On Wed, Sep 26, 2012 at 12:52:10PM +0800, Gao feng wrote:
> +
> int netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
> const struct nlmsghdr *nlh,
> struct netlink_dump_control *control)
> @@ -1786,6 +1794,7 @@ int netlink_dump_start(struct sock *
于 2012年09月26日 13:41, Steffen Klassert 写道:
> On Wed, Sep 26, 2012 at 12:52:10PM +0800, Gao feng wrote:
>> +
>> int netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
>> const struct nlmsghdr *nlh,
>> struct netlink_dump_control *control)
>> @@ -1786,6
On Wed, Sep 26, 2012 at 12:52:17PM +0800, Gao feng wrote:
> use proper netlink_dump_control.done and .module to avoid panic.
>
> Signed-off-by: Gao feng
> Cc: Herbert Xu
> ---
> crypto/crypto_user.c |6 +-
> 1 files changed, 5 insertions(+), 1 deletions(-)
>
> diff --git a/crypto/crypt
use proper netlink_dump_control.done and .module to avoid panic.
Signed-off-by: Gao feng
Cc: Jozsef Kadlecsik
---
net/netfilter/ipset/ip_set_core.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/net/netfilter/ipset/ip_set_core.c
b/net/netfilter/ipset/ip_set_core.c
in
use proper netlink_dump_control.done and .module to avoid panic.
Signed-off-by: Gao feng
---
net/xfrm/xfrm_user.c | 10 --
1 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 289f4bf..fb6b06b 100644
--- a/net/xfrm/xfrm_user.c
use proper netlink_dump_control.done and .module to avoid panic.
Signed-off-by: Gao feng
Cc: Roland Dreier
Cc: Sean Hefty
---
drivers/infiniband/core/cma.c |3 ++-
drivers/infiniband/core/netlink.c |2 ++
include/rdma/rdma_netlink.h |1 +
3 files changed, 5 insertions(+),
use proper netlink_dump_control.done and .module to avoid panic.
Signed-off-by: Gao feng
Cc: Herbert Xu
---
crypto/crypto_user.c |6 +-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c
index ba2c611..b5cb32b 100644
--- a/crypto/c
use proper netlink_dump_control.done and .module to avoid panic.
Signed-off-by: Gao feng
---
net/netfilter/nfnetlink_cttimeout.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/net/netfilter/nfnetlink_cttimeout.c
b/net/netfilter/nfnetlink_cttimeout.c
index cdecbc8..bc3
use proper netlink_dump_control.done and .module to avoid panic.
Signed-off-by: Gao feng
---
net/netfilter/nfnetlink_cthelper.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/net/netfilter/nfnetlink_cthelper.c
b/net/netfilter/nfnetlink_cthelper.c
index d683619..117343
use proper netlink_dump_control.done and .module to avoid panic.
Signed-off-by: Gao feng
---
net/netfilter/nf_conntrack_netlink.c |8
1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/net/netfilter/nf_conntrack_netlink.c
b/net/netfilter/nf_conntrack_netlink.c
index 980
use proper netlink_dump_control.done and .module to avoid panic.
Signed-off-by: Gao feng
---
net/netfilter/nfnetlink_acct.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/net/netfilter/nfnetlink_acct.c b/net/netfilter/nfnetlink_acct.c
index b2e7310..1e9cb0f 100644
---
use proper netlink_dump_control.done and .module to avoid panic.
Signed-off-by: Gao feng
---
net/ipv4/inet_diag.c |4
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/net/ipv4/inet_diag.c b/net/ipv4/inet_diag.c
index 570e61f..36d4be5 100644
--- a/net/ipv4/inet_diag.c
+++ b
I get a panic when I use ss -a and rmmod inet_diag at the
same time.
it's because netlink_dump use inet_diag_dump witch function
belongs to module inet_diag.
I search the codes and find many modules have the same problem.
We need add reference of the module witch the cb->dump belongs
to.
since C
use proper netlink_dump_control.done and .module to avoid panic.
Signed-off-by: Gao feng
---
net/unix/diag.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/net/unix/diag.c b/net/unix/diag.c
index 750b134..5e09553 100644
--- a/net/unix/diag.c
+++ b/net/unix/diag.c
@@ -2
David Howells writes:
> The module signing patches provide:
>
> - Some fixes to Rusty's patch. Also an additional patch to extend the policy
>handling for modules signed with an unknown key and to handle FIPS mode.
Ok, I merged some of this (after our previous accidentally-off-list
discussi
On Tue, 25 Sep 2012 10:45:17 +0200
leroy christophe wrote:
> I'm trying to use the Talitos crypto driver with the MPC885
> microcontroller. For the time being, it doesn't work.
yes, they're not exactly compatible...
> The kernel startup blocks at the test of the DES function.
>
> I have added
How about the attached? I knew perl had to be good for something...
David
---
#!/usr/bin/perl -w
#
# Generate an X.509 certificate from a public key.
#
# Format:
#
# gen-x509-cert \
# [C=] [O=] [CN=] [Email=] \
# [--from=] [--to=output
#
use strict;
use POSIX qw(strftime
This patch adds the crc_pcl function that calculates CRC32C checksum using the
PCLMULQDQ instruction on processors that support this feature. This will
provide speedup over using CRC32 instruction only.
The usage of PCLMULQDQ necessitate the invocation of kernel_fpu_begin and
kernel_fpu_end and inc
This patch adds a test case in tcrypt to perform speed test for
crc32c checksum calculation.
Tim
Signed-off-by: Tim Chen
---
crypto/tcrypt.c |4
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 581081d..6deb77f 100644
--- a/crypto/t
This patch rename the crc32c-intel.c file to crc32c-intel_glue.c file
in preparation for linking with the new crc32c-pcl-intel-asm.S file,
which contains optimized crc32c calculation based on PCLMULQDQ
instruction.
Tim
Signed-off-by: Tim Chen
---
arch/x86/crypto/Makefile
This patch series optimized CRC32C calculations with PCLMULQDQ
instruction for crc32c-intel module. It speeds up the original
implementation by 1.6x for 1K buffer and by 3x for buffer 4k or
more. The tcrypt module was enhanced for doing speed test
on crc32c calculations.
Tim
Signed-off-by: Tim
On Tue, 2012-09-25 at 18:31 +0100, David Howells wrote:
> Tomas Mraz wrote:
>
> > You can use openssl ca that allows to set arbitrary start date to
> > generate selfsigned certs as well (-selfsign option).
>
> That seems to require some stuff I don't have installed:
>
> warthog>openssl ca -in
Tomas Mraz wrote:
> You can use openssl ca that allows to set arbitrary start date to
> generate selfsigned certs as well (-selfsign option).
That seems to require some stuff I don't have installed:
warthog>openssl ca -in signing_key.priv -extensions v3_ca -out newcert.pem
Using configuration f
Kasatkin, Dmitry wrote:
> Just one question about key description...
> request_asymmetric_key uses format for key description: ": ".
> Preparsing code creates description from those values.
> I see that key id is not 8 bytes anymore but full hash size of 20 bytes.
Remember: This is for viewing
On Tue, 2012-09-25 at 16:35 +0100, David Howells wrote:
> Alan Cox wrote:
>
> > Generate a certificate that is valid from a few minutes before the
> > wallclock time. It's a certificate policy question not a kernel hackery
> > one.
>
> That doesn't seem to be possible with openssl req. What wo
On Tue, 25 Sep 2012 16:35:20 +0100
David Howells wrote:
> Alan Cox wrote:
>
> > Generate a certificate that is valid from a few minutes before the
> > wallclock time. It's a certificate policy question not a kernel hackery
> > one.
>
> That doesn't seem to be possible with openssl req. What w
Hello David,
As I can see API has changed towards our discussion on KS.
Now digest can be supplied to the verify_signature in a
public_key_signature argument.
It looks that in such away we can use this API for IMA/EVM as well.
Just one question about key description...
request_asymmetric_key uses
Il 25/09/2012 17:35, David Howells ha scritto:
> Alan Cox wrote:
>
>> > Generate a certificate that is valid from a few minutes before the
>> > wallclock time. It's a certificate policy question not a kernel hackery
>> > one.
> That doesn't seem to be possible with openssl req. What would you re
On Tue, Sep 25, 2012 at 3:15 PM, Milan Broz wrote:
>
> On 09/24/2012 06:20 PM, Kasatkin, Dmitry wrote:
>
>>> So it can provide confidentiality but it CANNOT provide integrity
>>> protection.
>>>
>> Yes, it provides confidentiality and via encryption it provides
>> certain level of integrity prote
Alan Cox wrote:
> Generate a certificate that is valid from a few minutes before the
> wallclock time. It's a certificate policy question not a kernel hackery
> one.
That doesn't seem to be possible with openssl req. What would you recommend?
David
--
To unsubscribe from this list: send the li
On Tue, 25 Sep 2012 16:09:54 +0100
David Howells wrote:
>
> The X.509 certificate has a pair of times in it that delineate the valid
> period of the cert, and I'm checking that the system clock is within the
> bounds they define before permitting you to use the cert. I've been setting
> the exp
The X.509 certificate has a pair of times in it that delineate the valid
period of the cert, and I'm checking that the system clock is within the
bounds they define before permitting you to use the cert. I've been setting
the expiry date to be 100 years in the future - by which time hopefully I
w
On 09/24/2012 06:20 PM, Kasatkin, Dmitry wrote:
>> So it can provide confidentiality but it CANNOT provide integrity protection.
>>
> Yes, it provides confidentiality and via encryption it provides
> certain level of integrity protection.
> Data cannot be modified without being detected.
> Decryp
Dear Kim,
I'm trying to use the Talitos crypto driver with the MPC885
microcontroller. For the time being, it doesn't work.
The kernel startup blocks at the test of the DES function.
I have added the following definition in the DTS file:
crypto@2 {
compatible = "fsl,se
34 matches
Mail list logo
