Re: [PATCH V3 1/2] evm: Don't deadlock if a crypto algorithm is unavailable

On Fri, Jun 08, 2018 at 02:57:42PM -0700, Matthew Garrett wrote: > When EVM attempts to appraise a file signed with a crypto algorithm the > kernel doesn't have support for, it will cause the kernel to trigger a > module load. If the EVM policy includes appraisal of kernel modules this > will in tu

Re: [PATCH V2 1/2] evm: Don't deadlock if a crypto algorithm is unavailable

On Wed, Jun 06, 2018 at 02:57:11PM -0700, Matthew Garrett wrote: > When EVM attempts to appraise a file signed with a crypto algorithm the > kernel doesn't have support for, it will cause the kernel to trigger a > module load. If the EVM policy includes appraisal of kernel modules this > will in tu

Re: [PATCH V3 1/2] evm: Don't deadlock if a crypto algorithm is unavailable

On Fri, Jun 8, 2018 at 2:57 PM Matthew Garrett wrote: > > When EVM attempts to appraise a file signed with a crypto algorithm the > kernel doesn't have support for, it will cause the kernel to trigger a > module load. If the EVM policy includes appraisal of kernel modules this > will in turn call

Re: [PATCH 8/9] crypto: atmel-ecc: Detail what is unlocked

Hi, Linus, On 06/05/2018 04:49 PM, Linus Walleij wrote: Instead of just providing a broad error message about the chip being unlocked provide details on what is unlocked, one line per thing that can be locked: data and OTP and configuration are locked independently. Loose the Failure to lock th

Re: [PATCH 7/9] crypto: atmel-ecc: Print out serial number

Hi, Linus, On 06/05/2018 04:49 PM, Linus Walleij wrote: This reads out the serial number of the crypto chip and prints it, also toss this into the entropy pool as it is device-unique data. Signed-off-by: Linus Walleij --- drivers/crypto/atmel-ecc.c | 56 ++

Re: [PATCH 4/9] crypto: atmel-ecc: Provide config zone defines

Hi, Linus, On 06/05/2018 04:49 PM, Linus Walleij wrote: The config zone has 0x16 words of 4 bytes each, so provide some basic defines so that we can address these individually. Are you going to use all these defines? I would add just the defines that are needed, when they are needed, but I gue

Re: [PATCH 3/9] crypto: atmel-ecc: More helpful error messages

Hi, Linus, On 06/05/2018 04:49 PM, Linus Walleij wrote: Report errors once when they happen on the I2C bus so we get good information in cases such as when the wrong I2C address is used. Signed-off-by: Linus Walleij --- drivers/crypto/atmel-ecc.c | 27 +-- 1 file cha

Re: [PATCH 1/9] crypto: atmel-ecc: Make available for other platforms

On 06/05/2018 04:49 PM, Linus Walleij wrote: This is a pure I2C driver, and this device appears on the 96boards Secure96 mezzanine card, so we want to enable the driver on other devices. Cut the Kconfig limitations to Atmel SoC only. Signed-off-by: Linus Walleij Reviewed-by: Tudor Ambarus

Re: [PATCH 6/9] crypto: atmel-ecc: Marshal the command while sending

Hi, Linus, On 06/05/2018 04:49 PM, Linus Walleij wrote: Instead of casting the struct for the command into (u8 *) which is problematic in many ways, and instead of calculating the CRC sum in a separate function, marshal, checksum and send the command in one single function. Instead of providing