From: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
To: James Morris <jmorris@namei.org>
Cc: linux-security-module@vger.kernel.org,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
zohar@linux.vnet.ibm.com
Subject: Re: [RFC v1.1 2/5] crypto: ksign - digital signature verification support
Date: Wed, 17 Aug 2011 13:54:16 +0300 [thread overview]
Message-ID: <4E4B9DD8.3060303@intel.com> (raw)
In-Reply-To: <alpine.LRH.2.00.1108161059260.7706@tundra.namei.org>
On 16/08/11 04:00, James Morris wrote:
> On Thu, 11 Aug 2011, Dmitry Kasatkin wrote:
>
>> +static int ksign_verify_rsa(struct key *key,
>> + const char *sig, int siglen,
>> + const char *h, int hlen)
>> +{
>> + int err = -ENOMEM;
>> + unsigned long len;
>> + unsigned long mlen, mblen;
>> + unsigned nret, l;
>> + int valid, head, i;
>> + unsigned char *out1 = NULL, *out2 = NULL;
>> + MPI in = NULL, res = NULL, pkey[2];
>> + uint8_t *p, *datap, *endp;
>> + struct user_key_payload *ukp;
>> + struct pubkey_hdr *pkh;
>> +
>> + down_read(&key->sem);
>> + ukp = key->payload.data;
>> + pkh = (struct pubkey_hdr *)ukp->data;
>> +
>> + if (pkh->version != 1)
>> + return -EINVAL;
>> +
>> + if (pkh->algo != PUBKEY_ALGO_RSA)
>> + return -EINVAL;
> Are you supposed to be still holding key->sem here?
>
Of course not.
that was late addition. Should be goto as in following cases...
- Dmitry
next prev parent reply other threads:[~2011-08-17 10:53 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-08-11 17:20 [RFC v1.1 0/5] evm: digital signature extension Dmitry Kasatkin
2011-08-11 17:20 ` [RFC v1.1 1/5] crypto: GnuPG based MPI lib Dmitry Kasatkin
2011-08-15 16:12 ` Dmitry Kasatkin
2011-08-17 11:38 ` Nikos Mavrogiannopoulos
2011-08-17 12:23 ` Dmitry Kasatkin
2011-08-17 12:42 ` Nikos Mavrogiannopoulos
2011-08-16 0:57 ` James Morris
2011-08-17 10:50 ` Dmitry Kasatkin
2011-08-11 17:20 ` [RFC v1.1 2/5] crypto: ksign - digital signature verification support Dmitry Kasatkin
2011-08-16 1:00 ` James Morris
2011-08-17 10:54 ` Dmitry Kasatkin [this message]
2011-08-11 17:20 ` [RFC v1.1 3/5] evm: digital signature support Dmitry Kasatkin
2011-08-16 1:03 ` James Morris
2011-08-11 17:20 ` [RFC v1.1 4/5] ksign: provides keyring to search in for the key Dmitry Kasatkin
2011-08-11 17:20 ` [RFC v1.1 5/5] evm: creates dedicated evm keyring to store public keys Dmitry Kasatkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E4B9DD8.3060303@intel.com \
--to=dmitry.kasatkin@intel.com \
--cc=jmorris@namei.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).