diff options
| author | Eric Biggers <ebiggers@google.com> | 2017-12-29 11:00:46 -0500 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2018-01-05 02:43:09 -0500 |
| commit | ce8614a312ef750bb60677bb13680cb27d1c284b (patch) | |
| tree | 842f01d86dc235bcd80c8544969d9fffeaec30c5 /crypto | |
| parent | 809778e02cd45d0625439fee67688f655627bb3c (diff) | |
crypto: algapi - convert cra_refcnt to refcount_t
Reference counters should use refcount_t rather than atomic_t, since the
refcount_t implementation can prevent overflows, reducing the
exploitability of reference leak bugs. crypto_alg.cra_refcount is a
reference counter with the usual semantics, so switch it over to
refcount_t.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/algapi.c | 8 | ||||
| -rw-r--r-- | crypto/api.c | 2 | ||||
| -rw-r--r-- | crypto/crypto_user.c | 4 | ||||
| -rw-r--r-- | crypto/internal.h | 4 | ||||
| -rw-r--r-- | crypto/proc.c | 2 |
5 files changed, 10 insertions, 10 deletions
diff --git a/crypto/algapi.c b/crypto/algapi.c index 60d7366ed343..8084a76e01d8 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c | |||
| @@ -62,7 +62,7 @@ static int crypto_check_alg(struct crypto_alg *alg) | |||
| 62 | if (alg->cra_priority < 0) | 62 | if (alg->cra_priority < 0) |
| 63 | return -EINVAL; | 63 | return -EINVAL; |
| 64 | 64 | ||
| 65 | atomic_set(&alg->cra_refcnt, 1); | 65 | refcount_set(&alg->cra_refcnt, 1); |
| 66 | 66 | ||
| 67 | return crypto_set_driver_name(alg); | 67 | return crypto_set_driver_name(alg); |
| 68 | } | 68 | } |
| @@ -224,7 +224,7 @@ static struct crypto_larval *__crypto_register_alg(struct crypto_alg *alg) | |||
| 224 | if (!larval->adult) | 224 | if (!larval->adult) |
| 225 | goto free_larval; | 225 | goto free_larval; |
| 226 | 226 | ||
| 227 | atomic_set(&larval->alg.cra_refcnt, 1); | 227 | refcount_set(&larval->alg.cra_refcnt, 1); |
| 228 | memcpy(larval->alg.cra_driver_name, alg->cra_driver_name, | 228 | memcpy(larval->alg.cra_driver_name, alg->cra_driver_name, |
| 229 | CRYPTO_MAX_ALG_NAME); | 229 | CRYPTO_MAX_ALG_NAME); |
| 230 | larval->alg.cra_priority = alg->cra_priority; | 230 | larval->alg.cra_priority = alg->cra_priority; |
| @@ -399,7 +399,7 @@ int crypto_unregister_alg(struct crypto_alg *alg) | |||
| 399 | if (ret) | 399 | if (ret) |
| 400 | return ret; | 400 | return ret; |
| 401 | 401 | ||
| 402 | BUG_ON(atomic_read(&alg->cra_refcnt) != 1); | 402 | BUG_ON(refcount_read(&alg->cra_refcnt) != 1); |
| 403 | if (alg->cra_destroy) | 403 | if (alg->cra_destroy) |
| 404 | alg->cra_destroy(alg); | 404 | alg->cra_destroy(alg); |
| 405 | 405 | ||
| @@ -490,7 +490,7 @@ void crypto_unregister_template(struct crypto_template *tmpl) | |||
| 490 | up_write(&crypto_alg_sem); | 490 | up_write(&crypto_alg_sem); |
| 491 | 491 | ||
| 492 | hlist_for_each_entry_safe(inst, n, list, list) { | 492 | hlist_for_each_entry_safe(inst, n, list, list) { |
| 493 | BUG_ON(atomic_read(&inst->alg.cra_refcnt) != 1); | 493 | BUG_ON(refcount_read(&inst->alg.cra_refcnt) != 1); |
| 494 | crypto_free_instance(inst); | 494 | crypto_free_instance(inst); |
| 495 | } | 495 | } |
| 496 | crypto_remove_final(&users); | 496 | crypto_remove_final(&users); |
diff --git a/crypto/api.c b/crypto/api.c index 6da802d7be67..70a894e52ff3 100644 --- a/crypto/api.c +++ b/crypto/api.c | |||
| @@ -137,7 +137,7 @@ static struct crypto_alg *crypto_larval_add(const char *name, u32 type, | |||
| 137 | if (IS_ERR(larval)) | 137 | if (IS_ERR(larval)) |
| 138 | return ERR_CAST(larval); | 138 | return ERR_CAST(larval); |
| 139 | 139 | ||
| 140 | atomic_set(&larval->alg.cra_refcnt, 2); | 140 | refcount_set(&larval->alg.cra_refcnt, 2); |
| 141 | 141 | ||
| 142 | down_write(&crypto_alg_sem); | 142 | down_write(&crypto_alg_sem); |
| 143 | alg = __crypto_alg_lookup(name, type, mask); | 143 | alg = __crypto_alg_lookup(name, type, mask); |
diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c index 0dbe2be7f783..5c291eedaa70 100644 --- a/crypto/crypto_user.c +++ b/crypto/crypto_user.c | |||
| @@ -169,7 +169,7 @@ static int crypto_report_one(struct crypto_alg *alg, | |||
| 169 | ualg->cru_type = 0; | 169 | ualg->cru_type = 0; |
| 170 | ualg->cru_mask = 0; | 170 | ualg->cru_mask = 0; |
| 171 | ualg->cru_flags = alg->cra_flags; | 171 | ualg->cru_flags = alg->cra_flags; |
| 172 | ualg->cru_refcnt = atomic_read(&alg->cra_refcnt); | 172 | ualg->cru_refcnt = refcount_read(&alg->cra_refcnt); |
| 173 | 173 | ||
| 174 | if (nla_put_u32(skb, CRYPTOCFGA_PRIORITY_VAL, alg->cra_priority)) | 174 | if (nla_put_u32(skb, CRYPTOCFGA_PRIORITY_VAL, alg->cra_priority)) |
| 175 | goto nla_put_failure; | 175 | goto nla_put_failure; |
| @@ -387,7 +387,7 @@ static int crypto_del_alg(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
| 387 | goto drop_alg; | 387 | goto drop_alg; |
| 388 | 388 | ||
| 389 | err = -EBUSY; | 389 | err = -EBUSY; |
| 390 | if (atomic_read(&alg->cra_refcnt) > 2) | 390 | if (refcount_read(&alg->cra_refcnt) > 2) |
| 391 | goto drop_alg; | 391 | goto drop_alg; |
| 392 | 392 | ||
| 393 | err = crypto_unregister_instance((struct crypto_instance *)alg); | 393 | err = crypto_unregister_instance((struct crypto_instance *)alg); |
diff --git a/crypto/internal.h b/crypto/internal.h index ae65e5fcaa59..1388af6da85a 100644 --- a/crypto/internal.h +++ b/crypto/internal.h | |||
| @@ -105,13 +105,13 @@ int crypto_type_has_alg(const char *name, const struct crypto_type *frontend, | |||
| 105 | 105 | ||
| 106 | static inline struct crypto_alg *crypto_alg_get(struct crypto_alg *alg) | 106 | static inline struct crypto_alg *crypto_alg_get(struct crypto_alg *alg) |
| 107 | { | 107 | { |
| 108 | atomic_inc(&alg->cra_refcnt); | 108 | refcount_inc(&alg->cra_refcnt); |
| 109 | return alg; | 109 | return alg; |
| 110 | } | 110 | } |
| 111 | 111 | ||
| 112 | static inline void crypto_alg_put(struct crypto_alg *alg) | 112 | static inline void crypto_alg_put(struct crypto_alg *alg) |
| 113 | { | 113 | { |
| 114 | if (atomic_dec_and_test(&alg->cra_refcnt) && alg->cra_destroy) | 114 | if (refcount_dec_and_test(&alg->cra_refcnt) && alg->cra_destroy) |
| 115 | alg->cra_destroy(alg); | 115 | alg->cra_destroy(alg); |
| 116 | } | 116 | } |
| 117 | 117 | ||
diff --git a/crypto/proc.c b/crypto/proc.c index 2cc10c96d753..822fcef6d91c 100644 --- a/crypto/proc.c +++ b/crypto/proc.c | |||
| @@ -46,7 +46,7 @@ static int c_show(struct seq_file *m, void *p) | |||
| 46 | seq_printf(m, "driver : %s\n", alg->cra_driver_name); | 46 | seq_printf(m, "driver : %s\n", alg->cra_driver_name); |
| 47 | seq_printf(m, "module : %s\n", module_name(alg->cra_module)); | 47 | seq_printf(m, "module : %s\n", module_name(alg->cra_module)); |
| 48 | seq_printf(m, "priority : %d\n", alg->cra_priority); | 48 | seq_printf(m, "priority : %d\n", alg->cra_priority); |
| 49 | seq_printf(m, "refcnt : %d\n", atomic_read(&alg->cra_refcnt)); | 49 | seq_printf(m, "refcnt : %u\n", refcount_read(&alg->cra_refcnt)); |
| 50 | seq_printf(m, "selftest : %s\n", | 50 | seq_printf(m, "selftest : %s\n", |
| 51 | (alg->cra_flags & CRYPTO_ALG_TESTED) ? | 51 | (alg->cra_flags & CRYPTO_ALG_TESTED) ? |
| 52 | "passed" : "unknown"); | 52 | "passed" : "unknown"); |