Commit d701722a authored Apr 09, 2025 by Herbert Xu

crypto: api - Allow delayed algorithm destruction



The current algorithm unregistration mechanism originated from
software crypto.  The code relies on module reference counts to
stop in-use algorithms from being unregistered.  Therefore if
the unregistration function is reached, it is assumed that the
module reference count has hit zero and thus the algorithm reference
count should be exactly 1.

This is completely broken for hardware devices, which can be
unplugged at random.

Fix this by allowing algorithms to be destroyed later if a destroy
callback is provided.

Reported-by: Sean Anderson <sean.anderson@linux.dev>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

parent c80d6598

crypto/algapi.c

+4 −4

Original line number	Diff line number	Diff line
		@@ -481,10 +481,10 @@ void crypto_unregister_alg(struct crypto_alg *alg)
		if (WARN(ret, "Algorithm %s is not registered", alg->cra_driver_name))
		return;

		if (WARN_ON(refcount_read(&alg->cra_refcnt) != 1))
		return;

		if (alg->cra_type && alg->cra_type->destroy)
		if (alg->cra_destroy)
		crypto_alg_put(alg);
		else if (!WARN_ON(refcount_read(&alg->cra_refcnt) != 1) &&
		alg->cra_type && alg->cra_type->destroy)
		alg->cra_type->destroy(alg);

		crypto_remove_final(&list);