On Fri, May 10, 2024 at 03:14:34PM +0200, Marek Behún wrote: > Hello Herbert, > > back in 2019 you wrote that akcipher is still in a state of flux and > not ready to be exposed to userspace via AF_ALG [1]. > > Has this changed since then? > > I am asking because I am implementing another driver [2] for a device > which allows for signing messages with an ECDSA private key securely > stored inside the device, and Greg asks again [3] for this to be > exposed to userspace via a dedicated kernel API, instead of > debugfs. > > Back in 2019 when we needed this for the turris-mox-rwtm driver, I > implemented it via debugfs because akcipher was not ready. No I don't think akcipher is quite ready yet, given that the recent change to kernel pointers from SG lists is still incomplete. However, akcipher algorithms are already partially exposed to user-space through the keyring subsystem. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
