Prevent to initialise backends twice.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@414 36d66b0a-2a48-0410-832c-cd162a569da5

diff --git a/lib/crypto_backend/crypto_gcrypt.c b/lib/crypto_backend/crypto_gcrypt.c
index fe0fba8..b73f3ad 100644 (file)
--- a/lib/crypto_backend/crypto_gcrypt.c
+++ b/lib/crypto_backend/crypto_gcrypt.c
@@ -19,11 +19,14 @@
 
 #include <string.h>
 #include <errno.h>
+#include <assert.h>
 #include <gcrypt.h>
 #include "crypto_backend.h"
 
 #define GCRYPT_REQ_VERSION "1.1.42"
 
+static int crypto_backend_initialised = 0;
+
 struct crypt_hash {
        gcry_md_hd_t hd;
        int hash_id;
@@ -38,6 +41,9 @@ struct crypt_hmac {
 
 int crypt_backend_init(void)
 {
+       if (crypto_backend_initialised)
+               return 0;
+
        log_dbg("Initialising gcrypt crypto backend.");
        if (!gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) {
                if (!gcry_check_version (GCRYPT_REQ_VERSION)) {
@@ -62,6 +68,7 @@ int crypt_backend_init(void)
                gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
        }
 
+       crypto_backend_initialised = 1;
        return 0;
 }
 
@@ -73,8 +80,11 @@ uint32_t crypt_backend_flags(void)
 /* HASH */
 int crypt_hash_size(const char *name)
 {
-       int hash_id = gcry_md_map_name(name);
+       int hash_id;
 
+       assert(crypto_backend_initialised);
+
+       hash_id = gcry_md_map_name(name);
        if (!hash_id)
                return -EINVAL;
 
@@ -85,6 +95,8 @@ int crypt_hash_init(struct crypt_hash **ctx, const char *name)
 {
        struct crypt_hash *h;
 
+       assert(crypto_backend_initialised);
+
        h = malloc(sizeof(*h));
        if (!h)
                return -ENOMEM;
@@ -151,6 +163,8 @@ int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
 {
        struct crypt_hmac *h;
 
+       assert(crypto_backend_initialised);
+
        h = malloc(sizeof(*h));
        if (!h)
                return -ENOMEM;

diff --git a/lib/crypto_backend/crypto_kernel.c b/lib/crypto_backend/crypto_kernel.c
index e360140..6005b8e 100644 (file)
--- a/lib/crypto_backend/crypto_kernel.c
+++ b/lib/crypto_backend/crypto_kernel.c
@@ -33,6 +33,8 @@
 #define SOL_ALG 279
 #endif
 
+static int crypto_backend_initialised = 0;
+
 struct hash_alg {
        const char *name;
        const char *kernel_name;
@@ -97,6 +99,9 @@ int crypt_backend_init(void)
        };
        int tfmfd = -1, opfd = -1;
 
+       if (crypto_backend_initialised)
+               return 0;
+
        log_dbg("Initialising kernel crypto API backend.");
 
        if (uname(&uts) == -1 || strcmp(uts.sysname, "Linux"))
@@ -108,6 +113,8 @@ int crypt_backend_init(void)
 
        close(tfmfd);
        close(opfd);
+
+       crypto_backend_initialised = 1;
        return 0;
 }
 

diff --git a/lib/crypto_backend/crypto_nss.c b/lib/crypto_backend/crypto_nss.c
index eecc70a..637e9fd 100644 (file)
--- a/lib/crypto_backend/crypto_nss.c
+++ b/lib/crypto_backend/crypto_nss.c
@@ -23,6 +23,8 @@
 #include <nss/pk11pub.h>
 #include "crypto_backend.h"
 
+static int crypto_backend_initialised = 0;
+
 struct hash_alg {
        const char *name;
        SECOidTag oid;
@@ -65,10 +67,14 @@ static struct hash_alg *_get_alg(const char *name)
 
 int crypt_backend_init(void)
 {
+       if (crypto_backend_initialised)
+               return 0;
+
        log_dbg("Initialising NSS crypto backend.");
        if (NSS_NoDB_Init(".") != SECSuccess)
                return -EINVAL;
 
+       crypto_backend_initialised = 1;
        return 0;
 }
 

diff --git a/lib/crypto_backend/crypto_openssl.c b/lib/crypto_backend/crypto_openssl.c
index 5ef3845..c9c8efe 100644 (file)
--- a/lib/crypto_backend/crypto_openssl.c
+++ b/lib/crypto_backend/crypto_openssl.c
@@ -23,6 +23,8 @@
 #include <openssl/hmac.h>
 #include "crypto_backend.h"
 
+static int crypto_backend_initialised = 0;
+
 struct crypt_hash {
        EVP_MD_CTX md;
        const EVP_MD *hash_id;
@@ -37,8 +39,13 @@ struct crypt_hmac {
 
 int crypt_backend_init(void)
 {
+       if (crypto_backend_initialised)
+               return 0;
+
        OpenSSL_add_all_digests();
        log_dbg("OpenSSL crypto backend initialized.");
+
+       crypto_backend_initialised = 1;
        return 0;
 }
 

diff --git a/lib/luks1/pbkdf.c b/lib/luks1/pbkdf.c
index 3823f93..c0deae5 100644 (file)
--- a/lib/luks1/pbkdf.c
+++ b/lib/luks1/pbkdf.c
@@ -240,13 +240,14 @@ int PBKDF2_performance_check(const char *hash, uint64_t *iter)
        /* If crypto backend is not implemented in userspace,
         * but uses some kernel part, we must measure also time
         * spent in kernel. */
-       if (crypt_backend_flags() & CRYPT_BACKEND_KERNEL)
+       if (crypt_backend_flags() & CRYPT_BACKEND_KERNEL) {
                timer_type = ITIMER_PROF;
-       else
+               signal(SIGPROF,sigvtalarm);
+       } else {
                timer_type = ITIMER_VIRTUAL;
+               signal(SIGVTALRM,sigvtalarm);
+       }
 
-       signal(SIGVTALRM,sigvtalarm);
-       signal(SIGPROF,sigvtalarm);
        it.it_interval.tv_usec = 0;
        it.it_interval.tv_sec = 0;
        it.it_value.tv_usec = 0;

diff --git a/lib/random.c b/lib/random.c
index b2aafa5..1bcf604 100644 (file)
--- a/lib/random.c
+++ b/lib/random.c
@@ -144,6 +144,9 @@ static int _get_random(struct crypt_device *ctx, char *buf, size_t len)
 /* Initialisation of both RNG file descriptors is mandatory */
 int crypt_random_init(struct crypt_device *ctx)
 {
+       if (random_initialised)
+               return 0;
+
        /* Used for CRYPT_RND_NORMAL */
        if(urandom_fd == -1)
                urandom_fd = open(URANDOM_DEVICE, O_RDONLY);