On Sat, Jun 06, 2026 at 03:47:55PM +0800, helei wrote: > The virtio-crypto spec does not dictate a maximum length limit for > asymmetric cipher (akcipher) keys. We added a hard limit which mirrors > the linux kernels's internal limit for akcipher keys (see > keyctl framework and the add_key syscall).
We have max_size - doesn't that apply? backends/cryptodev-builtin.c actually sets it: backends/cryptodev-builtin.c:#define CRYPTODEV_BUITLIN_MAX_REQUEST_SIZE (1024 * 1024) backends/cryptodev-builtin.c: backend->conf.max_size = CRYPTODEV_BUITLIN_MAX_REQUEST_SIZE; > Maybe we should update the virtio-spec and add a max_akcipher_key_len > field for virtio crypto devices. maybe > > helei (1): > hw/virtio-crypto: enforce max akcipher key length > > hw/virtio/virtio-crypto.c | 13 +++++++++++++ > 1 file changed, 13 insertions(+) > > -- > 2.43.0
