From: Miloslav Trmac Subject: Re: [PATCH] Add RNG support to AF_ALG Date: Mon, 13 Dec 2010 12:24:34 -0500 (EST) Message-ID: <1049191813.614221292261074998.JavaMail.root@zmail07.collab.prod.int.phx2.redhat.com> References: <385134132.614111292260958484.JavaMail.root@zmail07.collab.prod.int.phx2.redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Cc: Herbert Xu , "David S. Miller" , linux-crypto@vger.kernel.org To: Neil Horman Return-path: Received: from mx4-phx2.redhat.com ([209.132.183.25]:34900 "EHLO mx4-phx2.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753814Ab0LMRYq (ORCPT ); Mon, 13 Dec 2010 12:24:46 -0500 In-Reply-To: <385134132.614111292260958484.JavaMail.root@zmail07.collab.prod.int.phx2.redhat.com> Sender: linux-crypto-owner@vger.kernel.org List-ID: ----- "Neil Horman" wrote: > +static int rng_recvmsg(struct kiocb *unused, struct socket *sock, > + struct msghdr *msg, size_t len, int flags) > +{ > + struct sock *sk = sock->sk; > + struct alg_sock *ask = alg_sk(sk); > + struct rng_ctx *ctx = ask->private; > + int rc, i; > + u8 *data = kzalloc(len, GFP_KERNEL); There probably should be an upper limit on the allocation - perhaps just always allocate a single page. > +static void rng_release(void *private) > +{ > + struct rng_ctx *ctx = private; > + crypto_free_rng(ctx->ctx); > + kfree(ctx->seed); Is a seed secret enough that it should be zeroed before freeing? (Same in setkey, accept_parent). Mirek