On Fri, Aug 24, 2018 at 05:46:15PM -0400, Martin K. Petersen wrote: > > +#ifdef CONFIG_MODULES > + struct module *mod = data; > + > + if (val != MODULE_STATE_LIVE || > + strncmp(mod->name, "crct10dif", strlen("crct10dif"))) > + return 0; > + > + /* Fall back to library function while we replace the tfm */ > + static_key_slow_inc(&crct10dif_fallback); > + > + crypto_free_shash(crct10dif_tfm); > + crct10dif_tfm = crypto_alloc_shash("crct10dif", 0, 0); > + if (IS_ERR(crct10dif_tfm)) { > + crct10dif_tfm = NULL; > + goto out; > + } > + > + static_key_slow_dec(&crct10dif_fallback); I don't think this is safe unless you do some kind of locking which would slow down the data path. The easiest fix would be to keep the old tfm around forever, or use RCU if RCU read locking is acceptable to your use-case. We already have a notifier mechanism in the crypto API for algorithm registration events. However, it currently only notifies for untested algorithms. So we need to add an event for tested algorithms and also export this for use outside of the crypto API. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt