Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp2907310rwd; Fri, 2 Jun 2023 17:09:37 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5jwy9Nz7eOEFrjE8g2cvP4SwqUW83y83WlHfg1ftqt039bPkK+Mk4sdK1Hejw5BIjfTjAx X-Received: by 2002:a17:90b:4f84:b0:258:9621:913f with SMTP id qe4-20020a17090b4f8400b002589621913fmr9038419pjb.3.1685750977233; Fri, 02 Jun 2023 17:09:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685750977; cv=none; d=google.com; s=arc-20160816; b=XVDEqQJYSwKROOQb4bhB+kM4puR7LltFGwwy9XQa+3e0J/DRmKIPlrGwX3FQv5ZNFV SKBUtf0N9gk4DOP3PS6JbqmjpVkawE/7M193O27Yg4FB8tyi4AM57dOd0OI1ci/ejmP2 127wm7H15Rs3gl0etNIF271g+MFDPBU5un4+aF/RA20HJApqPaZ6+fiC+esjMYmV2fUP b57LD7kd15pk22FiKbjg/dFmTvnaZWEjEAscwF6bK8xqJULWSKJMShPsCpsA7XTjSxAd 3p5gm1Gg0giZ0VSQ90zi8vIeCmt/g0bSxOYuIspLewg7m4azMO7bnqHdaDPMDpPHrdU1 /1YA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=UIfddwJGgEUnwUCFA5IlnKSK6V7h4JvROQevxAQzNhk=; b=yayfB4fXYMGy/gmUHh8g4W1rOyLbCH8NvwWyFehgWDjYbHoUST1rUiuJ6BNZ2CfKdX sz/y7bqxEsHWLBU8Rbmme9O/ruesGL482eBwxaYCi6EpkTYL3gzPlcSoJibEPUOu6WpI HC63J3IYWYMhaaLENMvlfM2oV30q9AQXYGyH7aDASZGRM4U2cVYOE54kNmYZzrGfyK3c 8ajsUy1DjsxWY51pfv8ulPTGWUpIaudTlmaUenBy3ExOb3M6yeEgkpRl+4EJPZEwggd4 PAS+ZV+Ak9dAUwS4NlTPUGqlzv7dRYPMpHanZKS1gI+el8QUGCnH3YeBeGHI4OU+RF/s fizQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=haM75PQB; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y21-20020a17090aa41500b00255bc974374si1745570pjp.167.2023.06.02.17.09.14; Fri, 02 Jun 2023 17:09:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=haM75PQB; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236574AbjFCAIP (ORCPT + 99 others); Fri, 2 Jun 2023 20:08:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55806 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236467AbjFCAIO (ORCPT ); Fri, 2 Jun 2023 20:08:14 -0400 Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 809D11BF for ; Fri, 2 Jun 2023 17:08:13 -0700 (PDT) Received: by mail-ej1-x634.google.com with SMTP id a640c23a62f3a-974f4897d87so143306266b.0 for ; Fri, 02 Jun 2023 17:08:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; t=1685750891; x=1688342891; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=UIfddwJGgEUnwUCFA5IlnKSK6V7h4JvROQevxAQzNhk=; b=haM75PQBkuqw+UWlyLARJvJ6YuWufLMf+LPGfYfVzXQNgRX9DwRI8tEA1riys0gSxO 0hTcajB+4GOiZZlSdECHvyT3ySrZt0Fy7GLp8Ba/0HUzO0vyjGpQzZd2qUZH2D2N7K0Q a5IhAqy1GMwKlhuNhW2N9XR0uyLXD6JQNyq3U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685750891; x=1688342891; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UIfddwJGgEUnwUCFA5IlnKSK6V7h4JvROQevxAQzNhk=; b=IBdF5yb7EfNlZfz7QD4DYP7/iwbQoyNU3CCj5y4V+Zv6DyHBKQ8XkDz5k169280cZm wnh4BHGWGYFuzmxA17a34e0GlcsQ33sHzsNRsXoFjnf2JZlahWeubGkTDybeb2PtbTrf EpJw/09moVGz8ZKSU7YHl/o3maT5/uST8CfOtyQa+M9VtVRGVwmXAJ28x6BxlJhyhykW wsOCzpn6nCmC0P9UHcCbtmGTRAmrrjnW3F4B7eMDY+i5oEJy13hTBToFz3c+O60BnRU0 9KmyNmAthyMag1IIyBEX8lCngrA9Q5ZLaDgMjOnkFWvSrlFs2NEcugOnEo0TtBPK//Zy hJPg== X-Gm-Message-State: AC+VfDwEP6uf9xPYBomAbY1n+8EizEPdC4N33lOv/afNAJw4qgf8Xu2V vsFsmpxYHdK7w8FpVJ/h3j8PSp1meo7XUProCVzr8uB+ X-Received: by 2002:a17:907:971b:b0:972:aa30:203e with SMTP id jg27-20020a170907971b00b00972aa30203emr118424ejc.34.1685750891624; Fri, 02 Jun 2023 17:08:11 -0700 (PDT) Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com. [209.85.128.52]) by smtp.gmail.com with ESMTPSA id j21-20020a170906095500b0096b20c968afsm1309271ejd.124.2023.06.02.17.08.11 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 02 Jun 2023 17:08:11 -0700 (PDT) Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-3f6e4554453so25464505e9.3 for ; Fri, 02 Jun 2023 17:08:11 -0700 (PDT) X-Received: by 2002:ac2:52ba:0:b0:4f2:7b65:baeb with SMTP id r26-20020ac252ba000000b004f27b65baebmr2458573lfm.53.1685750560415; Fri, 02 Jun 2023 17:02:40 -0700 (PDT) MIME-Version: 1.0 References: <4d7e38ff5bbc496cb794b50e1c5c83bcd2317e69.camel@huaweicloud.com> In-Reply-To: From: Linus Torvalds Date: Fri, 2 Jun 2023 20:02:23 -0400 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [GIT PULL] Asymmetric keys fix for v6.4-rc5 To: Roberto Sassu , David Howells , Herbert Xu Cc: Andrew Morton , Eric Biggers , Stefan Berger , davem@davemloft.net, zohar@linux.ibm.com, dmitry.kasatkin@gmail.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, Jarkko Sakkinen , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, Jun 2, 2023 at 1:38=E2=80=AFPM Linus Torvalds wrote: > > The patch re-uses the allocation it already does for the key data, and > it seems sane. Ugh. I had to check that it was ok to re-use the key buffer, but it does seem to be the case that you can just re-use the buffer after you've done that crypto_akcipher_set_priv/pub_key() call, and the crypto layer has to copy it into its own data structures. I absolutely abhor the crypto interfaces. They all seem designed for that "external DMA engine" case that seems so horrendously pointless and slow. In practice so few of them are that, and we have all those optimized routines for doing it all on the CPU - but have in the meantime wasted all that time and effort into copying everything, turning simple buffers into sg-bufs etc etc. The amount of indirection and "set this state in the state machine" is just nasty, and this seems to all be a prime example of it all. With some of it then randomly going through some kthread too. I still think that patch is probably fine, but was also going "maybe the real problem is in that library helper function (asymmetric_verify(), in this case), which takes those (sig, siglen, digest, digestlen) arguments and turns it into a 'struct public_key_signature' without marshalling them. Just looking at this mess of indirection and different "helper" functions makes me second-guess myself about where the actual conversion should be - while also feeling like it should never have been done as a scatter-gather entry in the first place. Anyway, I don't feel competent to decide if that pull request is the right fix or not. But it clearly is *a* fix. Linus