[Bug 252981] panic with ZFS encryption and QAT: VERIFY3(0 == spa_do_crypt_bad(...

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Tue Jan 26 00:03:47 UTC 2021


--- Comment #5 from Mark Johnston <markj at FreeBSD.org> ---
(In reply to Alan Somers from comment #3)
This constraint only applies to AES-GCM.  Other algorithms that provide
integrity checking don't have such a limit on the AAD size.

IPSec's ESP protocol includes the ESP header itself as AAD, for instance, but
because the AAD size is fixed and smaller than the limit, it can use
QAT/AES-GCM with no problems.  That use-case was the original motivation for
the port.

(In reply to Alan Somers from comment #4)
GELI doesn't appear to authenticate anything that isn't also encrypted, so
there is no AAD.  Even if it were to use GCM there would be no problem.

You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-fs mailing list