diff options
| author | Arnd Bergmann <arnd@arndb.de> | 2012-01-09 16:01:00 +0000 |
|---|---|---|
| committer | Arnd Bergmann <arnd@arndb.de> | 2012-01-09 16:01:00 +0000 |
| commit | a07613a54d700a974f3a4a657da78ef5d097315d (patch) | |
| tree | e4bc91713e02fa6d8f08b07de53ea8f905593dfa /security | |
| parent | 65db039bf7402f0a5b19cbf6dcff55ebea433b8b (diff) | |
| parent | 928a11ba36f999436915ea2b1eadf54301f93059 (diff) | |
| download | linux-a07613a54d700a974f3a4a657da78ef5d097315d.tar.bz2 | |
Merge branch 'samsung/dt' into samsung/cleanup
Conflicts:
arch/arm/mach-s3c64xx/Makefile
arch/arm/mach-s5pc100/Makefile
arch/arm/mach-s5pv210/Makefile
Pull in previously resolved conflicts:
The Makefiles were reorganized in the "rmk/restart" series and modified
in the "samsung/cleanup series". This also pulls in the other conflict
resolutions from the restart series against the samsung/dt series.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Diffstat (limited to 'security')
| -rw-r--r-- | security/integrity/evm/evm_crypto.c | 19 | ||||
| -rw-r--r-- | security/selinux/netport.c | 4 |
2 files changed, 18 insertions, 5 deletions
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index 5dd5b140242c..8738deff26fa 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c @@ -27,20 +27,35 @@ static int evmkey_len = MAX_KEY_SIZE; struct crypto_shash *hmac_tfm; +static DEFINE_MUTEX(mutex); + static struct shash_desc *init_desc(void) { int rc; struct shash_desc *desc; if (hmac_tfm == NULL) { + mutex_lock(&mutex); + if (hmac_tfm) + goto out; hmac_tfm = crypto_alloc_shash(evm_hmac, 0, CRYPTO_ALG_ASYNC); if (IS_ERR(hmac_tfm)) { pr_err("Can not allocate %s (reason: %ld)\n", evm_hmac, PTR_ERR(hmac_tfm)); rc = PTR_ERR(hmac_tfm); hmac_tfm = NULL; + mutex_unlock(&mutex); + return ERR_PTR(rc); + } + rc = crypto_shash_setkey(hmac_tfm, evmkey, evmkey_len); + if (rc) { + crypto_free_shash(hmac_tfm); + hmac_tfm = NULL; + mutex_unlock(&mutex); return ERR_PTR(rc); } +out: + mutex_unlock(&mutex); } desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(hmac_tfm), @@ -51,11 +66,7 @@ static struct shash_desc *init_desc(void) desc->tfm = hmac_tfm; desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; - rc = crypto_shash_setkey(hmac_tfm, evmkey, evmkey_len); - if (rc) - goto out; rc = crypto_shash_init(desc); -out: if (rc) { kfree(desc); return ERR_PTR(rc); diff --git a/security/selinux/netport.c b/security/selinux/netport.c index 0b62bd112461..7b9eb1faf68b 100644 --- a/security/selinux/netport.c +++ b/security/selinux/netport.c @@ -123,7 +123,9 @@ static void sel_netport_insert(struct sel_netport *port) if (sel_netport_hash[idx].size == SEL_NETPORT_HASH_BKT_LIMIT) { struct sel_netport *tail; tail = list_entry( - rcu_dereference(sel_netport_hash[idx].list.prev), + rcu_dereference_protected( + sel_netport_hash[idx].list.prev, + lockdep_is_held(&sel_netport_lock)), struct sel_netport, list); list_del_rcu(&tail->list); kfree_rcu(tail, rcu); |