Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1831322imu;
        Fri, 23 Nov 2018 00:31:38 -0800 (PST)
X-Google-Smtp-Source: AJdET5e0DnM+V0fmzLiu4OavlTa5RhhyQFoM4Y/vVNGiEs6ymWAs5OxHgFXlO3cXta74zl7hkpJL
X-Received: by 2002:a62:6881:: with SMTP id d123-v6mr15423918pfc.195.1542961898640;
        Fri, 23 Nov 2018 00:31:38 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1542961898; cv=none;
        d=google.com; s=arc-20160816;
        b=oK3u5BrqkadE7jx7H5sFbu5RqD8mr6yJa7whLhwQARAYIJSysDwwUEsKfC6V22sLae
         dd/S+ylHw3UGFaZcLnhZlgHZVVqZx5zQhDHGL4FfSEIefAB3oT1Yj0lDWFEWyQYge//w
         dz3eCGbZPYOAVs6uUc/n4UQ8KnPS0Lua4DUwKsBbARzbnr2nRVUJDYQElK+MVWbrjEXe
         1DCpAbZbCAVL46sc+uSNxbL6mZzfbBE5usx+76bSPV2qdyj7YPAW6ZbfkYYp78azZYJk
         RjfzObOML6QjAOXzavbm2d6bAwEbPJHN8Os/qIv3QsPB99/csEgBI8UmfoGoWnCSUgN2
         6CpA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=AvYeQh1yeGK7rPhdeTptzjlRCeoXDMojg/A8aa/hvys=;
        b=KcI6A+Lil2f81cmqUm4tzaF0Ee/mt5o+TIrxa04k+PSD4X786Rqx/460OJ0kznpYhP
         sE12dxq1oERvb2Zx676opCzG9MezFp4uFOS7AsRSgTrLN9maDbnAqicSAcyKCn6tF7JH
         sacHhdgXzHKgNaOeJDnKIXeqjUx3fmQb45Hiph3B7XUA7PlWn9d5KBAQyXgfE85LYXcC
         Af+4P+3hfZBwI6dpdnXBuOy2HE8hugvF7H5/Ly8z5JmDEyTm6762LQjwpwoiSX9CxfUU
         MffTDCY7vP9gd0i0vPHq4h7iniBrI+EYT2JCQxOnleuCoD1kcy2J6xnbO5WF80jD+b5b
         F3gw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@163.com header.s=s110527 header.b=pPsv0b2k;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d2-v6si52666171plo.210.2018.11.23.00.31.23;
        Fri, 23 Nov 2018 00:31:38 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@163.com header.s=s110527 header.b=pPsv0b2k;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2393647AbeKVUjx (ORCPT <rfc822;zjuysxie86@gmail.com>
        + 99 others); Thu, 22 Nov 2018 15:39:53 -0500
Received: from m12-14.163.com ([220.181.12.14]:49933 "EHLO m12-14.163.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S2390330AbeKVUjx (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 22 Nov 2018 15:39:53 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com;
        s=s110527; h=From:Subject:Date:Message-Id; bh=AvYeQh1yeGK7rPhdeT
        ptzjlRCeoXDMojg/A8aa/hvys=; b=pPsv0b2k7CX8TIhSbUSi9pjsq5gl0Ypw1e
        rHbVEel5zzEgxeYI+Ueo29c/jDnNIeRoB3IMRIFY0u9p1/VCUcNp9wN7GAiOPnDE
        WlMbpoWzYXtNrDcX2lwrK3+qVElgaC/AAzIoliZBT2xth0FORrwmvSjRamiSDUII
        F9++VVZIM=
Received: from bp.localdomain (unknown [106.120.213.96])
        by smtp10 (Coremail) with SMTP id DsCowAAnpdFWfvZbdqJJBQ--.64751S3;
        Thu, 22 Nov 2018 18:00:57 +0800 (CST)
From:   Pan Bian <bianpan2016@163.com>
To:     Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>
Cc:     linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
        Pan Bian <bianpan2016@163.com>
Subject: [PATCH] crypto: do not free algorithm before using
Date:   Thu, 22 Nov 2018 18:00:16 +0800
Message-Id: <1542880816-63838-1-git-send-email-bianpan2016@163.com>
X-Mailer: git-send-email 2.7.4
X-CM-TRANSID: DsCowAAnpdFWfvZbdqJJBQ--.64751S3
X-Coremail-Antispam: 1Uf129KBjvJXoWxAFyrCF4fXFW3Zw1kCrWUtwb_yoW5Zr1Dpr
        Z5KrWktFn5Jrs8urZ7GFs5XrykWrW09a43WrW8Kw4ayrs2qw18JrWIyry5AF4j9FWkJa43
        GFWvkr1F9a1UJaDanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2
        9KBjDUYxBIdaVFxhVjvjDU0xZFpf9x07jDa9-UUUUU=
X-Originating-IP: [106.120.213.96]
X-CM-SenderInfo: held01tdqsiiqw6rljoofrz/xtbBZxoHcletsFUyfQAAsY
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

In multiple functions, the algorithm fields are read after its reference
is dropped through crypto_mod_put. In this case, the algorithm memory
may be freed, resulting in use-after-free bugs. This patch delays the
put operation until the algorithm is never used.

Signed-off-by: Pan Bian <bianpan2016@163.com>
---
 crypto/cbc.c  | 6 ++++--
 crypto/cfb.c  | 6 ++++--
 crypto/pcbc.c | 6 ++++--
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/crypto/cbc.c b/crypto/cbc.c
index b761b1f..dd5f332 100644
--- a/crypto/cbc.c
+++ b/crypto/cbc.c
@@ -140,9 +140,8 @@ static int crypto_cbc_create(struct crypto_template *tmpl, struct rtattr **tb)
 	spawn = skcipher_instance_ctx(inst);
 	err = crypto_init_spawn(spawn, alg, skcipher_crypto_instance(inst),
 				CRYPTO_ALG_TYPE_MASK);
-	crypto_mod_put(alg);
 	if (err)
-		goto err_free_inst;
+		goto err_put_alg;
 
 	err = crypto_inst_setname(skcipher_crypto_instance(inst), "cbc", alg);
 	if (err)
@@ -174,12 +173,15 @@ static int crypto_cbc_create(struct crypto_template *tmpl, struct rtattr **tb)
 	err = skcipher_register_instance(tmpl, inst);
 	if (err)
 		goto err_drop_spawn;
+	crypto_mod_put(alg);
 
 out:
 	return err;
 
 err_drop_spawn:
 	crypto_drop_spawn(spawn);
+err_put_alg:
+	crypto_mod_put(alg);
 err_free_inst:
 	kfree(inst);
 	goto out;
diff --git a/crypto/cfb.c b/crypto/cfb.c
index a0d68c0..20987d0 100644
--- a/crypto/cfb.c
+++ b/crypto/cfb.c
@@ -286,9 +286,8 @@ static int crypto_cfb_create(struct crypto_template *tmpl, struct rtattr **tb)
 	spawn = skcipher_instance_ctx(inst);
 	err = crypto_init_spawn(spawn, alg, skcipher_crypto_instance(inst),
 				CRYPTO_ALG_TYPE_MASK);
-	crypto_mod_put(alg);
 	if (err)
-		goto err_free_inst;
+		goto err_put_alg;
 
 	err = crypto_inst_setname(skcipher_crypto_instance(inst), "cfb", alg);
 	if (err)
@@ -317,12 +316,15 @@ static int crypto_cfb_create(struct crypto_template *tmpl, struct rtattr **tb)
 	err = skcipher_register_instance(tmpl, inst);
 	if (err)
 		goto err_drop_spawn;
+	crypto_mod_put(alg);
 
 out:
 	return err;
 
 err_drop_spawn:
 	crypto_drop_spawn(spawn);
+err_put_alg:
+	crypto_mod_put(alg);
 err_free_inst:
 	kfree(inst);
 	goto out;
diff --git a/crypto/pcbc.c b/crypto/pcbc.c
index ef802f6..8aa1014 100644
--- a/crypto/pcbc.c
+++ b/crypto/pcbc.c
@@ -244,9 +244,8 @@ static int crypto_pcbc_create(struct crypto_template *tmpl, struct rtattr **tb)
 	spawn = skcipher_instance_ctx(inst);
 	err = crypto_init_spawn(spawn, alg, skcipher_crypto_instance(inst),
 				CRYPTO_ALG_TYPE_MASK);
-	crypto_mod_put(alg);
 	if (err)
-		goto err_free_inst;
+		goto err_put_alg;
 
 	err = crypto_inst_setname(skcipher_crypto_instance(inst), "pcbc", alg);
 	if (err)
@@ -275,12 +274,15 @@ static int crypto_pcbc_create(struct crypto_template *tmpl, struct rtattr **tb)
 	err = skcipher_register_instance(tmpl, inst);
 	if (err)
 		goto err_drop_spawn;
+	crypto_mod_put(alg);
 
 out:
 	return err;
 
 err_drop_spawn:
 	crypto_drop_spawn(spawn);
+err_put_alg:
+	crypto_mod_put(alg);
 err_free_inst:
 	kfree(inst);
 	goto out;
-- 
2.7.4