On Sun, Sep 08, 2013 at 02:37:03PM +1000, Herbert Xu wrote: > On Sat, Sep 07, 2013 at 08:34:15PM -0700, Kees Cook wrote: > > > > However, I noticed on the "good" path (even without the above patch), > > I sometimes see a double-kfree triggered by the modprobe process. I > > can't, however, see how that's happening, since larval_destroy should > > only be called when refcnt == 0. > > Do you still see this double free with this patch? Without the > patch it is completely expected as killing the same lavral twice > will cause memory corruption leading to all sorts of weirdness, > even if you stop it from deleting the list entry twice. Actually I know what it is. sha512 registers two algorithms. Therefore, it will create two larvals in sequence and then destroy them in turn. So it's not a double free at all. If you put a printk in crypto_larval_alloc that should confirm this. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html