From: Eric Biggers <ebiggers@kernel.org>
To: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
Greg KH <gregkh@linuxfoundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Kyle Sanderson <kyle.leet@gmail.com>,
Dave Chinner <david@fromorbit.com>,
qat-linux@intel.com, Linux-Kernal <linux-kernel@vger.kernel.org>,
linux-xfs <linux-xfs@vger.kernel.org>,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
device-mapper development <dm-devel@redhat.com>
Subject: Re: Intel QAT on A2SDi-8C-HLN4F causes massive data corruption with dm-crypt + xfs
Date: Thu, 3 Mar 2022 21:44:53 +0000 [thread overview]
Message-ID: <YiE21aPGG5DHwJvb@gmail.com> (raw)
In-Reply-To: <YiEyGoHacN80FcOL@silpixa00400314>
On Thu, Mar 03, 2022 at 09:24:42PM +0000, Giovanni Cabiddu wrote:
> On Thu, Mar 03, 2022 at 07:21:33PM +0000, Eric Biggers wrote:
> > If these algorithms have critical bugs, which it appears they do, then IMO it
> > would be better to disable them (either stop registering them, or disable the
> > whole driver) than to leave them available with low cra_priority. Low
> > cra_priority doesn't guarantee that they aren't used.
> Thanks for your feedback Eric.
>
> Here is a patch that disables the registration of the algorithms in the
> QAT driver by setting, a config time, the number of HW queues (aka
> instances) to zero.
>
> ---8<---
> From: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
> Subject: [PATCH] crypto: qat - disable registration of algorithms
> Organization: Intel Research and Development Ireland Ltd - Co. Reg. #308263 - Collinstown Industrial Park, Leixlip, County Kildare - Ireland
>
> The implementations of aead and skcipher in the QAT driver do not
> support properly requests with the CRYPTO_TFM_REQ_MAY_BACKLOG flag set.
> If the HW queue is full, the driver returns -EBUSY but does not enqueue
> the request.
> This can result in applications like dm-crypt waiting indefinitely for a
> completion of a request that was never submitted to the hardware.
>
> To avoid this problem, disable the registration of all skcipher and aead
> implementations in the QAT driver by setting the number of crypto
> instances to 0 at configuration time.
>
> This patch deviates from the original upstream solution, that prevents
> dm-crypt to use drivers registered with the flag
> CRYPTO_ALG_ALLOCATES_MEMORY, since a backport of that set to stable
> kernels may have a too wide effect.
>
> commit 7bcb2c99f8ed032cfb3f5596b4dccac6b1f501df upstream
> commit 2eb27c11937ee9984c04b75d213a737291c5f58c upstream
> commit fbb6cda44190d72aa5199d728797aabc6d2ed816 upstream
> commit b8aa7dc5c7535f9abfca4bceb0ade9ee10cf5f54 upstream
> commit cd74693870fb748d812867ba49af733d689a3604 upstream
>
> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
> ---
> drivers/crypto/qat/qat_common/qat_crypto.c | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
Sounds good; is there any reason not to apply this upstream too, though?
You could revert it later as part of the patch series that fixes the driver.
- Eric
next prev parent reply other threads:[~2022-03-03 21:44 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-19 5:02 Intel QAT on A2SDi-8C-HLN4F causes massive data corruption with dm-crypt + xfs Kyle Sanderson
2022-02-19 21:03 ` Dave Chinner
2022-02-19 23:00 ` Kyle Sanderson
2022-02-21 11:47 ` Giovanni Cabiddu
2022-02-28 8:18 ` Kyle Sanderson
2022-02-28 19:25 ` Linus Torvalds
2022-02-28 20:39 ` Giovanni Cabiddu
2022-02-28 20:59 ` Greg KH
2022-02-28 23:26 ` Herbert Xu
2022-03-01 1:12 ` Linus Torvalds
2022-03-01 4:11 ` Herbert Xu
2022-03-02 10:29 ` Greg KH
2022-03-02 11:49 ` Giovanni Cabiddu
2022-03-02 14:56 ` Greg KH
2022-03-02 22:27 ` Herbert Xu
2022-03-02 22:42 ` Giovanni Cabiddu
2022-03-02 22:45 ` Herbert Xu
2022-03-03 13:49 ` Giovanni Cabiddu
2022-03-03 19:21 ` Eric Biggers
2022-03-03 21:24 ` Giovanni Cabiddu
2022-03-03 21:44 ` Eric Biggers [this message]
2022-03-04 17:50 ` Giovanni Cabiddu
2022-03-16 21:38 ` Kyle Sanderson
2022-03-16 22:13 ` Herbert Xu
2022-02-28 21:13 ` [dm-devel] " Milan Broz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YiE21aPGG5DHwJvb@gmail.com \
--to=ebiggers@kernel.org \
--cc=david@fromorbit.com \
--cc=dm-devel@redhat.com \
--cc=giovanni.cabiddu@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=herbert@gondor.apana.org.au \
--cc=kyle.leet@gmail.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=qat-linux@intel.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).