On Tue, Jan 20, 2026 at 11:15:57PM +0000, David Howells wrote: > Eric Biggers <[email protected]> wrote: > > > As I mentioned in another reply, error-prone string parsing isn't a > > great choice. C has native support for function parameters. > > But is constrained that it has to work with KEYCTL_PKEY_VERIFY's info > parameter.
The cover letter of this patchset summarizes it as "These patches add ML-DSA module signing and RSASSA-PSS module signing." Adding KEYCTL_PKEY_VERIFY support for these algorithms would be a significant new UAPI feature that would need its own justification and its own documentation and test updates. However, it was established pretty clearly in past discussions that KEYCTL_PKEY_* are a mistake and basically exist only for backwards compatibility with iwd. So I don't understand why you're advocating for adding new features to them. - Eric
