Re: [PATCH v11 2/8] pkcs7: Allow the signing algo to calculate the digest itself

Next message: Vlastimil Babka: "Re: [PATCH V5 3/8] ext4: specify the free pointer offset for ext4_inode_cache"
Previous message: Neil Armstrong: "Re: [PATCH 5/6] arm64: dts: qcom: milos: Add UFS nodes"
In reply to: Ignat Korchagin: "Re: [PATCH v11 2/8] pkcs7: Allow the signing algo to calculate the digest itself"
Next in thread: Ignat Korchagin: "Re: [PATCH v11 2/8] pkcs7: Allow the signing algo to calculate the digest itself"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: David Howells

Date: Wed Jan 07 2026 - 08:53:37 EST

Ignat Korchagin <ignat@xxxxxxxxxxxxxx> wrote:

> > + ret = -ENOMEM;
> > + sig->digest = kmalloc(umax(sinfo->authattrs_len, sig->digest_size),
> > + GFP_KERNEL);
>
> Can we refactor this so we allocate the right size from the start.

The problem is that we don't know the right size until we've tried parsing it.

> Alternatively, should we just unconditionally use this approach
> "overallocating" some times?

In some ways, what I'd rather do is push the hash calculation down into the
crypto/ layer for all public key algos.

Also, we probably don't actually need to copy the authattrs, just retain a
pointer into the source buffer and the length since we don't intend to keep
the digest around beyond the verification procedure. So I might be able to
get away with just a flag saying I don't need to free it.

However, there's an intermediate hash if there are authattrs, so I will need
to store that somewhere - though that could be allocated on demand.

David