From d21b59451886cb82448302f8d6f9ac87c3bd56cf Mon Sep 17 00:00:00 2001
From: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Date: Mon, 5 Dec 2011 13:17:41 +0200
Subject: evm: key must be set once during initialization

On multi-core systems, setting of the key before every caclculation,
causes invalid HMAC calculation for other tfm users, because internal
state (ipad, opad) can be invalid before set key call returns.
It needs to be set only once during initialization.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/integrity/evm/evm_crypto.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'security')

diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index 5dd5b140242c..4ad657d88097 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -41,6 +41,12 @@ static struct shash_desc *init_desc(void)
 			hmac_tfm = NULL;
 			return ERR_PTR(rc);
 		}
+		rc = crypto_shash_setkey(hmac_tfm, evmkey, evmkey_len);
+		if (rc) {
+			crypto_free_shash(hmac_tfm);
+			hmac_tfm = NULL;
+			return ERR_PTR(rc);
+		}
 	}
 
 	desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(hmac_tfm),
@@ -51,11 +57,7 @@ static struct shash_desc *init_desc(void)
 	desc->tfm = hmac_tfm;
 	desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
 
-	rc = crypto_shash_setkey(hmac_tfm, evmkey, evmkey_len);
-	if (rc)
-		goto out;
 	rc = crypto_shash_init(desc);
-out:
 	if (rc) {
 		kfree(desc);
 		return ERR_PTR(rc);
-- 
cgit v1.2.3


From 97426f985729573cea06e82e271cc3929f1f5f8e Mon Sep 17 00:00:00 2001
From: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Date: Mon, 5 Dec 2011 13:17:42 +0200
Subject: evm: prevent racing during tfm allocation

There is a small chance of racing during tfm allocation.
This patch fixes it.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/integrity/evm/evm_crypto.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'security')

diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index 4ad657d88097..8738deff26fa 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -27,26 +27,35 @@ static int evmkey_len = MAX_KEY_SIZE;
 
 struct crypto_shash *hmac_tfm;
 
+static DEFINE_MUTEX(mutex);
+
 static struct shash_desc *init_desc(void)
 {
 	int rc;
 	struct shash_desc *desc;
 
 	if (hmac_tfm == NULL) {
+		mutex_lock(&mutex);
+		if (hmac_tfm)
+			goto out;
 		hmac_tfm = crypto_alloc_shash(evm_hmac, 0, CRYPTO_ALG_ASYNC);
 		if (IS_ERR(hmac_tfm)) {
 			pr_err("Can not allocate %s (reason: %ld)\n",
 			       evm_hmac, PTR_ERR(hmac_tfm));
 			rc = PTR_ERR(hmac_tfm);
 			hmac_tfm = NULL;
+			mutex_unlock(&mutex);
 			return ERR_PTR(rc);
 		}
 		rc = crypto_shash_setkey(hmac_tfm, evmkey, evmkey_len);
 		if (rc) {
 			crypto_free_shash(hmac_tfm);
 			hmac_tfm = NULL;
+			mutex_unlock(&mutex);
 			return ERR_PTR(rc);
 		}
+out:
+		mutex_unlock(&mutex);
 	}
 
 	desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(hmac_tfm),
-- 
cgit v1.2.3


From 50345f1ea9cda4618d9c26e590a97ecd4bc7ac75 Mon Sep 17 00:00:00 2001
From: David Howells <dhowells@redhat.com>
Date: Tue, 13 Dec 2011 14:49:04 +0000
Subject: SELinux: Fix RCU deref check warning in sel_netport_insert()

Fix the following bug in sel_netport_insert() where rcu_dereference() should
be rcu_dereference_protected() as sel_netport_lock is held.

===================================================
[ INFO: suspicious rcu_dereference_check() usage. ]
---------------------------------------------------
security/selinux/netport.c:127 invoked rcu_dereference_check() without protection!

other info that might help us debug this:

rcu_scheduler_active = 1, debug_locks = 0
1 lock held by ossec-rootcheck/3323:
 #0:  (sel_netport_lock){+.....}, at: [<ffffffff8117d775>] sel_netport_sid+0xbb/0x226

stack backtrace:
Pid: 3323, comm: ossec-rootcheck Not tainted 3.1.0-rc8-fsdevel+ #1095
Call Trace:
 [<ffffffff8105cfb7>] lockdep_rcu_dereference+0xa7/0xb0
 [<ffffffff8117d871>] sel_netport_sid+0x1b7/0x226
 [<ffffffff8117d6ba>] ? sel_netport_avc_callback+0xbc/0xbc
 [<ffffffff8117556c>] selinux_socket_bind+0x115/0x230
 [<ffffffff810a5388>] ? might_fault+0x4e/0x9e
 [<ffffffff810a53d1>] ? might_fault+0x97/0x9e
 [<ffffffff81171cf4>] security_socket_bind+0x11/0x13
 [<ffffffff812ba967>] sys_bind+0x56/0x95
 [<ffffffff81380dac>] ? sysret_check+0x27/0x62
 [<ffffffff8105b767>] ? trace_hardirqs_on_caller+0x11e/0x155
 [<ffffffff81076fcd>] ? audit_syscall_entry+0x17b/0x1ae
 [<ffffffff811b5eae>] ? trace_hardirqs_on_thunk+0x3a/0x3f
 [<ffffffff81380d7b>] system_call_fastpath+0x16/0x1b

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Cc: stable@kernel.org
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/selinux/netport.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'security')

diff --git a/security/selinux/netport.c b/security/selinux/netport.c
index 0b62bd112461..7b9eb1faf68b 100644
--- a/security/selinux/netport.c
+++ b/security/selinux/netport.c
@@ -123,7 +123,9 @@ static void sel_netport_insert(struct sel_netport *port)
 	if (sel_netport_hash[idx].size == SEL_NETPORT_HASH_BKT_LIMIT) {
 		struct sel_netport *tail;
 		tail = list_entry(
-			rcu_dereference(sel_netport_hash[idx].list.prev),
+			rcu_dereference_protected(
+				sel_netport_hash[idx].list.prev,
+				lockdep_is_held(&sel_netport_lock)),
 			struct sel_netport, list);
 		list_del_rcu(&tail->list);
 		kfree_rcu(tail, rcu);
-- 
cgit v1.2.3