On Fri, Feb 12, 2010 at 09:42:28AM +0100, Sebastian Andrzej Siewior wrote: > > -static void arc4_crypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) > +static void arc4_ivsetup(struct arc4_ctx *ctx, u8 *iv) > { > - struct arc4_ctx *ctx = crypto_tfm_ctx(tfm); > + if (unlikely(!ctx->new_key)) > + return; > + memcpy(iv, &ctx->iv, sizeof(ctx->iv)); > + ctx->new_key = 0; Sorry, but this doesn't work. A ctx is supposed to be reentrant. That is, while one thread is working away with a given ctx I should be able to use that same ctx in a different thread without them clobbering each other. So that means (in general) you must not modify the ctx in any function other than setkey. This also brings up the bigger question of how we transition to this new arc4. I don't think we need to maintain exactly the same behaviour as the existing ecb(arc4). So what we could do is simply add a new blkcipher arc4, alongside the existing cipher arc4. Then we can convert the existing users across, and finally remove the old arc4. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html