diff options
author | Dmitry Kasatkin <d.kasatkin@samsung.com> | 2013-07-04 16:40:01 +0200 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2013-10-25 23:17:01 +0200 |
commit | 723326b927b675daf4223fe31d7428eca68f194b (patch) | |
tree | 499ca34fc60793d66ae07dc9ee453a401bef3cc8 /security | |
parent | ima: differentiate between template hash and file data hash sizes (diff) | |
download | linux-723326b927b675daf4223fe31d7428eca68f194b.tar.xz linux-723326b927b675daf4223fe31d7428eca68f194b.zip |
ima: provide dedicated hash algo allocation function
This patch provides dedicated hash algo allocation and
deallocation function which can be used by different clients.
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/integrity/ima/ima_crypto.c | 43 |
1 files changed, 29 insertions, 14 deletions
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index 872c6698067c..e5d3ebf18436 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c @@ -39,6 +39,28 @@ int ima_init_crypto(void) return 0; } +static struct crypto_shash *ima_alloc_tfm(enum hash_algo algo) +{ + struct crypto_shash *tfm = ima_shash_tfm; + int rc; + + if (algo != ima_hash_algo && algo < HASH_ALGO__LAST) { + tfm = crypto_alloc_shash(hash_algo_name[algo], 0, 0); + if (IS_ERR(tfm)) { + rc = PTR_ERR(tfm); + pr_err("Can not allocate %s (reason: %d)\n", + hash_algo_name[algo], rc); + } + } + return tfm; +} + +static void ima_free_tfm(struct crypto_shash *tfm) +{ + if (tfm != ima_shash_tfm) + crypto_free_shash(tfm); +} + /* * Calculate the MD5/SHA1 file digest */ @@ -57,6 +79,8 @@ static int ima_calc_file_hash_tfm(struct file *file, desc.shash.tfm = tfm; desc.shash.flags = 0; + hash->length = crypto_shash_digestsize(tfm); + rc = crypto_shash_init(&desc.shash); if (rc != 0) return rc; @@ -98,25 +122,16 @@ out: int ima_calc_file_hash(struct file *file, struct ima_digest_data *hash) { - struct crypto_shash *tfm = ima_shash_tfm; + struct crypto_shash *tfm; int rc; - if (hash->algo != ima_hash_algo && hash->algo < HASH_ALGO__LAST) { - tfm = crypto_alloc_shash(hash_algo_name[hash->algo], 0, 0); - if (IS_ERR(tfm)) { - rc = PTR_ERR(tfm); - pr_err("Can not allocate %s (reason: %d)\n", - hash_algo_name[hash->algo], rc); - return rc; - } - } - - hash->length = crypto_shash_digestsize(tfm); + tfm = ima_alloc_tfm(hash->algo); + if (IS_ERR(tfm)) + return PTR_ERR(tfm); rc = ima_calc_file_hash_tfm(file, hash, tfm); - if (tfm != ima_shash_tfm) - crypto_free_shash(tfm); + ima_free_tfm(tfm); return rc; } |