Revision 64d107d3acca1565c39c044c459fd18f70943534 authored by Eric Biggers on 08 June 2017, 13:48:25 UTC, committed by James Morris on 09 June 2017, 03:29:47 UTC
The encrypted-keys module was using a single global HMAC transform, which could be rekeyed by multiple threads concurrently operating on different keys, causing incorrect HMAC values to be calculated. Fix this by allocating a new HMAC transform whenever we need to calculate a HMAC. Also simplify things a bit by allocating the shash_desc's using SHASH_DESC_ON_STACK() for both the HMAC and unkeyed hashes. The following script reproduces the bug: keyctl new_session keyctl add user master "abcdefghijklmnop" @s for i in $(seq 2); do ( set -e for j in $(seq 1000); do keyid=$(keyctl add encrypted desc$i "new user:master 25" @s) datablob="$(keyctl pipe $keyid)" keyctl unlink $keyid > /dev/null keyid=$(keyctl add encrypted desc$i "load $datablob" @s) keyctl unlink $keyid > /dev/null done ) & done Output with bug: [ 439.691094] encrypted_key: bad hmac (-22) add_key: Invalid argument add_key: Invalid argument Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
1 parent 794b4bc
File | Mode | Size |
---|---|---|
Makefile | -rw-r--r-- | 306 bytes |
arraymap.c | -rw-r--r-- | 15.2 KB |
bpf_lru_list.c | -rw-r--r-- | 17.5 KB |
bpf_lru_list.h | -rw-r--r-- | 2.2 KB |
cgroup.c | -rw-r--r-- | 6.7 KB |
core.c | -rw-r--r-- | 36.2 KB |
hashtab.c | -rw-r--r-- | 32.2 KB |
helpers.c | -rw-r--r-- | 4.5 KB |
inode.c | -rw-r--r-- | 9.6 KB |
lpm_trie.c | -rw-r--r-- | 14.5 KB |
map_in_map.c | -rw-r--r-- | 2.3 KB |
map_in_map.h | -rw-r--r-- | 653 bytes |
percpu_freelist.c | -rw-r--r-- | 2.2 KB |
percpu_freelist.h | -rw-r--r-- | 929 bytes |
stackmap.c | -rw-r--r-- | 7.1 KB |
syscall.c | -rw-r--r-- | 23.8 KB |
verifier.c | -rw-r--r-- | 104.9 KB |
Computing file changes ...