mac80211: Don't squash error codes in key setup functions

ieee80211_add_key() currently returns -ENOMEM in case of any error, including a missing crypto algorithm. Change ieee80211_key_alloc() and ieee80211_aes_{key_setup_encrypt,cmac_key_setup}() to encode errors with ERR_PTR() rather than returning NULL, and change ieee80211_add_key() accordingly. Compile-tested only. Reported-by: Marcin Owsiany <porridge@debian.org> Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>

mac80211: Don't squash error codes in key setup functions
ieee80211_add_key() currently returns -ENOMEM in case of any error, including a missing crypto algorithm. Change ieee80211_key_alloc() and ieee80211_aes_{key_setup_encrypt,cmac_key_setup}() to encode errors with ERR_PTR() rather than returning NULL, and change ieee80211_add_key() accordingly. Compile-tested only. Reported-by: Marcin Owsiany <porridge@debian.org> Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ben Hutchings · John W. Linville
1 parent a85d7cca12
Showing 4 changed files with 14 additions and 16 deletions Side-by-side Diff
net/mac80211/aes_ccm.c
net/mac80211/aes_cmac.c
net/mac80211/cfg.c
net/mac80211/key.c
@@ -138,10 +138,8 @@
 	struct crypto_cipher *tfm;
  
 	tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
-	if (IS_ERR(tfm))
-		return NULL;
-
-	crypto_cipher_setkey(tfm, key, ALG_CCMP_KEY_LEN);
+	if (!IS_ERR(tfm))
+		crypto_cipher_setkey(tfm, key, ALG_CCMP_KEY_LEN);
  
 	return tfm;
 }
@@ -119,10 +119,8 @@
 	struct crypto_cipher *tfm;
  
 	tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
-	if (IS_ERR(tfm))
-		return NULL;
-
-	crypto_cipher_setkey(tfm, key, AES_CMAC_KEY_LEN);
+	if (!IS_ERR(tfm))
+		crypto_cipher_setkey(tfm, key, AES_CMAC_KEY_LEN);
  
 	return tfm;
 }
@@ -150,8 +150,8 @@
  
 	key = ieee80211_key_alloc(alg, key_idx, params->key_len, params->key,
 				  params->seq_len, params->seq);
-	if (!key)
-		return -ENOMEM;
+	if (IS_ERR(key))
+		return PTR_ERR(key);
  
 	mutex_lock(&sdata->local->sta_mtx);
  
@@ -234,13 +234,13 @@
 					  size_t seq_len, const u8 *seq)
 {
 	struct ieee80211_key *key;
-	int i, j;
+	int i, j, err;
  
 	BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS);
  
 	key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
 	if (!key)
-		return NULL;
+		return ERR_PTR(-ENOMEM);
  
 	/*
 	 * Default to software encryption; we'll later upload the
  
@@ -296,9 +296,10 @@
 		 * it does not need to be initialized for every packet.
 		 */
 		key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data);
-		if (!key->u.ccmp.tfm) {
+		if (IS_ERR(key->u.ccmp.tfm)) {
+			err = PTR_ERR(key->u.ccmp.tfm);
 			kfree(key);
-			return NULL;
+			key = ERR_PTR(err);
 		}
 	}
  
  
@@ -309,9 +310,10 @@
 		 */
 		key->u.aes_cmac.tfm =
 			ieee80211_aes_cmac_key_setup(key_data);
-		if (!key->u.aes_cmac.tfm) {
+		if (IS_ERR(key->u.aes_cmac.tfm)) {
+			err = PTR_ERR(key->u.aes_cmac.tfm);
 			kfree(key);
-			return NULL;
+			key = ERR_PTR(err);
 		}
 	}
...	...	@@ -138,10 +138,8 @@
138	138	struct crypto_cipher *tfm;
139	139
140	140	tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
141		- if (IS_ERR(tfm))
142		- return NULL;
143		-
144		- crypto_cipher_setkey(tfm, key, ALG_CCMP_KEY_LEN);
	141	+ if (!IS_ERR(tfm))
	142	+ crypto_cipher_setkey(tfm, key, ALG_CCMP_KEY_LEN);
145	143
146	144	return tfm;
147	145	}
...	...	@@ -119,10 +119,8 @@
119	119	struct crypto_cipher *tfm;
120	120
121	121	tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
122		- if (IS_ERR(tfm))
123		- return NULL;
124		-
125		- crypto_cipher_setkey(tfm, key, AES_CMAC_KEY_LEN);
	122	+ if (!IS_ERR(tfm))
	123	+ crypto_cipher_setkey(tfm, key, AES_CMAC_KEY_LEN);
126	124
127	125	return tfm;
128	126	}
...	...	@@ -150,8 +150,8 @@
150	150
151	151	key = ieee80211_key_alloc(alg, key_idx, params->key_len, params->key,
152	152	params->seq_len, params->seq);
153		- if (!key)
154		- return -ENOMEM;
	153	+ if (IS_ERR(key))
	154	+ return PTR_ERR(key);
155	155
156	156	mutex_lock(&sdata->local->sta_mtx);
157	157
...	...	@@ -234,13 +234,13 @@
234	234	size_t seq_len, const u8 *seq)
235	235	{
236	236	struct ieee80211_key *key;
237		- int i, j;
	237	+ int i, j, err;
238	238
239	239	BUG_ON(idx < 0 \|\| idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS);
240	240
241	241	key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
242	242	if (!key)
243		- return NULL;
	243	+ return ERR_PTR(-ENOMEM);
244	244
245	245	/*
246	246	* Default to software encryption; we'll later upload the
247	247
...	...	@@ -296,9 +296,10 @@
296	296	* it does not need to be initialized for every packet.
297	297	*/
298	298	key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data);
299		- if (!key->u.ccmp.tfm) {
	299	+ if (IS_ERR(key->u.ccmp.tfm)) {
	300	+ err = PTR_ERR(key->u.ccmp.tfm);
300	301	kfree(key);
301		- return NULL;
	302	+ key = ERR_PTR(err);
302	303	}
303	304	}
304	305
305	306
...	...	@@ -309,9 +310,10 @@
309	310	*/
310	311	key->u.aes_cmac.tfm =
311	312	ieee80211_aes_cmac_key_setup(key_data);
312		- if (!key->u.aes_cmac.tfm) {
	313	+ if (IS_ERR(key->u.aes_cmac.tfm)) {
	314	+ err = PTR_ERR(key->u.aes_cmac.tfm);
313	315	kfree(key);
314		- return NULL;
	316	+ key = ERR_PTR(err);
315	317	}
316	318	}
317	319