Hi Herbert, On 01/13/2015 01:25 PM, Herbert Xu wrote: >> memcpy(ipad, buff, digest_size); >> > memcpy(opad, buff, digest_size); >> > + memset(ipad + digest_size, 0, block_size - digest_size); >> > + memset(opad + digest_size, 0, block_size - digest_size); >> > memzero_explicit(buff, sizeof(buff)); > The very first thing we do in that function is zero the whole > auth_state. So why would we need to zero it here? The only thin > I can think of is if auth_state is too small and we're encountering > garbage on the stack which would be a serious bug. Yes, it looks strange, but the issue is we don't really zero the whole auth_state. Because struct qat_auth_state is no packed on my system sizeof(MAX_AUTH_STATE_SIZE + 64) = 244 and sizeof(struct qat_auth_state) = 256 if instead of: memzero_explicit(auth_state.data, MAX_AUTH_STATE_SIZE + 64); it would be: memzero_explicit(&auth_state, sizeof(auth_state)); then it would work as well. I can send another patch that does the second if you like. Thanks, Tadeusz -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html