On Tue, 6 Feb 2024, Eric Biggers wrote: > On Tue, Feb 06, 2024 at 10:46:59PM +0100, Mikulas Patocka wrote: > > Hi > > > > I'm trying to fix some problems in dm-crypt that it may report > > authentication failures when the user reads data with O_DIRECT and > > modifies the read buffer while it is being read. > > > > I'd like to ask you: > > > > 1. If the authenticated encryption encrypts a message, reading from > > buffer1 and writing to buffer2 - and buffer1 changes while reading from > > it - is it possible that it generates invalid authentication tag? > > > > 2. If the authenticated encryption decrypts a message, reading from > > buffer1 and writing to buffer2 - and buffer2 changes while writing to > > it - is is possible that it reports authentication tag mismatch? > > > > Yes, both scenarios are possible. But it depends on the AEAD algorithm and how > it happens to be implemented, and on whether the data overlaps or not. > > This is very much a "don't do that" sort of thing. > > - Eric I see. So I will copy the data to a kernel buffer before encryption or decryption. I assume that authenticated encryption or decryption using the same buffer as a source and as a destination should be ok. Right? Mikulas
