diff options
| author | Eric Biggers <ebiggers@google.com> | 2017-06-08 14:48:25 +0100 |
|---|---|---|
| committer | James Morris <james.l.morris@oracle.com> | 2017-06-09 13:29:47 +1000 |
| commit | 64d107d3acca1565c39c044c459fd18f70943534 (patch) | |
| tree | 3de8ea038fc4373d65160503fc039d26aa84b129 /net/lapb/lapb_out.c | |
| parent | 794b4bc292f5d31739d89c0202c54e7dc9bc3add (diff) | |
KEYS: encrypted: fix race causing incorrect HMAC calculations
The encrypted-keys module was using a single global HMAC transform,
which could be rekeyed by multiple threads concurrently operating on
different keys, causing incorrect HMAC values to be calculated. Fix
this by allocating a new HMAC transform whenever we need to calculate a
HMAC. Also simplify things a bit by allocating the shash_desc's using
SHASH_DESC_ON_STACK() for both the HMAC and unkeyed hashes.
The following script reproduces the bug:
keyctl new_session
keyctl add user master "abcdefghijklmnop" @s
for i in $(seq 2); do
(
set -e
for j in $(seq 1000); do
keyid=$(keyctl add encrypted desc$i "new user:master 25" @s)
datablob="$(keyctl pipe $keyid)"
keyctl unlink $keyid > /dev/null
keyid=$(keyctl add encrypted desc$i "load $datablob" @s)
keyctl unlink $keyid > /dev/null
done
) &
done
Output with bug:
[ 439.691094] encrypted_key: bad hmac (-22)
add_key: Invalid argument
add_key: Invalid argument
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'net/lapb/lapb_out.c')
0 files changed, 0 insertions, 0 deletions