crypto: drbg - leave cipher handles operational
As the DRBG does not operate on shadow copies of the DRBG instance
any more, the cipher handles only need to be allocated once during
initalization time and deallocated during uninstantiate time.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
diff --git a/crypto/drbg.c b/crypto/drbg.c
index a278f84..30ec2a6 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1249,11 +1249,6 @@
if ((drbg_max_requests(drbg)) < drbg->reseed_ctr)
drbg->seeded = false;
- /* allocate cipher handle */
- len = drbg->d_ops->crypto_init(drbg);
- if (len)
- goto err;
-
if (drbg->pr || !drbg->seeded) {
pr_devel("DRBG: reseeding before generation (prediction "
"resistance: %s, state %s)\n",
@@ -1325,7 +1320,6 @@
*/
len = 0;
err:
- drbg->d_ops->crypto_fini(drbg);
return len;
}
@@ -1424,9 +1418,10 @@
if (drbg->d_ops->crypto_init(drbg))
goto err;
ret = drbg_seed(drbg, pers, false);
- drbg->d_ops->crypto_fini(drbg);
- if (ret)
+ if (ret) {
+ drbg->d_ops->crypto_fini(drbg);
goto err;
+ }
mutex_unlock(&drbg->drbg_mutex);
return 0;
@@ -1450,6 +1445,7 @@
static int drbg_uninstantiate(struct drbg_state *drbg)
{
mutex_lock(&drbg->drbg_mutex);
+ drbg->d_ops->crypto_fini(drbg);
drbg_dealloc_state(drbg);
/* no scrubbing of test_data -- this shall survive an uninstantiate */
mutex_unlock(&drbg->drbg_mutex);