From patchwork Sun Apr 8 19:07:03 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stephan Mueller X-Patchwork-Id: 10328603 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 1FE0D604D4 for ; Sun, 8 Apr 2018 21:21:53 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0C962289A7 for ; Sun, 8 Apr 2018 21:21:53 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 00C2828A24; Sun, 8 Apr 2018 21:21:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5972A289A7 for ; Sun, 8 Apr 2018 21:21:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752491AbeDHVVu (ORCPT ); Sun, 8 Apr 2018 17:21:50 -0400 Received: from mo4-p01-ob.smtp.rzone.de ([81.169.146.167]:10803 "EHLO mo4-p01-ob.smtp.rzone.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752258AbeDHVVt (ORCPT ); Sun, 8 Apr 2018 17:21:49 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1523222507; s=strato-dkim-0002; d=chronox.de; h=Content-Type:Content-Transfer-Encoding:References:In-Reply-To: Message-ID:Date:Subject:Cc:To:From:X-RZG-CLASS-ID:X-RZG-AUTH:From: Subject:Sender; bh=Dws5qHq5igt5MCm/91Njtc3WvKTJWojr9xoX95rw1xc=; b=p+Dp5xXlo1KltK7SDK6lZ8Aw2JqGCUWXoJ6YKmd1DYcuEb01mydOXuEcV1N4OIGdd8 k18zjM0xOzeiZIQqA1GMPsOlCYOY9nSqARNpkhjFDrwQlZlW44tRgFm1Zivf+gj9aVAP jS0kBKaQbBI9JOQfPgk5vkbR9TxpTsi/n+QTPEKfkzg0zYlQkR8Rz4qCtB2oP0bXuqVm BHE2E1+NmX69pQAcL1U1SwpZrDLIVgD/IVs5Try70NxULEcejxtWmuFdqtVToOyhakl1 o0NUfvoKXzLPFD5GPsQ6ByBHxRAoGplHhqdmkoLI9Z1tDBef/dLnMddjNhisxVivPnGV L+Nw== X-RZG-AUTH: :P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNyiHySGSa9k9y2gdNeVnv4fqhD3p4IZN X-RZG-CLASS-ID: mo00 Received: from positron.chronox.de (ppp-46-244-145-244.dynamic.mnet-online.de [46.244.145.244]) by smtp.strato.de (RZmta 43.1 DYNA|AUTH) with ESMTPSA id L0213fu38LL37fW (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA)) (Client did not present a certificate); Sun, 8 Apr 2018 23:21:03 +0200 (CEST) From: Stephan =?ISO-8859-1?Q?M=FCller?= To: Dmitry Vyukov Cc: Matthew Wilcox , Herbert Xu , David Miller , linux-crypto@vger.kernel.org, Eric Biggers , syzbot , linux-fsdevel , LKML , syzkaller-bugs@googlegroups.com, Al Viro Subject: [PATCH] crypto: DRBG - guard uninstantion by lock Date: Sun, 08 Apr 2018 21:07:03 +0200 Message-ID: <6541596.TtyMCBNA0Q@positron.chronox.de> In-Reply-To: References: <001a114467482dbc4b05692df8f9@google.com> <4564679.HlOejCIXXz@positron.chronox.de> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Am Sonntag, 8. April 2018, 17:41:17 CEST schrieb Dmitry Vyukov: Hi Dmitry, > > Hi, > > Here is config and kernel commit: > https://groups.google.com/d/msg/syzkaller-bugs/PINYyzoaG1s/ntZPOZdcCAAJ > You can also find compiler and image here if necessary: > https://github.com/google/syzkaller/blob/master/docs/syzbot.md > > And note that the program needs to be compiled with -m32. The bugs is > probably not-compat specific, but the program injects fault into a > particular malloc invocation and maybe malloc numbering is affected by > compat path. I am unable to reproduce the issue. But since you mention that you induce errors, I could see that the unlocking of the DRBG context is too soon. Can you please check whether the attached patch fixes the issue? Thanks ---8<--- In the error code path, the uninstantiation must be guarded by a lock to ensure that the modification of the context is fully atomic. Signed-off-by: Stephan Mueller Reported-by: syzkaller --- crypto/drbg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 4faa2781c964..68c1949a253f 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1510,8 +1510,8 @@ static int drbg_instantiate(struct drbg_state *drbg, struct drbg_string *pers, return ret; free_everything: - mutex_unlock(&drbg->drbg_mutex); drbg_uninstantiate(drbg); + mutex_unlock(&drbg->drbg_mutex); return ret; }