On Wed, 2016-02-03 at 08:19 +0100, Carsten Wolff wrote: > Hi Ben, > > thanks for the quick answer. > > On Sunday 31 January 2016 23:37:56 Ben Hutchings wrote: > > That suggests a regression in the padlock-aes driver, although I don't > > see any functional changes there. As a workaround, you can blacklist > > it by adding "blacklist=padlock-aes" to the kernel command line. > > of course, but this machine is mainly serving files and running backups and > padlock really makes a difference in throughput. > > > I wonder whether the compiler version makes a difference. Does the > > 3.16 kernel in the wheezy-backports suite behave any differently? > > Unfortunatly, that wasn't it. The bp.o kernel shows the same symptoms. > Anything else I can try out or do to provide more info?
I found what seems to be a bug in the driver, but it was present in both 3.2 and 3.16. Please test whether the attached patch fixes this issue, following the instructions at <https://kernel-handbook.alioth.debian.org/ch-common-tasks.html#s-common-official>. Ben. -- Ben Hutchings It is a miracle that curiosity survives formal education. - Albert Einstein
From: Ben Hutchings <b...@decadent.org.uk> Date: Sun, 31 Jan 2016 22:48:01 +0100 Subject: padlock-aes: Fix check for whether cword has changed Bug-Debian: https://bugs.debian.org/813327 The cword pointers passed to padlock_{reset_key,store,cword}() did not match those actually used. Compile-tested only. Fixes: 420a4b20c504 ("crypto: padlock - Avoid resetting cword on ...") Signed-off-by: Ben Hutchings <b...@decadent.org.uk> --- drivers/crypto/padlock-aes.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/crypto/padlock-aes.c b/drivers/crypto/padlock-aes.c index 441e86b23571..73c2a3ffb7d5 100644 --- a/drivers/crypto/padlock-aes.c +++ b/drivers/crypto/padlock-aes.c @@ -312,11 +312,11 @@ static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) struct aes_ctx *ctx = aes_ctx(tfm); int ts_state; - padlock_reset_key(&ctx->cword.encrypt); + padlock_reset_key(&ctx->cword.decrypt); ts_state = irq_ts_save(); ecb_crypt(in, out, ctx->D, &ctx->cword.decrypt, 1); irq_ts_restore(ts_state); - padlock_store_cword(&ctx->cword.encrypt); + padlock_store_cword(&ctx->cword.decrypt); } static struct crypto_alg aes_alg = { @@ -392,7 +392,7 @@ static int ecb_aes_decrypt(struct blkcipher_desc *desc, } irq_ts_restore(ts_state); - padlock_store_cword(&ctx->cword.encrypt); + padlock_store_cword(&ctx->cword.decrypt); return err; } @@ -444,7 +444,7 @@ static int cbc_aes_encrypt(struct blkcipher_desc *desc, } irq_ts_restore(ts_state); - padlock_store_cword(&ctx->cword.decrypt); + padlock_store_cword(&ctx->cword.encrypt); return err; } @@ -458,7 +458,7 @@ static int cbc_aes_decrypt(struct blkcipher_desc *desc, int err; int ts_state; - padlock_reset_key(&ctx->cword.encrypt); + padlock_reset_key(&ctx->cword.decrypt); blkcipher_walk_init(&walk, dst, src, nbytes); err = blkcipher_walk_virt(desc, &walk); @@ -474,7 +474,7 @@ static int cbc_aes_decrypt(struct blkcipher_desc *desc, irq_ts_restore(ts_state); - padlock_store_cword(&ctx->cword.encrypt); + padlock_store_cword(&ctx->cword.decrypt); return err; }
signature.asc
Description: This is a digitally signed message part
