On 2/8/2019 1:45 PM, Herbert Xu wrote:
> On Fri, Feb 08, 2019 at 08:41:37AM +0000, Horia Geanta wrote:
>>
>> So if there is a real intention to support offloading skcipher, as this old
>> commit suggests:
>>
>> 84c911523020 ("[CRYPTO] gcm: Add support for async ciphers")
>> This patch adds the necessary changes for GCM to be used with async
>> ciphers. This would allow it to be used with hardware devices that
>> support CTR.
>>
>> then we must take special care when building skcipher req->src and avoid
>> having
>> it's first entry (auth_tag[16] in crypto_gcm_req_priv_ctx structure) sharing
>> a
>> cache line with req->iv.
>
> Could you prepare a patch for this?
>
Yes, will do.
Note that I am seeing the same issue on CCM.
Also for GCM, besides auth_tag there is iauth_tag[16] buffer that is added in a
1-entry S/G in gcm_hash_len():
sg_init_one(&pctx->sg, pctx->iauth_tag, 16);
It looks like there other places where this happens, for e.g. "tail" member of
poly_req (crypto/cacha20poly1305.c) in poly_tail():
sg_set_buf(preq->src, &preq->tail, sizeof(preq->tail));
Thanks,
Horia