On 06/09/2016 11:36 AM, Stephan Mueller wrote: > Am Donnerstag, 9. Juni 2016, 11:27:13 schrieb Mat Martineau: > > Hi Mat, Tadeusz, > >> On Thu, 9 Jun 2016, Stephan Mueller wrote: >>> Am Donnerstag, 9. Juni 2016, 11:18:04 schrieb Mat Martineau: >>> >>> Hi Mat, >>> >>>>> Or is your concern that the user space interface restricts things too >>>>> much >>>>> and thus prevents a valid use case? >>>> >>>> The latter - my primary concern is the constraint this places on >>>> userspace >>>> by forcing larger buffer sizes than might be necessary for the operation. >>>> struct akcipher_request has separate members for src_len and dst_len, and >>>> dst_len is documented as needing "to be at least as big as the expected >>>> result depending on the operation". Not the maximum result, the expected >>>> result. It's also documented that the cipher will generate an error if >>>> dst_len is insufficient and update the value with the required size. >>>> >>>> I'm updating some userspace TLS code that worked with an earlier, >>>> unmerged >>>> patch set for AF_ALG akcipher (from last year). The read calls with >>>> shorter buffers were the main porting problem. >>> >>> I see -- are you proposing to drop that check entirely? >> >> Yes. > > Ok, after checking the code again, I think that dropping that sanity check > should be ok given that this length is part of the akcipher API. > > Tadeusz, as you are currently managing that patch set, would you re-spin it > with the following check removed? > > + if (usedpages < akcipher_calcsize(ctx)) { > + err = -EMSGSIZE; > + goto unlock; > + } > Ok, I'll update the patch. Thanks, -- TS -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html