> On 14 Oct 2016, at 14:46, Johannes Berg <johan...@sipsolutions.net> wrote:
>> Is the aad actually reused? I would assume it only affects the mac
>> on encryption, and the verification on decryption but I don't think
>> we actually need it back from the crypto routines.
> I don't think it's reused.
>> Exactly what you said above :-) My patch only touches CCM but as you
>> 'Also there's B_0/J_0 for CCM/GCM, and the 'zero' thing that GMAC
> Ah, but we can/should do the same for the others, no?
Yes, but then we end up kmalloc/kfreeing chunks of 16 bytes, which is actually
I still think we are not violating the api by putting aead_req on the stack
(but herbert should confirm). The aad issue does violate the api, so it
deserves a separate fix imo