From: Eric Biggers <ebiggers@kernel.org>
To: linux-fscrypt@vger.kernel.org
Cc: linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
Satya Tangirala <satyat@google.com>
Subject: [PATCH 2/5] fscrypt: use smp_load_acquire() for fscrypt_prepared_key
Date: Tue, 21 Jul 2020 15:59:17 -0700 [thread overview]
Message-ID: <20200721225920.114347-3-ebiggers@kernel.org> (raw)
In-Reply-To: <20200721225920.114347-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
Normally smp_store_release() or cmpxchg_release() is paired with
smp_load_acquire(). Sometimes smp_load_acquire() can be replaced with
the more lightweight READ_ONCE(). However, for this to be safe, all the
published memory must only be accessed in a way that involves the
pointer itself. This may not be the case if allocating the object also
involves initializing a static or global variable, for example.
fscrypt_prepared_key includes a pointer to a crypto_skcipher object,
which is internal to and is allocated by the crypto subsystem. By using
READ_ONCE() for it, we're relying on internal implementation details of
the crypto subsystem.
Remove this fragile assumption by using smp_load_acquire() instead.
(Note: I haven't seen any real-world problems here. This change is just
fixing the code to be guaranteed correct and less fragile.)
Fixes: 5fee36095cda ("fscrypt: add inline encryption support")
Cc: Satya Tangirala <satyat@google.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
fs/crypto/fscrypt_private.h | 15 +++++++++------
fs/crypto/inline_crypt.c | 6 ++++--
fs/crypto/keysetup.c | 6 ++++--
3 files changed, 17 insertions(+), 10 deletions(-)
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index bc1a3fcd45ed..8117a61b6f55 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -351,13 +351,16 @@ fscrypt_is_key_prepared(struct fscrypt_prepared_key *prep_key,
const struct fscrypt_info *ci)
{
/*
- * The READ_ONCE() here pairs with the smp_store_release() in
- * fscrypt_prepare_key(). (This only matters for the per-mode keys,
- * which are shared by multiple inodes.)
+ * The two smp_load_acquire()'s here pair with the smp_store_release()'s
+ * in fscrypt_prepare_inline_crypt_key() and fscrypt_prepare_key().
+ * I.e., in some cases (namely, if this prep_key is a per-mode
+ * encryption key) another task can publish blk_key or tfm concurrently,
+ * executing a RELEASE barrier. We need to use smp_load_acquire() here
+ * to safely ACQUIRE the memory the other task published.
*/
if (fscrypt_using_inline_encryption(ci))
- return READ_ONCE(prep_key->blk_key) != NULL;
- return READ_ONCE(prep_key->tfm) != NULL;
+ return smp_load_acquire(&prep_key->blk_key) != NULL;
+ return smp_load_acquire(&prep_key->tfm) != NULL;
}
#else /* CONFIG_FS_ENCRYPTION_INLINE_CRYPT */
@@ -391,7 +394,7 @@ static inline bool
fscrypt_is_key_prepared(struct fscrypt_prepared_key *prep_key,
const struct fscrypt_info *ci)
{
- return READ_ONCE(prep_key->tfm) != NULL;
+ return smp_load_acquire(&prep_key->tfm) != NULL;
}
#endif /* !CONFIG_FS_ENCRYPTION_INLINE_CRYPT */
diff --git a/fs/crypto/inline_crypt.c b/fs/crypto/inline_crypt.c
index d7aecadf33c1..dfb06375099a 100644
--- a/fs/crypto/inline_crypt.c
+++ b/fs/crypto/inline_crypt.c
@@ -176,8 +176,10 @@ int fscrypt_prepare_inline_crypt_key(struct fscrypt_prepared_key *prep_key,
}
}
/*
- * Pairs with READ_ONCE() in fscrypt_is_key_prepared(). (Only matters
- * for the per-mode keys, which are shared by multiple inodes.)
+ * Pairs with the smp_load_acquire() in fscrypt_is_key_prepared().
+ * I.e., here we publish ->blk_key with a RELEASE barrier so that
+ * concurrent tasks can ACQUIRE it. Note that this concurrency is only
+ * possible for per-mode keys, not for per-file keys.
*/
smp_store_release(&prep_key->blk_key, blk_key);
return 0;
diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
index 22a94b18fe70..7f85fc645602 100644
--- a/fs/crypto/keysetup.c
+++ b/fs/crypto/keysetup.c
@@ -129,8 +129,10 @@ int fscrypt_prepare_key(struct fscrypt_prepared_key *prep_key,
if (IS_ERR(tfm))
return PTR_ERR(tfm);
/*
- * Pairs with READ_ONCE() in fscrypt_is_key_prepared(). (Only matters
- * for the per-mode keys, which are shared by multiple inodes.)
+ * Pairs with the smp_load_acquire() in fscrypt_is_key_prepared().
+ * I.e., here we publish ->tfm with a RELEASE barrier so that
+ * concurrent tasks can ACQUIRE it. Note that this concurrency is only
+ * possible for per-mode keys, not for per-file keys.
*/
smp_store_release(&prep_key->tfm, tfm);
return 0;
--
2.27.0
next prev parent reply other threads:[~2020-07-21 23:01 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-21 22:59 [PATCH 0/5] fscrypt, fs-verity: one-time init fixes Eric Biggers
2020-07-21 22:59 ` [PATCH 1/5] fscrypt: switch fscrypt_do_sha256() to use the SHA-256 library Eric Biggers
2020-07-21 22:59 ` Eric Biggers [this message]
2020-07-21 22:59 ` [PATCH 3/5] fscrypt: use smp_load_acquire() for ->s_master_keys Eric Biggers
2020-07-21 22:59 ` [PATCH 4/5] fscrypt: use smp_load_acquire() for ->i_crypt_info Eric Biggers
2020-07-21 22:59 ` [PATCH 5/5] fs-verity: use smp_load_acquire() for ->i_verity_info Eric Biggers
2020-07-27 16:38 ` [PATCH 0/5] fscrypt, fs-verity: one-time init fixes Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200721225920.114347-3-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=satyat@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).