From nobody@FreeBSD.org  Mon Feb 28 13:24:01 2011
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B0853106567A
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 28 Feb 2011 13:24:01 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 854638FC0C
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 28 Feb 2011 13:24:01 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id p1SDO126080479
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 28 Feb 2011 13:24:01 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id p1SDO19K080465;
	Mon, 28 Feb 2011 13:24:01 GMT
	(envelope-from nobody)
Message-Id: <201102281324.p1SDO19K080465@red.freebsd.org>
Date: Mon, 28 Feb 2011 13:24:01 GMT
From: Stefan Grundmann <sg2342@googlemail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: geom_eli containers created on systems with aesni(4) enabled are not working on systems without aesni(4) and vice versa.
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         155118
>Category:       kern
>Synopsis:       [aesni] geom_eli containers created on systems with aesni(4) enabled are not working on systems without aesni(4) and vice versa.
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    kib
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Feb 28 13:30:10 UTC 2011
>Closed-Date:    Mon Apr 18 11:11:54 UTC 2011
>Last-Modified:  Mon Apr 18 11:11:54 UTC 2011
>Originator:     Stefan Grundmann
>Release:        FreeBSD 8.2-STABLE
>Organization:
>Environment:
FreeBSD seth 8.2-STABLE FreeBSD 8.2-STABLE #1: Fri Feb 25 13:36:59 UTC 2011     sg@seth:/usr/obj/usr/src/sys/GENERIC  amd64
>Description:
geom_eli containers created on systems with aesni(4) enabled are not working on systems without aesni(4) and vice versa.

i tested this only on amd64 and only for AES-XTC and AES-CBC. The problem might also exists for 3DES-CBC if 3DES hardware crypto is used.

If this behavior (incompatibility of "Crypto: hardware" and "Crypto: software" in geom_eli) is known, it shopuld be documented in the geli man page.

best regards 

Stefan Grundmann
>How-To-Repeat:
seth# mdconfig -a -t malloc -s 8M -u 666
seth# echo -n foobar > /tmp/pass
seth# kldunload aesni
kldunload: can't find file aesni
seth# geli init -J /tmp/pass -i 5 -e AES-XTS -l 256 md666

Metadata backup can be found in /var/backups/md666.eli and
can be restored with the following command:

        # geli restore /var/backups/md666.eli md666

seth# geli attach -j /tmp/pass md666
seth# dd if=/dev/zero of=/dev/md666.eli
dd: /dev/md666.eli: end of device
16384+0 records in
16383+0 records out
8388096 bytes transferred in 0.986972 secs (8498818 bytes/sec)
seth# dd if=/dev/md666.eli bs=1M | md5
7+1 records in
7+1 records out
8388096 bytes transferred in 0.522124 secs (16065339 bytes/sec)
23a0c69af6b0a448c0372e738ccccbeb
seth# geli detach md666
seth# kldload aesni
seth# geli attach -j /tmp/pass md666
seth# dd if=/dev/md666.eli bs=1M | md5
7+1 records in
7+1 records out
8388096 bytes transferred in 0.406862 secs (20616562 bytes/sec)
a775583473215888a1a02d583b826d50
seth# geli detach md666
seth# 
seth# kldunload aesni
seth# geli attach -j /tmp/pass md666
seth# dd if=/dev/md666.eli bs=1M | md5
7+1 records in
7+1 records out
8388096 bytes transferred in 0.719863 secs (11652348 bytes/sec)
23a0c69af6b0a448c0372e738ccccbeb
>Fix:


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-geom 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Wed Mar 2 07:37:13 UTC 2011 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=155118 
Responsible-Changed-From-To: freebsd-geom->kib 
Responsible-Changed-By: kib 
Responsible-Changed-When: Wed Mar 2 14:44:18 UTC 2011 
Responsible-Changed-Why:  
Take. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=155118 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/155118: commit references a PR
Date: Wed,  2 Mar 2011 14:57:12 +0000 (UTC)

 Author: kib
 Date: Wed Mar  2 14:56:58 2011
 New Revision: 219178
 URL: http://svn.freebsd.org/changeset/base/219178
 
 Log:
   Fix a bug in the result of manual assembly.
   
   Reported by:	Stefan Grundmann <sg2342 googlemail com>
   PR:	kern/155118
   MFC after:	3 days
 
 Modified:
   head/sys/crypto/aesni/aeskeys_amd64.S
   head/sys/crypto/aesni/aeskeys_i386.S
 
 Modified: head/sys/crypto/aesni/aeskeys_amd64.S
 ==============================================================================
 --- head/sys/crypto/aesni/aeskeys_amd64.S	Wed Mar  2 14:39:26 2011	(r219177)
 +++ head/sys/crypto/aesni/aeskeys_amd64.S	Wed Mar  2 14:56:58 2011	(r219178)
 @@ -162,7 +162,7 @@ ENTRY(aesni_set_enckey)
  	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x20
  	call	_key_expansion_256b
  //	aeskeygenassist $0x40,%xmm2,%xmm1	# round 7
 -	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x20
 +	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x40
  	call	_key_expansion_256a
  	retq
  .Lenc_key192:
 
 Modified: head/sys/crypto/aesni/aeskeys_i386.S
 ==============================================================================
 --- head/sys/crypto/aesni/aeskeys_i386.S	Wed Mar  2 14:39:26 2011	(r219177)
 +++ head/sys/crypto/aesni/aeskeys_i386.S	Wed Mar  2 14:56:58 2011	(r219178)
 @@ -167,7 +167,7 @@ ENTRY(aesni_set_enckey)
  	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x20
  	call	_key_expansion_256b
  //	aeskeygenassist $0x40,%xmm2,%xmm1	# round 7
 -	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x20
 +	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x40
  	call	_key_expansion_256a
  	.cfi_adjust_cfa_offset -4
  	leave
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/155118: commit references a PR
Date: Sat,  5 Mar 2011 09:42:12 +0000 (UTC)

 Author: kib
 Date: Sat Mar  5 09:42:00 2011
 New Revision: 219303
 URL: http://svn.freebsd.org/changeset/base/219303
 
 Log:
   MFC r219178:
   Fix a bug in the result of manual assembly.
   
   PR:	kern/155118
 
 Modified:
   stable/8/sys/crypto/aesni/aeskeys_amd64.S
   stable/8/sys/crypto/aesni/aeskeys_i386.S
 Directory Properties:
   stable/8/sys/   (props changed)
   stable/8/sys/amd64/include/xen/   (props changed)
   stable/8/sys/cddl/contrib/opensolaris/   (props changed)
   stable/8/sys/contrib/dev/acpica/   (props changed)
   stable/8/sys/contrib/pf/   (props changed)
 
 Modified: stable/8/sys/crypto/aesni/aeskeys_amd64.S
 ==============================================================================
 --- stable/8/sys/crypto/aesni/aeskeys_amd64.S	Sat Mar  5 08:56:42 2011	(r219302)
 +++ stable/8/sys/crypto/aesni/aeskeys_amd64.S	Sat Mar  5 09:42:00 2011	(r219303)
 @@ -162,7 +162,7 @@ ENTRY(aesni_set_enckey)
  	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x20
  	call	_key_expansion_256b
  //	aeskeygenassist $0x40,%xmm2,%xmm1	# round 7
 -	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x20
 +	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x40
  	call	_key_expansion_256a
  	retq
  .Lenc_key192:
 
 Modified: stable/8/sys/crypto/aesni/aeskeys_i386.S
 ==============================================================================
 --- stable/8/sys/crypto/aesni/aeskeys_i386.S	Sat Mar  5 08:56:42 2011	(r219302)
 +++ stable/8/sys/crypto/aesni/aeskeys_i386.S	Sat Mar  5 09:42:00 2011	(r219303)
 @@ -167,7 +167,7 @@ ENTRY(aesni_set_enckey)
  	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x20
  	call	_key_expansion_256b
  //	aeskeygenassist $0x40,%xmm2,%xmm1	# round 7
 -	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x20
 +	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x40
  	call	_key_expansion_256a
  	.cfi_adjust_cfa_offset -4
  	leave
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->closed 
State-Changed-By: kib 
State-Changed-When: Mon Apr 18 11:11:10 UTC 2011 
State-Changed-Why:  
Fix is in HEAD and 8. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=155118 
>Unformatted:
