Re: [PATCH v2 11/11] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK

From: Herbert Xu
Date: Wed Jun 27 2018 - 10:36:49 EST

Next message: Olof Johansson: "[GIT PULL] ARM: SoC fixes"
Previous message: Jose Abreu: "Re: [PATCH net-next] net: stmmac: Add support for CBS QDISC"
In reply to: Kees Cook: "Re: [PATCH v2 11/11] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK"
Next in thread: Kees Cook: "Re: [PATCH v2 11/11] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jun 26, 2018 at 09:45:09AM -0700, Kees Cook wrote:
>
> Which are likely to be wrapped together? Should I take this to 512 or
> something else?

The situation is similar to ahash. While they're using the same
skcipher interface, the underlying algorithms must all be
synchronous. In fact, if they're not then they're buggy.

Therefore it makes no sense to use the general skcipher request
size as a threshold. You should look at synchronous skcipher
algorithms only.

Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: Olof Johansson: "[GIT PULL] ARM: SoC fixes"
Previous message: Jose Abreu: "Re: [PATCH net-next] net: stmmac: Add support for CBS QDISC"
In reply to: Kees Cook: "Re: [PATCH v2 11/11] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK"
Next in thread: Kees Cook: "Re: [PATCH v2 11/11] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]