From: Eric Biggers <ebiggers@kernel.org>
To: David Howells <dhowells@redhat.com>
Cc: Lukas Wunner <lukas@wunner.de>,
Ignat Korchagin <ignat@cloudflare.com>,
Jarkko Sakkinen <jarkko@kernel.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
Luis Chamberlain <mcgrof@kernel.org>,
Petr Pavlu <petr.pavlu@suse.com>,
Daniel Gomez <da.gomez@kernel.org>,
Sami Tolvanen <samitolvanen@google.com>,
"Jason A . Donenfeld" <Jason@zx2c4.com>,
Ard Biesheuvel <ardb@kernel.org>,
Stephan Mueller <smueller@chronox.de>,
linux-crypto@vger.kernel.org, keyrings@vger.kernel.org,
linux-modules@vger.kernel.org, linux-kernel@vger.kernel.org,
"David S. Miller" <davem@davemloft.net>
Subject: Re: [PATCH v12 06/10] crypto: Add supplementary info param to asymmetric key signature verification
Date: Tue, 20 Jan 2026 16:06:07 -0800 [thread overview]
Message-ID: <20260121000607.GA12110@quark> (raw)
In-Reply-To: <1418295.1768952386@warthog.procyon.org.uk>
On Tue, Jan 20, 2026 at 11:39:46PM +0000, David Howells wrote:
> Eric Biggers <ebiggers@kernel.org> wrote:
>
> > As I'm sure you're aware, C has native support for function parameters.
>
> And we have a syscall interface to honour that takes a parameter string *for
> this very purpose*. It just wasn't threaded into the akcipher API.
This seems to be more of a bug than a feature, though. It seems the
actual goals of this patchset are to add ML-DSA and RSASSA-PSS support
to kernel module signing. But because of how the code is organized, as
a side effect it ended up extending the KEYCTL_PKEY_* UAPIs as well.
Linux's UAPI stability guarantee holds for these UAPIs; anything that we
add to them, including these ad-hoc and undocumented parameter strings,
will likely have to be supported forever.
Unless these keyctl UAPI extensions are well-justified and come with
documentation and tests, we should just hold off on them for now.
What's the hurry?
BTW, we got hit by this when there was an attempt to remove SHA-1
support from module signing. Due to the design defect where the signing
is also exposed through KEYCTL_PKEY_*, it caused a UAPI regression as
well and had to be reverted.
- Eric
next prev parent reply other threads:[~2026-01-21 0:06 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-15 21:50 [PATCH v12 00/10] x509, pkcs7, crypto: Add ML-DSA and RSASSA-PSS signing David Howells
2026-01-15 21:50 ` [PATCH v12 01/10] crypto: Add ML-DSA crypto_sig support David Howells
2026-01-15 21:50 ` [PATCH v12 02/10] pkcs7: Allow the signing algo to calculate the digest itself David Howells
2026-01-20 14:06 ` Ignat Korchagin
2026-01-20 16:10 ` David Howells
2026-01-15 21:50 ` [PATCH v12 03/10] pkcs7: Allow direct signing of data with ML-DSA David Howells
2026-01-15 21:50 ` [PATCH v12 04/10] pkcs7, x509: Add ML-DSA support David Howells
2026-01-15 21:50 ` [PATCH v12 05/10] modsign: Enable ML-DSA module signing David Howells
2026-01-15 21:50 ` [PATCH v12 06/10] crypto: Add supplementary info param to asymmetric key signature verification David Howells
2026-01-20 22:03 ` Eric Biggers
2026-01-20 23:39 ` David Howells
2026-01-21 0:06 ` Eric Biggers [this message]
2026-01-25 14:19 ` Jarkko Sakkinen
2026-01-15 21:50 ` [PATCH v12 07/10] crypto: Add RSASSA-PSS support David Howells
2026-01-20 14:26 ` Ignat Korchagin
2026-01-15 21:50 ` [PATCH v12 08/10] pkcs7, x509: " David Howells
2026-01-20 14:39 ` Ignat Korchagin
2026-01-20 15:28 ` David Howells
2026-01-15 21:50 ` [PATCH v12 09/10] modsign: Enable RSASSA-PSS module signing David Howells
2026-01-15 21:50 ` [PATCH v12 10/10] x509, pkcs7: Limit crypto combinations that may be used for " David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260121000607.GA12110@quark \
--to=ebiggers@kernel.org \
--cc=Jason@zx2c4.com \
--cc=ardb@kernel.org \
--cc=da.gomez@kernel.org \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=ignat@cloudflare.com \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-modules@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=mcgrof@kernel.org \
--cc=petr.pavlu@suse.com \
--cc=samitolvanen@google.com \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox