From: Eric Biggers Date: Mon, 20 Apr 2026 06:34:05 +0000 (-0700) Subject: crypto: drbg - Embed V and C into struct drbg_state X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fcc62e0991ff0ceb7f53a93f4b12982b7d91d233;p=thirdparty%2Fkernel%2Flinux.git crypto: drbg - Embed V and C into struct drbg_state Now that the sizes of V and C are known at compile time, embed them into struct drbg_state rather than using separate allocations. Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu --- diff --git a/crypto/drbg.c b/crypto/drbg.c index 34a7cbdda1f10..e62bde7aab43f 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -142,10 +142,8 @@ enum drbg_seed_state { struct drbg_state { struct mutex drbg_mutex; /* lock around DRBG */ - unsigned char *V; /* internal state -- 10.1.2.1 1a */ - unsigned char *Vbuf; - unsigned char *C; /* current key -- 10.1.2.1 1b */ - unsigned char *Cbuf; + u8 V[DRBG_STATE_LEN]; /* internal state -- 10.1.2.1 1a */ + u8 C[DRBG_STATE_LEN]; /* current key -- 10.1.2.1 1b */ /* Number of RNG requests since last reseed -- 10.1.2.1 1c */ size_t reseed_ctr; size_t reseed_threshold; @@ -492,12 +490,8 @@ static inline void drbg_dealloc_state(struct drbg_state *drbg) { if (!drbg) return; - kfree_sensitive(drbg->Vbuf); - drbg->Vbuf = NULL; - drbg->V = NULL; - kfree_sensitive(drbg->Cbuf); - drbg->Cbuf = NULL; - drbg->C = NULL; + memzero_explicit(drbg->V, sizeof(drbg->V)); + memzero_explicit(drbg->C, sizeof(drbg->C)); drbg->reseed_ctr = 0; drbg->core = NULL; } @@ -513,24 +507,8 @@ static inline int drbg_alloc_state(struct drbg_state *drbg) ret = drbg_init_hash_kernel(drbg); if (ret < 0) goto err; - - drbg->Vbuf = kmalloc(DRBG_STATE_LEN + ret, GFP_KERNEL); - if (!drbg->Vbuf) { - ret = -ENOMEM; - goto fini; - } - drbg->V = PTR_ALIGN(drbg->Vbuf, ret + 1); - drbg->Cbuf = kmalloc(DRBG_STATE_LEN + ret, GFP_KERNEL); - if (!drbg->Cbuf) { - ret = -ENOMEM; - goto fini; - } - drbg->C = PTR_ALIGN(drbg->Cbuf, ret + 1); - return 0; -fini: - drbg_fini_hash_kernel(drbg); err: drbg_dealloc_state(drbg); return ret;