Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1757155AbaGBSWD (ORCPT <rfc822;w@1wt.eu>);
	Wed, 2 Jul 2014 14:22:03 -0400
Received: from mail-wi0-f180.google.com ([209.85.212.180]:35885 "EHLO
	mail-wi0-f180.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1756635AbaGBSWA (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 2 Jul 2014 14:22:00 -0400
MIME-Version: 1.0
In-Reply-To: <1404323065.596.65.camel@dhcp-9-2-203-236.watson.ibm.com>
References: <cover.1404245510.git.d.kasatkin@samsung.com>
	<72d68808fd8db2b896a459b120f3e550e5f976c1.1404245510.git.d.kasatkin@samsung.com>
	<1404323065.596.65.camel@dhcp-9-2-203-236.watson.ibm.com>
Date: Wed, 2 Jul 2014 21:21:59 +0300
Message-ID: <CACE9dm8vx9b-n4b+0NAvp=9Er4uPWGwa8eYSGtkiAPv5ahve4A@mail.gmail.com>
Subject: Re: [PATCH v2 1/3] ima: use ahash API for file hash calculation
From: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
To: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: linux-ima-devel@lists.sourceforge.net,
        linux-security-module <linux-security-module@vger.kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        linux-crypto <linux-crypto@vger.kernel.org>,
        Dmitry Kasatkin <d.kasatkin@samsung.com>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 2 July 2014 20:44, Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:
> On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
>
>> -/*
>> - * Calculate the MD5/SHA1 file digest
>> - */
>> +static struct crypto_ahash *ima_alloc_atfm(enum hash_algo algo)
>> +{
>> +     struct crypto_ahash *tfm = ima_ahash_tfm;
>> +     int rc;
>> +
>> +     if ((algo != ima_hash_algo && algo < HASH_ALGO__LAST) || !tfm) {
>> +             tfm = crypto_alloc_ahash(hash_algo_name[algo], 0, 0);
>
> In the case where algo isn't the same as ima_hash_algo, won't this
> replace the existing ima_ahash_tfm without freeing it?
>

Look to next comment...

> Mimi
>
>> +             if (!IS_ERR(tfm)) {
>> +                     if (algo == ima_hash_algo)
>> +                             ima_ahash_tfm = tfm;

Above will set only new tfm for default ima_hash_algo...

Dmitry

>> +             } else {
>> +                     rc = PTR_ERR(tfm);
>> +                     pr_err("Can not allocate %s (reason: %d)\n",
>> +                            hash_algo_name[algo], rc);
>> +             }
>> +     }
>> +     return tfm;
>> +}
>> +
>> +static void ima_free_atfm(struct crypto_ahash *tfm)
>> +{
>> +     if (tfm != ima_ahash_tfm)
>> +             crypto_free_ahash(tfm);
>> +}
>
>
>



-- 
Thanks,
Dmitry
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/