Am Dienstag, dem 30.03.2021 um 15:44 -0700 schrieb Eric Biggers:
> On Tue, Mar 30, 2021 at 09:38:55AM -0700, Randy Dunlap wrote:
> > On 3/29/21 10:29 PM, Eric Biggers wrote:
> > > On Mon, Mar 29, 2021 at 10:06:51PM -0700, Randy Dunlap wrote:
> > > > Having just seen a report of using "fips=1" on th
Am Dienstag, dem 30.03.2021 um 15:26 -0700 schrieb Randy Dunlap:
>
> The Kconfig help text for CRYPTO_FIPS says
>
> config CRYPTO_FIPS
> bool "FIPS 200 compliance"
> ...
> help
> This option enables the fips boot option which is
> required if you want the syste
This seems "32" and "31" is obfuscating, It might be better to add a
comment, which explain it.
Signed-off-by: Kai Ye
---
drivers/crypto/hisilicon/sgl.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/drivers/crypto/hisilicon/sgl.c b/drivers/crypto/hisilicon/sgl.c
index 3bff639..cf1629c
Fixup coding style such as delete unneeded variable
initialization. Add a comment for block size initialization.
Add data cleared operation in sg buf unmap, and other misc fix.
v1 -> v2:
1. fix [PATCH v2] error in v1.
2. v1 use a macro replace of magic number, v2 use a comment
for block si
The buffer of the hardware sge needs to be initialized by
soft sgl.
Signed-off-by: Kai Ye
---
drivers/crypto/hisilicon/sgl.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/crypto/hisilicon/sgl.c b/drivers/crypto/hisilicon/sgl.c
index d04e551..7f11e41 100644
--- a/drivers/crypto/hisi
Add data cleared operation for sge data.
Signed-off-by: Kai Ye
---
drivers/crypto/hisilicon/sgl.c | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/hisilicon/sgl.c b/drivers/crypto/hisilicon/sgl.c
index 7f11e41..101456b 100644
--- a/drivers/crypto/
Delete unneeded variable initialization
Signed-off-by: Kai Ye
---
drivers/crypto/hisilicon/sgl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/hisilicon/sgl.c b/drivers/crypto/hisilicon/sgl.c
index cf1629c..b8a811f 100644
--- a/drivers/crypto/hisilicon/sgl.c
Add some dfx logs in some abnormal exit situations.
Signed-off-by: Kai Ye
---
drivers/crypto/hisilicon/sgl.c | 15 +++
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/hisilicon/sgl.c b/drivers/crypto/hisilicon/sgl.c
index b8a811f..d04e551 100644
--- a/dr
Hello.
On Tue, Mar 30, 2021 at 03:51:09PM -0700, Nick Terrell wrote:
> From: Nick Terrell
>
> Please pull from
>
> g...@github.com:terrelln/linux.git tags/v9-zstd-1.4.10
>
> to get these changes. Alternatively the patchset is included.
>
> This patchset upgrades the zstd library to the late
James,
- Ursprüngliche Mail -
> Von: "James Bottomley"
>> On Wed, Mar 17, 2021 at 3:08 PM Ahmad Fatoum > > wrote:
>> > keyctl add trusted $KEYNAME "load $(cat ~/kmk.blob)" @s
>>
>> Is there a reason why we can't pass the desired backend name in the
>> trusted key parameters?
>> e.g.
Ahmad,
On Tue, Mar 16, 2021 at 6:24 PM Ahmad Fatoum wrote:
> +#define KEYMOD "kernel:trusted"
why is the CAAM key modifier hard coded?
I'd love to have way to pass my own modifier.
That way existing blobs can also be used with this implementation.
IIRC the NXP vendor tree uses "SECURE_KEY" as d
On Wed, 2021-03-31 at 20:36 +0200, Richard Weinberger wrote:
> James,
>
> - Ursprüngliche Mail -
> > Von: "James Bottomley"
> > > On Wed, Mar 17, 2021 at 3:08 PM Ahmad Fatoum <
> > > a.fat...@pengutronix.de wrote:
> > > > keyctl add trusted $KEYNAME "load $(cat ~/kmk.blob)" @s
> > >
James,
- Ursprüngliche Mail -
> Von: "James Bottomley"
> Well, yes. For the TPM, there's a defined ASN.1 format for the keys:
>
> https://git.kernel.org/pub/scm/linux/kernel/git/jejb/openssl_tpm2_engine.git/tree/tpm2-asn.h
>
> and part of the design of the file is that it's distinguish
On Tue, Mar 30, 2021 at 06:10:29PM +0800, Jiapeng Chong wrote:
> Fix the following whitescan warning:
>
> Assigning value "64" to "dst.address" here, but that stored value is
> overwritten before it can be used.
>
Thanks for reporting.
Acked-by: John Allen
> Reported-by: Abaci Robot
> Signed
On Tue, Mar 30, 2021 at 10:28:29PM +0200, Varad Gautam wrote:
> keyctl pkey_* operations accept enc and hash parameters at present.
> RSASSA-PSS signatures also require passing in the signature salt
> length.
>
> Add another parameter 'slen' to feed in salt length of a PSS
> signature.
>
> Signed
On Tue, Mar 30, 2021 at 10:28:28PM +0200, Varad Gautam wrote:
> Accept pss encoding for public_key_verify_signature. If
> CONFIG_CRYPTO_RSASSA_PSS is disabled, crypto_alloc_akcipher will
> fail to find a pss backend anyway.
>
> Signed-off-by: Varad Gautam
> ---
Acked-by: Jarkko Sakkinen
/Jarkk
On Mon, Mar 29, 2021 at 12:11:24PM +0200, Ahmad Fatoum wrote:
> Hello Jarkko,
>
> On 28.03.21 22:37, Jarkko Sakkinen wrote:
> > On Sat, Mar 27, 2021 at 01:41:24PM +0100, David Gstir wrote:
> >> Generally speaking, I’d say trusting the CAAM RNG and trusting in it’s
> >> other features are two separ
On Tue, Mar 30, 2021 at 12:56:41PM +0530, Sumit Garg wrote:
> On Mon, 29 Mar 2021 at 01:07, Jarkko Sakkinen wrote:
> >
> > On Sat, Mar 27, 2021 at 01:41:24PM +0100, David Gstir wrote:
> > > Hi!
> > >
> > > > On 25.03.2021, at 06:26, Sumit Garg wrote:
> > > >
> > > > On Wed, 24 Mar 2021 at 19:37,
On Tue, Mar 30, 2021 at 02:47:18PM -0700, Eric Biggers wrote:
> On Sun, Mar 28, 2021 at 11:37:23PM +0300, Jarkko Sakkinen wrote:
> >
> > Unfortunately, TPM trusted keys started this bad security practice, and
> > obviously it cannot be fixed without breaking uapi backwards compatibility.
> >
>
>
On Thu, Apr 01, 2021 at 02:31:46AM +0300, Jarkko Sakkinen wrote:
>
> It's a bummer but uapi is the god in the end. Since TPM does not do it
> today, that behaviour must be supported forever. That's why a boot option
> AND a warning would be the best compromise.
>
It's not UAPI if there is no way
On Tue, Mar 30, 2021 at 10:28:12PM +0200, Varad Gautam wrote:
> An X.509 wrapper for a RSASSA-PSS signature contains additional
> signature parameters over the PKCSv.15 encoding scheme. Extend the
> x509 parser to allow parsing RSASSA-PSS encoded certificates, with
> the defaults taken from RFC8017
On Wed, Mar 31, 2021 at 04:34:29PM -0700, Eric Biggers wrote:
> On Thu, Apr 01, 2021 at 02:31:46AM +0300, Jarkko Sakkinen wrote:
> >
> > It's a bummer but uapi is the god in the end. Since TPM does not do it
> > today, that behaviour must be supported forever. That's why a boot option
> > AND a wa
Delete unneeded variable initialization
Signed-off-by: Kai Ye
---
drivers/crypto/rockchip/rk3288_crypto_ahash.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/rockchip/rk3288_crypto_ahash.c
b/drivers/crypto/rockchip/rk3288_crypto_ahash.c
index 81befe7..ed0305
On Wed, Mar 31, 2021 at 04:34:29PM -0700, Eric Biggers wrote:
> On Thu, Apr 01, 2021 at 02:31:46AM +0300, Jarkko Sakkinen wrote:
> >
> > It's a bummer but uapi is the god in the end. Since TPM does not do it
> > today, that behaviour must be supported forever. That's why a boot option
> > AND a wa
On Thu, Apr 01, 2021 at 12:11:32PM +1100, Herbert Xu wrote:
> On Wed, Mar 31, 2021 at 04:34:29PM -0700, Eric Biggers wrote:
> > On Thu, Apr 01, 2021 at 02:31:46AM +0300, Jarkko Sakkinen wrote:
> > >
> > > It's a bummer but uapi is the god in the end. Since TPM does not do it
> > > today, that beha
On Thu, Apr 01, 2021 at 08:50:05AM +0300, Jarkko Sakkinen wrote:
> On Thu, Apr 01, 2021 at 12:11:32PM +1100, Herbert Xu wrote:
> > On Wed, Mar 31, 2021 at 04:34:29PM -0700, Eric Biggers wrote:
> > > On Thu, Apr 01, 2021 at 02:31:46AM +0300, Jarkko Sakkinen wrote:
> > > >
> > > > It's a bummer but
26 matches
Mail list logo
