Am Donnerstag, 19. März 2015, 18:16:30 schrieb Herbert Xu: Hi Herbert, >On Thu, Mar 19, 2015 at 07:57:36AM +0100, Stephan Mueller wrote: >> diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c >> index db201bca..2cd83ad 100644 >> --- a/crypto/ablkcipher.c >> +++ b/crypto/ablkcipher.c >> @@ -688,7 +688,7 @@ struct crypto_ablkcipher >> *crypto_alloc_ablkcipher(const char *alg_name,> >> goto err; >> >> } >> >> - tfm = __crypto_alloc_tfm(alg, type, mask); >> + tfm = __crypto_alloc_tfm_safe(alg, type, mask); > >Rather than changing every algorithm type, I'd rather suggest >that you modify crypto_alg_mod_lookup so that it's kept in one >spot. Just copy what we currently do for CRYPTO_ALG_TESTED. How can you distinguish between calls coming from crypto_*_spawn (which we need to allow) and calls that come from the normal API calls (which we should block? > >Thanks, Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html