Tadeusz Struk [off-list ref] wrote:

quoted

+	keyring = request_key(&key_type_asymmetric, key_name, NULL);
+
+	err = -ENOKEY;
+	if (IS_ERR(keyring))
+		goto out;
+
+	pkey = keyring->payload.data[asym_crypto];

NAK.  This is liable to crash in future.  You may not assume that you know
what keyring->payload.data[asym_crypto] points to.

You may not use struct public_key outside of crypto/asymmetric_key/.  It's
the
internal data of the software subtype.  I'll move it out of the global
header
to remove the temptation;-).

You must use accessor functions such as verify_signature().  Feel free to
add
further accessor functions such as query_asym_capabilities(),
create_signature(), encrypt_blob() and decrypt_blob() or something like
that.

Grr. This is not the first time this has been pointed out. And it
shouldn't have *needed* to be pointed out in the first place.

Please do not ignore review feedback.

Or common sense.


-- 
dwmw2