From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D7CDB2FC006; Tue, 20 Jan 2026 23:36:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768952181; cv=none; b=e1N0EMSrKguAK4oPvGQ8ySY0pn+aMR+THo/Jv8awmWAePRtHva/I1qdR/zSPSPouPLjYQavhgVKmBkpEoQ9lUCwaaMzc50E8ABNPQX+5l6P846gQuSbHQ2CflU5lEmpbZe4iPHkCDgJnDTV3H3B23vP1JSmYsebdiiPAnJMFHR4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768952181; c=relaxed/simple; bh=JVNRNACa6TPDv+p2Lh7rEWsnCHi0OceJ8r+6RO13z1g=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=ngbnof2iNC6hipbJoyiQzH0M08AgB8ew0f+PgSW/t8YBXbK0wLRpBveChuTSiePDCexltaMBdrdGI/khlxKlxybG5pdperC3bkeGey4S+LmrmDZVt2z+wo+748ED6qCMtr1pWVMrh1cpbT80HEp9t4WsYYUCT/1gjCpAeee1rsU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Q9ylFyXw; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Q9ylFyXw" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A2A69C16AAE; Tue, 20 Jan 2026 23:36:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1768952180; bh=JVNRNACa6TPDv+p2Lh7rEWsnCHi0OceJ8r+6RO13z1g=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Q9ylFyXwSjMfE3Z3hk40VK7m2MA5EX9mMkwaieMGFAa8ayfMJxbyg02z8mPY6dIRK OE5kutW5Hn5oV/giBZhWciSHV/CwHGlAi0TfUjtHEClQjQs/RPyUP4wrlCqaFArflh DVYg399eMsK127AXIijiT2YYpBr5VD0QdHjDlav6onmp8FJnxCO7fZOcnONMiFDhnY ajyOCb3EdTEi053uzWxNuJgMIGVXlqFxP0h6zMOLcMrvX0Mdmiy92wiTzbzRhvjiCm zKPktv7FEJ+cFvG91enu0XxFgC+/nxtBKHPviBv5MbVfo++FwjoqYmodZZzJj8vEQi rZDFBaf89qu6A== Date: Tue, 20 Jan 2026 15:36:17 -0800 From: Eric Biggers To: David Howells Cc: Lukas Wunner , Ignat Korchagin , Jarkko Sakkinen , Herbert Xu , Luis Chamberlain , Petr Pavlu , Daniel Gomez , Sami Tolvanen , "Jason A . Donenfeld" , Ard Biesheuvel , Stephan Mueller , linux-crypto@vger.kernel.org, keyrings@vger.kernel.org, linux-modules@vger.kernel.org, linux-kernel@vger.kernel.org, Tadeusz Struk , "David S. Miller" Subject: Re: [PATCH v13 07/12] crypto: Add RSASSA-PSS support Message-ID: <20260120233617.GA10653@quark> References: <20260120224108.GC6191@quark> <20260120145103.1176337-1-dhowells@redhat.com> <20260120145103.1176337-8-dhowells@redhat.com> <1416722.1768950957@warthog.procyon.org.uk> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1416722.1768950957@warthog.procyon.org.uk> On Tue, Jan 20, 2026 at 11:15:57PM +0000, David Howells wrote: > Eric Biggers wrote: > > > As I mentioned in another reply, error-prone string parsing isn't a > > great choice. C has native support for function parameters. > > But is constrained that it has to work with KEYCTL_PKEY_VERIFY's info > parameter. The cover letter of this patchset summarizes it as "These patches add ML-DSA module signing and RSASSA-PSS module signing." Adding KEYCTL_PKEY_VERIFY support for these algorithms would be a significant new UAPI feature that would need its own justification and its own documentation and test updates. However, it was established pretty clearly in past discussions that KEYCTL_PKEY_* are a mistake and basically exist only for backwards compatibility with iwd. So I don't understand why you're advocating for adding new features to them. - Eric