lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 6 Sep 2013 17:30:00 -0700
From:	Tyler Hicks <tyhicks@...onical.com>
To:	Kees Cook <keescook@...omium.org>
Cc:	linux-kernel@...r.kernel.org, ecryptfs@...r.kernel.org
Subject: Re: [PATCH] ecryptfs: avoid ctx initialization race

On 2013-08-13 15:02:27, Kees Cook wrote:
> It might be possible for two callers to race the mutex lock after the
> NULL ctx check. Instead, move the lock above the check so there isn't
> the possibility of leaking a crypto ctx. Additionally, report the full
> algo name when failing.
> 
> Signed-off-by: Kees Cook <keescook@...omium.org>

Thanks, Kees!

I've pushed this to my next branch and it'll be included in a pull
request early next week.

I made one small change to this patch. See below.

> ---
>  fs/ecryptfs/crypto.c |   11 ++++++-----
>  1 file changed, 6 insertions(+), 5 deletions(-)
> 
> diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
> index d107576..c134346 100644
> --- a/fs/ecryptfs/crypto.c
> +++ b/fs/ecryptfs/crypto.c
> @@ -618,27 +618,28 @@ int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
>  			"key_size_bits = [%zd]\n",
>  			crypt_stat->cipher, (int)strlen(crypt_stat->cipher),
>  			crypt_stat->key_size << 3);
> +	mutex_lock(&crypt_stat->cs_tfm_mutex);
>  	if (crypt_stat->tfm) {
>  		rc = 0;
> -		goto out;
> +		goto out_unlock;
>  	}
> -	mutex_lock(&crypt_stat->cs_tfm_mutex);
>  	rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name,
>  						    crypt_stat->cipher, "cbc");
>  	if (rc)
>  		goto out_unlock;
>  	crypt_stat->tfm = crypto_alloc_ablkcipher(full_alg_name, 0, 0);
> -	kfree(full_alg_name);
>  	if (IS_ERR(crypt_stat->tfm)) {
>  		rc = PTR_ERR(crypt_stat->tfm);
>  		crypt_stat->tfm = NULL;
>  		ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
>  				"Error initializing cipher [%s]\n",
> -				crypt_stat->cipher);
> -		goto out_unlock;
> +				full_alg_name);
> +		goto out_free;
>  	}
>  	crypto_ablkcipher_set_flags(crypt_stat->tfm, CRYPTO_TFM_REQ_WEAK_KEY);
>  	rc = 0;
> +out_free:
> +	kfree(full_alg_name);
>  out_unlock:
>  	mutex_unlock(&crypt_stat->cs_tfm_mutex);
>  out:

The out label is no longer used. I removed it when I committed this
patch.

Tyler

Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ