On Fri, Sep 06, 2019 at 06:32:29PM -0700, Ard Biesheuvel wrote: > > The point is that doing > > skcipher_walk_virt(&walk, ...); > skcipher_walk_done(&walk, -EFOO); > > may clobber your data if you are executing in place (unless I am > missing something) You mean encrypting in place? If you're encrypting in place you're usually on the zero-copy fast path so whatever is left-behind by the algorithm will be visible anyway without any copying. > If skcipher_walk_done() is called with an error, it should really just > clean up after it self, but not copy back the unknown contents of > temporary buffers. We're not copying uninitialised kernel memory. The temporary space starts out as a copy of the source and we're just copying it to the destination. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
