Received: by 2002:ab2:5c0e:0:b0:1ef:a325:1205 with SMTP id i14csp233505lqk; Thu, 14 Mar 2024 01:10:54 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCU3NYcSqmYtrtGlvYD7gBHwDCSIaNvFRSqpndpIFQBI0Ot4cPJ59QeRShpAi8dagXUdLZrkFL79Sd4s0rl76AG5lTLS4JHvOSV34cYTig== X-Google-Smtp-Source: AGHT+IHVLtgVZYn+GdzWcH8sj61BgYY/D6o3Y4dZZcp4YqM8u6ZTTxPMlnPl+6b/q/ChBf39SToz X-Received: by 2002:a17:907:d307:b0:a46:6fa6:d2a0 with SMTP id vg7-20020a170907d30700b00a466fa6d2a0mr721967ejc.9.1710403854532; Thu, 14 Mar 2024 01:10:54 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710403854; cv=pass; d=google.com; s=arc-20160816; b=sCEYsPvkw3YUSgiMNN61AjawXvVUpbWdxxQ7r4P0pPswkG4xP6zuQivudvdOropotj MwQsfPEmMSccUYUd/NvkjjWcmu50kHnM9ABYKWJt49ByoBIHsCGfvPGow6rwdcTXnpgq F068dbWby0hrusVNNlxZYbsVpr2+kicydWT0wd22VeiygbV74EUwJmnuQiWWhHFiTdYY Sl6HWVNgMoRWl5dFmLHYnbPV+frcG6JhNXdwPahZ1UwP1+GRMshmW+aM8vzIWRGIP38c G0305UXT2hPTn8F1YwYmJ+/b69OfaOOYzxd3UBLbAcTXyvouZiQ8taRVb5BkkJvzg74w YC7w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:subject:cc:from:to:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence; bh=KNcMmjANEx2bsgDzoik8cYb48BnOTSGBjeFgQJVE9lk=; fh=U0x+r/an/1Dui8DP8rFQapFZOmX1nDg8i7w4HTo/GXk=; b=mCWKvTex3ZLceTk5olJpfDTvZOpy4FwRMxcjzErs0BAu1lDqfolR4A++n5DoTwtm5C LIAgpGpWhaFZEfuqLCKw/bGvJHy5npHTpfRbrudrJ/4u3U0TknacEdZZH7bmIMJLl/LH g/Ww3vzuLzExt3pN66+BqN4LpbpAhIUFX/K7hY5a8KyIc8oBj4BLBUSBARs1nywxDFXx FOKBdHXmAGB9n2HssUP0avmq6NawGy+Jg8eNFdngcZ/kzj83DT8Y5Ss5u5wjiEv4+EJ3 8v+q/3ENWB7a+HBpo4qPBcS4aKxWiF8yQgSpHllxhT9TTg1qhYR7YzBdA9D8/CzcDrW7 oqQQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=matfyz.cz dmarc=pass fromdomain=matfyz.cz); spf=pass (google.com: domain of linux-crypto+bounces-2679-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2679-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=matfyz.cz Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id v3-20020a1709060b4300b00a45ffd4c6c3si488649ejg.895.2024.03.14.01.10.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Mar 2024 01:10:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-2679-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=matfyz.cz dmarc=pass fromdomain=matfyz.cz); spf=pass (google.com: domain of linux-crypto+bounces-2679-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2679-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=matfyz.cz Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 397441F22A21 for ; Thu, 14 Mar 2024 08:10:54 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 436505D467; Thu, 14 Mar 2024 08:10:49 +0000 (UTC) X-Original-To: linux-crypto@vger.kernel.org Received: from smtp1.ms.mff.cuni.cz (smtp-in1.ms.mff.cuni.cz [195.113.20.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 58879433A0 for ; Thu, 14 Mar 2024 08:10:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.113.20.234 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710403849; cv=none; b=Kosq6GmIj6pZyo3UGmbMtAfUMxq3tZbzPGQl4ZYA1m2X7z5B+QU9qI0WSknOXeZ74WK81RCY5vCSzBK4MABtCSZjPd3u3lbe0E4xXE4JijW1VN75nBMOZX9kzWcUD45KXFQTCCNeLc5ypvNyz3Sn89wGVyl7gTjnmLSSVg6ckYQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710403849; c=relaxed/simple; bh=49yIHFFM4D8uhYFoMXrapMVE1Go2KxtcaF5olJvsteM=; h=Mime-Version:Content-Type:Date:Message-Id:To:From:Cc:Subject: References:In-Reply-To; b=sCEKSN+ZGKqRFi6YrX/vUY+Ma5QW0m0Jw0jakdtpacHVYm1VofjIutgvEZIbQQ8NQGaumf5Voxld7jqq4QuW94lMzamRF1/9MCT8Rh1RHKWPJC+MNDBAz1tTVNBzEM0/KLHXL1qyJ2zNz83YX4KDwVZlCv6xo1bmwfd75ijy034= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=matfyz.cz; spf=pass smtp.mailfrom=matfyz.cz; arc=none smtp.client-ip=195.113.20.234 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=matfyz.cz Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=matfyz.cz X-SubmittedBy: id balejk@matfyz.cz subject /postalCode=110+2000/O=Univerzita+20Karlova/street=Ovocn+5CxC3+5CxBD+20trh+20560/5/ST=Praha,+20Hlavn+5CxC3+5CxAD+20m+5CxC4+5Cx9Bsto/C=CZ/CN=Karel+20Balej/emailAddress=balejk@matfyz.cz serial F5FD910E8FE2121B897F7E55B84E351D issued by /C=NL/O=GEANT+20Vereniging/CN=GEANT+20Personal+20CA+204 auth type TLS.CUNI Received: from localhost (koleje-wifi-0013.koleje.cuni.cz [78.128.191.13]) (authenticated) by smtp1.ms.mff.cuni.cz (8.16.1/8.16.1) with ESMTPS id 42E8AbKT011126 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK); Thu, 14 Mar 2024 09:10:39 +0100 (CET) (envelope-from balejk@matfyz.cz) Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Thu, 14 Mar 2024 09:11:08 +0100 Message-Id: To: "Eric Biggers" From: "Karel Balej" Cc: , , , "James Prestwood" , "Dimitri John Ledkov" , , "Herbert Xu" Subject: Re: [PATCH] Revert "crypto: pkcs7 - remove sha1 support" References: <20240313233227.56391-1-ebiggers@kernel.org> In-Reply-To: <20240313233227.56391-1-ebiggers@kernel.org> Eric, Eric Biggers, 2024-03-13T16:32:27-07:00: > From: Eric Biggers > > This reverts commit 16ab7cb5825fc3425c16ad2c6e53d827f382d7c6 because it > broke iwd. iwd uses the KEYCTL_PKEY_* UAPIs via its dependency libell, > and apparently it is relying on SHA-1 signature support. These UAPIs > are fairly obscure, and their documentation does not mention which > algorithms they support. iwd really should be using a properly > supported userspace crypto library instead. Regardless, since something > broke we have to revert the change. > > It may be possible that some parts of this commit can be reinstated > without breaking iwd (e.g. probably the removal of MODULE_SIG_SHA1), but > for now this just does a full revert to get things working again. > > Reported-by: Karel Balej > Closes: https://lore.kernel.org/r/CZSHRUIJ4RKL.34T4EASV5DNJM@matfyz.cz > Cc: Dimitri John Ledkov > Signed-off-by: Eric Biggers thank you very much for the revert. I have compiled 6.8 with this patch and attest that it solves my eduroam connection issue. Tested-by: Karel Balej May I please ask, though, why you did not Cc stable (and add a Fixes trailer for that matter)? It seems like something that would be nice to see fixed in 6.7.y and 6.8.y too as soon as possible. Kind regards, K. B.