On Sun, Mar 21, 2021 at 11:00:09PM -0700, Eric Biggers wrote:
On Mon, Mar 22, 2021 at 08:45:22AM +0300, Dan Carpenter wrote:
On Sun, Mar 21, 2021 at 10:07:48PM -0700, Eric Biggers wrote:
From: Eric Biggers ebiggers@google.com
crypto_stats_get() is a no-op when the kernel is compiled without CONFIG_CRYPTO_STATS, so pairing it with crypto_alg_put() unconditionally (as crypto_rng_reset() does) is wrong.
Presumably the intention was that _get() and _put() should always pair. It's really ugly and horrible that they don't. We could have predicted bug like this would happen and will continue to happen until the crypto_stats_get() is renamed.
Well, the crypto stats stuff has always been pretty broken, so I don't think people have looked at it too closely. Currently crypto_stats_get() pairs with one of the functions that tallies the statistics, such as crypto_stats_rng_seed() or crypto_stats_aead_encrypt(). What change are you suggesting, exactly? Maybe moving the conditional crypto_alg_put() into a new function crypto_stats_put() and moving it into the callers? Or do you think the functions should just be renamed to something like crypto_stats_begin() and crypto_stats_end_{rng_seed,aead_encrypt}()?
To be honest, I misread the crypto_alg_put() thinking that it was crypto_*stats*_put(). My favourite fix would be to introduce a crypto_stats_put() which is a mirror of crypto_stats_get() and ifdeffed out if we don't have CONFIG_CRYPTO_STATS.
regards, dan carpenter