Hi Steffen,
I'm working on some padata patches and stumbled across this thread about the
purpose of the callback CPU in padata_do_parallel.
https://lore.kernel.org/lkml/20100402112326.ga19...@secunet.com/
The relevant part is,
andrew> - Why would I want to specify which CPU the parallel c
On Tue, 2019-05-28 at 16:23 -0300, Thiago Jung Bauermann wrote:
> Mimi Zohar writes:
>
> > Hi Thiago,
> >
> >> diff --git a/security/integrity/ima/ima_policy.c
> >> b/security/integrity/ima/ima_policy.c
> >> index fca7a3f23321..a7a20a8c15c1 100644
> >> --- a/security/integrity/ima/ima_policy.c
>
Mimi Zohar writes:
> Hi Thiago,
>
> On Thu, 2019-04-18 at 00:51 -0300, Thiago Jung Bauermann wrote:
>>
>> @@ -326,6 +356,10 @@ int ima_appraise_measurement(enum ima_hooks func,
>> case INTEGRITY_UNKNOWN:
>> break;
>> case INTEGRITY_NOXATTRS:/* No EVM protected xattrs. */
>> +/* It's fine not t
Mimi Zohar writes:
> Hi Thiago,
>
>> diff --git a/security/integrity/ima/ima_policy.c
>> b/security/integrity/ima/ima_policy.c
>> index fca7a3f23321..a7a20a8c15c1 100644
>> --- a/security/integrity/ima/ima_policy.c
>> +++ b/security/integrity/ima/ima_policy.c
>> @@ -1144,6 +1144,12 @@ void ima
Mimi Zohar writes:
> Hi Thiago,
>
> On Thu, 2019-04-18 at 00:51 -0300, Thiago Jung Bauermann wrote:
>> If the IMA template contains the "modsig" or "d-modsig" field, then the
>> modsig should be added to the measurement list when the file is appraised.
>>
>> And that is what normally happens, b
Mimi Zohar writes:
> On Thu, 2019-04-18 at 00:51 -0300, Thiago Jung Bauermann wrote:
>> Define new "d-modsig" template field which holds the digest that is
>> expected to match the one contained in the modsig, and also new "modsig"
>> template field which holds the appended file signature.
>>
>
Mimi Zohar writes:
> On Thu, 2019-04-18 at 00:51 -0300, Thiago Jung Bauermann wrote:
>> IMA will use the module_signature format for append signatures, so export
>> the relevant definitions and factor out the code which verifies that the
>> appended signature trailer is valid.
>>
>> Also, crea
> > Quick question regarding how to configure out code depending on a
> CONFIG_xxx
> > switch. As far as I understood so far, the proper way to do this is
> not by
> > doing an #ifdef but by using a regular if with IS_ENABLED like so:
> >
> > if (IS_ENABLED(CONFIG_PCI)) {
> > }
> >
> > Such that th
On Tue, 28 May 2019 at 18:42, Eric Biggers wrote:
>
> From: Eric Biggers
>
> For hash algorithms implemented using the "shash" algorithm type, test
> both the ahash and shash APIs, not just the ahash API.
>
> Testing the ahash API already tests the shash API indirectly, which is
> normally good e
On Tue, May 28, 2019 at 07:49:58PM +0300, Nikolay Borisov wrote:
>
>
> On 28.05.19 г. 18:22 ч., Eric Biggers wrote:
> > On Tue, May 28, 2019 at 03:14:51PM +0300, Nikolay Borisov wrote:
> >> xxhash is currently implemented as a self-contained module in /lib.
> >> This patch enables that module to
On 28.05.19 г. 18:22 ч., Eric Biggers wrote:
> On Tue, May 28, 2019 at 03:14:51PM +0300, Nikolay Borisov wrote:
>> xxhash is currently implemented as a self-contained module in /lib.
>> This patch enables that module to be used as part of the generic kernel
>> crypto framework. It adds a simple
Horia Geanta a écrit :
On 5/21/2019 4:34 PM, Christophe Leroy wrote:
Several test failures have popped up following recent changes to crypto
selftests.
This series fixes (most of) them.
The last three patches are trivial cleanups.
Thanks Christophe.
For the series:
Reviewed-by: Horia Gean
INQUIRY_4178916..xlsx
Description: Binary data
From: Eric Biggers
For hash algorithms implemented using the "shash" algorithm type, test
both the ahash and shash APIs, not just the ahash API.
Testing the ahash API already tests the shash API indirectly, which is
normally good enough. However, there have been corner cases where there
have be
Pascal Van Leeuwen wrote:
> ... the proper way to do this is not by
> doing an #ifdef but by using a regular if with IS_ENABLED like so:
>
> if (IS_ENABLED(CONFIG_PCI)) {}
See also:
http://doc.cat-v.org/henry_spencer/ifdef_considered_harmful
On Tue, 28 May 2019 at 17:47, Pascal Van Leeuwen
wrote:
>
> Hi,
>
> Quick question regarding how to configure out code depending on a CONFIG_xxx
> switch. As far as I understood so far, the proper way to do this is not by
> doing an #ifdef but by using a regular if with IS_ENABLED like so:
>
> if
Hi,
Quick question regarding how to configure out code depending on a CONFIG_xxx
switch. As far as I understood so far, the proper way to do this is not by
doing an #ifdef but by using a regular if with IS_ENABLED like so:
if (IS_ENABLED(CONFIG_PCI)) {
}
Such that the compiler can still check
On Tue, May 28, 2019 at 03:14:51PM +0300, Nikolay Borisov wrote:
> xxhash is currently implemented as a self-contained module in /lib.
> This patch enables that module to be used as part of the generic kernel
> crypto framework. It adds a simple wrapper to the 64bit version.
>
Thanks, this looks
On Tue, 28 May 2019 at 16:35, Elena Petrova wrote:
>
> The sha256-ce finup implementation for ARM64 produces wrong digest
> for empty input (len=0). Expected: the actual digest, result: initial
> value of SHA internal state. The error is in sha256_ce_finup:
> for empty data `finalize` will be 1, s
The sha256-ce finup implementation for ARM64 produces wrong digest
for empty input (len=0). Expected: the actual digest, result: initial
value of SHA internal state. The error is in sha256_ce_finup:
for empty data `finalize` will be 1, so the code is relying on
sha2_ce_transform to make the final r
Yep, sha2 also has the bug, I'll be sending the fix soon, thanks!
On Tue, 28 May 2019 at 14:03, Ard Biesheuvel wrote:
>
> On Tue, 28 May 2019 at 14:42, Elena Petrova wrote:
> >
> > The sha1-ce finup implementation for ARM64 produces wrong digest
> > for empty input (len=0). Expected: da39a3ee...
Hi Thiago,
On Thu, 2019-04-18 at 00:51 -0300, Thiago Jung Bauermann wrote:
> If the IMA template contains the "modsig" or "d-modsig" field, then the
> modsig should be added to the measurement list when the file is appraised.
>
> And that is what normally happens, but if a measurement rule caused
On Tue, 28 May 2019 at 14:42, Elena Petrova wrote:
>
> The sha1-ce finup implementation for ARM64 produces wrong digest
> for empty input (len=0). Expected: da39a3ee..., result: 67452301...
> (initial value of SHA internal state). The error is in sha1_ce_finup:
> for empty data `finalize` will be
Hello Pascal,
On Mon, May 27, 2019 at 09:06:48PM +, Pascal Van Leeuwen wrote:
> > From: antoine.ten...@bootlin.com [mailto:antoine.ten...@bootlin.com]
> > - You added use of PCI helpers, but this new dependency wasn't described
> > in Kconfig (leading to have build issues).
> >
> Ah OK, to b
The sha1-ce finup implementation for ARM64 produces wrong digest
for empty input (len=0). Expected: da39a3ee..., result: 67452301...
(initial value of SHA internal state). The error is in sha1_ce_finup:
for empty data `finalize` will be 1, so the code is relying on
sha1_ce_transform to make the fin
xxhash is currently implemented as a self-contained module in /lib.
This patch enables that module to be used as part of the generic kernel
crypto framework. It adds a simple wrapper to the 64bit version.
I've also added test vectors (with help from Nick Terrell). The upstream
xxhash code is teste
Hello Tadeusz Struk,
The patch d8cba25d2c68: "crypto: qat - Intel(R) QAT driver framework"
from Jun 5, 2014, leads to the following static checker warning:
drivers/crypto/qat/qat_common/adf_ctl_drv.c:159 adf_add_key_value_data()
warn: 'adf_cfg_add_key_value_param' unterminated use
On 5/28/2019 12:52 PM, Iuliana Prodan wrote:
> The problem is with the input data size sent to CAAM for encrypt/decrypt.
> Pkcs1pad is failing due to pkcs1 padding done in SW starting with0x01
> instead of 0x00 0x01.
> CAAM expects an input of modulus size. For this we strip the leading
> zeros in
The problem is with the input data size sent to CAAM for encrypt/decrypt.
Pkcs1pad is failing due to pkcs1 padding done in SW starting with0x01
instead of 0x00 0x01.
CAAM expects an input of modulus size. For this we strip the leading
zeros in case the size is more than modulus or pad the input wit
For rsa and pkcs1pad, CAAM expects an input of modulus size.
For this we strip the leading zeros in case the size is more than modulus.
This commit avoids modifying the crypto request while stripping zeros from
input, to comply with the crypto API requirement. This is done by adding
a fixup input p
On 5/21/2019 4:34 PM, Christophe Leroy wrote:
> Several test failures have popped up following recent changes to crypto
> selftests.
>
> This series fixes (most of) them.
>
> The last three patches are trivial cleanups.
>
Thanks Christophe.
For the series:
Reviewed-by: Horia Geantă
Have you v
On 5/21/2019 4:34 PM, Christophe Leroy wrote:
> For decrypt, req->cryptlen includes the size of the authentication
> part while all functions of the driver expect cryptlen to be
> the size of the encrypted data.
>
> As it is not expected to change req->cryptlen, this patch
> implements local calcu
32 matches
Mail list logo
