From b346e492d7127e4332d5a9989b844b2095cc4fcd Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Mon, 16 Apr 2018 16:59:13 -0700 Subject: crypto: api - fix finding algorithm currently being tested Commit eb02c38f0197 ("crypto: api - Keep failed instances alive") is making allocating crypto transforms sometimes fail with ELIBBAD, when multiple processes try to access encrypted files with fscrypt for the first time since boot. The problem is that the "request larval" for the algorithm is being mistaken for an algorithm which failed its tests. Fix it by only returning ELIBBAD for "non-larval" algorithms. Also don't leak a reference to the algorithm. Fixes: eb02c38f0197 ("crypto: api - Keep failed instances alive") Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu --- crypto/api.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/crypto/api.c b/crypto/api.c index 1d5290c67108..0ee632bba064 100644 --- a/crypto/api.c +++ b/crypto/api.c @@ -204,9 +204,14 @@ static struct crypto_alg *crypto_alg_lookup(const char *name, u32 type, down_read(&crypto_alg_sem); alg = __crypto_alg_lookup(name, type | test, mask | test); - if (!alg && test) - alg = __crypto_alg_lookup(name, type, mask) ? - ERR_PTR(-ELIBBAD) : NULL; + if (!alg && test) { + alg = __crypto_alg_lookup(name, type, mask); + if (alg && !crypto_is_larval(alg)) { + /* Test failed */ + crypto_mod_put(alg); + alg = ERR_PTR(-ELIBBAD); + } + } up_read(&crypto_alg_sem); return alg; -- cgit v1.2.3-59-g8ed1b From eea0d3ea7546961f69f55b26714ac8fd71c7c020 Mon Sep 17 00:00:00 2001 From: Stephan Mueller Date: Thu, 12 Apr 2018 08:40:55 +0200 Subject: crypto: drbg - set freed buffers to NULL During freeing of the internal buffers used by the DRBG, set the pointer to NULL. It is possible that the context with the freed buffers is reused. In case of an error during initialization where the pointers do not yet point to allocated memory, the NULL value prevents a double free. Cc: stable@vger.kernel.org Fixes: 3cfc3b9721123 ("crypto: drbg - use aligned buffers") Signed-off-by: Stephan Mueller Reported-by: syzbot+75397ee3df5c70164154@syzkaller.appspotmail.com Signed-off-by: Herbert Xu --- crypto/drbg.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/drbg.c b/crypto/drbg.c index 4faa2781c964..466a112a4446 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1134,8 +1134,10 @@ static inline void drbg_dealloc_state(struct drbg_state *drbg) if (!drbg) return; kzfree(drbg->Vbuf); + drbg->Vbuf = NULL; drbg->V = NULL; kzfree(drbg->Cbuf); + drbg->Cbuf = NULL; drbg->C = NULL; kzfree(drbg->scratchpadbuf); drbg->scratchpadbuf = NULL; -- cgit v1.2.3-59-g8ed1b