Re: [PATCH v1.3 4/4] keys: add new key-type encrypted

Mimi Zohar wrote: > Am assuming you mean something like this: > > keyctl add encrypted name "new trusted:master-key-name keylen" ring > keyctl add encrypted name "new user:master-key-name keylen" ring > > and, as you said, works without changing the API. No, that's not what I mean. I maeant t

Re: [PATCH v1.4 4/5] keys: add new trusted key-type

On Fri, 2010-11-19 at 16:23 +, David Howells wrote: > Mimi Zohar wrote: thanks for the review! - getting closer... > > +keyctl print returns an ascii hex copy of the sealed key, which is in > > standard > > I'd quote 'keyctl print' just so it's obvious where the command ends and the > desc

Re: [PATCH v1.4 3/5] key: add tpm_send command

David Safford wrote: > Currently transmit_command() in tpm.c expects an int, > but it changes it to size_t for the actual tpm_transmit(). > We will work with Rajiv to do a cleanup, as this touches > a number of calls. You can pass a size_t value to an int. The compiler will cast automatically.

Re: [PATCH v1.4 5/5] keys: add new key-type encrypted

Mimi Zohar wrote: > +static int datablob_format(char __user *buffer, > +struct encrypted_key_payload *epayload, > +int asciiblob_len) size_t? There are other instances where you should be using size_t too. > + index = strcspn(epayload->master

Re: [PATCH v1.4 4/5] keys: add new trusted key-type

Mimi Zohar wrote: > +keyctl print returns an ascii hex copy of the sealed key, which is in > standard I'd quote 'keyctl print' just so it's obvious where the command ends and the descriptive text starts. > +Usage: > + keyctl add encrypted name "new key-type:master-key-name keylen" ring > + k

Re: [PATCH v1.4 3/5] key: add tpm_send command

On Fri, 2010-11-19 at 15:45 +, David Howells wrote: > Mimi Zohar wrote: > > > +int tpm_send(u32 chip_num, void *cmd, int buflen) > > I'd recommend size_t for buflen; apart from that: > > Acked-by: David Howells right - that would be better. Currently transmit_command() in tpm.c expects a

Re: [PATCH v1.4 3/5] key: add tpm_send command

Mimi Zohar wrote: > +int tpm_send(u32 chip_num, void *cmd, int buflen) I'd recommend size_t for buflen; apart from that: Acked-by: David Howells -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info

Re: [PATCH v1.4 2/5] tpm: add module_put wrapper

Mimi Zohar wrote: > For readability, define a tpm_chip_put() wrapper to call module_put(). > Replace existing module_put() calls with the wrapper. > > (Change based on trusted/encrypted patchset review by David Howells.) > > Signed-off-by: Mimi Zohar > Signed-off-by: David Safford Acked-by:

Re: [PATCH v1.4 1/5] lib: hex2bin converts ascii hexadecimal string to binary

Mimi Zohar wrote: > Similar to the kgdb_hex2mem() code, hex2bin converts a string > to binary using the hex_to_bin() library call. > > Changelog: > - Replace parameter names with src/dst (based on David Howell's comment) > - Add 'const' where needed (based on David Howell's comment) > - Replace

[PATCH v3 7/8] omap-sham: FLAGS_FIRST is redundant and removed

bufcnt is 0 if it was no update requests before, which is exact meaning of FLAGS_FIRST. Signed-off-by: Dmitry Kasatkin --- drivers/crypto/omap-sham.c |8 +--- 1 files changed, 1 insertions(+), 7 deletions(-) diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c index c8d3

[PATCH v3 1/8] omap-sham: uses digest buffer in request context

Currently driver storred digest results in req->results provided by the client. But some clients do not set it until final() call. It leads to crash. Changed to use internal buffer to store temporary digest results. Signed-off-by: Dmitry Kasatkin --- drivers/crypto/omap-sham.c | 11 ---

[PATCH v3 5/8] omap-sham: crypto_ahash_final() now not need to be called.

According to the Herbert Xu, client may not always call crypto_ahash_final(). In the case of error in hash calculation resources will be automatically cleaned up. But if no hash calculation error happens and client will not call crypto_ahash_final() at all, then internal buffer will not be freed,

[PATCH v3 6/8] omap-sham: hash-in-progress is stored in hw format

Hash-in-progress is now stored in hw format. Only on final call, hash is converted to correct format. Speedup copy procedure and will allow to use OMAP burst mode. Signed-off-by: Dmitry Kasatkin --- drivers/crypto/omap-sham.c | 38 -- 1 files changed, 24 ins

[PATCH v3 3/8] omap-sham: error handling improved

Introduces DMA error handling. DMA error is returned as a result code of the hash request. Clients needs to handle error codes and may repeat hash calculation attempt. Also in the case of DMA error, SHAM module is set to be re-initialized again. It significantly improves stability against possibl

[PATCH v3 8/8] omap-sham: zero-copy scatterlist handling

If scatterlist have more than one entry, current driver uses aligned buffer to copy data to to accelerator to tackle possible issues with DMA and SHA buffer alignment. This commit adds more intelligence to verify SG alignment and possibility to use DMA directly on the data without using copy buffe

[PATCH v3 0/8] omap-sham: OMAP SHA1/MD5 driver fixes and improvements

Hi, Here is a set of patches which provides fixes and improvements. Based on Herbert feedback it also includes fixes so that calling final() is not mandatory. BR, Dmitry Dmitry Kasatkin (8): omap-sham: uses digest buffer in request context omap-sham: DMA initialization fixes for off mode

[PATCH v3 4/8] omap-sham: removed redundunt locking

Locking for queuing and dequeuing is combined. test_and_set_bit() is also replaced with checking under dd->lock. Signed-off-by: Dmitry Kasatkin --- drivers/crypto/omap-sham.c | 47 +++ 1 files changed, 21 insertions(+), 26 deletions(-) diff --git a/driv

[PATCH v3 2/8] omap-sham: DMA initialization fixes for off mode

DMA parameters for constant data were initialized during driver probe(). It seems that those settings sometimes are lost when devices goes to off mode. This patch makes DMA initialization just before use. It solves off mode problems. Fixes: NB#202786 - Aegis & SHA1 block off mode changes Signed-o

[PATCH 2/4] crypto: af_alg - User-space interface for Crypto API

crypto: af_alg - User-space interface for Crypto API This patch creates the backbone of the user-space interface for the Crypto API, through a new socket family AF_ALG. Each session corresponds to one or more connections obtained from that socket. The number depends on the number of inputs/outpu

[PATCH 1/4] net - Add AF_ALG macros

net - Add AF_ALG macros This patch adds the socket family/level macros for the yet-to-be-born AF_ALG family. The AF_ALG family provides the user-space interface for the kernel crypto API. Signed-off-by: Herbert Xu Acked-by: David S. Miller --- include/linux/socket.h |5 - 1 file chan

[PATCH 3/4] crypto: algif_hash - User-space interface for hash operations

crypto: algif_hash - User-space interface for hash operations This patch adds the af_alg plugin for hash, corresponding to the ahash kernel operation type. Keys can optionally be set through the setsockopt interface. Each sendmsg call will finalise the hash unless sent with a MSG_MORE flag. Par

[PATCH 4/4] crypto: algif_skcipher - User-space interface for skcipher operations

crypto: algif_skcipher - User-space interface for skcipher operations This patch adds the af_alg plugin for symmetric key ciphers, corresponding to the ablkcipher kernel operation type. Keys can optionally be set through the setsockopt interface. Once a sendmsg call occurs without MSG_MORE no fu

Re: [PATCH 4/4] crypto: algif_skcipher - User-space interface for skcipher operations

On Mon, Nov 15, 2010 at 03:55:49PM +0100, Martin Willi wrote: > > > This patch adds the af_alg plugin for symmetric key ciphers, > > corresponding to the ablkcipher kernel operation type. > > I can confirm that the newest patch fixes the page leak. > > Tested-by: Martin Willi Thanks Martin! M