Re: [PATCH v2 0/7] dm-integrity: asynchronous hash support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 2025-09-09 14:15, Milan Broz wrote:

On 9/9/25 1:50 PM, Ingo Franzki wrote:

On 09.09.2025 13:47, Milan Broz wrote:

On 9/9/25 1:18 PM, Ingo Franzki wrote:
Please, revert my patches and run the same test on a clean 6.17.0-rc5 just 
to verify that the patches do not introduce the bug.
With your patches reverted the combined mode fails the same way as with your patches. 
So they did not introduce the bug.
Please report it as cryptsetup issue with a reproducer so we can later check it.
I don't think its a cryptsetup bug, its rather that dm-crypt is missing something to deal with async HMAC ciphers. 
The point is that PHMAC is a async-only cipher, with no sync variant.


I know, but there is no tracker for dm-crypt and what I like to have
some kind of upstream CI testing for PHMAC/PAES
even without mainframe hw (we already talked about a fake cipher module).
Let me think about this a bit... You are suggesting a test kernel module for e.g. x64 which acts like the phmac/paes implementation in a asynchronous way. 
I'll discuss this with Ingo.



It is not an real issue as PHMAC is neither in released kernel nor in
cryptsetup yet, but we should have a test
coverage once it is merged.

On the other side, the async thing is a real pain, is there any plan
to switch to something better in future
(for dm-crypt and dm-integrity)?
Well, as of now all the s390 pkey things are by nature asynchronous. Which means at any time the key may get invalid. It is in the end a hardware backed key and thus if the hardware is changed (for example a 'live' guest migration) the key runs invalid and needs to be re-derived or re-fetched. I don't see a 
way to hide this and have a synchronous implementation instead.
I think on the contrary the need for asynchronous algorithms will increase. More and more platforms run virtual machines which exploit special hardware like AI accelerators and crypto co-processors and do support live guest migration.
Well, that's future. However, it would be nice to have at least one asynchronous algorithm implementation available on a broad platform like x64 or arm maybe only 
for test of the dm-integrity layer.


Thanks,
Milan
[Index of Archives]     [DM Crypt]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite Discussion]     [KDE Users]     [Fedora Docs]

  Powered by Linux