Date: Tue, 26 Nov 2019 16:21:49 -0800 From: John Baldwin <jhb@FreeBSD.org> To: Benjamin Kaduk <kaduk@mit.edu> Cc: "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Subject: Re: CFT: Open Crypto Framework Changes: Round 1 Message-ID: <9bca5e44-96d8-8ead-73b0-33626c3595ef@FreeBSD.org> In-Reply-To: <20191126165514.GX32847@mit.edu> References: <c83b6b93-138d-26ca-6edf-4abac4df3d7f@FreeBSD.org> <921919dd-6291-61af-2dc6-768bcdbd5cff@FreeBSD.org> <20191126165514.GX32847@mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/26/19 8:55 AM, Benjamin Kaduk wrote: > On Thu, Nov 21, 2019 at 11:40:48AM -0800, John Baldwin wrote: >> >> Some of these drivers had some dubious behavior (e.g. trying to carry >> over IVs across requests within a session), though they may have worked >> for at least some IPsec use cases before. > > I have a sneaking suspicion that this behavior (while dubious) is enshrined > in some protocol/cipher specifications. I will try to ask around and find > examples... CBC will do this if you split a large request down into smaller requests, but all of our in-kernel consumers don't do split requests but always describe an entire buffer for each request. I suspect that the IV behavior was inherited from the original OpenBSD code but probably dropped when OCF was changed as part of the fast IPsec work (or at some similar point). Only older drivers inherited from OpenBSD did the carryover. -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9bca5e44-96d8-8ead-73b0-33626c3595ef>