From: Eric Biggers <ebiggers@google.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Linux Crypto Mailing List <linux-crypto@vger.kernel.org>
Subject: Re: [PATCH 1/16] crypto: skcipher - Add skcipher walk interface
Date: Wed, 2 Nov 2016 13:54:20 -0700 [thread overview]
Message-ID: <20161102205420.GA17645@google.com> (raw)
In-Reply-To: <E1c1iKc-0004Av-CW@gondolin.me.apana.org.au>
Hi Herbert, just a few preliminary comments. I haven't made it through
everything yet.
On Wed, Nov 02, 2016 at 07:19:02AM +0800, Herbert Xu wrote:
> +static int skcipher_walk_first(struct skcipher_walk *walk)
> +{
> + if (WARN_ON_ONCE(in_irq()))
> + return -EDEADLK;
> +
> + walk->nbytes = walk->total;
> + if (unlikely(!walk->total))
> + return 0;
> +
> + walk->buffer = NULL;
> + if (unlikely(((unsigned long)walk->iv & walk->alignmask))) {
> + int err = skcipher_copy_iv(walk);
> + if (err)
> + return err;
> + }
> +
> + walk->page = NULL;
> +
> + return skcipher_walk_next(walk);
> +}
I think the case where skcipher_copy_iv() fails may be handled incorrectly.
Wouldn't it need to set walk.nbytes to 0 so as to not confuse callers which
expect that behavior? Or maybe it should be calling skcipher_walk_done().
> +static int skcipher_walk_skcipher(struct skcipher_walk *walk,
> + struct skcipher_request *req)
> +{
> + struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
> +
> + scatterwalk_start(&walk->in, req->src);
> + scatterwalk_start(&walk->out, req->dst);
> +
> + walk->in.sg = req->src;
> + walk->out.sg = req->dst;
Setting walk->in.sg and walk->out.sg is redundant with the scatterwalk_start()
calls.
> +int skcipher_walk_virt(struct skcipher_walk *walk,
> + struct skcipher_request *req, bool atomic)
> +{
> + int err;
> +
> + walk->flags &= ~SKCIPHER_WALK_PHYS;
> +
> + err = skcipher_walk_skcipher(walk, req);
> +
> + walk->flags &= atomic ? ~SKCIPHER_WALK_SLEEP : ~0;
> +
> + return err;
> +}
This gets called with uninitialized 'walk.flags'. This was somewhat of a
theoretical problem with the old blkcipher_walk code but it looks like now it
will interact badly with the new SKCIPHER_WALK_SLEEP flag. As far as I can see,
whether the flag will end up set or not can depend on the uninitialized value.
It would be nice if this problem could be avoided entirely be setting flags=0.
I'm also wondering about the choice to not look at 'atomic' until after the call
to skcipher_walk_skcipher(). Wouldn't this mean that the choice of 'atomic'
would not be respected in e.g. the kmalloc() in skcipher_copy_iv()?
> +int skcipher_walk_async(struct skcipher_walk *walk,
> + struct skcipher_request *req)
> +{
> + walk->flags |= SKCIPHER_WALK_PHYS;
> +
> + INIT_LIST_HEAD(&walk->buffers);
> +
> + return skcipher_walk_skcipher(walk, req);
> +}
> +EXPORT_SYMBOL_GPL(skcipher_walk_async);
I don't see any users of the "async" walking being introduced; are some planned?
Eric
next prev parent reply other threads:[~2016-11-02 20:54 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-01 23:16 [PATCH 0/16] crypto: skcipher - skcipher algorithm conversion part 3 Herbert Xu
2016-11-01 23:19 ` [PATCH 1/16] crypto: skcipher - Add skcipher walk interface Herbert Xu
2016-11-02 20:54 ` Eric Biggers [this message]
2016-11-11 11:19 ` Herbert Xu
2016-11-01 23:19 ` [PATCH 2/16] crypto: aes-ce-ccm - Use " Herbert Xu
2016-11-01 23:19 ` [PATCH 3/16] crypto: lrw - Convert to skcipher Herbert Xu
2016-11-01 23:19 ` [PATCH 4/16] crypto: xts " Herbert Xu
2016-11-01 23:19 ` [PATCH 5/16] crypto: api - Do not clear type bits in crypto_larval_lookup Herbert Xu
2016-11-01 23:19 ` [PATCH 6/16] crypto: cryptd - Add support for skcipher Herbert Xu
2016-11-01 23:19 ` [PATCH 7/16] crypto: simd - Add simd skcipher helper Herbert Xu
2016-11-01 23:19 ` [PATCH 8/16] crypto: pcbc - Convert to skcipher Herbert Xu
2016-11-01 23:19 ` [PATCH 9/16] crypto: glue_helper - Add skcipher xts helpers Herbert Xu
2016-11-01 23:19 ` [PATCH 10/16] crypto: testmgr - Do not test internal algorithms Herbert Xu
2016-11-10 11:32 ` Marcelo Cerri
2016-11-01 23:19 ` [PATCH 11/16] crypto: aesni - Convert to skcipher Herbert Xu
2016-11-01 23:19 ` [PATCH 12/16] crypto: arm64/aes " Herbert Xu
2016-11-01 23:19 ` [PATCH 13/16] crypto: aes-ce " Herbert Xu
2016-11-01 23:19 ` [PATCH 14/16] crypto: cbc " Herbert Xu
2016-11-01 23:19 ` [PATCH 15/16] crypto: cbc - Export CBC implementation Herbert Xu
2016-11-01 23:19 ` [PATCH 16/16] crypto: aesbs - Convert to skcipher Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161102205420.GA17645@google.com \
--to=ebiggers@google.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).