st1 {v0.16b}, [x4] /* overlapping stores */
st1 {v1.16b}, [x0]
+ st1 {v1.16b}, [x5]
ret
AES_FUNC_END(aes_cbc_cts_encrypt)
But I don't know if that change is at all correct! (I've never even
looked at arm64 asm before). If someone who's knowledgeable about this
code could chime in, I'd appreciate it.
-Scott
next reply other threads:[~2023-04-19 21:55 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-19 21:53 Scott Mayhew [this message]
2023-04-28 9:44 ` RPCSEC GSS krb5 KUnit test fails on arm64 with h/w accelerated ciphers enabled Herbert Xu
2023-04-28 9:57 ` Ard Biesheuvel
2023-04-28 12:59 ` Chuck Lever III
2023-04-28 16:09 ` Ard Biesheuvel
2023-04-28 16:18 ` Chuck Lever III
2023-04-28 16:48 ` Ard Biesheuvel
2023-04-28 23:46 ` Eric Biggers
2023-05-01 13:02 ` Scott Mayhew
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZEBi8ReG9LKLcmW3@aion.usersys.redhat.com \
--to=smayhew@redhat.com \
--cc=chuck.lever@oracle.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.