Am Freitag, 11. November 2016, 16:26:12 CET schrieb Mat Martineau: Hi Mat, > > > > With this solution, the caller must not use sendpage with the exact same > > buffers for input and output. The following rationale applies: When > > the caller sends the same buffer for input/output to the sendpage > > operation, the cipher operation now will write the ciphertext to the > > beginning of the buffer where the AAD used to be. The subsequent tag > > calculation will now use the data it finds where the AAD is expected. > > As the cipher operation has already replaced the AAD with the ciphertext, > > the tag calculation will take the ciphertext as AAD and thus calculate > > a wrong tag. > > If it's not much overhead, I suggest checking for this condition and > returning an error. I can surely look into that. But Herbert's NACK seems to make this patch unlikely. > > Other than that, I've done a quick test of the patches using sendmsg() and > read() and found that they work as expected. > Thanks for testing. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html