On Fri, Nov 16, 2007 at 09:19:13AM +0100, Sebastian Siewior wrote: > Not only in hfin. My SPU-AES has the same bug. Do you know someone who > wants to chain? I can remember that you said once "that this is > currently the case but we can change this since IPsec brings a new IV > for ever packet". > So, both of us have to fix it or must the crypto users complete their > encryption/decryption process in one go once they use async (we have no > documentation so we are very flexible here I guess :) )? IPsec wouldn't need to chain but it is conceivable that others may wish to chain. More importantly if you don't copy it out then chaining would be impossible in general so you're taking the choice away from the user. I just did a grep and RXKAD seems to be the only user that uses the IV (apart from IPsec that is). So if we take chaining away then we might lose the ability to ever convert RXKAD to the ablkcipher interface. I do recognise that for DMA devices copying the IV back may be expensive so perhaps we can add a request flag for this. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
