| Message ID | 20200817143734.336080170@linuxfoundation.org |
|---|---|
| State | Superseded |
| Headers | show |
| Series | None | expand |
Hi! > Fix a small resource leak on the error path of cipher processing. I believe this one is wrong. > @@ -149,10 +148,19 @@ static int cc_cipher_init(struct crypto_tfm *tfm) > ctx_p->flow_mode = cc_alg->flow_mode; > ctx_p->drvdata = cc_alg->drvdata; > > + if (ctx_p->cipher_mode == DRV_CIPHER_ESSIV) { > + /* Alloc hash tfm for essiv */ > + ctx_p->shash_tfm = crypto_alloc_shash("sha256-generic", 0, 0); > + if (IS_ERR(ctx_p->shash_tfm)) { > + dev_err(dev, "Error allocating hash tfm for ESSIV.\n"); > + return PTR_ERR(ctx_p->shash_tfm); > + } > + } shash_tfm() is only allocated conditionally. > +free_key: > + kfree(ctx_p->user.key); > +free_shash: > + crypto_free_shash(ctx_p->shash_tfm); But it is freed unconditionally, and free_shash() is not robust against NULL pointer due to undefined behaviour in crypto_shash_tfm. Additionally, it would be cleaner to set ctx_p->shash_tfm to NULL in this path. Best regards, Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
On Tue, Aug 18, 2020 at 11:22:31AM +0200, Pavel Machek wrote: > > But it is freed unconditionally, and free_shash() is not robust > against NULL pointer due to undefined behaviour in crypto_shash_tfm. crypto_free_shash calls crypto_destroy_tfm with both the original pointer as well as the crypto_shash_tfm pointer so it does the right thing for NULL pointers. Please check again. Thanks, -- Email: Herbert Xu <herbert@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c index 28a5b8b38fa2f..1bcb6f0157b07 100644 --- a/drivers/crypto/ccree/cc_cipher.c +++ b/drivers/crypto/ccree/cc_cipher.c @@ -137,7 +137,6 @@ static int cc_cipher_init(struct crypto_tfm *tfm) skcipher_alg.base); struct device *dev = drvdata_to_dev(cc_alg->drvdata); unsigned int max_key_buf_size = cc_alg->skcipher_alg.max_keysize; - int rc = 0; dev_dbg(dev, "Initializing context @%p for %s\n", ctx_p, crypto_tfm_alg_name(tfm)); @@ -149,10 +148,19 @@ static int cc_cipher_init(struct crypto_tfm *tfm) ctx_p->flow_mode = cc_alg->flow_mode; ctx_p->drvdata = cc_alg->drvdata; + if (ctx_p->cipher_mode == DRV_CIPHER_ESSIV) { + /* Alloc hash tfm for essiv */ + ctx_p->shash_tfm = crypto_alloc_shash("sha256-generic", 0, 0); + if (IS_ERR(ctx_p->shash_tfm)) { + dev_err(dev, "Error allocating hash tfm for ESSIV.\n"); + return PTR_ERR(ctx_p->shash_tfm); + } + } + /* Allocate key buffer, cache line aligned */ ctx_p->user.key = kmalloc(max_key_buf_size, GFP_KERNEL); if (!ctx_p->user.key) - return -ENOMEM; + goto free_shash; dev_dbg(dev, "Allocated key buffer in context. key=@%p\n", ctx_p->user.key); @@ -164,21 +172,19 @@ static int cc_cipher_init(struct crypto_tfm *tfm) if (dma_mapping_error(dev, ctx_p->user.key_dma_addr)) { dev_err(dev, "Mapping Key %u B at va=%pK for DMA failed\n", max_key_buf_size, ctx_p->user.key); - return -ENOMEM; + goto free_key; } dev_dbg(dev, "Mapped key %u B at va=%pK to dma=%pad\n", max_key_buf_size, ctx_p->user.key, &ctx_p->user.key_dma_addr); - if (ctx_p->cipher_mode == DRV_CIPHER_ESSIV) { - /* Alloc hash tfm for essiv */ - ctx_p->shash_tfm = crypto_alloc_shash("sha256-generic", 0, 0); - if (IS_ERR(ctx_p->shash_tfm)) { - dev_err(dev, "Error allocating hash tfm for ESSIV.\n"); - return PTR_ERR(ctx_p->shash_tfm); - } - } + return 0; - return rc; +free_key: + kfree(ctx_p->user.key); +free_shash: + crypto_free_shash(ctx_p->shash_tfm); + + return -ENOMEM; } static void cc_cipher_exit(struct crypto_tfm *tfm)