Russell King - ARM Linux <linux@xxxxxxxxxxxxxxx> wrote: > Testing that code on 4.8-rc (and 4.7 fwiw) gives: > > socket(PF_ALG, SOCK_SEQPACKET, 0) = 3 > bind(3, {sa_family=AF_ALG, sa_data="hash\0\0\0\0\0\0\0\0\0\0"}, 88) = 0 > accept(3, 0, NULL) = 4 > write(4, "abc", 3) = -1 ENOKEY (Required key not available) > read(4, 0xbec50508, 20) = -1 ENOKEY (Required key not available) > > IOW, the same problem - and it seems not to be a recent regression. > > Since the last time I tested CESA or CAAM was back in 4.4 times, > it's got to be something between 4.4 and 4.7. > > Looking at the history, my guess would be the setkey changes - > crypto: algif_skcipher - Require setkey before accept(2) > crypto: af_alg - Disallow bind/setkey/... after accept(2) > crypto: af_alg - Add nokey compatibility path > crypto: hash - Add crypto_ahash_has_setkey > crypto: algif_hash - Require setkey before accept(2) This is definitely supposed to work. Basically if the algorithm requires a key (e.g., HMAC) then you must set it. Otherwise it should never return ENOKEY. Which algorithm were you testing and what does /proc/crypto say? Thanks, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html