Re: [PATCH 3/4] crypto: caam - add in-kernel interface for blob generator

From: David Gstir
Date: Wed Aug 11 2021 - 06:43:14 EST

Next message: Vlastimil Babka: "Re: [PATCH v14 039/138] mm/memcg: Convert commit_charge() to take a folio"
Previous message: Anshuman Khandual: "Re: [PATCH] KVM: arm64: Restrict IPA size to maximum 48 bits on 4K and 16K page size"
In reply to: Ahmad Fatoum: "Re: [PATCH 3/4] crypto: caam - add in-kernel interface for blob generator"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Ahmad,

> On 11.08.2021, at 12:22, Ahmad Fatoum <a.fatoum@xxxxxxxxxxxxxx> wrote:
>
>> Since you already assert that MAX_BLOB_SIZE <= CAAM_BLOB_MAX_LEN
>> in security/keys/trusted-keys/trusted_caam.c, this will never
>> be an issue for CAAM-based trusted-keys though.
> I omitted checks in code, which are verified at compile-time.
> Would you prefer a runtime check to be added as well?

I’d say the compile-time check suffices, unless this is intended
to be used outside of trusted-keys. But I don’t think this is very likely…

Cheers,
David

Next message: Vlastimil Babka: "Re: [PATCH v14 039/138] mm/memcg: Convert commit_charge() to take a folio"
Previous message: Anshuman Khandual: "Re: [PATCH] KVM: arm64: Restrict IPA size to maximum 48 bits on 4K and 16K page size"
In reply to: Ahmad Fatoum: "Re: [PATCH 3/4] crypto: caam - add in-kernel interface for blob generator"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]