Am Montag, 26. Januar 2015, 08:58:33 schrieb Tadeusz Struk: Hi Tadeusz, > On 01/25/2015 04:10 PM, Herbert Xu wrote: > > On Sun, Jan 25, 2015 at 08:26:50AM -0800, Tadeusz Struk wrote: > >> > Hi Stephan, > >> > > >> > On 01/25/2015 12:58 AM, Stephan Mueller wrote: > >>>> > >> +static int rfc4106_set_key(struct crypto_aead *parent, const u8 > >>>> > >> *key, > >>>> > >> > >>>>> > >> > + unsigned int key_len) > >>>>> > >> > > >>>>> > >> > { > >>>>> > >> > > >>>>> > >> > struct aesni_rfc4106_gcm_ctx *ctx = > >>>>> > >> > aesni_rfc4106_gcm_ctx_get(parent); > >>>>> > >> > struct crypto_aead *cryptd_child = > >>>>> > >> > cryptd_aead_child(ctx->cryptd_tfm); > >>>>> > >> > > >>>>> > >> > + struct aesni_rfc4106_gcm_ctx *child_ctx = > >>>>> > >> > + aesni_rfc4106_gcm_ctx_get(cryptd_child); > >>>>> > >> > + int ret; > >>>>> > >> > > >>>>> > >> > + ret = common_rfc4106_set_key(parent, key, key_len); > >>> > > > >>> > > Shouldn't that one be crypto_aead_setkey, i.e using the regular > >>> > > crypto API > >>> > > instead of internal calls? > >> > > >> > No, I don't think so. I think that would create an infinite loop. > > > > So why does it work for ablk_helper but not for aead? > > Here we have two instances of crypto_aead algorithm, one the > rfc4106(gcm(aes)), whose setkey points to rfc4106_set_key(), and the > internal helper __gcm-aes-aesni (wrapped in by the cryptd interface), > whose setkey points to common_rfc4106_set_key(). If we would call > crypto_aead_setkey() on the parent from rfc4106_set_key() then we would > invoke the same rfc4106_set_key() function. It would be ok to call the > crypto_aead_setkey() on the child, but what's the point? The point is to maintain an onion style framework that is coherent. All other ciphers implement it (look at the generic gcm.c). > What we really want to do is to setup the context (authsize and key) for > both the top level rfc4106(gcm(aes)) and the helper __gcm-aes-aesni. We > can do it by calling the internal function directly or by the regular > crypto API crypto_aead_setkey()/set_authsize() on the child, but I don't > see any difference or benefit of it. Then, why do we register the internal __driver "cipher" at all. On the one hand, the kernel crypto API is used for some aspects but not for others. Hm... > Hope that make sense. > Thanks, > Tadeusz > -- > To unsubscribe from this list: send the line "unsubscribe linux-crypto" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html