Re: [PATCH v2 1/3] ima: use ahash API for file hash calculation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2 July 2014 20:44, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
> On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
>
>> -/*
>> - * Calculate the MD5/SHA1 file digest
>> - */
>> +static struct crypto_ahash *ima_alloc_atfm(enum hash_algo algo)
>> +{
>> +     struct crypto_ahash *tfm = ima_ahash_tfm;
>> +     int rc;
>> +
>> +     if ((algo != ima_hash_algo && algo < HASH_ALGO__LAST) || !tfm) {
>> +             tfm = crypto_alloc_ahash(hash_algo_name[algo], 0, 0);
>
> In the case where algo isn't the same as ima_hash_algo, won't this
> replace the existing ima_ahash_tfm without freeing it?
>

Look to next comment...

> Mimi
>
>> +             if (!IS_ERR(tfm)) {
>> +                     if (algo == ima_hash_algo)
>> +                             ima_ahash_tfm = tfm;

Above will set only new tfm for default ima_hash_algo...

Dmitry

>> +             } else {
>> +                     rc = PTR_ERR(tfm);
>> +                     pr_err("Can not allocate %s (reason: %d)\n",
>> +                            hash_algo_name[algo], rc);
>> +             }
>> +     }
>> +     return tfm;
>> +}
>> +
>> +static void ima_free_atfm(struct crypto_ahash *tfm)
>> +{
>> +     if (tfm != ima_ahash_tfm)
>> +             crypto_free_ahash(tfm);
>> +}
>
>
>



-- 
Thanks,
Dmitry
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux