Re: [PATCH] avoid excessive use of socket buffer in skcipher
On 09/04/2014 09:08 AM, Herbert Xu wrote: On Mon, Aug 25, 2014 at 11:49:54AM +0200, Ondrej Kozina wrote: On archs with PAGE_SIZE = 64 KiB the function skcipher_alloc_sgl() fails with -ENOMEM no matter what user space actually requested. This is caused by the fact sock_kmalloc call inside the function tried to allocate more memory than allowed by the default kernel socket buffer size (kernel param net.core.optmem_max). Signed-off-by: Ondrej Kozina okoz...@redhat.com Patch applied. Thanks! Please could you send this also to stable tree? Upstream commit now is e2cffb5f493a8b431dc87124388ea59b79f0bccb I think it is the problem in all kernels using large page size and skcipher api. Thanks, Milan -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
libkcapi: First release of kernel crypto API userspace library
Hi, The Linux kernel exports a Netlink interface of type AF_ALG to allow user space to utilize the kernel crypto API. libkcapi uses this Netlink interface and exports easy to use APIs so that a developer does not need to consider the low-level Netlink interface handling. Its first release is available at [1]. The library does not implement any cipher algorithms. All consumer requests are sent to the kernel for processing. Results from the kernel crypto API are returned to the consumer via the library API. The kernel interface and therefore this library can be used by unprivileged processes. As the library is small, it may even be included directly into a consuming application instead of using it as a shared library. The library together with the kernel allows the use of symmetric ciphers as well as message digests and keyed message digests. Patches are prepared for submission to LKML to allow AEAD ciphers and RNGs to be used from userspace. [1] http://www.chronox.de/libkcapi.html -- Ciao Stephan -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v2 01/11] crypto: Documentation - crypto API high level spec
Stephan, On Mon, Nov 03, 2014 at 03:18:29PM +0100, Stephan Mueller wrote: Am Montag, 3. November 2014, 08:34:39 schrieb Jonathan Corbet: These are all useful. But I wonder if it would be worth the effort to turn this inti a proper docbook document that automatically has everything together in one place? How do you suggest that is done? The API comments in the header file follow the Doxygen style. Note, Jason Cooper raised the concern that an API documentation separate from the code will surely deviate from the code relatively fast (although I do not really fear that as the kernel crypto API seems to be quite stable over the last years). Agreed. My primary concern was adding it in such a way which facilitates maintenance and keeping it in sync with the code. But as you say, the crypto API doesn't change much. thx, Jason. -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
