Re: [PATCH v11 1/4] crypto: essiv - create wrapper template for ESSIV generation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 15 Aug 2019 at 05:37, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
>
> On Wed, Aug 14, 2019 at 07:37:43PM +0300, Ard Biesheuvel wrote:
> >
> > +     /* Block cipher, e.g., "aes" */
> > +     crypto_set_spawn(&ictx->essiv_cipher_spawn, inst);
> > +     err = crypto_grab_spawn(&ictx->essiv_cipher_spawn, essiv_cipher_name,
> > +                             CRYPTO_ALG_TYPE_CIPHER, CRYPTO_ALG_TYPE_MASK);
> > +     if (err)
> > +             goto out_drop_skcipher;
> > +     essiv_cipher_alg = ictx->essiv_cipher_spawn.alg;
> > +
> > +     /* Synchronous hash, e.g., "sha256" */
> > +     _hash_alg = crypto_alg_mod_lookup(shash_name,
> > +                                       CRYPTO_ALG_TYPE_SHASH,
> > +                                       CRYPTO_ALG_TYPE_MASK);
> > +     if (IS_ERR(_hash_alg)) {
> > +             err = PTR_ERR(_hash_alg);
> > +             goto out_drop_essiv_cipher;
> > +     }
> > +     hash_alg = __crypto_shash_alg(_hash_alg);
> > +     err = crypto_init_shash_spawn(&ictx->hash_spawn, hash_alg, inst);
> > +     if (err)
> > +             goto out_put_hash;
>
> I wouldn't use spawns for these two algorithms.  The point of
> spawns is mainly to serve as a notification channel so we can
> tear down the top-level instance when a better underlying spawn
> implementation is added to the system.
>
> For these two algorithms, we don't really care about their performance
> to do such a tear-down since they only operate on small pieces of
> data.
>
> Therefore just keep things simple and allocate them in the tfm
> init function.
>

So how do I ensure that the cipher and shash are actually loaded at
create() time, and that they are still loaded at TFM init time?



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux