From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: safford@watson.ibm.com, David Safford <safford@us.ibm.com>,
jj@chaosbits.net, dhowells@redhat.com, jmorris@namei.org,
keyrings@linux-nfs.org, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 3/3] trusted-keys: avoid scattring va_end()
Date: Mon, 17 Jan 2011 16:06:40 -0500 [thread overview]
Message-ID: <1295298400.2642.9.camel@localhost.localdomain> (raw)
In-Reply-To: <201101170044.p0H0iLQW087457@www262.sakura.ne.jp>
On Mon, 2011-01-17 at 09:44 +0900, Tetsuo Handa wrote:
> From 65b41710a476deae2e0899a4df40c02d199a4ee3 Mon Sep 17 00:00:00 2001
> From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> Date: Mon, 17 Jan 2011 09:27:27 +0900
> Subject: [PATCH 3/3] trusted-keys: avoid scattring va_end()
>
> We can avoid scattering va_end() within the
>
> va_start();
> for (;;) {
>
> }
> va_end();
>
> loop, assuming that crypto_shash_init()/crypto_shash_update() return 0 on
> success and negative value otherwise.
>
> Make TSS_authhmac()/TSS_checkhmac1()/TSS_checkhmac2() similar to TSS_rawhmac()
> by removing "va_end()/goto" from the loop.
>
> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
The patch looks good. Would you mind making the one change below?
Acked-by: Mimi Zohar <zohar@us.ibm.com>
> ---
> security/keys/trusted_defined.c | 30 +++++++++++++-----------------
> 1 files changed, 13 insertions(+), 17 deletions(-)
>
> diff --git a/security/keys/trusted_defined.c b/security/keys/trusted_defined.c
> index f7d0677..2836c6d 100644
> --- a/security/keys/trusted_defined.c
> +++ b/security/keys/trusted_defined.c
> @@ -150,17 +150,15 @@ static int TSS_authhmac(unsigned char *digest, const unsigned char *key,
> data = va_arg(argp, unsigned char *);
> if (!data) {
> ret = -EINVAL;
> - va_end(argp);
> - goto out;
> + break;
> }
> ret = crypto_shash_update(&sdesc->shash, data, dlen);
> - if (ret < 0) {
> - va_end(argp);
> - goto out;
> - }
> + if (ret < 0)
> + break;
> }
> va_end(argp);
> - ret = crypto_shash_final(&sdesc->shash, paramdigest);
> + if (!ret)
> + ret = crypto_shash_final(&sdesc->shash, paramdigest);
> if (!ret)
Change the existing '(!ret)' to '(ret < 0)', like the rest of the code?
It's not wrong, but ....
> ret = TSS_rawhmac(digest, key, keylen, SHA1_DIGEST_SIZE,
> paramdigest, TPM_NONCE_SIZE, h1,
> @@ -229,13 +227,12 @@ static int TSS_checkhmac1(unsigned char *buffer,
> break;
> dpos = va_arg(argp, unsigned int);
> ret = crypto_shash_update(&sdesc->shash, buffer + dpos, dlen);
> - if (ret < 0) {
> - va_end(argp);
> - goto out;
> - }
> + if (ret < 0)
> + break;
> }
> va_end(argp);
> - ret = crypto_shash_final(&sdesc->shash, paramdigest);
> + if (!ret)
> + ret = crypto_shash_final(&sdesc->shash, paramdigest);
> if (ret < 0)
> goto out;
>
> @@ -323,13 +320,12 @@ static int TSS_checkhmac2(unsigned char *buffer,
> break;
> dpos = va_arg(argp, unsigned int);
> ret = crypto_shash_update(&sdesc->shash, buffer + dpos, dlen);
> - if (ret < 0) {
> - va_end(argp);
> - goto out;
> - }
> + if (ret < 0)
> + break;
> }
> va_end(argp);
> - ret = crypto_shash_final(&sdesc->shash, paramdigest);
> + if (!ret)
> + ret = crypto_shash_final(&sdesc->shash, paramdigest);
> if (ret < 0)
> goto out;
>
next prev parent reply other threads:[~2011-01-17 21:06 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-13 20:07 [PATCH] Trusted and Encrypted Keys: fix up TSS_rawhmac() so we always kfree() and remember to call va_end() Jesper Juhl
2011-01-14 13:28 ` David Safford
2011-01-14 13:45 ` [PATCH] Trusted and Encrypted Keys: fix up TSS_rawhmac() so wealways " Tetsuo Handa
2011-01-14 14:07 ` Tetsuo Handa
2011-01-15 0:58 ` Tetsuo Handa
2011-01-16 14:04 ` Jesper Juhl
2011-01-17 0:39 ` [PATCH 1/3] trusted-keys: another free memory bugfix Tetsuo Handa
2011-01-17 0:41 ` [PATCH 2/3] trusted-keys: check for NULL before using it Tetsuo Handa
2011-01-17 0:44 ` [PATCH 3/3] trusted-keys: avoid scattring va_end() Tetsuo Handa
2011-01-17 9:39 ` David Howells
2011-01-17 18:36 ` Jesper Juhl
2011-01-17 21:06 ` Mimi Zohar [this message]
2011-01-18 1:39 ` [PATCH 3/3] trusted-keys: small cleanup Tetsuo Handa
2011-01-18 9:26 ` Mimi Zohar
2011-01-18 11:03 ` Tetsuo Handa
2011-01-18 11:28 ` Mimi Zohar
2011-01-18 11:42 ` Mimi Zohar
2011-01-17 9:34 ` [PATCH 2/3] trusted-keys: check for NULL before using it David Howells
2011-01-17 18:35 ` Jesper Juhl
2011-01-17 21:02 ` Mimi Zohar
2011-01-17 9:33 ` [PATCH 1/3] trusted-keys: another free memory bugfix David Howells
2011-01-17 18:34 ` Jesper Juhl
2011-01-17 21:01 ` Mimi Zohar
2011-01-18 22:55 ` James Morris
2011-01-14 13:31 ` [PATCH] Trusted and Encrypted Keys: fix up TSS_rawhmac() so we always kfree() and remember to call va_end() David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1295298400.2642.9.camel@localhost.localdomain \
--to=zohar@linux.vnet.ibm.com \
--cc=dhowells@redhat.com \
--cc=jj@chaosbits.net \
--cc=jmorris@namei.org \
--cc=keyrings@linux-nfs.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=penguin-kernel@I-love.SAKURA.ne.jp \
--cc=safford@us.ibm.com \
--cc=safford@watson.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox