From mboxrd@z Thu Jan 1 00:00:00 1970 From: Herbert Xu Subject: Re: [PATCH v2 11/11] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK Date: Wed, 27 Jun 2018 22:36:22 +0800 Message-ID: <20180627143622.ntksjxsymo4yw6dz@gondor.apana.org.au> References: <20180625211026.15819-1-keescook@chromium.org> <20180625211026.15819-12-keescook@chromium.org> <20180626092041.mxfg4lxcvxfivzc2@gondor.apana.org.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: "David S. Miller" , linux-crypto , "Gustavo A. R. Silva" , Arnd Bergmann , Eric Biggers , Alasdair Kergon , Giovanni Cabiddu , Lars Persson , Mike Snitzer , Rabin Vincent , Tim Chen , qat-linux@intel.com, dm-devel@redhat.com, LKML To: Kees Cook Return-path: Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org List-Id: linux-crypto.vger.kernel.org On Tue, Jun 26, 2018 at 09:45:09AM -0700, Kees Cook wrote: > > Which are likely to be wrapped together? Should I take this to 512 or > something else? The situation is similar to ahash. While they're using the same skcipher interface, the underlying algorithms must all be synchronous. In fact, if they're not then they're buggy. Therefore it makes no sense to use the general skcipher request size as a threshold. You should look at synchronous skcipher algorithms only. Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt