On Thu, Mar 19, 2015 at 08:23:58AM +0100, Stephan Mueller wrote:
>
> How can you distinguish between calls coming from crypto_*_spawn (which
> we need to allow) and calls that come from the normal API calls (which
> we should block?
crypto_*_spawn should not be the place where you make the call on
whether internals are allowed. You should put that information
into places such as ablk_init_common or wherever these internals
are allocated.
So in ablk_init_common you would do
cryptd_tfm = cryptd_alloc_ablkcipher(drv_name, CRYPTO_ALG_INTERNAL,
CRYPTO_ALG_INTERNAL);
IOW internals are disallowed if you don't specify it in the mask,
but you can get them if you do specify it in the mask (and the
corresponding bit in the type).
Cheers,
--
Email: Herbert Xu <herb...@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
