Received: by 2002:a25:23cc:0:0:0:0:0 with SMTP id j195csp426441ybj; Tue, 5 May 2020 00:59:59 -0700 (PDT) X-Google-Smtp-Source: APiQypI5XVmRJTSMU1LhzinxFVtknYywbeRBeJn3PT9L0oJkUW1caKhWuRXRrxLkCo+nB2IhL9fr X-Received: by 2002:a17:906:355b:: with SMTP id s27mr1539236eja.184.1588665599315; Tue, 05 May 2020 00:59:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1588665599; cv=none; d=google.com; s=arc-20160816; b=PltmlynRcg0S29YNgY/tCWieE4C6VAeO4sZZjJW/HaD74Ide81vfzcUjbQzTQ1xzdR jJPnUvK5MAudpdVzEqrcOGzsULHLCGSBMPT9LD53ctZyYiwsZRGlav/Gt6M9wNF3bGP6 ai/8nYlFWvOtZpD/cTUxGT1DucSGREwS5j32arZ0ToeCfuaF0K9fV4nhbwL0AZpkrRD2 ULC/QSnJsIYMoWMdOngVgTw6G/aAmHEtpIB7vBAyDyuU2HmwAY8JrpkHSn2/cqEA+y2q KFqp8isVpGCn9YWVICauaG3PO//GISnYbSpGrO1JdipjFv9qODUgPWbtTtNHqWVKj+JL dY1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=Mc5SlFkoBjdABzQjlndhxjaigNQsS2zX6ZGll2NzIlA=; b=jS00hypTooG5fPlVuQ3/dPQp9AkLsfaKfNpQGsd3MekUMqXyegds119CQ9ZkUG2HUL McqirJs2M9yKtfWdeK/VTDhgDOz4NUv72BbSrKDoj5926ovigKCV25MkZxBAyTMnivho RLXfSEvEBLtC//oZVfhVVZfH4HN72lfd4zVV6lxJu5VMJdu/eYk4tMXJ03e2G7uvRjzv iFMAjWY1NYBhZl0CBaNkLzU24pevKf/yKcLuJbWrYcq+qbrzonDt08XpTmLFhW014c+p 6q8t7FVk7A/h7jUyT79+W+rJ2g0aF7khJj9e0/PdsBkd9EBPjwvtfM3f+UaK1+GYwdvT BTKQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f24si740444edw.258.2020.05.05.00.59.25; Tue, 05 May 2020 00:59:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727978AbgEEH7V (ORCPT + 99 others); Tue, 5 May 2020 03:59:21 -0400 Received: from helcar.hmeau.com ([216.24.177.18]:36432 "EHLO fornost.hmeau.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725766AbgEEH7V (ORCPT ); Tue, 5 May 2020 03:59:21 -0400 Received: from gwarestrin.me.apana.org.au ([192.168.0.7] helo=gwarestrin.arnor.me.apana.org.au) by fornost.hmeau.com with smtp (Exim 4.89 #2 (Debian)) id 1jVsOw-00069M-Tw; Tue, 05 May 2020 17:54:04 +1000 Received: by gwarestrin.arnor.me.apana.org.au (sSMTP sendmail emulation); Tue, 05 May 2020 17:58:35 +1000 Date: Tue, 5 May 2020 17:58:35 +1000 From: Herbert Xu To: Ondrej =?utf-8?B?TW9zbsOhxI1law==?= Cc: linux-crypto@vger.kernel.org, Stephan Mueller , Sahana Prasad , Tomas Mraz , Ard Biesheuvel Subject: Re: libkcapi tests are failing on kernels 5.5+ Message-ID: <20200505075834.GA1190@gondor.apana.org.au> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Tue, Apr 21, 2020 at 10:08:14AM +0200, Ondrej Mosnáček wrote: > Hi all, > > the libkcapi [1] tests are failing on kernels 5.5-rc1 and above [2]. > All encryption/decryption tests that use 'ctr(aes)' and a message size > that is not a multiple of 16 fail due to kcapi-enc returning different > output than expected. > > It seems that it started with: > commit 5b0fe9552336338acb52756daf65dd7a4eeca73f > Author: Herbert Xu > Date: Tue Sep 10 11:42:05 2019 +1000 > > crypto: algif_skcipher - Use chunksize instead of blocksize > > Reverting the above commit makes the tests pass again. > > Here is a one-line reproducer: > head -c 257 /dev/zero | kcapi-enc -vvv --pbkdfiter 1 -p "passwd" -s > "123" -e -c "ctr(aes)" --iv "0123456789abcdef0123456789abcdef" > >/dev/null > > Output without revert: > [...] > libkcapi - Debug: AF_ALG: recvmsg syscall returned 256 > kcapi-enc - Verbose: Removal of padding disabled > kcapi-enc - Verbose: 256 bytes of ciphertext created OK, I tried it here and the problem is that kcapi-enc is setting the flag SPLICE_F_MORE: splice(4, NULL, 6, NULL, 257, SPLICE_F_MORE) = 257 write(2, "libkcapi - Debug: AF_ALG: splice"..., 54libkcapi - Debug: AF_ALG: splice syscall returned 257 ) = 54 write(2, "kcapi-enc - Debug: Data size exp"..., 59kcapi-enc - Debug: Data size expected to be generated: 257 ) = 59 recvmsg(6, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\363\212\340S\r\231\371+\234\320\"\360}%\244\242.\365iJ\304\257\210\f\366\20\257'F\5EP"..., iov_len=257}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 256 That flag means that the request is not finished and because of the way CTR works we must wait for more input before returning the next block (or partial block). So kcapi-enc needs to unset the SPLICE_F_MORE to finish a request. Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt