From patchwork Thu Oct 27 14:29:45 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Ryabinin X-Patchwork-Id: 9400719 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 0D005605EE for ; Fri, 28 Oct 2016 01:02:04 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F13B42A415 for ; Fri, 28 Oct 2016 01:02:03 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E61E42A417; Fri, 28 Oct 2016 01:02:03 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 26D9F2A415 for ; Fri, 28 Oct 2016 01:02:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S942758AbcJ1BCB (ORCPT ); Thu, 27 Oct 2016 21:02:01 -0400 Received: from mail-db5eur01on0118.outbound.protection.outlook.com ([104.47.2.118]:22221 "EHLO EUR01-DB5-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S935453AbcJ1BCB (ORCPT ); Thu, 27 Oct 2016 21:02:01 -0400 X-Greylist: delayed 7119 seconds by postgrey-1.27 at vger.kernel.org; Thu, 27 Oct 2016 21:02:00 EDT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtuozzo.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=rw9VFCDHMncgkP38RCZ/a4A6nm0RteoHMOQ/2f6BzRg=; b=GmPKi5IDysfj0TlPY+BJBLkKt0C+fl6qz0Ik9F7uifPIhjNPRo3+h+A5CSsQiETGAtnSCeeeZ2TkcBNvPC7jSgllh3w3HvoDdKdi749q8OG5DFh2ZJq24VmlJudd2LMzmFy3WLrmNOuTHeybRBi1w1u+A6vuz/Qa3+f0aIET+NQ= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=aryabinin@virtuozzo.com; Received: from localhost.sw.ru (195.214.232.10) by HE1PR0802MB2555.eurprd08.prod.outlook.com (10.175.35.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.669.12; Thu, 27 Oct 2016 14:29:58 +0000 From: Andrey Ryabinin To: Willy Tarreau , CC: Herbert Xu , , Andrey Ryabinin Subject: [PATCH stable 3.10.y 12/18] crypto: af_alg - Forbid bind(2) when nokey child sockets are present Date: Thu, 27 Oct 2016 17:29:45 +0300 Message-ID: <1477578591-28924-13-git-send-email-aryabinin@virtuozzo.com> X-Mailer: git-send-email 2.7.3 In-Reply-To: <1477578591-28924-1-git-send-email-aryabinin@virtuozzo.com> References: <1477578591-28924-1-git-send-email-aryabinin@virtuozzo.com> MIME-Version: 1.0 X-Originating-IP: [195.214.232.10] X-ClientProxiedBy: AM4PR0501CA0035.eurprd05.prod.outlook.com (10.167.83.173) To HE1PR0802MB2555.eurprd08.prod.outlook.com (10.175.35.148) X-MS-Office365-Filtering-Correlation-Id: 48fb9573-c90a-4494-094c-08d3fe75baaa X-Microsoft-Exchange-Diagnostics: 1; HE1PR0802MB2555; 2:feb1ycbsMlwAyHerScBv7XuOa6rY7fjD9ByetEoMzJIlfrjPUmdecvFsQaSc2fCTxs7xW5VMhRLPO7WVvWOz8jqh4mQRvQhYEhDMrolkG74DJinyjp4XZAZ/QTYGkYhxgVscAzhLeEoRi74XufKD0+Pm1faWTOwT9PvrwZ2HHfXrnDeXuvQhrdweI5bQ1Ul/cRLkhbE+BzDHCIdW++LIpA==; 3:O+Rr766keELijQBE6U2jG+8V821J/6RyGGSxssveuOEGZlWaQh7Mxrbkeh/xTjv+m0NYIkNze5w2rSN66sy5z7u716JB0RDHjuMXTCQbzGaxTENy0BOw42GBg91+/0ifvc586BN0F8zRGEXGBo874A==; 25:uLWS2Rz0qnbHHZEaXTGdXU9gISn4b9+DwxCauPIVc45bonvwBpbSdaE6RL8epUgz80Lgrc3D4HJ8gqk1YwzHZNatDj/Q1FUHDtPGnSqvBVWD2/szBk+zYQTRf7uaPVNX0xYWKwnWpXptDVXeslCWZ4HR+MnR1a0iDDjtN5Z9Uyv+JVeEtLXRvOjfVLfAzn5MsP10Mcb4Y4uX3cVGX+iwsXT8v6Ovsc2XfiwxsfXJ5yzIHegRfEY6jnYVq089jDnQEu3mKkSXMSwo7w0GjjMvahxVcJiG2wqALwRvVDDiN+3xEct7tW4QsQgsm1bo0ePy2dA+CxxM7Apng7pOqO9lFotEcNiJH0celPHmhKihKRZtFuJtMiiJD7CLZzdhnFyRzh5KD/ZKbXFAZoj3J2qEnKo7guhuPYArVQYbv/esToI= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:HE1PR0802MB2555; X-Microsoft-Exchange-Diagnostics: 1; HE1PR0802MB2555; 31:2ImN/l0znFuKcmfoo5Vqipu/03JvhxXqG88U2DIWoDw1nw8SD1MYT8LPTZqg0HB3nDA7dkw+PsvJ9vrl1KR4NrveNZp7QXtzwB2gEoojkMK/sTsXnLsYYPoy0Sdqwx+bDHw+ZWMMQzLl81dFhwjsGX0CdDl0iqHcrSZh1NVim+5RuHbzXlYy+iRXncy4aONAWbrMpmSQHeTvT8YwqVVacNCTKNMu5J18TW0M2r6RkKIhPL7twdfPKs7J7Gn/5Q+i; 4:yYc3hyYxHrPVV2WCQq1eEDH3fn5ODIuY2dNd5Cpa8aeQOT03rl9uuLA2LA14yytLWLLff9PZ0V6pW83J3pJP0VTc7HAaQE7B0a+j7gofPXmfuCaWaYKGgUIRkSlpD1OQFrxjKPiWg6TMRtN746VoP2AYE6J5auenryajqbnj9zJJqRKsDQx0omamCRByCQDPWO+dOKkI+vWbTFFJDvlMSpmQZussiDANxfqqQY4CvHrbsuWtnYAUtG1tYPtzwt9OyXchWaCmtJ17+MiNpYF79KRMi0FxrLspBVihJtNOzA1u1ay1o/OZtuE+HS99zIkTknkdVTWTBTqCshBbEc9111wTuOrVVBgPJUHZaY2Qf4PnSOEpKa8Vj+V7hgtBz9CXvG9J7ARVnOF/IDAajSkWZY3jKbvrR2PwPN8nM4VEYcM2cumO6S+7D5R0GmxLaBVBByvSk1rHp5nlwQMb3DRbZPI6YqO9bSnIVz416tgRbMk= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(9452136761055); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6043046)(6042046); SRVR:HE1PR0802MB2555; BCL:0; PCL:0; RULEID:; SRVR:HE1PR0802MB2555; X-Forefront-PRVS: 0108A997B2 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(4630300001)(6069001)(6009001)(7916002)(189002)(199003)(2906002)(81166006)(53416004)(76506005)(8676002)(81156014)(42186005)(305945005)(7846002)(76176999)(48376002)(19580395003)(50986999)(7736002)(19580405001)(2950100002)(105586002)(86362001)(229853001)(586003)(6666003)(6116002)(3846002)(4001430100002)(33646002)(50466002)(36756003)(4326007)(69596002)(189998001)(77096005)(47776003)(5001770100001)(66066001)(107886002)(92566002)(5660300001)(50226002)(5003940100001)(101416001)(68736007)(106356001)(97736004)(781001); DIR:OUT; SFP:1102; SCL:1; SRVR:HE1PR0802MB2555; H:localhost.sw.ru; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: virtuozzo.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; HE1PR0802MB2555; 23:I8FC7kPIP2kvk2NDoXWsrRcM0ijrm6FFmM4hYiw?= =?us-ascii?Q?56Go0LCKvA5COaBYhPv3Z9lauAA/zbkxiOMjYpdqhJHVIW+pEJXa+cjDsCxt?= =?us-ascii?Q?PebQXPZ0R2MucMRAH79fimzKE/OKL5xyCGA+pX+r+JbrTNxHAvdIz57rgUan?= =?us-ascii?Q?8iJxhd7GZ3fbaSXVtuzhguzPcShYCTK7gMoaAKp/5AnyjW/F6cSMCZhoVAsy?= =?us-ascii?Q?wSabka8V5CUzeAJYHk0g2v7BxGwJWZEWGf+DbMOJNF9W2QmVuzK2oXaMqXk3?= =?us-ascii?Q?P7ByoPEMmdCNExMmX453ao0OC4gZdqlCo/Y4sYtKzora5xziPaCIxXjyB6Ir?= =?us-ascii?Q?a4Cyk7RubqWqvU13GQE/Buq1ONlfY1pYkn+ii6eBujZo0axxRwhRSletnrat?= =?us-ascii?Q?bw6yBqgRo7U5jbD2nVEkJ1DIrHZUbfTq3c9UmhcIXf69K6/bpX4DEANtWT8T?= =?us-ascii?Q?XZ+YQM9rTvtRjsAin5LsOqwMkKbb32KSJv+DNuFfy6TqUqv2VFebr8rQm/QC?= =?us-ascii?Q?iDKCTuk/RMhnHpZHC3xShgP3lfscxsSxaMXWVvR5dKZ/iqhz1Cb4YxA4KX5Z?= =?us-ascii?Q?2JpnvPifIPwIqNA4F2OmUHuaDOMVqhxMNJnGAPw+6XGQGfvALKozGBSuW4IO?= =?us-ascii?Q?B91YtF88EJNUZmkFryaq7S0XwaGHVeN56lAf4P9+7fXB0aJS50ZuYUdAxkeD?= =?us-ascii?Q?KA4dFdHCAyIhsHGw/uni7hePego0GwqEv45oN18OfzjVKOKTxDIE0tHU3u6G?= =?us-ascii?Q?yeEG787ckcKL8MOiYx2QGOUnxivF9/8lJAfWORwj6vvDE2YJxWL2Uhy/VWEl?= =?us-ascii?Q?717l9pZDA0myGkm2u5JwPOjoxQWiq0fPbo3WrKei5vXttUqpsRD67DOh9oon?= =?us-ascii?Q?gzBYvtu/imT0iQgeou19scgd+tuIdbCdHP/trC7CC94aTOgHo0RlnnWzkcW1?= =?us-ascii?Q?avxa8Kbb5oUovbFSs6Yx57/PVwBD9tHJPb2M2hS4gKNgiihLWRHQifIEkTFn?= =?us-ascii?Q?eHghec9aMcjyOyYym+7JJPsrAXB4k02Ze+YaHALgR24jf4me5Aal0CYKq8Sg?= =?us-ascii?Q?sSkRGMIYEt0xLf649v6apaA7vNN0aOKZHcAar0O23+iG3sydZnz43rCE8T3S?= =?us-ascii?Q?ZPv8OVHKwUUkiEAw/7pVxJeT0SO4Qw1diKxzKWCOBLjWcyxm2hfmC7hL82qD?= =?us-ascii?Q?cCynjUQDdZwlbPQ86By/GAI1N8yKQQLh3YAwchqPqCwDKqbOkaVbfoEqgdwY?= =?us-ascii?Q?jQnfC/2pj0GVwdQcope4=3D?= X-Microsoft-Exchange-Diagnostics: 1; HE1PR0802MB2555; 6:0/nxv7Y8f3XrBNr37HkskBOPwLpVBX/FBfKOeNMbqyWdFHAOd9RM9sVpSjSaOYmNuIiDfO3GPytAWCbf9uTSG9tRZIoWxJVYZ66Jj+GdF6Q0DjoKYwSL3gEG+KZDOciw50j7weWo8YP1Qok61jmvZwaGpZUG73XBTL5fnfGbvEZ27gQijmrxhSKQnDZtqJiE8YyDfKGgDFL1RoxUm77EnLQd/8W5BySXZzb2aL09Txje8KByZBNJoVjPM38ommAtxbhP8nzp90/n/TugEyfGtFNYSgSigZpK5ZbM8O+uAYXHX35i1reEhF7u7KPp+zXC3wqVoMLAALxhITLmHrsmWw==; 5:y/pHyYbYlkiyyetHXYAWTSXHVXzhnMxcO8FeGb3K35O+uZZ/jiuHOMq6oJc3a6PQO8fFbr6mJFjCasi1uwZeG5ScuXF2vkuh6Ml8kaJ2r1IC/3OFACnYQoTc5eWaHbz0WNB+YXcnLaSP/Q72pthB/g==; 24:vO7zcHLLxZAb7EPK9ItKh8y8NKWdXriYyQBw1vCrbVWoV8yvBm1LiROd/5TGkJ/fhGjzGI/SPAKf+UhQKj/BT1leLmrx9Xz5L7gvl1szVOI= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; HE1PR0802MB2555; 7:ERpZPL5YrCO1KwfGTttZDdGveN/JZRBO3CJ7IfhIlKrQMCmLfM1JVVTfARW6fKViy4LR7kDpNgAvpEQoeiVLuCa5/X1H2TnVMk2Rn/Lg//r9WhMD3Jh3S4bvKULtJtsHbEIyEZb53ey0wKdEeixpIol7Tf1tTI3FhlSBOuA2N+zM+TAol38VcvO1kgaYo0gsuws8ftQAIu/vG3DM3G4UiJ2K4koTWd7niIPz7Pf3pIzfme6RLJJe83K+XrH3QVouIiqQi7ehTPZm7I2R8J0LJCSkxIC+0w0GmXXuAEl17ibr4G2uOQmdRcGnoJy7dJCoFxCwJWLMNJurfBE8r73bPjXHri0oZ14YeETFGTUcetw=; 20:pmQ5pYks0v2E2E51z0u8vXwhk0wQh5DreipEiZaSj1k6BBiymMonTUI0/LfOOvTkzOWw0P6qi3MNPA30h0SJP0glWKtvDp2TeGn4NEgNd/Cblb+U5eY17MQPz1Qk8teBtALfwwd7UzzSl3gtv3WUBzmPx7ecCH+xj+dBvZzMqOw= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Oct 2016 14:29:58.0031 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0802MB2555 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Herbert Xu commit a6a48c565f6f112c6983e2a02b1602189ed6e26e upstream. This patch forbids the calling of bind(2) when there are child sockets created by accept(2) in existence, even if they are created on the nokey path. This is needed as those child sockets have references to the tfm object which bind(2) will destroy. Cc: stable@vger.kernel.org Signed-off-by: Herbert Xu Signed-off-by: Andrey Ryabinin --- crypto/af_alg.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/crypto/af_alg.c b/crypto/af_alg.c index 2f8fd84..68ec1ac 100644 --- a/crypto/af_alg.c +++ b/crypto/af_alg.c @@ -130,19 +130,16 @@ EXPORT_SYMBOL_GPL(af_alg_release); void af_alg_release_parent(struct sock *sk) { struct alg_sock *ask = alg_sk(sk); - bool last; + unsigned int nokey = ask->nokey_refcnt; + bool last = nokey && !ask->refcnt; sk = ask->parent; - - if (ask->nokey_refcnt && !ask->refcnt) { - sock_put(sk); - return; - } - ask = alg_sk(sk); lock_sock(sk); - last = !--ask->refcnt; + ask->nokey_refcnt -= nokey; + if (!last) + last = !--ask->refcnt; release_sock(sk); if (last) @@ -185,7 +182,7 @@ static int alg_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) err = -EBUSY; lock_sock(sk); - if (ask->refcnt) + if (ask->refcnt | ask->nokey_refcnt) goto unlock; swap(ask->type, type); @@ -296,6 +293,7 @@ int af_alg_accept(struct sock *sk, struct socket *newsock) if (nokey || !ask->refcnt++) sock_hold(sk); + ask->nokey_refcnt += nokey; alg_sk(sk2)->parent = sk; alg_sk(sk2)->type = type; alg_sk(sk2)->nokey_refcnt = nokey;