Am Dienstag, 5. Mai 2020, 09:58:35 CEST schrieb Herbert Xu: Hi Herbert, > On Tue, Apr 21, 2020 at 10:08:14AM +0200, Ondrej Mosnáček wrote: > > Hi all, > > > > the libkcapi [1] tests are failing on kernels 5.5-rc1 and above [2]. > > All encryption/decryption tests that use 'ctr(aes)' and a message size > > that is not a multiple of 16 fail due to kcapi-enc returning different > > output than expected. > > > > It seems that it started with: > > commit 5b0fe9552336338acb52756daf65dd7a4eeca73f > > Author: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > > Date: Tue Sep 10 11:42:05 2019 +1000 > > > > crypto: algif_skcipher - Use chunksize instead of blocksize > > > > Reverting the above commit makes the tests pass again. > > > > Here is a one-line reproducer: > > head -c 257 /dev/zero | kcapi-enc -vvv --pbkdfiter 1 -p "passwd" -s > > "123" -e -c "ctr(aes)" --iv "0123456789abcdef0123456789abcdef" > > > > >/dev/null > > > > Output without revert: > > [...] > > libkcapi - Debug: AF_ALG: recvmsg syscall returned 256 > > kcapi-enc - Verbose: Removal of padding disabled > > kcapi-enc - Verbose: 256 bytes of ciphertext created > > OK, I tried it here and the problem is that kcapi-enc is setting > the flag SPLICE_F_MORE: > > splice(4, NULL, 6, NULL, 257, SPLICE_F_MORE) = 257 > write(2, "libkcapi - Debug: AF_ALG: splice"..., 54libkcapi - Debug: AF_ALG: > splice syscall returned 257 ) = 54 > write(2, "kcapi-enc - Debug: Data size exp"..., 59kcapi-enc - Debug: Data > size expected to be generated: 257 ) = 59 > recvmsg(6, {msg_name=NULL, msg_namelen=0, > msg_iov=[{iov_base="\363\212\340S\r\231\371+\234\320\"\360}%\244\242.\365iJ > \304\257\210\f\366\20\257'F\5EP"..., iov_len=257}], msg_iovlen=1, > msg_controllen=0, msg_flags=0}, 0) = 256 > > That flag means that the request is not finished and because of > the way CTR works we must wait for more input before returning > the next block (or partial block). > > So kcapi-enc needs to unset the SPLICE_F_MORE to finish a request. Thanks a lot, let me work on that. > > Cheers, Ciao Stephan