aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorDmitry Kasatkin <dmitry.kasatkin@intel.com>2011-12-05 06:17:42 -0500
committerJames Morris <jmorris@namei.org>2011-12-07 18:06:12 -0500
commit143b01d33221e4937d3930e6bb2b63d70b7c7a65 (patch)
tree5cae452fecfd8b1fb6b0ae1f159929ada81d8b1f /security
parent88d7ed35085184f15a2af3d9e88d775059b2f307 (diff)
evm: prevent racing during tfm allocation
There is a small chance of racing during tfm allocation. This patch fixes it. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r--security/integrity/evm/evm_crypto.c14
1 files changed, 11 insertions, 3 deletions
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index 3b9f5a080e4f..f1d4ad0cea2c 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -28,9 +28,11 @@ static int evmkey_len = MAX_KEY_SIZE;
28struct crypto_shash *hmac_tfm; 28struct crypto_shash *hmac_tfm;
29struct crypto_shash *hash_tfm; 29struct crypto_shash *hash_tfm;
30 30
31static DEFINE_MUTEX(mutex);
32
31static struct shash_desc *init_desc(const char type) 33static struct shash_desc *init_desc(const char type)
32{ 34{
33 int rc; 35 long rc;
34 char *algo; 36 char *algo;
35 struct crypto_shash **tfm; 37 struct crypto_shash **tfm;
36 struct shash_desc *desc; 38 struct shash_desc *desc;
@@ -44,12 +46,15 @@ static struct shash_desc *init_desc(const char type)
44 } 46 }
45 47
46 if (*tfm == NULL) { 48 if (*tfm == NULL) {
49 mutex_lock(&mutex);
50 if (*tfm)
51 goto out;
47 *tfm = crypto_alloc_shash(algo, 0, CRYPTO_ALG_ASYNC); 52 *tfm = crypto_alloc_shash(algo, 0, CRYPTO_ALG_ASYNC);
48 if (IS_ERR(*tfm)) { 53 if (IS_ERR(*tfm)) {
49 pr_err("Can not allocate %s (reason: %ld)\n",
50 algo, PTR_ERR(*tfm));
51 rc = PTR_ERR(*tfm); 54 rc = PTR_ERR(*tfm);
55 pr_err("Can not allocate %s (reason: %ld)\n", algo, rc);
52 *tfm = NULL; 56 *tfm = NULL;
57 mutex_unlock(&mutex);
53 return ERR_PTR(rc); 58 return ERR_PTR(rc);
54 } 59 }
55 if (type == EVM_XATTR_HMAC) { 60 if (type == EVM_XATTR_HMAC) {
@@ -57,9 +62,12 @@ static struct shash_desc *init_desc(const char type)
57 if (rc) { 62 if (rc) {
58 crypto_free_shash(*tfm); 63 crypto_free_shash(*tfm);
59 *tfm = NULL; 64 *tfm = NULL;
65 mutex_unlock(&mutex);
60 return ERR_PTR(rc); 66 return ERR_PTR(rc);
61 } 67 }
62 } 68 }
69out:
70 mutex_unlock(&mutex);
63 } 71 }
64 72
65 desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(*tfm), 73 desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(*tfm),