diff options
author | Dmitry Kasatkin <dmitry.kasatkin@nokia.com> | 2011-03-09 15:07:36 -0500 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-07-18 12:29:46 -0400 |
commit | d46eb3699502ba221e81e88e6c6594e2a7818532 (patch) | |
tree | 4761b63f12ded9ad53e3019c33d62d173b4b07da /security/integrity/evm/evm_main.c | |
parent | 823eb1ccd0b310449e99c822412ea8208334d14c (diff) | |
download | op-kernel-dev-d46eb3699502ba221e81e88e6c6594e2a7818532.zip op-kernel-dev-d46eb3699502ba221e81e88e6c6594e2a7818532.tar.gz |
evm: crypto hash replaced by shash
Using shash is more efficient, because the algorithm is allocated only
once. Only the descriptor to store the hash state needs to be allocated
for every operation.
Changelog v6:
- check for crypto_shash_setkey failure
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity/evm/evm_main.c')
-rw-r--r-- | security/integrity/evm/evm_main.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index 2348635..b65adb5 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -19,6 +19,7 @@ #include <linux/xattr.h> #include <linux/integrity.h> #include <linux/evm.h> +#include <crypto/hash.h> #include "evm.h" int evm_initialized; @@ -283,12 +284,10 @@ out: } EXPORT_SYMBOL_GPL(evm_inode_init_security); -static struct crypto_hash *tfm_hmac; /* preload crypto alg */ static int __init init_evm(void) { int error; - tfm_hmac = crypto_alloc_hash(evm_hmac, 0, CRYPTO_ALG_ASYNC); error = evm_init_secfs(); if (error < 0) { printk(KERN_INFO "EVM: Error registering secfs\n"); @@ -301,7 +300,8 @@ err: static void __exit cleanup_evm(void) { evm_cleanup_secfs(); - crypto_free_hash(tfm_hmac); + if (hmac_tfm) + crypto_free_shash(hmac_tfm); } /* |