On 22.11.19 15:07, Herbert Xu wrote: > On Fri, Nov 22, 2019 at 02:38:30PM +0100, Harald Freudenberger wrote: >> The pkey is in fact a encrypted key + a verification pattern for the >> encrypted key used. It gets invalid when this encryption key changes. >> The encryption key changes when the LPAR is re-activated so for >> example on suspend/resume or an Linux running as kvm guest >> gets relocated. So this happens very rarely. > I see. Is there any way of you finding out that the key has been > invalidated apart from trying out the crypto and having it fail? No. By using the pkey for a crypto operation the hardware checks the verification pattern and if there is a mismatch it simple rejects the operation. Theoretically such an operation can only partly complete and then a pkey could get invalid. I have no way to check if the pkey is still valid before the cpacf instruction call. > > Ideally you'd have a global counter that gets incremented everytime > an invalidation occurs. You can then regenerate your key if its > generation counter differs from the current global counter. > > Also when the crypto fails due to an invalid key you're currently > calling skcipher_walk_done with zero. This is wrong as the done > function must be called with a positive value or an error. In > some cases this can cause a crash in scatterwalk. > > IOW you should just repeat the crypto operation after regenerating > the key rather than looping around again. That's right. I'll try to rework the functions this way to avoid calling skciper_walk_done with 0. Thanks > > Cheers,