From: Lucas De Marchi <lucas.demarchi@intel.com>
To: Yauheni Kaliuta <yauheni.kaliuta@redhat.com>
Cc: Lucas De Marchi <lucas.de.marchi@gmail.com>,
linux-modules <linux-modules@vger.kernel.org>,
ykaliuta@redhat.com
Subject: Re: [PATCH kmod] libkmod-signature: implement pkcs7 parsing with openssl
Date: Tue, 29 Jan 2019 08:50:10 -0800 [thread overview]
Message-ID: <20190129165010.kkcd3xrdgpf3uqkc@ldmartin-desk.jf.intel.com> (raw)
In-Reply-To: <xunybm3z94j6.fsf@redhat.com>
On Tue, Jan 29, 2019 at 11:50:05AM +0200, Yauheni Kaliuta wrote:
>Hi, Lucas!
>
>>>>>> On Mon, 28 Jan 2019 10:05:24 -0800, Lucas De Marchi wrote:
> > On Sat, Jan 26, 2019 at 3:01 AM Yauheni Kaliuta
> > <yauheni.kaliuta@redhat.com> wrote:
> >>
>
>[...]
> >> >> +
> >> >> + pvt->cms = cms;
> >> >> + pvt->key_id = key_id_str;
> >> >> + pvt->sno = sno_bn;
> >> >> + sig_info->private = pvt;
> >>
> >> > why do you keep pvt around if the only thing you will do with
> >> > it later is to free it?
> >> > AFAICS the only thing that needs to remain around is the str
> >> > so we can free it after the user used it (because normal
> >> > signature is backed in memory by the mem object, while these
> >> > are openssl structs)
> >>
> >> I should keep them until kmod_module_get_info() makes the copies.
> >>
> >> cms is openssl struct
> >> sno_bn is allocated by openssl and must be freed later
> >> key_id_str is allocated here since the size in unknown in advance
> >> and must be freed later.
> >>
> >> Or what did I miss?
>
> > we could just duplicate the information that we want stored and keep
> > the openssl context contained
> > to just this function. I thought the only one would be key_str_id, but
> > missed that sig and signer
> > also need to have their backing object around.
>
>If I duplicate it here then without cleanup I'll have memory
>leak, no?
yes, my idea was to just leave it simpler and add a
if (pkcs7)
free(key_id)
Lucas De Marchi
>
>In the old code they were pointers inside the module image and
>freed with the image itself.
>
>--
>WBR,
>Yauheni Kaliuta
next prev parent reply other threads:[~2019-01-29 16:50 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-25 13:38 [PATCH kmod] libkmod-signature: implement pkcs7 parsing with openssl Yauheni Kaliuta
2019-01-25 18:33 ` Lucas De Marchi
2019-01-26 11:01 ` Yauheni Kaliuta
2019-01-28 18:05 ` Lucas De Marchi
2019-01-29 9:50 ` Yauheni Kaliuta
2019-01-29 16:50 ` Lucas De Marchi [this message]
2019-01-29 17:22 ` Yauheni Kaliuta
2019-01-29 18:03 ` Lucas De Marchi
2019-01-29 18:34 ` Yauheni Kaliuta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190129165010.kkcd3xrdgpf3uqkc@ldmartin-desk.jf.intel.com \
--to=lucas.demarchi@intel.com \
--cc=linux-modules@vger.kernel.org \
--cc=lucas.de.marchi@gmail.com \
--cc=yauheni.kaliuta@redhat.com \
--cc=ykaliuta@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.