From patchwork Tue Sep 6 16:32:27 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kirill Marinushkin X-Patchwork-Id: 9317461 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5E15B60752 for ; Tue, 6 Sep 2016 16:32:46 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4CD7428638 for ; Tue, 6 Sep 2016 16:32:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 415BF28DB7; Tue, 6 Sep 2016 16:32:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.4 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id ECDA228638 for ; Tue, 6 Sep 2016 16:32:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933460AbcIFQco (ORCPT ); Tue, 6 Sep 2016 12:32:44 -0400 Received: from mail-wm0-f65.google.com ([74.125.82.65]:36111 "EHLO mail-wm0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753790AbcIFQcn (ORCPT ); Tue, 6 Sep 2016 12:32:43 -0400 Received: by mail-wm0-f65.google.com with SMTP id l65so11586726wmf.3; Tue, 06 Sep 2016 09:32:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=sxSyh1xeEovLfCr0Xe0Zn+XIXocCehnkuimXR+xkpfY=; b=td23nksSHx96BWOu3F9MEL5os6S3mjHTGnoCr7Dk/NHi7NR4Bq/J7PMo0753I0l2DI AzUNhqGbZRRXtrOttSXiRs9/mnYvNfUUopwVUMyGXI5+4lHIntOybgMp7zJ2B67zSod9 eK+iqq/k13US7/LBHAfsPBN9trMUIyCYw/3f5Mi0usVsMy+Wi2LX+1VzZq+AhWGJrpP4 6qUW8GmKcP+5nmoUEeg+ZNLoZWBilHcgz5O3f4O/Q1yASku+CjdzAIO0bOP89/s5Xq1V J16c1Sbr2zbrWdArePgD2R+qyt41dsJVzzDtshUdcwoFwwZpm1V5qZxQhaNNQMqtWVyA akbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=sxSyh1xeEovLfCr0Xe0Zn+XIXocCehnkuimXR+xkpfY=; b=S2y5Skaowfc94vzCUie9kiM2CgS+67ArOp8kmLrfNSwDZtYBMBAFbhBPdNb8yR1b4/ ZfHHsqONeyJ2N2jpvD6NjG1wRwLOSsH9UT/N6Mj1EqPUifCqZV/Yw3oghJWtTiovorXU dr2W5C9qed+QWzStO5Da5gQSkcOqlMMNgrD5xacJm7t4DSmYSwOhHOrKTz5jS0gPU34b VrqyAxK1KZXG+JPbARViX2AfJyOyTLBPIKgZLMns1jlliinFt89UJO81TsNKXtDZXL5b /8fnTnDpAnvknKGuh3tUg8f2TM5VfhexPpy05tKrrReR3iZKDKBOZ/LRaS1k+lECg7Tm sTWQ== X-Gm-Message-State: AE9vXwNceffaCpsNUUVyBGK5Xhz5zDAGOchFqt0vFdlwSyqCNnL57fdhTAc9CmEde8+ARg== X-Received: by 10.194.87.34 with SMTP id u2mr42129101wjz.118.1473179561813; Tue, 06 Sep 2016 09:32:41 -0700 (PDT) Received: from kirill-Lenovo-B570e.localdomain (x4e335c26.dyn.telefonica.de. [78.51.92.38]) by smtp.gmail.com with ESMTPSA id ks1sm13702497wjb.24.2016.09.06.09.32.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 06 Sep 2016 09:32:40 -0700 (PDT) From: Kirill Marinushkin To: dhowells@redhat.com Cc: asavkov@redhat.com, k.marinushkin@gmail.com, paul.gortmaker@windriver.com, james.l.morris@oracle.com, keyrings@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] security/keys: make BIG_KEYS dependent on stdrng. Date: Tue, 6 Sep 2016 18:32:27 +0200 Message-Id: <1473179547-12101-1-git-send-email-k.marinushkin@gmail.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <32083.1473167516@warthog.procyon.org.uk> References: <32083.1473167516@warthog.procyon.org.uk> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP > The other thing is that I have been given a conflicting patch (see > below). Is your fix preferable? The patch you attached previously is v1; I submitted v2 after review by Stephan Mueller. I additionally attach it here below. IMO, the preferable fix depends on your future plan. If you plan to continue using both ANSI X9.31 DRNG and DRBG - I agree with the patch suggested by Artem Savkov. If you plan to reduce using ANSI X9.31 DRNG and use DRBG more widely - I suggest my patch. Best Regards, Kirill --- From Kirill Marinushkin Subject [PATCH v2] KEYS: fix big_key dependency Date Tue, 16 Aug 2016 21:51:12 +0200 This patch fixes the following bug: [oss-security] - panic at big_key_preparse #4.7-r6/rc7 & master Signed-off-by: Kirill Marinushkin --- security/keys/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/keys/Kconfig b/security/keys/Kconfig index f826e87..5bc5114 100644 --- a/security/keys/Kconfig +++ b/security/keys/Kconfig @@ -44,7 +44,7 @@ config BIG_KEYS select CRYPTO select CRYPTO_AES select CRYPTO_ECB - select CRYPTO_RNG + select CRYPTO_RNG_DEFAULT -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html