Mimi Zohar wrote:
> > > I'm sure there is/was a good reason for add_key() to do both.
> >
> > Yes. No race.
> >
> > > > But you can't pre-search for the existence of a key and mould the
> > > > payload accordingly because that means you can race against both
> > > > add_key() and keyctl_unlink
On Mon, 2013-11-11 at 22:34 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > > Further, the existence of encrypted_update() means that add_key() will
> > > sometimes get things wrong with encrypted keys (add_key() will call
> > > ->update() if a matching key already exists rather than creati
Mimi Zohar wrote:
> > The control op could also be used for other things like pushing a key
> > into a TPM.
> >
> > What do you think?
>
> Trusted keys already creates a symmetric key based on the TPM RNG.
> What type of key would I be interested in pushing to the TPM? What
> usecase scenari
Mimi Zohar wrote:
> > Further, the existence of encrypted_update() means that add_key() will
> > sometimes get things wrong with encrypted keys (add_key() will call
> > ->update() if a matching key already exists rather than creating a new
> > key).
>
> I see. The key_type structure defines a n
On Mon, 2013-11-04 at 16:22 +, David Howells wrote:
>
> The control op could also be used for other things like pushing a key
> into a TPM.
>
> What do you think?
Trusted keys already creates a symmetric key based on the TPM RNG.
What type of key would I be interested in pushing to the TPM?
On Mon, 2013-11-04 at 16:22 +, David Howells wrote:
> Hi Mimi, Dmitry,
>
> Here's a series of patches, the last three of which attempt to fix up a
> problem with encrypted keys update method. The preceding patches are fixes or
> are preparatory for other changes that I want to put underneath
Dmitry Kasatkin wrote:
> I will be looking to patches today...
Excellent, thanks!
David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read
Hello David,
I will be looking to patches today...
- Dmitry
On 04/11/13 18:22, David Howells wrote:
> Hi Mimi, Dmitry,
>
> Here's a series of patches, the last three of which attempt to fix up a
> problem with encrypted keys update method. The preceding patches are fixes or
> are preparatory fo
Hi Mimi, Dmitry,
Here's a series of patches, the last three of which attempt to fix up a
problem with encrypted keys update method. The preceding patches are fixes or
are preparatory for other changes that I want to put underneath.
I really want to make all key types use ->preparse() to avoid a
9 matches
Mail list logo