crypto: vmx/xts - use fallback for ciphertext stealing

For correctness and compliance with the XTS-AES specification, we are
adding support for ciphertext stealing to XTS implementations, even
though no use cases are known that will be enabled by this.

Since the Power8 implementation already has a fallback skcipher standby
for other purposes, let's use it for this purpose as well. If ciphertext
stealing use cases ever become a bottleneck, we can always revisit this.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/drivers/crypto/vmx/aes_xts.c b/drivers/crypto/vmx/aes_xts.c
index 49f7258045fafc55c97cd26dfdf493d3512eb088..d59e736882f617661db73550c2ff623297477a69 100644 (file)
--- a/drivers/crypto/vmx/aes_xts.c
+++ b/drivers/crypto/vmx/aes_xts.c
@@ -84,7 +84,7 @@ static int p8_aes_xts_crypt(struct skcipher_request *req, int enc)
        u8 tweak[AES_BLOCK_SIZE];
        int ret;
 
-       if (!crypto_simd_usable()) {
+       if (!crypto_simd_usable() || (req->cryptlen % XTS_BLOCK_SIZE) != 0) {
                struct skcipher_request *subreq = skcipher_request_ctx(req);
 
                *subreq = *req;