From owner-freebsd-fs@freebsd.org  Fri Feb 12 15:35:42 2021
Return-Path: <owner-freebsd-fs@freebsd.org>
Delivered-To: freebsd-fs@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3B140528306
 for <freebsd-fs@mailman.nyi.freebsd.org>; Fri, 12 Feb 2021 15:35:42 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::50:13])
 by mx1.freebsd.org (Postfix) with ESMTP id 4Dccyk11Z5z3G8B
 for <freebsd-fs@freebsd.org>; Fri, 12 Feb 2021 15:35:42 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.nyi.freebsd.org (Postfix)
 id 22D93528305; Fri, 12 Feb 2021 15:35:42 +0000 (UTC)
Delivered-To: fs@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 229E954FC57
 for <fs@mailman.nyi.freebsd.org>; Fri, 12 Feb 2021 15:35:42 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4Dccyk0R99z3GGQ
 for <fs@FreeBSD.org>; Fri, 12 Feb 2021 15:35:42 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2610:1c1:1:606c::50:1d])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id F214C263C0
 for <fs@FreeBSD.org>; Fri, 12 Feb 2021 15:35:41 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 11CFZfhM042477
 for <fs@FreeBSD.org>; Fri, 12 Feb 2021 15:35:41 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 11CFZf6F042476
 for fs@FreeBSD.org; Fri, 12 Feb 2021 15:35:41 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: fs@FreeBSD.org
Subject: [Bug 252981] panic with ZFS encryption and QAT: VERIFY3(0 ==
 spa_do_crypt_bad(...
Date: Fri, 12 Feb 2021 15:35:42 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: CURRENT
X-Bugzilla-Keywords: panic
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: markj@FreeBSD.org
X-Bugzilla-Status: Open
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: fs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-252981-3630-tyF74FmqGO@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-252981-3630@https.bugs.freebsd.org/bugzilla/>
References: <bug-252981-3630@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-fs@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Filesystems <freebsd-fs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-fs>,
 <mailto:freebsd-fs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-fs/>
List-Post: <mailto:freebsd-fs@freebsd.org>
List-Help: <mailto:freebsd-fs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
 <mailto:freebsd-fs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Feb 2021 15:35:42 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D252981

Mark Johnston <markj@FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jhb@FreeBSD.org

--- Comment #7 from Mark Johnston <markj@FreeBSD.org> ---
I think for 13.0 we should just modify ZFS to not use hardware crypto drive=
rs.=20
Per comment 1 the OCF wrapper in ZFS is buggy with respect to asynchronous
completions.

Going forward there are at least three possible solutions:
1. Modify ZFS to use separate sessions for hardware and software crypto, and
only use hardware crypto when ot !=3D DMU_OT_INTENT_LOG && ot !=3D DMU_OT_D=
NODE in
zio_do_crypto_data().  This side-steps the AAD problem.
2. Modify qat(4) to authenticate AAD and perform encryption/decryption in
separate requests, passing intermediate hash state from the first request to
the second.  qat(4) can handle arbitrarily large GMAC requests.  I'm not su=
re
how easy this is but I think it's possible.
3. Modify opencrypto to fall back to software crypto if the hardware can't
handle the request for some reason.  jhb suggested that this would be useful
for other purposes, e.g., if one is decrypting small packets, where the CPU
cost of handling the request in software is the same as the request setup c=
ost
in a hardware driver.  This requires some thought around reordering of requ=
ests
within a session.

--=20
You are receiving this mail because:
You are the assignee for the bug.=