On Thu, Jul 17, 2014 at 04:33:36PM -0700, H. Peter Anvin wrote:
>
> I just want to make sure we don't negatively impact the real security of
> users because of "optics". We already have a lot of problems with
> people extracting long-living keys from /dev/urandom because /dev/random
> is too slow
On 07/17/2014 11:38 PM, Theodore Ts'o wrote:
If the GRND_RANDOM flags bit is set, then draw from the
/dev/random pool instead of the /dev/urandom pool. The
/dev/random pool is limited based on the entropy that can be
obtained from environmental noise, so if there
The getrandom(2) system call was requested by the LibreSSL Portable
developers. It is analoguous to the getentropy(2) system call in
OpenBSD.
The rationale of this system call is to provide resiliance against
file descriptor exhaustion attacks, where the attacker consumes all
available file descr
On Fri, Jul 18, 2014 at 11:39:17AM +0200, Florian Weimer wrote:
> On 07/17/2014 11:38 PM, Theodore Ts'o wrote:
> > If the GRND_RANDOM flags bit is set, then draw from the
> > /dev/random pool instead of the /dev/urandom pool. The
> > /dev/random pool is limited based on the entropy tha
On Fri, Jul 18, 2014 at 11:59 AM, Theodore Ts'o wrote:
> The getrandom(2) system call was requested by the LibreSSL Portable
> developers. It is analoguous to the getentropy(2) system call in
> OpenBSD.
>
> The rationale of this system call is to provide resiliance against
> file descriptor exhau
Hi Linus:
This push fixes a boot hang in virt guests when the virtio RNG
is enabled.
Please pull from
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git
or
master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6.git
Amit Shah (2):
hwrng: fetch randomness only a
On Fri, Jul 18, 2014 at 12:25:17PM +0200, Richard Weinberger wrote:
> > if (ret != buflen)
>
> A small nit-pick, missing "{".
Thanks, good catch. Fixed.
- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-
We should prefer `const struct pci_device_id` over
`DEFINE_PCI_DEVICE_TABLE` to meet kernel coding style guidelines.
This issue was reported by checkpatch.
A simplified version of the semantic patch that makes this change is as
follows (http://coccinelle.lip6.fr/):
//
@@
identifier i;
declarer
On Fri, 2014-07-18 at 17:26 +0200, Benoit Taine wrote:
> We should prefer `const struct pci_device_id` over
> `DEFINE_PCI_DEVICE_TABLE` to meet kernel coding style guidelines.
> This issue was reported by checkpatch.
What kernel coding style? checkpatch isn't the arbiter of style, if
that's the o
On Fri, Jul 18, 2014 at 05:26:47PM +0200, Benoit Taine wrote:
> We should prefer `const struct pci_device_id` over
> `DEFINE_PCI_DEVICE_TABLE` to meet kernel coding style guidelines.
> This issue was reported by checkpatch.
Honestly, I prefer the macro -- it stands-out more. Maybe the style
guide
1. fix HDR_START_IDX_MASK
Define HDR_START_IDX_MASK consistently with the other masks:
mask = bitmask << offset
2. fix FIFO_STORE output data type value for AFHA S-Box
3. fix OPERATION pkha modular arithmetic source mask
Signed-off-by: Horia Geanta
---
drivers/crypto/caam/desc.h | 6 +++---
1
This patch set adds Run Time Assembler (RTA) SEC descriptor library.
The main reason of replacing incumbent "inline append" is
to have a single code base both for user space and kernel space.
Patches are based on latest cryptodev, but with the following on top:
[PATCH 00/10] CAAM - DMA API fixes
sec4_sg_entry structure is used only by helper functions in sg_sw_sec4.h.
Since SEC HW S/G entries are to be manipulated only indirectly, via these
functions, move sec4_sg_entry to the corresponding header.
Signed-off-by: Horia Geanta
---
drivers/crypto/caam/desc.h | 10 --
drivers
Commit 4464a7d4f53d756101291da26563f37f7fce40f3
("crypto: caam - remove error propagation handling")
removed error propagation handling only from caamalg.
Do this in all other places: caamhash, caamrng.
Update descriptors' lengths appropriately.
Note that caamrng's shared descriptor length was inc
Refactor descriptor creation in caamalg and caamhash, i.e.
create whole descriptors in the same place / function.
This makes the code more comprehensible and easier to maintain.
Signed-off-by: Horia Geanta
---
drivers/crypto/caam/caamalg.c | 251 +++---
drivers/crypto/caam/c
Theodore Ts'o wrote:
> DESCRIPTION
>
> The system call getrandom() fills the buffer pointed to by buf
> with up to buflen random bytes which can be used to seed user
> space random number generators (i.e., DRBG's) or for other
> cryptographic processes. It should not be u
On Fri, Jul 18, 2014 at 12:22:13PM -0400, John W. Linville wrote:
> On Fri, Jul 18, 2014 at 05:26:47PM +0200, Benoit Taine wrote:
> > We should prefer `const struct pci_device_id` over
> > `DEFINE_PCI_DEVICE_TABLE` to meet kernel coding style guidelines.
> > This issue was reported by checkpatch.
>
On Fri, 2014-07-18 at 09:43 -0700, Greg KH wrote:
> On Fri, Jul 18, 2014 at 12:22:13PM -0400, John W. Linville wrote:
> > On Fri, Jul 18, 2014 at 05:26:47PM +0200, Benoit Taine wrote:
> > > We should prefer `const struct pci_device_id` over
> > > `DEFINE_PCI_DEVICE_TABLE` to meet kernel coding styl
1. Fix the following sparse/smatch warnings:
drivers/crypto/caam/ctrl.c:365:5: warning: symbol 'caam_get_era' was not
declared. Should it be static?
drivers/crypto/caam/ctrl.c:372 caam_get_era() info: loop could be replaced with
if statement.
drivers/crypto/caam/ctrl.c:368 caam_get_era() info: ig
On Fri, 2014-07-18 at 09:43 -0700, Greg KH wrote:
> On Fri, Jul 18, 2014 at 12:22:13PM -0400, John W. Linville wrote:
> > On Fri, Jul 18, 2014 at 05:26:47PM +0200, Benoit Taine wrote:
> > > We should prefer `const struct pci_device_id` over
> > > `DEFINE_PCI_DEVICE_TABLE` to meet kernel coding styl
On Fri, Jul 18, 2014 at 09:54:32AM -0700, James Bottomley wrote:
> On Fri, 2014-07-18 at 09:43 -0700, Greg KH wrote:
> > On Fri, Jul 18, 2014 at 12:22:13PM -0400, John W. Linville wrote:
> > > On Fri, Jul 18, 2014 at 05:26:47PM +0200, Benoit Taine wrote:
> > > > We should prefer `const struct pci_d
On Fri, 2014-07-18 at 11:17 -0700, Greg KH wrote:
> On Fri, Jul 18, 2014 at 09:54:32AM -0700, James Bottomley wrote:
> > On Fri, 2014-07-18 at 09:43 -0700, Greg KH wrote:
> > > On Fri, Jul 18, 2014 at 12:22:13PM -0400, John W. Linville wrote:
> > > > On Fri, Jul 18, 2014 at 05:26:47PM +0200, Benoit
t probably won't be till next week.
Anyway, I've updated the keys-preparse-1 branch and tagged it anew with
keys-preparse-1-20140718. There was a spelling fix in the docs and the
patches have been rebased on the updated security/next.
I've also rebuilt the keys-next branch, basing it
The getrandom(2) system call was requested by the LibreSSL Portable
developers. It is analoguous to the getentropy(2) system call in
OpenBSD.
The rationale of this system call is to provide resiliance against
file descriptor exhaustion attacks, where the attacker consumes all
available file descr
On Fri, 18 Jul 2014 19:37:17 +0300
Horia Geanta wrote:
> This patch set adds Run Time Assembler (RTA) SEC descriptor library.
>
> The main reason of replacing incumbent "inline append" is
> to have a single code base both for user space and kernel space.
that's orthogonal to what this patchseri
On Fri, 11 Jul 2014 15:34:45 +0300
Horia Geanta wrote:
Hi Horia,
> Enabling DMA-API debugging reveals quite a lot of problems in CAAM module.
> Patches below fix them - tested on P3041DS QorIQ platform. Please apply.
In an attempt to try and test these patches on a t4240qds, I get:
caam ffe300
On 7/19/2014 1:13 AM, Kim Phillips wrote:
On Fri, 18 Jul 2014 19:37:17 +0300
Horia Geanta wrote:
This patch set adds Run Time Assembler (RTA) SEC descriptor library.
The main reason of replacing incumbent "inline append" is
to have a single code base both for user space and kernel space.
th
On 7/19/2014 2:04 AM, Kim Phillips wrote:
On Fri, 11 Jul 2014 15:34:45 +0300
Horia Geanta wrote:
Hi Horia,
Enabling DMA-API debugging reveals quite a lot of problems in CAAM module.
Patches below fix them - tested on P3041DS QorIQ platform. Please apply.
In an attempt to try and test these
On Sat, 19 Jul 2014 02:51:30 +0300
Horia Geantă wrote:
> On 7/19/2014 1:13 AM, Kim Phillips wrote:
> > On Fri, 18 Jul 2014 19:37:17 +0300
> > Horia Geanta wrote:
> >
> >> This patch set adds Run Time Assembler (RTA) SEC descriptor library.
> >>
> >> The main reason of replacing incumbent "inline
29 matches
Mail list logo
