$ ./python -m test -m test_aead_aes_gcm test_socket
Run tests sequentially
0:00:00 [1/1] test_socket
test test_socket failed -- Traceback (most recent call last):
  File "/home/heimes/dev/python/cpython/Lib/test/support/__init__.py", line 556, in wrapper
    return func(*args, **kw)
  File "/home/heimes/dev/python/cpython/Lib/test/test_socket.py", line 5515, in test_aead_aes_gcm
    res = op.recv(assoclen + len(plain) + taglen)
OSError: [Errno 22] Invalid argument

The tests were written and passed under Linux Kernel 4.7. I was under the assumption that the API is stable. But the most recent version 4.9 has changed the API for AEAD mode slightly. libkcapi project maintain a well written documentation of the Kernel crypto API,
https://github.com/smuellerDD/libkcapi/commit/be242c387b7030cbccae2c183107efa86d9a3cd6

Fedora 24 and 25 are affected. I'm going to update the tests. Downstream distributors: Feel free to disable the test in the mean time. The feature is not critical.

recv(64) works. I need to figure out why 64 and what's in the extra bytes.

The "'0' * taglen" part is now considered part of plaintext. Which makes a lot of sense :) 
Removing the "empty taglen" fixes the encryption part of the tests for me. Similarly, for the decryption test, we must only read and check the message without the tag.

the attached patch fixes the test for me

I confirm that test_socket pass with test_socket_aead_kernel49.patch on my Fedora 25 (kernel 4.9.5-200.fc25.x86_64).

I would be nice to fix test_socket which is currently broken ;-)

Confirmed that test_socket_aead_kernel49.patch fixes the problem for Ubuntu 17.04.  It'll probably fix it for Debian Stretch too give its kernel version number, but I haven't tested that yet.

Thx Barry,

I'll try to find some time to verify the new Kernel API and commit the patch early next week.

@matejcik: would you mind to create a pull request for your patch?

Even when the fix will be backported to Python 3.6, please keep the issue open until Christian Heimes has time to review the kernel changes. Copy/paste of his message on the PR#133:

"I still haven't had time to study the changes in the Linux kernel. Let's merge the PR to silence the test error. Please leave the ticket open as reminder for me."

This patch works for me as well.  Debian testing, kernel:
Linux version 4.9.0-3-amd64 (debian-kernel@lists.debian.org) (gcc version 6.3.0 20170425 (Debian 6.3.0-16) ) #1 SMP Debian 4.9.25-1 (2017-05-02)


In the 3.6.1 Python release, test_socket fails with:

test test_socket failed -- Traceback (most recent call last):
  File "/home/nas/src/cpython/Lib/test/support/__init__.py", line 556, in wrapper
    return func(*args, **kw)
  File "/home/nas/src/cpython/Lib/test/test_socket.py", line 5497, in test_aead_aes_gcm
    res = op.recv(assoclen + len(plain) + taglen)
OSError: [Errno 22] Invalid argument

The fix was also merged to master. It should be backported to 3.6. Neil, do
you want to try to backport it?

This bug can be closed.  The fix is in the master branch (commit 9764c151c51480a) and has also been backported to the "3.6" branch (git commit 4ac01f0ff3e).  The fork for 3.6.1rc1 happened before the backport which is why 3.6.1 doesn't have the fix.

Oh ok, fine. Hopefully, 3.6.2 is coming in next days ;-)

FYI the merged fix is:

commit 9764c151c51480a7ca6042b1ccd69be2620ff360
Author: matejcik <matejcik@gmail.com>
Date:   Thu Feb 16 14:41:31 2017 +0100

    update test_socket AEAD test for kernel 4.9 and up (#133)