Re: [PATCH] X.509: Introduce scope-based x509_certificate allocation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Jan 22, 2024 at 09:29:33PM +0200, Jarkko Sakkinen wrote:
> On Sun Jan 21, 2024 at 7:50 PM EET, Lukas Wunner wrote:
> > Jonathan suggests adding cleanup.h support for x509_certificate structs:
> > https://lore.kernel.org/all/20231003153937.000034ca@xxxxxxxxxx/
[...]
> > x509_certificate allocation currently makes sense.  Another user will
> > be introduced with the upcoming SPDM library (Security Protocol and
> > Data Model) for PCI device authentication.
> 
> What is it and why we care about it here?

SPDM is a generic protocol for device authentication and measurement
retrieval which has been adopted by the PCISIG and other consortiums.
Jonathan's above-linked suggestion to add cleanup.h support for
x509_certificate structs was in reply to a patch set I submitted
to add SPDM and PCI device authentication support to the kernel.
The cover letter of that patch set is available here:

https://lore.kernel.org/all/cover.1695921656.git.lukas@xxxxxxxxx/

I am working on a v2 of that patch set which will take advantage of
cleanup.h support for x509_certificate structs.  So the present patch
is a prerequisite for it.

I don't think it's opportune or necessary to mention the patch set
more verbosely in the commit message here, I just want to point out
that the two functions converted by the patch will not be the only
ones and that there's another use case coming up.

I've just respun the patch and have amended the commit message with
all the other feedback you gave.

Thanks,

Lukas




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux