[PATCH] crypto: algif_aead - Require setkey before accept(2)

[PATCH] crypto: algif_aead - Require setkey before accept(2)

[Stephan Müller]

Some cipher implementations will crash if you try to use them
without calling setkey first.  This patch adds a check so that
the accept(2) call will fail with -ENOKEY if setkey hasn't been
done on the socket yet.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
---
 crypto/algif_aead.c | 164 ++++++++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 154 insertions(+), 10 deletions(-)

diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c
index 5a80537..1f77a6f 100644
--- a/crypto/algif_aead.c
+++ b/crypto/algif_aead.c
@@ -44,6 +44,11 @@ struct aead_async_req {
 	char iv[];
 };
 
+struct aead_tfm {
+	struct crypto_aead *aead;
+	bool has_key;
+};
+
 struct aead_ctx {
 	struct aead_sg_list tsgl;
 	struct aead_async_rsgl first_rsgl;
@@ -723,32 +728,157 @@ static struct proto_ops algif_aead_ops = {
 	.poll		=	aead_poll,
 };
 
+static int aead_check_key(struct socket *sock)
+{
+	int err = 0;
+	struct sock *psk;
+	struct alg_sock *pask;
+	struct aead_tfm *tfm;
+	struct sock *sk = sock->sk;
+	struct alg_sock *ask = alg_sk(sk);
+
+	lock_sock(sk);
+	if (ask->refcnt)
+		goto unlock_child;
+
+	psk = ask->parent;
+	pask = alg_sk(ask->parent);
+	tfm = pask->private;
+
+	err = -ENOKEY;
+	lock_sock_nested(psk, SINGLE_DEPTH_NESTING);
+	if (!tfm->has_key)
+		goto unlock;
+
+	if (!pask->refcnt++)
+		sock_hold(psk);
+
+	ask->refcnt = 1;
+	sock_put(psk);
+
+	err = 0;
+
+unlock:
+	release_sock(psk);
+unlock_child:
+	release_sock(sk);
+
+	return err;
+}
+
+static int aead_sendmsg_nokey(struct socket *sock, struct msghdr *msg,
+				  size_t size)
+{
+	int err;
+
+	err = aead_check_key(sock);
+	if (err)
+		return err;
+
+	return aead_sendmsg(sock, msg, size);
+}
+
+static ssize_t aead_sendpage_nokey(struct socket *sock, struct page *page,
+				       int offset, size_t size, int flags)
+{
+	int err;
+
+	err = aead_check_key(sock);
+	if (err)
+		return err;
+
+	return aead_sendpage(sock, page, offset, size, flags);
+}
+
+static int aead_recvmsg_nokey(struct socket *sock, struct msghdr *msg,
+				  size_t ignored, int flags)
+{
+	int err;
+
+	err = aead_check_key(sock);
+	if (err)
+		return err;
+
+	return aead_recvmsg(sock, msg, ignored, flags);
+}
+
+static struct proto_ops algif_aead_ops_nokey = {
+	.family		=	PF_ALG,
+
+	.connect	=	sock_no_connect,
+	.socketpair	=	sock_no_socketpair,
+	.getname	=	sock_no_getname,
+	.ioctl		=	sock_no_ioctl,
+	.listen		=	sock_no_listen,
+	.shutdown	=	sock_no_shutdown,
+	.getsockopt	=	sock_no_getsockopt,
+	.mmap		=	sock_no_mmap,
+	.bind		=	sock_no_bind,
+	.accept		=	sock_no_accept,
+	.setsockopt	=	sock_no_setsockopt,
+
+	.release	=	af_alg_release,
+	.sendmsg	=	aead_sendmsg_nokey,
+	.sendpage	=	aead_sendpage_nokey,
+	.recvmsg	=	aead_recvmsg_nokey,
+	.poll		=	aead_poll,
+};
+
 static void *aead_bind(const char *name, u32 type, u32 mask)
 {
-	return crypto_alloc_aead(name, type, mask);
+	struct aead_tfm *tfm;
+	struct crypto_aead *aead;
+
+	tfm = kzalloc(sizeof(*tfm), GFP_KERNEL);
+	if (!tfm)
+		return ERR_PTR(-ENOMEM);
+
+	aead = crypto_alloc_aead(name, type, mask);
+	if (IS_ERR(aead)) {
+		kfree(tfm);
+		return ERR_CAST(aead);
+	}
+
+	tfm->aead = aead;
+
+	return tfm;
 }
 
 static void aead_release(void *private)
 {
-	crypto_free_aead(private);
+	struct aead_tfm *tfm = private;
+
+	crypto_free_aead(tfm->aead);
+	kfree(tfm);
 }
 
 static int aead_setauthsize(void *private, unsigned int authsize)
 {
-	return crypto_aead_setauthsize(private, authsize);
+	struct aead_tfm *tfm = private;
+
+	return crypto_aead_setauthsize(tfm->aead, authsize);
 }
 
 static int aead_setkey(void *private, const u8 *key, unsigned int keylen)
 {
-	return crypto_aead_setkey(private, key, keylen);
+	struct aead_tfm *tfm = private;
+	int err;
+
+	err = crypto_aead_setkey(tfm->aead, key, keylen);
+	tfm->has_key = !err;
+
+	return err;
 }
 
 static void aead_sock_destruct(struct sock *sk)
 {
 	struct alg_sock *ask = alg_sk(sk);
 	struct aead_ctx *ctx = ask->private;
-	unsigned int ivlen = crypto_aead_ivsize(
-				crypto_aead_reqtfm(&ctx->aead_req));
+	struct sock *psk = ask->parent;
+	struct alg_sock *pask = alg_sk(psk);
+	struct aead_tfm *aeadc = pask->private;
+	struct crypto_aead *tfm = aeadc->aead;
+	unsigned int ivlen = crypto_aead_ivsize(tfm);
 
 	WARN_ON(atomic_read(&sk->sk_refcnt) != 0);
 	aead_put_sgl(sk);
@@ -757,12 +887,14 @@ static void aead_sock_destruct(struct sock *sk)
 	af_alg_release_parent(sk);
 }
 
-static int aead_accept_parent(void *private, struct sock *sk)
+static int aead_accept_parent_nokey(void *private, struct sock *sk)
 {
 	struct aead_ctx *ctx;
 	struct alg_sock *ask = alg_sk(sk);
-	unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(private);
-	unsigned int ivlen = crypto_aead_ivsize(private);
+	struct aead_tfm *tfm = private;
+	struct crypto_aead *aead = tfm->aead;
+	unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(aead);
+	unsigned int ivlen = crypto_aead_ivsize(aead);
 
 	ctx = sock_kmalloc(sk, len, GFP_KERNEL);
 	if (!ctx)
@@ -789,7 +921,7 @@ static int aead_accept_parent(void *private, struct sock *sk)
 
 	ask->private = ctx;
 
-	aead_request_set_tfm(&ctx->aead_req, private);
+	aead_request_set_tfm(&ctx->aead_req, aead);
 	aead_request_set_callback(&ctx->aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
 				  af_alg_complete, &ctx->completion);
 
@@ -798,13 +930,25 @@ static int aead_accept_parent(void *private, struct sock *sk)
 	return 0;
 }
 
+static int aead_accept_parent(void *private, struct sock *sk)
+{
+	struct aead_tfm *tfm = private;
+
+	if (!tfm->has_key)
+		return -ENOKEY;
+
+	return aead_accept_parent_nokey(private, sk);
+}
+
 static const struct af_alg_type algif_type_aead = {
 	.bind		=	aead_bind,
 	.release	=	aead_release,
 	.setkey		=	aead_setkey,
 	.setauthsize	=	aead_setauthsize,
 	.accept		=	aead_accept_parent,
+	.accept_nokey	=	aead_accept_parent_nokey,
 	.ops		=	&algif_aead_ops,
+	.ops_nokey	=	&algif_aead_ops_nokey,
 	.name		=	"aead",
 	.owner		=	THIS_MODULE
 };
-- 
2.9.3

Re: [PATCH] crypto: algif_aead - Require setkey before accept(2)

[Herbert Xu]

On Mon, Apr 10, 2017 at 01:59:21PM +0200, Stephan Müller wrote:
>
> @@ -757,12 +887,14 @@ static void aead_sock_destruct(struct sock *sk)
>  	af_alg_release_parent(sk);
>  }
>  
> -static int aead_accept_parent(void *private, struct sock *sk)
> +static int aead_accept_parent_nokey(void *private, struct sock *sk)
>  {
>  	struct aead_ctx *ctx;
>  	struct alg_sock *ask = alg_sk(sk);
> -	unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(private);
> -	unsigned int ivlen = crypto_aead_ivsize(private);
> +	struct aead_tfm *tfm = private;
> +	struct crypto_aead *aead = tfm->aead;
> +	unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(aead);
> +	unsigned int ivlen = crypto_aead_ivsize(aead);
>  
>  	ctx = sock_kmalloc(sk, len, GFP_KERNEL);
>  	if (!ctx)
> @@ -789,7 +921,7 @@ static int aead_accept_parent(void *private, struct sock *sk)
>  
>  	ask->private = ctx;
>  
> -	aead_request_set_tfm(&ctx->aead_req, private);
> +	aead_request_set_tfm(&ctx->aead_req, aead);
>  	aead_request_set_callback(&ctx->aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
>  				  af_alg_complete, &ctx->completion);
>  

Please don't mix unrelated cleanups like this with the real change.
 It makes reviewing harder than necessary.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: algif_aead - Require setkey before accept(2)

[Stephan Müller]

Am Freitag, 21. April 2017, 13:11:27 CEST schrieb Herbert Xu:

Hi Herbert,

> Please don't mix unrelated cleanups like this with the real change.
>  It makes reviewing harder than necessary.

Apologies. I will resend it shortly.


Ciao
Stephan

Re: [PATCH] crypto: algif_aead - Require setkey before accept(2)

[Stephan Müller]

Am Freitag, 21. April 2017, 13:11:27 CEST schrieb Herbert Xu:

Hi Herbert,

> On Mon, Apr 10, 2017 at 01:59:21PM +0200, Stephan Müller wrote:
> > @@ -757,12 +887,14 @@ static void aead_sock_destruct(struct sock *sk)
> > 
> >  	af_alg_release_parent(sk);
> >  
> >  }
> > 
> > -static int aead_accept_parent(void *private, struct sock *sk)
> > +static int aead_accept_parent_nokey(void *private, struct sock *sk)
> > 
> >  {
> >  
> >  	struct aead_ctx *ctx;
> >  	struct alg_sock *ask = alg_sk(sk);
> > 
> > -	unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(private);
> > -	unsigned int ivlen = crypto_aead_ivsize(private);
> > +	struct aead_tfm *tfm = private;
> > +	struct crypto_aead *aead = tfm->aead;
> > +	unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(aead);
> > +	unsigned int ivlen = crypto_aead_ivsize(aead);
> > 
> >  	ctx = sock_kmalloc(sk, len, GFP_KERNEL);
> >  	if (!ctx)
> > 
> > @@ -789,7 +921,7 @@ static int aead_accept_parent(void *private, struct
> > sock *sk)> 
> >  	ask->private = ctx;
> > 
> > -	aead_request_set_tfm(&ctx->aead_req, private);
> > +	aead_request_set_tfm(&ctx->aead_req, aead);
> > 
> >  	aead_request_set_callback(&ctx->aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
> >  	
> >  				  af_alg_complete, &ctx->completion);
> 
> Please don't mix unrelated cleanups like this with the real change.
>  It makes reviewing harder than necessary.
> 

After checking again, IMHO that is no unreleated cleanup or even a cleanup at 
all.

void *private used to be struct crypto_aead and is now struct aead_tfm. struct 
crypto_aead is found in private->aead. Hence, the patch assigned private to 
tfm and then obtained the struct crypto_aead pointer. As this was not 
necessary before, it is a required extension IMHO.

Ciao
Stephan

Re: [PATCH] crypto: algif_aead - Require setkey before accept(2)

[Herbert Xu]

On Fri, Apr 21, 2017 at 06:35:07PM +0200, Stephan Müller wrote:
>
> After checking again, IMHO that is no unreleated cleanup or even a cleanup at 
> all.
> 
> void *private used to be struct crypto_aead and is now struct aead_tfm. struct 
> crypto_aead is found in private->aead. Hence, the patch assigned private to 
> tfm and then obtained the struct crypto_aead pointer. As this was not 
> necessary before, it is a required extension IMHO.

Fair enough.

But what about the change in aead_sock_destruct? Can you explain why
it is no longer possible to obtain the tfm from ctx->aead_req?

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: algif_aead - Require setkey before accept(2)

[Stephan Müller]

Am Montag, 24. April 2017, 10:43:24 CEST schrieb Herbert Xu:

Hi Herbert,

> On Fri, Apr 21, 2017 at 06:35:07PM +0200, Stephan Müller wrote:
> > After checking again, IMHO that is no unreleated cleanup or even a cleanup
> > at all.
> > 
> > void *private used to be struct crypto_aead and is now struct aead_tfm.
> > struct crypto_aead is found in private->aead. Hence, the patch assigned
> > private to tfm and then obtained the struct crypto_aead pointer. As this
> > was not necessary before, it is a required extension IMHO.
> 
> Fair enough.
> 
> But what about the change in aead_sock_destruct? Can you explain why
> it is no longer possible to obtain the tfm from ctx->aead_req?
> 
> Thanks,

aead_request_set_callback(&ctx->aead_req) is set in aead_accept_parent_nokey. 
aead_accept_parent_nokey is only invoked from aead_accept_parent if the key 
was set.

My thought was: Let us assume a caller does not set a key, calls accept and 
then destruct. In this code path, ctx->aead_req is not initialized. Hence, I 
would think that only the path using struct aead_tfm is safe in any case.

But I see that aead_sock_destruct is also linked in by 
aead_accept_parent_nokey. Hence, my initial idea was not correct as the 
destruct path is only callable when the accept_nokey is invoked.

Shall I send an updated patch with aead_sock_destruct cleared?

Ciao
Stephan

Re: [PATCH] crypto: algif_aead - Require setkey before accept(2)

[Herbert Xu]

On Mon, Apr 24, 2017 at 11:01:50AM +0200, Stephan Müller wrote:
>
> Shall I send an updated patch with aead_sock_destruct cleared?

Yes please.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

[PATCH v2] crypto: algif_aead - Require setkey before accept(2)

[Stephan Müller]

Am Montag, 24. April 2017, 11:03:13 CEST schrieb Herbert Xu:

Hi Herbert,

> On Mon, Apr 24, 2017 at 11:01:50AM +0200, Stephan Müller wrote:
> > Shall I send an updated patch with aead_sock_destruct cleared?
> 
> Yes please.

Please find attached v2 with the discussed change.

---8<---

Some cipher implementations will crash if you try to use them
without calling setkey first.  This patch adds a check so that
the accept(2) call will fail with -ENOKEY if setkey hasn't been
done on the socket yet.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
---
 crypto/algif_aead.c | 157 +++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 149 insertions(+), 8 deletions(-)

diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c
index 5a80537..e0d55ea 100644
--- a/crypto/algif_aead.c
+++ b/crypto/algif_aead.c
@@ -44,6 +44,11 @@ struct aead_async_req {
 	char iv[];
 };
 
+struct aead_tfm {
+	struct crypto_aead *aead;
+	bool has_key;
+};
+
 struct aead_ctx {
 	struct aead_sg_list tsgl;
 	struct aead_async_rsgl first_rsgl;
@@ -723,24 +728,146 @@ static struct proto_ops algif_aead_ops = {
 	.poll		=	aead_poll,
 };
 
+static int aead_check_key(struct socket *sock)
+{
+	int err = 0;
+	struct sock *psk;
+	struct alg_sock *pask;
+	struct aead_tfm *tfm;
+	struct sock *sk = sock->sk;
+	struct alg_sock *ask = alg_sk(sk);
+
+	lock_sock(sk);
+	if (ask->refcnt)
+		goto unlock_child;
+
+	psk = ask->parent;
+	pask = alg_sk(ask->parent);
+	tfm = pask->private;
+
+	err = -ENOKEY;
+	lock_sock_nested(psk, SINGLE_DEPTH_NESTING);
+	if (!tfm->has_key)
+		goto unlock;
+
+	if (!pask->refcnt++)
+		sock_hold(psk);
+
+	ask->refcnt = 1;
+	sock_put(psk);
+
+	err = 0;
+
+unlock:
+	release_sock(psk);
+unlock_child:
+	release_sock(sk);
+
+	return err;
+}
+
+static int aead_sendmsg_nokey(struct socket *sock, struct msghdr *msg,
+				  size_t size)
+{
+	int err;
+
+	err = aead_check_key(sock);
+	if (err)
+		return err;
+
+	return aead_sendmsg(sock, msg, size);
+}
+
+static ssize_t aead_sendpage_nokey(struct socket *sock, struct page *page,
+				       int offset, size_t size, int flags)
+{
+	int err;
+
+	err = aead_check_key(sock);
+	if (err)
+		return err;
+
+	return aead_sendpage(sock, page, offset, size, flags);
+}
+
+static int aead_recvmsg_nokey(struct socket *sock, struct msghdr *msg,
+				  size_t ignored, int flags)
+{
+	int err;
+
+	err = aead_check_key(sock);
+	if (err)
+		return err;
+
+	return aead_recvmsg(sock, msg, ignored, flags);
+}
+
+static struct proto_ops algif_aead_ops_nokey = {
+	.family		=	PF_ALG,
+
+	.connect	=	sock_no_connect,
+	.socketpair	=	sock_no_socketpair,
+	.getname	=	sock_no_getname,
+	.ioctl		=	sock_no_ioctl,
+	.listen		=	sock_no_listen,
+	.shutdown	=	sock_no_shutdown,
+	.getsockopt	=	sock_no_getsockopt,
+	.mmap		=	sock_no_mmap,
+	.bind		=	sock_no_bind,
+	.accept		=	sock_no_accept,
+	.setsockopt	=	sock_no_setsockopt,
+
+	.release	=	af_alg_release,
+	.sendmsg	=	aead_sendmsg_nokey,
+	.sendpage	=	aead_sendpage_nokey,
+	.recvmsg	=	aead_recvmsg_nokey,
+	.poll		=	aead_poll,
+};
+
 static void *aead_bind(const char *name, u32 type, u32 mask)
 {
-	return crypto_alloc_aead(name, type, mask);
+	struct aead_tfm *tfm;
+	struct crypto_aead *aead;
+
+	tfm = kzalloc(sizeof(*tfm), GFP_KERNEL);
+	if (!tfm)
+		return ERR_PTR(-ENOMEM);
+
+	aead = crypto_alloc_aead(name, type, mask);
+	if (IS_ERR(aead)) {
+		kfree(tfm);
+		return ERR_CAST(aead);
+	}
+
+	tfm->aead = aead;
+
+	return tfm;
 }
 
 static void aead_release(void *private)
 {
-	crypto_free_aead(private);
+	struct aead_tfm *tfm = private;
+
+	crypto_free_aead(tfm->aead);
+	kfree(tfm);
 }
 
 static int aead_setauthsize(void *private, unsigned int authsize)
 {
-	return crypto_aead_setauthsize(private, authsize);
+	struct aead_tfm *tfm = private;
+
+	return crypto_aead_setauthsize(tfm->aead, authsize);
 }
 
 static int aead_setkey(void *private, const u8 *key, unsigned int keylen)
 {
-	return crypto_aead_setkey(private, key, keylen);
+	struct aead_tfm *tfm = private;
+	int err;
+
+	err = crypto_aead_setkey(tfm->aead, key, keylen);
+	tfm->has_key = !err;
+
+	return err;
 }
 
 static void aead_sock_destruct(struct sock *sk)
@@ -757,12 +884,14 @@ static void aead_sock_destruct(struct sock *sk)
 	af_alg_release_parent(sk);
 }
 
-static int aead_accept_parent(void *private, struct sock *sk)
+static int aead_accept_parent_nokey(void *private, struct sock *sk)
 {
 	struct aead_ctx *ctx;
 	struct alg_sock *ask = alg_sk(sk);
-	unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(private);
-	unsigned int ivlen = crypto_aead_ivsize(private);
+	struct aead_tfm *tfm = private;
+	struct crypto_aead *aead = tfm->aead;
+	unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(aead);
+	unsigned int ivlen = crypto_aead_ivsize(aead);
 
 	ctx = sock_kmalloc(sk, len, GFP_KERNEL);
 	if (!ctx)
@@ -789,7 +918,7 @@ static int aead_accept_parent(void *private, struct sock *sk)
 
 	ask->private = ctx;
 
-	aead_request_set_tfm(&ctx->aead_req, private);
+	aead_request_set_tfm(&ctx->aead_req, aead);
 	aead_request_set_callback(&ctx->aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
 				  af_alg_complete, &ctx->completion);
 
@@ -798,13 +927,25 @@ static int aead_accept_parent(void *private, struct sock *sk)
 	return 0;
 }
 
+static int aead_accept_parent(void *private, struct sock *sk)
+{
+	struct aead_tfm *tfm = private;
+
+	if (!tfm->has_key)
+		return -ENOKEY;
+
+	return aead_accept_parent_nokey(private, sk);
+}
+
 static const struct af_alg_type algif_type_aead = {
 	.bind		=	aead_bind,
 	.release	=	aead_release,
 	.setkey		=	aead_setkey,
 	.setauthsize	=	aead_setauthsize,
 	.accept		=	aead_accept_parent,
+	.accept_nokey	=	aead_accept_parent_nokey,
 	.ops		=	&algif_aead_ops,
+	.ops_nokey	=	&algif_aead_ops_nokey,
 	.name		=	"aead",
 	.owner		=	THIS_MODULE
 };
-- 
2.9.3

Re: [PATCH v2] crypto: algif_aead - Require setkey before accept(2)

[Herbert Xu]

On Mon, Apr 24, 2017 at 11:15:23AM +0200, Stephan Müller wrote:
> Am Montag, 24. April 2017, 11:03:13 CEST schrieb Herbert Xu:
> 
> Hi Herbert,
> 
> > On Mon, Apr 24, 2017 at 11:01:50AM +0200, Stephan Müller wrote:
> > > Shall I send an updated patch with aead_sock_destruct cleared?
> > 
> > Yes please.
> 
> Please find attached v2 with the discussed change.
> 
> ---8<---
> 
> Some cipher implementations will crash if you try to use them
> without calling setkey first.  This patch adds a check so that
> the accept(2) call will fail with -ENOKEY if setkey hasn't been
> done on the socket yet.
> 
> Signed-off-by: Stephan Mueller <smueller@chronox.de>

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v2] crypto: algif_aead - Require setkey before accept(2)

[Stephan Müller]

Am Montag, 24. April 2017, 12:22:39 CEST schrieb Herbert Xu:

Hi Herbert,

> Patch applied.  Thanks.

Thank you.

The patch regarding the memory management of algif_aead is affected by this 
change as well. Shall I roll a new version of that patch for algif_aead or do 
you want me to wait for another review round?

Ciao
Stephan

Re: [PATCH v2] crypto: algif_aead - Require setkey before accept(2)

[Herbert Xu]

On Mon, Apr 24, 2017 at 12:26:15PM +0200, Stephan Müller wrote:
> Am Montag, 24. April 2017, 12:22:39 CEST schrieb Herbert Xu:
> 
> Hi Herbert,
> 
> > Patch applied.  Thanks.
> 
> Thank you.
> 
> The patch regarding the memory management of algif_aead is affected by this 
> change as well. Shall I roll a new version of that patch for algif_aead or do 
> you want me to wait for another review round?

Could you wait until the next merge window closes?

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v2] crypto: algif_aead - Require setkey before accept(2)

[Stephan Müller]

Am Dienstag, 25. April 2017, 10:47:48 CEST schrieb Herbert Xu:

Hi Herbert,

> Could you wait until the next merge window closes?

Will do.

Ciao
Stephan