Thanks a lot,
this 'plugin' seems to be pretty mature already, me & several other GNU/Gentoo
users are using it right now for storing more efficiently the portage-tree
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More maj
c key algorithm is
printed in /proc/keys, but is not returned by KEYCTL_PKEY_QUERY or
KEYCTL_DESCRIBE.
Does it make sense to add the information from key->type->describe() to
KEYCTL_PKEY_QUERY or KEYCTL_DESCRIBE? Or add something new like
KEYCTL_DESCRIBE_TYPE?
--
Mat Martineau
Intel OTC
ot;dh_private" instead to allow the header file
to be used in C++ userspace.
Fixes: https://bugzilla.kernel.org/show_bug.cgi?id=191051
Ugh. Yeah. This is a UAPI breaker, but I think we have to do it, despite it
being 2 years old. Maybe wrap that element in a #ifdef so it's still allowed
it can be resubmitted as [PATCH net].
In any case, the content is good:
Reviewed-by: Mat Martineau
--
Mat Martineau
Intel
t(key);
+ return ret;
+}
+
+static void keyctl_pkey_params_free(struct kernel_pkey_params *params)
+{
+ kfree(params->info);
+ key_put(params->key);
+ key_put(params->password);
+}
+
+enum {
+ Opt_err = -1,
+ Opt_enc,/* "enc=" eg. &q
eed to check for NULL asym_eds_op before calling.
Regards,
--
Mat Martineau
Intel OTC
ize = len;
+ info->max_enc_size = len;
+ info->max_dec_size = len;
If len > UINT16_MAX, should UINT16_MAX be reported as the max size?
Similar question for len*8 and key_size.
--
Mat Martineau
Intel OTC
-asn1.h
+
+clean-files+= pkcs8-asn1.c pkcs8-asn1.h
--
Mat Martineau
Intel OTC
ed with all the
requisite plumbing to the asymmetric key subtype.
--
Mat Martineau
Intel OTC
On Thu, 12 May 2016, David Howells wrote:
Mat Martineau wrote:
+ len = crypto_akcipher_maxsize(tfm);
+ info->key_size = len * 8;
+ info->max_data_size = len;
+ info->max_sig_size = len;
+ info->max_enc_size = len;
+ info->max_dec_size
akcipher_request *req)
...
+ ret = verify_signature(key, NULL, &sig);
key->type->asym_verify_signature() is available as well.
Regards,
--
Mat Martineau
Intel OTC
35891 ("PKCS#7:
pkcs7_validate_trust(): initialize the _trusted output argument"), right
after the local declarations.
+struct key *trust_keyring)
{
struct pkcs7_signed_info *sinfo;
struct x509_certificate *p;
Regards,
--
Mat Martineau
Intel OTC
On Tue, Oct 1, 2019 at 10:27 AM Greg KH wrote:
>
> On Tue, Oct 01, 2019 at 10:09:46AM -0600, Mat King wrote:
> > Resending in plain text mode
> >
> > I have been looking into adding Linux support for electronic privacy
> > screens which is a feature on some new l
l.h: don't use C++ reserved keyword as a
struct member name")
Signed-off-by: David Howells
cc: Randy Dunlap
cc: Lubomir Rintel
cc: James Morris
cc: Mat Martineau
cc: Stephan Mueller
cc: Andrew Morton
cc: Linus Torvalds
cc: sta...@vger.kernel.org
---
include/uapi/linux/keyctl.h
Stephan and Tadeusz,
On Fri, 10 Jun 2016, Tadeusz Struk wrote:
On 06/09/2016 11:36 AM, Stephan Mueller wrote:
Am Donnerstag, 9. Juni 2016, 11:27:13 schrieb Mat Martineau:
Hi Mat, Tadeusz,
Ok, after checking the code again, I think that dropping that sanity check
should be ok given that
return n >= CRYPTO_MAX_ALG_NAME ? -EINVAL : 0;
+ }
+
+ if (strcmp(encoding, "raw") == 0) {
+ strcpy(alg_name, pkey->pkey_algo);
+ return 0;
+ }
+
+ return -ENOPKG;
+}
Regards,
--
Mat Martineau
Intel OTC
On Wed, 8 Jun 2016, Stephan Mueller wrote:
Am Dienstag, 7. Juni 2016, 17:28:07 schrieb Mat Martineau:
Hi Mat,
+ used = ctx->used;
+
+ /* convert iovecs of output buffers into scatterlists */
+ while (iov_iter_count(&msg->msg_iter)) {
+ /* make
On Thu, 9 Jun 2016, Stephan Mueller wrote:
Am Mittwoch, 8. Juni 2016, 12:14:49 schrieb Mat Martineau:
Hi Mat,
On Wed, 8 Jun 2016, Stephan Mueller wrote:
Am Dienstag, 7. Juni 2016, 17:28:07 schrieb Mat Martineau:
Hi Mat,
+ used = ctx->used;
+
+ /* convert iovecs of out
On Thu, 9 Jun 2016, Stephan Mueller wrote:
Am Donnerstag, 9. Juni 2016, 11:18:04 schrieb Mat Martineau:
Hi Mat,
Or is your concern that the user space interface restricts things too much
and thus prevents a valid use case?
The latter - my primary concern is the constraint this places on
On Tue, 5 Jul 2016, Tadeusz Struk wrote:
Hi Mat,
On 06/29/2016 11:43 AM, Mat Martineau wrote:
+ret = verify_signature(key, &sig);
+if (!ret) {
+req->dst_len = sizeof(digest);
I think you fixed the BUG_ON() problem but there's still an issue with
the handling o
On Fri, 8 Jul 2016, Tadeusz Struk wrote:
Hi Mat,
On 07/06/2016 12:38 PM, Mat Martineau wrote:
So it looks like the only thing that we need to return to the user in
this case is the return code. Do you agree?
The way verify_signature is implemented today, the only output is the
return code
hould it be set to something
like -EALREADY to indicate that data is already queued for a different
crypto op?
+unlock:
+ akcipher_data_wakeup(sk);
+ release_sock(sk);
+
+ return err ?: copied;
+}
Regards,
--
Mat Martineau
Intel OTC
_be_signed_hash;
+ efi_time_t time_of_revocation;
+} efi_cert_x509_sha256_t;
+
/*
* All runtime access to EFI goes through this structure:
*/
--
Mat Martineau
Intel OTC
/* ensure output buffer is sufficiently large */
+ if (usedpages < akcipher_calcsize(ctx)) {
+ err = -EMSGSIZE;
+ goto unlock;
+ }
Why is the size of the output buffer enforced here instead of depending on
the algorithm implementation?
Thanks,
Mat
+
y in a TPM) can or can not provide the digest needed. Maybe this
is why the verify_signature hook in struct asymmetric_key_subtype is
optional.
+ scatterwalk_map_and_copy(digest, req->dst, 0, req->dst_len, 1);
+ }
+ kfree(src);
+ return ret;
+}
+
--
Mat Martineau
Intel OTC
when
David announces that it is open again. The change does look ok but will
not be merged now.
Thanks for your patch,
--
Mat Martineau
Intel
WRITE_ONCE() in __mptcp_move_skb() as your
conflict resolution does, or I can submit a patch later to add the
WRITE_ONCE() in that location. The latter is what I suggested to David
when submitting the patch to the net tree.
Thanks,
Mat
diff --cc net/mptcp/protocol.c
index 5d747c6a610
in(struct mptcp_sock *msk, u64 data_fin_seq, bool
use_64bit);
+ void mptcp_destroy_common(struct mptcp_sock *msk);
Yes, this is the appropriate conflict resolution. Thanks!
--
Mat Martineau
Intel
On Fri, May 1, 2020 at 6:32 PM Sebastian Reichel
wrote:
>
> Hi,
>
> On Fri, Apr 24, 2020 at 11:35:30AM -0600, Mathew King wrote:
> > Make the device attribute list used to create sysfs attributes more
> > robust by decoupling the list order from order of the enum defined in
> > power_supply.h. Thi
On Fri, Jun 5, 2020 at 5:30 AM Rafael J. Wysocki wrote:
>
> On Thu, Jun 4, 2020 at 9:57 PM Mathew King wrote:
> >
> > When the ACPI battery receives a notification event it should always
> > read the battery state fresh from the ACPI device and not use the cached
> > state.
>
> Why should it?
Ac
b.com/multipath-tcp/mptcp_net-next/wiki - and we
are working on more documentation with the kind of pointers you're looking
for.
Thanks for trying out MPTCP!
--
Mat Martineau
Intel
df5 ("mptcp: MPTCP_IPV6 should depend on IPV6 instead of selecting
it")
Signed-off-by: Matthieu Baerts
---
tools/testing/selftests/net/mptcp/config | 1 +
1 file changed, 1 insertion(+)
Reviewed-by: Mat Martineau
--
Mat Martineau
Intel
.org/project/netdev/patch/078a2ef5bdc4e3b2c25ef852461692001f426495.1604976945.git.geliangt...@gmail.com/
Thanks!
--
Mat Martineau
Intel
| 12 ++--
net/mptcp/protocol.h | 10 +-
3 files changed, 18 insertions(+), 18 deletions(-)
Reviewed-by: Mat Martineau
--
Mat Martineau
Intel
Abeni
Signed-off-by: Geliang Tang
---
net/mptcp/options.c | 29 +
net/mptcp/pm.c | 25 +
net/mptcp/protocol.h | 9 +
3 files changed, 63 insertions(+)
Reviewed-by: Mat Martineau
--
Mat Martineau
Intel
status, and called mptcp_pm_nl_rm_addr_received to handle
it.
In mptcp_pm_nl_rm_addr_received, we closed the subflow matching the rm_id,
and updated PM counter.
Suggested-by: Matthieu Baerts
Suggested-by: Paolo Abeni
Suggested-by: Mat Martineau
Signed-off-by: Geliang Tang
---
net/mptcp/options.c
need to move
__mptcp_init_sock before the mptcp_is_enabled check in mptcp_init_sock.
Suggested-by: Matthieu Baerts
Suggested-by: Paolo Abeni
Suggested-by: Mat Martineau
Acked-by: Paolo Abeni
Signed-off-by: Geliang Tang
---
net/mptcp/pm.c | 7 ++-
net/mptcp/pm_netlink.c | 122
Baerts
Suggested-by: Paolo Abeni
Suggested-by: Mat Martineau
Acked-by: Paolo Abeni
Signed-off-by: Geliang Tang
---
net/mptcp/mib.c| 2 ++
net/mptcp/mib.h| 2 ++
net/mptcp/pm_netlink.c | 5 +
3 files changed, 9 insertions(+)
Reviewed-by: Mat Martineau
--
Mat Martineau
Intel
| 1 +
net/mptcp/subflow.c | 4 +---
3 files changed, 10 insertions(+), 6 deletions(-)
Reviewed-by: Mat Martineau
--
Mat Martineau
Intel
can be sent and received completely.
Otherwise the remove address and subflow test cases don't work.
Suggested-by: Matthieu Baerts
Suggested-by: Paolo Abeni
Suggested-by: Mat Martineau
Acked-by: Paolo Abeni
Signed-off-by: Geliang Tang
---
.../selftests/net/mptcp/mptcp_connect.c
On Thu, 24 Sep 2020, Geliang Tang wrote:
Add a new struct mptcp_pm_add_entry to describe add_addr's entry.
Acked-by: Paolo Abeni
Signed-off-by: Geliang Tang
---
net/mptcp/pm_netlink.c | 19 ---
1 file changed, 12 insertions(+), 7 deletions(-)
Reviewed-by: Mat Mart
hieu Baerts
Suggested-by: Paolo Abeni
Suggested-by: Mat Martineau
Acked-by: Paolo Abeni
Signed-off-by: Geliang Tang
---
.../testing/selftests/net/mptcp/mptcp_join.sh | 145 +-
1 file changed, 142 insertions(+), 3 deletions(-)
Reviewed-by: Mat Martineau
--
Mat Martineau
Intel
changed, 9 insertions(+)
Reviewed-by: Mat Martineau
--
Mat Martineau
Intel
On Thu, 24 Sep 2020, Geliang Tang wrote:
This patch implemented the retransmition of ADD_ADDR when no ADD_ADDR echo
is received. It added a timer with the announced address. When timeout
occurs, ADD_ADDR will be retransmitted.
Suggested-by: Mat Martineau
Suggested-by: Paolo Abeni
Acked-by
On Thu, Jun 25, 2020 at 2:26 AM Enric Balletbo i Serra
wrote:
>
> Hi Qiushi,
>
> Thank you for your patch.
>
> On 23/5/20 5:16, wu000...@umn.edu wrote:
> > From: Qiushi Wu
> >
> > In function cros_ec_ishtp_probe(), "up_write" is already called
> > before function "cros_ec_dev_init". But "up_write
I did not find any issues in the patch.
Thanks,
Mat
Reported-by: syzbot
Fixes: 97d3aa0f3134 ("KEYS: Add a lookup_restriction function for the asymmetric key
type")
Cc: # v4.12+
Signed-off-by: Eric Biggers
---
security/keys/keyctl.c | 24 ++--
1 file chan
have
a chance I'll see if I can find a reproducer.
CONFIG_KEY_DH_OPERATIONS and use of mpi_powm() by KEYCTL_DH_COMPUTE goes
back to v4.7, when the MPI library was called directly. KPP was not
implemented yet.
--
Mat Martineau
Intel OTC
the commit message?
Thanks for the fix.
Mat
Cc: sta...@vger.kernel.org # v4.12+
Signed-off-by: Eric Biggers
---
lib/mpi/mpi-pow.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/mpi/mpi-pow.c b/lib/mpi/mpi-pow.c
index e24388a863a7..f089a52dbbdb 100644
--- a/lib/mpi/mpi-pow.c
+++ b/l
On Fri, 8 Dec 2017, David Howells wrote:
Mat Martineau wrote:
Since this fixes the bug for the asymmetric key type and ensures that other
key types won't make the same mistake, I agree this is the way to fix it. I
did not find any issues in the patch.
Can I put that down as a Review
49 matches
Mail list logo
