Am Samstag, 12. November 2016, 09:55:19 CET schrieb Herbert Xu: Hi Herbert, > On Thu, Nov 10, 2016 at 04:32:03AM +0100, Stephan Mueller wrote: > > The kernel crypto API AEAD cipher operation generates output such that > > space for the AAD is reserved in the output buffer without being > > touched. The processed ciphertext/plaintext is appended to the reserved > > AAD buffer. > > > > The user space interface followed that approach. However, this is a > > violation of the POSIX read definition which requires that any read data > > is placed at the beginning of the caller-provided buffer. As the kernel > > crypto API would leave room for the AAD, the old approach did not fully > > comply with the POSIX specification. > > Nack. The kernel AEAD API will copy the AD as is, it definitely > does not leave the output untouched unless of course when it is > an in-place operation. The user-space operation should operate > in the same manner. When you have separate buffers, the kernel does not seem to copy the AD over to the target buffer. > > Cheers, Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html