Re: [PATCH v14 4/5] pkcs7, x509: Add ML-DSA support

Next message: Leo Yan: "[PATCH v2 0/8] coresight: Fix device registration and unregistration"
Previous message: Lars Melin: "Re: [PATCH v1 1/1] usb: csc-acm: add Infineon/Comneon modem support (1519:0020)"
In reply to: David Howells: "Re: [PATCH v14 4/5] pkcs7, x509: Add ML-DSA support"
Next in thread: Christophe Leroy (CS GROUP): "Re: [PATCH v14 4/5] pkcs7, x509: Add ML-DSA support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: James Bottomley

Date: Mon Jan 26 2026 - 08:57:44 EST

On Mon, 2026-01-26 at 11:25 +0000, David Howells wrote:
> Jarkko Sakkinen <jarkko@xxxxxxxxxx> wrote:
>
> > Why don't we have a constant for "none"?
> >
> > $ git grep "\"none\"" security/
> > security/apparmor/audit.c:      "none",
> > security/apparmor/lib.c:        { "none", DEBUG_NONE },
> > security/security.c:    [LOCKDOWN_NONE] = "none",
> >
> > $ git grep "\"none\"" crypto
> > crypto/asymmetric_keys/public_key.c:
> >      hash_algo = "none";
> > crypto/asymmetric_keys/public_key.c:
> > hash_algo = "none";
> > crypto/testmgr.h: * PKCS#1 RSA test vectors for hash algorithm
> > "none"
> >
> > IMHO, this a bad practice.
>
> You'd think that the compiler and linker ought to be able to deal
> with read-only string sharing within compilation units.

They do ... it's -fmerge-string-constants, which has been enabled in
gcc for any optimization level above 0 for ages. The way its supposed
to work is that each string gets its own rodata section and the linker
eliminates duplicates.

> I don't particularly want to deal with combining every "none"
> string within the kernel into one within this patchset.

Agree: let's just rely on the tools and if they're not getting it right
someone can fix the tools.

Regards,

James