diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Kconfig | 3 | ||||
| -rw-r--r-- | lib/digsig.c | 46 | ||||
| -rw-r--r-- | lib/lzo/lzo1x_compress.c | 2 | ||||
| -rw-r--r-- | lib/lzo/lzo1x_decompress_safe.c | 6 |
4 files changed, 11 insertions, 46 deletions
diff --git a/lib/Kconfig b/lib/Kconfig index c483951b624f..e629449dd2a3 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -477,8 +477,7 @@ config MPILIB config SIGNATURE tristate depends on KEYS - select CRYPTO - select CRYPTO_SHA1 + select CRYPTO_LIB_SHA1 select MPILIB help Digital signature verification. Currently only RSA is supported. diff --git a/lib/digsig.c b/lib/digsig.c index 2b36f9cc91e9..9dd319c12c7d 100644 --- a/lib/digsig.c +++ b/lib/digsig.c @@ -18,15 +18,11 @@ #include <linux/module.h> #include <linux/slab.h> #include <linux/key.h> -#include <linux/crypto.h> -#include <crypto/hash.h> #include <crypto/sha1.h> #include <keys/user-type.h> #include <linux/mpi.h> #include <linux/digsig.h> -static struct crypto_shash *shash; - static const char *pkcs_1_v1_5_decode_emsa(const unsigned char *msg, unsigned long msglen, unsigned long modulus_bitlen, @@ -198,12 +194,12 @@ err1: int digsig_verify(struct key *keyring, const char *sig, int siglen, const char *data, int datalen) { - int err = -ENOMEM; struct signature_hdr *sh = (struct signature_hdr *)sig; - struct shash_desc *desc = NULL; + struct sha1_ctx ctx; unsigned char hash[SHA1_DIGEST_SIZE]; struct key *key; char name[20]; + int err; if (siglen < sizeof(*sh) + 2) return -EINVAL; @@ -230,49 +226,19 @@ int digsig_verify(struct key *keyring, const char *sig, int siglen, return PTR_ERR(key); } - desc = kzalloc(sizeof(*desc) + crypto_shash_descsize(shash), - GFP_KERNEL); - if (!desc) - goto err; - - desc->tfm = shash; - - crypto_shash_init(desc); - crypto_shash_update(desc, data, datalen); - crypto_shash_update(desc, sig, sizeof(*sh)); - crypto_shash_final(desc, hash); - - kfree(desc); + sha1_init(&ctx); + sha1_update(&ctx, data, datalen); + sha1_update(&ctx, sig, sizeof(*sh)); + sha1_final(&ctx, hash); /* pass signature mpis address */ err = digsig_verify_rsa(key, sig + sizeof(*sh), siglen - sizeof(*sh), hash, sizeof(hash)); -err: key_put(key); return err ? -EINVAL : 0; } EXPORT_SYMBOL_GPL(digsig_verify); -static int __init digsig_init(void) -{ - shash = crypto_alloc_shash("sha1", 0, 0); - if (IS_ERR(shash)) { - pr_err("shash allocation failed\n"); - return PTR_ERR(shash); - } - - return 0; - -} - -static void __exit digsig_cleanup(void) -{ - crypto_free_shash(shash); -} - -module_init(digsig_init); -module_exit(digsig_cleanup); - MODULE_LICENSE("GPL"); diff --git a/lib/lzo/lzo1x_compress.c b/lib/lzo/lzo1x_compress.c index 7b10ca86a893..01586af2347f 100644 --- a/lib/lzo/lzo1x_compress.c +++ b/lib/lzo/lzo1x_compress.c @@ -26,7 +26,7 @@ #define HAVE_OP(x) 1 #endif -#define NEED_OP(x) if (!HAVE_OP(x)) goto output_overrun +#define NEED_OP(x) if (unlikely(!HAVE_OP(x))) goto output_overrun static noinline int LZO_SAFE(lzo1x_1_do_compress)(const unsigned char *in, size_t in_len, diff --git a/lib/lzo/lzo1x_decompress_safe.c b/lib/lzo/lzo1x_decompress_safe.c index c94f4928e188..318abb82c63d 100644 --- a/lib/lzo/lzo1x_decompress_safe.c +++ b/lib/lzo/lzo1x_decompress_safe.c @@ -22,9 +22,9 @@ #define HAVE_IP(x) ((size_t)(ip_end - ip) >= (size_t)(x)) #define HAVE_OP(x) ((size_t)(op_end - op) >= (size_t)(x)) -#define NEED_IP(x) if (!HAVE_IP(x)) goto input_overrun -#define NEED_OP(x) if (!HAVE_OP(x)) goto output_overrun -#define TEST_LB(m_pos) if ((m_pos) < out) goto lookbehind_overrun +#define NEED_IP(x) if (unlikely(!HAVE_IP(x))) goto input_overrun +#define NEED_OP(x) if (unlikely(!HAVE_OP(x))) goto output_overrun +#define TEST_LB(m_pos) if (unlikely((m_pos) < out)) goto lookbehind_overrun /* This MAX_255_COUNT is the maximum number of times we can add 255 to a base * count without overflowing an integer. The multiply will overflow when |