Re: [RFC PATCH] crypto: add buffer overflow checks to testmgr

2009-05-29 Thread Jarod Wilson
On 05/29/2009 06:10 PM, Herbert Xu wrote: > On Fri, May 29, 2009 at 11:32:54AM -0400, Jarod Wilson wrote: >> At present, its entirely possible to add a test vector to testmgr with >> an input longer than a page in length w/o specifying a .np option, and >> overflow the page of memory allocated to {

Re: HMAC regression

2009-05-29 Thread Herbert Xu
On Fri, May 29, 2009 at 12:04:32PM +0200, Martin Willi wrote: > > After doing further tests, it seems that this is additionally related to > User-Mode-Linux and/or it's TUN/TAP network driver. I couldn't reproduce > the issue on a x64 with e1000. > I think the bug is actually in the UML network c

Re: [RFC PATCH] crypto: add buffer overflow checks to testmgr

2009-05-29 Thread Herbert Xu
On Fri, May 29, 2009 at 11:32:54AM -0400, Jarod Wilson wrote: > At present, its entirely possible to add a test vector to testmgr with > an input longer than a page in length w/o specifying a .np option, and > overflow the page of memory allocated to {a,}xbuf[0], silently > corrupting memory. I kno

Re: [RFC PATCH] crypto: add buffer overflow checks to testmgr

2009-05-29 Thread Neil Horman
On Fri, May 29, 2009 at 11:32:54AM -0400, Jarod Wilson wrote: > At present, its entirely possible to add a test vector to testmgr with > an input longer than a page in length w/o specifying a .np option, and > overflow the page of memory allocated to {a,}xbuf[0], silently > corrupting memory. I kno

sha384 self-test failure oddity

2009-05-29 Thread Jarod Wilson
While doing a bit of testing of some other crypto code, I've repeatedly noticed a sha384 self-test failure. If you 'modprobe tcrypt', the sha384 self-test fails, then immediately after it, sha384-generic self-tests succeed. Something is awry w/sha384 initialization, as can be more plainly seen by t

[RFC PATCH] crypto: add buffer overflow checks to testmgr

2009-05-29 Thread Jarod Wilson
At present, its entirely possible to add a test vector to testmgr with an input longer than a page in length w/o specifying a .np option, and overflow the page of memory allocated to {a,}xbuf[0], silently corrupting memory. I know, because I've accidentally done it. :) While this doesn't currently

Re: HMAC regression

2009-05-29 Thread Martin Willi
> > Switching the hash implementations to the new shash API introduced a > > regression. HMACs are created incorrectly if the data is scattered over > > multiple pages, resulting in very unreliable IPsec tunnels. > > What are the symptoms? After doing further tests, it seems that this is addition