diff options
author | Dmitry Kasatkin <dmitry.kasatkin@intel.com> | 2011-12-05 06:17:42 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-12-07 18:06:12 -0500 |
commit | 143b01d33221e4937d3930e6bb2b63d70b7c7a65 (patch) | |
tree | 5cae452fecfd8b1fb6b0ae1f159929ada81d8b1f /security | |
parent | 88d7ed35085184f15a2af3d9e88d775059b2f307 (diff) |
evm: prevent racing during tfm allocation
There is a small chance of racing during tfm allocation.
This patch fixes it.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/integrity/evm/evm_crypto.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index 3b9f5a080e4f..f1d4ad0cea2c 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c | |||
@@ -28,9 +28,11 @@ static int evmkey_len = MAX_KEY_SIZE; | |||
28 | struct crypto_shash *hmac_tfm; | 28 | struct crypto_shash *hmac_tfm; |
29 | struct crypto_shash *hash_tfm; | 29 | struct crypto_shash *hash_tfm; |
30 | 30 | ||
31 | static DEFINE_MUTEX(mutex); | ||
32 | |||
31 | static struct shash_desc *init_desc(const char type) | 33 | static struct shash_desc *init_desc(const char type) |
32 | { | 34 | { |
33 | int rc; | 35 | long rc; |
34 | char *algo; | 36 | char *algo; |
35 | struct crypto_shash **tfm; | 37 | struct crypto_shash **tfm; |
36 | struct shash_desc *desc; | 38 | struct shash_desc *desc; |
@@ -44,12 +46,15 @@ static struct shash_desc *init_desc(const char type) | |||
44 | } | 46 | } |
45 | 47 | ||
46 | if (*tfm == NULL) { | 48 | if (*tfm == NULL) { |
49 | mutex_lock(&mutex); | ||
50 | if (*tfm) | ||
51 | goto out; | ||
47 | *tfm = crypto_alloc_shash(algo, 0, CRYPTO_ALG_ASYNC); | 52 | *tfm = crypto_alloc_shash(algo, 0, CRYPTO_ALG_ASYNC); |
48 | if (IS_ERR(*tfm)) { | 53 | if (IS_ERR(*tfm)) { |
49 | pr_err("Can not allocate %s (reason: %ld)\n", | ||
50 | algo, PTR_ERR(*tfm)); | ||
51 | rc = PTR_ERR(*tfm); | 54 | rc = PTR_ERR(*tfm); |
55 | pr_err("Can not allocate %s (reason: %ld)\n", algo, rc); | ||
52 | *tfm = NULL; | 56 | *tfm = NULL; |
57 | mutex_unlock(&mutex); | ||
53 | return ERR_PTR(rc); | 58 | return ERR_PTR(rc); |
54 | } | 59 | } |
55 | if (type == EVM_XATTR_HMAC) { | 60 | if (type == EVM_XATTR_HMAC) { |
@@ -57,9 +62,12 @@ static struct shash_desc *init_desc(const char type) | |||
57 | if (rc) { | 62 | if (rc) { |
58 | crypto_free_shash(*tfm); | 63 | crypto_free_shash(*tfm); |
59 | *tfm = NULL; | 64 | *tfm = NULL; |
65 | mutex_unlock(&mutex); | ||
60 | return ERR_PTR(rc); | 66 | return ERR_PTR(rc); |
61 | } | 67 | } |
62 | } | 68 | } |
69 | out: | ||
70 | mutex_unlock(&mutex); | ||
63 | } | 71 | } |
64 | 72 | ||
65 | desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(*tfm), | 73 | desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(*tfm), |