[PATCH 2/5] Add unique IDs to AF_ALG sockets

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ideally we should be able to use i_ino of the inode associated with the
socket, but i_ino can have duplicate values if the static counter inside
new_inode() wraps around.

Signed-off-by: Miloslav TrmaÄ <mitr@xxxxxxxxxx>
---
 crypto/af_alg.c         |   66 +++++++++++++++++++++++++++++++++++++++++++++-
 crypto/algif_hash.c     |    2 +-
 crypto/algif_skcipher.c |    2 +-
 include/crypto/if_alg.h |   10 +++---
 4 files changed, 71 insertions(+), 9 deletions(-)

diff --git a/crypto/af_alg.c b/crypto/af_alg.c
index cabed0e..490ae43 100644
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -15,10 +15,12 @@
 #include <asm/atomic.h>
 #include <crypto/if_alg.h>
 #include <linux/crypto.h>
+#include <linux/idr.h>
 #include <linux/init.h>
 #include <linux/kernel.h>
 #include <linux/list.h>
 #include <linux/module.h>
+#include <linux/mutex.h>
 #include <linux/net.h>
 #include <linux/rwsem.h>
 
@@ -38,6 +40,10 @@ static struct proto alg_proto = {
 
 static LIST_HEAD(alg_types);
 static DECLARE_RWSEM(alg_types_sem);
+#ifdef CONFIG_AUDIT
+static DEFINE_MUTEX(alg_ida_mutex);
+static DEFINE_IDA(alg_ida);
+#endif
 
 static const struct af_alg_type *alg_get_type(const char *name)
 {
@@ -107,6 +113,59 @@ int af_alg_unregister_type(const struct af_alg_type *type)
 }
 EXPORT_SYMBOL_GPL(af_alg_unregister_type);
 
+static struct sock *alg_sk_alloc(struct net *net)
+{
+	struct sock *sk;
+
+	sk = sk_alloc(net, PF_ALG, GFP_KERNEL, &alg_proto);
+	if (!sk)
+		goto out;
+
+#ifdef CONFIG_AUDIT
+	mutex_lock(&alg_ida_mutex);
+	/* ida_pre_get() should preallocate enough, and, due to
+	   lists_ida_mutex, nobody else can use the preallocated data.
+	   Therefore the loop recommended in idr_get_new() documentation is not
+	   necessary. */
+	if (ida_pre_get(&alg_ida, GFP_KERNEL) == 0 ||
+	    ida_get_new(&alg_ida, &alg_sk(sk)->id) != 0) {
+		mutex_unlock(&alg_ida_mutex);
+		alg_sk(sk)->id = -1;
+		sk_free(sk);
+		sk = NULL;
+		goto out;
+	}
+	mutex_unlock(&alg_ida_mutex);
+#endif
+
+out:
+	return sk;
+}
+
+#ifdef CONFIG_AUDIT
+static void alg_sk_destruct(struct sock *sk)
+{
+	struct alg_sock *ask = alg_sk(sk);
+
+	if (ask->id != -1) {
+               mutex_lock(&alg_ida_mutex);
+               ida_remove(&alg_ida, ask->id);
+               mutex_unlock(&alg_ida_mutex);
+	}
+}
+#else
+static void alg_sk_destruct(struct sock *sk) {}
+#endif
+
+void af_alg_sk_destruct_child(struct sock *sk)
+{
+	struct alg_sock *ask = alg_sk(sk);
+
+	sock_put(ask->parent);
+	alg_sk_destruct(sk);
+}
+EXPORT_SYMBOL_GPL(af_alg_sk_destruct_child);
+
 static void alg_do_release(const struct af_alg_type *type, void *private)
 {
 	if (!type)
@@ -236,7 +295,7 @@ int af_alg_accept(struct sock *sk, struct socket *newsock)
 	if (!type)
 		goto unlock;
 
-	sk2 = sk_alloc(sock_net(sk), PF_ALG, GFP_KERNEL, &alg_proto);
+	sk2 = alg_sk_alloc(sock_net(sk));
 	err = -ENOMEM;
 	if (!sk2)
 		goto unlock;
@@ -245,6 +304,7 @@ int af_alg_accept(struct sock *sk, struct socket *newsock)
 
 	err = type->accept(ask->private, sk2);
 	if (err) {
+		alg_sk_destruct(sk2);
 		sk_free(sk2);
 		goto unlock;
 	}
@@ -300,6 +360,7 @@ static void alg_sock_destruct(struct sock *sk)
 	struct alg_sock *ask = alg_sk(sk);
 
 	alg_do_release(ask->type, ask->private);
+	alg_sk_destruct(sk);
 }
 
 static int alg_create(struct net *net, struct socket *sock, int protocol,
@@ -314,7 +375,7 @@ static int alg_create(struct net *net, struct socket *sock, int protocol,
 		return -EPROTONOSUPPORT;
 
 	err = -ENOMEM;
-	sk = sk_alloc(net, PF_ALG, GFP_KERNEL, &alg_proto);
+	sk = alg_sk_alloc(net);
 	if (!sk)
 		goto out;
 
@@ -474,6 +535,7 @@ static void __exit af_alg_exit(void)
 {
 	sock_unregister(PF_ALG);
 	proto_unregister(&alg_proto);
+	ida_destroy(&alg_ida);
 }
 
 module_init(af_alg_init);
diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c
index 62122a1..f08a42c 100644
--- a/crypto/algif_hash.c
+++ b/crypto/algif_hash.c
@@ -256,7 +256,7 @@ static void hash_sock_destruct(struct sock *sk)
 	sock_kfree_s(sk, ctx->result,
 		     crypto_ahash_digestsize(crypto_ahash_reqtfm(&ctx->req)));
 	sock_kfree_s(sk, ctx, ctx->len);
-	af_alg_release_parent(sk);
+	af_alg_sk_destruct_child(sk);
 }
 
 static int hash_accept_parent(void *private, struct sock *sk)
diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
index d8d3ddf..4069460 100644
--- a/crypto/algif_skcipher.c
+++ b/crypto/algif_skcipher.c
@@ -575,7 +575,7 @@ static void skcipher_sock_destruct(struct sock *sk)
 	skcipher_free_sgl(sk);
 	sock_kfree_s(sk, ctx->iv, crypto_ablkcipher_ivsize(tfm));
 	sock_kfree_s(sk, ctx, ctx->len);
-	af_alg_release_parent(sk);
+	af_alg_sk_destruct_child(sk);
 }
 
 static int skcipher_accept_parent(void *private, struct sock *sk)
diff --git a/include/crypto/if_alg.h b/include/crypto/if_alg.h
index c5813c8..336b9f2 100644
--- a/include/crypto/if_alg.h
+++ b/include/crypto/if_alg.h
@@ -31,6 +31,9 @@ struct alg_sock {
 
 	const struct af_alg_type *type;
 	void *private;
+#ifdef CONFIG_AUDIT
+	int id;
+#endif
 };
 
 struct af_alg_completion {
@@ -62,6 +65,8 @@ struct af_alg_sgl {
 int af_alg_register_type(const struct af_alg_type *type);
 int af_alg_unregister_type(const struct af_alg_type *type);
 
+void af_alg_sk_destruct_child(struct sock *sk);
+
 int af_alg_release(struct socket *sock);
 int af_alg_accept(struct sock *sk, struct socket *newsock);
 
@@ -79,11 +84,6 @@ static inline struct alg_sock *alg_sk(struct sock *sk)
 	return (struct alg_sock *)sk;
 }
 
-static inline void af_alg_release_parent(struct sock *sk)
-{
-	sock_put(alg_sk(sk)->parent);
-}
-
 static inline void af_alg_init_completion(struct af_alg_completion *completion)
 {
 	init_completion(&completion->completion);
-- 
1.7.3.2

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux