Overview
Request 908535 accepted
- Update to version 1.3.1
* fix: fix -Wconversion warnings (by Ondrej Mosnacek)
* fix: fix bad data types in _kcapi_common_send_meta (by Ondrej Mosnacek)
* fix: Version symbols to maintain ABI compatibility (by Simo Sorce)
* fix: disable io_getevents on systems that do not support it (by Khem Raj)
* fix: remove prctl PR_SET_DUMPABLE to allow library to be debugged - as the
library does not store any sensitive data in data structures it owns, such
security precautions may not be necessary considering the benefit of
allowing regular debugging
* fix: ensure that sendmsg is always used as fallback when vmsplice cannot be
used
* enhancement: add kcapi_set_maxsplicesize and kcapi_get_maxsplicesize
* enhancement: the variable types are changed from int32_t to ssize_t and
from uint32_t to size_t to match common POSIX and Linux APIs
- Added libkcapi-fix-lto.patch
Request History
gladiac created request
- Update to version 1.3.1
* fix: fix -Wconversion warnings (by Ondrej Mosnacek)
* fix: fix bad data types in _kcapi_common_send_meta (by Ondrej Mosnacek)
* fix: Version symbols to maintain ABI compatibility (by Simo Sorce)
* fix: disable io_getevents on systems that do not support it (by Khem Raj)
* fix: remove prctl PR_SET_DUMPABLE to allow library to be debugged - as the
library does not store any sensitive data in data structures it owns, such
security precautions may not be necessary considering the benefit of
allowing regular debugging
* fix: ensure that sendmsg is always used as fallback when vmsplice cannot be
used
* enhancement: add kcapi_set_maxsplicesize and kcapi_get_maxsplicesize
* enhancement: the variable types are changed from int32_t to ssize_t and
from uint32_t to size_t to match common POSIX and Linux APIs
- Added libkcapi-fix-lto.patch
msmeissn accepted request
ok
This allows gnutls to build with libkcapi support, see https://build.opensuse.org/package/show/home:gladiac:branches:security:tls/gnutls
However it looks like the Kernel doesn't have AF_ALG support enabled:
Is what I get spammed on the cmdline ...
modprobe af_alg algif_aead algif_hash algif_rng algif_skcipher
doesn't fix it. Hmm ...There is no asymmetric cipher support in the kernel yet :-(
https://github.com/smuellerDD/libkcapi/tree/master/kernel-patches/4.15-rc3/asym
algif_akcipher module is required for this ...
does not even seem to be in mainline yet.
hmm, do we need the patches or would it complain always now
@msmeissn: review reminder