From: Eric Biggers <ebiggers@kernel.org>
To: John Johansen <john.johansen@canonical.com>
Cc: apparmor@lists.ubuntu.com, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org
Subject: Re: [PATCH] apparmor: use SHA-256 library API instead of crypto_shash API
Date: Mon, 30 Jun 2025 09:29:48 -0700 [thread overview]
Message-ID: <20250630162948.GA1220@sol> (raw)
In-Reply-To: <540b7f72-58fa-4ee3-9b5b-6cd81c5959a7@canonical.com>
On Thu, Jun 26, 2025 at 11:14:50PM -0700, John Johansen wrote:
> On 6/26/25 20:59, Eric Biggers wrote:
> > On Sun, Jun 22, 2025 at 02:16:07PM -0700, John Johansen wrote:
> > > On 6/12/25 12:11, Eric Biggers wrote:
> > > > On Sat, May 17, 2025 at 12:43:30AM -0700, John Johansen wrote:
> > > > > On 5/13/25 21:21, Eric Biggers wrote:
> > > > > > On Mon, Apr 28, 2025 at 12:04:30PM -0700, Eric Biggers wrote:
> > > > > > > From: Eric Biggers <ebiggers@google.com>
> > > > > > >
> > > > > > > This user of SHA-256 does not support any other algorithm, so the
> > > > > > > crypto_shash abstraction provides no value. Just use the SHA-256
> > > > > > > library API instead, which is much simpler and easier to use.
> > > > > > >
> > > > > > > Signed-off-by: Eric Biggers <ebiggers@google.com>
> > > > > > > ---
> > > > > > >
> > > > > > > This patch is targeting the apparmor tree for 6.16.
> > > > > > >
> > > > > > > security/apparmor/Kconfig | 3 +-
> > > > > > > security/apparmor/crypto.c | 85 ++++++--------------------------------
> > > > > > > 2 files changed, 13 insertions(+), 75 deletions(-)
> > > > > >
> > > > > > Any interest in taking this patch through the apparmor or security trees?
> > > > > >
> > > > > I can take it through my tree
> > > >
> > > > Thanks! I notice this isn't in v6.16-rc1. Do you have a pull request planned?
> > > >
> > >
> > > Hey Eric,
> > >
> > > sorry I have been sick and didn't get a 6.16 pull request out. I am slowly trying
> > > to dig my way out of the backlog, which is several weeks deeo. I might get together
> > > a small PR of bug fixes before the 6.17 merge window but the bulk of what is in
> > > apparmor-next will be waiting to merge in 6.17 now.
> >
> > Hope you're feeling better! Actually, would you mind if instead I took this
> I lot, though still generally tired/low on energy
>
> > patch (with your ack) through the libcrypto-next tree for 6.17?
> > Otherwise there will be a silent merge conflict after I apply
> > https://lore.kernel.org/r/20250625070819.1496119-11-ebiggers@kernel.org/
> >
> Avoiding a merge conflict? You have my ACK and blessing I will pull it out of
> the apparmor tree asap
Thanks, let me know once you've dropped it.
- Eric
next prev parent reply other threads:[~2025-06-30 16:30 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-28 19:04 [PATCH] apparmor: use SHA-256 library API instead of crypto_shash API Eric Biggers
2025-05-14 4:21 ` Eric Biggers
2025-05-14 21:57 ` Paul Moore
2025-05-17 7:46 ` John Johansen
2025-05-17 7:43 ` John Johansen
2025-06-12 19:11 ` Eric Biggers
2025-06-22 21:16 ` John Johansen
2025-06-27 3:59 ` Eric Biggers
2025-06-27 6:14 ` John Johansen
2025-06-30 16:29 ` Eric Biggers [this message]
2025-05-17 7:42 ` John Johansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250630162948.GA1220@sol \
--to=ebiggers@kernel.org \
--cc=apparmor@lists.ubuntu.com \
--cc=john.johansen@canonical.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox