On Thu, 11 Sep 2025, Ingo Franzki wrote: > >> So, it looks like a dm-crypt bug. > >> > >> Please, revert my patches and run the same test on a clean 6.17.0-rc5 just > >> to verify that the patches do not introduce the bug. > > > > With your patches reverted the combined mode fails the same way as with your patches. > > So they did not introduce the bug. > > Mikulas, do you have any idea what could be causing this errors? > Is it that dm-crypt is not properly dealing with async-only HMAC ciphers? > Async-only encryption ciphers seem to work fine in dm-crypt, since LUKS with PAES (but no integrity) works fine, and PAES is an async-onky cipher. > LUKS with sync-HMAC ciphers (e.g. clear key HMAC) also works fine, even in combination with PAES. Yes, I think that it's a problem with async HMAC. The bug is probably either in dm-crypt or in the crypto library. Do you have some other (non-dm-crypt-related) workload that uses the async authentication, so that we can determine whether the bug is in dm-crypt or crypto? Otherwise, would it be possible to give us a virtual machine on the mainframe to debug this issue? Mikulas
