On Wed, Jun 27, 2018 at 7:34 AM, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > On Tue, Jun 26, 2018 at 10:02:31AM -0700, Kees Cook wrote: >> >> There is no SHASH_MAX_REQSIZE? >> >> As for users of AHASH_REQUEST_ON_STACK, I see: > > These users are only using the top-level ahash interface. The > underlying algorithms must all be shas. typo? "shash" you mean? I don't really understand the crypto APIs -- are you or Eric able to help me a bit more here? I don't understand that things can wrap other things, so I'm not sure the best way to reason about the maximum size to choose here. (And the same for skcipher.) -Kees -- Kees Cook Pixel Security