Please provide XTS (crypto: chaining mode) in all SailfishOS kernels
asked 2018-03-08 22:34:01 +0300
Dear sailors,
please provide the cryptographic chaining mode XTS (see cat /proc/crypto | grep xts) in the SailfishOS kernels for all devices.
Currently at least the kernels on Jolla 1 phones (up to Linux 3.4.108.20171107.1 in SFOS 2.1.4.14) do not support XTS, while the kernels compiled for SailfishX do.
XTS is available in Linux since 2.6.24.
Background:
XTS provides much faster random accesses than CBC (and needs no external IV-generation algorithm) when used for device encryption, see "[How-to] Creating partitions on SD-card, optionally encrypted", section "4.3.1 Cryptography options" for details.
Furthermore this would allow for using the same, (currently) optimal cryptography options (-h sha1 -s 256 -c aes-xts-plain) for Cryptsetup / DM-Crypt across all SailfishOS devices.
Cheers & happy sailing
P.S. (edit), see comments section of "[regression] cryptsetup stopped working on upgrade to 2.1.4.x" for details:
Some analysis with the help of @Jfish revealed, that technically everything is in place (on Jolla 1 phones), just the crypto configuration of the kernel and kernel modules seems to be inconsistent between device models under SailfishOS versions up to (and including) 2.1.4.
- On a Jolla 1, the kernel module qcrypto.ko (in /lib/modules/version/kernel/drivers/crypto/msm/) has to be explicitly loaded (e.g. per modprobe qcrypto) to enable the cryptographic chaining mode XTS, while the built-in kernel module cbc.ko for the chaining mode CBC (see cat /lib/modules/version/modules.builtin | fgrep cbc) seems to be automatically loaded on demand and the modules providing most classic cryptography algorithms are loaded by default (or something else already triggered them to be loaded on demand).
- On Xperia X though, all cryptography kernel modules seem to be loaded by default (I don't have one, hence this is just a guess from information provided by others).
Dear sailors, please scrutinise and resolve this, e.g. by loading the various kernel modules providing the common cryptography algorithms AES (-128 & -256), SHA-256, SHA-1, CBC(AES), XTS(AES) and for ESSIV (supposedly eseqiv and / or chainiv) either on demand or by default, on all devices.