Re: Crypto Fixes for 4.12

On Thu, Jun 08, 2017 at 10:05:02AM -0400, David Miller wrote: > From: Herbert Xu > Date: Thu, 8 Jun 2017 17:23:21 +0800 > > > This push fixes a couple of places in the crypto code that were > > doing interruptible sleeps dangerously. They have been converted > > to

Re: [Patch V5 1/7] crypto: Multi-buffer encryption infrastructure support

On Mon, 2017-04-24 at 17:00 +0800, Herbert Xu wrote: > On Thu, Apr 20, 2017 at 01:50:34PM -0700, Megha Dey wrote: > > > > +static int simd_skcipher_decrypt_mb(struct skcipher_request *req) > > +{ > > + struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); > > + struct simd_skcipher_ctx_mb

Re: [PATCH v4 12/13] bluetooth/smp: ensure RNG is properly seeded before ECDH use

On Thu, Jun 8, 2017 at 7:05 PM, Marcel Holtmann wrote: > on a powered down controller, you can not do any crypto. SMP is only during a > connection and the RPAs are only generated when needed. So yes, doing this > once in hci_power_on is plenty. However we might want to

Re: [PATCH v4 12/13] bluetooth/smp: ensure RNG is properly seeded before ECDH use

Hi Jason, >> yes, there are plenty of commands needed before a controller becomes usable. > > That doesn't clearly address with precision what Ted was wondering. > Specifically, the inquiry is: can you confirm with certainty whether > or not all calls to get_random_bytes() in the bluetooth

Re: Crypto Fixes for 4.12

From: Herbert Xu Date: Thu, 8 Jun 2017 17:23:21 +0800 > This push fixes a couple of places in the crypto code that were > doing interruptible sleeps dangerously. They have been converted > to use non-interruptible sleeps. This push also fixes a bug in >

Re: [PATCH v3 04/13] crypto/rng: ensure that the RNG is ready before using

On Tue, Jun 06, 2017 at 05:56:20AM +0200, Jason A. Donenfeld wrote: > Hey Ted, > > On Tue, Jun 6, 2017 at 5:00 AM, Theodore Ts'o wrote: > > Note that crypto_rng_reset() is called by big_key_init() in > > security/keys/big_key.c as a late_initcall(). So if we are on a > > system

Re: [kernel-hardening] Re: [PATCH v4 06/13] iscsi: ensure RNG is seeded before use

On Thu, Jun 8, 2017 at 4:43 AM, Theodore Ts'o wrote: > What was the testing that was done for commit? It looks safe, but I'm > unfamiliar enough with how the iSCSI authentication works that I'd > prefer getting an ack'ed by from the iSCSI maintainers or > alternativel, information

Re: [PATCH v4 12/13] bluetooth/smp: ensure RNG is properly seeded before ECDH use

Hello Marcel, On Thu, Jun 8, 2017 at 7:04 AM, Marcel Holtmann wrote: > yes, there are plenty of commands needed before a controller becomes usable. That doesn't clearly address with precision what Ted was wondering. Specifically, the inquiry is: can you confirm with

Re: [PATCH v4 13/13] random: warn when kernel uses unseeded randomness

On Thu, Jun 8, 2017 at 10:19 AM, Theodore Ts'o wrote: > At the very least we probably should do a logical "uniq" on the output > (e.g., if we have complained about the previous callsite, don't whinge > about it again). That seems okay to me.

Crypto Fixes for 4.12

Hi Linus: This push fixes a couple of places in the crypto code that were doing interruptible sleeps dangerously. They have been converted to use non-interruptible sleeps. This push also fixes a bug in asymmetric_keys where it would trigger a use-after-free if a request returned EBUSY due to a

Re: [PATCH v4 13/13] random: warn when kernel uses unseeded randomness

On Tue, Jun 6, 2017 at 1:48 PM, Jason A. Donenfeld wrote: > This enables an important dmesg notification about when drivers have > used the crng without it being seeded first. Prior, these errors would > occur silently, and so there hasn't been a great way of diagnosing these >

Re: [PATCH v4 13/13] random: warn when kernel uses unseeded randomness

On Tue, Jun 06, 2017 at 07:48:04PM +0200, Jason A. Donenfeld wrote: > This enables an important dmesg notification about when drivers have > used the crng without it being seeded first. Prior, these errors would > occur silently, and so there hasn't been a great way of diagnosing these > types of