ecryptfs: avoid ctx initialization race

It might be possible for two callers to race the mutex lock after the NULL ctx check. Instead, move the lock above the check so there isn't the possibility of leaking a crypto ctx. Additionally, report the full algo name when failing. Signed-off-by: Kees Cook <keescook@chromium.org> [tyhicks: remove out label, which is no longer used] Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
author: Kees Cook <keescook@chromium.org> 2013-08-13 18:02:27 -0400
committer: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 19:58:18 -0400
commit: cb69f36ba1f8d5e73c46538e84a88178fb17f23d (patch)
tree: df95c5e4d7c9697d22d21653571cc2f5960b5256 /fs/ecryptfs/crypto.c
parent: e6cbd6a44d8e263073808da9f295e502d15dc3fe (diff)
1 files changed, 6 insertions, 6 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 3bd35e24b9e9..c88e355f7635 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -614,30 +614,30 @@ int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
                        "key_size_bits = [%zd]\n",
                        crypt_stat->cipher, (int)strlen(crypt_stat->cipher),
                        crypt_stat->key_size << 3);
+        mutex_lock(&crypt_stat->cs_tfm_mutex);
        if (crypt_stat->tfm) {
                rc = 0;
-                goto out;
+                goto out_unlock;
        }
-        mutex_lock(&crypt_stat->cs_tfm_mutex);
        rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name,
                                                    crypt_stat->cipher, "cbc");
        if (rc)
                goto out_unlock;
        crypt_stat->tfm = crypto_alloc_ablkcipher(full_alg_name, 0, 0);
-        kfree(full_alg_name);
        if (IS_ERR(crypt_stat->tfm)) {
                rc = PTR_ERR(crypt_stat->tfm);
                crypt_stat->tfm = NULL;
                ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
                                "Error initializing cipher [%s]\n",
-                                crypt_stat->cipher);
+                                full_alg_name);
-                goto out_unlock;
+                goto out_free;
        }
        crypto_ablkcipher_set_flags(crypt_stat->tfm, CRYPTO_TFM_REQ_WEAK_KEY);
        rc = 0;
+out_free:
+        kfree(full_alg_name);
 out_unlock:
        mutex_unlock(&crypt_stat->cs_tfm_mutex);
-out:
        return rc;
 }
author	Kees Cook <keescook@chromium.org>	2013-08-13 18:02:27 -0400
committer	Tyler Hicks <tyhicks@canonical.com>	2013-09-06 19:58:18 -0400
commit	cb69f36ba1f8d5e73c46538e84a88178fb17f23d (patch)
tree	df95c5e4d7c9697d22d21653571cc2f5960b5256 /fs/ecryptfs/crypto.c
parent	e6cbd6a44d8e263073808da9f295e502d15dc3fe (diff)