Mimi Zohar wrote:
> Am assuming you mean something like this:
>
> keyctl add encrypted name "new trusted:master-key-name keylen" ring
> keyctl add encrypted name "new user:master-key-name keylen" ring
>
> and, as you said, works without changing the API.
No, that's not what I mean. I maeant t
On Fri, 2010-11-19 at 16:23 +, David Howells wrote:
> Mimi Zohar wrote:
thanks for the review! - getting closer...
> > +keyctl print returns an ascii hex copy of the sealed key, which is in
> > standard
>
> I'd quote 'keyctl print' just so it's obvious where the command ends and the
> desc
David Safford wrote:
> Currently transmit_command() in tpm.c expects an int,
> but it changes it to size_t for the actual tpm_transmit().
> We will work with Rajiv to do a cleanup, as this touches
> a number of calls.
You can pass a size_t value to an int. The compiler will cast automatically.
Mimi Zohar wrote:
> +static int datablob_format(char __user *buffer,
> +struct encrypted_key_payload *epayload,
> +int asciiblob_len)
size_t? There are other instances where you should be using size_t too.
> + index = strcspn(epayload->master
Mimi Zohar wrote:
> +keyctl print returns an ascii hex copy of the sealed key, which is in
> standard
I'd quote 'keyctl print' just so it's obvious where the command ends and the
descriptive text starts.
> +Usage:
> + keyctl add encrypted name "new key-type:master-key-name keylen" ring
> + k
On Fri, 2010-11-19 at 15:45 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > +int tpm_send(u32 chip_num, void *cmd, int buflen)
>
> I'd recommend size_t for buflen; apart from that:
>
> Acked-by: David Howells
right - that would be better.
Currently transmit_command() in tpm.c expects a
Mimi Zohar wrote:
> +int tpm_send(u32 chip_num, void *cmd, int buflen)
I'd recommend size_t for buflen; apart from that:
Acked-by: David Howells
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info
Mimi Zohar wrote:
> For readability, define a tpm_chip_put() wrapper to call module_put().
> Replace existing module_put() calls with the wrapper.
>
> (Change based on trusted/encrypted patchset review by David Howells.)
>
> Signed-off-by: Mimi Zohar
> Signed-off-by: David Safford
Acked-by:
Mimi Zohar wrote:
> Similar to the kgdb_hex2mem() code, hex2bin converts a string
> to binary using the hex_to_bin() library call.
>
> Changelog:
> - Replace parameter names with src/dst (based on David Howell's comment)
> - Add 'const' where needed (based on David Howell's comment)
> - Replace
bufcnt is 0 if it was no update requests before,
which is exact meaning of FLAGS_FIRST.
Signed-off-by: Dmitry Kasatkin
---
drivers/crypto/omap-sham.c |8 +---
1 files changed, 1 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index c8d3
Currently driver storred digest results in req->results
provided by the client. But some clients do not set it
until final() call. It leads to crash.
Changed to use internal buffer to store temporary digest results.
Signed-off-by: Dmitry Kasatkin
---
drivers/crypto/omap-sham.c | 11 ---
According to the Herbert Xu, client may not always call
crypto_ahash_final().
In the case of error in hash calculation resources will be
automatically cleaned up.
But if no hash calculation error happens and client will not call
crypto_ahash_final() at all, then internal buffer will not be freed,
Hash-in-progress is now stored in hw format.
Only on final call, hash is converted to correct format.
Speedup copy procedure and will allow to use OMAP burst mode.
Signed-off-by: Dmitry Kasatkin
---
drivers/crypto/omap-sham.c | 38 --
1 files changed, 24 ins
Introduces DMA error handling.
DMA error is returned as a result code of the hash request.
Clients needs to handle error codes and may repeat hash calculation attempt.
Also in the case of DMA error, SHAM module is set to be re-initialized again.
It significantly improves stability against possibl
If scatterlist have more than one entry, current driver uses
aligned buffer to copy data to to accelerator to tackle possible
issues with DMA and SHA buffer alignment.
This commit adds more intelligence to verify SG alignment and
possibility to use DMA directly on the data without using copy
buffe
Hi,
Here is a set of patches which provides fixes and improvements.
Based on Herbert feedback it also includes fixes so that calling final()
is not mandatory.
BR, Dmitry
Dmitry Kasatkin (8):
omap-sham: uses digest buffer in request context
omap-sham: DMA initialization fixes for off mode
Locking for queuing and dequeuing is combined.
test_and_set_bit() is also replaced with checking under dd->lock.
Signed-off-by: Dmitry Kasatkin
---
drivers/crypto/omap-sham.c | 47 +++
1 files changed, 21 insertions(+), 26 deletions(-)
diff --git a/driv
DMA parameters for constant data were initialized during driver probe().
It seems that those settings sometimes are lost when devices goes to off mode.
This patch makes DMA initialization just before use.
It solves off mode problems.
Fixes: NB#202786 - Aegis & SHA1 block off mode changes
Signed-o
crypto: af_alg - User-space interface for Crypto API
This patch creates the backbone of the user-space interface for
the Crypto API, through a new socket family AF_ALG.
Each session corresponds to one or more connections obtained from
that socket. The number depends on the number of inputs/outpu
net - Add AF_ALG macros
This patch adds the socket family/level macros for the yet-to-be-born
AF_ALG family. The AF_ALG family provides the user-space interface
for the kernel crypto API.
Signed-off-by: Herbert Xu
Acked-by: David S. Miller
---
include/linux/socket.h |5 -
1 file chan
crypto: algif_hash - User-space interface for hash operations
This patch adds the af_alg plugin for hash, corresponding to
the ahash kernel operation type.
Keys can optionally be set through the setsockopt interface.
Each sendmsg call will finalise the hash unless sent with a MSG_MORE
flag.
Par
crypto: algif_skcipher - User-space interface for skcipher operations
This patch adds the af_alg plugin for symmetric key ciphers,
corresponding to the ablkcipher kernel operation type.
Keys can optionally be set through the setsockopt interface.
Once a sendmsg call occurs without MSG_MORE no fu
On Mon, Nov 15, 2010 at 03:55:49PM +0100, Martin Willi wrote:
>
> > This patch adds the af_alg plugin for symmetric key ciphers,
> > corresponding to the ablkcipher kernel operation type.
>
> I can confirm that the newest patch fixes the page leak.
>
> Tested-by: Martin Willi
Thanks Martin!
M
23 matches
Mail list logo