Created attachment 286557 [details] dmesg (5.4.7, Talos II) # dmesg | grep -i aes [ 5.589319] alg: skcipher: p8_aes_xts encryption unexpectedly succeeded on test vector "random: len=0 klen=64"; expected_error=-22, cfg="random: inplace may_sleep use_finup src_divs=[<flush>66.99%@+10, 33.1%@alignmask+1155]" # inxi -b System: Kernel: 5.4.7-gentoo ppc64 bits: 64 Console: tty 1 Distro: Gentoo Base System release 2.6 Machine: Type: PowerPC Device System: T2P9D01 REV 1.01 details: PowerNV T2P9D01 REV 1.01 rev: 2.2 (pvr 004e 1202) CPU: 32-Core: POWER9 altivec supported type: MCP speed: 2785 MHz min/max: 2154/3800 MHz Graphics: Device-1: Advanced Micro Devices [AMD/ATI] Caicos [Radeon HD 6450/7450/8450 / R5 230 OEM] driver: radeon v: kernel Device-2: ASPEED Graphics Family driver: N/A Device-3: NVIDIA GK208B [GeForce GT 710] driver: N/A Display: server: X.org 1.20.5 driver: radeon tty: 211x53 Message: Advanced graphics data unavailable in console for root. Network: Device-1: Broadcom and subsidiaries NetXtreme BCM5719 Gigabit Ethernet PCIe driver: tg3 Device-2: Broadcom and subsidiaries NetXtreme BCM5719 Gigabit Ethernet PCIe driver: tg3
Created attachment 286559 [details] kernel .config (5.4.7, Talos II)
Hi Erhard, I'm having a look. Does this reproduce reliably/often? Or was it a one-off? Regards, Daniel
Looks like other implementations check the size, can you try this: diff --git a/drivers/crypto/vmx/aes_xts.c b/drivers/crypto/vmx/aes_xts.c index d59e736882f6..9fee1b1532a4 100644 --- a/drivers/crypto/vmx/aes_xts.c +++ b/drivers/crypto/vmx/aes_xts.c @@ -84,6 +84,9 @@ static int p8_aes_xts_crypt(struct skcipher_request *req, int enc) u8 tweak[AES_BLOCK_SIZE]; int ret; + if (req->cryptlen < AES_BLOCK_SIZE) + return -EINVAL; + if (!crypto_simd_usable() || (req->cryptlen % XTS_BLOCK_SIZE) != 0) { struct skcipher_request *subreq = skcipher_request_ctx(req);
(In reply to Daniel Axtens from comment #2) > Hi Erhard, > > I'm having a look. Does this reproduce reliably/often? Or was it a one-off? Hi Daniel, This shows up every time booting the Talos II. I have yet to try Michaels patch. Regards, Erhard
(In reply to Michael Ellerman from comment #3) > Looks like other implementations check the size, can you try this: > > diff --git a/drivers/crypto/vmx/aes_xts.c b/drivers/crypto/vmx/aes_xts.c > index d59e736882f6..9fee1b1532a4 100644 > --- a/drivers/crypto/vmx/aes_xts.c > +++ b/drivers/crypto/vmx/aes_xts.c > @@ -84,6 +84,9 @@ static int p8_aes_xts_crypt(struct skcipher_request *req, > int enc) > u8 tweak[AES_BLOCK_SIZE]; > int ret; > > + if (req->cryptlen < AES_BLOCK_SIZE) > + return -EINVAL; > + > if (!crypto_simd_usable() || (req->cryptlen % XTS_BLOCK_SIZE) != 0) { > struct skcipher_request *subreq = skcipher_request_ctx(req); Your patch fixed it, thanks! Applied it on top of kernel 5.4.8 and the p8_aes_xts error did not show up in subsequent reboots.
Patch sent: https://patchwork.ozlabs.org/patch/1219350/