On Thu, Jun 10, 2021 at 11:48 AM Eric Biggers <ebiggers@xxxxxxxxxx> wrote: > > On Thu, Jun 10, 2021 at 08:21:50AM +0200, Ard Biesheuvel wrote: > > crypto_shash_alg_has_setkey() is implemented by testing whether the > > .setkey() member of a struct shash_alg points to the default version, > > called shash_no_setkey(). As crypto_shash_alg_has_setkey() is a static > > inline, this requires shash_no_setkey() to be exported to modules. > > > > Unfortunately, when building with CFI, function pointers are routed > > via CFI stubs which are private to each module (or to the kernel proper) > > and so this function pointer comparison may fail spuriously. > > > > Let's fix this by turning crypto_shash_alg_has_setkey() into an out of > > line function. > > > > Cc: Sami Tolvanen <samitolvanen@xxxxxxxxxx> > > Cc: Eric Biggers <ebiggers@xxxxxxxxxx> > > Signed-off-by: Ard Biesheuvel <ardb@xxxxxxxxxx> > > --- > > v3: improve comment as per Eric's suggestion > > v2: add code comment to explain why the function needs to remain out of > > line > > > > crypto/shash.c | 18 +++++++++++++++--- > > include/crypto/internal/hash.h | 8 +------- > > 2 files changed, 16 insertions(+), 10 deletions(-) > > > > Reviewed-by: Eric Biggers <ebiggers@xxxxxxxxxx> Looks good to me as well. Thank you for fixing this! Reviewed-by: Sami Tolvanen <samitolvanen@xxxxxxxxxx> Sami