diff options
| author | Ilya Dryomov <idryomov@gmail.com> | 2016-09-23 09:57:57 +0200 |
|---|---|---|
| committer | Ilya Dryomov <idryomov@gmail.com> | 2016-10-03 16:13:50 +0200 |
| commit | 464691bd52b46a565153ec2a3b8b9984dacd4a00 (patch) | |
| tree | 46ee3b018c43e5a0971bcb93e96add5cfc84e5e8 | |
| parent | fdc723e77bcf17ec2646fdef031e7f135968a9b7 (diff) | |
| download | linux-464691bd52b46a565153ec2a3b8b9984dacd4a00.tar.gz | |
libceph: ceph_build_auth() doesn't need ceph_auth_build_hello()
A static bug finder (EBA) on Linux 4.7:
Double lock in net/ceph/auth.c
second lock at 108: mutex_lock(& ac->mutex); [ceph_auth_build_hello]
after calling from 263: ret = ceph_auth_build_hello(ac, msg_buf, msg_len);
if ! ac->protocol -> true at 262
first lock at 261: mutex_lock(& ac->mutex); [ceph_build_auth]
ceph_auth_build_hello() is never called, because the protocol is always
initialized, whether we are checking existing tickets (in delayed_work())
or getting new ones after invalidation (in invalidate_authorizer()).
Reported-by: Iago Abal <iari@itu.dk>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
| -rw-r--r-- | net/ceph/auth.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/net/ceph/auth.c b/net/ceph/auth.c index 53aa2d27e36b..c822b3ae1bd3 100644 --- a/net/ceph/auth.c +++ b/net/ceph/auth.c @@ -262,9 +262,7 @@ int ceph_build_auth(struct ceph_auth_client *ac, int ret = 0; mutex_lock(&ac->mutex); - if (!ac->protocol) - ret = ceph_auth_build_hello(ac, msg_buf, msg_len); - else if (ac->ops->should_authenticate(ac)) + if (ac->ops->should_authenticate(ac)) ret = ceph_build_auth_request(ac, msg_buf, msg_len); mutex_unlock(&ac->mutex); return ret; |