From: T Pratham <t-pratham@ti.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>
Cc: <linux-crypto@vger.kernel.org>
Subject: A question on crypto_engine and a possible bug
Date: Sat, 13 Sep 2025 14:48:11 +0530 [thread overview]
Message-ID: <55446d58-0ca7-4d1c-9e9c-4fcbf8dcda1f@ti.com> (raw)
Hi,
Since the in-kernel APIs are not well documented, I got into a road bump recently with crypto engine APIs while implementing my new driver. So I thought of asking my doubts directly, and reporting a behaviour I saw which I think is not expected and possibly a bug.
So, the do_one_op function registered by the user in *_engine_alg, what is it supposed to return? Seeing the int return type, I assumed it should be 0 for success and error codes if any failure occurs (-EINVAL, -ENOMEM, etc. for appropriate failure). Before returning from this function, we also call crypto_finalize_*_request, and pass the return error code to this as well. So do we return the same error code at both places?
The above doesn't seem to be correct while working with AEADs. I was returning same error code from do_one_op function which was being passed to crypto_finalize_aead_request. This was causing selftests to fail in a peculiar way: a random test for encryption was failing with:
"alg: aead: <driver_name> encryption failed on test vector <test vector>; expected error=0, actual error=-74, cfg=<cfg>"
Now, you may recognize that -74 is the code for EBADMSG, which is only returned in decryption when the authentication tag does not match. My driver cannot return this error in encryption in any case. So the error was not coming from my code for sure.
I did some inspection, added some extra prints in testmgr as well as my code, and a pattern emerged. The failing test was always the encryption test after the first decryption test that tests for failing tag authentication (i.e. the decryption test expects -EBADMSG being returned). This was being propagated by the crypto engine queue to the next request somehow (how? a bug? an edge case?). Crypto engine also prints the log "Failed to do one request from queue: -74" for all decryptions returning -EBADMSG. When I changed the return value of do_one_op function from the error code to 0, suddenly all selftests passed (including all random tests)!
So for AEADs -EBADMSG case, are we supposed to return 0, or return 0 always, or what is the return value crypto engine expects?
Regards
T Pratham <t-pratham@ti.com>
next reply other threads:[~2025-09-13 9:18 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-13 9:18 T Pratham [this message]
2025-09-17 3:40 ` A question on crypto_engine and a possible bug Herbert Xu
2025-09-22 12:34 ` T Pratham
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55446d58-0ca7-4d1c-9e9c-4fcbf8dcda1f@ti.com \
--to=t-pratham@ti.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).