On Fri, May 29, 2015 at 12:09:35PM +0200, Stephan Mueller wrote:
>
> > - return (ctx->used >= (ctx->aead_assoclen + (ctx->enc ? 0 : as)));
> > + return ctx->used >= ctx->aead_assoclen + as;
>
> This change requires that the buffer handed in by user space always has room
> for the tag, regardless whether it is needed or not. Is that intended?
Yes for two reasons. One is that sometimes we need to enforce
in-place processing, in which case dst must be at least as big
as src. The other reason is to eventually allow in-place processing
through algif_aead. Unless the two SG lists were of the same length,
it isn't possible to do that.
> > - /* add the size needed for the auth tag to be created */
> > - outlen += as;
> > - } else {
> > - /* output data size is input without the authentication tag */
> > - outlen = used - as;
>
> The removal of these make me wonder: with those missing, the output of the
> cipher operation does not have CT || tag (in case of encryption) or PT (in
> case of encryption.
>
> Note, I have updated my user space code to require space for the AD in the
> output buffer. When reverting those changes with the following patch, the code
> works nicely. If I do not apply the patch, the beginning of the CT or PT is as
> expected, but the end is bogus. Also, the tag would be missing.
Well used is now supposed to always contain the tag in both cases.
Can you send me the code that you're using to test this and I'll
do some tests on it.
> However, when use those changes and I perform the test of libkcapi/test/kcapi
> -y -s, I get the following strange crash which i have no idea where to look
> for the cause (normal sendmsg and vmsplice tests with libkcapi/test/kcapi -y
> and libkcapi/test/kcapi -y -v work flawless)
This is clearly not good. It looks like memory corruption.
Thanks,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
