On Thu, Jan 12, 2017 at 05:01:13PM +0100, Stephan Müller wrote: > > I fully agree. Therefore, I was under the impression that disregarding the AAD > in recvmsg entirely would be most appropriate as offered with the patch > "crypto: AF_ALG - disregard AAD buffer space for output". In this case we > would be fully POSIX compliant, the kernel would not copy the AAD (and thus > perform multiple memcpy operations due to copy_from_user and copy_to_user > round trips) and leave the AAD copy operation entirely to user space. Yes but then you'd have to play nasty games to fit this through the kernel API. Besides, we could still do in-place crypto even though you suggested that it's complicated. It's not really. All we have to do is walk through the SG list and compare each page/offset. For the common case it's going to be a single-entry list. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html