В Thu, 28 Jun 2018 15:14:38 -0400 Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> пишет: > On Thu, 2018-06-28 at 18:39 +0200, Matthias Gerstner wrote: > > Hi, > > > > > In this patch, I propose add an exception for > > > "crypto-pkcs1pad(rsa,*)" module requests only in case of enabled > > > integrity asymmetric keys support. > > > > I have tested the patch in my test setup and it looks good. No > > deadlocks so far. > > I really wish we didn't have to do a string compare "crypto- > pkcs1pad(rsa" each and every time. Is the check once per crypto > algorithm? As I understood, it check once per crypto algorithm: "crypto_alloc_tfm() will first attempt to locate an already loaded algorithm. ... If that fails it will send a query to any loaded crypto manager to construct an algorithm on the fly. A refcount is grabbed on the algorithm which is then associated with the new transform." https://github.com/torvalds/linux/blob/a97d8efd9d350bd9c6cf13689c7cc09049b42acd/crypto/api.c#L515 -- Best regards, Mikhail Kurinnoi
