| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aQxM2z9kC6sTqBZ5@gondor.apana.org.au>
Date: Thu, 6 Nov 2025 15:23:07 +0800
From: Herbert Xu <herbert@...dor.apana.org.au>
To: T Pratham <t-pratham@...com>
Cc: "David S. Miller" <davem@...emloft.net>,
Manorit Chawdhry <m-chawdhry@...com>,
Kamlesh Gurudasani <kamlesh@...com>,
Shiva Tripathi <s-tripathi1@...com>,
Kavitha Malarvizhi <k-malarvizhi@...com>,
Vishal Mahaveer <vishalm@...com>,
Praneeth Bajjuri <praneeth@...com>, linux-crypto@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5 2/4] crypto: ti - Add support for AES-CTR in DTHEv2
driver
On Fri, Oct 31, 2025 at 08:11:34PM +0530, T Pratham wrote:
>
> Let me know if this is fine.
Yes I think this should work.
> However, I suppose we similarly cannot do allocations in AEADs as well?
> If that is the case, my current code relies a lot on it (using sg_split
> to separate AAD from {plain, cipher}text and applying padding like CTR
> here, both of which allocate memory).
>
> I can change padding to avoid kmallocs like CTR easily. But separating
> AAD and plaintext/ciphertext without using sg_split will be a task. Let
> me know if this is correct, so that I'll split the series and send
> ciphers now, and AEADs later.
OK it's not totally forbidden to allocate memory. However, you
should only use GFP_ATOMIC to avoid dead-lock (GFP_KERNEL can
trigger writes to storage, which can in turn call crypto), and
provide a fallback path to software crypto when the allocation
fails.
Cheers,
--
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Powered by blists - more mailing lists