From: Eric Biggers <ebiggers@kernel.org>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Linux Crypto Mailing List <linux-crypto@vger.kernel.org>
Subject: Re: [PATCH 2/4] crypto: aead - Retain alg refcount in crypto_grab_aead
Date: Fri, 6 Dec 2019 20:52:34 -0800 [thread overview]
Message-ID: <20191207045234.GA5948@sol.localdomain> (raw)
In-Reply-To: <20191207033059.h6kgx7j7jtnqotuy@gondor.apana.org.au>
On Sat, Dec 07, 2019 at 11:30:59AM +0800, Herbert Xu wrote:
> On Fri, Dec 06, 2019 at 02:41:55PM -0800, Eric Biggers wrote:
> >
> > This approach seems too error-prone, since the prototype of crypto_grab_aead()
> > doesn't give any indication that it takes a reference to the algorithm which the
> > caller *must* drop.
>
> Fair point.
>
> > How about returning the alg pointer in the last argument, similar to
> > skcipher_alloc_instance_simple()? I know you sent a patch to remove that
> > argument, but I think it's better to have it...
>
> You probably guessed that I don't really like returning two objects
> from the same function :)
>
> So how about this: we let the Crypto API manage the refcount and
> hide it from all the users. Something like this patch:
>
> diff --git a/crypto/algapi.c b/crypto/algapi.c
> index adb516380be9..34473ab992f2 100644
> --- a/crypto/algapi.c
> +++ b/crypto/algapi.c
> @@ -563,6 +563,7 @@ int crypto_register_instance(struct crypto_template *tmpl,
> struct crypto_instance *inst)
> {
> struct crypto_larval *larval;
> + struct crypto_spawn *spawn;
> int err;
>
> err = crypto_check_alg(&inst->alg);
> @@ -588,6 +589,9 @@ int crypto_register_instance(struct crypto_template *tmpl,
> if (IS_ERR(larval))
> goto err;
>
> + hlist_for_each_entry(spawn, &inst->spawn_list, spawn_list)
> + crypto_mod_put(spawn->alg);
> +
> crypto_wait_for_test(larval);
> err = 0;
>
> @@ -623,6 +627,7 @@ int crypto_init_spawn(struct crypto_spawn *spawn, struct crypto_alg *alg,
>
> spawn->inst = inst;
> spawn->mask = mask;
> + hlist_add_head(&spawn->spawn_list, &inst->spawn_list);
>
> down_write(&crypto_alg_sem);
> if (!crypto_is_moribund(alg)) {
> @@ -674,6 +679,9 @@ void crypto_drop_spawn(struct crypto_spawn *spawn)
> if (!spawn->dead)
> list_del(&spawn->list);
> up_write(&crypto_alg_sem);
> +
> + if (hlist_unhashed(&spawn->inst->list))
> + crypto_mod_put(spawn->alg);
> }
> EXPORT_SYMBOL_GPL(crypto_drop_spawn);
>
> diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h
> index 771a295ac755..284e96f2eda2 100644
> --- a/include/crypto/algapi.h
> +++ b/include/crypto/algapi.h
> @@ -48,6 +48,7 @@ struct crypto_instance {
>
> struct crypto_template *tmpl;
> struct hlist_node list;
> + struct hlist_head spawn_list;
>
> void *__ctx[] CRYPTO_MINALIGN_ATTR;
> };
> @@ -66,6 +67,7 @@ struct crypto_template {
>
> struct crypto_spawn {
> struct list_head list;
> + struct hlist_node spawn_list;
> struct crypto_alg *alg;
> struct crypto_instance *inst;
> const struct crypto_type *frontend;
>
I think the general idea is much better. But it's not going to work as-is due
to all the templates that directly use crypto_init_spawn(),
crypto_init_shash_spawn(), and crypto_init_ahash_spawn(). I think they should
be converted to use new functions crypto_grab_cipher(), crypto_grab_shash(), and
crypto_grab_cipher(), so that everyone is consistently using crypto_grab_*().
- Eric
next prev parent reply other threads:[~2019-12-07 4:52 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-06 6:38 [PATCH 0/4] crypto: api - Retain grabbed refcount until registration Herbert Xu
2019-12-06 6:38 ` [PATCH 1/4] crypto: api - Retain alg refcount in crypto_grab_spawn Herbert Xu
2019-12-06 22:31 ` Eric Biggers
2019-12-06 6:38 ` [PATCH 2/4] crypto: aead - Retain alg refcount in crypto_grab_aead Herbert Xu
2019-12-06 22:41 ` Eric Biggers
2019-12-07 3:30 ` Herbert Xu
2019-12-07 4:52 ` Eric Biggers [this message]
2019-12-07 14:55 ` Herbert Xu
2019-12-14 6:44 ` [v2 PATCH] crypto: api - Retain alg refcount in crypto_grab_spawn Herbert Xu
2019-12-15 4:11 ` [v3 " Herbert Xu
2019-12-16 4:46 ` Eric Biggers
2019-12-18 7:53 ` [v4 " Herbert Xu
2019-12-06 6:38 ` [PATCH 3/4] crypto: akcipher - Retain alg refcount in crypto_grab_akcipher Herbert Xu
2019-12-06 6:38 ` [PATCH 4/4] crypto: skcipher - Retain alg refcount in crypto_grab_skcipher Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191207045234.GA5948@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.