Re: [PATCH] security/keys: rewrite all of big_key crypto

From: Jason A. Donenfeld
Date: Tue Jun 06 2017 - 15:18:35 EST


On Tue, Jun 6, 2017 at 8:45 PM, David Howells <dhowells@xxxxxxxxxx> wrote:
> Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
>
>> Thank you! Perfect instructions, I'll play around with this and make
>> sure it works.
>
> Don't forget that it's bimodal. You need to give it sufficient data to
> trigger storage in swappable space.

Somewhat incredibly, it works perfectly.

First I tried the instructions you noted, and things worked, both for
big files and small ones.

Then I modified the source to print to dmesg the data buffer and the
key before and after the encryption/decryption function. I verified
with a small python script that indeed standard aes-gcm is being used
successfully.

Thus, pending Ted's approval of the new random API, this patch should
be ready for merging.

Regards,
Jason