evm: prevent racing during tfm allocation (143b01d3) · Commits · e / devices / android_kernel_teracube_2e

security/integrity/evm/evm_crypto.c

+11 −3

Original line number	Original line	Diff line number	Diff line
	@@ -28,9 +28,11 @@ static int evmkey_len = MAX_KEY_SIZE;
	struct crypto_shash *hmac_tfm;		struct crypto_shash *hmac_tfm;
	struct crypto_shash *hash_tfm;		struct crypto_shash *hash_tfm;

			static DEFINE_MUTEX(mutex);

	static struct shash_desc *init_desc(const char type)		static struct shash_desc *init_desc(const char type)
	{		{
	int rc;		long rc;
	char *algo;		char *algo;
	struct crypto_shash **tfm;		struct crypto_shash **tfm;
	struct shash_desc *desc;		struct shash_desc *desc;
	@@ -44,12 +46,15 @@ static struct shash_desc *init_desc(const char type)
	}		}

	if (*tfm == NULL) {		if (*tfm == NULL) {
			mutex_lock(&mutex);
			if (*tfm)
			goto out;
	*tfm = crypto_alloc_shash(algo, 0, CRYPTO_ALG_ASYNC);		*tfm = crypto_alloc_shash(algo, 0, CRYPTO_ALG_ASYNC);
	if (IS_ERR(*tfm)) {		if (IS_ERR(*tfm)) {
	pr_err("Can not allocate %s (reason: %ld)\n",
	algo, PTR_ERR(*tfm));
	rc = PTR_ERR(*tfm);		rc = PTR_ERR(*tfm);
			pr_err("Can not allocate %s (reason: %ld)\n", algo, rc);
	*tfm = NULL;		*tfm = NULL;
			mutex_unlock(&mutex);
	return ERR_PTR(rc);		return ERR_PTR(rc);
	}		}
	if (type == EVM_XATTR_HMAC) {		if (type == EVM_XATTR_HMAC) {
	@@ -57,9 +62,12 @@ static struct shash_desc *init_desc(const char type)
	if (rc) {		if (rc) {
	crypto_free_shash(*tfm);		crypto_free_shash(*tfm);
	*tfm = NULL;		*tfm = NULL;
			mutex_unlock(&mutex);
	return ERR_PTR(rc);		return ERR_PTR(rc);
	}		}
	}		}
			out:
			mutex_unlock(&mutex);
	}		}

	desc = kmalloc(sizeof(desc) + crypto_shash_descsize(tfm),		desc = kmalloc(sizeof(desc) + crypto_shash_descsize(tfm),