Herbert, AF_ALG hash supports the accept() call to allow for partial hash states to be cloned. If an accept() is issued against a socket before ever doing a send(), crypto_ahash_init() will never have been called for the original socket. The hash_accept function in algif_hash will call crypto_ahash_export() which will return an uninitialized request context and then use that for import into the new socket. A problem arises here because hash_accept sets the 'more' bit of the new context to 1 (ctx2->more = 1). This will cause the first send() call for the new socket to skip calling crypto_ahash_init() which can result in an error or oops because the request context for the cloned socket was never initialized. Is it assumed that the accept() call should only ever be made after having issued at least one send()? Should the ctx2->more value be the value from the original context so that crypto_ahash_init() is called when needed? Thanks, Tom -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html