On Mon, 19 Aug 2019 at 09:32, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
>
> On Thu, Aug 15, 2019 at 10:28:55PM +0300, Ard Biesheuvel wrote:
> >
> > + /* Synchronous hash, e.g., "sha256" */
> > + ictx->hash = crypto_alloc_shash(shash_name, 0, 0);
> > + if (IS_ERR(ictx->hash)) {
> > + err = PTR_ERR(ictx->hash);
> > + goto out_drop_skcipher;
> > + }
>
> Holding a reference to this algorithm for the life-time of the
> instance is not nice. How about just doing a lookup as you were
> doing before with crypto_alg_mod_lookup and getting the cra_name
> from that?
>
OK, but it should be the cra_driver_name not the cra_name. Otherwise,
allocating essiv(cbc(aes),sha256-generic) may end up using a different
implementation of sha256, which would be bad.
