[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <f2dcbe55-0f0e-4173-8e21-f899c6fc802a@gmail.com>
Date: Wed, 13 Mar 2024 10:26:06 -0700
From: James Prestwood <prestwoj@...il.com>
To: Johannes Berg <johannes@...solutions.net>, Karel Balej
<balejk@...fyz.cz>, dimitri.ledkov@...onical.com
Cc: alexandre.torgue@...s.st.com, davem@...emloft.net, dhowells@...hat.com,
herbert@...dor.apana.org.au, keyrings@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org, linux-crypto@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-modules@...r.kernel.org,
linux-stm32@...md-mailman.stormreply.com, mcgrof@...nel.org,
mcoquelin.stm32@...il.com, linux-wireless@...r.kernel.org,
netdev@...r.kernel.org, iwd@...ts.linux.dev
Subject: Re: [REGRESSION] Re: [PATCH] crypto: pkcs7: remove sha1 support
Hi,
On 3/13/24 1:56 AM, Johannes Berg wrote:
> Not sure why you're CC'ing the world, but I guess adding a few more
> doesn't hurt ...
>
> On Wed, 2024-03-13 at 09:50 +0100, Karel Balej wrote:
>> and I use iwd
> This is your problem, the wireless stack in the kernel doesn't use any
> kernel crypto code for 802.1X.
Yes, the wireless stack has zero bearing on the issue. I think that's
what you meant by "problem".
IWD has used the kernel crypto API forever which was abruptly broken,
that is the problem.
The original commit says it was to remove support for sha1 signed kernel
modules, but it did more than that and broke the keyctl API.
>
> I suppose iwd wants to use the kernel infrastructure but has no
> fallbacks to other implementations.
> johannes
>
Powered by blists - more mailing lists