Re: [PATCH v6 3/6] crypto: AF_ALG -- add asymmetric cipher interface

From: Mat Martineau
Date: Thu Jun 09 2016 - 14:27:20 EST



On Thu, 9 Jun 2016, Stephan Mueller wrote:

Am Donnerstag, 9. Juni 2016, 11:18:04 schrieb Mat Martineau:

Hi Mat,

Or is your concern that the user space interface restricts things too much
and thus prevents a valid use case?

The latter - my primary concern is the constraint this places on userspace
by forcing larger buffer sizes than might be necessary for the operation.
struct akcipher_request has separate members for src_len and dst_len, and
dst_len is documented as needing "to be at least as big as the expected
result depending on the operation". Not the maximum result, the expected
result. It's also documented that the cipher will generate an error if
dst_len is insufficient and update the value with the required size.

I'm updating some userspace TLS code that worked with an earlier, unmerged
patch set for AF_ALG akcipher (from last year). The read calls with
shorter buffers were the main porting problem.

I see -- are you proposing to drop that check entirely?

Yes.


Best regards,

--
Mat Martineau
Intel OTC