lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20141124072246.GX6390@secunet.com>
Date:	Mon, 24 Nov 2014 08:22:46 +0100
From:	Steffen Klassert <steffen.klassert@...unet.com>
To:	Stephan Mueller <smueller@...onox.de>
CC:	Herbert Xu <herbert@...dor.apana.org.au>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: crypto: user - crypto_alg_match removal

Hi Stephan.

On Sat, Nov 22, 2014 at 11:25:05PM +0100, Stephan Mueller wrote:
> Hi Steffen, Herbert,
> 
> may I ask for the reasons why crypto_alg_match exists? Doesn't it 
> implement crypto_alg_lookup -- and that not even complete? Is there a 
> particular reason why this exact flag of crypto_alg_match is really 
> needed in the context of crypto_user?
> 
> Unless there is such valid reason, may I ask whether we can remove 
> crypto_alg_match and simply use crypto_alg_lookup in all instances where 
> crypto_alg_match is invoked using the following replacement:
> 
> alg = crypto_alg_lookup(p->cru_name, p->cru_type, p->cru_mask)
> 
> The only problem with this replacement is that p->cru_driver_name is not 
> considered with that. 

With crypto_alg_lookup() we don't know whether the match is based on
the driver or the algorithm name. That's why we have crypto_alg_match(),
here we can ask for a driver or an algorithm match. In some situations it
is important to have an exact match on the crypto driver name. For example
if a user wants to instantiate or delete a certain inplementation of an
algorithm. In this case we need to know whether this exact algorithm
driver is registered in the system.

> Do you think a double invocation of 
> crypto_alg_lookup should be done or that even the user space interface 
> should be changed such that cru_driver_name is removed from it?

Whatever we do, we can't remove cru_driver_name as this is exported
to userspace and tools already use it.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ