crypto: algif_skcipher - Fix race condition in skcipher_check_key

[pandora-kernel.git] / crypto / algif_skcipher.c

diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
index f7f6f9e..a9f4201 100644 (file)
--- a/crypto/algif_skcipher.c
+++ b/crypto/algif_skcipher.c
@@ -551,22 +551,23 @@ static struct proto_ops algif_skcipher_ops = {
 
 static int skcipher_check_key(struct socket *sock)
 {
-       int err;
+       int err = 0;
        struct sock *psk;
        struct alg_sock *pask;
        struct skcipher_tfm *tfm;
        struct sock *sk = sock->sk;
        struct alg_sock *ask = alg_sk(sk);
 
+       lock_sock(sk);
        if (ask->refcnt)
-               return 0;
+               goto unlock_child;
 
        psk = ask->parent;
        pask = alg_sk(ask->parent);
        tfm = pask->private;
 
        err = -ENOKEY;
-       lock_sock(psk);
+       lock_sock_nested(psk, SINGLE_DEPTH_NESTING);
        if (!tfm->has_key)
                goto unlock;
 
@@ -580,6 +581,8 @@ static int skcipher_check_key(struct socket *sock)
 
 unlock:
        release_sock(psk);
+unlock_child:
+       release_sock(sk);
 
        return err;
 }
@@ -681,7 +684,7 @@ static int skcipher_setkey(void *private, const u8 *key, unsigned int keylen)
        return err;
 }
 
-static void skcipher_sock_destruct_common(struct sock *sk)
+static void skcipher_sock_destruct(struct sock *sk)
 {
        struct alg_sock *ask = alg_sk(sk);
        struct skcipher_ctx *ctx = ask->private;
@@ -690,33 +693,10 @@ static void skcipher_sock_destruct_common(struct sock *sk)
        skcipher_free_sgl(sk);
        sock_kfree_s(sk, ctx->iv, crypto_ablkcipher_ivsize(tfm));
        sock_kfree_s(sk, ctx, ctx->len);
-}
-
-static void skcipher_sock_destruct(struct sock *sk)
-{
-       skcipher_sock_destruct_common(sk);
        af_alg_release_parent(sk);
 }
 
-static void skcipher_release_parent_nokey(struct sock *sk)
-{
-       struct alg_sock *ask = alg_sk(sk);
-
-       if (!ask->refcnt) {
-               sock_put(ask->parent);
-               return;
-       }
-
-       af_alg_release_parent(sk);
-}
-
-static void skcipher_sock_destruct_nokey(struct sock *sk)
-{
-       skcipher_sock_destruct_common(sk);
-       skcipher_release_parent_nokey(sk);
-}
-
-static int skcipher_accept_parent_common(void *private, struct sock *sk)
+static int skcipher_accept_parent_nokey(void *private, struct sock *sk)
 {
        struct skcipher_ctx *ctx;
        struct alg_sock *ask = alg_sk(sk);
@@ -763,21 +743,7 @@ static int skcipher_accept_parent(void *private, struct sock *sk)
        if (!tfm->has_key && crypto_ablkcipher_has_setkey(tfm->skcipher))
                return -ENOKEY;
 
-       return skcipher_accept_parent_common(private, sk);
-}
-
-static int skcipher_accept_parent_nokey(void *private, struct sock *sk)
-{
-       int err;
-
-       err = skcipher_accept_parent_common(private, sk);
-       if (err)
-               goto out;
-
-       sk->sk_destruct = skcipher_sock_destruct_nokey;
-
-out:
-       return err;
+       return skcipher_accept_parent_nokey(private, sk);
 }
 
 static const struct af_alg_type algif_type_skcipher = {