Re: Question regarding crypto scatterlists / testmgr

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 17 Apr 2019 at 13:49, Pascal Van Leeuwen
<pvanleeuwen@xxxxxxxxxxxxxxxx> wrote:
>
> > > I'm trying to fix the inside-secure driver to pass all testmgr
> > > tests and I have one final issue remaining with the AEAD ciphers.
> > > As it was not clear at all what the exact problem was, I spent
> > > some time reverse engineering testmgr and I got the distinct
> > > impression that it is using scatter particles that cross page
> > > boundaries. On purpose, even.
> > >
> > > While the inside-secure driver is built on the premise that
> > > scatter particles are continuous in device space. As I can't
> > > think of any reason why you would want to scatter/gather other
> > > than to handle virtual-to-physical address translation ...
> > > In any case, this should affect all other other operations as
> > > well, but maybe those just got "lucky" by getting particles
> > > that were still contiguous in device space, despite the page
> > > crossing (to *really* verify this, you would have to fully
> > > randomize your page allocation!)
> > >
> > > Anyway, assuming that I *should* be able to handle particles
> > > that are *not* contiguous in device space, then there should
> > > probably already exist some function in the kernel API that
> > > converts a scatterlist with non-contiguous particles into a
> > > scatterlist with contiguous particles, taking into account the
> > > presence of an IOMMU? Considering pretty much every device
> > > driver would need to do that?
> > > Does anyone know which function(s) to use for that?
> > >
> >
> > Hello Pascal,
> >
> > Scatterlists are made up of struct page/offset tuples, and so they
> > should map transparently onto physical ranges.
> >
> > It looks like the AEAD skcipher walk API lacks a *_async() variant
> > setting the SKCIPHER_WALK_PHYS bit, like we have for the ordinary
> > block ciphers. Plumbing that into crypto/skcipher.c should be rather
> > straight-forward.
> >
> > --
> > Ard.
> Ard,
>
>
> Am I reading this correctly as "your driver should indeed expect
> those particles to be contiguous, but there is some problem in some
> other location in the API causing this to not always be the case"?
>

Indeed.

> I took a quick peek at skcipher.c, which is a design unfamiliar to
> me, but the first thing that strikes me is that there is an
> "skcipher_walk_async", that indeed sets this SKCIPHER_WALK_PHYS bit,
> but no matching "skcipher_walk_aead_async" function that I would sort
> of expect doing a similar thing for AEAD ciphers ...
>

That is precisely my point.



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux