On Fri, Aug 24, 2018 at 05:46:15PM -0400, Martin K. Petersen wrote:
>
> +#ifdef CONFIG_MODULES
> + struct module *mod = data;
> +
> + if (val != MODULE_STATE_LIVE ||
> + strncmp(mod->name, "crct10dif", strlen("crct10dif")))
> + return 0;
> +
> + /* Fall back to library function while we replace the tfm */
> + static_key_slow_inc(&crct10dif_fallback);
> +
> + crypto_free_shash(crct10dif_tfm);
> + crct10dif_tfm = crypto_alloc_shash("crct10dif", 0, 0);
> + if (IS_ERR(crct10dif_tfm)) {
> + crct10dif_tfm = NULL;
> + goto out;
> + }
> +
> + static_key_slow_dec(&crct10dif_fallback);
I don't think this is safe unless you do some kind of locking
which would slow down the data path. The easiest fix would be
to keep the old tfm around forever, or use RCU if RCU read locking
is acceptable to your use-case.
We already have a notifier mechanism in the crypto API for algorithm
registration events. However, it currently only notifies for untested
algorithms. So we need to add an event for tested algorithms and also
export this for use outside of the crypto API.
Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
