Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp1438685imm; Wed, 20 Jun 2018 18:45:50 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIIKalerl5unvjfUw18hBHJbzc+UBe3FG9uc5jJZje6Ch9fphQ9ITDAcxxNmq7OrMbUf79a X-Received: by 2002:a62:ea14:: with SMTP id t20-v6mr25417350pfh.117.1529545550568; Wed, 20 Jun 2018 18:45:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529545550; cv=none; d=google.com; s=arc-20160816; b=AbeAdc6lm6y8/DQAwT6HitBt6FkMViJRAaQM9tz3857vzxh1ho+mFbszkm757sS8X8 EeWclnsdvUw9tJQtggB/r0sX0Tq1aNG6lCBa4HujeZ3GDfvGhRouTVCtp12HOvxnchuI zCVvJAqb9/l9VXyarBaY9bbYxPfEG+yKijHLB1UJBCksBshDnpfp6xyPMm9IrDTDZCOG YqOcsajZ9SFD4KB6frDgqjdfik/5yaiZct2ILTzXF8mlRR6ZDA2r/qgymMHAyzU04s+G 42mKxt7OEM3YbKXor2MNeMiYDzfgwh8jvi02ALj/cNEwTyvcf2peUDRFN1AwFUsEdrbP petw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date :arc-authentication-results; bh=PdvYvJk1ZtAdd2YOWwyeEhY1x5a+2QLqkiOJxC6FuhE=; b=Jg9O4KaTz5H08JW9iYUkNHJv6AzsO9fGt8Exg0uT+w7SeXgSOlvTd8ngOkoAh5ppOi 87bpL2+1Gt2par2JOdMy8iI2n5WPz/5VTSfuyTq0UKjJHx3OUe4y2x3L1YfqG6CTkqD7 nTbk40BVitMFzk2Bd1jlxpxt57cwRJiRvt42VZhFkxyDGKbI4xtZZuQI7yv7jzWzC75S hMnByq6Z/t+HdipPhgKJ1OxQu3Ohx/TfsxPPd905cOI1DOMO3wL7yLbqBDL4ci4NFE7Q 0w3J+MoKWSBzvQWQZwNnCc8luriTibXRyfPTK3Brl7MPZka5VTqF47YxSqUvauUgYiob SmKg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 189-v6si3524586pfg.163.2018.06.20.18.45.36; Wed, 20 Jun 2018 18:45:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754303AbeFUBoz (ORCPT + 99 others); Wed, 20 Jun 2018 21:44:55 -0400 Received: from namei.org ([65.99.196.166]:60460 "EHLO namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754088AbeFUBoy (ORCPT ); Wed, 20 Jun 2018 21:44:54 -0400 Received: from localhost (localhost [127.0.0.1]) by namei.org (8.14.4/8.14.4) with ESMTP id w5L1iTh5031024; Thu, 21 Jun 2018 01:44:30 GMT Date: Thu, 21 Jun 2018 11:44:29 +1000 (AEST) From: James Morris To: Herbert Xu cc: "Maciej S. Szmigiero" , David Howells , Tom Lendacky , Gary Hook , "David S. Miller" , james.morris@microsoft.com, "Serge E. Hallyn" , keyrings@vger.kernel.org, linux-security-module@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2][RESEND] X.509: unpack RSA signatureValue field from BIT STRING In-Reply-To: <20180620143807.fo7c5endwd5yy24r@gondor.apana.org.au> Message-ID: References: <04f372f3-bc26-c629-2269-0e5d258f9d8f@maciej.szmigiero.name> <80e95323-eb7f-6af3-ad05-f174c69fb948@maciej.szmigiero.name> <9a9bfd23-d7be-7f16-925e-5fe00cbfba9f@maciej.szmigiero.name> <20180620143807.fo7c5endwd5yy24r@gondor.apana.org.au> User-Agent: Alpine 2.21 (LRH 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 20 Jun 2018, Herbert Xu wrote: > On Wed, Jun 20, 2018 at 02:24:54PM +0200, Maciej S. Szmigiero wrote: > > > > A friendly ping here. > > > > @AMD people: > > Without this patch, in-kernel X.509 certificate verification is broken > > on AMD CCP RSA implementation. > > > > For example, loading wireless regulatory database gives the following > > errors: > > > [ 21.310361] cfg80211: Problem loading in-kernel X.509 certificate (-22) > > > [ 21.351717] cfg80211: loaded regulatory.db is malformed or signature is missing/invalid > > > > Kernel modules signature verification probably has similar problem, too. > > > > That's why it would be nice if you could ack this patch, please. > > David/James, is there an issue with the patch? Not from my POV. -- James Morris