[Drbd-dev] drbd-svn can't handle modular hmac, and crashes if hash can't be found

Lars Ellenberg Lars.Ellenberg at linbit.com
Mon Jan 15 08:45:12 CET 2007

/ 2007-01-14 09:18:44 -0800
\ Mark Glines:
> Hi,
> A few minor issues.
> 1.  CONFIG_CRYPTO_HMAC can be defined as a module; the drbd code currently requires it to be built into the kernel, 
> apparently for no good reason.
> 2.  If the hash algorithm itself isn't available (like sha1.ko wasn't loaded yet), crypto_alloc_hash() returns 
> -ENOENT.  It does not return NULL, which is what the drbd code currently checks for.  This leads to crashes later.

right... we know 't was unfinished code,
but checked in anyways, to get it going.

> 3.  Once #2 is fixed, the user tools try to report the error, and the error message contains a typo, an extra ")".  
> "Failure: (120) The 'cram-hmac-alg' you specified is not known in )the kernel."  It also doesn't tell the user what 
> to do to fix it.
> The attached patch fixes the above issues, and applies cleanly to your current svn.  Please review and apply.

thanks, will do.

> P.S.  Since drbd no longer requires any exported symbols from the hmac/hash module, is there any reason to check 
> CONFIG_CRYPTO_HMAC at all?  A simpler check on CONFIG_CRYPTO to make sure the basic API exists should be all you 
> need...

we build against older kernels as well,
and as long as debian, suse, redhat & co have their
vendor kernels the way they are, this probably needs to stay this way.
we should be able to relax it for builds against newer kernels, though.

: Lars Ellenberg                            Tel +43-1-8178292-55 :
: LINBIT Information Technologies GmbH      Fax +43-1-8178292-82 :
: Vivenotgasse 48, A-1120 Vienna/Europe    http://www.linbit.com :

More information about the drbd-dev mailing list