On 9/17/18 3:04 PM, Dan Aloni wrote: > That's also true, but what I still don't understand is how > pkcs1pad_decrypt_complete() would be called when a higher layer calls to > *encrypt* in roughly this API call sequence: > > ak_tfm = crypto_alloc_akcipher("pkcs1pad(rsa,sha256)", 0, 0); > ... > req = akcipher_request_alloc(ak_tfm, GFP_KERNEL); > ... > crypto_init_wait(&wait); > ... > crypto_wait_req(crypto_akcipher_encrypt(req), &wait); > ... > crypto_free_akcipher(ak_tfm); > > - under which pkcs1pad_encrypt() will be called via alg->encrypt > and will allocate. Or if this API call sequence is wrong, it would be > good to know in what way. I think you are right. I misread it and confused it with the decrypt path. The allocation of the out_buf has been removed from the pkcs1pad_sign() and it looks like the encrypt is a left over. Thanks, -- Tadeusz