Hi David, First, thanks for your review and suggestion!
於 三,2013-12-11 於 14:49 +0000,David Howells 提到: > Lee, Chun-Yi <[email protected]> wrote: > > > + desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); > > + digest_size = crypto_shash_digestsize(tfm); > > + digest = kzalloc(digest_size + desc_size, GFP_KERNEL); > > + if (!digest) { > > + pr_err("digest memory buffer allocate fail\n"); > > + ret = -ENOMEM; > > + goto error_digest; > > + } > > + desc = (void *)digest + digest_size; > > + desc->tfm = tfm; > > + desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; > > + ret = crypto_shash_init(desc); > > + if (ret < 0) > > + goto error_shash; > > + > > + ret = crypto_shash_finup(desc, mod, modlen, digest); > > + if (ret < 0) > > + goto error_shash; > > Can you use the digest generated by mod_make_digest() to avoid computing the > hash twice? > > David > My original thinking is the algorithm of blacklisted hashes may not the same with the hash of kernel module signature. But as you point out, now I think maybe don't need this flexibility. In next version, I will use the same hash algorithm as mod_make_digest() to void computing it twice. Thanks a lot! Joey Lee _______________________________________________ kernel mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/kernel
