Re: [PATCH] Use kzfree in crypto API context initialization and key/iv handling

From: Larry H. resea...@subreption.com Date: Sat, 30 May 2009 19:57:20 -0700 [PATCH] Use kzfree in crypto API context initialization and key/iv handling Thanks for not CC:ing the crypto list, and also not CC:'ing the crypto maintainer. Your submissions leave a lot to be desired, on every

Re: [patch 5/5] Apply the PG_sensitive flag to the CryptoAPI subsystem

Also, there's no discussion about long-lived threads keeping sensitive information in there kernel stack indefinitely. kernel stack clearing isn't hard to do, just do it on every syscall exit and in the infinite loop for kernel threads. Actually that is probably not as important. In most

Re: [patch 5/5] Apply the PG_sensitive flag to the CryptoAPI subsystem

On 30 May 2009 at 20:05, Ingo Molnar wrote: I think there's a rather significant omission here: there's no discussion about on-kernel-stack information leaking out. If a thread that does a crypto call happens to leave sensitive on-stack data (this can happen easily as stack variables are

Re: HMAC regression

You must getting an sg entry that crosses a page boundary, rather than two sg entries that both stay within a page. Yes. These things are very rare, and usually occurs as a result of SLAB debugging causing kmalloc to return memory that crosses page boundaries. Indeed, SLAB_DEBUG was

Re: Crypto Update for 2.6.30

Hi Linus: This push fixes a regression that triggers with SLAB debugging on, where the new ahash code fails to handle sg entries that cross page boundaries which are generated by kmalloc. Please pull from git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git or

Re: HMAC regression

On Sun, May 31, 2009 at 03:01:19PM +0200, Martin Willi wrote: Yes, it fixes HMAC calculation with enabled SLAB debugging. Thanks for confirming. I'll push the fix through. -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmVHI~} herb...@gondor.apana.org.au Home Page:

Re: [PATCH] Use kzfree in crypto API context initialization and key/iv handling

David Miller wrote: From: Larry H. resea...@subreption.com Date: Sat, 30 May 2009 19:57:20 -0700 [PATCH] Use kzfree in crypto API context initialization and key/iv handling Thanks for not CC:ing the crypto list, and also not CC:'ing the crypto maintainer. Your submissions leave a lot to be

Re: linux-image-2.6.24-1-686: airo hang when loading because of aes

matthieu castet castet.matth...@free.fr wrote: airo driver hang with 2.6.24-6 on a PIII. It seems it it because it need aes crypto. It will first try to load padlock-aes, but it fails to load Then it load geode_aes which load, and airo hang (airo seems to use geode_aes). [1] [...] geode_aes